DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

bug fix to implement FLUSH_IPT_AT_INIT and FLUSH_IPT_AT_EXIT functionality

Browse Source
This commit is contained in:
Michael Rash
2012-08-10 21:43:49 -04:00
parent fbdae50064
commit c6f3fde537
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
server/fw_util_iptables.c
View File

@@ -454,7 +454,8 @@ fw_initialize(const fko_srv_options_t *opts)
/* Flush the chains (just in case) so we can start fresh.
*/
delete_all_chains(opts);
if(strncasecmp(opts->config[CONF_FLUSH_IPT_AT_INIT], "Y", 1) == 0)
delete_all_chains(opts);
/* Now create any configured chains.
*/
@@ -470,6 +471,9 @@ fw_initialize(const fko_srv_options_t *opts)
int
fw_cleanup(const fko_srv_options_t *opts)
{
if(strncasecmp(opts->config[CONF_FLUSH_IPT_AT_EXIT], "N", 1) == 0)
return(0);
delete_all_chains(opts);
return(0);
}
@@ -650,7 +654,7 @@ process_spa_request(const fko_srv_options_t *opts, const acc_stanza_t *acc, spa_
nat_port = atoi(ndx+1);
}
}
if(spadat->message_type == FKO_LOCAL_NAT_ACCESS_MSG)
{
/* Need to add an ACCEPT rule into the INPUT chain