forked from extern/shorewall_code
Re-allow Z->Z rules/policies
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@516 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
c56fe6ee49
commit
526f0f9eb8
@ -718,9 +718,6 @@ validate_policy()
|
||||
|
||||
chain=${client}2${server}
|
||||
|
||||
[ "$client" != "$server" ] || [ -n "$serverwild" ] || \
|
||||
startup_error "Intra-zone policies not allowed: $client $server $policy"
|
||||
|
||||
if is_policy_chain $chain ; then
|
||||
startup_error "Duplicate policy $policy"
|
||||
fi
|
||||
@ -2185,8 +2182,6 @@ process_rule() # $1 = target
|
||||
return
|
||||
;;
|
||||
esac
|
||||
elif [ "$source" = "$dest" ]; then
|
||||
fatal_error "Intra-zone rules are not allowed: rule \"$rule\""
|
||||
else
|
||||
[ $command = check ] || ensurechain $chain
|
||||
fi
|
||||
@ -2692,10 +2687,10 @@ rules_chain() # $1 = source zone, $2 = destination zone
|
||||
{
|
||||
local chain=${1}2${2}
|
||||
|
||||
[ "$1" = "$2" ] && { echo ACCEPT; return; }
|
||||
|
||||
havechain $chain && { echo $chain; return; }
|
||||
|
||||
[ "$1" = "$2" ] && { echo ACCEPT; return; }
|
||||
|
||||
eval chain=\$${chain}_policychain
|
||||
|
||||
[ -n "$chain" ] && { echo $chain; return; }
|
||||
|
||||
Loading…
Reference in New Issue
Block a user