Fix FW->FW REDIRECT

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@365 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-12-13 18:39:05 +00:00 · 2002-12-13 18:39:05 +00:00 · 46f0ae548f
commit 46f0ae548f
parent 775d9d92ba
1 changed files with 28 additions and 14 deletions
--- a/STABLE/firewall
+++ b/STABLE/firewall
@ -849,8 +849,14 @@ validate_rule() {
    chain=${source}2${dest}

    if [ "x$chain" = x${FW}2${FW} ]; then
-	error_message "WARNING: fw -> fw rules are not supported; rule \"$rule\" ignored"
-	return
+	case $logtarget in
+	    REDIRECT)
+		;;
+	    *)
+		error_message "WARNING: fw -> fw rules are not supported; rule \"$rule\" ignored"
+		return
+		;;
+	esac
    fi

    #
@ -1966,14 +1972,16 @@ add_a_rule()
 	    add_nat_rule
 	fi

-	serv="${serv:+-d $serv}"
+	if [ $chain != ${FW}2${FW} ]; then
+	    serv="${serv:+-d $serv}"

-	[ -n "$loglevel" ] && run_iptables -A $chain $proto $multiport \
-	    $state $cli $sports $serv $dports -j LOG $LOGPARMS \
-	    --log-prefix "Shorewall:$chain:$logtarget:" \
-	    --log-level $loglevel
-	run_iptables -A $chain $proto $multiport $state $cli $sports \
-	    $serv $dports -j $target
+	    [ -n "$loglevel" ] && run_iptables -A $chain $proto $multiport \
+		$state $cli $sports $serv $dports -j LOG $LOGPARMS \
+		--log-prefix "Shorewall:$chain:$logtarget:" \
+		--log-level $loglevel
+	    run_iptables -A $chain $proto $multiport $state $cli $sports \
+		$serv $dports -j $target
+	fi
    else
 	    
 	# Destination is a simple zone
@ -2104,12 +2112,18 @@ process_rule() # $1 = target
    chain=${source}2${dest}

    if [ "x$chain" = x${FW}2${FW} ]; then
-	error_message "WARNING: fw -> fw rules are not supported; rule \"$rule\" ignored"
-	return
+	case $logtarget in
+	    REDIRECT)
+		;;
+	    *)
+		error_message "WARNING: fw -> fw rules are not supported; rule \"$rule\" ignored"
+		return
+		;;
+	esac
+    else
+	ensurechain $chain
    fi

-    ensurechain $chain
-
    # Generate Netfilter rule(s)

    if [ -n "$MULTIPORT" -a \