From: jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Thu, 15 Jul 2010 22:08:02 +0000 (+0000)
Subject: [backfire] firewall: consider zones referenced by redirects as conntracked (#7196)
X-Git-Url: http://git.ozo.com/?p=openwrt-10.03%2F.git;a=commitdiff_plain;h=5e994345682baab2bf060597395b3716a2c42e83;hp=7c6904ccee74536ddf813ba3e6b15ee6790d5ea4

[backfire] firewall: consider zones referenced by redirects as conntracked (#7196)


git-svn-id: svn://svn.openwrt.org/openwrt/branches/backfire@22216 3c298f89-4303-0410-b956-a3cf2f4a3e73
---

diff --git a/package/firewall/Makefile b/package/firewall/Makefile
index abc602043..7c324fcf1 100644
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=firewall
 
 PKG_VERSION:=1
-PKG_RELEASE:=10
+PKG_RELEASE:=11
 
 include $(INCLUDE_DIR)/package.mk
 
diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index 8d7538201..be1d437a6 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -356,6 +356,9 @@ fw_redirect() {
 	[ -z "$src" -o -z "$dest_ip" ] && { \
 		echo "redirect needs src and dest_ip"; return ; }
 
+	find_item "$src" $CONNTRACK_ZONES || \
+		append CONNTRACK_ZONES "$src"
+
 	src_port_first=${src_port%-*}
 	src_port_last=${src_port#*-}
 	[ "$src_port_first" != "$src_port_last" ] && { \
@@ -391,6 +394,7 @@ fw_redirect() {
 			${src_mac:+-m mac --mac-source $src_mac} \
 			-j ACCEPT
 	}
+
 	[ "$proto" == "tcpudp" -o -z "$proto" ] && {
 		proto=tcp
 		add_rule