webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-23 01:12:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

ipsec: fix ike firewall rule to support nat traversal.

Browse Source
This commit is contained in:
Arne Fitzenreiter
2011-07-04 23:09:05 +02:00
parent 264c0195fb
commit 85cbc0a08f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/misc-progs/ipsecctrl.c
View File

@@ -59,9 +59,9 @@ void open_physical (char *interface, int nat_traversal_port) {
// safe_system(str);
// IKE
sprintf(str, "/sbin/iptables -D IPSECINPUT -p udp -i %s --sport 500 --dport 500 -j ACCEPT >/dev/null 2>&1", interface);
sprintf(str, "/sbin/iptables -D IPSECINPUT -p udp -i %s --dport 500 -j ACCEPT >/dev/null 2>&1", interface);
safe_system(str);
sprintf(str, "/sbin/iptables -A IPSECINPUT -p udp -i %s --sport 500 --dport 500 -j ACCEPT", interface);
sprintf(str, "/sbin/iptables -A IPSECINPUT -p udp -i %s --dport 500 -j ACCEPT", interface);
safe_system(str);
if (! nat_traversal_port)