holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Only send loopback traffic to the 'loopback' chain

Browse Source
This commit is contained in:
Tom Eastep 2010-07-03 10:53:25 -07:00
parent 21ce6f9b84
commit 148b251766
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -1740,7 +1740,7 @@ sub handle_loopback_traffic() {
if ( @zones > 1 ) { if ( @zones > 1 ) {
$outchainref = new_standard_chain 'loopback'; $outchainref = new_standard_chain 'loopback';
add_jump $filter_table->{OUTPUT}, $outchainref, 0; add_jump $filter_table->{OUTPUT}, $outchainref, 0, '-o lo ';
} else { } else {
$outchainref = $filter_table->{OUTPUT}; $outchainref = $filter_table->{OUTPUT};
$rule = '-o lo '; $rule = '-o lo ';
@ -1768,7 +1768,6 @@ sub handle_loopback_traffic() {
for my $typeref ( values %{$source_hosts_ref} ) { for my $typeref ( values %{$source_hosts_ref} ) {
for my $hostref ( @{$typeref->{'%vserver%'}} ) { for my $hostref ( @{$typeref->{'%vserver%'}} ) {
my $ipsec_match = match_ipsec_in $z1 , $hostref;
my $exclusion = source_exclusion( $hostref->{exclusions}, $natref); my $exclusion = source_exclusion( $hostref->{exclusions}, $natref);
for my $net ( @{$hostref->{hosts}} ) { for my $net ( @{$hostref->{hosts}} ) {