extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-14 01:28:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix handling or ORIGINAL DEST when CONNTRACK_MATCH is not available

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-08-10 07:12:13 -07:00
parent c923dfdade
commit 8eff66dcfd
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -4786,7 +4786,7 @@ sub expand_rule( $$$$$$$$$$;$ )
if ( $origdest ) {
if ( $origdest eq '-' || ! have_capability( 'CONNTRACK_MATCH' ) ) {
$origdest = '';
$onets = $oexcl = '';
} elsif ( $origdest =~ /^detect:(.*)$/ ) {
#
# Either the filter part of a DNAT rule or 'detect' was given in the ORIG DEST column
@ -4816,7 +4816,7 @@ sub expand_rule( $$$$$$$$$$;$ )
$rule .= "-m conntrack --ctorigdst $variable ";
}
$origdest = '';
$onets = $oexcl = '';
} else {
fatal_error "Invalid ORIGINAL DEST" if $origdest =~ /^([^!]+)?,!([^!]+)$/ || $origdest =~ /.*!.*!/;