]> git.ipfire.org Git - people/mfischer/ipfire-2.x.git/commitdiff
projects / people / mfischer / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 26926c4)
rules.pl: Fix creating rules for location based groups.
authorStefan Schantl <stefan.schantl@ipfire.org>
Wed, 23 Mar 2022 17:08:52 +0000 (18:08 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 23 Mar 2022 17:15:18 +0000 (17:15 +0000)
The former used hash value only contains the country code when
a rule for a single country should be created.

In case a location group is used the hash value refers to the group name,
which does not work here.

The required country code is part of the processed string and can be omitted
from here. This works well for single codes and location groups, because those
are processed in a loop.

Fixes #12809.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
config/firewall/rules.pl patch | blob | blame | history

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index d713049867f4ee7a9cb198cc85cf8225dd7eadf5..19dc7a6d15a247403b399f9591d303552313d12a 100644 (file)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -411,8 +411,9 @@ sub buildrules {
                                        if ($source =~ /mac/) {
                                                push(@source_options, $source);
                                        } elsif ($source =~ /-m set/) {
-                                               # Grab location code from hash.
-                                               my $loc_src = $$hash{$key}[4];
+                                               # Split given arguments into single chunks to
+                                               # obtain the set name.
+                                               my ($a, $b, $c, $loc_src, $e) = split(/ /, $source);
 
                                                # Call function to load the networks list for this country.
                                                &ipset_restore($loc_src);
@@ -425,8 +426,9 @@ sub buildrules {
                                        # Prepare destination options.
                                        my @destination_options = ();
                                        if ($destination =~ /-m set/) {
-                                               # Grab location code from hash.
-                                               my $loc_dst = $$hash{$key}[6];
+                                               # Split given arguments into single chunks to
+                                               # obtain the set name.
+                                               my ($a, $b, $c, $loc_dst, $e) = split(/ /, $destination);
 
                                                # Call function to load the networks list for this country.
                                                &ipset_restore($loc_dst);
Matthias' tree of IPFire 2.x