fw4: fix applying zone flags for source bound rules

The rule parsing code failed to properly set the source zone flags for
rules requiring `${verdict}_from_${zone}` chains, causing those chains
to be missing, leading to errors when applying the ruleset.

Fix this issue by applying the flag to the correct property (source-
instead of destination flags).

Ref: https://github.com/openwrt/openwrt/issues/9686
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/root/usr/share/ucode/fw4.uc b/root/usr/share/ucode/fw4.uc
index 0659af6ce562deb8a84d118708a3f4e64ff14dc2..b81f9adcb9ecb1e987c36bea398bfcfa105b5346 100644 (file)
--- a/root/usr/share/ucode/fw4.uc
+++ b/root/usr/share/ucode/fw4.uc
@@ -2355,7 +2355,7 @@ return {
                                }
                                else if (need_src_action_chain(r)) {
                                        r.jump_chain = sprintf("%s_from_%s", r.target, r.src.zone.name);
-                                       r.src.zone.dflags[r.target] = true;
+                                       r.src.zone.sflags[r.target] = true;
                                }
                                else if (r.target == "reject")
                                        r.jump_chain = "handle_reject";