From 5238a8719d75273e5e52f083c0c10cbe9e3ea312 Mon Sep 17 00:00:00 2001
From: Alexander Marx <amarx@ipfire.org>
Date: Mon, 21 Jan 2013 21:26:44 +0100
Subject: [PATCH] Forward Firewall: minor improvements, if an outgoingrule has
 a given port and prot "all", there are two new rules generated for UDP and
 TCP. If an outgoingrule has only "all" as prot, but no port, there's only one
 new rule created

---
 config/forwardfw/convert-outgoingfw | 18 ++++++++++--------
 config/forwardfw/rules.pl           |  4 ++--
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/config/forwardfw/convert-outgoingfw b/config/forwardfw/convert-outgoingfw
index 89cc356975..ada4196e36 100755
--- a/config/forwardfw/convert-outgoingfw
+++ b/config/forwardfw/convert-outgoingfw
@@ -37,7 +37,7 @@ my %fwdsettings=();
 &process_groups;
 &process_rules;
 &process_p2p;
-
+system("/usr/local/bin/forwardfwctrl");
 sub process_groups
 {
 	if(! -d "/var/log/converters"){ mkdir("/var/log/converters");}
@@ -279,16 +279,19 @@ sub process_rules
 		if($configline[0] eq $type){
 			#some variables we can use from old config
 			if($configline[1] eq 'on'){ $active='ON';}else{$active='';}
-			if($configline[3] eq 'all'){ 
+			if($configline[3] eq 'all' && $configline[8] ne ''){ 
+				push(@prot,"TCP");
+				push(@prot,"UDP");
+			}elsif($configline[3] eq 'all' && $configline[8] eq ''){
 				push(@prot,"");
-				$useport='ON';
-				$grp3='TGT_PORT';
 			}else{
 				push(@prot,$configline[3]);
-				$useport='ON';
-				$grp3='TGT_PORT';
 			}
-			if($configline[4] ne ''){ $remark=$configline[4];}else{$remark='';}
+			
+			if($configline[4] ne ''){ 
+				$configline[4] =~ s/,/;/g;
+				$remark = $configline[4];
+			}else{$remark = '';}
 			if($configline[9] eq 'aktiv'){ $log='ON';}else{$log='';}
 			if($configline[10] eq 'on' && $configline[11] eq 'on' && $configline[12] eq 'on' && $configline[13] eq 'on' && $configline[14] eq 'on' && $configline[15] eq 'on' && $configline[16] eq 'on'){
 				if($configline[17] eq '00:00' && $configline[18] eq '00:00'){
@@ -472,7 +475,6 @@ sub process_rules
 			}
 		}
 		&General::writehasharray($fwdfwconfig,\%fwconfig);
-		system("/usr/local/bin/forwardfwctrl");
 		@prot=();
 	}
 	close(LOG);
diff --git a/config/forwardfw/rules.pl b/config/forwardfw/rules.pl
index 2cdb36674f..672fa17745 100755
--- a/config/forwardfw/rules.pl
+++ b/config/forwardfw/rules.pl
@@ -248,12 +248,12 @@ sub p2pblock
 		my @p2pline = split( /\;/, $p2pentry );
 		if ( $fwdfwsettings{'POLICY'} eq 'MODE2' ) {
 			$DO = "DROP";
-			if ("$p2pline[2]" eq "off") {
+			if ("$p2pline[2]" eq "on") {
 				$P2PSTRING = "$P2PSTRING --$p2pline[1]";
 			}
 		} else {
 			$DO = "RETURN";
-			if ("$p2pline[2]" eq "on") {
+			if ("$p2pline[2]" eq "off") {
 				$P2PSTRING = "$P2PSTRING --$p2pline[1]";
 			}
 		}
-- 
2.39.5