firewall: allow redirecting only destination port (#7197)
SVN-Revision: 22227
This commit is contained in:
parent
9c3244a884
commit
e62a9791ee
2 changed files with 4 additions and 3 deletions
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
|||
PKG_NAME:=firewall
|
||||
|
||||
PKG_VERSION:=2
|
||||
PKG_RELEASE:=7
|
||||
PKG_RELEASE:=8
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
|
|
|
@ -26,8 +26,8 @@ fw_load_redirect() {
|
|||
|
||||
fw_callback pre redirect
|
||||
|
||||
[ -n "$redirect_src" -a -n "$redirect_dest_ip" ] || {
|
||||
fw_die "redirect ${redirect_name}: needs src and dest_ip"
|
||||
[ -n "$redirect_src" -a -n "$redirect_dest_ip$redirect_dest_port" ] || {
|
||||
fw_die "redirect ${redirect_name}: needs src and dest_ip or dest_port"
|
||||
}
|
||||
|
||||
list_contains FW_CONNTRACK_ZONES $redirect_src || \
|
||||
|
@ -53,6 +53,7 @@ fw_load_redirect() {
|
|||
--to-destination ${redirect_dest_ip}${redirect_dest_port:+:$nat_dest_port} \
|
||||
}
|
||||
|
||||
[ -n "$redirect_dest_ip" ] && \
|
||||
fw add $mode f zone_${redirect_src}_forward ACCEPT ^ { $redirect_src_ip $redirect_dest_ip } { \
|
||||
-d $redirect_dest_ip \
|
||||
${redirect_proto:+-p $redirect_proto} \
|
||||
|
|
Loading…
Reference in a new issue