From bc40507b80689bea75de1a9e9a661a06e31721c9 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Sun, 6 May 2007 22:26:50 +0000
Subject: [PATCH] Fix some more bugs with hosts file handling

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6259 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Rules.pm | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/Shorewall-perl/Shorewall/Rules.pm b/Shorewall-perl/Shorewall/Rules.pm
index 230e9809c..1995c83d7 100644
--- a/Shorewall-perl/Shorewall/Rules.pm
+++ b/Shorewall-perl/Shorewall/Rules.pm
@@ -1415,9 +1415,12 @@ sub generate_matrix() {
 
 	    if ( $capabilities{POLICY_MATCH} ) {
 		my $type       = $zoneref->{type};
-		my $source_ref = $zoneref->{hosts}{ipsec} || [];
+		my $source_ref = ( $zoneref->{hosts}{ipsec} ) || {};
 
-		create_zone_dyn_chain $zone, $frwd_ref && $config{DYNAMIC_ZONES} && (@$source_ref || $type ne 'ipsec4' );
+		if ( $config{DYNAMIC_ZONES} ) {
+		    no warnings;
+		    create_zone_dyn_chain $zone, $frwd_ref if (%$source_ref || $type ne 'ipsec4' );
+		}
 
 		for my $interface ( keys %$source_ref ) {
 		    my $arrayref = $source_ref->{$interface};
@@ -1425,7 +1428,7 @@ sub generate_matrix() {
 			my $ipsec_match = match_ipsec_in $zone , $hostref;
 			for my $net ( @{$hostref->{hosts}} ) {
 			    add_rule
-				find_chainref( 'filter' , forward_chain $interface ) ,
+				$filter_table->{forward_chain $interface} ,
 				match_source_net join( '', $net, $ipsec_match, "-j $frwd_ref->n{name}" );
 			}
 		    }