pre-firewall: added ovpnnat to firewallscript

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index d8d7712eea59a7e27700beec77de914378c31b7b..844618a304161639f8c571ef5a143cadcc728104 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -178,12 +178,12 @@ case "$1" in
        /sbin/iptables -N IPSECFORWARD
        /sbin/iptables -N IPSECOUTPUT
        /sbin/iptables -N OPENSSLVIRTUAL
        /sbin/iptables -N IPSECFORWARD
        /sbin/iptables -N IPSECOUTPUT
        /sbin/iptables -N OPENSSLVIRTUAL

-       /sbin/iptables -N OVPNNAT

        /sbin/iptables -A INPUT -j IPSECINPUT
        /sbin/iptables -A INPUT -j OPENSSLVIRTUAL -m comment --comment "OPENSSLVIRTUAL INPUT"
        /sbin/iptables -A FORWARD -j IPSECFORWARD
        /sbin/iptables -A FORWARD -j OPENSSLVIRTUAL -m comment --comment "OPENSSLVIRTUAL FORWARD"
        /sbin/iptables -A OUTPUT -j IPSECOUTPUT
        /sbin/iptables -A INPUT -j IPSECINPUT
        /sbin/iptables -A INPUT -j OPENSSLVIRTUAL -m comment --comment "OPENSSLVIRTUAL INPUT"
        /sbin/iptables -A FORWARD -j IPSECFORWARD
        /sbin/iptables -A FORWARD -j OPENSSLVIRTUAL -m comment --comment "OPENSSLVIRTUAL FORWARD"
        /sbin/iptables -A OUTPUT -j IPSECOUTPUT

+       /sbin/iptables -t nat -N OVPNNAT

        /sbin/iptables -t nat -N IPSECNAT
        /sbin/iptables -t nat -A POSTROUTING -j OVPNNAT
        /sbin/iptables -t nat -A POSTROUTING -j IPSECNAT
        /sbin/iptables -t nat -N IPSECNAT
        /sbin/iptables -t nat -A POSTROUTING -j OVPNNAT
        /sbin/iptables -t nat -A POSTROUTING -j IPSECNAT