extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-03-05 10:02:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow COMMENT, SAVE and RESTORE to work correctly in secmarks

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-09-05 08:17:58 -07:00
parent 629290259d
commit 23e94e136c
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -1373,7 +1373,12 @@ sub setup_traffic_shaping() {
# Process a record in the secmarks file # Process a record in the secmarks file
# #
sub process_secmark_rule() { sub process_secmark_rule() {
my ( $secmark, $chain, $source, $dest, $proto, $dport, $sport, $mark ) = split_line( 2, 8 , 'Secmarks file' ); my ( $secmark, $chain, $source, $dest, $proto, $dport, $sport, $mark ) = split_line1( 2, 8 , 'Secmarks file' );
if ( $secmark eq 'COMMENT' ) {
process_comment;
return;
}
my %chns = ( T => 'tcpost' , my %chns = ( T => 'tcpost' ,
P => 'tcpre' , P => 'tcpre' ,
@ -1385,8 +1390,8 @@ sub process_secmark_rule() {
fatal_error "Invalid or missing CHAIN ( $chain )" unless $chain1; fatal_error "Invalid or missing CHAIN ( $chain )" unless $chain1;
my $target = $mark eq 'SAVE' ? 'CONNSECMARK --save' : my $target = $secmark eq 'SAVE' ? 'CONNSECMARK --save' :
$mark eq 'RESTORE' ? 'CONNSECMARK --restore' : $secmark eq 'RESTORE' ? 'CONNSECMARK --restore' :
"SECMARK --selctx $secmark"; "SECMARK --selctx $secmark";
my $disposition = $target; my $disposition = $target;