From 11c580de54b80d20029e692777f6a9a875329d36 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Sat, 9 Jul 2011 17:27:09 -0700 Subject: [PATCH] Fix exclusion in IPv6 hosts file. Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Zones.pm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm index 9d1ca063e..af5e2f3a3 100644 --- a/Shorewall/Perl/Shorewall/Zones.pm +++ b/Shorewall/Perl/Shorewall/Zones.pm @@ -1731,7 +1731,7 @@ sub process_host( ) { } } elsif ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>$/ || $hosts =~ /^([\w.@%-]+\+?):\[(.*)\]$/ || - $hosts =~ /^([\w.@%-]+\+?):(\+.*)$/ || + $hosts =~ /^([\w.@%-]+\+?):(!?\+.*)$/ || $hosts =~ /^([\w.@%-]+\+?):(dynamic)$/ ) { $interface = $1; $hosts = $2; @@ -1741,10 +1741,10 @@ sub process_host( ) { fatal_error "Invalid HOST(S) column contents: $hosts" } - if ( $hosts =~ /^\+/ ) { + if ( $hosts =~ /^!?\+/ ) { $zoneref->{options}{complex} = 1; fatal_error "ipset name qualification is disallowed in this file" if $hosts =~ /[\[\]]/; - fatal_error "Invalid ipset name ($hosts)" unless $hosts =~ /^\+[a-zA-Z][-\w]*$/; + fatal_error "Invalid ipset name ($hosts)" unless $hosts =~ /^!?\+[a-zA-Z][-\w]*$/; } if ( $type == BPORT ) {