From a0a6f094479b333283598d4acc8b08287497d1b6 Mon Sep 17 00:00:00 2001 From: Dirk Brenken Date: Fri, 23 Apr 2021 15:03:53 +0200 Subject: [PATCH] banip: fix housekeeping * fix whitelist housekeeping if you switch between normal- and 'whitelist only' mode Signed-off-by: Dirk Brenken (cherry picked from commit 7cfb0f4657dea6a7844df28268e7e8af6eb00db4) --- net/banip/Makefile | 2 +- net/banip/files/banip.sh | 14 ++++++-------- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/net/banip/Makefile b/net/banip/Makefile index b7fc044c89..4ae1b23395 100644 --- a/net/banip/Makefile +++ b/net/banip/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=banip PKG_VERSION:=0.7.7 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/banip/files/banip.sh b/net/banip/files/banip.sh index ed808529db..816f2c3487 100755 --- a/net/banip/files/banip.sh +++ b/net/banip/files/banip.sh @@ -548,14 +548,12 @@ f_iptables() f_iptrule "-D" "${ban_chain}" "-o ${dev} -m set --match-set ${src_name} src -j RETURN" elif [ "${src_name%_*}" = "whitelist" ] then - if [ "${ban_whitelistonly}" = "1" ] - then - f_iptrule "-D" "${ban_chain}" "-i ${dev} -m set ! --match-set ${src_name} src -j ${ban_logtarget_src}" - f_iptrule "-D" "${ban_chain}" "-o ${dev} -m set ! --match-set ${src_name} dst -j ${ban_logtarget_dst}" - else - f_iptrule "-D" "${ban_chain}" "-i ${dev} -m set --match-set ${src_name} src -j RETURN" - f_iptrule "-D" "${ban_chain}" "-o ${dev} -m set --match-set ${src_name} dst -j RETURN" - fi + f_iptrule "-D" "${ban_chain}" "-i ${dev} -m set ! --match-set ${src_name} src -j ${ban_logtarget_src}" + f_iptrule "-D" "${ban_chain}" "-o ${dev} -m set ! --match-set ${src_name} dst -j ${ban_logtarget_dst}" + f_iptrule "-D" "${ban_chain}" "-i ${dev} -m set ! --match-set ${src_name} src -j ${ban_logchain_src}" + f_iptrule "-D" "${ban_chain}" "-o ${dev} -m set ! --match-set ${src_name} dst -j ${ban_logchain_dst}" + f_iptrule "-D" "${ban_chain}" "-i ${dev} -m set --match-set ${src_name} src -j RETURN" + f_iptrule "-D" "${ban_chain}" "-o ${dev} -m set --match-set ${src_name} dst -j RETURN" else f_iptrule "-D" "${ban_chain}" "-i ${dev} -m set --match-set ${src_name} src -j ${ban_logtarget_src}" f_iptrule "-D" "${ban_chain}" "-o ${dev} -m set --match-set ${src_name} dst -j ${ban_logtarget_dst}" -- 2.30.2