holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Fix a couple of more bugs

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6024 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-04-19 21:14:18 +00:00
parent 5c438ffdf5
commit c3d35b6ed6
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Shorewall-perl/Shorewall/Chains.pm
View File

@ -650,8 +650,13 @@ sub do_proto( $$$ )
$sports = '' if $sports eq '-';
if ( $proto ) {
if ( $proto =~ /^(tcp|udp|6|17)$/i ) {
$output = "-p $proto ";
if ( $proto =~ /^((tcp|6)((:syn)?))|(udp|17)$/ ) {
if ( $3 ) {
$output = '-p tcp --syn ';
} else {
$output = "-p $proto ";
}
if ( $ports ) {
if ( $ports =~ tr/,/,/ > 0 ) {
@ -1338,7 +1343,7 @@ sub expand_rule( $$$$$$$$$$ )
#
# We have non-trivial exclusion -- need to create an exclusion chain
#
fatal_error "Exclusion is not possible in CONTINUE rules" if $disposition eq 'RETURN';
fatal_error "Exclusion is not possible in CONTINUE/NONAT rules" if $disposition eq 'RETURN';
my $echain = newexclusionchain;

1
Shorewall-perl/Shorewall/Rules.pm
View File

@ -998,6 +998,7 @@ sub process_rule1 ( $$$$$$$$$ ) {
} else {
if ( $action eq 'SAME' ) {
fatal_error 'Port mapping not allowed in SAME rules' if $serverport;
fatal_error 'SAME not allowed with SOURCE=$FW' if $sourcezone eq $firewall_zone;
$target = '-j SAME ';
for my $serv ( split /,/, $server ) {
$target .= "--to $serv ";