extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-20 20:48:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

More rule processing fixes

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@657 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2003-07-14 19:51:25 +00:00
parent 31f6e580e4
commit 528c7b549a
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Shorewall/firewall
View File

@ -1900,11 +1900,14 @@ add_nat_rule() {
log_rule $loglevel $chain $logtarget -t nat log_rule $loglevel $chain $logtarget -t nat
fi fi
addnatrule $chain $proto -j $target1 addnatrule $chain $proto -j $target1 # Protocol is necessary for port redirection
else else
for adr in `separate_list $addr`; do for adr in `separate_list $addr`; do
run_iptables2 -t nat -A OUTPUT $proto $sports -d `fix_bang $adr` \ if [ -n "$loglevel" ]; then
$multiport $dports -j $target1 log_rule $loglevel $OUTPUT $logtarget -t nat \
`fix_bang $proto $cli $sports -d $adr $multiport $dports`
fi
run_iptables2 -t nat -A OUTPUT $proto $sports -d $adr $multiport $dports -j $target1
done done
fi fi
else else
@ -1916,7 +1919,7 @@ add_nat_rule() {
createnatchain $chain createnatchain $chain
for adr in `separate_list $addr`; do for adr in `separate_list $addr`; do
addnatrule `dnat_chain $source` $cli $proto $multiport $sports $dports -d `fix_bang $adr` -j $chain addnatrule `dnat_chain $source` $cli $proto $multiport $sports $dports -d $adr -j $chain
done done
for z in $excludezones; do for z in $excludezones; do
@ -1934,7 +1937,7 @@ add_nat_rule() {
log_rule $loglevel $chain $logtarget -t nat log_rule $loglevel $chain $logtarget -t nat
fi fi
addnatrule $chain $proto -j $target1 addnatrule $chain $proto -j $target1 # Protocol is necessary for port redirection
else else
for adr in `separate_list $addr`; do for adr in `separate_list $addr`; do
if [ -n "$loglevel" ]; then if [ -n "$loglevel" ]; then