diff options
| author | Jo-Philipp Wich <jow@openwrt.org> | 2010-05-19 21:35:23 +0000 |
|---|---|---|
| committer | Jo-Philipp Wich <jow@openwrt.org> | 2010-05-19 21:35:23 +0000 |
| commit | 40ad9defcc545c2925f6c37d17a64707f17f5b78 (patch) | |
| tree | 30dfbe4ad35e8594aab3ca73b13609df025bf80e /package/firewall/files/lib/core_rule.sh | |
| parent | 359f611957e3dbb75dd1a27a7ceaed76ee435f3a (diff) | |
| download | mtk-20170518-40ad9defcc545c2925f6c37d17a64707f17f5b78.zip mtk-20170518-40ad9defcc545c2925f6c37d17a64707f17f5b78.tar.gz mtk-20170518-40ad9defcc545c2925f6c37d17a64707f17f5b78.tar.bz2 | |
firewall: - fix ip6tables rules when icmp_type option is set - add "family" option to zones, forwardings, redirects and rules to selectively apply rules to iptables and/or ip6tables
SVN-Revision: 21508
Diffstat (limited to 'package/firewall/files/lib/core_rule.sh')
| -rw-r--r-- | package/firewall/files/lib/core_rule.sh | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/package/firewall/files/lib/core_rule.sh b/package/firewall/files/lib/core_rule.sh index e6a276e..1dc3f1c 100644 --- a/package/firewall/files/lib/core_rule.sh +++ b/package/firewall/files/lib/core_rule.sh @@ -16,6 +16,7 @@ fw_config_get_rule() { string icmp_type "" \ string proto "tcpudp" \ string target "" \ + string family "" \ } || return [ -n "$rule_name" ] || rule_name=$rule__name [ "$rule_proto" == "icmp" ] || rule_icmp_type= @@ -49,9 +50,11 @@ fw_load_rule() { local rule_pos eval 'rule_pos=$((++FW__RULE_COUNT_'$chain'))' + local mode=$(fw_get_family_mode ${rule_family:-x} $rule_src I) + [ "$rule_proto" == "tcpudp" ] && rule_proto="tcp udp" for rule_proto in $rule_proto; do - fw add I f $chain $target $rule_pos { $rule_src_ip $rule_dest_ip } { \ + fw add $mode f $chain $target $rule_pos { $rule_src_ip $rule_dest_ip } { \ ${rule_proto:+-p $rule_proto} \ ${rule_src_ip:+-s $rule_src_ip} \ ${rule_src_port:+--sport $rule_src_port} \ |