forked from extern/shorewall_code
Don't remove a lone ACCEPT rule from the OUTPUT chain
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
0dde75d345
commit
fb754b3a2e
@ -1416,7 +1416,7 @@ sub optimize_chain( $ ) {
|
||||
|
||||
pop @$rules, $count++ while @$rules && $rules->[-1] =~ /-j ACCEPT\b/;
|
||||
|
||||
if ( @${rules} ) {
|
||||
if ( @${rules} || $chainref->{dont_delete} ) {
|
||||
add_rule $chainref, '-j ACCEPT';
|
||||
progress_message " $count ACCEPT rules deleted from policy chain $chainref->{name}" if $count;
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user