Description of problem: PATH variable defined as PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/sbin" on line 128 in script /usr/libexec/strongswan/_updown is preventing leftfirewall=yes option from working correctly. Works correctly after changing line as in vanilla strongSwan sources: PATH="/sbin:/bin:/usr/sbin:/usr/bin:@sbindir@" Version-Release number of selected component (if applicable): 5.1.3-1.el6 Steps to Reproduce: 1. Set leftfirewall=yes in /etc/strongswan/ipsec.conf conn settings 2. connect with client 3. script will not set iptables forwarding rules and will log this in /var/log/messages: May 17 21:04:18 vpn charon: 16[CHD] updown: /usr/libexec/strongswan/_updown: line 475: iptables: command not found May 17 21:04:18 vpn charon: 16[CHD] updown: /usr/libexec/strongswan/_updown: line 478: iptables: command not found Additional info: Correct in vanilla strongSwan 5.1.3 sources: PATH="/sbin:/bin:/usr/sbin:/usr/bin:@sbindir@"
it seems to be caused by something else afterall