extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-05-30 06:28:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix rule generation for '- <interface>' entries in /etc/shorewall/interfaces

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8282 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-03-12 22:34:21 +00:00
parent 846f251825
commit 10e2cb3751
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Shorewall-perl/Shorewall/Chains.pm
View File

@ -569,7 +569,7 @@ sub use_forward_chain($) {
# #
# We must use the interfaces's chain if the interface is associated with multiple zone nets # We must use the interfaces's chain if the interface is associated with multiple zone nets
# #
$interfaceref->{nets} != 1; $interfaceref->{nets} > 1;
} }
# #
@ -593,10 +593,15 @@ sub zone_input_chain($) {
sub use_input_chain($) { sub use_input_chain($) {
my $interface = $_[0]; my $interface = $_[0];
my $interfaceref = find_interface($interface); my $interfaceref = find_interface($interface);
my $nets = $interfaceref->{nets};
# #
# We must use the interfaces's chain if the interface is associated with multiple zone nets # We must use the interfaces's chain if the interface is associated with multiple zone nets
# #
return 1 if $interfaceref->{nets} != 1; return 1 if $nets > 1;
#
# Don't need it if it isn't associated with any zone
#
return 0 unless $nets;
# #
# Interface associated with a single zone -- use the zone's input chain if it has one # Interface associated with a single zone -- use the zone's input chain if it has one
# #
@ -632,10 +637,15 @@ sub zone_output_chain($) {
sub use_output_chain($) { sub use_output_chain($) {
my $interface = $_[0]; my $interface = $_[0];
my $interfaceref = find_interface($interface); my $interfaceref = find_interface($interface);
my $nets = $interfaceref->{nets};
# #
# We must use the interfaces's chain if the interface is associated with multiple zone nets # We must use the interfaces's chain if the interface is associated with multiple zone nets
# #
return 1 if $interfaceref->{nets} != 1; return 1 if $nets > 1;
#
# Don't need it if it isn't associated with any zone
#
return 0 unless $nets;
# #
# Interface associated with a single zone -- use the zone's output chain if it has one # Interface associated with a single zone -- use the zone's output chain if it has one
# #