From 2daa5705d93e9a0aa2cfdee15a4cda3558f9db53 Mon Sep 17 00:00:00 2001 From: teastep Date: Mon, 17 Mar 2008 23:54:41 +0000 Subject: [PATCH] More tcfilters pretty-up git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8304 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-perl/Shorewall/Config.pm | 5 +++++ Shorewall-perl/Shorewall/Tc.pm | 7 ++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/Shorewall-perl/Shorewall/Config.pm b/Shorewall-perl/Shorewall/Config.pm index 4b5935669..104c1741b 100644 --- a/Shorewall-perl/Shorewall/Config.pm +++ b/Shorewall-perl/Shorewall/Config.pm @@ -56,6 +56,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_object finalize_object numeric_value in_hex + in_hex2 in_hex4 in_hex8 emit @@ -531,6 +532,10 @@ sub in_hex( $ ) { sprintf '0x%x', $_[0]; } +sub in_hex2( $ ) { + sprintf '0x%02x', $_[0]; +} + sub in_hex4( $ ) { sprintf '0x%04x', $_[0]; } diff --git a/Shorewall-perl/Shorewall/Tc.pm b/Shorewall-perl/Shorewall/Tc.pm index 6f23c7f1b..7fea24283 100644 --- a/Shorewall-perl/Shorewall/Tc.pm +++ b/Shorewall-perl/Shorewall/Tc.pm @@ -545,7 +545,9 @@ sub process_tc_filter( $$$$$$ ) { $protonumber = resolve_proto $proto; fatal_error "Unknown PROTO ($proto)" unless defined $protonumber; - $rule .= "\\\n match u8 $protonumber 0xFF at 9"; + my $pnumber = in_hex2 $protonumber; + + $rule .= "\\\n match u8 $pnumber 0xFF at 9"; } unless ( $port eq '-' ) { @@ -555,6 +557,9 @@ sub process_tc_filter( $$$$$$ ) { if ( $protonumber == ICMP ) { my ( $icmptype , $icmpcode ) = split '//', validate_icmp( $port ); + $icmptype = in_hex2 numeric_value $icmptype; + $icmpcode = in_hex2 numeric_value $icmpcode if defined $icmpcode; + if ( $config{BROKEN_NEXTHDR} ) { $rule .= "\\\n match u8 $icmptype 0xFF at 20"; $rule .= "\\\n match u8 $icmpcode 0xFF at 21" if defined $icmpcode;