aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJo-Philipp Wich <jow@openwrt.org>2010-07-16 06:03:15 +0000
committerJo-Philipp Wich <jow@openwrt.org>2010-07-16 06:03:15 +0000
commite62a9791ee4be2e2ade71d566faf4d5b2b1627f5 (patch)
tree9bb52d8d80199fc6fa5bee871e6b78628fbf636f
parent9c3244a88495646571fd3548f85885ac02c2f3f5 (diff)
downloadupstream-e62a9791ee4be2e2ade71d566faf4d5b2b1627f5.tar.gz
upstream-e62a9791ee4be2e2ade71d566faf4d5b2b1627f5.tar.bz2
upstream-e62a9791ee4be2e2ade71d566faf4d5b2b1627f5.zip
firewall: allow redirecting only destination port (#7197)
SVN-Revision: 22227
-rw-r--r--package/firewall/Makefile2
-rw-r--r--package/firewall/files/lib/core_redirect.sh5
2 files changed, 4 insertions, 3 deletions
diff --git a/package/firewall/Makefile b/package/firewall/Makefile
index b1969d9abd..c1f3f6eb22 100644
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=firewall
PKG_VERSION:=2
-PKG_RELEASE:=7
+PKG_RELEASE:=8
include $(INCLUDE_DIR)/package.mk
diff --git a/package/firewall/files/lib/core_redirect.sh b/package/firewall/files/lib/core_redirect.sh
index b51f79390a..15d01b0a75 100644
--- a/package/firewall/files/lib/core_redirect.sh
+++ b/package/firewall/files/lib/core_redirect.sh
@@ -26,8 +26,8 @@ fw_load_redirect() {
fw_callback pre redirect
- [ -n "$redirect_src" -a -n "$redirect_dest_ip" ] || {
- fw_die "redirect ${redirect_name}: needs src and dest_ip"
+ [ -n "$redirect_src" -a -n "$redirect_dest_ip$redirect_dest_port" ] || {
+ fw_die "redirect ${redirect_name}: needs src and dest_ip or dest_port"
}
list_contains FW_CONNTRACK_ZONES $redirect_src || \
@@ -53,6 +53,7 @@ fw_load_redirect() {
--to-destination ${redirect_dest_ip}${redirect_dest_port:+:$nat_dest_port} \
}
+ [ -n "$redirect_dest_ip" ] && \
fw add $mode f zone_${redirect_src}_forward ACCEPT ^ { $redirect_src_ip $redirect_dest_ip } { \
-d $redirect_dest_ip \
${redirect_proto:+-p $redirect_proto} \