From ddd7bc732d3b845f03876ac880afcf66c0283eed Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Sat, 9 Oct 2004 00:41:02 +0000
Subject: [PATCH] Improve IPSEC hosts fix -- take II

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1671 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall2/firewall | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/Shorewall2/firewall b/Shorewall2/firewall
index 0ff1cb4c0..5c55a444b 100755
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@@ -697,9 +697,8 @@ verify_interface()
 }
 
 #
-# Generate a match for decrypted packets
+# Determine of communication to/from a host is encrypted using IPSEC
 #
-
 ipsec_host() # $1 = zone, $2 = host
 {
     eval local is_ipsec=\$${1}_is_ipsec
@@ -708,6 +707,9 @@ ipsec_host() # $1 = zone, $2 = host
     test -n "$is_ipsec" || list_search $2 $hosts
 }
 
+#
+# Generate a match for decrypted packets
+#
 match_ipsec_in() # $1 = zone, $2 = host
 {
     if ipsec_host $1 $2 ; then