From aa43abb8d10f5cb52d1607415cf2be30f888a19c Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Wed, 6 Jul 2011 22:10:46 +0000
Subject: [package] firewall: 	- solve scoping issues when multiple values
 are used, thanks Daniel Dickinson 	- ignore src_port/dest_port for proto
 icmp rules, ignore icmp_type for non-icmp rules 	- properly handle icmp
 when proto is given in numerical form (1, 58) 	- support negated icmp types

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@27500 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 package/firewall/files/lib/core_redirect.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'package/firewall/files/lib/core_redirect.sh')

diff --git a/package/firewall/files/lib/core_redirect.sh b/package/firewall/files/lib/core_redirect.sh
index 0b8030d96a..a6245fad24 100644
--- a/package/firewall/files/lib/core_redirect.sh
+++ b/package/firewall/files/lib/core_redirect.sh
@@ -91,15 +91,15 @@ fw_load_redirect() {
 	fw_get_negation destports '--dport' "$destports"
 
 	[ "$redirect_proto" == "tcpudp" ] && redirect_proto="tcp udp"
-	for redirect_proto in $redirect_proto; do
-		fw_get_negation redirect_proto '-p' "$redirect_proto"
-		for redirect_src_mac in ${redirect_src_mac:-""}; do
-			fw_get_negation redirect_src_mac '--mac-source' "$redirect_src_mac"
+	local pr; for pr in $redirect_proto; do
+		fw_get_negation pr '-p' "$pr"
+		local sm; for sm in ${redirect_src_mac:-""}; do
+			fw_get_negation sm '--mac-source' "$sm"
 			fw add $mode n $natchain $redirect_target + \
 				{ $redirect_src_ip $redirect_dest_ip } { \
 				$srcaddr $srcdaddr $redirect_proto \
 				$srcports $srcdports \
-				${redirect_src_mac:+-m mac $redirect_src_mac} \
+				${sm:+-m mac $sm} \
 				$natopt $nataddr${natports:+:$natports} \
 				$redirect_options \
 			}
-- 
cgit v1.2.3