Fixes: #12301
When using hosts with MAC-addresses in a hostgroup, the rule won't be generated if those hosts are selected as target. There is a hint but due to a wrong hashparameter the hint was not shown.
With this patch the hint is shown again. Additionally the rule is skipped when rules.pl creates rules.
There are no bootmessages with failed target "none" anymore. --- config/firewall/firewall-lib.pl | 4 ++-- html/cgi-bin/firewall.cgi | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/config/firewall/firewall-lib.pl b/config/firewall/firewall-lib.pl index bc0b30ca5..e7ec30ae0 100644 --- a/config/firewall/firewall-lib.pl +++ b/config/firewall/firewall-lib.pl @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2013 Alexander Marx amarx@ipfire.org # +# Copyright (C) 2021 Alexander Marx amarx@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -315,7 +315,7 @@ sub get_addresses foreach my $grp (sort {$a <=> $b} keys %customgrp) { if ($customgrp{$grp}[0] eq $value) { my @address = &get_address($customgrp{$grp}[3], $customgrp{$grp}[2], $type); - + next if ($address[0][0] eq 'none'); if (@address) { push(@addresses, @address); } diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi index 1483e779f..b0851dd3e 100644 --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -592,7 +592,7 @@ sub checktarget &General::readhasharray("$confighost", %customhost); foreach my $grpkey (sort keys %customgrp){ foreach my $hostkey (sort keys %customhost){ - if ($customgrp{$grpkey}[2] eq $customhost{$hostkey}[0] && $customgrp{$grpkey}[2] eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $customhost{$hostkey}[1] eq 'mac'){ + if ($customgrp{$grpkey}[2] eq $customhost{$hostkey}[0] && $customgrp{$grpkey}[0] eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $customhost{$hostkey}[1] eq 'mac'){ $hint=$Lang::tr{'fwdfw hint mac'}; return $hint; }
Hi,
On 12 Apr 2021, at 07:05, Alexander Marx alexander.marx@ipfire.org wrote:
Fixes: #12301
When using hosts with MAC-addresses in a hostgroup, the rule won't be generated if those hosts are selected as target. There is a hint but due to a wrong hashparameter the hint was not shown.
With this patch the hint is shown again. Additionally the rule is skipped when rules.pl creates rules.
There are no bootmessages with failed target "none" anymore.
config/firewall/firewall-lib.pl | 4 ++-- html/cgi-bin/firewall.cgi | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/config/firewall/firewall-lib.pl b/config/firewall/firewall-lib.pl index bc0b30ca5..e7ec30ae0 100644 --- a/config/firewall/firewall-lib.pl +++ b/config/firewall/firewall-lib.pl @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2013 Alexander Marx amarx@ipfire.org # +# Copyright (C) 2021 Alexander Marx amarx@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -315,7 +315,7 @@ sub get_addresses foreach my $grp (sort {$a <=> $b} keys %customgrp) { if ($customgrp{$grp}[0] eq $value) { my @address = &get_address($customgrp{$grp}[3], $customgrp{$grp}[2], $type);
next if ($address[0][0] eq 'none');
A comment for these rather obscure things would not hurt, but technically I agree with how this is solved.
if (@address) { push(@addresses, @address); }diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi index 1483e779f..b0851dd3e 100644 --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -592,7 +592,7 @@ sub checktarget &General::readhasharray("$confighost", %customhost); foreach my $grpkey (sort keys %customgrp){ foreach my $hostkey (sort keys %customhost){
if ($customgrp{$grpkey}[2] eq $customhost{$hostkey}[0] && $customgrp{$grpkey}[2] eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $customhost{$hostkey}[1] eq 'mac'){
if ($customgrp{$grpkey}[2] eq $customhost{$hostkey}[0] && $customgrp{$grpkey}[0] eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $customhost{$hostkey}[1] eq 'mac'){
What has changed here?
$hint=$Lang::tr{'fwdfw hint mac'}; return $hint; }— 2.25.1
Best, -Michael
-
Alexander Marx -
Michael Tremer