forked from extern/shorewall_code
Correct defects found in unit testing
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
709e973155
commit
8a63053c13
@ -2217,7 +2217,7 @@ sub handle_ematch( $$ ) {
|
|||||||
|
|
||||||
$setname =~ s/\+//;
|
$setname =~ s/\+//;
|
||||||
|
|
||||||
return "\\\n ipset\\($setname $options\\)";
|
return "ipset\\($setname $options\\)";
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -2318,7 +2318,7 @@ sub process_tc_filter2( $$$$$$$$$ ) {
|
|||||||
fatal_error "Unknown PROTO ($proto)" unless defined $protonumber;
|
fatal_error "Unknown PROTO ($proto)" unless defined $protonumber;
|
||||||
if ( $protonumber ) {
|
if ( $protonumber ) {
|
||||||
$rule .= ' and ' if $have_rule;
|
$rule .= ' and ' if $have_rule;
|
||||||
$rule .= "\\\n match cmp\\( u8 at 6 mask 0xff eq $protonumber \\)";
|
$rule .= "\\\n cmp\\( u8 at 6 mask 0xff eq $protonumber \\)";
|
||||||
$have_rule = 1;
|
$have_rule = 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -2341,7 +2341,7 @@ sub process_tc_filter2( $$$$$$$$$ ) {
|
|||||||
|
|
||||||
while ( @sportlist ) {
|
while ( @sportlist ) {
|
||||||
my ( $sport, $smask ) = ( shift @sportlist, shift @sportlist );
|
my ( $sport, $smask ) = ( shift @sportlist, shift @sportlist );
|
||||||
$rule .= "\\\n cmp\\( u16 at 0 layer 2 mask $smask eq $sport \\)";
|
$rule .= "\\\n cmp\\( u16 at 0 layer 2 mask $smask eq 0x$sport \\)";
|
||||||
$rule .= ' or' if @sportlist;
|
$rule .= ' or' if @sportlist;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2356,7 +2356,7 @@ sub process_tc_filter2( $$$$$$$$$ ) {
|
|||||||
|
|
||||||
my @typelist = split_list( $portlist, 'icmp type' );
|
my @typelist = split_list( $portlist, 'icmp type' );
|
||||||
|
|
||||||
$rule .= "\\\n (" if @typelist > 1;
|
$rule .= "\\\n \\(" if @typelist > 1;
|
||||||
|
|
||||||
for my $type ( @typelist ) {
|
for my $type ( @typelist ) {
|
||||||
my ( $icmptype , $icmpcode ) = split '/', validate_icmp\\( $type );
|
my ( $icmptype , $icmpcode ) = split '/', validate_icmp\\( $type );
|
||||||
@ -2373,7 +2373,7 @@ sub process_tc_filter2( $$$$$$$$$ ) {
|
|||||||
|
|
||||||
my @typelist = split_list( $portlist, 'icmp type' );
|
my @typelist = split_list( $portlist, 'icmp type' );
|
||||||
|
|
||||||
$rule .= "\\\n (" if @typelist > 1;
|
$rule .= "\\\n \\(" if @typelist > 1;
|
||||||
|
|
||||||
for my $type ( @typelist ) {
|
for my $type ( @typelist ) {
|
||||||
|
|
||||||
@ -2390,11 +2390,11 @@ sub process_tc_filter2( $$$$$$$$$ ) {
|
|||||||
|
|
||||||
push @portlist, expand_port_range( $protonumber, $_ ) for split_list( $portlist, 'port list' );
|
push @portlist, expand_port_range( $protonumber, $_ ) for split_list( $portlist, 'port list' );
|
||||||
|
|
||||||
$rule .= "\\\n (" if $multiple = ( @portlist > 2 );
|
$rule .= "\\\n \\(" if $multiple = ( @portlist > 2 );
|
||||||
|
|
||||||
while ( @portlist ) {
|
while ( @portlist ) {
|
||||||
my ( $port, $mask ) = ( shift @portlist, shift @portlist );
|
my ( $port, $mask ) = ( shift @portlist, shift @portlist );
|
||||||
$rule .= "\\\n cmp\\( u16 at 2 layer 2 mask $mask eq $port \\)";
|
$rule .= "\\\n cmp\\( u16 at 2 layer 2 mask $mask eq 0x$port \\)";
|
||||||
$rule .= ' or' if @portlist;
|
$rule .= ' or' if @portlist;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2405,11 +2405,11 @@ sub process_tc_filter2( $$$$$$$$$ ) {
|
|||||||
|
|
||||||
push @portlist, expand_port_range( $protonumber, $_ ) for split_list( $sportlist, 'port list' );
|
push @portlist, expand_port_range( $protonumber, $_ ) for split_list( $sportlist, 'port list' );
|
||||||
|
|
||||||
$rule .= "\\\n (" if $multiple = ( @portlist > 2 );
|
$rule .= "\\\n \\(" if $multiple = ( @portlist > 2 );
|
||||||
|
|
||||||
while ( @portlist ) {
|
while ( @portlist ) {
|
||||||
my ( $sport, $smask ) = ( shift @portlist, shift @portlist );
|
my ( $sport, $smask ) = ( shift @portlist, shift @portlist );
|
||||||
$rule .= "\\\n cmp\\( u16 at 0 layer 2 mask $smask eq $sport \\)";
|
$rule .= "\\\n cmp\\( u16 at 0 layer 2 mask $smask eq 0xsport \\)";
|
||||||
$rule .= ' or' if @portlist;
|
$rule .= ' or' if @portlist;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2423,7 +2423,7 @@ sub process_tc_filter2( $$$$$$$$$ ) {
|
|||||||
$rule .= ' and' if $have_rule;
|
$rule .= ' and' if $have_rule;
|
||||||
|
|
||||||
if ( $source =~ /^\+/ ) {
|
if ( $source =~ /^\+/ ) {
|
||||||
$rule = join( ' ', "\\\n ", handle_ematch( $source, 'src' ) );
|
$rule = join( '', "\\\n ", handle_ematch( $source, 'src' ) );
|
||||||
} else {
|
} else {
|
||||||
my @parts = decompose_net_u32( $source );
|
my @parts = decompose_net_u32( $source );
|
||||||
|
|
||||||
@ -2447,7 +2447,7 @@ sub process_tc_filter2( $$$$$$$$$ ) {
|
|||||||
$rule .= ' and' if $have_rule;
|
$rule .= ' and' if $have_rule;
|
||||||
|
|
||||||
if ( $dest =~ /^\+/ ) {
|
if ( $dest =~ /^\+/ ) {
|
||||||
$rule .= join( ' ', "\\\n ", handle_ematch( $dest, 'dst' ) );
|
$rule .= join( '', "\\\n ", handle_ematch( $dest, 'dst' ) );
|
||||||
} else {
|
} else {
|
||||||
my @parts = decompose_net_u32( $dest );
|
my @parts = decompose_net_u32( $dest );
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user