diff --git a/Shorewall-perl/Shorewall/Rules.pm b/Shorewall-perl/Shorewall/Rules.pm index a9f242376..90bc8ea8c 100644 --- a/Shorewall-perl/Shorewall/Rules.pm +++ b/Shorewall-perl/Shorewall/Rules.pm @@ -1209,6 +1209,8 @@ sub process_rule1 ( $$$$$$$$$$$ ) { # fatal_error "Invalid DEST ($dest) in $action rule" if $dest =~ /:/; + $sourceref->{options}{nested} = 1; + $origdest = '' unless $origdest and $origdest ne '-'; if ( $origdest eq 'detect' ) { @@ -1598,8 +1600,9 @@ sub generate_matrix() { add_rule $preroutingref, $_ for ( @returnstack ); @returnstack = (); add_rule $preroutingref, join( '', match_source_dev( $interface), $source, $ipsec_in_match, '-j ', $chainref->{name} ); - push @returnstack, join( '', match_source_dev( $interface), $source, $ipsec_in_match, '-j RETURN' ) if $zoneref->{options}{nested}; } + + push @returnstack, join( '', match_source_dev( $interface), $source, $ipsec_in_match, '-j RETURN' ) if $zoneref->{options}{nested}; if ( $chain2 ) { if ( @$exclusions ) { diff --git a/Shorewall-perl/Shorewall/Zones.pm b/Shorewall-perl/Shorewall/Zones.pm index 96cefe971..4c34c07a2 100644 --- a/Shorewall-perl/Shorewall/Zones.pm +++ b/Shorewall-perl/Shorewall/Zones.pm @@ -299,7 +299,7 @@ sub determine_zones() in => parse_zone_option_list( $in_options || '', $type ) , out => parse_zone_option_list( $out_options || '', $type ) , complex => ($type eq 'ipsec4' || $options || $in_options || $out_options ? 1 : 0) , - nested => @parents > 0 } , + nested => 0 } , interfaces => {} , children => [] , hosts => {} diff --git a/tools/web/publish b/tools/web/publish index ade770dec..bc98b20b5 100755 --- a/tools/web/publish +++ b/tools/web/publish @@ -1,7 +1,7 @@ #!/bin/sh #STYLESHEET=/home/teastep/Shorewall/docbook-xsl-1.62.4//xhtml/docbook.xsl -STYLESHEET=/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl +STYLESHEET=/usr/share/xml/docbook/stylesheet/nwalsh/current/xhtml/docbook.xsl WEBSITE=/home/teastep/Shorewall/Website HTMFILES=" 6to4.htm