holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Cleaner fix for ipsec/vserver issue

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-07-02 12:24:58 -07:00
parent 261af19b4e
commit 9e81a5101f
1 changed files with 2 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -2556,12 +2556,8 @@ sub match_ipsec_in( $$ ) {
my $zoneref = find_zone( $zone ); my $zoneref = find_zone( $zone );
my $optionsref = $zoneref->{options}; my $optionsref = $zoneref->{options};
unless ( $optionsref->{super} ) { unless ( $optionsref->{super} || $zoneref->{type} == VSERVER ) {
$match = '-m policy --dir in --pol '; $match = '-m policy --dir in --pol ';
if ( $zoneref->{type} eq 'vserver' ) {
return '';
}
if ( $zoneref->{type} eq 'ipsec' ) { if ( $zoneref->{type} eq 'ipsec' ) {
$match .= "ipsec $optionsref->{in_out}{ipsec}$optionsref->{in}{ipsec}"; $match .= "ipsec $optionsref->{in_out}{ipsec}$optionsref->{in}{ipsec}";
@ -2584,13 +2580,9 @@ sub match_ipsec_out( $$ ) {
my $zoneref = find_zone( $zone ); my $zoneref = find_zone( $zone );
my $optionsref = $zoneref->{options}; my $optionsref = $zoneref->{options};
unless ( $optionsref->{super} ) { unless ( $optionsref->{super} || $zoneref->{type} == VSERVER ) {
$match = '-m policy --dir out --pol '; $match = '-m policy --dir out --pol ';
if ( $zoneref->{type} eq 'vserver' ) {
return '';
}
if ( $zoneref->{type} eq 'ipsec' ) { if ( $zoneref->{type} eq 'ipsec' ) {
$match .= "ipsec $optionsref->{in_out}{ipsec}$optionsref->{out}{ipsec}"; $match .= "ipsec $optionsref->{in_out}{ipsec}$optionsref->{out}{ipsec}";
} elsif ( have_ipsec ) { } elsif ( have_ipsec ) {