From e664b6bafbfb552826d0cb8edea8c8c8be414f71 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Fri, 8 Feb 2013 15:39:04 -0800
Subject: [PATCH] Correct action.TCPFlags

- restore rule dropped when converted.
- remove cruft
- Correct parameter handling

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/action.TCPFlags | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/Shorewall/action.TCPFlags b/Shorewall/action.TCPFlags
index ff2dbd4ed..95f7d4432 100644
--- a/Shorewall/action.TCPFlags
+++ b/Shorewall/action.TCPFlags
@@ -11,7 +11,7 @@
 #################################################################################
 ?FORMAT 2
 
-DEFAULTS DROP,-
+DEFAULTS -
 
 ?BEGIN PERL;
 use strict;
@@ -19,16 +19,17 @@ use Shorewall::Config qw(:DEFAULT F_IPV4 F_IPV6);
 use Shorewall::Chains;
 use Shorewall::Rules;
 
-my ( $action, $audit ) = get_action_params( 2 );
+my $action = 'DROP';
 
-my $chainref        = get_action_chain;
+my ( $audit ) = get_action_params( 1 );
 
 if ( supplied $audit ) {
      fatal_error "Invalid parameter ($audit) to action TCPFlags" if $audit ne 'audit';
-     $action = "A_$action";
+     $action = "A_DROP";
 }    
 
 perl_action_tcp_helper( $action, '-p tcp --tcp-flags ALL FIN,URG,PSH' );
+perl_action_tcp_helper( $action, '-p tcp --tcp-flags ALL NONE' );
 perl_action_tcp_helper( $action, '-p tcp --tcp-flags SYN,RST SYN,RST' );
 perl_action_tcp_helper( $action, '-p tcp --tcp-flags SYN,FIN SYN,FIN' );
 perl_action_tcp_helper( $action, '-p tcp --syn --sport 0' );