-for sfx in '' ".$(hostname -s)"
-do
- if [ -e "services${sfx}" ]
- then
-
- for l in $(decommentcat "services${sfx}")
- do
- allow_services "${l}"
- done
- fi
-done
+# accept all IPSec traffic
+$IPTABLES -A INPUT -m policy --dir in --pol ipsec -j ACCEPT
+$IP6TABLES -A INPUT -m policy --dir in --pol ipsec -j ACCEPT
+
+if [ $is_router -gt 0 ]
+then
+ $IPTABLES -t nat -A POSTROUTING -o ${EXT_IF} -j SNAT --to ${EXT_ADDR}
+fi
+
+./services.sh ${EXT_IF}
+
+create_drop_chain xenophobe