Commit 563a3fc1 authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

support for bypassing connection tracking for inbound packets

parent 2567a46b
--[[
Connection tracking bypass module for Alpine Wall
Copyright (C) 2012 Kaarle Ritvanen
Licensed under the terms of GPL2
]]--
module(..., package.seeall)
require 'awall.model'
require 'awall.util'
local model = awall.model
local NoTrackRule = model.class(model.Rule)
function NoTrackRule:init(context)
model.Rule.init(self, context)
for i, dir in ipairs({'in', 'out'}) do
if awall.util.contains(self[dir], model.fwzone) then
error('Connection tracking bypass rules not allowed for firewall zone')
end
end
end
function NoTrackRule:defaultzones() return {nil} end
function NoTrackRule:checkzoneoptfrag(ofrag)
if ofrag.out then
error('Cannot specify outbound interface for connection tracking bypass rule')
end
end
function NoTrackRule:table() return 'raw' end
function NoTrackRule:chain() return 'PREROUTING' end
function NoTrackRule:target()
if self.action then return model.Rule.target(self) end
return 'NOTRACK'
end
classes = {{'notrack', NoTrackRule}}
defrules = {}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment