Fix some issues with conntracking rules

master
bbruns 2014-04-13 16:30:22 +00:00
parent d7a8c0bd92
commit 13f378819c
1 changed files with 0 additions and 3 deletions

View File

@ -420,10 +420,7 @@ function enable_forwarding {
[[ ${state} == "-" ]] && state="" [[ ${state} == "-" ]] && state=""
[[ ${protocol} == "-" ]] && protocol="" [[ ${protocol} == "-" ]] && protocol=""
[[ ${bidirectional} == "-" ]] && bidirectional="no" [[ ${bidirectional} == "-" ]] && bidirectional="no"
[[ ${action} == "DROP" ]] && conntrack_state=""
${VER_IPTABLES} -A ${FwdFilter} ${protocol} ${srcinterface} ${srcaddress} ${srcport} ${syn} ${dstinterface} ${dstaddress} ${dstport} ${conntrack_state} -j ${action} ${VER_IPTABLES} -A ${FwdFilter} ${protocol} ${srcinterface} ${srcaddress} ${srcport} ${syn} ${dstinterface} ${dstaddress} ${dstport} ${conntrack_state} -j ${action}
[[ ${bidirectional} == "yes" ]] && ${VER_IPTABLES} -A ${FwdFilter} ${protocol} ${revsrcinterface} ${revsrcaddress} ${revsrcport} ${syn} ${revdstinterface} ${revdstaddress} ${revdstport} ${conntrack_state} -j ${action} [[ ${bidirectional} == "yes" ]] && ${VER_IPTABLES} -A ${FwdFilter} ${protocol} ${revsrcinterface} ${revsrcaddress} ${revsrcport} ${syn} ${revdstinterface} ${revdstaddress} ${revdstport} ${conntrack_state} -j ${action}
done < "${FWCONFIGDIR}/ipv${IPVER}/forward.conf" done < "${FWCONFIGDIR}/ipv${IPVER}/forward.conf"