extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-15 18:18:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Check for invalid exclusion

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6014 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-04-19 00:49:38 +00:00
parent ecaa0cec33
commit c7cae95aaa
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall-perl/Shorewall/Chains.pm
View File

@ -1256,6 +1256,8 @@ sub expand_rule( $$$$$$$$$$ )
$origdest = ''; $origdest = '';
} else { } else {
fatal_error "Invalid ORIGINAL DEST" if $origdest =~ /^([^!]+)?,!([^!]+)$/;
if ( $origdest =~ /^([^!]+)?!([^!]+)$/ ) { if ( $origdest =~ /^([^!]+)?!([^!]+)$/ ) {
# #
# Exclusion # Exclusion
@ -1283,6 +1285,8 @@ sub expand_rule( $$$$$$$$$$ )
# Determine if there is Source Exclusion # Determine if there is Source Exclusion
# #
if ( $inets ) { if ( $inets ) {
fatal_error "Invalid SOURCE" if $inets =~ /^([^!]+)?,!([^!]+)$/;
if ( $inets =~ /^([^!]+)?!([^!]+)$/ ) { if ( $inets =~ /^([^!]+)?!([^!]+)$/ ) {
$inets = $1; $inets = $1;
$iexcl = $2; $iexcl = $2;
@ -1296,6 +1300,7 @@ sub expand_rule( $$$$$$$$$$ )
$rule .= match_source_net "!$iexcl "; $rule .= match_source_net "!$iexcl ";
$iexcl = ''; $iexcl = '';
} }
} }
} else { } else {
$iexcl = ''; $iexcl = '';
@ -1305,6 +1310,8 @@ sub expand_rule( $$$$$$$$$$ )
# Determine if there is Destination Exclusion # Determine if there is Destination Exclusion
# #
if ( $dnets ) { if ( $dnets ) {
fatal_error "Invalid DEST" if $inets =~ /^([^!]+)?,!([^!]+)$/;
if ( $dnets =~ /^([^!]+)?!([^!]+)$/ ) { if ( $dnets =~ /^([^!]+)?!([^!]+)$/ ) {
$dnets = $1; $dnets = $1;
$dexcl = $2; $dexcl = $2;
@ -1331,6 +1338,8 @@ sub expand_rule( $$$$$$$$$$ )
# #
# We have non-trivial exclusion -- need to create an exclusion chain # We have non-trivial exclusion -- need to create an exclusion chain
# #
fatal_error "Exclusion is not possible in CONTINUE rules" if $disposition eq 'RETURN';
my $echain = newexclusionchain; my $echain = newexclusionchain;
# #