From: Alexander Marx <amarx@ipfire.org>
Date: Tue, 8 Oct 2013 08:08:09 +0000 (+0200)
Subject: Firewall: Bugfix: WHen using servicegroup with only ICMP services, the ruletable... 
X-Git-Tag: v2.15-beta1~191^2~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=90f8339a42506ca95dacb820914881bc922f19db;p=ipfire-2.x.git

Firewall: Bugfix: WHen using servicegroup with only ICMP services, the ruletable was broken. Also fixed another useless if clause in rules.pl
---

diff --git a/config/forwardfw/rules.pl b/config/forwardfw/rules.pl
index fcaade2d66..3abe02bab4 100755
--- a/config/forwardfw/rules.pl
+++ b/config/forwardfw/rules.pl
@@ -252,7 +252,7 @@ sub buildrules
 				foreach my $DPROT (@DPROT){
 					$DPORT = &get_port($hash,$key,$DPROT);
 					$PROT=$DPROT;
-					$PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
+					$PROT="-p $PROT" if ($PROT ne '');
 					foreach my $a (sort keys %sourcehash){
 						foreach my $b (sort keys %targethash){
 							if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -311,7 +311,7 @@ sub buildrules
 				foreach my $DPROT (@DPROT){
 					$DPORT = &get_port($hash,$key,$DPROT);
 					$PROT=$DPROT;
-					$PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
+					$PROT="-p $PROT" if ($PROT ne '');
 					foreach my $a (sort keys %sourcehash){
 						foreach my $b (sort keys %targethash){
 							if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
diff --git a/html/cgi-bin/forwardfw.cgi b/html/cgi-bin/forwardfw.cgi
index c16fd0ade7..4c70a2503d 100755
--- a/html/cgi-bin/forwardfw.cgi
+++ b/html/cgi-bin/forwardfw.cgi
@@ -2254,7 +2254,7 @@ END
 				push (@protocols,$Lang::tr{'all'});
 			}
 			my $protz=join(",",@protocols);
-			if($protz eq 'ICMP' && $$hash{$key}[9] ne 'All ICMP-Types'){
+			if($protz eq 'ICMP' && $$hash{$key}[9] ne 'All ICMP-Types' && $$hash{$key}[14] ne 'cust_srvgrp'){
 				&General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
 				foreach my $keyicmp (sort { ncmp($icmptypes{$a}[0],$icmptypes{$b}[0]) }keys %icmptypes){
 					if($$hash{$key}[9] eq "$icmptypes{$keyicmp}[0]"){