Correct handling of new ipv6 net syntax in the hosts file.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-09-27 14:51:28 -07:00
parent ffcf262de4
commit 91e2c31a58

View File

@ -1764,9 +1764,9 @@ sub process_host( ) {
} else { } else {
fatal_error "Invalid HOST(S) column contents: $hosts"; fatal_error "Invalid HOST(S) column contents: $hosts";
} }
} elsif ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>$/ || } elsif ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>$/ ||
$hosts =~ /^([\w.@%-]+\+?):\[(.*)\]$/ || $hosts =~ /^([\w.@%-]+\+?):\[(.*)\]$/ ||
$hosts =~ /^([\w.@%-]+\+?):(!?\+.*)$/ || $hosts =~ /^([\w.@%-]+\+?):(\[.+\](?:\/\d+)?)$/ ||
$hosts =~ /^([\w.@%-]+\+?):(dynamic)$/ ) { $hosts =~ /^([\w.@%-]+\+?):(dynamic)$/ ) {
$interface = $1; $interface = $1;
$hosts = $2; $hosts = $2;
@ -1776,10 +1776,20 @@ sub process_host( ) {
fatal_error "Invalid HOST(S) column contents: $hosts" fatal_error "Invalid HOST(S) column contents: $hosts"
} }
if ( $hosts =~ /^!?\+/ ) { unless ( $hosts eq 'dynamic' ) {
$zoneref->{complex} = 1; my @hosts = split_list1( $hosts , 'host' );
fatal_error "ipset name qualification is disallowed in this file" if $hosts =~ /[\[\]]/;
fatal_error "Invalid ipset name ($hosts)" unless $hosts =~ /^!?\+[a-zA-Z][-\w]*$/; for ( @hosts ) {
if ( $_ =~ /^!?\+/ ) {
$zoneref->{complex} = 1;
fatal_error "ipset name qualification is disallowed in this file" if /[\[\]]/;
fatal_error "Invalid ipset name ($hosts)" unless /^!?\+[a-zA-Z][-\w]*$/;
} else {
$_ = validate_net( $_, 1 );
}
}
$hosts = join( ',', @hosts );
} }
if ( $type & BPORT ) { if ( $type & BPORT ) {