diff options
| -rw-r--r-- | awall/model.lua | 7 | ||||
| -rw-r--r-- | awall/modules/filter.lua | 10 |
2 files changed, 10 insertions, 7 deletions
diff --git a/awall/model.lua b/awall/model.lua index 50e1fe4..2c5c58d 100644 --- a/awall/model.lua +++ b/awall/model.lua @@ -591,7 +591,7 @@ end function M.Limit:rate() return math.ceil(self.count / self.interval) end -function M.Limit:recentopts(name) +function M.Limit:recentofrags(name) local count = self.count local interval = self.interval @@ -603,8 +603,9 @@ function M.Limit:recentopts(name) if count > RECENT_MAX_COUNT then return end local rec = '-m recent --name '..name - return rec..' --update --hitcount '..count..' --seconds '..interval, - rec..' --set' + return { + {opts=rec..' --update --hitcount '..count..' --seconds '..interval} + }, {{opts=rec..' --set'}} end function M.Limit:limitofrags(name) diff --git a/awall/modules/filter.lua b/awall/modules/filter.lua index d28a658..a084d1a 100644 --- a/awall/modules/filter.lua +++ b/awall/modules/filter.lua @@ -244,16 +244,18 @@ function Filter:extraoptfrags() local logch, limitofs local accept = self:position() == 'append' - local uopts, sopts = limitobj:recentopts(limitchain) + local uofs, sofs = limitobj:recentofrags(limitchain) - if uopts then + if uofs then ofrags, logch = self:logchain(limitlog, 'drop', 'DROP') - limitofs = {{opts=uopts, target=logch}} + limitofs = combinations(uofs, {{target=logch}}) if accept and self.log then table.insert(limitofs, self.log:optfrag()) end - table.insert(limitofs, {opts=sopts, target=accept and 'ACCEPT' or nil}) + extend( + limitofs, combinations(sofs, {{target=accept and 'ACCEPT' or nil}}) + ) else if accept then |