firewall: fix green only mode.

disable masquerade and green IP/NET check if internet is connected via green.
2026-04-24 09:52:58 +02:00 · 2014-04-05 11:04:25 +02:00
parent fee04791f4
commit c926c6375d
2 changed files with 12 additions and 2 deletions
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -311,7 +311,10 @@ iptables_red() {

 		# Outgoing masquerading (don't masqerade IPSEC (mark 50))
 		iptables -t nat -A REDNAT -m mark --mark 50 -o $IFACE -j RETURN
-		iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
+
+		if [ "$IFACE" != "$GREEN_DEV" ]; then
+			iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
+		fi

 	fi