firewall: optimize DNAT rules and skip invalid rules and redirects (#14485)

- instead of writing one (or more) ACCEPT rules in the filter table for each redirect install a global ctstate DNAT accept rule per zone - discard rules and redirects which have invalid options set instead of silently skipping the invalid values SVN-Revision: 38849
11 years ago · bc9043cc53
parent 82e6242798
commit bc9043cc53
1 changed files with 2 additions and 2 deletions
--- a/package/network/config/firewall/Makefile
+++ b/package/network/config/firewall/Makefile
@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=firewall
-PKG_VERSION:=2013-10-23
+PKG_VERSION:=2013-11-18
 PKG_RELEASE:=$(PKG_SOURCE_VERSION)

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=git://nbd.name/firewall3.git
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=c25922c05ae594c4c35fa65f27fd21c3a033f4ec
+PKG_SOURCE_VERSION:=fa3386a7054aa9541decd68c8cf8de1e0d6f8832
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MAINTAINER:=Jo-Philipp Wich <jow@openwrt.org>