mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-26 01:23:14 +01:00
Detect double exclusion in ipset expressions
This commit is contained in:
Tom Eastep
parent
953c7db1c4
commit
e7831d5a15
@ -3230,9 +3230,13 @@ sub addnatjump( $$$ ) {
|
||||
# where an element of the list might be +ipset[flag,...] or +[ipset[flag,...],...]
|
||||
#
|
||||
sub mysplit( $ ) {
|
||||
my @input = split_list $_[0], 'host';
|
||||
my $input = $_[0];
|
||||
|
||||
return @input unless $_[0] =~ /\[/;
|
||||
my @input = split_list $input, 'host';
|
||||
|
||||
return @input unless $input =~ /\[/;
|
||||
|
||||
my $exclude = 0;
|
||||
|
||||
my @result;
|
||||
|
||||
@ -3245,7 +3249,11 @@ sub mysplit( $ ) {
|
||||
$element .= ( ',' . shift @input );
|
||||
}
|
||||
|
||||
fatal_error "Invalid host list ($input)" if $exclude && $element =~ /!/;
|
||||
$exclude ||= $element =~ /^!/ || $element =~ /\]!/;
|
||||
fatal_error "Mismatched [...] ($element)" unless $element =~ tr/[/[/ == $element =~ tr/]/]/;
|
||||
} else {
|
||||
$exclude ||= $element =~ /!/;
|
||||
}
|
||||
|
||||
push @result, $element;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user