-
- return @addresses;
-}
-
-sub get_address {
- my $key = shift;
- my $value = shift;
- my $type = shift;
-
- my @ret = ();
-
- # If the user manually typed an address, we just check if it is a MAC
- # address. Otherwise, we assume that it is an IP address.
- if ($key ~~ ["src_addr", "tgt_addr"]) {
- if (&General::validmac($value)) {
- push(@ret, "-m mac --mac-source $value");
- } else {
- push(@ret, $value);
- }
-
- # If a default network interface (GREEN, BLUE, etc.) is selected, we
- # try to get the corresponding address of the network.
- } elsif ($key ~~ ["std_net_src", "std_net_tgt", "Standard Network"]) {
- my $external_interface = &get_external_interface();
-
- my $network_address = &fwlib::get_std_net_ip($value, $external_interface);
- if ($network_address) {
- push(@ret, $network_address);
- }
-
- # Custom networks.
- } elsif ($key ~~ ["cust_net_src", "cust_net_tgt", "Custom Network"]) {
- my $network_address = &fwlib::get_net_ip($value);
- if ($network_address) {
- push(@ret, $network_address);
- }
-
- # Custom hosts.
- } elsif ($key ~~ ["cust_host_src", "cust_host_tgt", "Custom Host"]) {
- my $host_address = &fwlib::get_host_ip($value, $type);
- if ($host_address) {
- push(@ret, $host_address);
- }
-
- # OpenVPN networks.
- } elsif ($key ~~ ["ovpn_net_src", "ovpn_net_tgt", "OpenVPN static network"]) {
- my $network_address = &fwlib::get_ovpn_net_ip($value, 1);
- if ($network_address) {
- push(@ret, $network_address);
- }
-
- # OpenVPN hosts.
- } elsif ($key ~~ ["ovpn_host_src", "ovpn_host_tgt", "OpenVPN static host"]) {
- my $host_address = &fwlib::get_ovpn_host_ip($value, 33);
- if ($host_address) {
- push(@ret, $host_address);
- }
-
- # OpenVPN N2N.
- } elsif ($key ~~ ["ovpn_n2n_src", "ovpn_n2n_tgt", "OpenVPN N-2-N"]) {
- my $network_address = &fwlib::get_ovpn_n2n_ip($value, 11);
- if ($network_address) {
- push(@ret, $network_address);
- }
-
- # IPsec networks.
- } elsif ($key ~~ ["ipsec_net_src", "ipsec_net_tgt", "IpSec Network"]) {
- my $network_address = &fwlib::get_ipsec_net_ip($value, 11);
- if ($network_address) {
- push(@ret, $network_address);
- }
-
- # The firewall's own IP addresses.
- } elsif ($key ~~ ["ipfire", "ipfire_src"]) {
- # ALL
- if ($value eq "ALL") {
- push(@ret, "0/0");
-
- # GREEN
- } elsif ($value eq "GREEN") {
- push(@ret, $defaultNetworks{"GREEN_ADDRESS"});
-
- # BLUE
- } elsif ($value eq "BLUE") {
- push(@ret, $defaultNetworks{"BLUE_ADDRESS"});
-
- # ORANGE
- } elsif ($value eq "ORANGE") {
- push(@ret, $defaultNetworks{"ORANGE_ADDRESS"});
-
- # RED
- } elsif ($value ~~ ["RED", "RED1"]) {
- my $address = &get_external_address();
- if ($address) {
- push(@ret, $address);
- }
-
- # Aliases
- } else {
- my %alias = &get_alias($value);
- if (%alias) {
- push(@ret, $alias{"IPT"});
- }
- }
-
- # If nothing was selected, we assume "any".
- } else {
- push(@ret, "0/0");
- }
-
- return @ret;