Try to fix section bugs

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6275 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-perl/Shorewall/Chains.pm

@@ -539,7 +539,7 @@ sub ensure_filter_chain( $$ )
     if ( $populate and ! $chainref->{referenced} ) {
 	if ( $section eq 'NEW' or $section eq 'DONE' ) {
 	    finish_chain_section $chainref , 'ESTABLISHED,RELATED';
-	} elsif ( $section eq 'ESTABLISHED' ) {
+	} elsif ( $section eq 'RELATED' ) {
 	    finish_chain_section $chainref , 'ESTABLISHED';
 	}
     }
@@ -646,7 +646,7 @@ sub finish_section ( $ ) {
 
     for my $zone ( @zones ) {
 	for my $zone1 ( @zones ) {
-	    my $chainref = $chain_table{'filter'}{"$zone}2${zone1}"};
+	    my $chainref = $chain_table{'filter'}{"${zone}2${zone1}"};
 	    if ( $chainref->{referenced} ) {
 		finish_chain_section $chainref, $sections;
 	    }

Shorewall-perl/Shorewall/Rules.pm

@@ -977,6 +977,7 @@ sub process_rule1 ( $$$$$$$$$$ ) {
     #
     $rule = join( '', do_proto($proto, $ports, $sports), do_ratelimit( $ratelimit, $basictarget ) , do_user( $user ) , do_test( $mark , 0xFF ) );
 
+    $rule .= "-m state --state $section " if $section eq 'ESTABLISHED' || $section eq 'RELATED';
     #
     # Generate NAT rule(s), if any
     #
@@ -1277,10 +1278,10 @@ sub process_rules() {
 	    $sectioned = 1;
 	    $sections{$source} = 1;
 
-	    if ( $section eq 'RELATED' ) {
+	    if ( $source eq 'RELATED' ) {
 		$sections{ESTABLISHED} = 1;
 		finish_section 'ESTABLISHED';
-	    } elsif ( $section eq 'NEW' ) {
+	    } elsif ( $source eq 'NEW' ) {
 		@sections{'ESTABLISHED','RELATED'} = ( 1, 1 );
 		finish_section ( ( $section eq 'RELATED' ) ? 'RELATED' : 'ESTABLISHED,RELATED' );
 	    }