diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2013-02-04 14:38:33 +0000 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2013-02-04 14:38:33 +0000 |
commit | 292b4e42b3dced9e54047ee771f72c730dd8ec20 (patch) | |
tree | df8e07613004ca3a6247d5d0d89e1339be14a13b /package/network/config/firewall/files/lib/core_forwarding.sh | |
parent | 421f13b5dcdd95346a64c12ca5b3df28275a7e74 (diff) | |
download | master-187ad058-292b4e42b3dced9e54047ee771f72c730dd8ec20.tar.gz master-187ad058-292b4e42b3dced9e54047ee771f72c730dd8ec20.tar.bz2 master-187ad058-292b4e42b3dced9e54047ee771f72c730dd8ec20.zip |
firewall: various enhancements
- reduce mssfix related log spam (#10681)
- separate src and dest terminal chains (#11453, #12945)
- disable per-zone custom chains by default, they're rarely used
Additionally introduce options "device", "subnet", "extra", "extra_src" and "extra_dest"
to allow defining zones not related to uci interfaces, e.g. to match "ppp+" or any tcp
traffic to and from a specific port.
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@35484 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/network/config/firewall/files/lib/core_forwarding.sh')
-rw-r--r-- | package/network/config/firewall/files/lib/core_forwarding.sh | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/package/network/config/firewall/files/lib/core_forwarding.sh b/package/network/config/firewall/files/lib/core_forwarding.sh index c4a968143d..2ea03f0eb7 100644 --- a/package/network/config/firewall/files/lib/core_forwarding.sh +++ b/package/network/config/firewall/files/lib/core_forwarding.sh @@ -17,14 +17,14 @@ fw_load_forwarding() { fw_callback pre forwarding - local chain=forward + local chain=delegate_forward [ -n "$forwarding_src" ] && { chain=zone_${forwarding_src}_forward } local target=ACCEPT [ -n "$forwarding_dest" ] && { - target=zone_${forwarding_dest}_ACCEPT + target=zone_${forwarding_dest}_dest_ACCEPT } local mode |