From: Alexander Marx <alexander.marx@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] BUG10984: Fix portforwardconverter for upgrades before core 77
Date: Mon, 16 Nov 2015 12:01:07 +0100 [thread overview]
Message-ID: <1447671667-9414-1-git-send-email-alexander.marx@ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 2513 bytes --]
When upgrading from a post core-77 installation, the portforwarding
rules seem to get broken. With this patch the sourceports and the
subnetmasks from the rules are converted correctly.
Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
---
config/firewall/convert-portfw | 29 +++++++++++++++++------------
1 file changed, 17 insertions(+), 12 deletions(-)
diff --git a/config/firewall/convert-portfw b/config/firewall/convert-portfw
index 8660e7c..8383b5a 100755
--- a/config/firewall/convert-portfw
+++ b/config/firewall/convert-portfw
@@ -60,24 +60,24 @@ close(ALIAS);
&write_rules;
sub get_config
{
+ my $baseipfireport;
+ my $basesource;
print LOG "STEP 1: Get config from old portforward\n#########################################\n";
foreach my $line (@current){
- if($jump eq '1'){
- $jump='';
- $count++;
- next;
- }
my $u=$count+1;
($key,$flag,$prot,$ipfireport,$target,$targetport,$active,$alias,$source,$remark) = split(",",$line);
($key1,$flag1,$prot1,$ipfireport1,$target1,$targetport1,$active1,$alias1,$source1,$remark1) = split(",",$current[$u]);
- if ($flag1 eq '1'){
- $source=$source1;
- $jump='1';
+ if ($key == $key1 && $flag == '0'){
+ $baseipfireport = $ipfireport;
+ }
+ if ($key == $key1 && $flag1 == '1'){
+ $count++;
+ next;
}
my $now=localtime;
chomp($remark);
- print LOG "$now processing-> KEY: $key FLAG: $flag PROT: $prot FIREPORT: $ipfireport TARGET: $target TGTPORT: $targetport ACTIVE: $active ALIAS: $alias SOURCE: $source REM: $remark Doublerule: $jump\n";
- push (@values,$prot.",".$ipfireport.",".$target.",".$targetport.",".$active.",".$alias.",".$source.",".$remark);
+ print LOG "$now processing-> KEY: $key FLAG: $flag PROT: $prot FIREPORT: $baseipfireport TARGET: $target TGTPORT: $targetport ACTIVE: $active ALIAS: $alias SOURCE: $source REM: $remark Doublerule: $jump\n";
+ push (@values,$prot.",".$baseipfireport.",".$target.",".$targetport.",".$active.",".$alias.",".$source.",".$remark);
$count++;
}
}
@@ -101,10 +101,15 @@ sub build_rules
}else{
$src = 'src_addr';
my ($a,$b) = split("/",$source);
- $src1 = $a."/32";
+ if ($b != ''){
+ $b = &General::iporsubtocidr($b);
+ }else{
+ $b = "32";
+ }
+ $src1 = $a."/".$b;
}
#get ipfire ip
- if($alias eq '0.0.0.0'){
+ if($alias eq '0.0.0.0' || $alias eq '0'){
$alias='Default IP';
}else{
foreach my $ali (@alias){
--
1.9.1
reply other threads:[~2015-11-16 11:01 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1447671667-9414-1-git-send-email-alexander.marx@ipfire.org \
--to=alexander.marx@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox