Forward Firewall: some changes in firewall script to make collectd work

This commit is contained in:
Alexander Marx
2013-04-15 15:02:50 +02:00
committed by Michael Tremer
parent 9468a6f713
commit 53f4c74d9b
3 changed files with 13 additions and 7 deletions

View File

@@ -120,8 +120,8 @@ iptables_red() {
fi
# Outgoing masquerading (don't masqerade IPSEC (mark 50))
/sbin/iptables -t nat -A REDNAT -m mark --mark 50 -o $IFACE -j RETURN
/sbin/iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
#/sbin/iptables -t nat -A REDNAT -m mark --mark 50 -o $IFACE -j RETURN
#/sbin/iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
fi
}
@@ -318,8 +318,8 @@ case "$1" in
/sbin/iptables -A FORWARD -j DROP -m comment --comment "DROP_FORWARD"
#Only for firewall Hits statistik
/sbin/iptables -A POLICYFWD -j DROP -m comment --comment "DROP_FORWARD"
/sbin/iptables -A POLICYOUT -j DROP -m comment --comment "DROP_OUTPUT"
#/sbin/iptables -A POLICYFWD -j DROP -m comment --comment "DROP_FORWARD"
#/sbin/iptables -A POLICYOUT -j DROP -m comment --comment "DROP_OUTPUT"