From e13b9d634ed46f281cc28156f27364a63b2fd127 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Tue, 20 Mar 2007 01:39:16 +0000
Subject: [PATCH] Fix Limit problem

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5591 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 New/Shorewall/Actions.pm | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/New/Shorewall/Actions.pm b/New/Shorewall/Actions.pm
index 6b2154e62..a2946b341 100644
--- a/New/Shorewall/Actions.pm
+++ b/New/Shorewall/Actions.pm
@@ -590,6 +590,8 @@ sub process_actions3 () {
 	
 	my @tag = split /,/, $tag;
 	
+	my $count = $tag[1] + 1;
+	
 	fatal_error 'Limit rules must include <set name>,<max connections>,<interval> as the log tag' unless @tag == 3;
 	
 	add_rule $chainref, '-m recent --name $tag[0] --set';
@@ -598,9 +600,9 @@ sub process_actions3 () {
 	    my $xchainref = new_chain 'filter' , "$chainref->{name}%";
 	    log_rule_limit $level, $xchainref, $tag[0], 'DROP', '', '', 'add', '';
 	    add_rule $xchainref, '-j DROP';
-	    add_rule $chainref,  "-m recent --name $tag[0] --update --seconds $tag[2] --hitcount $(( $tag[1] + 1 )) -j $chainref->{name}%";
+	    add_rule $chainref,  "-m recent --name $tag[0] --update --seconds $tag[2] --hitcount $count -j $chainref->{name}%";
 	} else {
-	    add_rule $chainref, "-m recent --update --name $tag[0] --seconds $tag[2] --hitcount $(( $tag[1] + 1 )) -j DROP";
+	    add_rule $chainref, "-m recent --update --name $tag[0] --seconds $tag[2] --hitcount $count -j DROP";
 	}
 	
 	add_rule $chainref, '-j ACCEPT';