extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix wildcard rules and NONE policy interaction

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6455 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-06-05 14:19:51 +00:00
parent d944e3dbd5
commit d89baf159f
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Shorewall-perl/Shorewall/Rules.pm
View File

@ -1210,7 +1210,8 @@ sub process_rule ( $$$$$$$$$$ ) {
if ( $intrazone || ( $zone ne $zone1 ) ) { if ( $intrazone || ( $zone ne $zone1 ) ) {
my $policychainref = $filter_table->{"${zone}2${zone1}"}{policychain}; my $policychainref = $filter_table->{"${zone}2${zone1}"}{policychain};
fatal_error "No policy from zone $zone to zone $zone1" unless $policychainref; fatal_error "No policy from zone $zone to zone $zone1" unless $policychainref;
if ( ( ( my $policy ) = $policychainref->{policy} ) ne 'NONE' ) { my $policy = $policychainref->{policy};
unless ( $policy eq 'NONE' ) {
if ( $optimize > 0 ) { if ( $optimize > 0 ) {
my $loglevel = $policychainref->{loglevel}; my $loglevel = $policychainref->{loglevel};
if ( $loglevel ne '' ) { if ( $loglevel ne '' ) {
@ -1230,7 +1231,8 @@ sub process_rule ( $$$$$$$$$$ ) {
my $policychainref = $filter_table->{"${zone}2${destzone}"}{policychain}; my $policychainref = $filter_table->{"${zone}2${destzone}"}{policychain};
if ( $intrazone || ( $zone ne $destzone ) ) { if ( $intrazone || ( $zone ne $destzone ) ) {
fatal_error "No policy from zone $zone to zone $destzone" unless $policychainref; fatal_error "No policy from zone $zone to zone $destzone" unless $policychainref;
if ( ( ( my $policy ) = $policychainref->{policy} ) ne 'NONE' ) { my $policy = $policychainref->{policy};
unless ( $policy eq 'NONE' ) {
if ( $optimize > 0 ) { if ( $optimize > 0 ) {
my $loglevel = $policychainref->{loglevel}; my $loglevel = $policychainref->{loglevel};
if ( $loglevel ne '') { if ( $loglevel ne '') {
@ -1251,7 +1253,8 @@ sub process_rule ( $$$$$$$$$$ ) {
if ( ( $includedstfw || ( $zones{$zone}{type} ne 'firewall') ) && ( ( $sourcezone ne $zone ) || $intrazone) ) { if ( ( $includedstfw || ( $zones{$zone}{type} ne 'firewall') ) && ( ( $sourcezone ne $zone ) || $intrazone) ) {
fatal_error "Unknown source zone ($sourcezone)" unless $zones{$sourcezone}; fatal_error "Unknown source zone ($sourcezone)" unless $zones{$sourcezone};
my $policychainref = $filter_table->{"${sourcezone}2${zone}"}{policychain}; my $policychainref = $filter_table->{"${sourcezone}2${zone}"}{policychain};
if ( ( ( my $policy ) = $policychainref->{policy} ) ne 'NONE' ) { my $policy = $policychainref->{policy};
unless ( $policy eq 'NONE' ) {
if ( $optimize > 0 ) { if ( $optimize > 0 ) {
my $loglevel = $policychainref->{loglevel}; my $loglevel = $policychainref->{loglevel};
if ( $loglevel ne '' ) { if ( $loglevel ne '' ) {