Opened 6 years ago
Last modified 4 years ago
#157 assigned defect
vuurmuur --bash enables /disables ip_forward and ip6_forward together
| Reported by: | Matthijs Kooijman | Owned by: | Victor Julien |
|---|---|---|---|
| Priority: | minor | Milestone: | undecided |
| Component: | vuurmuur | Version: | svn |
| Keywords: | Cc: |
Description (last modified by )
AFAIU from looking at the source, when you run vuurmuur normally, it enables ip_forward when ipv4 forwarding rules are present, and ip6_forward when ipv6 rules are present. However, when running with --bash, this piece of code runs:
/* post rules: enable logging */
if(post_rules(debuglvl, &vctx->conf, NULL, &vctx->iptcaps, forward_rules, VRMR_IPV4) < 0)
return(-1);
#ifdef IPV6_ENABLED
if(post_rules(debuglvl, &vctx->conf, NULL, &vctx->iptcaps, forward_rules, VRMR_IPV6) < 0)
return(-1);
#endif
Since this shares a single forward_rules flag for both ipv4 and ipv6, this causes different behaviour when running with --bash or without --bash.
Note:
See TracTickets
for help on using tickets.
