From b27cc81582940515e5f5e75ab77dca30ece978fe Mon Sep 17 00:00:00 2001 From: teastep Date: Wed, 25 Apr 2007 16:45:46 +0000 Subject: [PATCH] More cleanup of hosts file exclusion git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6118 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-perl/Shorewall/Hosts.pm | 9 ++++++++- Shorewall-perl/Shorewall/Interfaces.pm | 6 +++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/Shorewall-perl/Shorewall/Hosts.pm b/Shorewall-perl/Shorewall/Hosts.pm index 4f81775f6..7deababb3 100644 --- a/Shorewall-perl/Shorewall/Hosts.pm +++ b/Shorewall-perl/Shorewall/Hosts.pm @@ -105,8 +105,15 @@ sub validate_hosts_file() $optionsref = \%options; } + # + # Looking for the '!' at the beginning of a list element is more straight-foward than looking for it in the middle. + # + # Be sure we don't have a ',!' in the original + # fatal_error "Invalid hosts list" if $hosts =~ /,!/; - + # + # Now add a comma before '!'. Do it globally - add_group_to_zone() correctly checks for multiple exclusions + # $hosts =~ s/!/,!/g; add_group_to_zone( $zone, $type , $interface, [ split ',', $hosts ] , $optionsref); diff --git a/Shorewall-perl/Shorewall/Interfaces.pm b/Shorewall-perl/Shorewall/Interfaces.pm index eadd85efe..e9df2a250 100644 --- a/Shorewall-perl/Shorewall/Interfaces.pm +++ b/Shorewall-perl/Shorewall/Interfaces.pm @@ -81,10 +81,10 @@ sub add_group_to_zone($$$$$) $ifacezone = '' unless defined $ifacezone; for my $host ( @$networks ) { - if ( $host =~ /^!.*/ ) { - fatal_error "Invalid host group: @$networks" if $switched; + if ( substr( $host, 0, 1 ) eq '!' ) { + fatal_error "Only one exclusion allowed in a host list" if $switched; $switched = 1; - $host =~ s/^!//; + $host = substr( $host, 1 ); $new = \@exclusions; }