From bcea92a6076bea9e34257282d577b64e867dc7b1 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Mon, 19 Aug 2002 17:33:22 +0000
Subject: [PATCH] Work around iptables 1.2.7 bugs

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@204 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/firewall | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/Shorewall/firewall b/Shorewall/firewall
index 4ab6c522e..f9d786401 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -2787,7 +2787,8 @@ add_common_rules() {
 	    logoptions="$LOGPARAMS --log-prefix Shorewall:badpkt:DROP:"
 	    logoptions="$logoptions --log-level $LOGUNCLEAN --log-ip-options"
 	    run_iptables -A badpkt -p tcp -j LOG $logoptions --log-tcp-options
-	    run_iptables -A badpkt -p !tcp -j LOG $logoptions
+	    run_iptables -A logpkt -p tcp -j DROP # Workaround for iptables 1.2.7
+	    run_iptables -A badpkt -j LOG $logoptions
 	fi
 
 	run_iptables -A badpkt -j DROP
@@ -2812,7 +2813,8 @@ add_common_rules() {
 	logoptions="$LOGPARAMS --log-prefix Shorewall:logpkt:LOG:"
 	logoptions="$logoptions --log-level $LOGUNCLEAN --log-ip-options"
 	run_iptables -A logpkt -p tcp -j LOG $logoptions --log-tcp-options
-	run_iptables -A logpkt -p !tcp -j LOG $logoptions
+	run_iptables -A logpkt -p tcp -j RETURN # Workaround for iptables 1.2.7
+	run_iptables -A logpkt -j LOG $logoptions
 
 	echo "Mangled/Invalid Packet Logging enabled on:"