holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Fix RHEL5 issue with route marking.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-11-21 08:50:57 -08:00
parent 8f52c9744e
commit 77f342b0e0
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Shorewall/Perl/Shorewall/Providers.pm
View File

@ -118,13 +118,14 @@ sub initialize( $ ) {
# #
sub setup_route_marking() { sub setup_route_marking() {
my $mask = in_hex( $globals{PROVIDER_MASK} ); my $mask = in_hex( $globals{PROVIDER_MASK} );
my $testmask = have_capability( 'XCONNMARK_MATCH' ) ? "/$mask" : '';
require_capability( $_ , q(The provider 'track' option) , 's' ) for qw/CONNMARK_MATCH CONNMARK/; require_capability( $_ , q(The provider 'track' option) , 's' ) for qw/CONNMARK_MATCH CONNMARK/;
if ( $config{RESTORE_ROUTEMARKS} ) { if ( $config{RESTORE_ROUTEMARKS} ) {
add_ijump $mangle_table->{$_} , j => 'CONNMARK', targetopts => "--restore-mark --mask $mask" for qw/PREROUTING OUTPUT/; add_ijump $mangle_table->{$_} , j => 'CONNMARK', targetopts => "--restore-mark --mask $mask" for qw/PREROUTING OUTPUT/;
} else { } else {
add_ijump $mangle_table->{$_} , j => 'CONNMARK', targetopts => "--restore-mark --mask $mask", connmark => "! --mark 0/$mask" for qw/PREROUTING OUTPUT/; add_ijump $mangle_table->{$_} , j => 'CONNMARK', targetopts => "--restore-mark --mask $mask", connmark => "! --mark 0${testmask}" for qw/PREROUTING OUTPUT/;
} }
my $chainref = new_chain 'mangle', 'routemark'; my $chainref = new_chain 'mangle', 'routemark';