webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 03:33:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

rules.pl: Move to ipset based data for location based firewall rules.

Browse Source 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Stefan Schantl
2022-02-14 19:42:51 +01:00
committed by Peter Müller
parent 0df1d268ed
commit 07106467b8
2 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
config/firewall/rules.pl
View File

@@ -401,7 +401,13 @@ sub buildrules {
my @source_options = ();
if ($source =~ /mac/) {
push(@source_options, $source);
} elsif ($source =~ /-m geoip/) {
} elsif ($source =~ /-m set/) {
# Grab location code from hash.
my $loc_src = $$hash{$key}[4];
# Call function to load the networks list for this country.
&ipset_restore($loc_src);
push(@source_options, $source);
} elsif($source) {
push(@source_options, ("-s", $source));
@@ -409,7 +415,13 @@ sub buildrules {
# Prepare destination options.
my @destination_options = ();
if ($destination =~ /-m geoip/) {
if ($destination =~ /-m set/) {
# Grab location code from hash.
my $loc_dst = $$hash{$key}[6];
# Call function to load the networks list for this country.
&ipset_restore($loc_dst);
push(@destination_options, $destination);
} elsif ($destination) {
push(@destination_options, ("-d", $destination));