From 6fce3afc579d2d98bdb3268d3672eb8f9f56927b Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Wed, 18 Apr 2007 15:43:04 +0000
Subject: [PATCH] Fix -m owner problem; more implementation of ' optional'

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5995 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Chains.pm | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm
index 618520eb9..8498a0597 100644
--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@@ -770,7 +770,7 @@ sub do_ratelimit( $ ) {
 #
 sub do_user( $ ) {
     my $user = $_[0];
-    my $rule = ' -m owner';
+    my $rule = '-m owner ';
 
     return '' unless $user and $user ne '-';
 
@@ -1041,8 +1041,9 @@ sub get_interface_address ( $ ) {
     my ( $interface ) = $_[0];
 
     my $variable = interface_address( $interface );
+    my $function = interface_is_optional( $interface ) ? 'find_first_interface_address_if_any' : 'find_first_interface_address';
 
-    $interfaceaddr{$interface} = "$variable=\$(find_first_interface_address $interface)";
+    $interfaceaddr{$interface} = "$variable=\$($function $interface)";
 
     "\$$variable";
 }
@@ -1062,10 +1063,14 @@ sub get_interface_addresses ( $ ) {
 
     my $variable = interface_addresses( $interface );
 
-    $interfaceaddr{$interface} = qq($variable=\$(get_interface_addresses $interface)
+    if ( interface_is_optional $interface ) {
+	$interfaceaddrs{$interface} = qq($variable=\$(get_interface_addresses $interface)\n);
+    } else {
+	$interfaceaddrs{$interface} = qq($variable=\$(get_interface_addresses $interface)
 [ -n "\$$variable" ] || fatal_error "Unable to determine the IP address(es) of $interface"
 );
-
+    }
+    
     "\$$variable";
 }
 
@@ -1084,9 +1089,13 @@ sub get_interface_nets ( $ ) {
 
     my $variable = interface_nets( $interface );
 
-    $interfaceaddr{$interface} = qq($variable=\$(get_routed_networks $interface)
+    if ( interface_is_optional $interface ) {
+	$interfaceaddr{$interface} = qq($variable=\$(get_routed_networks $interface)\n);
+    } else {
+	$interfaceaddr{$interface} = qq($variable=\$(get_routed_networks $interface)
 [ -n "\$$variable" ] || fatal_error "Unable to determine the routes through interface \\"$interface\\""
 );
+    }
 
     "\$$variable";