Filter: pass action

2 files changed, 6 insertions, 2 deletions

diff --git a/README.md b/README.md
index 25644e2..7369dd0 100644
--- a/README.md
+++ b/README.md
@@ -291,7 +291,7 @@ definitions. If the value of the **log** attribute is **true**
 (boolean), logging is done using default settings. If the value is
 **false** (boolean), logging is disabled for the rule. If **log** is
 not defined, logging is done using the default settings except for
-accept rules, for which logging is omitted.
+accept and pass rules, for which logging is omitted.
 
 Default logging settings can be set by defining a logging class named
 **_default**. Normally, default logging uses the **log** mode with
@@ -388,6 +388,9 @@ which can be one of the following:
         for the matching packets.)
       </td>
     </tr>
+    <tr>
+      <td><strong>pass</strong></td><td>No action</td>
+    </tr>
   </tbody>
 </table>
 
diff --git a/awall/modules/filter.lua b/awall/modules/filter.lua
index 4efde86..bf34b56 100644
--- a/awall/modules/filter.lua
+++ b/awall/modules/filter.lua
@@ -168,7 +168,7 @@ function LoggingRule:logchain(log, action, target)
    local chain = self:uniqueid('log'..action)
 
    local ofrags = log:optfrags()
-   table.insert(ofrags, {target=target})
+   if target then table.insert(ofrags, {target=target}) end
 
    return combinations({{chain=chain}}, ofrags), chain
 end
@@ -335,6 +335,7 @@ function Filter:logdefault()
 end
 
 function Filter:actiontarget()
+   if self.action == 'pass' then return end
    if self.action ~= 'accept' and not self:logdefault() then
       self:error('Invalid filter action: '..self.action)
    end