From bef8ec09b318d9cd06edb2711996e289ec88be39 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Tue, 8 Jan 2019 13:55:02 -0800 Subject: [PATCH] Insist that '+' (if present) be the first non-blank character in IL matches Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Nat.pm | 2 +- Shorewall/Perl/Shorewall/Raw.pm | 2 +- Shorewall/Perl/Shorewall/Rules.pm | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm index 404200b91..7ada0e6ee 100644 --- a/Shorewall/Perl/Shorewall/Nat.pm +++ b/Shorewall/Perl/Shorewall/Nat.pm @@ -90,7 +90,7 @@ sub process_one_masq1( $$$$$$$$$$$ ) # # Handle early matches # - if ( $inlinematches =~ s/s*\+// ) { + if ( $inlinematches =~ s/^s*\+// ) { $prerule = $inlinematches; $inlinematches = ''; } diff --git a/Shorewall/Perl/Shorewall/Raw.pm b/Shorewall/Perl/Shorewall/Raw.pm index 22ca5ed41..7b66001a0 100644 --- a/Shorewall/Perl/Shorewall/Raw.pm +++ b/Shorewall/Perl/Shorewall/Raw.pm @@ -73,7 +73,7 @@ sub process_conntrack_rule( $$$$$$$$$$ ) { my $raw_matches = get_inline_matches(0); my $prerule = ''; - if ( $raw_matches =~ /s*+/ ) { + if ( $raw_matches =~ /^s*+/ ) { $prerule = $raw_matches; $raw_matches = ''; } diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index 90051a4bd..e36bbca82 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -2609,7 +2609,7 @@ sub process_rule ( $$$$$$$$$$$$$$$$$$$$ ) { # # Handle early matches # - if ( $raw_matches =~ s/s*\+// ) { + if ( $raw_matches =~ s/^s*\+// ) { $prerule = $raw_matches; $raw_matches = ''; } @@ -4889,7 +4889,7 @@ sub process_mangle_rule1( $$$$$$$$$$$$$$$$$$$ ) { # # Handle early matches # - if ( $raw_matches =~ s/s*\+// ) { + if ( $raw_matches =~ s/^s*\+// ) { $prerule = $raw_matches; $raw_matches = ''; }