holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Catch invalid policies

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6477 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-06-06 23:40:40 +00:00
parent b591068603
commit 5b11cc9e6e
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Shorewall-perl/Shorewall/Policy.pm
View File

@ -185,6 +185,13 @@ sub validate_policy()
if ( $zones{$client}{type} eq 'firewall' ) || ( $zones{$server}{type} eq 'firewall' );
}
unless ( $clientwild || $serverwild ) {
if ( $zones{$server}{type} eq 'bport4' ) {
fatal_error "Invalid policy - DEST zone is a Bridge Port zone but the SOURCE zone is not associated with the same bridge"
unless $zones{$client}{bridge} eq $zones{$server}{bridge};
}
}
my $chain = "${client}2${server}";
my $chainref;