diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2010-09-28 10:42:56 +0000 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2010-09-28 10:42:56 +0000 |
commit | 5baf4fe290301a7ac39a3a82df4e91446c6d726d (patch) | |
tree | a8f19e30a4a00e6b6a45cd471ea002d4d982a7ed /package/firewall/files/lib/core_init.sh | |
parent | 4ce9fd34457db66ad031c6f91c6cb993fc3b6bbc (diff) | |
download | upstream-5baf4fe290301a7ac39a3a82df4e91446c6d726d.tar.gz upstream-5baf4fe290301a7ac39a3a82df4e91446c6d726d.tar.bz2 upstream-5baf4fe290301a7ac39a3a82df4e91446c6d726d.zip |
[package] fireall:
- support negations for src_ip, dest_ip, src_dip options in rules and redirects
- add NOTRACK target to rule sections, allows to define fine grained notrack rules
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@23141 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/firewall/files/lib/core_init.sh')
-rw-r--r-- | package/firewall/files/lib/core_init.sh | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/package/firewall/files/lib/core_init.sh b/package/firewall/files/lib/core_init.sh index 56e19b7b86..c7e41e7ff7 100644 --- a/package/firewall/files/lib/core_init.sh +++ b/package/firewall/files/lib/core_init.sh @@ -245,9 +245,9 @@ fw_load_zone() { if [ "$zone_masq" == 1 ]; then local msrc mdst for msrc in ${zone_masq_src:-0.0.0.0/0}; do - [ "${msrc#!}" != "$msrc" ] && msrc="! -s ${msrc#!}" || msrc="-s $msrc" + fw_get_negation msrc '-s' "$msrc" for mdst in ${zone_masq_dest:-0.0.0.0/0}; do - [ "${mdst#!}" != "$mdst" ] && mdst="! -d ${mdst#!}" || mdst="-d $mdst" + fw_get_negation mdst '-d' "$mdst" fw add $mode n ${chain}_nat MASQUERADE $ { $msrc $mdst } done done |