From 5c922eb2afbc33f133d30302e55d1e7b62b7a91c Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Mon, 11 Feb 2008 18:40:58 +0000
Subject: [PATCH] Don't allow non-shared provider in masq file

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8182 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Nat.pm       | 6 ++++--
 Shorewall-perl/Shorewall/Providers.pm | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/Shorewall-perl/Shorewall/Nat.pm b/Shorewall-perl/Shorewall/Nat.pm
index cd102bf71..f1e747e25 100644
--- a/Shorewall-perl/Shorewall/Nat.pm
+++ b/Shorewall-perl/Shorewall/Nat.pm
@@ -189,9 +189,11 @@ sub setup_one_masq($$$$$$$)
 
 	if ( $interface =~ /(.*)[(](\w*)[)]$/ ) {
 	    $interface = $1;
-	    my $realm  = $2;
+	    my $provider  = $2;
 	    $fullinterface =~ s/[(]\w*[)]//;
-	    $realm = lookup_provider( $realm ) unless $realm =~ /^\d+$/;
+	    my $realm = lookup_provider( $provider ) unless $provider =~ /^\d+$/;
+
+	    fatal_error "$provider is not a shared-interface provider" unless $realm;
 	    
 	    $rule .= "-m realm --realm $realm ";
 	}
diff --git a/Shorewall-perl/Shorewall/Providers.pm b/Shorewall-perl/Shorewall/Providers.pm
index b003e3f2b..c74a6c20f 100644
--- a/Shorewall-perl/Shorewall/Providers.pm
+++ b/Shorewall-perl/Shorewall/Providers.pm
@@ -587,7 +587,7 @@ sub lookup_provider( $ ) {
 
     fatal_error "Unknown provider ($provider)" unless $providerref;
 
-    $providerref->{number};
+    $providerref->{shared} ? $providerref->{number} : 0;
 }
 
 1;