[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfire-scm
Subject: [git.ipfire.org] IPFire 2.x development tree branch, fifteen, updated. 35ca8e0203c4d94178f2186d0c0b7
From: git () ipfire ! org (Michael Tremer)
Date: 2013-11-21 20:17:15
Message-ID: 20131121201716.8D68E21542 () argus ! ipfire ! org
[Download RAW message or body]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, fifteen has been updated
via 35ca8e0203c4d94178f2186d0c0b73f8ec48bc50 (commit)
via 27d4d4817e29bee8b8afb33bfda767be3587b31f (commit)
via a8ccb45cb78acf76e7d9518254f5d363605fc823 (commit)
from 44ed2a42f02738b7955614461f868eda655eebbd (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 35ca8e0203c4d94178f2186d0c0b73f8ec48bc50
Author: Alexander Marx <amarx at ipfire.org>
Date: Thu Nov 21 07:43:53 2013 +0100
Firewall: Bugfix: Last rule for outgoing showed wrong color, Bugfix:When using a \
rule with sourceport and afterwards editing this rule to use service or servicegroup, \
there was an errormessage.
commit 27d4d4817e29bee8b8afb33bfda767be3587b31f
Author: Alexander Marx <amarx at ipfire.org>
Date: Wed Nov 20 16:01:46 2013 +0100
Firewall: refined dmz-converter. RUles are now converted with defined protocol \
instead of "all" protocol
commit a8ccb45cb78acf76e7d9518254f5d363605fc823
Author: Alexander Marx <amarx at ipfire.org>
Date: Wed Nov 20 14:28:42 2013 +0100
Firewall: Fixed xtaccess converter. The protocol in the old rules are now \
converted correctly
-----------------------------------------------------------------------
Summary of changes:
config/firewall/convert-dmz | 8 ++++----
config/firewall/convert-xtaccess | 6 +++---
html/cgi-bin/firewall.cgi | 16 ++++++----------
3 files changed, 13 insertions(+), 17 deletions(-)
Difference in files:
diff --git a/config/firewall/convert-dmz b/config/firewall/convert-dmz
index 0f7c68e..fbcc4cf 100755
--- a/config/firewall/convert-dmz
+++ b/config/firewall/convert-dmz
@@ -141,12 +141,12 @@ sub process_rules{
$configfwdfw{$key}[5] = $field5;
$configfwdfw{$key}[6] = $field6;
$configfwdfw{$key}[7] = '';
- $configfwdfw{$key}[8] = '';
+ $configfwdfw{$key}[8] = $field12;
$configfwdfw{$key}[9] = '';
$configfwdfw{$key}[10] = '';
$configfwdfw{$key}[11] = $field11;
- $configfwdfw{$key}[12] = $field12;
- $configfwdfw{$key}[13] = $field13;
+ $configfwdfw{$key}[12] = '';
+ $configfwdfw{$key}[13] = '';
$configfwdfw{$key}[14] = $field14;
$configfwdfw{$key}[15] = $field15;
$configfwdfw{$key}[16] = $field16;
@@ -165,7 +165,7 @@ sub process_rules{
$configfwdfw{$key}[29] = $field29;
$configfwdfw{$key}[30] = $field30;
$configfwdfw{$key}[31] = $field31;
- print LOG "$Now -> Converted to \
$field0,$field1,$field2,$field3,$field4,$field5,$field6,,,,,$field11,$field12,$field13,$field14,$field15,$field16,,,,,,,,,,$field26,$field27\n";
+ print LOG "$Now -> Converted to \
$field0,$field1,$field2,$field3,$field4,$field5,$field6,,$field12,,,$field11,,,$field1 \
