This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, fifteen has been updated via 35ca8e0203c4d94178f2186d0c0b73f8ec48bc50 (commit) via 27d4d4817e29bee8b8afb33bfda767be3587b31f (commit) via a8ccb45cb78acf76e7d9518254f5d363605fc823 (commit) from 44ed2a42f02738b7955614461f868eda655eebbd (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 35ca8e0203c4d94178f2186d0c0b73f8ec48bc50 Author: Alexander Marx amarx@ipfire.org Date: Thu Nov 21 07:43:53 2013 +0100
Firewall: Bugfix: Last rule for outgoing showed wrong color, Bugfix:When using a rule with sourceport and afterwards editing this rule to use service or servicegroup, there was an errormessage.
commit 27d4d4817e29bee8b8afb33bfda767be3587b31f Author: Alexander Marx amarx@ipfire.org Date: Wed Nov 20 16:01:46 2013 +0100
Firewall: refined dmz-converter. RUles are now converted with defined protocol instead of "all" protocol
commit a8ccb45cb78acf76e7d9518254f5d363605fc823 Author: Alexander Marx amarx@ipfire.org Date: Wed Nov 20 14:28:42 2013 +0100
Firewall: Fixed xtaccess converter. The protocol in the old rules are now converted correctly
-----------------------------------------------------------------------
Summary of changes: config/firewall/convert-dmz | 8 ++++---- config/firewall/convert-xtaccess | 6 +++--- html/cgi-bin/firewall.cgi | 16 ++++++---------- 3 files changed, 13 insertions(+), 17 deletions(-)
Difference in files: diff --git a/config/firewall/convert-dmz b/config/firewall/convert-dmz index 0f7c68e..fbcc4cf 100755 --- a/config/firewall/convert-dmz +++ b/config/firewall/convert-dmz @@ -141,12 +141,12 @@ sub process_rules{ $configfwdfw{$key}[5] = $field5; $configfwdfw{$key}[6] = $field6; $configfwdfw{$key}[7] = ''; - $configfwdfw{$key}[8] = ''; + $configfwdfw{$key}[8] = $field12; $configfwdfw{$key}[9] = ''; $configfwdfw{$key}[10] = ''; $configfwdfw{$key}[11] = $field11; - $configfwdfw{$key}[12] = $field12; - $configfwdfw{$key}[13] = $field13; + $configfwdfw{$key}[12] = ''; + $configfwdfw{$key}[13] = ''; $configfwdfw{$key}[14] = $field14; $configfwdfw{$key}[15] = $field15; $configfwdfw{$key}[16] = $field16; @@ -165,7 +165,7 @@ sub process_rules{ $configfwdfw{$key}[29] = $field29; $configfwdfw{$key}[30] = $field30; $configfwdfw{$key}[31] = $field31; - print LOG "$Now -> Converted to $field0,$field1,$field2,$field3,$field4,$field5,$field6,,,,,$field11,$field12,$field13,$field14,$field15,$field16,,,,,,,,,,$field26,$field27\n"; + print LOG "$Now -> Converted to $field0,$field1,$field2,$field3,$field4,$field5,$field6,,$field12,,,$field11,,,$field14,$field15,$field16,,,,,,,,,,$field26,$field27,$field28,$field29,$field30,$field31\n"; } &General::writehasharray($fwdfwconfig,%configfwdfw); close (LOG); diff --git a/config/firewall/convert-xtaccess b/config/firewall/convert-xtaccess index e04ab6d..363af7a 100755 --- a/config/firewall/convert-xtaccess +++ b/config/firewall/convert-xtaccess @@ -113,12 +113,12 @@ foreach my $line (@current){ $configinputfw{$key}[5] = $field5; $configinputfw{$key}[6] = $field6; $configinputfw{$key}[7] = ''; - $configinputfw{$key}[8] = ''; + $configinputfw{$key}[8] = $field12; $configinputfw{$key}[9] = ''; $configinputfw{$key}[10] = ''; $configinputfw{$key}[11] = $field11; - $configinputfw{$key}[12] = $field12; - $configinputfw{$key}[13] = $field13; + $configinputfw{$key}[12] = ''; + $configinputfw{$key}[13] = ''; $configinputfw{$key}[14] = $field14; $configinputfw{$key}[15] = $field15; $configinputfw{$key}[16] = $field16; diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi index d1c086d..d2aa217 100755 --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -855,12 +855,7 @@ sub checkrule } } } - #When using source- or targetport, the protocol has to be TCP or UDP - if (($fwdfwsettings{'USESRV'} eq 'ON' || $fwdfwsettings{'USE_SRC_PORT'} eq 'ON') && ($fwdfwsettings{'SRC_PORT'} ne '' || $fwdfwsettings{'TGT_PORT'} ne '') && ($fwdfwsettings{'PROT'} ne 'TCP' && $fwdfwsettings{'PROT'} ne 'UDP')){ - $errormessage.=$Lang::tr{'fwdfw err prot_port1'}; - return; - } - #when icmp selected, no targetport allowed + #when icmp selected, no source and targetport allowed if (($fwdfwsettings{'PROT'} ne '' && $fwdfwsettings{'PROT'} ne 'TCP' && $fwdfwsettings{'PROT'} ne 'UDP' && $fwdfwsettings{'PROT'} ne 'template') && ($fwdfwsettings{'USESRV'} eq 'ON' || $fwdfwsettings{'USE_SRC_PORT'} eq 'ON')){ $errormessage.=$Lang::tr{'fwdfw err prot_port'}; return; @@ -930,9 +925,10 @@ sub checkrule $fwdfwsettings{'ICMP_TYPES'}=''; $fwdfwsettings{'USESRV'}=''; $fwdfwsettings{'TGT_PORT'}=''; - }elsif($fwdfwsettings{'PROT'} ne 'TCP' && $fwdfwsettings{'PROT'} ne 'UDP' && $fwdfwsettings{'PROT'} ne 'ICMP'){ + }elsif($fwdfwsettings{'PROT'} ne 'TCP' && $fwdfwsettings{'PROT'} ne 'UDP'){ $fwdfwsettings{'ICMP_TYPES'}=''; - $fwdfwsettings{'PROT'} = ''; + $fwdfwsettings{'SRC_PORT'}=''; + $fwdfwsettings{'TGT_PORT'}=''; }elsif($fwdfwsettings{'PROT'} ne 'ICMP'){ $fwdfwsettings{'ICMP_TYPES'}=''; } @@ -2882,9 +2878,9 @@ END
$message = $Lang::tr{'fwdfw pol allow'};
- } elsif ($config eq '/var/ipfire/firewall/outgoing') { + } elsif ($config eq '/var/ipfire/firewall/outgoing' && ($fwdfwsettings{'POLICY1'} ne 'MODE1')) { $message = $Lang::tr{'fwdfw pol allow'}; - + $colour = "bgcolor='green'"; } else { $message = $Lang::tr{'fwdfw pol block'}; $colour = "bgcolor='darkred'";
hooks/post-receive -- IPFire 2.x development tree