From b2e333d4cf47bb0f88b6f2a128050fab89a95eca Mon Sep 17 00:00:00 2001
From: Alexander Marx <amarx@ipfire.org>
Date: Mon, 3 Jun 2013 15:22:50 +0200
Subject: [PATCH] Pre-Firewall: added OVPNNAT to POSTROUTING Chain

---
 src/initscripts/init.d/firewall | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index b6dd7d5bd..d8d7712ee 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -178,12 +178,14 @@ case "$1" in
 	/sbin/iptables -N IPSECFORWARD
 	/sbin/iptables -N IPSECOUTPUT
 	/sbin/iptables -N OPENSSLVIRTUAL
+	/sbin/iptables -N OVPNNAT
 	/sbin/iptables -A INPUT -j IPSECINPUT
 	/sbin/iptables -A INPUT -j OPENSSLVIRTUAL -m comment --comment "OPENSSLVIRTUAL INPUT"
 	/sbin/iptables -A FORWARD -j IPSECFORWARD
 	/sbin/iptables -A FORWARD -j OPENSSLVIRTUAL -m comment --comment "OPENSSLVIRTUAL FORWARD"
 	/sbin/iptables -A OUTPUT -j IPSECOUTPUT
 	/sbin/iptables -t nat -N IPSECNAT
+	/sbin/iptables -t nat -A POSTROUTING -j OVPNNAT
 	/sbin/iptables -t nat -A POSTROUTING -j IPSECNAT
 
 	# Outgoing Firewall
-- 
2.39.2