Make nat reflection src address configurable by introducing a reflection_src paramete...

[project/firewall3.git] / forwards.c

diff --git a/forwards.c b/forwards.c
index e01f126..81e734e 100644 (file)
--- a/forwards.c
+++ b/forwards.c
@@ -20,6 +20,8 @@
 
 
 const struct fw3_option fw3_forward_opts[] = {
+       FW3_OPT("enabled",             bool,     forward,     enabled),
+
        FW3_OPT("name",                string,   forward,     name),
        FW3_OPT("family",              family,   forward,     family),
 
@@ -53,8 +55,16 @@ fw3_load_forwards(struct fw3_state *state, struct uci_package *p)
 
                memset(forward, 0, sizeof(*forward));
 
+               forward->enabled = true;
+
                fw3_parse_options(forward, fw3_forward_opts, s);
 
+               if (!forward->enabled)
+               {
+                       fw3_free_forward(forward);
+                       continue;
+               }
+
                if (forward->src.invert || forward->dest.invert)
                {
                        warn_elem(e, "must not have inverted 'src' or 'dest' options");
@@ -76,9 +86,11 @@ fw3_load_forwards(struct fw3_state *state, struct uci_package *p)
                        continue;
                }
 
+               /* NB: forward family... */
                if (forward->_dest)
                {
-                       setbit(forward->_dest->dst_flags, FW3_TARGET_ACCEPT);
+                       setbit(forward->_dest->flags[0], FW3_FLAG_ACCEPT);
+                       setbit(forward->_dest->flags[1], FW3_FLAG_ACCEPT);
 
                        if (forward->_src &&
                            (forward->_src->conntrack || forward->_dest->conntrack))