From ed538add0e9423d412d52d930b9d6dfd3ae32980 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Wed, 9 Apr 2008 21:09:43 +0000
Subject: [PATCH] Make logging work correctly in ESTABLISHED and RELATED
 sections

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8406 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Chains.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm
index f427042b7..d25c32d13 100644
--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@@ -2059,6 +2059,7 @@ sub expand_rule( $$$$$$$$$$ )
 		#
 		for my $dnet ( mysplit $dnets ) {
 		    if ( $loglevel ne '' ) {
+			my $state = $section eq 'NEW' ? '' : "-m state --state $section ";
 			log_rule_limit
 			    $loglevel ,
 			    $chainref ,
@@ -2067,7 +2068,7 @@ sub expand_rule( $$$$$$$$$$ )
 			    '' ,
 			    $logtag ,
 			    'add' ,
-			    join( '', $rule, match_source_net( $inet , $restriction ) , match_dest_net( $dnet ), $onet );
+			    join( '', $state, $rule, match_source_net( $inet , $restriction ) , match_dest_net( $dnet ), $onet );
 		    }
 
 		    unless ( $disposition eq 'LOG' ) {