fw4: fix another instance of invalid rule jump targets

Ensure that action-less rules don't jump anywhere, we still emitted an invalid jump for destination (outbound) rules. Ref: https://github.com/openwrt/firewall4/issues/5#issuecomment-1673574359 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
author: Jo-Philipp Wich 2023-08-11 00:11:15 +0000
committer: Jo-Philipp Wich 2023-08-11 00:11:15 +0000
commit: 20da9933fd7e3d9b03ffe0ed6eeef0137b5cef0f (patch)
tree: 3df768d140686dc67cb5ae96f37a612640269432
parent: 840ccdeeabce16e9f1f53390d870992ad372b967 (diff)
download: firewall4-20da9933fd7e3d9b03ffe0ed6eeef0137b5cef0f.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/root/usr/share/ucode/fw4.uc b/root/usr/share/ucode/fw4.uc
index cba7b02..e0748cc 100644
--- a/root/usr/share/ucode/fw4.uc
+++ b/root/usr/share/ucode/fw4.uc
@@ -2380,7 +2380,7 @@ return {
 			}
 		}
 
-		let need_src_action_chain = (rule) => (rule.src?.zone?.log && rule.target && rule.target != "accept");
+		let need_src_action_chain = (rule) => (rule.src?.zone?.log && rule.target != "accept");
 
 		let add_rule = (family, proto, saddrs, daddrs, sports, dports, icmptypes, icmpcodes, ipset, rule) => {
 			let r = {
@@ -2478,11 +2478,11 @@ return {
 						r.chain = "output";
 				}
 
-				if (r.dest && !r.dest.any) {
+				if (r.target && r.dest && !r.dest.any) {
 					r.jump_chain = `${r.target}_to_${r.dest.zone.name}`;
 					r.dest.zone.dflags[r.target] = true;
 				}
-				else if (need_src_action_chain(r)) {
+				else if (r.target && need_src_action_chain(r)) {
 					r.jump_chain = `${r.target}_from_${r.src.zone.name}`;
 					r.src.zone.sflags[r.target] = true;
 				}
author	Jo-Philipp Wich	2023-08-11 00:11:15 +0000
committer	Jo-Philipp Wich	2023-08-11 00:11:15 +0000
commit	20da9933fd7e3d9b03ffe0ed6eeef0137b5cef0f (patch)
tree	3df768d140686dc67cb5ae96f37a612640269432
parent	840ccdeeabce16e9f1f53390d870992ad372b967 (diff)
download	firewall4-20da9933fd7e3d9b03ffe0ed6eeef0137b5cef0f.tar.gz