More tcfilters pretty-up

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8304 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-perl/Shorewall/Config.pm

@@ -56,6 +56,7 @@ our %EXPORT_TAGS = ( internal => [ qw( create_temp_object
 				       finalize_object
 		                       numeric_value
 		                       in_hex
+		                       in_hex2
 		                       in_hex4
 		                       in_hex8
 				       emit
@@ -531,6 +532,10 @@ sub in_hex( $ ) {
     sprintf '0x%x', $_[0];
 }
 
+sub in_hex2( $ ) {
+    sprintf '0x%02x', $_[0];
+}
+
 sub in_hex4( $ ) {
     sprintf '0x%04x', $_[0];
 }

Shorewall-perl/Shorewall/Tc.pm

@@ -545,7 +545,9 @@ sub process_tc_filter( $$$$$$ ) {
 	$protonumber = resolve_proto $proto;
 	fatal_error "Unknown PROTO ($proto)" unless defined $protonumber;
 
-	$rule .= "\\\n   match u8 $protonumber 0xFF at 9";
+	my $pnumber = in_hex2 $protonumber;
+
+	$rule .= "\\\n   match u8 $pnumber 0xFF at 9";
     }
 
     unless ( $port eq '-' ) {
@@ -555,6 +557,9 @@ sub process_tc_filter( $$$$$$ ) {
 	if ( $protonumber == ICMP ) {
 	    my ( $icmptype , $icmpcode ) = split '//', validate_icmp( $port );
 
+	    $icmptype = in_hex2 numeric_value $icmptype;
+	    $icmpcode = in_hex2 numeric_value $icmpcode if defined $icmpcode;
+
 	    if ( $config{BROKEN_NEXTHDR} ) {
 		$rule .= "\\\n   match u8 $icmptype 0xFF at 20";
 		$rule .= "\\\n   match u8 $icmpcode 0xFF at 21" if defined $icmpcode;