diff options
author | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2010-05-19 21:35:23 +0000 |
---|---|---|
committer | jow <jow@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2010-05-19 21:35:23 +0000 |
commit | 24931686cd4b89f6a038d3820218578db8ba92ee (patch) | |
tree | 3737e742d161802a733eab5124b42e1925b77d22 /package/firewall/files/lib/core_rule.sh | |
parent | 7c18581ea6a95d35b6581c58a632098e1e05364e (diff) |
[package] firewall:
- fix ip6tables rules when icmp_type option is set
- add "family" option to zones, forwardings, redirects and rules to selectively apply rules to iptables and/or ip6tables
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21508 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/firewall/files/lib/core_rule.sh')
-rw-r--r-- | package/firewall/files/lib/core_rule.sh | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/package/firewall/files/lib/core_rule.sh b/package/firewall/files/lib/core_rule.sh index e6a276e5f..1dc3f1cde 100644 --- a/package/firewall/files/lib/core_rule.sh +++ b/package/firewall/files/lib/core_rule.sh @@ -16,6 +16,7 @@ fw_config_get_rule() { string icmp_type "" \ string proto "tcpudp" \ string target "" \ + string family "" \ } || return [ -n "$rule_name" ] || rule_name=$rule__name [ "$rule_proto" == "icmp" ] || rule_icmp_type= @@ -49,9 +50,11 @@ fw_load_rule() { local rule_pos eval 'rule_pos=$((++FW__RULE_COUNT_'$chain'))' + local mode=$(fw_get_family_mode ${rule_family:-x} $rule_src I) + [ "$rule_proto" == "tcpudp" ] && rule_proto="tcp udp" for rule_proto in $rule_proto; do - fw add I f $chain $target $rule_pos { $rule_src_ip $rule_dest_ip } { \ + fw add $mode f $chain $target $rule_pos { $rule_src_ip $rule_dest_ip } { \ ${rule_proto:+-p $rule_proto} \ ${rule_src_ip:+-s $rule_src_ip} \ ${rule_src_port:+--sport $rule_src_port} \ |