holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Streamline maclist broadcast handling

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6084 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-04-23 18:04:59 +00:00
parent 40df0fe4b1
commit 2b397ffc5d
1 changed files with 4 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Shorewall-perl/Shorewall/Rules.pm
View File

@ -755,19 +755,15 @@ sub setup_mac_lists( $ ) {
add_command $chainref, "if interface_is_usable $interface; then";
add_command $chainref, " ip -f inet addr show $interface 2> /dev/null | grep 'inet.*brd' | sed 's/inet //; s/brd //; s/scope.*//;' | while read address broadcast; do";
add_command $chainref, ' address=${address%/*}';
add_command $chainref, ' if [ -n "$broadcast" ]; then';
add_command $chainref, " echo \"-A $chainref->{name} -s \$address -d \$broadcast -j RETURN\" >&3";
add_command $chainref, ' fi';
add_command $chainref, '';
add_command $chainref, " echo \"-A $chainref->{name} -s \$address -d 255.255.255.255 -j RETURN\" >&3";
add_command $chainref, " echo \"-A $chainref->{name} -s \$address -d 224.0.0.0/4 -j RETURN\" >&3";
add_command $chainref, " echo \"-A $chainref->{name} -s \$address -m addrtype --dst-type BROADCAST -j RETURN\" >&3";
add_command $chainref, " echo \"-A $chainref->{name} -s \$address -m addrtype --dst-type MULTICAST -j RETURN\" >&3";
add_command $chainref, ' done';
unless ( interface_is_optional $interface ) {
add_command $chainref, 'else';
add_command $chainref, " fatal_error \"Interface $interface must be up before Shorewall can start\"";
}
add_command $chainref, "fi\n";
}