holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Correct Old Defect in ipsec match generation

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-07-02 13:11:57 -07:00
parent 9e81a5101f
commit e5d3ce582a
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -2559,7 +2559,7 @@ sub match_ipsec_in( $$ ) {
unless ( $optionsref->{super} || $zoneref->{type} == VSERVER ) { unless ( $optionsref->{super} || $zoneref->{type} == VSERVER ) {
$match = '-m policy --dir in --pol '; $match = '-m policy --dir in --pol ';
if ( $zoneref->{type} eq 'ipsec' ) { if ( $zoneref->{type} == IPSEC ) {
$match .= "ipsec $optionsref->{in_out}{ipsec}$optionsref->{in}{ipsec}"; $match .= "ipsec $optionsref->{in_out}{ipsec}$optionsref->{in}{ipsec}";
} elsif ( have_ipsec ) { } elsif ( have_ipsec ) {
$match .= "$hostref->{ipsec} $optionsref->{in_out}{ipsec}$optionsref->{in}{ipsec}"; $match .= "$hostref->{ipsec} $optionsref->{in_out}{ipsec}$optionsref->{in}{ipsec}";
@ -2583,7 +2583,7 @@ sub match_ipsec_out( $$ ) {
unless ( $optionsref->{super} || $zoneref->{type} == VSERVER ) { unless ( $optionsref->{super} || $zoneref->{type} == VSERVER ) {
$match = '-m policy --dir out --pol '; $match = '-m policy --dir out --pol ';
if ( $zoneref->{type} eq 'ipsec' ) { if ( $zoneref->{type} == IPSEC ) {
$match .= "ipsec $optionsref->{in_out}{ipsec}$optionsref->{out}{ipsec}"; $match .= "ipsec $optionsref->{in_out}{ipsec}$optionsref->{out}{ipsec}";
} elsif ( have_ipsec ) { } elsif ( have_ipsec ) {
$match .= "$hostref->{ipsec} $optionsref->{in_out}{ipsec}$optionsref->{out}{ipsec}" $match .= "$hostref->{ipsec} $optionsref->{in_out}{ipsec}$optionsref->{out}{ipsec}"