extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-13 09:08:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Another correction to the 'CT' target

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-12-18 07:21:32 -08:00
parent a80b46be81
commit c00068e08d
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Shorewall/Perl/Shorewall/Raw.pm
View File

@ -60,6 +60,7 @@ sub process_notrack_rule( $$$$$$$ ) {
my $rule = do_proto( $proto, $ports, $sports ) . do_user ( $user ); my $rule = do_proto( $proto, $ports, $sports ) . do_user ( $user );
my $target = $action; my $target = $action;
my $exception_rule = '';
unless ( $action eq 'NOTRACK' ) { unless ( $action eq 'NOTRACK' ) {
( $target, my ( $option, $args, $junk ) ) = split ':', $action, 4; ( $target, my ( $option, $args, $junk ) ) = split ':', $action, 4;
@ -76,8 +77,10 @@ sub process_notrack_rule( $$$$$$$ ) {
if ( $option eq 'helper' ) { if ( $option eq 'helper' ) {
fatal_error "Invalid helper' ($args)" if $args =~ /,/; fatal_error "Invalid helper' ($args)" if $args =~ /,/;
fatal_error "A protocol and destination port are required in CT:helper rules" if $ports eq '-';
do_helper( $args ); do_helper( $args );
$action = "CT --helper $args"; $action = "CT --helper $args";
$exception_rule = do_proto( $proto, '-', '-' );
} elsif ( $option eq 'ctevents' ) { } elsif ( $option eq 'ctevents' ) {
for ( split ',', $args ) { for ( split ',', $args ) {
fatal_error "Invalid 'ctevents' event ($_)" unless $valid_ctevent{$_}; fatal_error "Invalid 'ctevents' event ($_)" unless $valid_ctevent{$_};
@ -104,7 +107,7 @@ sub process_notrack_rule( $$$$$$$ ) {
$action , $action ,
'' , '' ,
$target , $target ,
'' ; $exception_rule ;
progress_message " Notrack rule \"$currentline\" $done"; progress_message " Notrack rule \"$currentline\" $done";