From 3bf59ff03abbf9244e3bd1538647ffd2d617b14b Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Sat, 22 Mar 2008 03:01:01 +0000
Subject: [PATCH] Add error when ICMP specifies SOURCE PORT(S) in tcfilters
 file

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8331 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Tc.pm | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Shorewall-perl/Shorewall/Tc.pm b/Shorewall-perl/Shorewall/Tc.pm
index 4736fee7b..47cf713ce 100644
--- a/Shorewall-perl/Shorewall/Tc.pm
+++ b/Shorewall-perl/Shorewall/Tc.pm
@@ -607,6 +607,8 @@ sub process_tc_filter( $$$$$$ ) {
 
 	    for my $portrange ( split_list $portlist, 'port list' ) {
 		if ( $protonumber == ICMP ) {
+		    fatal_error "SOURCE PORT(S) are not allowed with ICMP" if $sportlist ne '-';
+ 
 		    my ( $icmptype , $icmpcode ) = split '//', validate_icmp( $portrange );
 		
 		    $icmptype = in_hex2 numeric_value $icmptype;