From f3f043ad1b2f4371a4645cbe3854ce91d07adbff Mon Sep 17 00:00:00 2001 From: Kaarle Ritvanen Date: Thu, 15 Aug 2013 11:31:18 +0300 Subject: check correctness of 'action' attribute ref #2193 --- awall/model.lua | 6 ++---- awall/modules/filter.lua | 12 ++++++++++-- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/awall/model.lua b/awall/model.lua index cc53445..ff747ff 100644 --- a/awall/model.lua +++ b/awall/model.lua @@ -319,10 +319,8 @@ function Rule:position() return 'append' end function Rule:target() if not self.action then self:error('Action not defined') end - if util.contains({'accept', 'drop', 'reject'}, self.action) then - return string.upper(self.action) - end - return self.action + if self.action == 'accept' then return 'ACCEPT' end + self:error('Invalid action: '..self.action) end diff --git a/awall/modules/filter.lua b/awall/modules/filter.lua index a97b9b3..35c5f30 100644 --- a/awall/modules/filter.lua +++ b/awall/modules/filter.lua @@ -173,10 +173,18 @@ function Filter:position() return self:limit() == 'flow-limit' and 'prepend' or 'append' end +function Filter:actiontarget() + if self.action == 'tarpit' then return 'tarpit' end + if util.contains({'drop', 'reject'}, self.action) then + return string.upper(self.action) + end + return model.Rule.target(self) +end + function Filter:target() if self:limit() then return self:newchain('limit') end if self.log then return self:newchain('log'..self.action) end - return model.Rule.target(self) + return self:actiontarget() end function Filter:extraoptfrags() @@ -234,7 +242,7 @@ function Filter:extraoptfrags() extend(res, combinations({{chain=chain}}, ofrags)) - else logchain(self.log, self.action, model.Rule.target(self)) end + else logchain(self.log, self.action, self:actiontarget()) end return res end -- cgit v1.2.3