X-Git-Url: http://git.rohieb.name/openwrt.git/blobdiff_plain/aa954c1c5dd50c89f91ac2574482ab7c927a3c54..ac2d02c3e08c4c3d62859bffb4dd3bb891b3d5c6:/package/firewall/files/uci_firewall.sh?ds=sidebyside

diff --git a/package/firewall/files/uci_firewall.sh b/package/firewall/files/uci_firewall.sh
index e1683e9cf..ff82f8bf0 100755
--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@@ -163,6 +163,7 @@ fw_rule() {
 	local dest_port
 	local proto
 	local target
+	local ruleset
 
 	config_get src $1 src
 	config_get src_ip $1 src_ip
@@ -178,6 +179,8 @@ fw_rule() {
 	[ -z "$target" ] && target=DROP
 	[ -n "$src" ] && ZONE=zone_$src || ZONE=INPUT
 	[ -n "$dest" ] && TARGET=zone_${dest}_$target || TARGET=$target
+	[ -n "$dest_port" -a -z "$proto" ] && { \
+		echo "dport may only be used it proto is defined"; return; }
 	$IPTABLES -I $ZONE 1 \
 		${proto:+-p $proto} \
 		${src_ip:+-s $src_ip} \
@@ -220,9 +223,11 @@ fw_redirect() {
 	config_get protocol $1 protocol
 	[ -z "$src" -o -z "$dest_ip" ] && { \
 		echo "redirect needs src and dest_ip"; return ; }
+	[ -n "$dest_port" -a -z "$protocol" ] && { \
+		echo "dport may only be used it proto is defined"; return; }
 	$IPTABLES -A zone_${src}_prerouting -t nat \
 		${protocol:+-p $protocol} \
-		${src_ip:+-s $srcdip} \
+		${src_ip:+-s $src_ip} \
 		${src_port:+--sport $src_port} \
 		${src_dport:+--dport $src_dport} \
 		${src_mac:+-m mac --mac-source $src_mac} \
@@ -230,7 +235,7 @@ fw_redirect() {
 	$IPTABLES -I zone_${src}_forward 1 \
 		${protocol:+-p $protocol} \
 		-d $dest_ip \
-		${src_ip:+-s $srcdip} \
+		${src_ip:+-s $src_ip} \
 		${src_port:+--sport $src_port} \
 		${dest_port:+--dport $dest_port} \
 		${src_mac:+-m mac --mac-source $src_mac} \