extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-15 04:04:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix bad bug in bridge rule generation

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-06-06 16:38:35 +00:00
parent eef7aaafae
commit 03c0e9d996
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Shorewall-perl/Shorewall/Rules.pm
View File

@ -978,7 +978,7 @@ sub process_rule1 ( $$$$$$$$$$$ ) {
# #
# Check for illegal bridge port rule # Check for illegal bridge port rule
# #
if ( $zones{$sourcezone}->{type} eq 'bport4' ) { if ( $zones{$destzone}->{type} eq 'bport4' ) {
unless ( $zones{$sourcezone}{bridge} eq $zones{$destzone}{bridge} ) { unless ( $zones{$sourcezone}{bridge} eq $zones{$destzone}{bridge} ) {
return 1 if $wildcard; return 1 if $wildcard;
fatal_error "Rules with a DESTINATION Bridge Port zone must have a SOURCE zone on the same bridge"; fatal_error "Rules with a DESTINATION Bridge Port zone must have a SOURCE zone on the same bridge";
@ -1174,7 +1174,6 @@ sub process_rule ( $$$$$$$$$$ ) {
my $intrazone = 0; my $intrazone = 0;
my $includesrcfw = 1; my $includesrcfw = 1;
my $includedstfw = 1; my $includedstfw = 1;
my $optimize = $config{OPTIMIZE};
my $thisline = $line; my $thisline = $line;
# #
# Section Names are optional so once we get to an actual rule, we need to be sure that # Section Names are optional so once we get to an actual rule, we need to be sure that
@ -1226,8 +1225,6 @@ sub process_rule ( $$$$$$$$$$ ) {
fatal_error "Invalid or missing ACTION ( $target )" unless defined $action; fatal_error "Invalid or missing ACTION ( $target )" unless defined $action;
$optimize = 0 if $action =~ /!$/;
if ( $source eq 'all' ) { if ( $source eq 'all' ) {
for my $zone ( @zones ) { for my $zone ( @zones ) {
if ( $includesrcfw || ( $zones{$zone}{type} ne 'firewall' ) ) { if ( $includesrcfw || ( $zones{$zone}{type} ne 'firewall' ) ) {