projects / openwrt-10.03 / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7c6904c)
[backfire] firewall: consider zones referenced by redirects as conntracked (#7196)
authorjow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Thu, 15 Jul 2010 22:08:02 +0000 (22:08 +0000)
committerjow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Thu, 15 Jul 2010 22:08:02 +0000 (22:08 +0000)
git-svn-id: svn://svn.openwrt.org/openwrt/branches/backfire@22216 3c298f89-4303-0410-b956-a3cf2f4a3e73

package/firewall/Makefile patch | blob | history
package/firewall/files/uci_firewall.sh patch | blob | history

diff --git a/package/firewall/Makefile b/package/firewall/Makefile
index abc6020434a9009fea0cad8178bebacb90be0cda..7c324fcf16ce49e1771c27f5f7367c5b3386611a 100644 (file)
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=firewall
 
 PKG_VERSION:=1
-PKG_RELEASE:=10
+PKG_RELEASE:=11
 
 include $(INCLUDE_DIR)/package.mk
 
diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 8d7538201b97882d9236b02a66c4a3c0ec41651a..be1d437a6af90c883267074fc8530f8db8b52acf 100755 (executable)
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -356,6 +356,9 @@ fw_redirect() {
        [ -z "$src" -o -z "$dest_ip" ] && { \
                echo "redirect needs src and dest_ip"; return ; }
 
+       find_item "$src" $CONNTRACK_ZONES || \
+               append CONNTRACK_ZONES "$src"
+
        src_port_first=${src_port%-*}
        src_port_last=${src_port#*-}
        [ "$src_port_first" != "$src_port_last" ] && { \
@@ -391,6 +394,7 @@ fw_redirect() {
                        ${src_mac:+-m mac --mac-source $src_mac} \
                        -j ACCEPT
        }
+
        [ "$proto" == "tcpudp" -o -z "$proto" ] && {
                proto=tcp
                add_rule
Unnamed repository; edit this file 'description' to name the repository.