holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Revert "Always inherit interface options"

Browse Source 
This reverts commit 65cde3475f.
This commit is contained in:
Tom Eastep 2014-04-15 11:54:58 -07:00
parent 65cde3475f
commit e731ea1ca8
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -817,12 +817,6 @@ sub add_group_to_zone($$$$$)
$zoneref->{interfaces}{$interface} = 1;
$zoneref->{destonly} ||= $interfaceref->{options}{destonly};
$options->{destonly} ||= $interfaceref->{options}{destonly};
#
# Make 'find_hosts_by_option()' work correctly for this zone
#
for ( qw/blacklist maclist nosmurfs tcpflags/ ) {
$options->{$_} = $interfaceref->{options}{$_} if $interfaceref->{options}{$_} && ! exists $options->{$_};
}
$interfaceref->{zones}{$zone} = 1;
@ -857,6 +851,13 @@ sub add_group_to_zone($$$$$)
if ( $host eq ALLIP ) {
fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if @newnetworks;
$interfaces{$interface}{zone} = $zone;
#
# Make 'find_hosts_by_option()' work correctly for this zone
#
for ( qw/blacklist maclist nosmurfs tcpflags/ ) {
$options->{$_} = $interfaceref->{options}{$_} if $interfaceref->{options}{$_};
}
$allip = 1;
}
}