webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 03:07:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

Forward Firewall: fixed a bug in convert-outgoingfw. THe hosts are created with wrong amount of fields in hasharray.

Browse Source 
Also fixed a bug which sets wrong firewall mode for FORWARD when outgoing rules are used.
This commit is contained in:
Alexander Marx
2013-03-12 14:46:16 +01:00
committed by Michael Tremer
parent 21b9a50c68
commit fccf52cf7e
1 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
config/forwardfw/convert-outgoingfw
View File

@@ -186,7 +186,8 @@ sub new_hostgrp
$hosts{$key}[0] = $name2; $hosts{$key}[0] = $name2;
$hosts{$key}[1] = $type; $hosts{$key}[1] = $type;
$hosts{$key}[2] = $mac; $hosts{$key}[2] = $mac;
$hosts{$key}[3] = 1; $hosts{$key}[3] = '';
$hosts{$key}[4] = 1;
print LOG "->Host (MAC) $mac added to custom hosts\n"; print LOG "->Host (MAC) $mac added to custom hosts\n";
}else{ }else{
print LOG "->Host (MAC) $mac already exists\n"; print LOG "->Host (MAC) $mac already exists\n";
@@ -250,21 +251,20 @@ sub process_rules
{ {
my ($type,$action,$active,$grp1,$source,$grp2,$useport,$port,$prot,$grp3,$target,$remark,$log,$time,$time_mon,$time_tue,$time_wed,$time_thu,$time_fri,$time_sat,$time_sun,$time_from,$time_to); my ($type,$action,$active,$grp1,$source,$grp2,$useport,$port,$prot,$grp3,$target,$remark,$log,$time,$time_mon,$time_tue,$time_wed,$time_thu,$time_fri,$time_sat,$time_sun,$time_from,$time_to);
&General::readhash($fwdfwsettings,\%fwdsettings); &General::readhash($fwdfwsettings,\%fwdsettings);
print "altefirewall hat modus: $outsettings{'POLICY'}\n";
if ($outsettings{'POLICY'} eq 'MODE1'){ if ($outsettings{'POLICY'} eq 'MODE1'){
$fwdfwsettings{'POLICY'}='MODE1'; $fwdfwsettings{'POLICY'}='MODE1';
}else{
$fwdsettings{'POLICY'}='MODE2';
}
&General::writehash($fwdfwsettings,\%fwdsettings);
if ($outsettings{'POLICY'} eq 'MODE1'){
$type='ALLOW'; $type='ALLOW';
$action='ACCEPT'; $action='ACCEPT';
}elsif($outsettings{'POLICY'} eq 'MODE2'){ }elsif($outsettings{'POLICY'} eq 'MODE2'){
$fwdsettings{'POLICY'}='MODE2';
$type='DENY'; $type='DENY';
$action='DROP'; $action='DROP';
}else{ }else{
return; return;
} }
&General::writehash($fwdfwsettings,\%fwdsettings);
#open LOG #open LOG
if( -f "/var/log/converters/outgoingfw-convert.log"){unlink ("/var/log/converters/outgoingfw-convert.log");} if( -f "/var/log/converters/outgoingfw-convert.log"){unlink ("/var/log/converters/outgoingfw-convert.log");}
open (LOG, ">/var/log/converters/outgoingfw-convert.log") or die $!; open (LOG, ">/var/log/converters/outgoingfw-convert.log") or die $!;
@@ -289,7 +289,6 @@ sub process_rules
}else{ }else{
push(@prot,$configline[3]); push(@prot,$configline[3]);
} }
if($configline[4] ne ''){ if($configline[4] ne ''){
$configline[4] =~ s/,/;/g; $configline[4] =~ s/,/;/g;
$remark = $configline[4]; $remark = $configline[4];
@@ -326,6 +325,7 @@ sub process_rules
$source='IPFire'; $source='IPFire';
&General::readhash($fwdfwsettings,\%fwdsettings); &General::readhash($fwdfwsettings,\%fwdsettings);
$fwdsettings{'POLICY1'}=$outsettings{'POLICY'}; $fwdsettings{'POLICY1'}=$outsettings{'POLICY'};
$fwdsettings{'POLICY'}=$outsettings{'POLICY'};
&General::writehash($fwdfwsettings,\%fwdsettings); &General::writehash($fwdfwsettings,\%fwdsettings);
}elsif ($configline[2] eq 'blue') { }elsif ($configline[2] eq 'blue') {
$grp1='std_net_src'; $grp1='std_net_src';
@@ -398,6 +398,7 @@ sub process_rules
my @values=(); my @values=();
my @parts=split(",",$configline[8]); my @parts=split(",",$configline[8]);
foreach (@parts){ foreach (@parts){
$_=~ tr/-/:/;
if (!($_ =~ /^(\d+)\:(\d+)$/)) { if (!($_ =~ /^(\d+)\:(\d+)$/)) {
if(&General::validport($_)){ if(&General::validport($_)){
$useport='ON'; $useport='ON';