~mdw / firewall / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Introduce variable for expected input chains.
[firewall] / bookends.m4
diff --git a/bookends.m4 b/bookends.m4
index 69a721e..6faa91b 100644 (file)
--- a/bookends.m4
+++ b/bookends.m4
@@ -111,6 +111,10 @@ case $host_type_<::>FWHOST in
 esac
 setopt ip_forward $forward
 setdevopt forwarding $forward
+case $forward in
+  0) inchains="INPUT" ;;
+  1) inchains="INPUT FORWARD" ;;
+esac
 
 ## Set dynamic port allocation.
 setopt ip_local_port_range $open_port_min $open_port_max
Firewall scripts for distorted.org.uk.