close
Attachments you submit will be routed for moderation. If you have an account, please log in first.

Ticket #144: createrule.patch

File createrule.patch, 1.3 KB (added by dickelbeck, 7 years ago)

[PATCH] for 0.8 rc1

  • vuurmuur/vuurmuur/createrule.c

    old new  
    7272        else
    7373            return "-m state --state";
    7474    } else {
    75         if (conf.check_iptcaps == FALSE || iptcap->match_ip6_conntrack == TRUE)
     75        if (conf.check_iptcaps == FALSE
     76#ifdef IPV6_ENABLED
     77            || iptcap->match_ip6_conntrack == TRUE
     78#endif
     79            )
    7680            return "-m conntrack --ctstate";
    7781        else
    7882            return "-m state --state";
     
    613617            create_srcdst_string(debuglvl, SRCDST_SOURCE, rule->from_ip, rule->from_netmask, rule->temp_src, sizeof(rule->temp_src));
    614618            create_srcdst_string(debuglvl, SRCDST_DESTINATION, rule->to_ip, rule->to_netmask, rule->temp_dst, sizeof(rule->temp_dst));
    615619
    616             snprintf(cmd, sizeof(cmd), "%s %s %s %s %s -m helper --helper \"%s\" %s -m connmark --mark 0 -j CONNMARK --set-mark %u",
     620            snprintf(cmd, sizeof(cmd), "%s %s %s %s %s -m helper --helper \"%s\" %s RELATED -m connmark --mark 0 -j CONNMARK --set-mark %u",
    617621                input_device, rule->proto, rule->temp_src,
    618622                rule->temp_dst, rule->from_mac, rule->helper,
    619623                create_state_string(rule->ipv, iptcap), connmark);