Alexander Marx 306098a498 BUG10994: SNAT rules are missing the outgoing interface ...

When creating SNAT rules, the outgoing interface is not set. As a side
effect, traffic that should be send unnatted to a vpn tunnel can be
natted which is a BUG.
With this patch the SNAT rules are getting a outgoing interface
according to the configuration. When selecting the RED Target network,
all SNAT rules will be configured with "-o red0". Otherwise if "all" is
selected, there is no interface in the rule, which matches all networks.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

2015-12-15 13:53:03 +00:00

..

convert-dmz

Make firewall convert scripts more robust.

2014-01-18 18:28:07 +01:00

convert-outgoingfw

Firewall: outgoingconverter fix for ipfire-src

2014-04-28 14:27:54 +02:00

convert-portfw

BUG10984: Fix portforwardconverter for upgrades before core 77

2015-11-19 12:53:38 +00:00

convert-xtaccess

Make firewall convert scripts more robust.

2014-01-18 18:28:07 +01:00

firewall-lib.pl

firewall: Support multiple subnets per IPsec tunnel

2015-09-22 00:26:37 +01:00

firewall-policy

firewall: Allow blocking access to GREEN from GREEN.

2014-05-20 11:41:23 +02:00

geoipblock

Add default config file for geoipblock.

2015-01-04 00:56:00 +01:00

ipsec-block

ipsec: Add block rules to avoid conntrack entries

2015-10-15 22:44:47 +01:00

p2protocols

firewall: Disable the P2P blocker by default

2015-05-20 13:37:35 +02:00

rules.pl

BUG10994: SNAT rules are missing the outgoing interface

2015-12-15 13:53:03 +00:00