Don't generate redundant ACCEPT rules for DNAT/REDIRECT/SAME

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2456 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2025-06-14 21:56:52 +02:00 · 2005-08-05 14:13:45 +00:00 · 2005-08-05 14:13:45 +00:00 · bba152b119
commit bba152b119
parent 111bdded1c
2 changed files with 6 additions and 0 deletions
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@ -8,6 +8,10 @@ Changes in 2.5.1
 4) Fix Makefile (compare to restore-base rather than restarted).
 5) Add "all+"
 6) Don't generate redundant ACCEPT rules for DNAT/REDIRECT/SAME
 Changes in 2.5.1ex/2.5.0
 1) Clean up handling of zones
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@ -4763,6 +4763,7 @@ add_nat_rule() {
 #    userandgroup= -m owner clause
 #    userspec    = User name
 #    logtag      = Log tag
 #    policy      = Applicable Policy
 #
 add_a_rule()
 {
@ -4915,6 +4916,7 @@ add_a_rule()
 	    if [ -n "$natrule" ]; then
 		add_nat_rule
 		[ $policy = ACCEPT ] && return
 	    elif [ -n "$servport" -a "$servport" != "$port" ]; then
 		fatal_error "Only DNAT, SAME and REDIRECT rules may specify destination port mapping; rule \"$rule\""
 	    fi