fw4: fix enabling NAT reflection rules for DNATs without explicit family

Ref: https://forum.openwrt.org/t/x/119218
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/root/usr/share/ucode/fw4.uc b/root/usr/share/ucode/fw4.uc
index 842dde232de6eac15185142de6250acf932e07ea..175883f85b254910dd409b03902afcd56a507411 100644 (file)
--- a/root/usr/share/ucode/fw4.uc
+++ b/root/usr/share/ucode/fw4.uc
@@ -2572,10 +2572,7 @@ return {
                                }
 
                                /* build reflection rules */
-                               if (redir.reflection && (length(rip[0]) || length(rip[1])) &&
-                                   redir.src && redir.src.zone && redir.src.zone[family == 4 ? "masq" : "masq6"] &&
-                                   redir.dest && redir.dest.zone) {
-
+                               if (redir.reflection && (length(rip[0]) || length(rip[1])) && redir.src?.zone && redir.dest?.zone) {
                                        let refredir = {
                                                name: redir.name + " (reflection)",
 
@@ -2611,7 +2608,7 @@ return {
                                                let refaddrs = (redir.reflection_src == "internal") ? iaddrs : eaddrs;
 
                                                for (let i = 0; i <= 1; i++) {
-                                                       if (length(rip[i])) {
+                                                       if (redir.src.zone[i ? "masq6" : "masq"] && length(rip[i])) {
                                                                let snat_addr = refaddrs[i]?.[0];
 
                                                                /* For internal reflection sources try to find a suitable candiate IP