extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix FASTACCEPT=Yes -- Take 3

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5876 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-04-09 17:34:20 +00:00
parent f900585e88
commit fbf73e1c34
2 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall-perl/Shorewall/Accounting.pm
View File

@ -109,7 +109,7 @@ sub process_accounting_rule( $$$$$$$$ ) {
} }
sub setup_accounting() { sub setup_accounting() {
my $first_entry = 1; my $first_entry = 1;
my $fn = open_file 'accounting'; my $fn = open_file 'accounting';
@ -127,8 +127,13 @@ sub setup_accounting() {
} }
if ( $filter_table->{accounting} ) { if ( $filter_table->{accounting} ) {
for my $chain qw/INPUT FORWARD OUTPUT/ { for my $chain ( qw/INPUT FORWARD OUTPUT/ ) {
insert_rule $filter_table->{$chain}, 1, '-j accounting'; insert_rule $filter_table->{$chain}, 1, '-j accounting';
insert_rule $filter_table->{$chain}, 2, '-m state --state ESTABLISHED,RELATED -j ACCEPT' if $config{FASTACCEPT};
}
} elsif ( $config{FASTACCEPT} ) {
for my $chain ( qw/INPUT FORWARD OUTPUT/ ) {
insert_rule $filter_table->{$chain}, 1, '-m state --state ESTABLISHED,RELATED -j ACCEPT';
} }
} }
} }

6
Shorewall-perl/Shorewall/Rules.pm
View File

@ -1647,12 +1647,6 @@ sub generate_matrix() {
nat=> [ qw/PREROUTING OUTPUT POSTROUTING/ ] , nat=> [ qw/PREROUTING OUTPUT POSTROUTING/ ] ,
filter=> [ qw/INPUT FORWARD OUTPUT/ ] ); filter=> [ qw/INPUT FORWARD OUTPUT/ ] );
if ( $config{FASTACCEPT} ) {
for my $chain ( @{$builtins{filter}} ) {
add_rule $filter_table->{$chain}, "-m state --state ESTABLISHED,RELATED -j ACCEPT";
}
}
complete_standard_chain $filter_table->{INPUT} , 'all' , $firewall_zone; complete_standard_chain $filter_table->{INPUT} , 'all' , $firewall_zone;
complete_standard_chain $filter_table->{OUTPUT} , $firewall_zone , 'all'; complete_standard_chain $filter_table->{OUTPUT} , $firewall_zone , 'all';
complete_standard_chain $filter_table->{FORWARD} , 'all' , 'all'; complete_standard_chain $filter_table->{FORWARD} , 'all' , 'all';