firewall: allow redirecting only destination port (#7197)

SVN-Revision: 22227
This commit is contained in:
Jo-Philipp Wich 2010-07-16 06:03:15 +00:00
parent 9c3244a884
commit e62a9791ee
2 changed files with 4 additions and 3 deletions

View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=firewall
PKG_VERSION:=2
PKG_RELEASE:=7
PKG_RELEASE:=8
include $(INCLUDE_DIR)/package.mk

View file

@ -26,8 +26,8 @@ fw_load_redirect() {
fw_callback pre redirect
[ -n "$redirect_src" -a -n "$redirect_dest_ip" ] || {
fw_die "redirect ${redirect_name}: needs src and dest_ip"
[ -n "$redirect_src" -a -n "$redirect_dest_ip$redirect_dest_port" ] || {
fw_die "redirect ${redirect_name}: needs src and dest_ip or dest_port"
}
list_contains FW_CONNTRACK_ZONES $redirect_src || \
@ -53,6 +53,7 @@ fw_load_redirect() {
--to-destination ${redirect_dest_ip}${redirect_dest_port:+:$nat_dest_port} \
}
[ -n "$redirect_dest_ip" ] && \
fw add $mode f zone_${redirect_src}_forward ACCEPT ^ { $redirect_src_ip $redirect_dest_ip } { \
-d $redirect_dest_ip \
${redirect_proto:+-p $redirect_proto} \