extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-21 02:08:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

Don't ACCEPT untracked packets unless UNTRACKED_DISPOSITION=ACCEPT

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2013-02-09 09:15:05 -08:00
parent eaa6d72a4f
commit a4297381e9
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -973,7 +973,7 @@ sub finish_chain_section ($$$) {
} }
} }
push @state, 'UNTRACKED' if $state{UNTRACKED}; push( @state, 'UNTRACKED' ),if $state{UNTRACKED} && $globals{UNTRACKED_TARGET} eq 'ACCEPT';
add_ijump( $chain1ref, j => 'ACCEPT', state_imatch join(',', @state ) ) if @state; add_ijump( $chain1ref, j => 'ACCEPT', state_imatch join(',', @state ) ) if @state;
} }