extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-18 20:30:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Eliminate superfluous ESTABLISHED,RELATED rule

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2013-01-22 16:17:19 -08:00
parent 8fe36422b5
commit 7fe2027229
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -865,7 +865,7 @@ sub finish_chain_section ($$$) {
my $save_comment = push_comment; my $save_comment = push_comment;
my $relatedchain = $chainref->{name} =~ /^\+/; my $relatedchain = $chainref->{name} =~ /^\+/;
if ( $state =~ /RELATED/ && ( $related_level || $related_target ne 'ACCEPT' ) ) { if ( $state =~ /RELATED/ && ( $relatedchain || $related_level || $related_target ne 'ACCEPT' ) ) {
if ( $related_level ) { if ( $related_level ) {
my $relatedref; my $relatedref;
@ -879,7 +879,7 @@ sub finish_chain_section ($$$) {
log_rule( $related_level, log_rule( $related_level,
$relatedref, $relatedref,
$config{RELATED_DISPOSITION}, $config{RELATED_DISPOSITION},
'' ); '' ) if $related_level;
$related_target = ensure_audit_chain( $related_target ) if ( $targets{$related_target} || 0 ) & AUDIT; $related_target = ensure_audit_chain( $related_target ) if ( $targets{$related_target} || 0 ) & AUDIT;
@ -945,7 +945,7 @@ sub finish_section ( $ ) {
for my $zone ( all_zones ) { for my $zone ( all_zones ) {
for my $zone1 ( all_zones ) { for my $zone1 ( all_zones ) {
my $chainref = $filter_table->{$function->( $zone, $zone1 ) }; my $chainref = $filter_table->{$function->( $zone, $zone1 )};
my $chain1ref = $filter_table->{rules_chain( $zone, $zone1 )}; my $chain1ref = $filter_table->{rules_chain( $zone, $zone1 )};
finish_chain_section $chainref || $chain1ref, $chain1ref, $sections if $chain1ref->{referenced}; finish_chain_section $chainref || $chain1ref, $chain1ref, $sections if $chain1ref->{referenced};
} }