kvmhost02: rename vpn network and fix routing

itguru.at.fwb

@@ -799,7 +799,7 @@
         <Network id="id9639X17196" name="hetzner monitoring-02" comment="" ro="False" address="188.40.24.211" netmask="255.255.255.255"/>
         <Network id="id11343X65696" name="kvmhost02:internal:networks" comment="" ro="False" address="10.64.0.0" netmask="255.255.248.0"/>
         <NetworkIPv6 id="id11367X65696" name="my new ipv6 network" comment="" ro="False" address="2a01:4f9:2a:a55::" netmask="64"/>
-        <Network id="id11552X65696" name="Wireguard Network" comment="" ro="False" address="10.64.7.0" netmask="255.255.255.0"/>
+        <Network id="id11552X65696" name="VPN Network" comment="" ro="False" address="10.64.7.0" netmask="255.255.255.0"/>
         <Network id="id12721X65696" name="dmz ipv4" comment="" ro="False" address="10.68.1.0" netmask="255.255.255.0"/>
         <NetworkIPv6 id="id12734X65696" name="dmz ipv6" comment="" ro="False" address="2a01:4f9:2a:a55::10:0" netmask="116"/>
         <Network id="id12783X65696" name="db ipv4" comment="" ro="False" address="10.64.3.0" netmask="255.255.255.0"/>
@@ -2452,7 +2452,7 @@
           <Option name="verify_interfaces">True</Option>
         </FirewallOptions>
       </Firewall>
-      <Firewall id="id8899X28426" host_OS="linux24" inactive="False" lastCompiled="1578003277" lastInstalled="1578003311" lastModified="1578003266" platform="iptables" version="" name="kvmhost02" comment="" ro="False">
+      <Firewall id="id8899X28426" host_OS="linux24" inactive="False" lastCompiled="1578494421" lastInstalled="1578494433" lastModified="1578494410" platform="iptables" version="" name="kvmhost02" comment="" ro="False">
         <NAT id="id13393X65696" name="NAT" comment="" ro="False" ipv4_rule_set="True" ipv6_rule_set="False" top_rule_set="True">
           <NATRule id="id13395X65696" disabled="False" group="outgoing NAT" position="0" action="Translate" comment="NAT all outgoing mail traffic to mail IP">
             <OSrc neg="False">
@@ -3276,7 +3276,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id12975X65696" disabled="False" group="VMs" log="False" position="11" action="Accept" direction="Both" comment="basic protection for manfreds server.">
+          <PolicyRule id="id12975X65696" disabled="False" group="VMs" log="True" position="11" action="Accept" direction="Both" comment="basic protection for manfreds server.">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
@@ -3526,28 +3526,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id21845X6772" disabled="False" group="VMs" log="True" position="22" action="Accept" direction="Both" comment="allow all connections to old network">
-            <Src neg="False">
-              <ObjectRef ref="id11343X65696"/>
-            </Src>
-            <Dst neg="False">
-              <ObjectRef ref="id4422X5690"/>
-            </Dst>
-            <Srv neg="False">
-              <ServiceRef ref="sysid1"/>
-            </Srv>
-            <Itf neg="False">
-              <ObjectRef ref="sysid0"/>
-            </Itf>
-            <When neg="False">
-              <IntervalRef ref="sysid2"/>
-            </When>
-            <PolicyRuleOptions>
-              <Option name="color">#C86E6E</Option>
-              <Option name="stateless">False</Option>
-            </PolicyRuleOptions>
-          </PolicyRule>
-          <PolicyRule id="id9538X28426" disabled="False" group="outgoing traffic" log="True" position="23" action="Accept" direction="Outbound" comment="From the internal Network all connections are allowe the external networks.">
+          <PolicyRule id="id9538X28426" disabled="False" group="outgoing traffic" log="True" position="22" action="Accept" direction="Outbound" comment="From the internal Network all connections are allowe the external networks.">
             <Src neg="False">
               <ObjectRef ref="id11343X65696"/>
             </Src>
@@ -3568,7 +3547,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id12677X6099" disabled="False" group="outgoing traffic" log="True" position="24" action="Accept" direction="Both" comment="From ipv6 Network">
+          <PolicyRule id="id12677X6099" disabled="False" group="outgoing traffic" log="True" position="23" action="Accept" direction="Both" comment="From ipv6 Network">
             <Src neg="False">
               <ObjectRef ref="id11367X65696"/>
             </Src>
@@ -3589,7 +3568,7 @@
               <Option name="stateless">False</Option>
             </PolicyRuleOptions>
           </PolicyRule>
-          <PolicyRule id="id11010X28426" disabled="False" group="" log="True" position="25" action="Deny" direction="Both" comment="">
+          <PolicyRule id="id11010X28426" disabled="False" group="" log="True" position="24" action="Deny" direction="Both" comment="">
             <Src neg="False">
               <ObjectRef ref="sysid0"/>
             </Src>
@@ -3638,7 +3617,7 @@
         <Routing id="id8905X28426" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
           <RoutingRule id="id13373X354" disabled="False" group="" metric="0" position="0" comment="">
             <RDst neg="False">
-              <ObjectRef ref="id4422X5690"/>
+              <ObjectRef ref="id11552X65696"/>
             </RDst>
             <RGtw neg="False">
               <ObjectRef ref="id11122X65696"/>