holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Correct icmp fix

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@761 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2003-10-08 18:45:26 +00:00
parent 5b54d21d07
commit 3d7df0dd62
2 changed files with 16 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
STABLE/firewall
View File

@ -2761,13 +2761,13 @@ process_rule() # $1 = target
# Generate Netfilter rule(s) # Generate Netfilter rule(s)
protocol=${protocol:=all}
case $logtarget in case $logtarget in
DNAT*) DNAT*)
if [ -n "$MULTIPORT" -a \ if [ -n "$MULTIPORT" ] && \
"$protocol" != "icmp" -a \ ! list_search $protocol "icmp" "ICMP" "1" && \
"$protocol" != "ICMP" -a \ [ "$ports" = "${ports%:*}" -a \
"$protocol" != "1" -a \
"$ports" = "${ports%:*}" -a \
"$cports" = "${cports%:*}" -a \ "$cports" = "${cports%:*}" -a \
`list_count $ports` -le 15 -a \ `list_count $ports` -le 15 -a \
`list_count $cports` -le 15 ] `list_count $cports` -le 15 ]
@ -2803,11 +2803,9 @@ process_rule() # $1 = target
;; ;;
*) *)
if [ -n "$MULTIPORT" -a \ if [ -n "$MULTIPORT" ] && \
"$protocol" != "icmp" -a \ ! list_search $protocol "icmp" "ICMP" "1" && \
"$protocol" != "ICMP" -a \ [ "$ports" = "${ports%:*}" -a \
"$protocol" != "1" -a \
"$ports" = "${ports%:*}" -a \
"$cports" = "${cports%:*}" -a \ "$cports" = "${cports%:*}" -a \
`list_count $ports` -le 15 -a \ `list_count $ports` -le 15 -a \
`list_count $cports` -le 15 ] `list_count $cports` -le 15 ]

18
Shorewall/firewall
View File

@ -2761,13 +2761,13 @@ process_rule() # $1 = target
# Generate Netfilter rule(s) # Generate Netfilter rule(s)
protocol=${protocol:=all}
case $logtarget in case $logtarget in
DNAT*) DNAT*)
if [ -n "$MULTIPORT" -a \ if [ -n "$MULTIPORT" ] && \
"$protocol" != "icmp" -a \ ! list_search $protocol "icmp" "ICMP" "1" && \
"$protocol" != "ICMP" -a \ [ "$ports" = "${ports%:*}" -a \
"$protocol" != "1" -a \
"$ports" = "${ports%:*}" -a \
"$cports" = "${cports%:*}" -a \ "$cports" = "${cports%:*}" -a \
`list_count $ports` -le 15 -a \ `list_count $ports` -le 15 -a \
`list_count $cports` -le 15 ] `list_count $cports` -le 15 ]
@ -2803,11 +2803,9 @@ process_rule() # $1 = target
;; ;;
*) *)
if [ -n "$MULTIPORT" -a \ if [ -n "$MULTIPORT" ] && \
"$protocol" != "icmp" -a \ ! list_search $protocol "icmp" "ICMP" "1" && \
"$protocol" != "ICMP" -a \ [ "$ports" = "${ports%:*}" -a \
"$protocol" != "1" -a \
"$ports" = "${ports%:*}" -a \
"$cports" = "${cports%:*}" -a \ "$cports" = "${cports%:*}" -a \
`list_count $ports` -le 15 -a \ `list_count $ports` -le 15 -a \
`list_count $cports` -le 15 ] `list_count $cports` -le 15 ]