holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Disallow USER/GROUP anywhere but in the OUTPUT section

Browse Source
This commit is contained in:
Tom Eastep 2011-02-19 08:00:00 -08:00
parent cf2d4e154f
commit 9173b22b58
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall/Perl/Shorewall/Accounting.pm
View File

@ -159,9 +159,7 @@ sub process_accounting_rule( ) {
$ports = '' if $ports eq 'any' || $ports eq 'all'; $ports = '' if $ports eq 'any' || $ports eq 'all';
$sports = '' if $sports eq 'any' || $sports eq 'all'; $sports = '' if $sports eq 'any' || $sports eq 'all';
if ( $asection ) { fatal_error "USER/GROUP may only be specified in the OUTPUT section" unless $user eq '-' || $asection == OUTPUT;
fatal_error "USER/GROUP may only be specified in the OUTPUT section" unless $user eq '-' || $asection == OUTPUT;
}
my $rule = do_proto( $proto, $ports, $sports ) . do_user ( $user ) . do_test ( $mark, $globals{TC_MASK} ) . do_headers( $headers ); my $rule = do_proto( $proto, $ports, $sports ) . do_user ( $user ) . do_test ( $mark, $globals{TC_MASK} ) . do_headers( $headers );
my $rule2 = 0; my $rule2 = 0;