holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Restrict hypen as range separator to use with integers

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-10-16 13:26:44 -07:00
parent 04051454bf
commit 4bb942f1f9
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/Perl/Shorewall/IPAddrs.pm
View File

@ -436,7 +436,7 @@ sub validate_portpair( $$ ) {
#
# Accept '-' as a port-range separator
#
$pair =~ tr/-/:/;
$pair =~ tr/-/:/ if $pair =~ /^[-0-9]+$/;
fatal_error "Invalid port range ($portpair)" if $pair =~ tr/:/:/ > 1;

3
docs/configuration_file_basics.xml
View File

@ -2621,7 +2621,8 @@ DNAT net loc:192.168.1.3 tcp <emphasis role="bold">4000:4100<
"!4000:4100").</para>
<para>Beginning with Shorewall 5.0.14, a hyphen ("-") may also be used to
separate the two port numbers.</para>
separate the two port numbers; when using service names, the colon must
still be used.</para>
<programlisting>#ACTION SOURCE DESTINATION PROTO DPORT
DNAT net loc:192.168.1.3 tcp <emphasis role="bold">4000-4100</emphasis></programlisting>