Add a comment explaining why avoiding creation of the blacklst chain

and branching to it is a bad idea.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-03-21 07:24:29 -07:00
parent f363825261
commit 9bb1caa4bc

View File

@ -223,7 +223,10 @@ sub setup_blacklist() {
my $chainref; my $chainref;
my ( $level, $disposition ) = @config{'BLACKLIST_LOGLEVEL', 'BLACKLIST_DISPOSITION' }; my ( $level, $disposition ) = @config{'BLACKLIST_LOGLEVEL', 'BLACKLIST_DISPOSITION' };
my $target = $disposition eq 'REJECT' ? 'reject' : $disposition; my $target = $disposition eq 'REJECT' ? 'reject' : $disposition;
#
# We go ahead and generate the blacklist chain and jump to it, even if it turns out to be empty. That is necessary
# for 'refresh' to work properly.
#
if ( @$hosts ) { if ( @$hosts ) {
$chainref = new_standard_chain 'blacklst'; $chainref = new_standard_chain 'blacklst';