Commit ff5d7618 authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

distinguish local-destined packets before routing decision

parent fe3ce1d7
......@@ -2,7 +2,7 @@
--[[
Alpine Wall
Copyright (C) 2012-2013 Kaarle Ritvanen
Copyright (C) 2012-2014 Kaarle Ritvanen
See LICENSE file for license details
]]--
......@@ -14,7 +14,7 @@ require 'stringy'
function help()
io.stderr:write([[
Alpine Wall
Copyright (C) 2012-2013 Kaarle Ritvanen
Copyright (C) 2012-2014 Kaarle Ritvanen
This is free software with ABSOLUTELY NO WARRANTY,
available under the terms of the GNU General Public License, version 2
......
......@@ -470,22 +470,26 @@ function Rule:trules()
table.insert(res, ofrag)
else
local chains
if ofrag.chain == 'PREROUTING' then chains = {'FORWARD', 'INPUT'}
local ofs, recursive
if ofrag.chain == 'PREROUTING' then
ofs = {{chain='FORWARD'}, {chain='INPUT'}}
elseif ofrag.chain == 'POSTROUTING' then
chains = {'FORWARD', 'OUTPUT'}
elseif util.contains({'INPUT', 'FORWARD'}, ofrag.chain) then
chains = {'PREROUTING'}
ofs = {{chain='FORWARD'}, {chain='OUTPUT'}}
recursive = true
elseif ofrag.chain == 'INPUT' then
ofs = {{opts='-m addrtype --dst-type LOCAL', chain='PREROUTING'}}
elseif ofrag.chain == 'FORWARD' then
ofs = {
{opts='-m addrtype ! --dst-type LOCAL', chain='PREROUTING'}
}
end
if chains then
if ofs then
ofrag.chain = nil
util.extend(res,
convertchains(combinations({ofrag},
util.map(chains,
function(c)
return {chain=c}
end))))
ofs = combinations(ofs, {ofrag})
if recursive then ofs = convertchains(ofs) end
util.extend(res, ofs)
else table.insert(res, ofrag) end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment