From e6c0c8f6b7c95beb274d2799c8a9597442f9751d Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Fri, 8 Jan 2010 13:54:31 -0800 Subject: [PATCH] Allow both <...> and [...] for IPv6 Addresses Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Actions.pm | 2 +- Shorewall/Perl/Shorewall/Chains.pm | 8 ++++---- Shorewall/Perl/Shorewall/Providers.pm | 2 +- Shorewall/Perl/Shorewall/Rules.pm | 2 +- Shorewall/Perl/Shorewall/Zones.pm | 14 ++++++-------- 5 files changed, 13 insertions(+), 15 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Actions.pm b/Shorewall/Perl/Shorewall/Actions.pm index 9809e1de2..cbf516bb1 100644 --- a/Shorewall/Perl/Shorewall/Actions.pm +++ b/Shorewall/Perl/Shorewall/Actions.pm @@ -213,7 +213,7 @@ sub merge_macro_source_dest( $$ ) { if ( $invocation ) { if ( $body ) { return $body if $invocation eq '-'; - return "$body:$invocation" if $invocation =~ /.*?\.*?\.|^\+|^!+|^~|^!~|~\s*$/ ) { + } elsif ( $source =~ /^(.+?):<(.+)>\s*$/ || $source =~ /^(.+?):\[(.+)\]\s*$/ ) { $iiface = $1; $inets = $2; } elsif ( $source =~ /:/ ) { - if ( $source =~ /^<(.+)>$/ ) { + if ( $source =~ /^<(.+)>$/ || $source =~ /^<\[.+\]>$/ ) { $inets = $1; } else { $inets = $source; @@ -2543,11 +2543,11 @@ sub expand_rule( $$$$$$$$$$;$ ) } else { $diface = $dest; } - } elsif ( $dest =~ /^(.+?):<(.+)>\s*$/ ) { + } elsif ( $dest =~ /^(.+?):<(.+)>\s*$/ || $dest =~ /^(.+?):\[(.+)\]\s*$/) { $diface = $1; $dnets = $2; } elsif ( $dest =~ /:/ ) { - if ( $dest =~ /^<(.+)>$/ ) { + if ( $dest =~ /^<(.+)>$/ || $dest =~ /^\[(.+)\]$/ ) { $dnets = $1; } else { $dnets = $dest; diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm index f47b6d58d..8bce292b4 100644 --- a/Shorewall/Perl/Shorewall/Providers.pm +++ b/Shorewall/Perl/Shorewall/Providers.pm @@ -589,7 +589,7 @@ sub add_an_rtrule( ) { } else { $source = "iif $source"; } - } elsif ( $source =~ /^(.+?):<(.+)>\s*$/ ) { + } elsif ( $source =~ /^(.+?):<(.+)>\s*$/ || $source =~ /^(.+?):\[(.+)\]\s*$/ ) { my ($interface, $source ) = ($1, $2); validate_net ($source, 0); $interface = physical_name $interface; diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index bc5aab338..b3b732604 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -125,7 +125,7 @@ sub process_tos() { if ( $family == F_IPV4 ) { ( $srczone , $source , $remainder ) = split( /:/, $src, 3 ); fatal_error 'Invalid SOURCE' if defined $remainder; - } elsif ( $src =~ /^(.+?):<(.*)>\s*$/ ) { + } elsif ( $src =~ /^(.+?):<(.*)>\s*$/ || $src =~ /^(.+?):\[(.*)\]\s*$/ ) { $srczone = $1; $source = $2; } else { diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm index 2e1b406da..7329f294a 100644 --- a/Shorewall/Perl/Shorewall/Zones.pm +++ b/Shorewall/Perl/Shorewall/Zones.pm @@ -1186,15 +1186,13 @@ sub process_host( ) { } else { fatal_error "Invalid HOST(S) column contents: $hosts"; } + } elsif ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>\s*$/ || $hosts =~ /^([\w.@%-]+\+?):\[(.*)\]\s*$/ ) { + $interface = $1; + $hosts = $2; + $zoneref->{options}{complex} = 1 if $hosts =~ /^\+/; + fatal_error "Unknown interface ($interface)" unless $interfaces{$interface}{root}; } else { - if ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>\s*$/ ) { - $interface = $1; - $hosts = $2; - $zoneref->{options}{complex} = 1 if $hosts =~ /^\+/; - fatal_error "Unknown interface ($interface)" unless $interfaces{$interface}{root}; - } else { - fatal_error "Invalid HOST(S) column contents: $hosts"; - } + fatal_error "Invalid HOST(S) column contents: $hosts"; } if ( $type == BPORT ) {