extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-02-05 20:39:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow dash's in ipset names

Browse Source
This commit is contained in:
Tom Eastep 2010-09-05 11:41:35 -07:00
parent 23e94e136c
commit 33dc8de8fb
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -2523,7 +2523,7 @@ sub match_source_net( $;$ ) {
} elsif ( $net =~ /^!?~/ ) { } elsif ( $net =~ /^!?~/ ) {
fatal_error "MAC address cannot be used in this context" if $restriction >= OUTPUT_RESTRICT; fatal_error "MAC address cannot be used in this context" if $restriction >= OUTPUT_RESTRICT;
mac_match $net; mac_match $net;
} elsif ( $net =~ /^(!?)\+[a-zA-Z]\w*(\[.*\])?/ ) { } elsif ( $net =~ /^(!?)\+[a-zA-Z][-\w]*(\[.*\])?/ ) {
require_capability( 'IPSET_MATCH' , 'ipset names in Shorewall configuration files' , '' ); require_capability( 'IPSET_MATCH' , 'ipset names in Shorewall configuration files' , '' );
join( '', '-m set ', $1 ? '! ' : '', get_set_flags( $net, 'src' ) ); join( '', '-m set ', $1 ? '! ' : '', get_set_flags( $net, 'src' ) );
} elsif ( $net =~ s/^!// ) { } elsif ( $net =~ s/^!// ) {
@ -2547,7 +2547,7 @@ sub match_dest_net( $ ) {
$net =~ s/!// if my $invert = $1 ? '! ' : ''; $net =~ s/!// if my $invert = $1 ? '! ' : '';
validate_range $addr1, $addr2; validate_range $addr1, $addr2;
iprange_match . "${invert}--dst-range $net "; iprange_match . "${invert}--dst-range $net ";
} elsif ( $net =~ /^(!?)\+[a-zA-Z]\w*(\[.*\])?$/ ) { } elsif ( $net =~ /^(!?)\+[a-zA-Z][-\w]*(\[.*\])?$/ ) {
require_capability( 'IPSET_MATCH' , 'ipset names in Shorewall configuration files' , ''); require_capability( 'IPSET_MATCH' , 'ipset names in Shorewall configuration files' , '');
join( '', '-m set ', $1 ? '! ' : '', get_set_flags( $net, 'dst' ) ); join( '', '-m set ', $1 ? '! ' : '', get_set_flags( $net, 'dst' ) );
} elsif ( $net =~ /^!/ ) { } elsif ( $net =~ /^!/ ) {