extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-04-16 15:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

More robust checking of zone definitions

Browse Source
This commit is contained in:
Tom Eastep 2009-08-31 09:09:15 -07:00
parent 5297bb8b8d
commit d368d80a12
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -604,6 +604,7 @@ sub add_group_to_zone($$$$$)
my @exclusions = (); my @exclusions = ();
my $new = \@newnetworks; my $new = \@newnetworks;
my $switched = 0; my $switched = 0;
my $allip = 0;
for my $host ( @$networks ) { for my $host ( @$networks ) {
$interfaces{$interface}{nets}++; $interfaces{$interface}{nets}++;
@ -620,7 +621,11 @@ sub add_group_to_zone($$$$$)
unless ( $switched ) { unless ( $switched ) {
if ( $type == $zonetype ) { if ( $type == $zonetype ) {
fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if $interfaces{$interface}{zone} eq $zone; fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if $interfaces{$interface}{zone} eq $zone;
$interfaces{$interface}{zone} = $zone if $host eq ALLIP; if ( $host eq ALLIP ) {
fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if @newnetworks;
$interfaces{$interface}{zone} = $zone;
$allip = 1;
}
} }
} }
@ -642,6 +647,8 @@ sub add_group_to_zone($$$$$)
$typeref = ( $hostsref->{$gtype} || ( $hostsref->{$gtype} = {} ) ); $typeref = ( $hostsref->{$gtype} || ( $hostsref->{$gtype} = {} ) );
$interfaceref = ( $typeref->{$interface} || ( $typeref->{$interface} = [] ) ); $interfaceref = ( $typeref->{$interface} || ( $typeref->{$interface} = [] ) );
fatal_error "Duplicate Host Group ($interface:" . ALLIP . ") in zone $zone" if $allip && @$interfaceref;
$zoneref->{options}{complex} = 1 if @$interfaceref || ( @newnetworks > 1 ) || ( @exclusions ); $zoneref->{options}{complex} = 1 if @$interfaceref || ( @newnetworks > 1 ) || ( @exclusions );
push @{$interfaceref}, { options => $options, push @{$interfaceref}, { options => $options,