holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Ensure that the PREROUTING->dnat jump is added when a wildcard interface is present

Browse Source
This commit is contained in:
Tom Eastep 2011-04-06 15:14:39 -07:00
parent 755c3cfd80
commit 7ab55f4217
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -1356,7 +1356,18 @@ sub generate_matrix() {
# There are DNAT/REDIRECT rules with this zone as the source.
# Add a jump from this source network to this zone's DNAT/REDIRECT chain
#
add_jump $preroutingref, source_exclusion( $exclusions, $dnatref), 0, join( '', match_source_dev( $interface), $source, $ipsec_in_match );
add_jump( $preroutingref,
source_exclusion( $exclusions, $dnatref),
0,
join( '', match_source_dev( $interface), $source, $ipsec_in_match ) );
if ( get_physical( $interface ) eq '+' ) {
#
# The jump from the prerouting chain to dnat may not have been added above
#
addnatjump 'PREROUTING', 'dnat', '' unless $preroutingref->{references}{PREROUTING};
}
check_optimization( $dnatref ) if $source;
}