holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Correct handling of a chain designator in CLASSIFY rules.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-12-23 07:44:16 -08:00
parent 3081ab1da1
commit 1c535ee0f9
1 changed files with 6 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -268,12 +268,15 @@ sub process_tc_rule( ) {
require_capability ('CONNMARK' , "CONNMARK Rules", '' ) if $connmark; require_capability ('CONNMARK' , "CONNMARK Rules", '' ) if $connmark;
} else { } else {
fatal_error "Invalid MARK ($originalmark)" unless ( $remainder ) {
unless $remainder || ( $mark =~ /^([0-9a-fA-F]+)$/ and $designator =~ /^([0-9a-fA-F]+)$/ ); fatal_error "Invalid MARK ($originalmark)" unless $mark =~ /^([0-9a-fA-F]+)$/ and $designator =~ /^([0-9a-fA-F]+)$/;
$chain = 'tcpost';
$mark = $originalmark;
}
if ( $config{TC_ENABLED} eq 'Internal' || $config{TC_ENABLED} eq 'Shared' ) { if ( $config{TC_ENABLED} eq 'Internal' || $config{TC_ENABLED} eq 'Shared' ) {
$originalmark = join( ':', normalize_hex( $mark ), normalize_hex( $designator ) ); $originalmark = join( ':', normalize_hex( $mark ), normalize_hex( $designator ) );
fatal_error "Unknown Class ($originalmark)}" unless ( $device = $classids{$originalmark} ); fatal_error "Unknown Class ($originalmark)}" unless ( $device = $classids{$mark} );
fatal_error "IFB Classes may not be specified in tcrules" if @{$tcdevices{$device}{redirected}}; fatal_error "IFB Classes may not be specified in tcrules" if @{$tcdevices{$device}{redirected}};
unless ( $tcclasses{$device}{hex_value $designator}{leaf} ) { unless ( $tcclasses{$device}{hex_value $designator}{leaf} ) {
@ -288,11 +291,6 @@ sub process_tc_rule( ) {
} }
} }
unless ( $remainder ) {
$chain = 'tcpost';
$mark = $originalmark;
}
$classid = 1; $classid = 1;
$target = 'CLASSIFY --set-class'; $target = 'CLASSIFY --set-class';
} }