extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-02-18 10:40:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move adjustment of the protocol in process_conntrack_rule()

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2017-12-29 13:51:33 -08:00
parent b42678269c
commit 46f68c6dcb
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Shorewall/Perl/Shorewall/Raw.pm
View File

@ -91,7 +91,7 @@ sub process_conntrack_rule( $$$$$$$$$$ ) {
my $disposition = $action; my $disposition = $action;
my $exception_rule = ''; my $exception_rule = '';
my $rule = do_proto( $proto, $ports, $sports ) . do_user ( $user ) . do_condition( $switch , $chainref->{name} );
my $level = ''; my $level = '';
if ( $action =~ /^(?:NFLOG|ULOG)/ ) { if ( $action =~ /^(?:NFLOG|ULOG)/ ) {
@ -138,6 +138,8 @@ sub process_conntrack_rule( $$$$$$$$$$ ) {
require_capability 'CT_TARGET', 'CT entries in the conntrack file', ''; require_capability 'CT_TARGET', 'CT entries in the conntrack file', '';
$proto = TCP . ':syn' if $proto !~ /:syn$/ && resolve_proto( $proto ) == TCP;
if ( $option eq 'notrack' ) { if ( $option eq 'notrack' ) {
fatal_error "Invalid conntrack ACTION ( $action )" if supplied $args; fatal_error "Invalid conntrack ACTION ( $action )" if supplied $args;
$action = 'CT --notrack'; $action = 'CT --notrack';
@ -199,7 +201,9 @@ sub process_conntrack_rule( $$$$$$$$$$ ) {
expand_rule( $chainref , expand_rule( $chainref ,
$restriction , $restriction ,
'', '',
$rule, do_proto( $proto, $ports, $sports ) .
do_user ( $user ) .
do_condition( $switch , $chainref->{name} ),
$source , $source ,
$dest , $dest ,
'' , '' ,