Re: [Shorewall-devel] Shorewall 4.5.13 Beta 3

Sun, 03 Feb 2013 07:54:30 -0800 

On 02/03/2013 07:24 AM, Tom Eastep wrote:
> On 02/02/2013 05:59 PM, Mr Dash Four wrote:

>>>> 3. UNTRACKED_DISPOSITION (this is listed as NOTRACK_DISPOSITION
>>>> in the announcement above, though "shorewall update" converts it
>>>> and treats it as UNTRACKED_DISPOSITION): CONTINUE works, ACCEPT
>>>> and A_ACCEPT are ignored completely for whatever reason (I
>>>> expected -j ACCEPT/A_ACCEPT), A_DROP is accepted and works (this
>>>> wasn't in the announcement) and A_REJECT is accepted (no syntax
>>>> error is given), but ultimately no iptables rule is produced.
>>>
>>> The attached patch should correct that problem as well.
>>
>> ACCEPT is still ignored, A_ACCEPT is, this time, correctly handled
>> and so are the rest of the built-in actions (you need to amend you
>> original announcement to include A_REJECT).

Patch attached.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 1daa6a7..89de8af 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -961,13 +961,17 @@ sub finish_chain_section ($$$) {
 	}
     }
 
-    if ( keys %state && ! $config{FASTACCEPT} ) {
+    if ( keys %state ) {
 	my @state;
 
-	for ( qw/ESTABLISHED RELATED/ ) {
-	    push @state, $_ if $state{$_};
+	unless ( $config{FASTACCEPT} ) {
+	    for ( qw/ESTABLISHED RELATED/ ) {
+		push @state, $_ if $state{$_};
+	    }
 	}
 
+	push @state, 'UNTRACKED' if $state{UNTRACKED};
+
 	add_ijump( $chain1ref, j => 'ACCEPT', state_imatch join(',', @state ) ) if @state;
     }

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_jan
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel

Reply via email to