diff options
| author | Jo-Philipp Wich | 2022-04-13 14:18:44 +0000 |
|---|---|---|
| committer | Jo-Philipp Wich | 2022-04-13 14:18:44 +0000 |
| commit | 425ea8a736ac81948bad7e201f4817848cb1813c (patch) | |
| tree | 02384ad10fcb78f6b769090666c732e0e743fda6 | |
| parent | a3788839d61742799b6c62f2d8790c464b7374fc (diff) | |
| download | firewall4-425ea8a736ac81948bad7e201f4817848cb1813c.tar.gz | |
fw4: fix applying zone flags for source bound rules
The rule parsing code failed to properly set the source zone flags for
rules requiring `${verdict}_from_${zone}` chains, causing those chains
to be missing, leading to errors when applying the ruleset.
Fix this issue by applying the flag to the correct property (source-
instead of destination flags).
Ref: https://github.com/openwrt/openwrt/issues/9686
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
| -rw-r--r-- | root/usr/share/ucode/fw4.uc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/root/usr/share/ucode/fw4.uc b/root/usr/share/ucode/fw4.uc index 0659af6..b81f9ad 100644 --- a/root/usr/share/ucode/fw4.uc +++ b/root/usr/share/ucode/fw4.uc @@ -2355,7 +2355,7 @@ return { } else if (need_src_action_chain(r)) { r.jump_chain = sprintf("%s_from_%s", r.target, r.src.zone.name); - r.src.zone.dflags[r.target] = true; + r.src.zone.sflags[r.target] = true; } else if (r.target == "reject") r.jump_chain = "handle_reject"; |