From ca06b76fc24f94895dcdb1c54d5066295f523245 Mon Sep 17 00:00:00 2001 From: Brielle Bruns Date: Wed, 1 Jan 2020 11:57:04 -0700 Subject: [PATCH] 2.1p1 to fix NETMAP issue --- CHANGELOG | 3 +++ bin/srfirewall | 2 +- lib/iptables.inc | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index a3ff958..07ffd7f 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,6 @@ +2.1p1 - 01/01/2020 + - Fix NETMAP so it works properly (was doing -d instead of -s for source address) + 2.1 Final - 07/12/2019 - Fix flush tables rule for raw - Final 2.1 release since we've had 2.1 for 5 years now without being 'released' diff --git a/bin/srfirewall b/bin/srfirewall index 0f7df7f..5d2c3a5 100755 --- a/bin/srfirewall +++ b/bin/srfirewall @@ -19,7 +19,7 @@ # along with this program. If not, see . # Static config options, normally do not need to change -FW_VERSION="2.1" +FW_VERSION="2.1p1" # Important directory locations FWPREFIX="/usr/local" diff --git a/lib/iptables.inc b/lib/iptables.inc index 23d5df6..91ca9f1 100644 --- a/lib/iptables.inc +++ b/lib/iptables.inc @@ -484,7 +484,7 @@ function enable_nat { ${display} RED "nat.conf: Error - SNAT rule can not have empty destination address: ${DEFAULT_COLOR}${type} ${srcinterface} ${srcaddress} ${dstinterface} ${dstaddress}" \ && continue - ([[ ${srcaddress} != "-" ]] && [[ ${dstaddress} != "-" ]] && [[ ${type} == "NETMAP" ]]) && action="-j NETMAP" && srcaddress="-d ${srcaddress}" && dstaddress="--to ${dstaddress}" + ([[ ${srcaddress} != "-" ]] && [[ ${dstaddress} != "-" ]] && [[ ${type} == "NETMAP" ]]) && action="-j NETMAP" && srcaddress="-s ${srcaddress}" && dstaddress="--to ${dstaddress}" ${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR}${direction} ${action} ${srcinterface} ${srcaddress} ${srcport} ${dstinterface} ${dstaddress} ${dstport} ${protocol} ${custom}"