пре 15 година · f90328f26e
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
				 PKG_NAME:=firewall
			
 
				 
			
 
				 PKG_VERSION:=2
			
 
				-PKG_RELEASE:=15
			
 
				+PKG_RELEASE:=16
			
 
				 
			
 
				 include $(INCLUDE_DIR)/package.mk
			
 
				 
			
--- a/package/firewall/files/lib/core.sh
+++ b/package/firewall/files/lib/core.sh
@@ -107,10 +107,8 @@ fw_die() {
 
				 
			
 
				 fw_log() {
			
 
				 	local level="$1"
			
 
				-	[ -n "$2" ] || {
			
 
				-		shift
			
 
				-		level=notice
			
 
				-	}
			
 
				+	[ -n "$2" ] && shift || level=notice
			
 
				+	[ "$level" != error ] || echo "Error: $@" >&2
			
 
				 	logger -t firewall -p user.$level "$@"
			
 
				 }
			
 
				 
			
--- a/package/firewall/files/lib/core_init.sh
+++ b/package/firewall/files/lib/core_init.sh
@@ -42,7 +42,7 @@ fw_load_defaults() {
 
				 		boolean disable_ipv6 0 \
			
 
				 	} || return
			
 
				 	[ -n "$FW_DEFAULTS_APPLIED" ] && {
			
 
				-		echo "Error: multiple defaults sections detected"
			
 
				+		fw_log error "duplicate defaults section detected, skipping"
			
 
				 		return 1
			
 
				 	}
			
 
				 	FW_DEFAULTS_APPLIED=1
			
@@ -159,7 +159,8 @@ fw_load_zone() {
 
				 	fw_config_get_zone "$1"
			
 
				 
			
 
				 	list_contains FW_ZONES $zone_name && {
			
 
				-		fw_die "zone ${zone_name}: duplicated zone"
			
 
				+		fw_log error "zone ${zone_name}: duplicated zone, skipping"
			
 
				+		return 0
			
 
				 	}
			
 
				 	append FW_ZONES $zone_name
			
 
				 
			
--- a/package/firewall/files/lib/core_redirect.sh
+++ b/package/firewall/files/lib/core_redirect.sh
@@ -30,7 +30,8 @@ fw_load_redirect() {
 
				 	local fwdchain natchain natopt nataddr natports srcdaddr srcdports
			
 
				 	if [ "$redirect_target" == "DNAT" ]; then
			
 
				 		[ -n "$redirect_src" -a -n "$redirect_dest_ip$redirect_dest_port" ] || {
			
 
				-			fw_die "DNAT redirect ${redirect_name}: needs src and dest_ip or dest_port"
			
 
				+			fw_log error "DNAT redirect ${redirect_name}: needs src and dest_ip or dest_port, skipping"
			
 
				+			return 0
			
 
				 		}
			
 
				 
			
 
				 		fwdchain="zone_${redirect_src}_forward"
			
@@ -48,7 +49,8 @@ fw_load_redirect() {
 
				 
			
 
				 	elif [ "$redirect_target" == "SNAT" ]; then
			
 
				 		[ -n "$redirect_dest" -a -n "$redirect_src_dip" ] || {
			
 
				-			fw_die "SNAT redirect ${redirect_name}: needs dest and src_dip"
			
 
				+			fw_log error "SNAT redirect ${redirect_name}: needs dest and src_dip, skipping"
			
 
				+			return 0
			
 
				 		}
			
 
				 
			
 
				 		fwdchain="${redirect_src:+zone_${redirect_src}_forward}"
			
@@ -65,7 +67,8 @@ fw_load_redirect() {
 
				 			append FW_CONNTRACK_ZONES $redirect_dest
			
 
				 
			
 
				 	else
			
 
				-		fw_die "redirect ${redirect_name}: target must be either DNAT or SNAT"
			
 
				+		fw_log error "redirect ${redirect_name}: target must be either DNAT or SNAT, skipping"
			
 
				+		return 0
			
 
				 	fi
			
 
				 
			
 
				 	local mode