From: Jo-Philipp Wich Date: Thu, 30 Jun 2011 01:36:09 +0000 (+0000) Subject: firewall: restore local port relocation ability from r26617 X-Git-Tag: reboot~16464 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=8f0fb81dfeff3b05f097905064172f7d8f2c9ed6;p=openwrt%2Fstaging%2Fxback.git firewall: restore local port relocation ability from r26617 SVN-Revision: 27318 --- diff --git a/package/firewall/files/lib/core_redirect.sh b/package/firewall/files/lib/core_redirect.sh index f511d2915e..0b8030d96a 100644 --- a/package/firewall/files/lib/core_redirect.sh +++ b/package/firewall/files/lib/core_redirect.sh @@ -34,7 +34,7 @@ fw_load_redirect() { return 0 } - fwdchain="zone_${redirect_src}_forward" + fwdchain="zone_${redirect_src}${redirect_dest_ip:+_forward}" natopt="--to-destination" natchain="zone_${redirect_src}_prerouting" @@ -104,10 +104,10 @@ fw_load_redirect() { $redirect_options \ } - [ -n "$destaddr" ] && \ fw add $mode f ${fwdchain:-forward} ACCEPT + \ { $redirect_src_ip $redirect_dest_ip } { \ - $srcaddr $destaddr $redirect_proto \ + $srcaddr ${destaddr:--m conntrack --ctstate DNAT} \ + $redirect_proto \ $srcports $destports \ $redirect_src_mac \ $redirect_extra \