projects
/
openwrt.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
[toolchain/uClibc] backport upstream fix for dst computation
[openwrt.git]
/
package
/
firewall
/
files
/
lib
/
core_rule.sh
diff --git
a/package/firewall/files/lib/core_rule.sh
b/package/firewall/files/lib/core_rule.sh
index
0a25fcd
..
f49c42a
100644
(file)
--- a/
package/firewall/files/lib/core_rule.sh
+++ b/
package/firewall/files/lib/core_rule.sh
@@
-59,7
+59,7
@@
fw_load_rule() {
fi
local mode
fi
local mode
- fw_get_family_mode mode ${rule_family:-x}
$rule_src
I
+ fw_get_family_mode mode ${rule_family:-x}
"$rule_src"
I
local src_spec dest_spec
fw_get_negation src_spec '-s' "${rule_src_ip:+$rule_src_ip/$rule_src_ip_prefixlen}"
local src_spec dest_spec
fw_get_negation src_spec '-s' "${rule_src_ip:+$rule_src_ip/$rule_src_ip_prefixlen}"
@@
-67,21
+67,30
@@
fw_load_rule() {
[ "$rule_proto" == "tcpudp" ] && rule_proto="tcp udp"
local pr; for pr in $rule_proto; do
[ "$rule_proto" == "tcpudp" ] && rule_proto="tcp udp"
local pr; for pr in $rule_proto; do
+ local sports dports itypes
+ case "$pr" in
+ icmp|icmpv6|1|58)
+ sports=""; dports=""
+ itypes="$rule_icmp_type"
+ ;;
+ *)
+ sports="$rule_src_port"
+ dports="$rule_dest_port"
+ itypes=""
+ ;;
+ esac
+
fw_get_negation pr '-p' "$pr"
fw_get_negation pr '-p' "$pr"
- local sp; for sp in ${
rule_src_port
:-""}; do
+ local sp; for sp in ${
sports
:-""}; do
fw_get_port_range sp $sp
fw_get_negation sp '--sport' "$sp"
fw_get_port_range sp $sp
fw_get_negation sp '--sport' "$sp"
- local dp; for dp in ${
rule_dest_port
:-""}; do
+ local dp; for dp in ${
dports
:-""}; do
fw_get_port_range dp $dp
fw_get_negation dp '--dport' "$dp"
local sm; for sm in ${rule_src_mac:-""}; do
fw_get_negation sm '--mac-source' "$sm"
fw_get_port_range dp $dp
fw_get_negation dp '--dport' "$dp"
local sm; for sm in ${rule_src_mac:-""}; do
fw_get_negation sm '--mac-source' "$sm"
- local it; for it in ${
rule_icmp_type
:-""}; do
+ local it; for it in ${
itypes
:-""}; do
fw_get_negation it '--icmp-type' "$it"
fw_get_negation it '--icmp-type' "$it"
- case "$pr" in
- *" icmp"|*" icmpv6"|*" 1"|*" 58") sp=""; dp="" ;;
- *) it="" ;;
- esac
fw add $mode $table $chain $target + \
{ $rule_src_ip $rule_dest_ip } { \
$src_spec $dest_spec \
fw add $mode $table $chain $target + \
{ $rule_src_ip $rule_dest_ip } { \
$src_spec $dest_spec \
This page took
0.022808 seconds
and
4
git commands to generate.
projects / openwrt.git / blobdiff