firewall: Fix outgoing OpenVPN N2N tunnel packets.
authorMichael Tremer <michael.tremer@ipfire.org>
Sat, 12 Apr 2014 14:17:20 +0000 (16:17 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Sat, 12 Apr 2014 14:17:20 +0000 (16:17 +0200)
Don't throw away packets from the firewall that pass through
an OpenVPN N2N tunnel.

src/initscripts/init.d/firewall

index 31aa2c9..f0d9c49 100644 (file)
@@ -107,7 +107,6 @@ iptables_init() {
        # Block OpenVPN transfer networks
        iptables -N OVPNBLOCK
        iptables -A INPUT   -i tun+ -j OVPNBLOCK
        # Block OpenVPN transfer networks
        iptables -N OVPNBLOCK
        iptables -A INPUT   -i tun+ -j OVPNBLOCK
-       iptables -A OUTPUT  -o tun+ -j OVPNBLOCK
        iptables -A FORWARD -i tun+ -j OVPNBLOCK
        iptables -A FORWARD -o tun+ -j OVPNBLOCK
 
        iptables -A FORWARD -i tun+ -j OVPNBLOCK
        iptables -A FORWARD -o tun+ -j OVPNBLOCK