firewall: initialize dest_port with src_dport if omitted in redirect sections to narrow down corresponding forward rules to the actual target ports - thanks Niels Boehm! (#6249)

SVN-Revision: 18617
15 years ago · 6cb040903b
parent a263714936
commit 6cb040903b
2 changed files with 22 additions and 22 deletions
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=firewall

 PKG_VERSION:=1
-PKG_RELEASE:=8
+PKG_RELEASE:=9

 include $(INCLUDE_DIR)/package.mk

--- a/package/firewall/files/uci_firewall.sh
+++ b/package/firewall/files/uci_firewall.sh
@ -362,7 +362,7 @@ fw_redirect() {
 	[ "$src_dport_first" -ne "$src_dport_last" ] && { \
 		src_dport="$src_dport_first:$src_dport_last"; }

-	dest_port2=$dest_port
+	dest_port2=${dest_port:-$src_dport}
 	dest_port_first=${dest_port2%-*}
 	dest_port_last=${dest_port2#*-}
 	[ "$dest_port_first" -ne "$dest_port_last" ] && { \