extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-20 09:47:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix a couple of more bugs

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6024 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-04-19 21:14:18 +00:00
parent 5c438ffdf5
commit c3d35b6ed6
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall-perl/Shorewall/Chains.pm
View File

@ -650,8 +650,13 @@ sub do_proto( $$$ )
$sports = '' if $sports eq '-'; $sports = '' if $sports eq '-';
if ( $proto ) { if ( $proto ) {
if ( $proto =~ /^(tcp|udp|6|17)$/i ) { if ( $proto =~ /^((tcp|6)((:syn)?))|(udp|17)$/ ) {
if ( $3 ) {
$output = '-p tcp --syn ';
} else {
$output = "-p $proto "; $output = "-p $proto ";
}
if ( $ports ) { if ( $ports ) {
if ( $ports =~ tr/,/,/ > 0 ) { if ( $ports =~ tr/,/,/ > 0 ) {
@ -1338,7 +1343,7 @@ sub expand_rule( $$$$$$$$$$ )
# #
# We have non-trivial exclusion -- need to create an exclusion chain # We have non-trivial exclusion -- need to create an exclusion chain
# #
fatal_error "Exclusion is not possible in CONTINUE rules" if $disposition eq 'RETURN'; fatal_error "Exclusion is not possible in CONTINUE/NONAT rules" if $disposition eq 'RETURN';
my $echain = newexclusionchain; my $echain = newexclusionchain;

1
Shorewall-perl/Shorewall/Rules.pm
View File

@ -998,6 +998,7 @@ sub process_rule1 ( $$$$$$$$$ ) {
} else { } else {
if ( $action eq 'SAME' ) { if ( $action eq 'SAME' ) {
fatal_error 'Port mapping not allowed in SAME rules' if $serverport; fatal_error 'Port mapping not allowed in SAME rules' if $serverport;
fatal_error 'SAME not allowed with SOURCE=$FW' if $sourcezone eq $firewall_zone;
$target = '-j SAME '; $target = '-j SAME ';
for my $serv ( split /,/, $server ) { for my $serv ( split /,/, $server ) {
$target .= "--to $serv "; $target .= "--to $serv ";