forked from extern/shorewall_code
Correct handling of MACLIST_DISPOSITION=A_xxx when MACLIST_TABLE=mangle
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
50494f667c
commit
273f109daf
@ -2520,15 +2520,15 @@ sub ensure_audit_blacklog_chain( $$$ ) {
|
||||
# Create and populate the passed AUDIT chain if it doesn't exist. Return chain name
|
||||
#
|
||||
|
||||
sub ensure_audit_chain( $;$$ ) {
|
||||
my ( $target, $action, $tgt ) = @_;
|
||||
sub ensure_audit_chain( $;$$$ ) {
|
||||
my ( $target, $action, $tgt, $table ) = @_;
|
||||
|
||||
my $save_comment = push_comment;
|
||||
|
||||
my $ref = $filter_table->{$target};
|
||||
|
||||
unless ( $ref ) {
|
||||
$ref = new_chain 'filter', $target;
|
||||
$ref = new_chain( $table || 'filter', $target );
|
||||
|
||||
unless ( $action ) {
|
||||
$action = $target;
|
||||
|
@ -1165,7 +1165,7 @@ sub setup_mac_lists( $ ) {
|
||||
my $target = $globals{MACLIST_TARGET};
|
||||
my $level = $config{MACLIST_LOG_LEVEL};
|
||||
my $disposition = $config{MACLIST_DISPOSITION};
|
||||
my $audit = $disposition =~ /^A_/;
|
||||
my $audit = $disposition =~ s/^A_//;
|
||||
my $ttl = $config{MACLIST_TTL};
|
||||
|
||||
progress_message2 "$doing MAC Filtration -- Phase $phase...";
|
||||
@ -1281,6 +1281,8 @@ sub setup_mac_lists( $ ) {
|
||||
#
|
||||
# Phase II
|
||||
#
|
||||
ensure_audit_chain( $target, $disposition, undef, $table ) if $audit;
|
||||
|
||||
for my $interface ( @maclist_interfaces ) {
|
||||
my $chainref = $chain_table{$table}{( $ttl ? macrecent_target $interface : mac_chain $interface )};
|
||||
my $chain = $chainref->{name};
|
||||
|
Loading…
Reference in New Issue
Block a user