diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2010-07-16 06:03:15 +0000 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2010-07-16 06:03:15 +0000 |
commit | e62a9791ee4be2e2ade71d566faf4d5b2b1627f5 (patch) | |
tree | 9bb52d8d80199fc6fa5bee871e6b78628fbf636f | |
parent | 9c3244a88495646571fd3548f85885ac02c2f3f5 (diff) | |
download | upstream-e62a9791ee4be2e2ade71d566faf4d5b2b1627f5.tar.gz upstream-e62a9791ee4be2e2ade71d566faf4d5b2b1627f5.tar.bz2 upstream-e62a9791ee4be2e2ade71d566faf4d5b2b1627f5.zip |
firewall: allow redirecting only destination port (#7197)
SVN-Revision: 22227
-rw-r--r-- | package/firewall/Makefile | 2 | ||||
-rw-r--r-- | package/firewall/files/lib/core_redirect.sh | 5 |
2 files changed, 4 insertions, 3 deletions
diff --git a/package/firewall/Makefile b/package/firewall/Makefile index b1969d9abd..c1f3f6eb22 100644 --- a/package/firewall/Makefile +++ b/package/firewall/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=firewall PKG_VERSION:=2 -PKG_RELEASE:=7 +PKG_RELEASE:=8 include $(INCLUDE_DIR)/package.mk diff --git a/package/firewall/files/lib/core_redirect.sh b/package/firewall/files/lib/core_redirect.sh index b51f79390a..15d01b0a75 100644 --- a/package/firewall/files/lib/core_redirect.sh +++ b/package/firewall/files/lib/core_redirect.sh @@ -26,8 +26,8 @@ fw_load_redirect() { fw_callback pre redirect - [ -n "$redirect_src" -a -n "$redirect_dest_ip" ] || { - fw_die "redirect ${redirect_name}: needs src and dest_ip" + [ -n "$redirect_src" -a -n "$redirect_dest_ip$redirect_dest_port" ] || { + fw_die "redirect ${redirect_name}: needs src and dest_ip or dest_port" } list_contains FW_CONNTRACK_ZONES $redirect_src || \ @@ -53,6 +53,7 @@ fw_load_redirect() { --to-destination ${redirect_dest_ip}${redirect_dest_port:+:$nat_dest_port} \ } + [ -n "$redirect_dest_ip" ] && \ fw add $mode f zone_${redirect_src}_forward ACCEPT ^ { $redirect_src_ip $redirect_dest_ip } { \ -d $redirect_dest_ip \ ${redirect_proto:+-p $redirect_proto} \ |