projects
/
project
/
firewall3.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Decouple handle destroying from committing, add fw3_ipt_close() instead
[project/firewall3.git]
/
rules.c
diff --git
a/rules.c
b/rules.c
index
0f4e925
..
b6c3d75
100644
(file)
--- a/
rules.c
+++ b/
rules.c
@@
-245,7
+245,13
@@
append_chain(struct fw3_ipt_rule *r, struct fw3_rule *rule)
}
if (rule->dest.set && !rule->src.set)
}
if (rule->dest.set && !rule->src.set)
- snprintf(chain, sizeof(chain), "zone_%s_output", rule->dest.name);
+ {
+ if (rule->dest.any)
+ snprintf(chain, sizeof(chain), "delegate_output");
+ else
+ snprintf(chain, sizeof(chain), "zone_%s_output",
+ rule->dest.name);
+ }
}
fw3_ipt_rule_append(r, chain);
}
fw3_ipt_rule_append(r, chain);
@@
-308,7
+314,9
@@
print_rule(struct fw3_ipt_handle *handle, struct fw3_state *state,
if (!fw3_is_family(sip, handle->family) ||
!fw3_is_family(dip, handle->family))
{
if (!fw3_is_family(sip, handle->family) ||
!fw3_is_family(dip, handle->family))
{
- info(" ! Skipping due to different family of ip address");
+ if ((sip && !sip->resolved) || (dip && !dip->resolved))
+ info(" ! Skipping due to different family of ip address");
+
return;
}
return;
}