From 8eb3de7db2cc92b50bad7b5cf1fbbba996b76774 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Fri, 19 Feb 2010 13:57:45 -0800 Subject: [PATCH] Don't apply rate limiting twice in ACCEPT+ rules Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Rules.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index b27f168b5..cdd09abcb 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -1182,9 +1182,9 @@ sub process_rule1 ( $$$$$$$$$$$$$ ) { # # Generate Fixed part of the rule # - if ( ( $actiontype & ( NATRULE | NATONLY ) ) == NATRULE ) { + if ( $actiontype & ( NATRULE | NONAT ) && ! ( $actiontype & NATONLY ) ) { # - # Don't apply rate limiting twice + # Either a DNAT, REDIRECT or ACCEPT+ rule; don't apply rate limiting twice # $rule = join( '', do_proto($proto, $ports, $sports),