From 1ad551b0a7047428905bd79e6d7a2752dff9df9d Mon Sep 17 00:00:00 2001
From: jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Fri, 16 Jul 2010 06:05:23 +0000
Subject: [PATCH] [backfire] firewall: allow redirecting only destination port
 (#7197)

git-svn-id: svn://svn.openwrt.org/openwrt/branches/backfire@22228 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 package/firewall/Makefile              | 2 +-
 package/firewall/files/uci_firewall.sh | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/package/firewall/Makefile b/package/firewall/Makefile
index 7c324fcf1..fa53bb351 100644
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=firewall
 
 PKG_VERSION:=1
-PKG_RELEASE:=11
+PKG_RELEASE:=12
 
 include $(INCLUDE_DIR)/package.mk
 
diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index be1d437a6..898827f4d 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -353,8 +353,8 @@ fw_redirect() {
 	config_get dest_ip $1 dest_ip
 	config_get dest_port $1 dest_port
 	config_get proto $1 proto
-	[ -z "$src" -o -z "$dest_ip" ] && { \
-		echo "redirect needs src and dest_ip"; return ; }
+	[ -z "$src" -o -z "$dest_ip$dest_port" ] && { \
+		echo "redirect needs src and dest_ip or dest_port"; return ; }
 
 	find_item "$src" $CONNTRACK_ZONES || \
 		append CONNTRACK_ZONES "$src"
@@ -385,6 +385,7 @@ fw_redirect() {
 			${src_mac:+-m mac --mac-source $src_mac} \
 			-j DNAT --to-destination $dest_ip${dest_port:+:$dest_port}
 
+		[ -n "$dest_ip" ] && \
 		$IPTABLES -I zone_${src}_forward 1 \
 			${proto:+-p $proto} \
 			-d $dest_ip \
-- 
2.35.1