mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-23 06:38:53 +01:00
Corrections to dropBcast/allowBcast
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
bd1d7d6f92
commit
1536ff4b92
@ -1180,13 +1180,13 @@ sub dropBcast( $$$$ ) {
|
|||||||
add_jump $chainref, $target, 0, "-d \$address ";
|
add_jump $chainref, $target, 0, "-d \$address ";
|
||||||
decr_cmd_level $chainref;
|
decr_cmd_level $chainref;
|
||||||
add_commands $chainref, 'done';
|
add_commands $chainref, 'done';
|
||||||
|
|
||||||
log_rule_limit $level, $chainref, 'dropBcast' , 'DROP', '', $tag, 'add', ' -d 224.0.0.0/4 ' if $level ne '';
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( $family == F_IPV4 ) {
|
if ( $family == F_IPV4 ) {
|
||||||
|
log_rule_limit $level, $chainref, 'dropBcast' , 'DROP', '', $tag, 'add', ' -d 224.0.0.0/4 ' if $level ne '';
|
||||||
add_jump $chainref, $target, 0, "-d 224.0.0.0/4 ";
|
add_jump $chainref, $target, 0, "-d 224.0.0.0/4 ";
|
||||||
} else {
|
} else {
|
||||||
|
log_rule_limit $level, $chainref, 'dropBcast' , 'DROP', '', $tag, 'add', join( ' ', ' -d' , IPv6_MULTICAST . ' ' ) if $level ne '';
|
||||||
add_jump $chainref, $target, 0, join( ' ', '-d', IPv6_MULTICAST . ' ' );
|
add_jump $chainref, $target, 0, join( ' ', '-d', IPv6_MULTICAST . ' ' );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1203,7 +1203,6 @@ sub allowBcast( $$$$ ) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
add_jump $chainref, $target, 0, "-m addrtype --dst-type BROADCAST ";
|
add_jump $chainref, $target, 0, "-m addrtype --dst-type BROADCAST ";
|
||||||
add_jump $chainref, $target, 0, "-d 224.0.0.0/4 ";
|
|
||||||
} else {
|
} else {
|
||||||
if ( $family == F_IPV4 ) {
|
if ( $family == F_IPV4 ) {
|
||||||
add_commands $chainref, 'for address in $ALL_BCASTS; do';
|
add_commands $chainref, 'for address in $ALL_BCASTS; do';
|
||||||
@ -1216,14 +1215,14 @@ sub allowBcast( $$$$ ) {
|
|||||||
add_rule $chainref, "-d \$address -j $target";
|
add_rule $chainref, "-d \$address -j $target";
|
||||||
decr_cmd_level $chainref;
|
decr_cmd_level $chainref;
|
||||||
add_commands $chainref, 'done';
|
add_commands $chainref, 'done';
|
||||||
|
}
|
||||||
|
|
||||||
if ( $family == F_IPV4 ) {
|
if ( $family == F_IPV4 ) {
|
||||||
log_rule_limit $level, $chainref, 'allowBcast' , 'ACCEPT', '', $tag, 'add', ' -d 224.0.0.0/4 ' if $level ne '';
|
log_rule_limit $level, $chainref, 'allowBcast' , 'ACCEPT', '', $tag, 'add', ' -d 224.0.0.0/4 ' if $level ne '';
|
||||||
add_jump $chainref, $target, 0, "-d 224.0.0.0/4 ";
|
add_jump $chainref, $target, 0, "-d 224.0.0.0/4 ";
|
||||||
} else {
|
} else {
|
||||||
log_rule_limit $level, $chainref, 'allowBcast' , 'ACCEPT', '', $tag, 'add', ' -d ' . IPv6_MULTICAST . ' ' if $level ne '';
|
log_rule_limit $level, $chainref, 'allowBcast' , 'ACCEPT', '', $tag, 'add', ' -d ' . IPv6_MULTICAST . ' ' if $level ne '';
|
||||||
add_jump $chainref, $target, 0, join ( ' ', '-d', IPv6_MULTICAST, ' ' );
|
add_jump $chainref, $target, 0, join ( ' ', '-d', IPv6_MULTICAST . ' ' );
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user