From 2bbb5c8c1e589952d6fb38a601c70b32ef92b27d Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 23 Jan 2017 09:23:26 -0800 Subject: [PATCH] Add hack to distinguish between the BLACKLIST macro and action Signed-off-by: Tom Eastep --- Shorewall/Macros/macro.BLACKLIST | 2 ++ Shorewall/Perl/Shorewall/Rules.pm | 8 +++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/Shorewall/Macros/macro.BLACKLIST b/Shorewall/Macros/macro.BLACKLIST index 9c45d98f0..3e5000612 100644 --- a/Shorewall/Macros/macro.BLACKLIST +++ b/Shorewall/Macros/macro.BLACKLIST @@ -2,6 +2,8 @@ # Shorewall -- /usr/share/shorewall/macro.blacklist # # This macro handles blacklisting using BLACKLIST_DISPOSITION and BLACKLIST_LOGLEVEL. +# It is usable only in the blrules file; in the rules file the action by the +# same name is invoked. # ############################################################################### #ACTION SOURCE DEST PROTO DPORT SPORT ORIGDEST RATE USER diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index e88a3d7a0..952300c78 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -2736,7 +2736,13 @@ sub process_rule ( $$$$$$$$$$$$$$$$$$$$ ) { # # Determine the validity of the action # - $actiontype = ( $targets{$basictarget} || find_macro ( $basictarget ) ); + if ( $actiontype = $targets{$basictarget} ) { + if ( $section == BLACKLIST_SECTION && $basictarget eq 'BLACKLIST' ) { + assert( $actiontype = find_macro( 'BLACKLIST' ) ); + } + } else { + $actiontype = find_macro ( $basictarget ); + } if ( $config{ MAPOLDACTIONS } ) { ( $basictarget, $actiontype , $param ) = map_old_actions( $basictarget ) unless $actiontype || supplied $param;