From fa2746d469f89cd4f8950ad118e5d6189057fdb4 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Wed, 8 Jun 2011 09:40:28 -0700
Subject: [PATCH] Apply sfilter to INPUT as well as FORWARD

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Misc.pm | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm
index 8394c0e4c..4f580e514 100644
--- a/Shorewall/Perl/Shorewall/Misc.pm
+++ b/Shorewall/Perl/Shorewall/Misc.pm
@@ -476,6 +476,7 @@ sub setup_mss();
 sub add_common_rules() {
     my $interface;
     my $chainref;
+    my $chainref1;
     my $target;
     my $rule;
     my $list;
@@ -528,9 +529,13 @@ sub add_common_rules() {
 	    my @filters = @{$interfaceref->{filter}};
 	
 	    $chainref = $filter_table->{forward_chain $interface};
+	    $chainref1 = $filter_table->{input_chain $interface};
 	
 	    if ( @filters ) {
-		add_jump( $chainref , $target, 1, match_source_net( $_ ) ), $chainref->{filtered}++ for @filters;
+		for ( @filters ) {
+		    add_jump( $chainref  , $target, 1, match_source_net( $_ ) ), $chainref->{filtered}++;
+		    add_jump( $chainref1 , $target, 1, match_source_net( $_ ) ), $chainref1->{filtered}++;
+		}
 	    } elsif ( $interfaceref->{bridge} eq $interface ) {
 		add_jump( $chainref , $target, 1, match_dest_dev( $interface ) ), $chainref->{filtered}++ unless $interfaceref->{options}{routeback} || $interfaceref->{options}{routefilter};
 	    }