extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-14 19:54:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Revise addressless bridge change

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-04-27 15:23:38 -07:00
parent 013567496c
commit 2c1cede54e
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -1694,7 +1694,7 @@ sub add_interface_jumps {
my $outputref = $filter_table->{output_chain $interface}; my $outputref = $filter_table->{output_chain $interface};
my $interfaceref = find_interface($interface); my $interfaceref = find_interface($interface);
add_rule ( $filter_table->{FORWARD}, match_source_dev( $interface) . match_dest_dev( $interface) . '-j ACCEPT' ) unless $interfaceref->{nets} || ! $interfaceref->{options}{routeback}; add_rule ( $filter_table->{FORWARD}, match_source_dev( $interface) . match_dest_dev( $interface) . '-j ACCEPT' ) unless $interfaceref->{nets} || ! $interfaceref->{options}{bridge};
add_jump( $filter_table->{FORWARD} , $forwardref , 0, match_source_dev( $interface ) ) unless $forward_jump_added{$interface} || ! use_forward_chain $interface, $forwardref; add_jump( $filter_table->{FORWARD} , $forwardref , 0, match_source_dev( $interface ) ) unless $forward_jump_added{$interface} || ! use_forward_chain $interface, $forwardref;
add_jump( $filter_table->{INPUT} , $inputref , 0, match_source_dev( $interface ) ) unless $input_jump_added{$interface} || ! use_input_chain $interface, $inputref; add_jump( $filter_table->{INPUT} , $inputref , 0, match_source_dev( $interface ) ) unless $input_jump_added{$interface} || ! use_input_chain $interface, $inputref;

6
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -223,7 +223,7 @@ sub initialize( $ ) {
nosmurfs => SIMPLE_IF_OPTION + IF_OPTION_HOST, nosmurfs => SIMPLE_IF_OPTION + IF_OPTION_HOST,
optional => SIMPLE_IF_OPTION, optional => SIMPLE_IF_OPTION,
proxyarp => BINARY_IF_OPTION, proxyarp => BINARY_IF_OPTION,
routeback => SIMPLE_IF_OPTION + IF_OPTION_HOST, routeback => SIMPLE_IF_OPTION + IF_OPTION_ZONEONLY + IF_OPTION_HOST,
routefilter => NUMERIC_IF_OPTION , routefilter => NUMERIC_IF_OPTION ,
sourceroute => BINARY_IF_OPTION, sourceroute => BINARY_IF_OPTION,
tcpflags => SIMPLE_IF_OPTION + IF_OPTION_HOST, tcpflags => SIMPLE_IF_OPTION + IF_OPTION_HOST,
@ -251,7 +251,7 @@ sub initialize( $ ) {
nosmurfs => SIMPLE_IF_OPTION + IF_OPTION_HOST, nosmurfs => SIMPLE_IF_OPTION + IF_OPTION_HOST,
optional => SIMPLE_IF_OPTION, optional => SIMPLE_IF_OPTION,
proxyndp => BINARY_IF_OPTION, proxyndp => BINARY_IF_OPTION,
routeback => SIMPLE_IF_OPTION + IF_OPTION_HOST, routeback => SIMPLE_IF_OPTION + IF_OPTION_ZONEONLY + IF_OPTION_HOST,
sourceroute => BINARY_IF_OPTION, sourceroute => BINARY_IF_OPTION,
tcpflags => SIMPLE_IF_OPTION + IF_OPTION_HOST, tcpflags => SIMPLE_IF_OPTION + IF_OPTION_HOST,
mss => NUMERIC_IF_OPTION, mss => NUMERIC_IF_OPTION,
@ -663,7 +663,7 @@ sub add_group_to_zone($$$$$)
push @$new, $host; push @$new, $host;
} }
$zoneref->{options}{in_out}{routeback} = 1 if $options->{routeback} || $interfaces{$interface}{options}{routeback}; $zoneref->{options}{in_out}{routeback} = 1 if $options->{routeback};
my $gtype = $type == IPSEC ? 'ipsec' : 'ip'; my $gtype = $type == IPSEC ? 'ipsec' : 'ip';

2
Shorewall/releasenotes.txt
View File

@ -383,7 +383,7 @@ None.
/etc/shorewall/interfaces: /etc/shorewall/interfaces:
#ZONE INTERFACE BROADCAST OPTIONS #ZONE INTERFACE BROADCAST OPTIONS
- br0 - routeback - br0 - bridge
---------------------------------------------------------------------------- ----------------------------------------------------------------------------