public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed
From: Alexander Marx <alexander.marx@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] BUG12301: Iptables “host/network ‘none’ not found”
Date: Mon, 12 Apr 2021 12:26:19 +0200	[thread overview]
Message-ID: <65b773ad-1fb7-24a0-9a06-4d1ce6428244@ipfire.org> (raw)
In-Reply-To: <1B42EBFB-FEA2-4390-98D2-B183D6F99F3F@ipfire.org>

[-- Attachment #1: Type: text/plain, Size: 3601 bytes --]



Am 12.04.21 um 12:23 schrieb Michael Tremer:
> Hello,
>
>> On 12 Apr 2021, at 11:23, Alexander Marx <alexander.marx(a)ipfire.org> wrote:
>>
>>
>>
>> Am 12.04.21 um 12:18 schrieb Michael Tremer:
>>> Hi,
>>>
>>>> On 12 Apr 2021, at 07:05, Alexander Marx <alexander.marx(a)ipfire.org> wrote:
>>>>
>>>> Fixes: #12301
>>>>
>>>> When using hosts with MAC-addresses in a hostgroup,
>>>> the rule won't be generated if those hosts are selected as target.
>>>> There is a hint but due to a wrong hashparameter the hint was not shown.
>>>>
>>>> With this patch the hint is shown again.
>>>> Additionally the rule is skipped when rules.pl creates rules.
>>>>
>>>> There are no bootmessages with failed target "none" anymore.
>>>> ---
>>>> config/firewall/firewall-lib.pl | 4 ++--
>>>> html/cgi-bin/firewall.cgi       | 2 +-
>>>> 2 files changed, 3 insertions(+), 3 deletions(-)
>>>>
>>>> diff --git a/config/firewall/firewall-lib.pl b/config/firewall/firewall-lib.pl
>>>> index bc0b30ca5..e7ec30ae0 100644
>>>> --- a/config/firewall/firewall-lib.pl
>>>> +++ b/config/firewall/firewall-lib.pl
>>>> @@ -2,7 +2,7 @@
>>>> ###############################################################################
>>>> #                                                                             #
>>>> # IPFire.org - A linux based firewall                                         #
>>>> -# Copyright (C) 2013 Alexander Marx <amarx(a)ipfire.org>                        #
>>>> +# Copyright (C) 2021 Alexander Marx <amarx(a)ipfire.org>                        #
>>>> #                                                                             #
>>>> # This program is free software: you can redistribute it and/or modify        #
>>>> # it under the terms of the GNU General Public License as published by        #
>>>> @@ -315,7 +315,7 @@ sub get_addresses
>>>> 		foreach my $grp (sort {$a <=> $b} keys %customgrp) {
>>>> 			if ($customgrp{$grp}[0] eq $value) {
>>>> 				my @address = &get_address($customgrp{$grp}[3], $customgrp{$grp}[2], $type);
>>>> -
>>>> +				next if ($address[0][0] eq 'none');
>>> A comment for these rather obscure things would not hurt, but technically I agree with how this is solved.
>>>
>>>
>>>
>>>> 				if (@address) {
>>>> 					push(@addresses, @address);
>>>> 				}
>>>> diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
>>>> index 1483e779f..b0851dd3e 100644
>>>> --- a/html/cgi-bin/firewall.cgi
>>>> +++ b/html/cgi-bin/firewall.cgi
>>>> @@ -592,7 +592,7 @@ sub checktarget
>>>> 		&General::readhasharray("$confighost", \%customhost);
>>>> 		foreach my $grpkey (sort keys %customgrp){
>>>> 			foreach my $hostkey (sort keys %customhost){
>>>> -				if ($customgrp{$grpkey}[2] eq $customhost{$hostkey}[0] && $customgrp{$grpkey}[2] eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $customhost{$hostkey}[1] eq 'mac'){
>>>> +				if ($customgrp{$grpkey}[2] eq $customhost{$hostkey}[0] && $customgrp{$grpkey}[0] eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $customhost{$hostkey}[1] eq 'mac'){
>>> What has changed here?
>> only the hashfield
>>
>> $customgrp{$grpkey}[0] (was 2 before)
> Yes I saw that, but what does that change?
>
> -Michael
>
> P.S. Do not forget to CC the list
Thats the indicator to show the Hint. When someone has hostgroups with 
macaddresses as target, the hint is shown.
Because this Value was 2 instead of 0, the hint was never shown....

>
>>>> 					$hint=$Lang::tr{'fwdfw hint mac'};
>>>> 					return $hint;
>>>> 				}
>>>> —
>>>> 2.25.1
>>>>
>>> Best,
>>> -Michael


  reply	other threads:[~2021-04-12 10:26 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <6361de92-d39f-4d14-a11e-ad58496619aa@ipfire.org>
2021-04-12 10:23 ` Michael Tremer
2021-04-12 10:26   ` Alexander Marx [this message]
2021-07-16 14:56     ` Stefan Schantl
2021-04-12  6:05 Alexander Marx
2021-04-12 10:18 ` Michael Tremer
  -- strict thread matches above, loose matches on Subject: below --
2021-04-01 12:50 Alexander Marx
2021-04-01 13:21 ` Michael Tremer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=65b773ad-1fb7-24a0-9a06-4d1ce6428244@ipfire.org \
    --to=alexander.marx@ipfire.org \
    --cc=development@lists.ipfire.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox