qi-hardware/openwrt-xburst
1
0
Fork 0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2025-04-21 12:27:27 +03:00
Code Activity

[package] fireall:

Browse Source 
- support negations for src_ip, dest_ip, src_dip options in rules and redirects
	- add NOTRACK target to rule sections, allows to define fine grained notrack rules


git-svn-id: svn://svn.openwrt.org/openwrt/trunk@23141 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
jow
2010-09-28 10:42:56 +00:00
parent 9ddf78a6b3
commit 1efeaa35d1
5 changed files with 42 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
package/firewall/files/lib/core_init.sh
View File

@@ -245,9 +245,9 @@ fw_load_zone() {
if [ "$zone_masq" == 1 ]; then
local msrc mdst
for msrc in ${zone_masq_src:-0.0.0.0/0}; do
[ "${msrc#!}" != "$msrc" ] && msrc="! -s ${msrc#!}" || msrc="-s $msrc"
fw_get_negation msrc '-s' "$msrc"
for mdst in ${zone_masq_dest:-0.0.0.0/0}; do
[ "${mdst#!}" != "$mdst" ] && mdst="! -d ${mdst#!}" || mdst="-d $mdst"
fw_get_negation mdst '-d' "$mdst"
fw add $mode n ${chain}_nat MASQUERADE $ { $msrc $mdst }
done
done