From 0d1e3946657f56c13ba5fbccb0e9791b212615b7 Mon Sep 17 00:00:00 2001
From: Olivier Blin <oblin@mandriva.com>
Date: Thu, 3 Apr 2008 07:54:08 +0000
Subject: redirect both fw and loc zone (if loc is available)

---
 lib/network/shorewall.pm | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/network/shorewall.pm b/lib/network/shorewall.pm
index bf3cb32..1068609 100644
--- a/lib/network/shorewall.pm
+++ b/lib/network/shorewall.pm
@@ -189,10 +189,12 @@ What do you want to do?"),
             if_($::b, [ 'ACCEPT+', 'fw', 'net', 'tcp', $::a, '-', '-', '-', $::b ]);
         } %{$conf->{accept_local_user}}),
         (map {
+            my $proto = $_;
             #- WARNING: won't redirect ports from the firewall system if a local zone exists
+            #- set redirect_fw_only to workaround
             map_each {
-                [ 'REDIRECT', $has_loc_zone ? 'loc' : 'fw', $::b, $_, $::a, '-' ];
-            } %{$conf->{redirects}{$_}};
+                map { [ 'REDIRECT', $_, $::b, $proto, $::a, '-' ] } 'fw', if_($has_loc_zone, 'loc');
+            } %{$conf->{redirects}{$proto}};
         } keys %{$conf->{redirects}}),
     ));
     set_config_file('masq', if_(exists $conf->{masq}, [ $conf->{masq}{net_interface}, $conf->{masq}{subnet} ]));
-- 
cgit v1.2.1