From 0b14d3d9b14ee36a01a67d83591ede814cc9f92d Mon Sep 17 00:00:00 2001
From: Alexander Marx <amarx@ipfire.org>
Date: Wed, 30 Jan 2013 16:28:18 +0100
Subject: [PATCH] Forward Firewall: fixed portforward rules. Now possible even
 if firewall in mode1

---
 src/initscripts/init.d/firewall | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 8333c4df7..7453056be 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -211,7 +211,7 @@ case "$1" in
 	/sbin/iptables -A FORWARD -s 127.0.0.0/8 -m state --state NEW -j DROP
 	/sbin/iptables -A FORWARD -d 127.0.0.0/8 -m state --state NEW -j DROP
 	/sbin/iptables -A INPUT   -i $GREEN_DEV  -m state --state NEW -j ACCEPT ! -p icmp
-	#/sbin/iptables -A FORWARD -i $GREEN_DEV  -m state --state NEW -j ACCEPT
+	/sbin/iptables -A FORWARD -i $GREEN_DEV  -m state --state NEW -j ACCEPT
 
 	# If a host on orange tries to initiate a connection to IPFire's red IP and
 	# the connection gets DNATed back through a port forward to a server on orange