webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 03:33:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

firewall: Fix MAC filter

Browse Source 
Packets destined for the firewall coming in from the blue
device where accepted too early to be processed by the
firewall input chain rules.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2016-02-05 10:24:03 +00:00
parent ff43197b01
commit 645378fbb9
2 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
config/firewall/firewall-policy
View File

@@ -60,6 +60,11 @@ HAVE_OPENVPN="true"
# Allow access from GREEN
iptables -A POLICYIN -i "${GREEN_DEV}" -j ACCEPT
# Allow access from BLUE
if [ "${HAVE_BLUE}" = "true" ] && [ -n "${BLUE_DEV}" ]; then
iptables -A POLICYIN -i "${BLUE_DEV}" -j ACCEPT
fi
# IPsec INPUT
case "${HAVE_IPSEC},${POLICY}" in
true,MODE1) ;;