extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Normalize rules prior to combine_state tests.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2013-02-03 18:14:14 -08:00
parent f1707d2ace
commit 475942deb9
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -3557,9 +3557,14 @@ sub delete_duplicates {
# Get the 'conntrack' state for the passed rule reference # Get the 'conntrack' state for the passed rule reference
# #
sub get_conntrack( $ ) { sub get_conntrack( $ ) {
if ( my $states = $_[0]->{conntrack} ) { my $ruleref = $_[0];
if ( my $states = $ruleref->{conntrack} ) {
unless ( reftype $states ) { unless ( reftype $states ) {
return $states if $states =~ s/--ctstate //; if ( $states =~ s/--ctstate // ) {
delete $ruleref->{targetopts} unless $ruleref->{targetopts};
$ruleref->{simple} = '' unless $ruleref->{simple};
return $states
}
} }
} }
@ -3632,12 +3637,6 @@ sub combine_states {
last RULE unless compare_values( $baseref->{$key}, $ruleref->{$key} ); last RULE unless compare_values( $baseref->{$key}, $ruleref->{$key} );
} }
#
# The rules connection tracking states must be different; otherwise,
# the rules are identical
#
assert( $conntrack1 ne $conntrack2 );
if ( $comment2 ) { if ( $comment2 ) {
if ( $comment ) { if ( $comment ) {
$comment .= ", $comment2" unless $comment2 eq $lastcomment; $comment .= ", $comment2" unless $comment2 eq $lastcomment;