mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-23 01:12:57 +02:00
Forward Firewall: minor improvements, if an outgoingrule has a given port and prot "all", there are two new rules generated for UDP and TCP.
If an outgoingrule has only "all" as prot, but no port, there's only one new rule created
This commit is contained in:
Alexander Marx
committed by
Michael Tremer
Michael Tremer
parent
5a9fd5dbd1
commit
5238a8719d
@@ -37,7 +37,7 @@ my %fwdsettings=();
|
||||
&process_groups;
|
||||
&process_rules;
|
||||
&process_p2p;
|
||||
|
||||
system("/usr/local/bin/forwardfwctrl");
|
||||
sub process_groups
|
||||
{
|
||||
if(! -d "/var/log/converters"){ mkdir("/var/log/converters");}
|
||||
@@ -279,16 +279,19 @@ sub process_rules
|
||||
if($configline[0] eq $type){
|
||||
#some variables we can use from old config
|
||||
if($configline[1] eq 'on'){ $active='ON';}else{$active='';}
|
||||
if($configline[3] eq 'all'){
|
||||
if($configline[3] eq 'all' && $configline[8] ne ''){
|
||||
push(@prot,"TCP");
|
||||
push(@prot,"UDP");
|
||||
}elsif($configline[3] eq 'all' && $configline[8] eq ''){
|
||||
push(@prot,"");
|
||||
$useport='ON';
|
||||
$grp3='TGT_PORT';
|
||||
}else{
|
||||
push(@prot,$configline[3]);
|
||||
$useport='ON';
|
||||
$grp3='TGT_PORT';
|
||||
}
|
||||
if($configline[4] ne ''){ $remark=$configline[4];}else{$remark='';}
|
||||
|
||||
if($configline[4] ne ''){
|
||||
$configline[4] =~ s/,/;/g;
|
||||
$remark = $configline[4];
|
||||
}else{$remark = '';}
|
||||
if($configline[9] eq 'aktiv'){ $log='ON';}else{$log='';}
|
||||
if($configline[10] eq 'on' && $configline[11] eq 'on' && $configline[12] eq 'on' && $configline[13] eq 'on' && $configline[14] eq 'on' && $configline[15] eq 'on' && $configline[16] eq 'on'){
|
||||
if($configline[17] eq '00:00' && $configline[18] eq '00:00'){
|
||||
@@ -472,7 +475,6 @@ sub process_rules
|
||||
}
|
||||
}
|
||||
&General::writehasharray($fwdfwconfig,\%fwconfig);
|
||||
system("/usr/local/bin/forwardfwctrl");
|
||||
@prot=();
|
||||
}
|
||||
close(LOG);
|
||||
|
||||
@@ -248,12 +248,12 @@ sub p2pblock
|
||||
my @p2pline = split( /\;/, $p2pentry );
|
||||
if ( $fwdfwsettings{'POLICY'} eq 'MODE2' ) {
|
||||
$DO = "DROP";
|
||||
if ("$p2pline[2]" eq "off") {
|
||||
if ("$p2pline[2]" eq "on") {
|
||||
$P2PSTRING = "$P2PSTRING --$p2pline[1]";
|
||||
}
|
||||
} else {
|
||||
$DO = "RETURN";
|
||||
if ("$p2pline[2]" eq "on") {
|
||||
if ("$p2pline[2]" eq "off") {
|
||||
$P2PSTRING = "$P2PSTRING --$p2pline[1]";
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user