From 4127e73b845b0bb7f656bea1d887a32cee0f2388 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Mon, 9 Jul 2012 12:23:36 +0000 Subject: firewall: also set up nat reflection rules for redirects with proto all and/or no src_dport set SVN-Revision: 32652 --- package/firewall/Makefile | 2 +- package/firewall/files/reflection.hotplug | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'package/firewall') diff --git a/package/firewall/Makefile b/package/firewall/Makefile index 0cfc9c6..05f42a6 100644 --- a/package/firewall/Makefile +++ b/package/firewall/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=firewall PKG_VERSION:=2 -PKG_RELEASE:=52 +PKG_RELEASE:=53 include $(INCLUDE_DIR)/package.mk diff --git a/package/firewall/files/reflection.hotplug b/package/firewall/files/reflection.hotplug index 2da0be9..843c615 100644 --- a/package/firewall/files/reflection.hotplug +++ b/package/firewall/files/reflection.hotplug @@ -69,7 +69,7 @@ if [ "$ACTION" = "add" ] && [ "$INTERFACE" = "wan" ]; then config_get proto "$cfg" proto local epmin epmax extport - config_get extport "$cfg" src_dport + config_get extport "$cfg" src_dport "1-65535" [ -n "$extport" ] || return epmin="${extport%[-:]*}"; epmax="${extport#*[-:]}" @@ -88,6 +88,7 @@ if [ "$ACTION" = "add" ] && [ "$INTERFACE" = "wan" ]; then config_get inthost "$cfg" dest_ip [ -n "$inthost" ] || return + [ "$proto" = all ] && proto="tcp udp" [ "$proto" = tcpudp ] && proto="tcp udp" [ "${inthost#!}" = "$inthost" ] || return 0 -- cgit v1.1