* [PATCH] BUG11805: Firewallrule with source orange and target firewall-interface-orange not possible
@ 2018-08-22 9:23 Alexander Marx
2018-08-22 10:14 ` Michael Tremer
0 siblings, 1 reply; 4+ messages in thread
From: Alexander Marx @ 2018-08-22 9:23 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1556 bytes --]
From: Alexander Marx <amarx(a)ipfire.org>
Now its possible to create a rule with orange source and target orange interface of the firewall.
fixes: #11805
Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
---
html/cgi-bin/firewall.cgi | 4 ----
lfs/apcupsd | 2 +-
2 files changed, 1 insertion(+), 5 deletions(-)
diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
index 499f279d1..fb1c25dfd 100644
--- a/html/cgi-bin/firewall.cgi
+++ b/html/cgi-bin/firewall.cgi
@@ -241,10 +241,6 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule')
$checkorange='on';
}
}
- #check useless rules
- if( ($fwdfwsettings{$fwdfwsettings{'grp1'}} eq 'ORANGE' || $checkorange eq 'on') && $fwdfwsettings{'grp2'} eq 'ipfire'){
- $errormessage.=$Lang::tr{'fwdfw useless rule'}."<br>";
- }
#check if we try to break rules
if( $fwdfwsettings{'grp1'} eq 'ipfire_src' && $fwdfwsettings{'grp2'} eq 'ipfire'){
$errormessage=$Lang::tr{'fwdfw err same'};
diff --git a/lfs/apcupsd b/lfs/apcupsd
index ce36c3c6f..773dace74 100644
--- a/lfs/apcupsd
+++ b/lfs/apcupsd
@@ -78,7 +78,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure --prefix=/usr --enable-usb --enable-cgi \
- --with-cgi-bin=/srv/web/ipfire/cgi-bin
+ --with-cgi-bin=/srv/web/ipfire/cgi-bin --sysconfdir=/var/ipfire/ups
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
--
2.17.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] BUG11805: Firewallrule with source orange and target firewall-interface-orange not possible
2018-08-22 9:23 [PATCH] BUG11805: Firewallrule with source orange and target firewall-interface-orange not possible Alexander Marx
@ 2018-08-22 10:14 ` Michael Tremer
2018-08-22 12:24 ` Alexander Marx
0 siblings, 1 reply; 4+ messages in thread
From: Michael Tremer @ 2018-08-22 10:14 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1766 bytes --]
Hi,
On Wed, 2018-08-22 at 11:23 +0200, Alexander Marx wrote:
> From: Alexander Marx <amarx(a)ipfire.org>
>
> Now its possible to create a rule with orange source and target orange interface of the firewall.
>
> fixes: #11805
>
> Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
> ---
> html/cgi-bin/firewall.cgi | 4 ----
> lfs/apcupsd | 2 +-
> 2 files changed, 1 insertion(+), 5 deletions(-)
>
> diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
> index 499f279d1..fb1c25dfd 100644
> --- a/html/cgi-bin/firewall.cgi
> +++ b/html/cgi-bin/firewall.cgi
> @@ -241,10 +241,6 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule')
> $checkorange='on';
> }
> }
> - #check useless rules
> - if( ($fwdfwsettings{$fwdfwsettings{'grp1'}} eq 'ORANGE' || $checkorange eq 'on') && $fwdfwsettings{'grp2'} eq 'ipfire'){
> - $errormessage.=$Lang::tr{'fwdfw useless rule'}."<br>";
> - }
Does this exist for any other zones, too?
> #check if we try to break rules
> if( $fwdfwsettings{'grp1'} eq 'ipfire_src' && $fwdfwsettings{'grp2'} eq 'ipfire'){
> $errormessage=$Lang::tr{'fwdfw err same'};
> diff --git a/lfs/apcupsd b/lfs/apcupsd
> index ce36c3c6f..773dace74 100644
> --- a/lfs/apcupsd
> +++ b/lfs/apcupsd
> @@ -78,7 +78,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> @$(PREBUILD)
> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> cd $(DIR_APP) && ./configure --prefix=/usr --enable-usb --enable-cgi \
> - --with-cgi-bin=/srv/web/ipfire/cgi-bin
> + --with-cgi-bin=/srv/web/ipfire/cgi-bin --sysconfdir=/var/ipfire/ups
This doesn't belong here.
> cd $(DIR_APP) && make $(MAKETUNING)
> cd $(DIR_APP) && make install
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] BUG11805: Firewallrule with source orange and target firewall-interface-orange not possible
2018-08-22 10:14 ` Michael Tremer
@ 2018-08-22 12:24 ` Alexander Marx
2018-08-22 13:45 ` Michael Tremer
0 siblings, 1 reply; 4+ messages in thread
From: Alexander Marx @ 2018-08-22 12:24 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1960 bytes --]
Am 22.08.2018 um 12:14 schrieb Michael Tremer:
> Hi,
>
> On Wed, 2018-08-22 at 11:23 +0200, Alexander Marx wrote:
>> From: Alexander Marx <amarx(a)ipfire.org>
>>
>> Now its possible to create a rule with orange source and target orange interface of the firewall.
