From b549817fdacb79601970feb33bae530f184db752 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Mon, 18 Mar 2013 15:55:11 +0100
Subject: [PATCH] Do not accept option src_mac for SNAT rules

---
 redirects.c | 6 +++++-
 zones.c     | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/redirects.c b/redirects.c
index 3e6902d..43ef65b 100644
--- a/redirects.c
+++ b/redirects.c
@@ -114,7 +114,7 @@ fw3_load_redirects(struct fw3_state *state, struct uci_package *p)
 	struct uci_element *e;
 	struct fw3_redirect *redir;
 
-	bool valid = false;
+	bool valid;
 
 	INIT_LIST_HEAD(&state->redirects);
 
@@ -138,6 +138,8 @@ fw3_load_redirects(struct fw3_state *state, struct uci_package *p)
 		redir->enabled = true;
 		redir->reflection = true;
 
+		valid = false;
+
 		fw3_parse_options(redir, fw3_redirect_opts, s);
 
 		if (!redir->enabled)
@@ -225,6 +227,8 @@ fw3_load_redirects(struct fw3_state *state, struct uci_package *p)
 				warn_elem(e, "has no destination specified");
 			else if (!redir->ip_dest.set)
 				warn_elem(e, "has no src_dip option specified");
+			else if (!list_empty(&redir->mac_src))
+				warn_elem(e, "must not use 'src_mac' option for SNAT target");
 			else
 			{
 				set(redir->_dest->flags, FW3_FAMILY_V4, redir->target);
diff --git a/zones.c b/zones.c
index 2a230c5..a2ace47 100644
--- a/zones.c
+++ b/zones.c
@@ -499,7 +499,7 @@ fw3_print_zone_rules(struct fw3_state *state, enum fw3_family family,
 
 void
 fw3_flush_zones(struct fw3_state *state, enum fw3_family family,
-				enum fw3_table table, bool reload, bool pass2)
+                enum fw3_table table, bool reload, bool pass2)
 {
 	struct fw3_zone *z, *tmp;
 	uint32_t custom_mask = ~0;
-- 
2.11.0