extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-22 21:48:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct the handling of tcp-reset

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2017-03-07 10:33:51 -08:00
parent f1d1ab6411
commit 8e000b158e
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -369,6 +369,7 @@ sub initialize( $ ) {
'icmp-host-prohibited' => 1,
'icmp-admin-prohibited' => 1,
'icmp-tcp-reset' => 2,
'tcp-reset' => 2,
);
} else {
@ -2717,6 +2718,8 @@ sub process_rule ( $$$$$$$$$$$$$$$$$$$$ ) {
# tcp-reset
#
fatal_error "tcp-reset may only be used with PROTO tcp" unless ( resolve_proto( $proto ) || 0 ) == TCP;
$exceptionrule = '-p 6 ';
$param = 'tcp-reset';
}
$action = "REJECT --reject-with $param";