summaryrefslogtreecommitdiff
path: root/src/lbdecision.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/lbdecision.cc')
-rw-r--r--src/lbdecision.cc28
1 files changed, 14 insertions, 14 deletions
diff --git a/src/lbdecision.cc b/src/lbdecision.cc
index 2d69983..8c36ff9 100644
--- a/src/lbdecision.cc
+++ b/src/lbdecision.cc
@@ -166,14 +166,14 @@ if so then this stuff goes here!
//NOTE, WILL NEED A WAY TO CLEAN UP THIS RULE ON RESTART...
execute(string("iptables -t mangle -A ISP_") + iface + " -j ACCEPT", stdout);
- if (lbdata._sticky_inbound_connections == true) {
- //Mark incoming connections so that return packets go back on the same interface
- execute(string("iptables -t mangle -N ISP_") + iface + "_IN", stdout);
- execute(string("iptables -t mangle -F ISP_") + iface + "_IN", stdout);
- execute(string("iptables -t mangle -A ISP_") + iface + "_IN -j CONNMARK --set-mark " + buf, stdout);
- execute(string("iptables -t mangle -I PREROUTING -i ") + iface + " -m state --state NEW -j ISP_" + iface + "_IN", stdout);
- }
-
+ if (lbdata._sticky_inbound_connections == true) {
+ //Mark incoming connections so that return packets go back on the same interface
+ execute(string("iptables -t mangle -N ISP_") + iface + "_IN", stdout);
+ execute(string("iptables -t mangle -F ISP_") + iface + "_IN", stdout);
+ execute(string("iptables -t mangle -A ISP_") + iface + "_IN -j CONNMARK --set-mark " + buf, stdout);
+ execute(string("iptables -t mangle -I PREROUTING -i ") + iface + " -m state --state NEW -j ISP_" + iface + "_IN", stdout);
+ }
+
//need to force the entry on restart as the configuration may have changed.
if (iter->second._nexthop == "dhcp") {
if (iter->second._dhcp_nexthop.empty() == false) {
@@ -495,12 +495,12 @@ LBDecision::shutdown(LBData &data)
execute(string("iptables -t mangle -F ISP_") + h_iter->first,stdout);
execute(string("iptables -t mangle -X ISP_") + h_iter->first,stdout);
- if (data._sticky_inbound_connections == true) {
- execute(string("iptables -t mangle -D PREROUTING -i ") + h_iter->first + " -m state --state NEW -j ISP_" + h_iter->first + "_IN", stdout);
- execute(string("iptables -t mangle -F ISP_") + h_iter->first + "_IN",stdout);
- execute(string("iptables -t mangle -X ISP_") + h_iter->first + "_IN",stdout);
- }
-
+ if (data._sticky_inbound_connections == true) {
+ execute(string("iptables -t mangle -D PREROUTING -i ") + h_iter->first + " -m state --state NEW -j ISP_" + h_iter->first + "_IN", stdout);
+ execute(string("iptables -t mangle -F ISP_") + h_iter->first + "_IN",stdout);
+ execute(string("iptables -t mangle -X ISP_") + h_iter->first + "_IN",stdout);
+ }
+
++h_iter;
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-14 16:46:04 +0000