From 636f55f3a56ec4ed99e2e0e1e54be992e5277603 Mon Sep 17 00:00:00 2001
From: Christoph <ckubu@oopen.de>
Date: Fri, 7 Apr 2017 22:12:50 +0200
Subject: [PATCH] Add Comment for special local network rules as
 local_net_to_local_ip

---
 ip6t-firewall-gateway | 24 ++++++++++++++++++++++++
 ipt-firewall-gateway  | 23 +++++++++++++++++++++++
 2 files changed, 47 insertions(+)

diff --git a/ip6t-firewall-gateway b/ip6t-firewall-gateway
index aa0222c..b7844e1 100755
--- a/ip6t-firewall-gateway
+++ b/ip6t-firewall-gateway
@@ -817,6 +817,10 @@ fi
 # ---
 
 echononl "\tAllow local services from given local networks"
+
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 if [[ ${#allow_local_net_to_local_service_arr[@]} -gt 0 ]] \
       && $kernel_forward_between_interfaces ; then
 
@@ -849,6 +853,9 @@ fi
 
 echononl "\tAllow all traffic from local network to local ip-address"
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 if [[ ${#allow_local_net_to_local_ip_arr[@]} -gt 0 ]] \
       && $kernel_forward_between_interfaces ; then
 
@@ -878,6 +885,9 @@ fi
 
 echononl "\tAllow all traffic from local ip-address to local network"
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 if [[ ${#allow_local_ip_to_local_net_arr[@]} -gt 0 ]] \
       && $kernel_forward_between_interfaces ; then
 
@@ -907,6 +917,9 @@ fi
 
 echononl "\tAllow all traffic from local network to (another) local network"
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 if [[ ${#allow_local_net_to_local_net_arr[@]} -gt 0 ]] \
       && $kernel_forward_between_interfaces ; then
 
@@ -936,6 +949,9 @@ fi
 
 echononl "\tAllow local ip address from given local interface"
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 if [[ ${#allow_local_if_to_local_ip_arr[@]} -gt 0 ]] \
       && $kernel_forward_between_interfaces ; then
 
@@ -964,6 +980,10 @@ fi
 # ---
 
 echononl "\tSeparate local networks.."
+
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 if [[ ${#separate_local_network_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
    for _net in ${separate_local_network_arr[@]}; do
       for _dev in ${local_if_arr[@]} ; do
@@ -982,6 +1002,10 @@ fi
 # ---
 
 echononl "\tSeparate local interfaces.."
+
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 if [[ ${#separate_local_if_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
    for _dev_1 in ${separate_local_if_arr[@]}; do
          for _dev_2 in ${local_if_arr[@]} ; do
diff --git a/ipt-firewall-gateway b/ipt-firewall-gateway
index 3f0aa1a..77e105f 100755
--- a/ipt-firewall-gateway
+++ b/ipt-firewall-gateway
@@ -1163,6 +1163,9 @@ fi
 # - Allow local services from given local networks
 # ---
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 echononl "\tAllow local services from given local networks"
 if [[ ${#allow_local_net_to_local_service_arr[@]} -gt 0 ]] \
       && $kernel_activate_forwarding ; then
@@ -1196,6 +1199,9 @@ fi
 
 echononl "\tAllow all traffic from local network to local ip-address"
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 if [[ ${#allow_local_net_to_local_ip_arr[@]} -gt 0 ]] \
       && $kernel_activate_forwarding ; then
 
@@ -1225,6 +1231,9 @@ fi
 
 echononl "\tAllow all traffic from local ip-address to local network"
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 if [[ ${#allow_local_ip_to_local_net_arr[@]} -gt 0 ]] \
       && $kernel_activate_forwarding ; then
 
@@ -1252,6 +1261,9 @@ fi
 # - Allow all traffic from (one) local network to (another) local network
 # ---
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 echononl "\tAllow all traffic from local network to (another) local network"
 
 if [[ ${#allow_local_net_to_local_net_arr[@]} -gt 0 ]] \
@@ -1281,6 +1293,9 @@ fi
 # - Allow local ip address from given local interface
 # ---
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 echononl "\tAllow local ip address from given local interface"
 
 if [[ ${#allow_local_if_to_local_ip_arr[@]} -gt 0 ]] \
@@ -1310,7 +1325,11 @@ fi
 # - Separate local networks
 # ---
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 echononl "\tSeparate local networks.."
+
 if [[ ${#separate_local_network_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
    for _net in ${separate_local_network_arr[@]}; do
       for _dev in ${local_if_arr[@]} ; do
@@ -1328,7 +1347,11 @@ fi
 # - Separate local interfaces
 # ---
 
+# - !! Note:
+# -    does NOT depend on settings 'permit_between_local_networks' !!
+# -
 echononl "\tSeparate local interfaces.."
+
 if [[ ${#separate_local_if_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
    for _dev_1 in ${separate_local_if_arr[@]}; do
       for _dev_2 in ${local_if_arr[@]} ; do