From ea3d6e08d0a5030313860df6ba4f758b23602d00 Mon Sep 17 00:00:00 2001 From: teastep Date: Fri, 8 Jun 2007 14:55:49 +0000 Subject: [PATCH] Fix another instance of 'match_source_interface()' git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6487 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-perl/Shorewall/Chains.pm | 12 ++++++------ Shorewall-perl/Shorewall/Rules.pm | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm index 4f1353851..093e0cf3f 100644 --- a/Shorewall-perl/Shorewall/Chains.pm +++ b/Shorewall-perl/Shorewall/Chains.pm @@ -235,12 +235,12 @@ our %targets = ('ACCEPT' => STANDARD, # # expand_rule() restrictions # -use constant { NO_RESTRICT => 0, - PREROUTE_RESTRICT => 1, - INPUT_RESTRICT => 4, - OUTPUT_RESTRICT => 8, - POSTROUTE_RESTRICT => 16, - ALL_RESTRICT => 12 +use constant { NO_RESTRICT => 0, # Both -i and -o may be used in the rule + PREROUTE_RESTRICT => 1, # PREROUTING chain rule - -o converted to -d
using main routing table + INPUT_RESTRICT => 4, # INPUT chain rule - -o not allowed + OUTPUT_RESTRICT => 8, # OUTPUT chain rule - -i not allowed + POSTROUTE_RESTRICT => 16, # POSTROUTING chain rule - -i converted to -s
using main routing table + ALL_RESTRICT => 12 # INPUT_RESTRICT + OUTPUT_RESTRICT (fw->fw rule - neither -i nor -o allowed) }; # # Used to sequence 'exclusion' chains with names 'excl0', 'excl1', ... diff --git a/Shorewall-perl/Shorewall/Rules.pm b/Shorewall-perl/Shorewall/Rules.pm index 38072de45..157592dbb 100644 --- a/Shorewall-perl/Shorewall/Rules.pm +++ b/Shorewall-perl/Shorewall/Rules.pm @@ -1428,7 +1428,7 @@ sub generate_matrix() { for my $host ( @$exclusions ) { my ( $interface, $net ) = split /:/, $host; - my $rule = match_source_interface( $interface ) . "-s $net -j RETURN"; + my $rule = match_source_dev( $interface ) . "-s $net -j RETURN"; add_rule $frwd_ref , $rule; add_rule $in_ref , $rule; add_rule $out_ref , $rule;