aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJo-Philipp Wich <jow@openwrt.org>2011-10-27 18:14:55 +0000
committerJo-Philipp Wich <jow@openwrt.org>2011-10-27 18:14:55 +0000
commitc7ac1b5b0cda5c37fae6a653d815932db4d6e311 (patch)
treec881173661b942f1f58706bd6a1181b7ece9de9e
parent69853cc4e861a6b589577535b1bf4a72fc267ca9 (diff)
downloadupstream-c7ac1b5b0cda5c37fae6a653d815932db4d6e311.tar.gz
upstream-c7ac1b5b0cda5c37fae6a653d815932db4d6e311.tar.bz2
upstream-c7ac1b5b0cda5c37fae6a653d815932db4d6e311.zip
firewall: do not produce 0.0.0.0/0 if a symbolic masq_src or masq_dest is given but does not resolve to an ip
SVN-Revision: 28628
-rw-r--r--package/firewall/Makefile2
-rw-r--r--package/firewall/files/lib/core_init.sh4
-rw-r--r--package/firewall/files/lib/fw.sh5
3 files changed, 7 insertions, 4 deletions
diff --git a/package/firewall/Makefile b/package/firewall/Makefile
index 637d0ecccb..57a6e016ab 100644
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=firewall
PKG_VERSION:=2
-PKG_RELEASE:=39
+PKG_RELEASE:=40
include $(INCLUDE_DIR)/package.mk
diff --git a/package/firewall/files/lib/core_init.sh b/package/firewall/files/lib/core_init.sh
index f2cde1c470..a0b095865e 100644
--- a/package/firewall/files/lib/core_init.sh
+++ b/package/firewall/files/lib/core_init.sh
@@ -247,13 +247,13 @@ fw_load_zone() {
for msrc in ${zone_masq_src:-0.0.0.0/0}; do
case "$msrc" in
*.*) fw_get_negation msrc '-s' "$msrc" ;;
- *) fw_get_subnet4 msrc '-s' "$msrc" ;;
+ *) fw_get_subnet4 msrc '-s' "$msrc" || break ;;
esac
for mdst in ${zone_masq_dest:-0.0.0.0/0}; do
case "$mdst" in
*.*) fw_get_negation mdst '-d' "$mdst" ;;
- *) fw_get_subnet4 mdst '-d' "$mdst" ;;
+ *) fw_get_subnet4 mdst '-d' "$mdst" || break ;;
esac
fw add $mode n ${chain}_nat MASQUERADE $ { $msrc $mdst }
diff --git a/package/firewall/files/lib/fw.sh b/package/firewall/files/lib/fw.sh
index 7922d222f8..0814ffc315 100644
--- a/package/firewall/files/lib/fw.sh
+++ b/package/firewall/files/lib/fw.sh
@@ -255,9 +255,12 @@ fw_get_subnet4() {
[ "${_name#!}" != "$_name" ] && \
export -n -- "$_var=! $_flag $_ipaddr/${_netmask:-255.255.255.255}" || \
export -n -- "$_var=$_flag $_ipaddr/${_netmask:-255.255.255.255}"
+ return 0
;;
- *) export -n -- "$_var=" ;;
esac
+
+ export -n -- "$_var="
+ return 1
}
fw_check_icmptype4() {