Synflood chain handling

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6152 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-04-30 00:38:51 +00:00 · 2007-04-30 00:38:51 +00:00 · 381212c78d
commit 381212c78d
parent a6358bf7e4
1 changed files with 7 additions and 5 deletions
--- a/Shorewall-shell/compiler
+++ b/Shorewall-shell/compiler
@ -765,11 +765,13 @@ setup_syn_flood_chain ()
 	    ;;
    esac

-    run_iptables -N $chain
-    run_iptables -A $chain -m limit --limit $limit $limit_burst -j RETURN
-    [ -n "$3" ] && \
-	log_rule_limit $3 $chain $chain DROP "-m limit --limit 5/min --limit-burst 5" "" ""
-    run_iptables -A $chain -j DROP
+    if ! havechain $chain ; then
+	run_iptables -N $chain
+	run_iptables -A $chain -m limit --limit $limit $limit_burst -j RETURN
+	[ -n "$3" ] && \
+	    log_rule_limit $3 $chain $chain DROP "-m limit --limit 5/min --limit-burst 5" "" ""
+	run_iptables -A $chain -j DROP
+    fi
 }

 setup_syn_flood_chains()