holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Minor cleanup of the Chains module

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2019-10-16 11:44:02 -07:00
parent 84a220a651
commit 2b7a37e42a
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -694,7 +694,7 @@ use constant { UNIQUE => 1, # Simple header matches - only allowed on
CONTROL => 16, # Unsed internally by the compiler - does not contribute to the iptables rule
COMPLEX => 32, # Currently means 'contrack --cstate'
NFACCT => 64, # nfacct match
EXPENSIVE => 128, # Has high rule-processing cost in the kernel
EXPENSIVE => 128, # Has high match-processing cost in the kernel
RECENT => 256, # recent match
};
@ -1222,8 +1222,8 @@ sub transform_rule( $;\$ ) {
$option = $2;
} elsif ( $input =~ s/^(!\s+)?--([^\s]+)\s*// ) {
$invert = '!' if $1;
my $opt = $option = $2;
fatal_error "Unrecognized iptables option ($opt}" unless $option = $aliases{$option};
my $opt = $2;
fatal_error "Unrecognized iptables option ($opt}" unless $option = $aliases{$opt};
} else {
fatal_error "Unrecognized iptables option string ($input)";
}