holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Some more fixes for blacklisting

Browse Source
This commit is contained in:
Tom Eastep 2010-09-09 14:53:12 -07:00
parent 50300a60b7
commit 69817007bf
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -323,7 +323,7 @@ sub setup_blacklist() {
progress_message " Type 1 blacklisting enabled on ${interface}:${network}";
}
if ( @{$chainref1->{rules}} ) {
if ( $chainref1 && @{$chainref1->{rules}} ) {
for my $hostref ( @$hosts1 ) {
my $interface = $hostref->[0];
my $ipsec = $hostref->[1];
@ -1874,7 +1874,7 @@ sub generate_matrix() {
my $fw = firewall_zone;
my $notrackref = $raw_table->{notrack_chain $fw};
my $state = $config{BLACKLISTNEWONLY} ? $globals{UNTRACKED} ? "$globals{STATEMATCH} NEW,INVALID,UNTRACKED " : "$globals{STATEMATCH} NEW,INVALID " : '';
my $blackout = @{$filter_table->{blackout}{rules}};
my $blackout = $filter_table->{blackout} && @{$filter_table->{blackout}{rules}};
my @zones = off_firewall_zones;
my @vservers = vserver_zones;
my $interface_jumps_added = 0;

5
manpages/shorewall-interfaces.xml
View File

@ -249,8 +249,9 @@ loc eth2 -</programlisting>
</listitem>
<listitem>
<para>Output blacklisting. Traffic entering on this
interface is passed against the entries in <ulink
<para>Output blacklisting. Forward traffic that entered
through this interface is passed against the entries in
<ulink
url="shorewall-blacklist.html">shorewall-blacklist</ulink>(5)
that have the <emphasis role="bold">to</emphasis>
option.</para>