diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2010-09-28 11:38:31 +0000 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2010-09-28 11:38:31 +0000 |
commit | 7e3379391f7685ed4c94c56642746bf1fce896d2 (patch) | |
tree | c52c2261450f05f844fe045594c90b074fef22a2 /package/firewall | |
parent | 96be565c54dfee0b6116f89b8e365a8020f10525 (diff) | |
download | upstream-7e3379391f7685ed4c94c56642746bf1fce896d2.tar.gz upstream-7e3379391f7685ed4c94c56642746bf1fce896d2.tar.bz2 upstream-7e3379391f7685ed4c94c56642746bf1fce896d2.zip |
[package] firewall: fix chain selection logic, option dest must be ignored for notrack targets
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@23143 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/firewall')
-rw-r--r-- | package/firewall/files/lib/core_rule.sh | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/package/firewall/files/lib/core_rule.sh b/package/firewall/files/lib/core_rule.sh index dbaf1102e9..a0de3ba8bb 100644 --- a/package/firewall/files/lib/core_rule.sh +++ b/package/firewall/files/lib/core_rule.sh @@ -36,16 +36,15 @@ fw_load_rule() { local table=f local chain=input - if [ "$rule_target" == "NOTRACK" ]; then + local target="${rule_target:-REJECT}" + if [ "$target" == "NOTRACK" ]; then table=r chain="zone_${rule_src}_notrack" - elif [ -n "$rule_src" ]; then - chain="zone_${rule_src}${rule_dest:+_forward}" + else + [ -n "$rule_src" ] && chain="zone_${rule_src}${rule_dest:+_forward}" + [ -n "$rule_dest" ] && target="zone_${rule_dest}_${target}" fi - local target="${rule_target:-REJECT}" - [ -n "$dest" ] && target="zone_${rule_dest}_${target}" - local mode fw_get_family_mode mode ${rule_family:-x} $rule_src I |