40 lines
1.4 KiB
Diff
40 lines
1.4 KiB
Diff
|
From 2210822a2450a7b9ed853593c3d88aca1c43c2fc Mon Sep 17 00:00:00 2001
|
||
|
|
From: Eric Garver <e@erig.me>
|
||
|
|
Date: Wed, 5 Dec 2018 16:29:49 -0500
|
||
|
|
Subject: [PATCH 048/127] fw_zone: fix IPv6 rich rule forward-port without
|
||
|
|
toaddr
|
||
|
|
|
||
|
|
Using a rich rule with family=ipv6 and no toaddr specified was silently
|
||
|
|
not applying any rules.
|
||
|
|
---
|
||
|
|
src/firewall/core/fw_zone.py | 11 ++---------
|
||
|
|
1 file changed, 2 insertions(+), 9 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/src/firewall/core/fw_zone.py b/src/firewall/core/fw_zone.py
|
||
|
|
index 816fa503..db90c32b 100644
|
||
|
|
--- a/src/firewall/core/fw_zone.py
|
||
|
|
+++ b/src/firewall/core/fw_zone.py
|
||
|
|
@@ -1702,17 +1702,10 @@ class FirewallZone(object):
|
||
|
|
for ipv in ipvs:
|
||
|
|
if backend.is_ipv_supported(ipv):
|
||
|
|
self.check_forward_port(ipv, port, protocol, toport, toaddr)
|
||
|
|
-
|
||
|
|
- if check_single_address("ipv6", toaddr):
|
||
|
|
- ipv = "ipv6"
|
||
|
|
- else:
|
||
|
|
- ipv = "ipv4"
|
||
|
|
-
|
||
|
|
- if not backend.is_ipv_supported(ipv):
|
||
|
|
- continue
|
||
|
|
+ if enable:
|
||
|
|
+ zone_transaction.add_post(enable_ip_forwarding, ipv)
|
||
|
|
|
||
|
|
if enable:
|
||
|
|
- zone_transaction.add_post(enable_ip_forwarding, ipv)
|
||
|
|
mark_id = self._fw.new_mark()
|
||
|
|
|
||
|
|
filter_chain = "INPUT" if not toaddr else "FORWARD_IN"
|
||
|
|
--
|
||
|
|
2.19.1
|
||
|
|
|