diff options
| -rw-r--r-- | awall/model.lua | 5 | ||||
| -rw-r--r-- | awall/modules/filter.lua | 9 |
2 files changed, 9 insertions, 5 deletions
diff --git a/awall/model.lua b/awall/model.lua index 6b9a7db..c86a2fa 100644 --- a/awall/model.lua +++ b/awall/model.lua @@ -252,7 +252,10 @@ function Rule:position() return 'append' end function Rule:target() if not self.action then self:error('Action not defined') end - return string.upper(self.action) + if util.contains({'accept', 'drop', 'reject'}, self.action) then + return string.upper(self.action) + end + return self.action end diff --git a/awall/modules/filter.lua b/awall/modules/filter.lua index bd6b35e..f8d4f60 100644 --- a/awall/modules/filter.lua +++ b/awall/modules/filter.lua @@ -108,7 +108,7 @@ function Filter:extraoptfrags() end local optbase = '-m recent --name '..self:target() table.insert(res, {chain=self:target(), - opts=optbase..' --update --hitcount '..self[limit].count..' --seconds '..self[limit].interval..' -j LOGDROP'}) + opts=optbase..' --update --hitcount '..self[limit].count..' --seconds '..self[limit].interval..' -j logdrop'}) table.insert(res, {chain=self:target(), opts=optbase..' --set -j ACCEPT'}) end @@ -128,12 +128,13 @@ classes = {{'filter', Filter}, defrules = {pre={}, ['post-filter']={}} for i, family in ipairs({'inet', 'inet6'}) do - for i, target in ipairs({'DROP', 'REJECT'}) do - for i, opts in ipairs({'-m limit --limit 1/second -j LOG', '-j '..target}) do + for i, target in ipairs({'drop', 'reject'}) do + for i, opts in ipairs({'-m limit --limit 1/second -j LOG', + '-j '..string.upper(target)}) do table.insert(defrules.pre, {family=family, table='filter', - chain='LOG'..target, + chain='log'..target, opts=opts}) end end |