===================================================================
RCS file: /home/cvsd/home/cvs/scripts/shell/firewall/fw-universal.sh,v
retrieving revision 2.117
retrieving revision 2.118
diff -u -p -r2.117 -r2.118
--- scripts/shell/firewall/fw-universal.sh	2018/08/23 04:34:58	2.117
+++ scripts/shell/firewall/fw-universal.sh	2018/12/10 11:46:12	2.118
@@ -22,7 +22,7 @@
 # Licensed under terms of GNU General Public License.
 # All rights reserved.
 #
-# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.116 2018/06/28 23:13:42 nepto Exp $
+# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.117 2018/08/23 04:34:58 nepto Exp $
 #
 # Changelog:
 # 2003-10-24 - created
@@ -763,15 +763,12 @@ do_ban_single_ip()
 		return;
 	fi
 	for banned_ip in $*; do
-		$IPTABLES -A INPUT -s $banned_ip -j DROP;
-		if [ "X$XEN_MODE" = "Xon" ]; then
-			print_info -ne " XEN_MODE ";
-		else
-			# This does immediate connection termination, but it must be
-			# inserted (not appended) into chain, otherwise connection
-			# will still remain alive -- Nepto [2018-08-23]
-			$IPTABLES -I FORWARD -s $banned_ip -j DROP;
-		fi
+		# This does immediate connection termination, but it must be inserted
+		# and thus not appended into chain, otherwise connection will still
+		# remain alive. Former forward chain rule was removed as unneccessary.
+		#   -- Nepto [2018-08-23]
+		#   -- Plantroon [2018-12-10]
+		$IPTABLES -I INPUT -s $banned_ip -j DROP;
 	done
 } # }}}