From 4d26d8c04fdf769653b51532d725dac3bbb4473d Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Wed, 11 Dec 2024 09:10:52 +0100
Subject: [PATCH] VR: allow outgoing traffic from Remote access VPN clients

---
 systemvm/debian/opt/cloud/bin/configure.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/systemvm/debian/opt/cloud/bin/configure.py b/systemvm/debian/opt/cloud/bin/configure.py
index cf0b71ab436a..be1530090be4 100755
--- a/systemvm/debian/opt/cloud/bin/configure.py
+++ b/systemvm/debian/opt/cloud/bin/configure.py
@@ -1287,10 +1287,12 @@ def remoteaccessvpn_iptables(self, publicip, obj):
             self.fw.append(["", "", "-A VPN_FORWARD -s  %s -j RETURN" % localcidr])
             self.fw.append(["", "", "-A VPN_FORWARD -i ppp+ -d %s -j RETURN" % localcidr])
             self.fw.append(["", "", "-A VPN_FORWARD -i ppp+  -o ppp+ -j RETURN"])
+            self.fw.append(["", "", "-A VPN_FORWARD -j ACCEPT"])
         else:
             self.fw.append(["", "", "-A FORWARD -i ppp+ -o  ppp+ -j ACCEPT"])
             self.fw.append(["", "", "-A FORWARD -s %s -o  ppp+ -j ACCEPT" % localcidr])
             self.fw.append(["", "", "-A FORWARD -i ppp+ -d %s  -j ACCEPT" % localcidr])
+            self.fw.append(["", "", "-A FORWARD -i ppp+ -j ACCEPT"])
 
         self.fw.append(["", "", "-A INPUT -i ppp+ -m udp -p udp --dport 53 -j ACCEPT"])
         self.fw.append(["", "", "-A INPUT -i ppp+ -m tcp -p tcp --dport 53 -j ACCEPT"])