Forward Firewall: some changes in firewall script to make collectd work

config/collectd/collectd.conf

@@ -23,7 +23,7 @@ LoadPlugin memory
 LoadPlugin ping
 LoadPlugin processes
 LoadPlugin rrdtool
-#LoadPlugin sensors
+LoadPlugin sensors
 LoadPlugin swap
 LoadPlugin syslog
 #LoadPlugin wireless

config/forwardfw/firewall-policy

@@ -2,11 +2,15 @@
 
 eval $(/usr/local/bin/readhash /var/ipfire/forward/settings)
 eval $(/usr/local/bin/readhash /var/ipfire/optionsfw/settings)
+eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
 
 iptables -F POLICYFWD
 iptables -F POLICYOUT
 iptables -F POLICYIN
-IFACE=`cat /var/ipfire/red/iface`
+
+if [ -f "/var/ipfire/red/iface" ]; then
+	IFACE=`cat /var/ipfire/red/iface`
+fi
 
 #FORWARDFW
 if [ "$POLICY" == "MODE1" ]; then
@@ -23,7 +27,9 @@ if [ "$POLICY" == "MODE1" ]; then
 			/sbin/iptables -A POLICYFWD -j DROP -m comment --comment "DROP_FORWARD"
 		fi
 else
-	/sbin/iptables -A POLICYFWD -i blue0 ! -o $IFACE -j DROP 
+	if [  "$BLUE_DEV" ] && [ "$IFACE" ]; then
+		/sbin/iptables -A POLICYFWD -i blue0 ! -o $IFACE -j DROP 
+	fi
 	/sbin/iptables -A POLICYFWD -j ACCEPT 
 fi
 

src/initscripts/init.d/firewall

@@ -120,8 +120,8 @@ iptables_red() {
 		fi
 
 		# Outgoing masquerading (don't masqerade IPSEC (mark 50))
-		/sbin/iptables -t nat -A REDNAT -m mark --mark 50 -o $IFACE -j RETURN
-		/sbin/iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
+		#/sbin/iptables -t nat -A REDNAT -m mark --mark 50 -o $IFACE -j RETURN
+		#/sbin/iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
 
 	fi
 }
@@ -318,8 +318,8 @@ case "$1" in
 	/sbin/iptables -A FORWARD -j DROP -m comment --comment "DROP_FORWARD"
 	
 	#Only for firewall Hits statistik
-	/sbin/iptables -A POLICYFWD -j DROP  -m comment --comment "DROP_FORWARD"
-	/sbin/iptables -A POLICYOUT -j DROP  -m comment --comment "DROP_OUTPUT"
+	#/sbin/iptables -A POLICYFWD -j DROP  -m comment --comment "DROP_FORWARD"
+	#/sbin/iptables -A POLICYOUT -j DROP  -m comment --comment "DROP_OUTPUT"