Fix error in example firewall.sh script

The man page says:
[!] -s, --source address[/mask][,...]

Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20211107174000.16210-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23128.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit d720c5fd45d5c61b9c797172f8d6a7eaa35b959c)

diff --git a/sample/sample-config-files/firewall.sh b/sample/sample-config-files/firewall.sh
index 19d75ee92477f54234e4ed779a972f2581c3fd3b..456700ca5c7a95294203b0a3bd255baa46a063cd 100755 (executable)
--- a/sample/sample-config-files/firewall.sh
+++ b/sample/sample-config-files/firewall.sh
@@ -50,7 +50,7 @@ iptables -A OUTPUT -p tcp --sport 137:139 -o eth0 -j DROP
 iptables -A OUTPUT -p udp --sport 137:139 -o eth0 -j DROP
 
 # Check source address validity on packets going out to internet
-iptables -A FORWARD -s ! $PRIVATE -i eth1 -j DROP
+iptables -A FORWARD ! -s $PRIVATE -i eth1 -j DROP
 
 # Allow local loopback
 iptables -A INPUT -s $LOOP -j ACCEPT