From d74af30368026d4c6c0647bde93e6e35f019bd73 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 23 Aug 2010 16:31:46 -0700 Subject: [PATCH] Fix zone-exclusion bug --- Shorewall/Perl/Shorewall/Rules.pm | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index dfec35df7..0916a2c82 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -1524,8 +1524,8 @@ sub process_section ($) { # # Build a source or destination zone list # -sub build_zone_list( $$$\$ ) { - my ($fw, $input, $which, $intrazoneref ) = @_; +sub build_zone_list( $$$\$\$ ) { + my ($fw, $input, $which, $intrazoneref, $wildref ) = @_; my $any = ( $input =~ s/^any/all/ ); my $exclude; my $rest; @@ -1539,6 +1539,8 @@ sub build_zone_list( $$$\$ ) { $exclude = $2; $rest = $3; + $$wildref = 1; + if ( defined $exclude ) { $exclude =~ s/!//; fatal_error "Invalid exclusion list (!$exclude)" if $exclude =~ /^,|!|,,|,$/; @@ -1612,10 +1614,8 @@ sub process_rule ( ) { fatal_error "Invalid or missing ACTION ($target)" unless defined $action; - @source = build_zone_list ( $fw, $source, 'SOURCE', $intrazone ); - @dest = build_zone_list ( $fw, $dest, 'DEST' , $intrazone ); - - $wild = ( @source > 1 ) || ( @dest > 1 ); + @source = build_zone_list ( $fw, $source, 'SOURCE', $intrazone, $wild ); + @dest = build_zone_list ( $fw, $dest, 'DEST' , $intrazone, $wild ); for $source ( @source ) { for $dest ( @dest ) {