4,$field15,$field16,,,,,,,,,,$field26,$field27,$field28,$field29,$field30,$field31\n";
}
&General::writehasharray($fwdfwconfig,\%configfwdfw);
close (LOG);
diff --git a/config/firewall/convert-xtaccess b/config/firewall/convert-xtaccess
index e04ab6d..363af7a 100755
--- a/config/firewall/convert-xtaccess
+++ b/config/firewall/convert-xtaccess
@@ -113,12 +113,12 @@ foreach my $line (@current){
$configinputfw{$key}[5] = $field5;
$configinputfw{$key}[6] = $field6;
$configinputfw{$key}[7] = '';
- $configinputfw{$key}[8] = '';
+ $configinputfw{$key}[8] = $field12;
$configinputfw{$key}[9] = '';
$configinputfw{$key}[10] = '';
$configinputfw{$key}[11] = $field11;
- $configinputfw{$key}[12] = $field12;
- $configinputfw{$key}[13] = $field13;
+ $configinputfw{$key}[12] = '';
+ $configinputfw{$key}[13] = '';
$configinputfw{$key}[14] = $field14;
$configinputfw{$key}[15] = $field15;
$configinputfw{$key}[16] = $field16;
diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
index d1c086d..d2aa217 100755
--- a/html/cgi-bin/firewall.cgi
+++ b/html/cgi-bin/firewall.cgi
@@ -855,12 +855,7 @@ sub checkrule
}
}
}
- #When using source- or targetport, the protocol has to be TCP or UDP
- if (($fwdfwsettings{'USESRV'} eq 'ON' || $fwdfwsettings{'USE_SRC_PORT'} eq 'ON') && \
($fwdfwsettings{'SRC_PORT'} ne '' || $fwdfwsettings{'TGT_PORT'} ne '') && \
($fwdfwsettings{'PROT'} ne 'TCP' && $fwdfwsettings{'PROT'} ne \
'UDP')){
- $errormessage.=$Lang::tr{'fwdfw err prot_port1'};
- return;
- }
- #when icmp selected, no targetport allowed
+ #when icmp selected, no source and targetport allowed
if (($fwdfwsettings{'PROT'} ne '' && $fwdfwsettings{'PROT'} ne 'TCP' && \
$fwdfwsettings{'PROT'} ne 'UDP' && $fwdfwsettings{'PROT'} ne 'template') && \
($fwdfwsettings{'USESRV'} eq 'ON' || $fwdfwsettings{'USE_SRC_PORT'} eq 'ON')){ \
$errormessage.=$Lang::tr{'fwdfw err prot_port'}; return;
@@ -930,9 +925,10 @@ sub checkrule
$fwdfwsettings{'ICMP_TYPES'}='';
$fwdfwsettings{'USESRV'}='';
$fwdfwsettings{'TGT_PORT'}='';
- }elsif($fwdfwsettings{'PROT'} ne 'TCP' && $fwdfwsettings{'PROT'} ne 'UDP' && \
$fwdfwsettings{'PROT'} ne 'ICMP'){ + }elsif($fwdfwsettings{'PROT'} ne 'TCP' && \
$fwdfwsettings{'PROT'} ne 'UDP'){ $fwdfwsettings{'ICMP_TYPES'}='';
- $fwdfwsettings{'PROT'} = '';
+ $fwdfwsettings{'SRC_PORT'}='';
+ $fwdfwsettings{'TGT_PORT'}='';
}elsif($fwdfwsettings{'PROT'} ne 'ICMP'){
$fwdfwsettings{'ICMP_TYPES'}='';
}
@@ -2882,9 +2878,9 @@ END
$message = $Lang::tr{'fwdfw pol allow'};
- } elsif ($config eq '/var/ipfire/firewall/outgoing') {
+ } elsif ($config eq '/var/ipfire/firewall/outgoing' && ($fwdfwsettings{'POLICY1'} \
ne 'MODE1')) { $message = $Lang::tr{'fwdfw pol allow'};
-
+ $colour = "bgcolor='green'";
} else {
$message = $Lang::tr{'fwdfw pol block'};
$colour = "bgcolor='darkred'";
hooks/post-receive
--
IPFire 2.x development tree
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic