fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-02-05 14:40:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

sharing: fix handling of rule negation (debian #638995)

Browse source 
! after the option is deprecated at least as far back as iptables
1.4.12 on 2.6.32.  ! should be before the option instead.

Reported-by: Ralf Jung <ralfjung-e@gmx.de>
This commit is contained in:
Dan Williams 2011-09-06 18:31:40 -05:00
parent 49dc2068ed
commit 420fbb599f
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/nm-device.c
View file

@ -2523,7 +2523,7 @@ start_sharing (NMDevice *self)
add_share_rule (req, "filter", "FORWARD --in-interface %s --out-interface %s --jump ACCEPT", ip_iface, ip_iface);
add_share_rule (req, "filter", "FORWARD --source %s/%s --in-interface %s --jump ACCEPT", str_addr, str_mask, ip_iface);
add_share_rule (req, "filter", "FORWARD --destination %s/%s --out-interface %s --match state --state ESTABLISHED,RELATED --jump ACCEPT", str_addr, str_mask, ip_iface);
add_share_rule (req, "nat", "POSTROUTING --source %s/%s --destination ! %s/%s --jump MASQUERADE", str_addr, str_mask, str_addr, str_mask);
add_share_rule (req, "nat", "POSTROUTING --source %s/%s ! --destination %s/%s --jump MASQUERADE", str_addr, str_mask, str_addr, str_mask);
nm_act_request_set_shared (req, TRUE);