From 5f6c88466312f4d514e6ce27f4134d08c7f8439d Mon Sep 17 00:00:00 2001
From: Xala <xala@clamifa.net>
Date: Thu, 6 Jul 2017 18:13:25 +0200
Subject: [PATCH] fix openvpn removal keeps iptables rules

---
 openvpn-install.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index e16ba4e..2e97376 100755
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -157,8 +157,11 @@ if [[ -e /etc/openvpn/server.conf ]]; then
 					sed -i "/iptables -I INPUT -p udp --dport $PORT -j ACCEPT/d" $RCLOCAL
 					sed -i "/iptables -I FORWARD -s 10.8.0.0\/24 -j ACCEPT/d" $RCLOCAL
 					sed -i "/iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT/d" $RCLOCAL
+          iptables -D INPUT -p udp --dport $PORT -j ACCEPT
+          iptables -D FORWARD -s 10.8.0.0/24 -j ACCEPT
 				fi
-				sed -i '/iptables -t nat -A POSTROUTING -s 10.8.0.0\/24 -j SNAT --to /d' $RCLOCAL
+				sed -i "/iptables -t nat -A POSTROUTING $NIC -s 10.8.0.0\/24 -j MASQUERADE/d" $RCLOCAL
+        iptables -t nat -D POSTROUTING $NIC -s 10.8.0.0/24 -j MASQUERADE
 				if hash sestatus 2>/dev/null; then
 					if sestatus | grep "Current mode" | grep -qs "enforcing"; then
 						if [[ "$PORT" != '1194' ]]; then