diff options
| author | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2012-03-16 21:03:51 -0700 |
|---|---|---|
| committer | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2012-03-16 21:03:51 -0700 |
| commit | b4c313d953660b8a70ccfda0b260fd81a6089976 (patch) | |
| tree | ccde995e180aaf5ac594328aba551b2356405ad9 /lib | |
| parent | b791c5f35b7723c139b83b492dd20406cdd42784 (diff) | |
| download | vyatta-conntrack-b4c313d953660b8a70ccfda0b260fd81a6089976.tar.gz vyatta-conntrack-b4c313d953660b8a70ccfda0b260fd81a6089976.zip | |
use add instead of create, use inet, pre-pend protocol to iptables rule
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Vyatta/Conntrack/RuleCT.pm | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/Vyatta/Conntrack/RuleCT.pm b/lib/Vyatta/Conntrack/RuleCT.pm index 9953291..5c59b93 100644 --- a/lib/Vyatta/Conntrack/RuleCT.pm +++ b/lib/Vyatta/Conntrack/RuleCT.pm @@ -74,6 +74,11 @@ sub rule { Vyatta::Config::outputError(["Conntrack"], "Conntrack config error: $err_str"); exit 1; } + if ($self->{_protocol} = "tcp") { + $rule .= " -p tcp"; + } elsif ($self->{_protocol} = "udp") { + $rule .= " -p udp"; + } $rule .= " $srcrule $dstrule "; return $rule; } @@ -181,7 +186,7 @@ sub get_policy_command { my ($self ) = @_; my $command; my @level_nodes = split (' ', $self->{_comment}); - $command .= "policy_$level_nodes[2]_$level_nodes[5]"; + $command .= "policy_$level_nodes[2]_$level_nodes[5] inet"; if ($self->{_protocol} eq 'tcp') { $command .= " tcp"; if ($self->{_tcp}->{_close}) { |