webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-01 07:50:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

Some changes for strongswan.

Browse Source 
Still need a replacement for ipsec auto --replace
This commit is contained in:
Arne Fitzenreiter
2010-03-27 21:15:46 +01:00
parent 5e21bae9cd
commit db073a101e
6 changed files with 63 additions and 197 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/initscripts/init.d/firewall
View File

@@ -116,7 +116,8 @@ iptables_red() {
/sbin/iptables -A REDINPUT -p udp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
fi
# Outgoing masquerading
# Outgoing masquerading (don't masqerade IPSEC (mark 50))
/sbin/iptables -t nat -A REDNAT -m mark --mark 50 -o $IFACE -j RETURN
/sbin/iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
fi