holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Disallow '+' in inline SNAT action bodies

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-10-28 08:58:47 -07:00
parent 71fb1a8cbd
commit e4e424bbdc
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -5389,12 +5389,12 @@ sub process_snat1( $$$$$$$$$$$$ ) {
if ( $inchain = defined $chainref ) {
( $inaction, undef, $interfaces, undef, undef ) = split /:/, $normalized_action = $chainref->{action}, 5 if $chainref->{action};
fatal_error q('+' is not allowed within an action body) if $pre_nat;
}
#
# Next, parse the DEST column
#
if ( $inaction ) {
fatal_error q('+' is not allowed within an action body) if $pre_nat;
$destnets = $dest;
} elsif ( $family == F_IPV4 ) {
if ( $dest =~ /^([^:]+)::([^:]*)$/ ) {