From: Jo-Philipp Wich Date: Tue, 28 Sep 2010 11:38:31 +0000 (+0000) Subject: firewall: fix chain selection logic, option dest must be ignored for notrack targets X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=1a0d7a36124463a510a8e66689e9738d3ef6266d;p=openwrt%2Fstaging%2Frmilecki.git firewall: fix chain selection logic, option dest must be ignored for notrack targets SVN-Revision: 23143 --- diff --git a/package/firewall/files/lib/core_rule.sh b/package/firewall/files/lib/core_rule.sh index dbaf1102e96..a0de3ba8bb5 100644 --- a/package/firewall/files/lib/core_rule.sh +++ b/package/firewall/files/lib/core_rule.sh @@ -36,16 +36,15 @@ fw_load_rule() { local table=f local chain=input - if [ "$rule_target" == "NOTRACK" ]; then + local target="${rule_target:-REJECT}" + if [ "$target" == "NOTRACK" ]; then table=r chain="zone_${rule_src}_notrack" - elif [ -n "$rule_src" ]; then - chain="zone_${rule_src}${rule_dest:+_forward}" + else + [ -n "$rule_src" ] && chain="zone_${rule_src}${rule_dest:+_forward}" + [ -n "$rule_dest" ] && target="zone_${rule_dest}_${target}" fi - local target="${rule_target:-REJECT}" - [ -n "$dest" ] && target="zone_${rule_dest}_${target}" - local mode fw_get_family_mode mode ${rule_family:-x} $rule_src I