===================================================================
RCS file: /home/cvsd/home/cvs/scripts/shell/firewall/fw-universal.sh,v
retrieving revision 2.118
retrieving revision 2.119
diff -u -p -r2.118 -r2.119
--- scripts/shell/firewall/fw-universal.sh	2018/12/10 11:46:12	2.118
+++ scripts/shell/firewall/fw-universal.sh	2019/02/14 07:41:47	2.119
@@ -22,7 +22,7 @@
 # Licensed under terms of GNU General Public License.
 # All rights reserved.
 #
-# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.117 2018/08/23 04:34:58 nepto Exp $
+# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.118 2018/12/10 11:46:12 nepto Exp $
 #
 # Changelog:
 # 2003-10-24 - created
@@ -816,6 +816,19 @@ allow_accept_all()
 	fi
 } # }}}
 
+allow_accept_vrrp()
+{ # {{{
+	if [ ! -z "$IFACE_ACCEPT_VRRP" ]; then
+		print_info -en "Accepting VRRP packets on interfaces:"
+		for iface in $IFACE_ACCEPT_VRRP; do
+			print_info -en " $iface"
+			$IPTABLES -A INPUT  -i $iface -d 224.0.0.18/32 -p vrrp -j ACCEPT;
+			$IPTABLES -A OUTPUT -i $iface -d 224.0.0.18/32 -p vrrp -j ACCEPT;
+		done
+		print_info " done."
+	fi
+} # }}}
+
 drop_input()
 { # {{{
 	if [ ! -z "$NAT_LAN_IFACE" ]; then
@@ -1918,6 +1931,7 @@ case "$1" in
 		#
 		bann_ip_adresses
 		allow_accept_all
+		allow_accept_vrrp
 		nmap_scan_filter
 		invalid_packet_filter
 		anti_spoof_filter