@@ -467,7 +467,7 @@ static int
467467_parse_firewall_rule (const char * ruleset , char * leftover )
468468{
469469 int i ;
470- int block_allow = 0 ; /**< 0 == block, 1 == allow, 2 == log, 3 == ulog */
470+ t_firewall_target target = TARGET_REJECT ; /**< firewall target */
471471 int all_nums = 1 ; /**< If 0, port contained non-numerics */
472472 int finished = 0 ; /**< reached end of line */
473473 char * token = NULL ; /**< First word */
@@ -491,16 +491,18 @@ _parse_firewall_rule(const char *ruleset, char *leftover)
491491
492492 /* Parse token */
493493 if (!strcasecmp (token , "block" ) || finished ) {
494- block_allow = 0 ;
494+ target = TARGET_REJECT ;
495+ } else if (!strcasecmp (token , "drop" )) {
496+ target = TARGET_DROP ;
495497 } else if (!strcasecmp (token , "allow" )) {
496- block_allow = 1 ;
498+ target = TARGET_ACCEPT ;
497499 } else if (!strcasecmp (token , "log" )) {
498- block_allow = 2 ;
500+ target = TARGET_LOG ;
499501 } else if (!strcasecmp (token , "ulog" )) {
500- block_allow = 3 ;
502+ target = TARGET_ULOG ;
501503 } else {
502504 debug (LOG_ERR , "Invalid rule type %s, expecting "
503- "\"block\",\"allow\",\"log\" or \"ulog\"" , token );
505+ "\"block\",\"drop\",\" allow\",\"log\" or \"ulog\"" , token );
504506 return -1 ;
505507 }
506508
@@ -556,7 +558,7 @@ _parse_firewall_rule(const char *ruleset, char *leftover)
556558 /* Generate rule record */
557559 tmp = safe_malloc (sizeof (t_firewall_rule ));
558560 memset ((void * )tmp , 0 , sizeof (t_firewall_rule ));
559- tmp -> block_allow = block_allow ;
561+ tmp -> target = target ;
560562 if (protocol != NULL )
561563 tmp -> protocol = safe_strdup (protocol );
562564 if (port != NULL )
0 commit comments