projects
/
openwrt
/
staging
/
florian.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
e7c9479
)
trigger error if dport is used when no proto is defined
author
John Crispin
<john@openwrt.org>
Fri, 15 Aug 2008 20:18:13 +0000
(20:18 +0000)
committer
John Crispin
<john@openwrt.org>
Fri, 15 Aug 2008 20:18:13 +0000
(20:18 +0000)
SVN-Revision: 12317
package/firewall/files/uci_firewall.sh
patch
|
blob
|
history
diff --git
a/package/firewall/files/uci_firewall.sh
b/package/firewall/files/uci_firewall.sh
index e1683e9cf0bf25c1bcae68d80b2951966c6264d0..27e9dd71d6b5c2f979068c3459c71c19ca2bdb3e 100755
(executable)
--- a/
package/firewall/files/uci_firewall.sh
+++ b/
package/firewall/files/uci_firewall.sh
@@
-178,6
+178,8
@@
fw_rule() {
[ -z "$target" ] && target=DROP
[ -n "$src" ] && ZONE=zone_$src || ZONE=INPUT
[ -n "$dest" ] && TARGET=zone_${dest}_$target || TARGET=$target
[ -z "$target" ] && target=DROP
[ -n "$src" ] && ZONE=zone_$src || ZONE=INPUT
[ -n "$dest" ] && TARGET=zone_${dest}_$target || TARGET=$target
+ [ -n "$dest_port" -a -z "$proto" ] && { \
+ echo "dport may only be used it proto is defined"; return; }
$IPTABLES -I $ZONE 1 \
${proto:+-p $proto} \
${src_ip:+-s $src_ip} \
$IPTABLES -I $ZONE 1 \
${proto:+-p $proto} \
${src_ip:+-s $src_ip} \
@@
-220,6
+222,8
@@
fw_redirect() {
config_get protocol $1 protocol
[ -z "$src" -o -z "$dest_ip" ] && { \
echo "redirect needs src and dest_ip"; return ; }
config_get protocol $1 protocol
[ -z "$src" -o -z "$dest_ip" ] && { \
echo "redirect needs src and dest_ip"; return ; }
+ [ -n "$dest_port" -a -z "$proto" ] && { \
+ echo "dport may only be used it proto is defined"; return; }
$IPTABLES -A zone_${src}_prerouting -t nat \
${protocol:+-p $protocol} \
${src_ip:+-s $srcdip} \
$IPTABLES -A zone_${src}_prerouting -t nat \
${protocol:+-p $protocol} \
${src_ip:+-s $srcdip} \