diff options
| author | An-Cheng Huang <ancheng@vyatta.com> | 2008-05-13 17:29:41 -0700 |
|---|---|---|
| committer | An-Cheng Huang <ancheng@vyatta.com> | 2008-05-13 17:29:41 -0700 |
| commit | 184b1af2794b5187f33bc6ce14d2d28f84a827a6 (patch) | |
| tree | 1c74dda7d8e79b16f1c980a5e85b91b7cf91784d /scripts | |
| parent | 648b2b2ac928461c8a83a43e0f455edb96552ddd (diff) | |
| download | vyatta-cfg-firewall-184b1af2794b5187f33bc6ce14d2d28f84a827a6.tar.gz vyatta-cfg-firewall-184b1af2794b5187f33bc6ce14d2d28f84a827a6.zip | |
add "inspect" action (maps to QUEUE) so "custom" traffic-filter for IPS
can be defined in "firewall".
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/firewall/VyattaIpTablesRule.pm | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/scripts/firewall/VyattaIpTablesRule.pm b/scripts/firewall/VyattaIpTablesRule.pm index 04c82f0..63c4ddd 100644 --- a/scripts/firewall/VyattaIpTablesRule.pm +++ b/scripts/firewall/VyattaIpTablesRule.pm @@ -243,6 +243,8 @@ sub rule { $rule .= "-j RETURN "; } elsif ("$self->{_action}" eq "reject") { $rule .= "-j REJECT "; + } elsif ("$self->{_action}" eq 'inspect') { + $rule .= "-j QUEUE "; } elsif ("$self->{_action}" eq 'modify') { # mangle actions my $count = 0; |