Modify

Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#7196 closed defect (fixed)

Firewall - redirect does not work due to NOTRACK rule

Reported by: Quentin Armitage <quentin@…> Owned by: jow
Priority: normal Milestone: Backfire 10.03.1
Component: base system Version: Trunk
Keywords: firewall Cc:

Description

Additional zones configured in /etc/config/firewall default to having the following rule added:
$IPTABLES -t raw -A zone_${name}_notrack -j NOTRACK

If one adds a "config redirect" for that zone, the redirect is ignored by netfilter due to the NOTRACK rule for the zone.

The attached patch adds any zone that has a redirect to CONNTRACK_ZONES, thereby stopping the NOTRACK rule being added.

Attachments (1)

firewall-redirect-track.patch (441 bytes) - added by Quentin Armitage <quentin@…> 7 years ago.
Patch to make firewall redirect option work for all zones

Download all attachments as: .zip

Change History (4)

Changed 7 years ago by Quentin Armitage <quentin@…>

Patch to make firewall redirect option work for all zones

comment:1 Changed 7 years ago by thepeople

  • Owner changed from developers to jow
  • Status changed from new to assigned

comment:2 Changed 7 years ago by jow

  • Resolution set to fixed
  • Status changed from assigned to closed

Fixed for trunk in r22215, fixed for backfire in r22216 - thanks!

comment:3 Changed 7 years ago by nico

  • Milestone changed from Kamikaze to Backfire 10.03.1

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.