Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
authorMichael Tremer <michael.tremer@ipfire.org>
Thu, 27 Feb 2014 12:14:02 +0000 (13:14 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Thu, 27 Feb 2014 12:14:02 +0000 (13:14 +0100)
config/firewall/rules.pl
src/initscripts/init.d/firewall

index 2589ac62b4b9de89ab9f961112a3d98898855501..d8adb156b0d4d6a1c6e4fe73430762ac9fb2c3aa 100755 (executable)
@@ -258,10 +258,6 @@ sub buildrules
                                        $PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
                                        foreach my $a (sort keys %sourcehash){
                                                foreach my $b (sort keys %targethash){
-                                                       if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){
-                                                               #Skip rules when no RED IP is set (DHCP,DSL)
-                                                               next;
-                                                       }
                                                        next if ($targethash{$b}[0] eq 'none');
                                                        $STAG='';
                                                        if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -346,10 +342,6 @@ sub buildrules
                                        }
                                        foreach my $a (sort keys %sourcehash){
                                                foreach my $b (sort keys %targethash){
-                                                       if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || $natip eq '-d ' || !$natip){
-                                                               #Skip rules when no RED IP is set (DHCP,DSL)
-                                                               next;
-                                                       }
                                                        next if ($targethash{$b}[0] eq 'none');
                                                        $STAG='';
                                                        if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -565,7 +557,7 @@ sub get_address
                        $$hash{$key}[0]='0.0.0.0/0';
                }
                if($base2 eq 'RED' || $base2 eq 'RED1'){
-                       open(FILE, "/var/ipfire/red/local-ipaddress");
+                       open(FILE, "/var/ipfire/red/local-ipaddress")or die "Couldn't open local-ipaddress";
                        $$hash{$key}[0]= <FILE>;
                        close(FILE);
                }else{
index 2c280f2ba07ce3c9574fc7c6a0f8389c87548d0a..06a714a329046879d5eeb6c0fcd08418790692ed 100644 (file)
@@ -283,7 +283,7 @@ iptables_red() {
        fi
 
        # Reload all rules.
-       firewallctrl
+       /usr/local/bin/firewallctrl
 }
 
 # See how we were called.