More tweaks to DNAT/REDIRECT thingy

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8052 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-perl/Shorewall/Rules.pm

@@ -1209,6 +1209,8 @@ sub process_rule1 ( $$$$$$$$$$$ ) {
 	#
 	fatal_error "Invalid DEST ($dest) in $action rule" if $dest =~ /:/;
 
+	$sourceref->{options}{nested} = 1;
+
 	$origdest = '' unless $origdest and $origdest ne '-';
 
 	if ( $origdest eq 'detect' ) {
@@ -1598,9 +1600,10 @@ sub generate_matrix() {
 			    add_rule $preroutingref, $_ for ( @returnstack );
 			    @returnstack = ();
 			    add_rule $preroutingref, join( '', match_source_dev( $interface), $source, $ipsec_in_match, '-j ', $chainref->{name} );
-			    push @returnstack, join( '', match_source_dev( $interface), $source, $ipsec_in_match, '-j RETURN' ) if $zoneref->{options}{nested};
 			}
 			
+			push @returnstack, join( '', match_source_dev( $interface), $source, $ipsec_in_match, '-j RETURN' ) if $zoneref->{options}{nested};
+
 			if ( $chain2 ) {
 			    if ( @$exclusions ) {
 				add_rule $filter_table->{input_chain $interface}, join( '', $source, $ipsec_in_match, "-j ${zone}_input" );

Shorewall-perl/Shorewall/Zones.pm

@@ -299,7 +299,7 @@ sub determine_zones()
 					  in      => parse_zone_option_list( $in_options || '', $type ) ,
 					  out     => parse_zone_option_list( $out_options || '', $type ) ,
 					  complex => ($type eq 'ipsec4' || $options || $in_options || $out_options ? 1 : 0) ,
-					  nested  => @parents > 0 } ,
+					  nested  => 0 } ,
 			  interfaces => {} ,
 			  children   => [] ,
 			  hosts      => {}

tools/web/publish

@@ -1,7 +1,7 @@
 #!/bin/sh
 
 #STYLESHEET=/home/teastep/Shorewall/docbook-xsl-1.62.4//xhtml/docbook.xsl
-STYLESHEET=/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl
+STYLESHEET=/usr/share/xml/docbook/stylesheet/nwalsh/current/xhtml/docbook.xsl
 WEBSITE=/home/teastep/Shorewall/Website
 HTMFILES="
     6to4.htm