only emit zone flush commands if the zone is active for the current family
authorJo-Philipp Wich <jow@openwrt.org>
Wed, 20 Feb 2013 10:50:02 +0000 (11:50 +0100)
committerJo-Philipp Wich <jow@openwrt.org>
Wed, 20 Feb 2013 15:35:29 +0000 (16:35 +0100)
zones.c

diff --git a/zones.c b/zones.c
index edd875ad8b1ee7f5131524f304f282bd9728eb0c..9595c37a2f44fe3f630d821719515a7b12761c0f 100644 (file)
--- a/zones.c
+++ b/zones.c
@@ -224,6 +224,8 @@ print_zone_chain(enum fw3_table table, enum fw3_family family,
        if (!fw3_is_family(zone, family))
                return;
 
+       setbit(zone->dst_flags, family);
+
        if (!zone->conntrack && !disable_notrack)
                setbit(zone->dst_flags, FW3_TARGET_NOTRACK);
 
@@ -464,6 +466,9 @@ fw3_flush_zones(enum fw3_table table, enum fw3_family family,
                if (e->type != FW3_TYPE_ZONE)
                        continue;
 
+               if (!hasbit(e->flags[1], family))
+                       continue;
+
                print_chains(table, family, pass2 ? "-X %s\n" : "-F %s\n",
                             e->name, e->flags[0], src_chains, ARRAY_SIZE(src_chains));