From 5fc89ede69f87552c8582634f138ed63dcf8b258 Mon Sep 17 00:00:00 2001
From: paulgear <paulgear@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Tue, 5 Jul 2005 11:43:31 +0000
Subject: [PATCH] Apply patch from Tom 2005-06-15:     If the policy is QUEUE,
 and there is an entry in the BURST:LIMIT     column for that policy then the
 BURST:LIMIT is not applied in some     cases. The original evidence seems to
 have been removed from
 http://lists.shorewall.net/pipermail/shorewall-devel/2005-June/001206.html
 :-)

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2246 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall2/firewall | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/Shorewall2/firewall b/Shorewall2/firewall
index fc038543a..e164393a7 100755
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@@ -7092,9 +7092,13 @@ apply_policy_rules() {
 		    ;;
 	    esac
 
-	    [ -n "$synparams" ] && \
-		[ $policy = ACCEPT -o $policy = CONTINUE ] && \
-		run_iptables -I $chain 2 -p tcp --syn -j @$chain
+	    if [ -n "$synparams" ]; then
+		case $policy in
+		    ACCEPT|CONTINUE|QUEUE)
+			run_iptables -I $chain 2 -p tcp --syn -j @$chain
+			;;
+		esac
+	    fi
 	fi
 
     done