holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Fix test for KLUDGEFREE

Browse Source
This commit is contained in:
Tom Eastep 2010-08-28 20:47:15 -07:00
parent 1531ad3bcd
commit 95a09b996f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -3494,7 +3494,7 @@ sub expand_rule( $$$$$$$$$$;$ )
# We can't use an exclusion chain -- we mark those packets to be excluded and then condition the following rules based on the mark value
#
require_capability 'MARK_ANYWHERE' , 'Exclusion in ACCEPT+/CONTINUE/NONAT rules', 's' unless $chainref->{table} eq 'mangle';
require_capability 'KLUDGEFREE' , 'Exclusion in ACCEPT+/CONTINUE/NONAT rules', 's' if $rule -~ / -m mark /;
require_capability 'KLUDGEFREE' , 'Exclusion in ACCEPT+/CONTINUE/NONAT rules', 's' if $rule =~ / -m mark /;
#
# Clear the exclusion bit
#