From 166d27f6d40e0f7b2f9bb2c41d911b786a0e1591 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Wed, 18 May 2011 11:13:03 -0700
Subject: [PATCH] Minor tweak to blacklisting

Reverse order of tests for 'from' and 'src'.
Use equivalent logic for generating unknown option error

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Misc.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm
index f14701529..f8077e733 100644
--- a/Shorewall/Perl/Shorewall/Misc.pm
+++ b/Shorewall/Perl/Shorewall/Misc.pm
@@ -260,7 +260,7 @@ sub setup_blacklist() {
 		my $tgt = $whitelist ? 'RETURN' : $target;
 
 		for ( @options ) {
-		    if ( $_ =~ /^(?:from|src)$/ ) {
+		    if ( $_ =~ /^(?:src|from)$/ ) {
 			if ( $from++ ) {
 			    warning_message "Duplicate 'src' ignored";
 			} else {
@@ -300,8 +300,8 @@ sub setup_blacklist() {
 				warning_message '"dst" entry ignored because there are no "blacklist out" zones';
 			    }
 			}
-		    } elsif ( $_ ne 'whitelist' ) {
-			fatal_error "Invalid blacklist option($_)";
+		    } else {
+			fatal_error "Invalid blacklist option($_)" unless $_ eq 'whitelist';
 		    }
 		}