Always inherit interface options

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2014-04-15 11:37:51 -07:00
parent b3cd9ab15a
commit 65cde3475f

View File

@ -817,6 +817,12 @@ sub add_group_to_zone($$$$$)
$zoneref->{interfaces}{$interface} = 1; $zoneref->{interfaces}{$interface} = 1;
$zoneref->{destonly} ||= $interfaceref->{options}{destonly}; $zoneref->{destonly} ||= $interfaceref->{options}{destonly};
$options->{destonly} ||= $interfaceref->{options}{destonly}; $options->{destonly} ||= $interfaceref->{options}{destonly};
#
# Make 'find_hosts_by_option()' work correctly for this zone
#
for ( qw/blacklist maclist nosmurfs tcpflags/ ) {
$options->{$_} = $interfaceref->{options}{$_} if $interfaceref->{options}{$_} && ! exists $options->{$_};
}
$interfaceref->{zones}{$zone} = 1; $interfaceref->{zones}{$zone} = 1;
@ -851,13 +857,6 @@ sub add_group_to_zone($$$$$)
if ( $host eq ALLIP ) { if ( $host eq ALLIP ) {
fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if @newnetworks; fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if @newnetworks;
$interfaces{$interface}{zone} = $zone; $interfaces{$interface}{zone} = $zone;
#
# Make 'find_hosts_by_option()' work correctly for this zone
#
for ( qw/blacklist maclist nosmurfs tcpflags/ ) {
$options->{$_} = $interfaceref->{options}{$_} if $interfaceref->{options}{$_};
}
$allip = 1; $allip = 1;
} }
} }