Hi, I think we have to rework that code a litte. It is hard to understand. On Mon, 2018-06-18 at 20:32 +0200, Erik Kapfer wrote: > Patch is from bug #11614 > With the please to deliver it for further review to the dev mailinglist. > > Signed-off-by: Erik Kapfer > --- > src/initscripts/system/squid | 11 +++++++++++ > 1 file changed, 11 insertions(+) > > diff --git a/src/initscripts/system/squid b/src/initscripts/system/squid > index 7255c0a..267a416 100644 > --- a/src/initscripts/system/squid > +++ b/src/initscripts/system/squid > @@ -37,6 +37,17 @@ transparent() { > iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk > -F, '{ print $13 }'` --dport 80 -j RETURN > done < $FILE > > + FILE=/var/ipfire/ovpn/ovpnconfig Not sure why this is variable since it is only used once. > + > + while read LINE; do > + let COUNT=$COUNT+1 COUNT is never initialized and never used either. > + CONN_TYPE=`echo "$LINE" | awk -F, '{ print $5 }'` > + if [ "$CONN_TYPE" != "net" ]; then > + continue > + fi The following iptables line is missing a tab. > + iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk > -F, '{ print $13 }'` --dport 80 -j RETURN It is not clear what the command should be like. I think it is best to use while read ...; do ... done to walk through the file line by line and put the values into a variable with a good name. That will avoid confusion later. > + done < $FILE > + > if [ "$RED_TYPE" == "STATIC" ]; then > iptables -t nat -A SQUID -i $1 -p tcp -d > $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN > fi Erik, would you please rework this patch? Best, -Michael