webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

rules.pl: Rewrite P2P protocol filter.

Browse Source
This commit is contained in:
Michael Tremer
2014-04-12 15:39:08 +02:00
parent 28e003e486
commit 766c2f601d
1 changed files with 21 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
config/firewall/rules.pl
View File

@@ -495,29 +495,29 @@ sub time_convert_to_minutes {
}
sub p2pblock {
my $P2PSTRING = "";
my $DO;
open( FILE, "< $p2pfile" ) or die "Unable to read $p2pfile";
@p2ps = <FILE>;
close FILE;
my $CMD = "-m ipp2p";
foreach my $p2pentry (sort @p2ps) {
my @p2pline = split( /\;/, $p2pentry );
if ( $fwdfwsettings{'POLICY'} eq 'MODE1' ) {
$DO = "ACCEPT";
if ("$p2pline[2]" eq "on") {
$P2PSTRING = "$P2PSTRING --$p2pline[1]";
}
}else {
$DO = "RETURN";
if ("$p2pline[2]" eq "off") {
$P2PSTRING = "$P2PSTRING --$p2pline[1]";
}
}
my $search_action;
my $target;
if ($fwdfwsettings{"POLICY"} eq "MODE1") {
$search_action = "on";
$target = "ACCEPT";
} else {
$search_action = "off";
$target = "DROP";
}
if($P2PSTRING) {
run("$IPTABLES -A FORWARDFW $CMD $P2PSTRING -j $DO");
open(FILE, "<$p2pfile") or die "Unable to read $p2pfile";
my @protocols = ();
foreach my $p2pentry (<FILE>) {
my @p2pline = split(/\;/, $p2pentry);
next unless ($p2pline[2] eq $search_action);
push(@protocols, "--$p2pline[1]");
}
close(FILE);
if (@protocols) {
run("$IPTABLES -A FORWARDFW -m ipp2p @protocols -j $target");
}
}