forked from extern/shorewall_code
Always inherit interface options
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
b3cd9ab15a
commit
65cde3475f
@ -817,6 +817,12 @@ sub add_group_to_zone($$$$$)
|
|||||||
$zoneref->{interfaces}{$interface} = 1;
|
$zoneref->{interfaces}{$interface} = 1;
|
||||||
$zoneref->{destonly} ||= $interfaceref->{options}{destonly};
|
$zoneref->{destonly} ||= $interfaceref->{options}{destonly};
|
||||||
$options->{destonly} ||= $interfaceref->{options}{destonly};
|
$options->{destonly} ||= $interfaceref->{options}{destonly};
|
||||||
|
#
|
||||||
|
# Make 'find_hosts_by_option()' work correctly for this zone
|
||||||
|
#
|
||||||
|
for ( qw/blacklist maclist nosmurfs tcpflags/ ) {
|
||||||
|
$options->{$_} = $interfaceref->{options}{$_} if $interfaceref->{options}{$_} && ! exists $options->{$_};
|
||||||
|
}
|
||||||
|
|
||||||
$interfaceref->{zones}{$zone} = 1;
|
$interfaceref->{zones}{$zone} = 1;
|
||||||
|
|
||||||
@ -851,13 +857,6 @@ sub add_group_to_zone($$$$$)
|
|||||||
if ( $host eq ALLIP ) {
|
if ( $host eq ALLIP ) {
|
||||||
fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if @newnetworks;
|
fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if @newnetworks;
|
||||||
$interfaces{$interface}{zone} = $zone;
|
$interfaces{$interface}{zone} = $zone;
|
||||||
#
|
|
||||||
# Make 'find_hosts_by_option()' work correctly for this zone
|
|
||||||
#
|
|
||||||
for ( qw/blacklist maclist nosmurfs tcpflags/ ) {
|
|
||||||
$options->{$_} = $interfaceref->{options}{$_} if $interfaceref->{options}{$_};
|
|
||||||
}
|
|
||||||
|
|
||||||
$allip = 1;
|
$allip = 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user