firewall: - notrack support was broken in multiple ways, fix it - also consider a zone conntracked if any redirect references it (#7196)

SVN-Revision: 22215
author: Jo-Philipp Wich <jow@openwrt.org> 2010-07-15 22:01:48 +0000
committer: Jo-Philipp Wich <jow@openwrt.org> 2010-07-15 22:01:48 +0000
commit: f8fa598bf461ccdbd0fc6ddb5a61561b9197fed9 (patch)
tree: 95d659c7a91a27f078c3377ced629ccfb13965ff /package/firewall/files/lib/core_redirect.sh
parent: 1ca67cba7f84855f06b41541c21ff6ab8eaf5246 (diff)
download: upstream-f8fa598bf461ccdbd0fc6ddb5a61561b9197fed9.tar.gz
upstream-f8fa598bf461ccdbd0fc6ddb5a61561b9197fed9.tar.bz2
upstream-f8fa598bf461ccdbd0fc6ddb5a61561b9197fed9.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/package/firewall/files/lib/core_redirect.sh b/package/firewall/files/lib/core_redirect.sh
index 87f584e37b..b51f79390a 100644
--- a/package/firewall/files/lib/core_redirect.sh
+++ b/package/firewall/files/lib/core_redirect.sh
@@ -30,6 +30,9 @@ fw_load_redirect() {
 		fw_die "redirect ${redirect_name}: needs src and dest_ip"
 	}
 
+	list_contains FW_CONNTRACK_ZONES $redirect_src || \
+		append FW_CONNTRACK_ZONES $redirect_src
+
 	local mode=$(fw_get_family_mode ${redirect_family:-x} $redirect_src I)
 
 	local nat_dest_port=$redirect_dest_port
author	Jo-Philipp Wich <jow@openwrt.org>	2010-07-15 22:01:48 +0000
committer	Jo-Philipp Wich <jow@openwrt.org>	2010-07-15 22:01:48 +0000
commit	f8fa598bf461ccdbd0fc6ddb5a61561b9197fed9 (patch)
tree	95d659c7a91a27f078c3377ced629ccfb13965ff /package/firewall/files/lib/core_redirect.sh
parent	1ca67cba7f84855f06b41541c21ff6ab8eaf5246 (diff)
download	upstream-f8fa598bf461ccdbd0fc6ddb5a61561b9197fed9.tar.gz upstream-f8fa598bf461ccdbd0fc6ddb5a61561b9197fed9.tar.bz2 upstream-f8fa598bf461ccdbd0fc6ddb5a61561b9197fed9.zip