| 1 |
jpp |
1.1 |
diff -Nur --no-dereference e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90local_chk50networks e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90local_chk50networks |
| 2 |
|
|
--- e-smith-packetfilter-2.6.0.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90local_chk50networks 2006-03-15 21:38:35.000000000 -0500 |
| 3 |
|
|
+++ e-smith-packetfilter-2.6.0/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90local_chk50networks 2021-11-15 22:16:10.453000000 -0500 |
| 4 |
|
|
@@ -6,16 +6,13 @@ |
| 5 |
|
|
# Make a new local_chk chain and add any networks found in networks db |
| 6 |
|
|
foreach my $local (@locals) |
| 7 |
|
|
{ |
| 8 |
|
|
- # If the network is a remote vpn subnet, restrict it to the ipsec0 |
| 9 |
|
|
+ # If the network is a remote vpn subnet, restrict it to the VPN |
| 10 |
|
|
# interface. |
| 11 |
|
|
my ($net, $msk) = split /\//, $local; |
| 12 |
|
|
my $netrec = $nets->get($net); |
| 13 |
|
|
die "Can't find network $net in networks db!\n" unless $netrec; |
| 14 |
|
|
$OUT .= "/sbin/iptables -A \$NEW_local_chk -s $local"; |
| 15 |
|
|
- if (($netrec->prop('remoteVPNSubnet') || 'no') eq 'yes') |
| 16 |
|
|
- { |
| 17 |
|
|
- $OUT .= " --in-interface ipsec0"; |
| 18 |
|
|
- } |
| 19 |
|
|
+ $OUT .= " --in-interface " . $netrec->prop('VPNif') if ( $netrec->prop('VPNif') ); |
| 20 |
|
|
$OUT .= " -j ACCEPT\n"; |
| 21 |
|
|
} |
| 22 |
|
|
} |
Parent Directory
| 
Revision Log
| 
Revision Graph
