===================================================================
RCS file: /home/cvsd/home/cvs/scripts/shell/firewall/fw-universal.sh,v
retrieving revision 2.27
retrieving revision 2.28
diff -u -p -r2.27 -r2.28
--- scripts/shell/firewall/fw-universal.sh	2005/08/04 19:39:11	2.27
+++ scripts/shell/firewall/fw-universal.sh	2005/10/09 21:11:08	2.28
@@ -9,7 +9,7 @@
 # Licensed under terms of GNU General Public License.
 # All rights reserved.
 #
-# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.26 2005/06/29 16:16:46 rajo Exp $
+# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.27 2005/08/04 19:39:11 rajo Exp $
 #
 # Changelog:
 # 2003-10-24 - created
@@ -500,6 +500,12 @@ allow_accept_all()
 allow_input()
 { # {{{
 
+	if [ ! -z "$NAT_LAN_IFACE" ]; then
+		for client_ip in $NAT_CLIENT_DROP; do
+			echo -en " !$client_ip";
+			$IPTABLES -A INPUT -s $client_ip -i $NAT_SUBNET_IFACE -j DROP
+		done
+	fi
 	if [ ! -z "$ALL_ACCEPT_INPUT_TCP" ]; then
 		echo -en "Accepting ALL INPUT TCP connections on ports:"
 		for port in $ALL_ACCEPT_INPUT_TCP; do