33 lines
1.2 KiB
Diff
33 lines
1.2 KiB
Diff
From 3253df596ab6f5e43d22dff3049600fc0de9c41b Mon Sep 17 00:00:00 2001
|
|
From: Jiri Popelka <jpopelka@redhat.com>
|
|
Date: Wed, 20 Feb 2013 14:58:40 +0100
|
|
Subject: [PATCH 1/2] Stop default zone rules being applied to all zones
|
|
(RHBZ#912782)
|
|
|
|
See https://bugzilla.redhat.com/show_bug.cgi?id=912782
|
|
for description.
|
|
|
|
Patch from Quentin Armitage
|
|
---
|
|
src/firewall/core/fw_zone.py | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/firewall/core/fw_zone.py b/src/firewall/core/fw_zone.py
|
|
index 6d874e5..0fd0267 100644
|
|
--- a/src/firewall/core/fw_zone.py
|
|
+++ b/src/firewall/core/fw_zone.py
|
|
@@ -272,8 +272,9 @@ class FirewallZone:
|
|
if target == "DROP" and table == "nat":
|
|
# DROP is not supported in nat table
|
|
continue
|
|
+ action = "-g" if "_ZONE_" in target else "-j"
|
|
rule = [ "%s_ZONES" % src_chain, "-t", table,
|
|
- opt, interface, "-j", target ]
|
|
+ opt, interface, action, target ]
|
|
if enable and not append:
|
|
rule.insert(1, "1")
|
|
rules.append((ipv, rule))
|
|
--
|
|
1.8.1.2
|
|
|