'[Ipcop-svn] SF.net SVN: ipcop:[4878]'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipcop-svn
Subject:    [Ipcop-svn] SF.net SVN: ipcop:[4878]
From:       owes () users ! sourceforge ! net
Date:       2010-08-26 7:11:46
Message-ID: E1OoWck-0000db-0z () sfp-svn-2 ! v30 ! ch3 ! sourceforge ! com
[Download RAW message or body]

Revision: 4878
          http://ipcop.svn.sourceforge.net/ipcop/?rev=4878&view=rev
Author:   owes
Date:     2010-08-26 07:11:45 +0000 (Thu, 26 Aug 2010)

Log Message:
-----------
Jump to Pinholes Chain, regardless of policy and for all interfaces except for RED.

Modified Paths:
--------------
    ipcop/trunk/src/scripts/puzzleFwRules.pl

Modified: ipcop/trunk/src/scripts/puzzleFwRules.pl
===================================================================
--- ipcop/trunk/src/scripts/puzzleFwRules.pl	2010-08-26 04:46:40 UTC (rev 4877)
+++ ipcop/trunk/src/scripts/puzzleFwRules.pl	2010-08-26 07:11:45 UTC (rev 4878)
@@ -987,16 +987,14 @@
                 &prepareRule("-A FW_IPCOP -i $FW::interfaces{$inIface}{'IFACE'} -j \
                ADRFILTERINPUT");
                 &prepareRule("-A FW_IPCOP_FORWARD -i \
$FW::interfaces{$inIface}{'IFACE'} -j ADRFILTERFORWARD");  }
-
-            # dmzholes for blue
-            &prepareRule("-A FW_IPCOP_FORWARD -i $FW::interfaces{$inIface}{'IFACE'} \
-j FW_PINHOLES");  }
-        elsif ($FW::interfaces{$inIface}{'COLOR'} eq "ORANGE_COLOR") {
 
-            # dmzholes for orange
+        if ($FW::interfaces{$inIface}{'COLOR'} ne "RED_COLOR") {
+            # add 'Pinholes' for all policies and all 'our' interfaces except for \
RED. +            # Policy 'open' also needs Pinholes to be able to define a block or \
                log rule.
             &prepareRule("-A FW_IPCOP_FORWARD -i $FW::interfaces{$inIface}{'IFACE'} \
-j FW_PINHOLES");  }
-        elsif ($FW::interfaces{$inIface}{'COLOR'} eq "RED_COLOR") {
+        else {
 
             # always allow ping on red
             my @serviceXYZ = &buildServiceParamsDefault('Ping', "");
@@ -1063,11 +1061,6 @@
             }    # forward END
 
         }    #  if ($ifacePolicies{$inIface}{'POLICY'} eq 'open') {
-        elsif ($FW::interfaces{$inIface}{'COLOR'} =~ \
                /^GREEN_COLOR|IPSEC_COLOR|OVPN_COLOR$/) {
-            # add 'Pinholes' in case policy is 'half-open' or 'closed'.
-            # Blue and Orange are special and have pinholes included elsewhere
-            &prepareRule("-A FW_IPCOP_FORWARD -i $FW::interfaces{$inIface}{'IFACE'} \
                -j FW_PINHOLES");
-        }
 
         # default Logging (if enabled) + DROP/REJECT rules per interface
         $defaultRule = "-A FW_LOG -i $FW::interfaces{$inIface}{'IFACE'} -j";


This was sent by the SourceForge.net collaborative development platform, the world's \
largest Open Source development site.

------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users 
worldwide. Take advantage of special opportunities to increase revenue and 
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________
Ipcop-svn mailing list
Ipcop-svn@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipcop-svn


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic