Changeset 21640


Ignore:
Timestamp:
2010-05-31T01:49:47+02:00 (8 years ago)
Author:
jow
Message:

[package] firewall: fix support for netranges in redirect and rule sections

Location:
trunk/package/firewall
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/package/firewall/Makefile

    r21508 r21640  
    1010 
    1111PKG_VERSION:=2 
    12 PKG_RELEASE:=4 
     12PKG_RELEASE:=5 
    1313 
    1414include $(INCLUDE_DIR)/package.mk 
  • trunk/package/firewall/files/lib/config.sh

    r21286 r21640  
    8888        local vers= 
    8989        case "$addr" in 
    90                 *.*) vers=4 ;; 
    91                 *:*) vers=6 ;; 
     90                *.*) vers=4; mask="${mask:-32}" ;; 
     91                *:*) vers=6; mask="${mask:-128}" ;; 
    9292        esac 
    9393         
  • trunk/package/firewall/files/lib/core_redirect.sh

    r21508 r21640  
    4343                fw add $mode n zone_${redirect_src}_prerouting DNAT $ { $redirect_src_ip $redirect_dest_ip } { \ 
    4444                        ${redirect_proto:+-p $redirect_proto} \ 
    45                         ${redirect_src_ip:+-s $redirect_src_ip} \ 
    46                         ${redirect_src_dip:+-d $redirect_src_dip} \ 
     45                        ${redirect_src_ip:+-s $redirect_src_ip/$redirect_src_ip_prefixlen} \ 
     46                        ${redirect_src_dip:+-d $redirect_src_dip/$redirect_src_dip_prefixlen} \ 
    4747                        ${redirect_src_port:+--sport $redirect_src_port} \ 
    4848                        ${redirect_src_dport:+--dport $redirect_src_dport} \ 
     
    5454                        -d $redirect_dest_ip \ 
    5555                        ${redirect_proto:+-p $redirect_proto} \ 
    56                         ${redirect_src_ip:+-s $redirect_src_ip} \ 
     56                        ${redirect_src_ip:+-s $redirect_src_ip/$redirect_src_ip_prefixlen} \ 
    5757                        ${redirect_src_port:+--sport $redirect_src_port} \ 
    5858                        ${fwd_dest_port:+--dport $fwd_dest_port} \ 
  • trunk/package/firewall/files/lib/core_rule.sh

    r21533 r21640  
    5757                fw add $mode f $chain $target $rule_pos { $rule_src_ip $rule_dest_ip } { \ 
    5858                        ${rule_proto:+-p $rule_proto} \ 
    59                         ${rule_src_ip:+-s $rule_src_ip} \ 
     59                        ${rule_src_ip:+-s $rule_src_ip/$rule_src_ip_prefixlen} \ 
    6060                        ${rule_src_port:+--sport $rule_src_port} \ 
    6161                        ${rule_src_mac:+-m mac --mac-source $rule_src_mac} \ 
    62                         ${rule_dest_ip:+-d $rule_dest_ip} \ 
     62                        ${rule_dest_ip:+-d $rule_dest_ip/$rule_dest_ip_prefixlen} \ 
    6363                        ${rule_dest_port:+--dport $rule_dest_port} \ 
    6464                        ${rule_icmp_type:+--icmp-type $rule_icmp_type} \ 
Note: See TracChangeset for help on using the changeset viewer.