From 8dc23ff4fcc6b9f07cdd48abe7991419d255d363 Mon Sep 17 00:00:00 2001
From: Alexander Marx <amarx@ipfire.org>
Date: Thu, 10 Jan 2013 12:55:56 +0100
Subject: [PATCH] Forward Firewall: adapted initscripts/firewall and
 wirelessctrl.c

Now the Wirelesschains should work with new firewall.
---
 src/initscripts/init.d/firewall |  2 +-
 src/misc-progs/wirelessctrl.c   | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 66dba6424..225d4827c 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -226,7 +226,7 @@ case "$1" in
 	/sbin/iptables -N WIRELESSINPUT
 	/sbin/iptables -A INPUT -m state --state NEW -j WIRELESSINPUT
 	/sbin/iptables -N WIRELESSFORWARD
-	/sbin/iptables -A FORWARDFW -m state --state NEW -j WIRELESSFORWARD
+	/sbin/iptables -A FORWARD -m state --state NEW -j WIRELESSFORWARD
 
 	# OPenSSL
 	/sbin/iptables -N OPENSSLPHYSICAL
diff --git a/src/misc-progs/wirelessctrl.c b/src/misc-progs/wirelessctrl.c
index be6f967c4..90f602d5f 100644
--- a/src/misc-progs/wirelessctrl.c
+++ b/src/misc-progs/wirelessctrl.c
@@ -156,8 +156,8 @@ int main(void)
 									safe_system(command);
 									snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s ! -o %s -j ACCEPT", macaddress, ipaddress, blue_dev, green_dev);
 									safe_system(command);
-									/*snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s -j DMZHOLES", macaddress, ipaddress, blue_dev);
-									safe_system(command);*/
+									snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s -j FORWARDFW", macaddress, ipaddress, blue_dev);
+									safe_system(command);
 							} else {
 
 									/* correctly formed mac address is 17 chars */
@@ -166,8 +166,8 @@ int main(void)
 													safe_system(command);
 													snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -i %s ! -o %s -j ACCEPT", macaddress, blue_dev, green_dev);
 													safe_system(command);
-													/*snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -i %s -j DMZHOLES", macaddress, blue_dev);
-													safe_system(command);*/
+													snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -i %s -j FORWARDFW", macaddress, blue_dev);
+													safe_system(command);
 									}
 
 									if (VALID_IP_AND_MASK(ipaddress)) {
@@ -175,8 +175,8 @@ int main(void)
 													safe_system(command);
 													snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s ! -o %s -j ACCEPT", ipaddress, blue_dev, green_dev);
 													safe_system(command);
-													/*snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s -j DMZHOLES", ipaddress, blue_dev);
-													safe_system(command);*/
+													snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s -j FORWARDFW", ipaddress, blue_dev);
+													safe_system(command);
 									}
 							}
 							}