chiark
/
gitweb
/
~mdw
/
firewall
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
classify.m4, functions.m4: Multiple interfaces can have default nets.
[firewall]
/
functions.m4
diff --git
a/functions.m4
b/functions.m4
index 484c30d9511ae05424e16e711c66a34d9b638ccd..ca4519ec797b0d736beef8c9ee4f80e9e9ff3f1c 100644
(file)
--- a/
functions.m4
+++ b/
functions.m4
@@
-344,7
+344,7
@@
defnetclass () {
## As a special case, the NETWORK/MASK can be the string `default', which
## indicates that all addresses not matched elsewhere should be considered.
ifaces=:
## As a special case, the NETWORK/MASK can be the string `default', which
## indicates that all addresses not matched elsewhere should be considered.
ifaces=:
-defaultiface
=none
+defaultiface
s=""
allnets= allnets6=
defiface () {
set -e
allnets= allnets6=
defiface () {
set -e
@@
-365,9
+365,16
@@
defiface () {
netclass=${item%:*} addr=${item#*:}
case $addr in
default)
netclass=${item%:*} addr=${item#*:}
case $addr in
default)
- defaultiface=$name
- defaultclass=$netclass
- run ip46tables -t mangle -A out-classify -g mark-to-$netclass
+ case "$defaultifaces,$defaultclass" in
+ ,* | *,$netclass)
+ defaultifaces="$defaultifaces $name"
+ defaultclass=$netclass
+ ;;
+ *)
+ echo >&2 "$0: inconsistent default netclasses"
+ exit 1
+ ;;
+ esac
;;
*:*)
run ip6tables -t mangle -A in-$name -g mark-from-$netclass \
;;
*:*)
run ip6tables -t mangle -A in-$name -g mark-from-$netclass \
~mdw / firewall / blobdiff