Fix another ':' parsing bug

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8399 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-04-08 16:08:13 +00:00
parent 31e8d5b8f5
commit ebd9ce70d0
2 changed files with 9 additions and 7 deletions

View File

@ -723,18 +723,18 @@ sub setup_mac_lists( $ ) {
while ( read_a_line ) { while ( read_a_line ) {
my ( $disposition, $interface, $mac, $addresses ) = split_line1 3, 4, 'maclist file'; my ( $original_disposition, $interface, $mac, $addresses ) = split_line1 3, 4, 'maclist file';
if ( $disposition eq 'COMMENT' ) { if ( $original_disposition eq 'COMMENT' ) {
process_comment; process_comment;
} else { } else {
( $disposition, my ( $level, $remainder) ) = split( /:/, $disposition, 3 ); my ( $disposition, $level, $remainder) = split( /:/, $original_disposition, 3 );
fatal_error "Invalid log level" if defined $remainder; fatal_error "Invalid DISPOSITION ($original_disposition)" if defined $remainder || ! $disposition;
my $targetref = $maclist_targets{$disposition}; my $targetref = $maclist_targets{$disposition};
fatal_error "Invalid DISPOSITION ($disposition)" if ! $targetref || ( ( $table eq 'mangle' ) && ! $targetref->{mangle} ); fatal_error "Invalid DISPOSITION ($original_disposition)" if ! $targetref || ( ( $table eq 'mangle' ) && ! $targetref->{mangle} );
unless ( $maclist_interfaces{$interface} ) { unless ( $maclist_interfaces{$interface} ) {
fatal_error "No hosts on $interface have the maclist option specified"; fatal_error "No hosts on $interface have the maclist option specified";
@ -1430,7 +1430,7 @@ sub process_rules() {
# #
# read_a_line has already verified that there are exactly two tokens on the line # read_a_line has already verified that there are exactly two tokens on the line
# #
fatal_error "Invalid SECTION $source" unless defined $sections{$source}; fatal_error "Invalid SECTION ($source)" unless defined $sections{$source};
fatal_error "Duplicate or out of order SECTION $source" if $sections{$source}; fatal_error "Duplicate or out of order SECTION $source" if $sections{$source};
$sectioned = 1; $sectioned = 1;
$sections{$source} = 1; $sections{$source} = 1;
@ -1583,7 +1583,7 @@ sub generate_matrix() {
for my $interface ( sort { interface_number( $a ) <=> interface_number( $b ) } keys %$source_ref ) { for my $interface ( sort { interface_number( $a ) <=> interface_number( $b ) } keys %$source_ref ) {
my $sourcechainref; my $sourcechainref;
my $interfacematch = ''; my $interfacematch = '';
if ( use_forward_chain( $interface ) ) { if ( use_forward_chain( $interface ) ) {
$sourcechainref = $filter_table->{forward_chain $interface}; $sourcechainref = $filter_table->{forward_chain $interface};
} else { } else {

View File

@ -273,6 +273,7 @@ sub determine_zones()
$type = 'ipv4'; $type = 'ipv4';
$ipv4 = 1; $ipv4 = 1;
} elsif ( $type =~ /^ipsec4?$/i ) { } elsif ( $type =~ /^ipsec4?$/i ) {
fatal_error "IPSEC Zones require FASTACCEPT=No" if $config{FASTACCEPT};
$type = 'ipsec4'; $type = 'ipsec4';
} elsif ( $type =~ /^bport4?$/i ) { } elsif ( $type =~ /^bport4?$/i ) {
warning_message "Bridge Port zones should have a parent zone" unless @parents; warning_message "Bridge Port zones should have a parent zone" unless @parents;
@ -969,6 +970,7 @@ sub validate_hosts_file()
for my $option ( @options ) for my $option ( @options )
{ {
if ( $option eq 'ipsec' ) { if ( $option eq 'ipsec' ) {
fatal_error "'ipsec' requires FASTACCEPT=No" if $config{FASTACCEPT};
$type = 'ipsec4'; $type = 'ipsec4';
$zoneref->{options}{complex} = 1; $zoneref->{options}{complex} = 1;
$ipsec = 1; $ipsec = 1;