From 311797e0bf1d9773653931215b2cd6405b67db4f Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 27 Dec 2010 07:47:16 -0800 Subject: [PATCH] Create nat chain during pre-processing of nat action --- Shorewall/Perl/Shorewall/Rules.pm | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index 8e977ffb0..27ea41e93 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -836,8 +836,10 @@ sub process_rule_common ( $$$$$$$$$$$$$$$$ ) { unless ( $inaction3 ) { fatal_error "An action may not invoke itself" if $basictarget eq $inaction1; - process_action2( $normalized_target ) if use_action( $normalized_target ) && ! ( $actiontype & BUILTIN ); - $actiontype = $targets{$basictarget}; + if ( my $ref = use_action( $normalized_target ) ) { + process_action2( $normalized_target ) unless $actiontype & BUILTIN; + ensure_chain( 'nat', $ref->{name} ) if ( $actiontype = $targets{$basictarget} ) & NATRULE; + } } $action = $basictarget; # Remove params, if any, from $action.