Tree - rpms/firewalld - CentOS Git server

rpms / firewalld

Blame SOURCES/0010-fw_zone-fix-IPv6-rich-rule-forward-port-without-toad.patch

Blob History Raw

		21c891	`From f74241d6ff7ef4538c545fd46aad95a0f5a6a1f0 Mon Sep 17 00:00:00 2001`
		21c891	`From: Eric Garver <e@erig.me>`
		21c891	`Date: Wed, 5 Dec 2018 16:29:49 -0500`
		21c891	`Subject: [PATCH 10/34] fw_zone: fix IPv6 rich rule forward-port without toaddr`
		21c891
		21c891	`Using a rich rule with family=ipv6 and no toaddr specified was silently`
		21c891	`not applying any rules.`
		21c891
		21c891	`(cherry picked from commit 2210822a2450a7b9ed853593c3d88aca1c43c2fc)`
		21c891	`(cherry picked from commit 67d76790e921befbc5b454023f202fa638e8c0c3)`
		21c891	`---`
		21c891	`src/firewall/core/fw_zone.py \| 11 ++---------`
		21c891	`1 file changed, 2 insertions(+), 9 deletions(-)`
		21c891
		21c891	`diff --git a/src/firewall/core/fw_zone.py b/src/firewall/core/fw_zone.py`
		21c891	`index 816fa50340b3..db90c32be540 100644`
		21c891	`--- a/src/firewall/core/fw_zone.py`
		21c891	`+++ b/src/firewall/core/fw_zone.py`
		21c891	`@@ -1702,17 +1702,10 @@ class FirewallZone(object):`
		21c891	`for ipv in ipvs:`
		21c891	`if backend.is_ipv_supported(ipv):`
		21c891	`self.check_forward_port(ipv, port, protocol, toport, toaddr)`
		21c891	`-`
		21c891	`- if check_single_address("ipv6", toaddr):`
		21c891	`- ipv = "ipv6"`
		21c891	`- else:`
		21c891	`- ipv = "ipv4"`
		21c891	`-`
		21c891	`- if not backend.is_ipv_supported(ipv):`
		21c891	`- continue`
		21c891	`+ if enable:`
		21c891	`+ zone_transaction.add_post(enable_ip_forwarding, ipv)`
		21c891
		21c891	`if enable:`
		21c891	`- zone_transaction.add_post(enable_ip_forwarding, ipv)`
		21c891	`mark_id = self._fw.new_mark()`
		21c891
		21c891	`filter_chain = "INPUT" if not toaddr else "FORWARD_IN"`
		21c891	`--`
		21c891	`2.18.0`
		21c891

rpms / firewalld

Source Code

Blame SOURCES/0010-fw_zone-fix-IPv6-rich-rule-forward-port-without-toad.patch