holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Apply sfilter to INPUT as well as FORWARD

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-06-08 09:40:28 -07:00
parent d6ebdd3cb7
commit fa2746d469
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -476,6 +476,7 @@ sub setup_mss();
sub add_common_rules() { sub add_common_rules() {
my $interface; my $interface;
my $chainref; my $chainref;
my $chainref1;
my $target; my $target;
my $rule; my $rule;
my $list; my $list;
@ -528,9 +529,13 @@ sub add_common_rules() {
my @filters = @{$interfaceref->{filter}}; my @filters = @{$interfaceref->{filter}};
$chainref = $filter_table->{forward_chain $interface}; $chainref = $filter_table->{forward_chain $interface};
$chainref1 = $filter_table->{input_chain $interface};
if ( @filters ) { if ( @filters ) {
add_jump( $chainref , $target, 1, match_source_net( $_ ) ), $chainref->{filtered}++ for @filters; for ( @filters ) {
add_jump( $chainref , $target, 1, match_source_net( $_ ) ), $chainref->{filtered}++;
add_jump( $chainref1 , $target, 1, match_source_net( $_ ) ), $chainref1->{filtered}++;
}
} elsif ( $interfaceref->{bridge} eq $interface ) { } elsif ( $interfaceref->{bridge} eq $interface ) {
add_jump( $chainref , $target, 1, match_dest_dev( $interface ) ), $chainref->{filtered}++ unless $interfaceref->{options}{routeback} || $interfaceref->{options}{routefilter}; add_jump( $chainref , $target, 1, match_dest_dev( $interface ) ), $chainref->{filtered}++ unless $interfaceref->{options}{routeback} || $interfaceref->{options}{routefilter};
} }