From: Jo-Philipp Wich Date: Mon, 18 Nov 2013 11:59:27 +0000 (+0000) Subject: firewall: optimize DNAT rules and skip invalid rules and redirects (#14485) X-Git-Tag: reboot~8590 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=bc9043cc531a7fbb67a68ee0fd6d57e28b395edc;p=openwrt%2Fstaging%2Fnoltari.git firewall: optimize DNAT rules and skip invalid rules and redirects (#14485) - instead of writing one (or more) ACCEPT rules in the filter table for each redirect install a global ctstate DNAT accept rule per zone - discard rules and redirects which have invalid options set instead of silently skipping the invalid values SVN-Revision: 38849 --- diff --git a/package/network/config/firewall/Makefile b/package/network/config/firewall/Makefile index ac4d16a388..cde3aa8ebc 100644 --- a/package/network/config/firewall/Makefile +++ b/package/network/config/firewall/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=firewall -PKG_VERSION:=2013-10-23 +PKG_VERSION:=2013-11-18 PKG_RELEASE:=$(PKG_SOURCE_VERSION) PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=git://nbd.name/firewall3.git PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE_VERSION:=c25922c05ae594c4c35fa65f27fd21c3a033f4ec +PKG_SOURCE_VERSION:=fa3386a7054aa9541decd68c8cf8de1e0d6f8832 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz PKG_MAINTAINER:=Jo-Philipp Wich