Commit ff5d7618 authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

distinguish local-destined packets before routing decision

parent fe3ce1d7
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
--[[ --[[
Alpine Wall Alpine Wall
Copyright (C) 2012-2013 Kaarle Ritvanen Copyright (C) 2012-2014 Kaarle Ritvanen
See LICENSE file for license details See LICENSE file for license details
]]-- ]]--
...@@ -14,7 +14,7 @@ require 'stringy' ...@@ -14,7 +14,7 @@ require 'stringy'
function help() function help()
io.stderr:write([[ io.stderr:write([[
Alpine Wall Alpine Wall
Copyright (C) 2012-2013 Kaarle Ritvanen Copyright (C) 2012-2014 Kaarle Ritvanen
This is free software with ABSOLUTELY NO WARRANTY, This is free software with ABSOLUTELY NO WARRANTY,
available under the terms of the GNU General Public License, version 2 available under the terms of the GNU General Public License, version 2
......
...@@ -470,22 +470,26 @@ function Rule:trules() ...@@ -470,22 +470,26 @@ function Rule:trules()
table.insert(res, ofrag) table.insert(res, ofrag)
else else
local chains local ofs, recursive
if ofrag.chain == 'PREROUTING' then chains = {'FORWARD', 'INPUT'} if ofrag.chain == 'PREROUTING' then
ofs = {{chain='FORWARD'}, {chain='INPUT'}}
elseif ofrag.chain == 'POSTROUTING' then elseif ofrag.chain == 'POSTROUTING' then
chains = {'FORWARD', 'OUTPUT'} ofs = {{chain='FORWARD'}, {chain='OUTPUT'}}
elseif util.contains({'INPUT', 'FORWARD'}, ofrag.chain) then recursive = true
chains = {'PREROUTING'} elseif ofrag.chain == 'INPUT' then
ofs = {{opts='-m addrtype --dst-type LOCAL', chain='PREROUTING'}}
elseif ofrag.chain == 'FORWARD' then
ofs = {
{opts='-m addrtype ! --dst-type LOCAL', chain='PREROUTING'}
}
end end
if chains then if ofs then
ofrag.chain = nil ofrag.chain = nil
util.extend(res, ofs = combinations(ofs, {ofrag})
convertchains(combinations({ofrag}, if recursive then ofs = convertchains(ofs) end
util.map(chains, util.extend(res, ofs)
function(c)
return {chain=c}
end))))
else table.insert(res, ofrag) end else table.insert(res, ofrag) end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment