outgoingfw: Remove unused variable in generator script.

[people/pmueller/ipfire-2.x.git] / config / outgoingfw / outgoingfw.pl

diff --git a/config/outgoingfw/outgoingfw.pl b/config/outgoingfw/outgoingfw.pl
index 8d4d27d313136ab2ae486a50dece740d4f54b9ab..8bb49e0bd3fd2d9d789d729a68b78aaeda5b4ff5 100644 (file)
--- a/config/outgoingfw/outgoingfw.pl
+++ b/config/outgoingfw/outgoingfw.pl
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2005-2010  IPFire Team                                        #
+# Copyright (C) 2007-2011  IPFire Team                                        #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -25,6 +25,7 @@ use strict;
 #use warnings;
 
 require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/lang.pl";
 
 my %outfwsettings = ();
 my %checked = ();
@@ -72,7 +73,6 @@ my $PROTO = "";
 my $DPORT = "";
 my $DEV = "";
 my $MAC = "";
-my $POLICY = "";
 my $DO = "";
 my $DAY = "";
 
@@ -89,11 +89,9 @@ close FILE;
 
 if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
        $outfwsettings{'STATE'} = "ALLOW";
-       $POLICY = "DROP";
-       $DO = "ACCEPT";
+       $DO = "RETURN";
 } elsif ( $outfwsettings{'POLICY'} eq 'MODE2' ) {
        $outfwsettings{'STATE'} = "DENY";
-       $POLICY = "ACCEPT";
        $DO = "DROP -m comment --comment 'DROP_OUTGOINGFW '";
 }
 
@@ -111,13 +109,13 @@ if ( $outfwsettings{'POLICY'} eq 'MODE0' ) {
 }
 
 if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
-       $CMD = "/sbin/iptables -A OUTGOINGFW -m state --state ESTABLISHED,RELATED -j ACCEPT";
+       $CMD = "/sbin/iptables -A OUTGOINGFW -m state --state ESTABLISHED,RELATED -j RETURN";
        if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
-       $CMD = "/sbin/iptables -A OUTGOINGFWMAC -m state --state ESTABLISHED,RELATED -j ACCEPT";
+       $CMD = "/sbin/iptables -A OUTGOINGFWMAC -m state --state ESTABLISHED,RELATED -j RETURN";
        if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
-               $CMD = "/sbin/iptables -A OUTGOINGFW -p icmp -j ACCEPT";
+               $CMD = "/sbin/iptables -A OUTGOINGFW -p icmp -j RETURN";
        if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
-               $CMD = "/sbin/iptables -A OUTGOINGFWMAC -p icmp -j ACCEPT";
+               $CMD = "/sbin/iptables -A OUTGOINGFWMAC -p icmp -j RETURN";
        if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
 }
 
@@ -187,7 +185,7 @@ foreach $configentry (sort @configs)
                        foreach $SOURCE (@SOURCE) {
                                $SOURCE =~ s/\s//gi;
 
-                               if ( $SOURCE eq "" ){next;}
+                               if ( $SOURCE eq "" || $configline[1] eq "" ){next;}
 
                                if ( ( $configline[6] ne "" || $configline[2] eq 'mac' ) && $configline[2] ne 'all'){
                                        $SOURCE =~ s/[^a-zA-Z0-9]/:/gi;
@@ -206,6 +204,7 @@ foreach $configentry (sort @configs)
                                }
 
                                if ($configline[17] && $configline[18]) {
+                                       $DAY = "";
                                        if ($configline[10]){$DAY = "Mon,"}
                                        if ($configline[11]){$DAY .= "Tue,"}
                                        if ($configline[12]){$DAY .= "Wed,"}
@@ -218,7 +217,13 @@ foreach $configentry (sort @configs)
 
                                $CMD = "$CMD -o $netsettings{'RED_DEV'}";
 
-                               if ($configline[9] eq "aktiv") {
+                               if ( $configline[9] eq $Lang::tr{'aktiv'} && $outfwsettings{'POLICY'} eq 'MODE1' ) {
+                                       if ($DEBUG) {
+                                               print "$CMD -m limit --limit 10/minute -j LOG --log-prefix 'LOG_OUTGOINGFW '\n";
+                                       } else {
+                                               system("$CMD -m limit --limit 10/minute -j LOG --log-prefix 'LOG_OUTGOINGFW '");
+                                       }
+                               } elsif ( $configline[9] eq $Lang::tr{'aktiv'} && $outfwsettings{'POLICY'} eq 'MODE2' ) {
                                        if ($DEBUG) {
                                                print "$CMD -m limit --limit 10/minute -j LOG --log-prefix 'DROP_OUTGOINGFW '\n";
                                        } else {
@@ -252,7 +257,7 @@ foreach $p2pentry (sort @p2ps)
                        $P2PSTRING = "$P2PSTRING --$p2pline[1]";
                }
        } else {
-               $DO = "ACCEPT";
+               $DO = "RETURN";
                if ("$p2pline[2]" eq "on") {
                        $P2PSTRING = "$P2PSTRING --$p2pline[1]";
                }
@@ -282,4 +287,4 @@ if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
        } else {
                system("$CMD");
        }
-}
\ No newline at end of file
+}