holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Allow multiple protocols to be specified for a helper

Browse Source 
- the protocol list is specified in the %helpers hash as an array reference
  e.g., "[UDP,TCP]". Note that those are protocol *numbers*, not names.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2019-04-01 15:12:25 -07:00
parent aa97b1b283
commit 2f66381a4a
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
1 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -5747,10 +5747,25 @@ sub validate_helper( $;$ ) {
my $protonum = -1;
fatal_error "Unknown PROTO ($proto)" unless defined ( $protonum = resolve_proto( $proto ) );
fatal_error "Unknown PROTO ($proto)" unless $proto eq '-' || defined ( $protonum = resolve_proto( $proto ) );
unless ( $protonum == $helper_proto ) {
fatal_error "The $helper_base helper requires PROTO=" . (proto_name $helper_proto );
if ( reftype( $helper_proto ) ) {
#
# More than one protocol allowed with this helper, so $helper_proto is an array reference
#
my $found;
my $names = '';
for ( @$helper_proto ) {
$names = $names ? join( ',', $names, proto_name( $_ ) ) : proto_name( $_ );
$found = 1 if $protonum == $_;
}
fatal_error "The $helper_base helper requires PROTO to be one of '$names'" unless $found;
} else {
unless ( $protonum == $helper_proto ) {
fatal_error "The $helper_base helper requires PROTO=" . (proto_name( $helper_proto ) );
}
}
}
} else {