From e62a9791ee4be2e2ade71d566faf4d5b2b1627f5 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Fri, 16 Jul 2010 06:03:15 +0000
Subject: [PATCH] firewall: allow redirecting only destination port (#7197)

SVN-Revision: 22227
---
 package/firewall/Makefile                   | 2 +-
 package/firewall/files/lib/core_redirect.sh | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/package/firewall/Makefile b/package/firewall/Makefile
index b1969d9abd..c1f3f6eb22 100644
--- a/package/firewall/Makefile
+++ b/package/firewall/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=firewall
 
 PKG_VERSION:=2
-PKG_RELEASE:=7
+PKG_RELEASE:=8
 
 include $(INCLUDE_DIR)/package.mk
 
diff --git a/package/firewall/files/lib/core_redirect.sh b/package/firewall/files/lib/core_redirect.sh
index b51f79390a..15d01b0a75 100644
--- a/package/firewall/files/lib/core_redirect.sh
+++ b/package/firewall/files/lib/core_redirect.sh
@@ -26,8 +26,8 @@ fw_load_redirect() {
 
 	fw_callback pre redirect
 
-	[ -n "$redirect_src" -a -n "$redirect_dest_ip" ] || {
-		fw_die "redirect ${redirect_name}: needs src and dest_ip"
+	[ -n "$redirect_src" -a -n "$redirect_dest_ip$redirect_dest_port" ] || {
+		fw_die "redirect ${redirect_name}: needs src and dest_ip or dest_port"
 	}
 
 	list_contains FW_CONNTRACK_ZONES $redirect_src || \
@@ -53,6 +53,7 @@ fw_load_redirect() {
 			--to-destination ${redirect_dest_ip}${redirect_dest_port:+:$nat_dest_port} \
 		}
 
+		[ -n "$redirect_dest_ip" ] && \
 		fw add $mode f zone_${redirect_src}_forward ACCEPT ^ { $redirect_src_ip $redirect_dest_ip } { \
 			-d $redirect_dest_ip \
 			${redirect_proto:+-p $redirect_proto} \