From e8b568a0b96b2a39c35f6d1d73ff4fc30ee05908 Mon Sep 17 00:00:00 2001
From: r0p0s3c <rudolph.pereira+github@occamsec.com>
Date: Tue, 14 Feb 2017 16:40:40 -0500
Subject: [PATCH] add additional documentation clarifying calling of function,
 purpose, and how to override it

---
 bin/ovpn_run | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/bin/ovpn_run b/bin/ovpn_run
index 0112a0e..14db9f0 100755
--- a/bin/ovpn_run
+++ b/bin/ovpn_run
@@ -35,6 +35,9 @@ function addArg {
     fi
 }
 
+# set up iptables rules and routing
+# this allows rules/routing to be altered by supplying this function
+# in an included file, such as ovpn_env.sh
 function setupIptablesAndRouting {
     iptables -t nat -C POSTROUTING -s $OVPN_SERVER -o $OVPN_NATDEVICE -j MASQUERADE || {
       iptables -t nat -A POSTROUTING -s $OVPN_SERVER -o $OVPN_NATDEVICE -j MASQUERADE
@@ -65,6 +68,9 @@ fi
 
 # Setup NAT forwarding if requested
 if [ "$OVPN_DEFROUTE" != "0" ] || [ "$OVPN_NAT" == "1" ] ; then
+	# call function to setup iptables rules and routing
+	# this allows rules to be customized by supplying
+	# a replacement function in, for example, ovpn_env.sh
 	setupIptablesAndRouting
 fi