From 7ecd9238d5b1180bcad431b5f02817d7a36da22c Mon Sep 17 00:00:00 2001
From: bbruns <bbruns@e5899ace-8841-11de-95b9-8f387cfb8bc3>
Date: Sat, 12 Apr 2014 20:38:56 +0000
Subject: [PATCH]

---
 lib/iptables.inc | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/lib/iptables.inc b/lib/iptables.inc
index ef9134e..6c003d1 100644
--- a/lib/iptables.inc
+++ b/lib/iptables.inc
@@ -85,8 +85,10 @@ function setup_iptables_chains {
 	${VER_IPTABLES} -N ${InFilter}
 	${VER_IPTABLES} -N ${OutFilter}
 	${VER_IPTABLES} -N ${FwdFilter}
-	${VER_IPTABLES} -N ${NAT} -t nat
-	${VER_IPTABLES} -N ${PortForward} -t nat
+	([[ ${IP_VERSION} == "4" ]] && [[ ${Enablev4NAT} == "yes" ]]) && ${VER_IPTABLES} -N ${NAT} -t nat
+	([[ ${IP_VERSION} == "6" ]] && [[ ${Enablev6NAT} == "yes" ]]) && ${VER_IPTABLES} -N ${NAT} -t nat
+	([[ ${IP_VERSION} == "4" ]] && [[ ${Enablev4NAT} == "yes" ]]) && ${VER_IPTABLES} -N ${PortForward} -t nat
+	([[ ${IP_VERSION} == "6" ]] && [[ ${Enablev6NAT} == "yes" ]]) && ${VER_IPTABLES} -N ${PortForward} -t nat
 	${VER_IPTABLES} -N ${InPostRules}
 	${VER_IPTABLES} -N ${OutPostRules}
 	
@@ -115,7 +117,8 @@ function setup_iptables_chains {
 	([[ ${IP_VERSION} == "6" ]] && [[ ${Enablev6NAT} == "yes" ]]) && ${VER_IPTABLES} -A POSTROUTING -t nat -j ${NAT}
 	if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/portfw.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/portfw.sh; fi
 	${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Setting up PortForward"
-	${VER_IPTABLES} -A PREROUTING -t nat -j ${PortForward}
+	([[ ${IP_VERSION} == "4" ]] && [[ ${Enablev4NAT} == "yes" ]]) && ${VER_IPTABLES} -A PREROUTING -t nat -j ${PortForward}
+	([[ ${IP_VERSION} == "6" ]] && [[ ${Enablev6NAT} == "yes" ]]) && ${VER_IPTABLES} -A PREROUTING -t nat -j ${PortForward}
 	if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/postrun.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/postrun.sh; fi
 	${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Setting up InPostRules"
 	${VER_IPTABLES} -A INPUT -j ${InPostRules}