holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add some comments -- fix logging with NAT actions

Browse Source
This commit is contained in:
Tom Eastep 2010-12-27 09:05:44 -08:00
parent d5ac12a8ff
commit 215c05d12b
1 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -837,8 +837,22 @@ sub process_rule_common ( $$$$$$$$$$$$$$$$ ) {
unless ( $inaction3 ) { unless ( $inaction3 ) {
fatal_error "An action may not invoke itself" if $basictarget eq $inaction1; fatal_error "An action may not invoke itself" if $basictarget eq $inaction1;
if ( my $ref = use_action( $normalized_target ) ) { if ( my $ref = use_action( $normalized_target ) ) {
process_action2( $normalized_target ) unless $actiontype & BUILTIN; #
ensure_chain( 'nat', $ref->{name} ) if ( $actiontype = $targets{$basictarget} ) & NATRULE; # First reference to this tupple
#
unless ( $actiontype & BUILTIN ) {
#
# Not a built-in - do preprocessing
#
process_action2( $normalized_target );
#
# Preprocessing may determine that the chain or one of it's dependents does NAT. If so:
#
# - Refresh $actiontype
# - Create the associate nat table chain if appropriate.
#
ensure_chain( 'nat', $ref->{name} ) if ( $actiontype = $targets{$basictarget} ) & NATRULE;
}
} }
} }
@ -1105,7 +1119,7 @@ sub process_rule_common ( $$$$$$$$$$$$$$$$ ) {
} }
} }
} elsif ( $actiontype & ACTION ) { } elsif ( $actiontype & ACTION ) {
$target = $action; $target = $usedactions{$normalized_target}->{name};
} else { } else {
if ( $server eq '' ) { if ( $server eq '' ) {
fatal_error "A server and/or port must be specified in the DEST column in $action rules" unless $serverport; fatal_error "A server and/or port must be specified in the DEST column in $action rules" unless $serverport;