From abf148cebd8a8ed30c1a4f2807bb0608eec5b026 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Wed, 23 Mar 2022 18:08:52 +0100 Subject: [PATCH] rules.pl: Fix creating rules for location based groups. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The former used hash value only contains the country code when a rule for a single country should be created. In case a location group is used the hash value refers to the group name, which does not work here. The required country code is part of the processed string and can be omitted from here. This works well for single codes and location groups, because those are processed in a loop. Fixes #12809. Signed-off-by: Stefan Schantl Acked-by: Peter Müller --- config/firewall/rules.pl | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index d71304986..19dc7a6d1 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -411,8 +411,9 @@ sub buildrules { if ($source =~ /mac/) { push(@source_options, $source); } elsif ($source =~ /-m set/) { - # Grab location code from hash. - my $loc_src = $$hash{$key}[4]; + # Split given arguments into single chunks to + # obtain the set name. + my ($a, $b, $c, $loc_src, $e) = split(/ /, $source); # Call function to load the networks list for this country. &ipset_restore($loc_src); @@ -425,8 +426,9 @@ sub buildrules { # Prepare destination options. my @destination_options = (); if ($destination =~ /-m set/) { - # Grab location code from hash. - my $loc_dst = $$hash{$key}[6]; + # Split given arguments into single chunks to + # obtain the set name. + my ($a, $b, $c, $loc_dst, $e) = split(/ /, $destination); # Call function to load the networks list for this country. &ipset_restore($loc_dst);