webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-03 18:41:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

iptables: Create OVPNNAT chain after CUSTOM* chains.

Browse Source
This commit is contained in:
Michael Tremer
2013-07-08 15:41:15 +02:00
parent 815eaff433
commit 51ab1de143
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/initscripts/init.d/firewall
View File

@@ -90,11 +90,9 @@ iptables_init() {
/sbin/iptables -N OUTGOINGFW
/sbin/iptables -A OUTPUT -j OUTGOINGFW
/sbin/iptables -t nat -N CUSTOMPREROUTING
/sbin/iptables -t nat -N OVPNNAT
/sbin/iptables -t nat -A PREROUTING -j CUSTOMPREROUTING
/sbin/iptables -t nat -N CUSTOMPOSTROUTING
/sbin/iptables -t nat -A POSTROUTING -j CUSTOMPOSTROUTING
/sbin/iptables -t nat -A POSTROUTING -j OVPNNAT
# Guardian (IPS) chains
/sbin/iptables -N GUARDIAN
@@ -107,6 +105,10 @@ iptables_init() {
/sbin/iptables -A ${i} -j OVPNBLOCK
done
# OpenVPN transfer network translation
/sbin/iptables -t nat -N OVPNNAT
/sbin/iptables -t nat -A POSTROUTING -j OVPNNAT
# IPTV chains for IGMPPROXY
/sbin/iptables -N IPTVINPUT
/sbin/iptables -A INPUT -j IPTVINPUT