From 526f0f9eb80c10138cd07190aceb2b3a88022577 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Fri, 21 Mar 2003 19:47:19 +0000
Subject: [PATCH] Re-allow Z->Z rules/policies

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@516 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/firewall | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/Shorewall/firewall b/Shorewall/firewall
index 8c6f3224c..e623477a5 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -718,9 +718,6 @@ validate_policy()
 
 	chain=${client}2${server}
 
-	[ "$client" != "$server" ] || [ -n "$serverwild" ] || \
-	    startup_error "Intra-zone policies not allowed: $client $server $policy"
-
 	if is_policy_chain $chain ; then
 	    startup_error "Duplicate policy $policy"
 	fi
@@ -2185,8 +2182,6 @@ process_rule() # $1 = target
 		return
 		;;
 	esac
-    elif [ "$source" = "$dest" ]; then
-	fatal_error "Intra-zone rules are not allowed: rule \"$rule\""
     else
 	[ $command = check ] || ensurechain $chain
     fi
@@ -2692,10 +2687,10 @@ rules_chain() # $1 = source zone, $2 = destination zone
 {
     local chain=${1}2${2}
 
-    [ "$1" = "$2" ] && { echo ACCEPT; return; }
-
     havechain $chain && { echo $chain; return; }
 
+    [ "$1" = "$2" ] && { echo ACCEPT; return; }
+
     eval chain=\$${chain}_policychain
 
     [ -n "$chain" ] && { echo $chain; return; }