projects / openwrt / staging / mkresin.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 82e6242) | patch
firewall: optimize DNAT rules and skip invalid rules and redirects (#14485)
authorJo-Philipp Wich <jow@openwrt.org>
Mon, 18 Nov 2013 11:59:27 +0000 (11:59 +0000)
committerJo-Philipp Wich <jow@openwrt.org>
Mon, 18 Nov 2013 11:59:27 +0000 (11:59 +0000)
commitbc9043cc531a7fbb67a68ee0fd6d57e28b395edc
treeeb695c9d3c1805402df7d3d826535df29d502562tree | snapshot
parent82e624279818643f58b92a88277f6a9eb1fd7ed0commit | diff
firewall: optimize DNAT rules and skip invalid rules and redirects (#14485)

- instead of writing one (or more) ACCEPT rules in the filter table
  for each redirect install a global ctstate DNAT accept rule per zone

- discard rules and redirects which have invalid options set instead
  of silently skipping the invalid values

SVN-Revision: 38849
package/network/config/firewall/Makefile diff | blob | history
Staging tree of Mathias Kresin