>>
>> fixes: #11805
>>
>> Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
>> ---
>> html/cgi-bin/firewall.cgi | 4 ----
>> lfs/apcupsd | 2 +-
>> 2 files changed, 1 insertion(+), 5 deletions(-)
>>
>> diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
>> index 499f279d1..fb1c25dfd 100644
>> --- a/html/cgi-bin/firewall.cgi
>> +++ b/html/cgi-bin/firewall.cgi
>> @@ -241,10 +241,6 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule')
>> $checkorange='on';
>> }
>> }
>> - #check useless rules
>> - if( ($fwdfwsettings{$fwdfwsettings{'grp1'}} eq 'ORANGE' || $checkorange eq 'on') && $fwdfwsettings{'grp2'} eq 'ipfire'){
>> - $errormessage.=$Lang::tr{'fwdfw useless rule'}."<br>";
>> - }
> Does this exist for any other zones, too?
No. Thats the only point in code where a useless rule is checked
>
>> #check if we try to break rules
>> if( $fwdfwsettings{'grp1'} eq 'ipfire_src' && $fwdfwsettings{'grp2'} eq 'ipfire'){
>> $errormessage=$Lang::tr{'fwdfw err same'};
>> diff --git a/lfs/apcupsd b/lfs/apcupsd
>> index ce36c3c6f..773dace74 100644
>> --- a/lfs/apcupsd
>> +++ b/lfs/apcupsd
>> @@ -78,7 +78,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>> @$(PREBUILD)
>> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
>> cd $(DIR_APP) && ./configure --prefix=/usr --enable-usb --enable-cgi \
>> - --with-cgi-bin=/srv/web/ipfire/cgi-bin
>> + --with-cgi-bin=/srv/web/ipfire/cgi-bin --sysconfdir=/var/ipfire/ups
> This doesn't belong here.
right. Please ignore this part.
>
>> cd $(DIR_APP) && make $(MAKETUNING)
>> cd $(DIR_APP) && make install
>>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] BUG11805: Firewallrule with source orange and target firewall-interface-orange not possible
2018-08-22 12:24 ` Alexander Marx
@ 2018-08-22 13:45 ` Michael Tremer
0 siblings, 0 replies; 4+ messages in thread
From: Michael Tremer @ 2018-08-22 13:45 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 2258 bytes --]
On Wed, 2018-08-22 at 14:24 +0200, Alexander Marx wrote:
>
> Am 22.08.2018 um 12:14 schrieb Michael Tremer:
> > Hi,
> >
> > On Wed, 2018-08-22 at 11:23 +0200, Alexander Marx wrote:
> > > From: Alexander Marx <amarx(a)ipfire.org>
> > >
> > > Now its possible to create a rule with orange source and target orange interface of the firewall.
> > >
> > > fixes: #11805
> > >
> > > Signed-off-by: Alexander Marx <alexander.marx(a)ipfire.org>
> > > ---
> > > html/cgi-bin/firewall.cgi | 4 ----
> > > lfs/apcupsd | 2 +-
> > > 2 files changed, 1 insertion(+), 5 deletions(-)
> > >
> > > diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
> > > index 499f279d1..fb1c25dfd 100644
> > > --- a/html/cgi-bin/firewall.cgi
> > > +++ b/html/cgi-bin/firewall.cgi
> > > @@ -241,10 +241,6 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule')
> > > $checkorange='on';
> > > }
> > > }
> > > - #check useless rules
> > > - if( ($fwdfwsettings{$fwdfwsettings{'grp1'}} eq 'ORANGE' || $checkorange eq 'on') && $fwdfwsettings{'grp2'} eq 'ipfire'){
> > > - $errormessage.=$Lang::tr{'fwdfw useless rule'}."<br>";
> > > - }
> >
> > Does this exist for any other zones, too?
>
> No. Thats the only point in code where a useless rule is checked
Well, it is actually not that useless :)
Best,
-Michael
> >
> > > #check if we try to break rules
> > > if( $fwdfwsettings{'grp1'} eq 'ipfire_src' && $fwdfwsettings{'grp2'} eq 'ipfire'){
> > > $errormessage=$Lang::tr{'fwdfw err same'};
> > > diff --git a/lfs/apcupsd b/lfs/apcupsd
> > > index ce36c3c6f..773dace74 100644
> > > --- a/lfs/apcupsd
> > > +++ b/lfs/apcupsd
> > > @@ -78,7 +78,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> > > @$(PREBUILD)
> > > @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> > > cd $(DIR_APP) && ./configure --prefix=/usr --enable-usb --enable-cgi \
> > > - --with-cgi-bin=/srv/web/ipfire/cgi-bin
> > > + --with-cgi-bin=/srv/web/ipfire/cgi-bin --sysconfdir=/var/ipfire/ups
> >
> > This doesn't belong here.
>
> right. Please ignore this part.
> >
> > > cd $(DIR_APP) && make $(MAKETUNING)
> > > cd $(DIR_APP) && make install
> > >
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-08-22 13:45 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-08-22 9:23 [PATCH] BUG11805: Firewallrule with source orange and target firewall-interface-orange not possible Alexander Marx
2018-08-22 10:14 ` Michael Tremer
2018-08-22 12:24 ` Alexander Marx
2018-08-22 13:45 ` Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox