X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/blobdiff_plain/e6d64b676e9da834e9b0f6243a01e4362202b840..4224a17b2d6e6b2dd82b6b056dc271270beaea3e:/bookends.m4

diff --git a/bookends.m4 b/bookends.m4
index a0731d2..f451c8d 100644
--- a/bookends.m4
+++ b/bookends.m4
@@ -38,6 +38,8 @@ preserve_chains="filter:fail2ban filter:fail2ban-* $preserve_chains"
 ## Take the various IP versions in turn.
 unref=nil
 for ip in ip ip6; do
+  if [ "$FW_NOACT" ]; then break; fi
+
   for table in $(cat /proc/net/${ip}_tables_names); do
 
     ## Step 1: clear out the builtin chains.
@@ -216,7 +218,7 @@ case $forward in
       run ip6tables -A check-fwd-multi -g bad-destination-address \
 	    -d ff${x}2::/16
     done
-    ip6tables -A FORWARD -j check-fwd-multi -d ff00::/8
+    run ip6tables -A FORWARD -j check-fwd-multi -d ff00::/8
     ;;
 esac