]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commitdiff
projects / people / pmueller / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: debf583)
firewall: Avoid creating a rule that permits all traffic on invalid source
authorMichael Tremer <michael.tremer@ipfire.org>
Tue, 17 Jan 2023 13:41:44 +0000 (13:41 +0000)
committerPeter Müller <peter.mueller@ipfire.org>
Wed, 18 Jan 2023 23:27:19 +0000 (23:27 +0000)
The firewall engine generated rules that did not have any traffic
selectors due to an improperly initialized variable in the source.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
config/firewall/rules.pl patch | blob | blame | history

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 30ad20df1d9a31ff86a08784364daf3c24e192dc..1b628df169948f7771005c4a430334ef3af572a4 100644 (file)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -401,6 +401,9 @@ sub buildrules {
                                        $source = "";
                                }
 
+                               # Make sure that $source is properly defined
+                               next unless (defined $source);
+
                                my $source_intf = @$src[1];
 
                                foreach my $dst (@destinations) {
Peter's tree of IPFire 2.x