+ foreach $PROTO (@PROTO){
+ foreach $SOURCE (@SOURCE) {
+ $SOURCE =~ s/\s//gi;
+
+ if ( $SOURCE eq "" ){next;}
+
+ $CMD = "/sbin/iptables -A OUTGOINGFW -s $SOURCE -d $DESTINATION -p $PROTO";
+
+ if ($configline[8] && ( $configline[3] ne 'esp' || $configline[3] ne 'gre') ) {
+ $DPORT = "$configline[8]";
+ $CMD = "$CMD -m multiport --destination-port $DPORT";
+ }
+
+ if ($DEV) {
+ $CMD = "$CMD -i $DEV";
+ }
+
+ if ($configline[6]) {
+ $MAC = "$configline[6]";
+ $CMD = "$CMD -m mac --mac-source $MAC";
+ }
+
+ if ($configline[17] && $configline[18]) {
+ if ($configline[10]){$DAY = "Mon,"}
+ if ($configline[11]){$DAY .= "Tue,"}
+ if ($configline[12]){$DAY .= "Wed,"}
+ if ($configline[13]){$DAY .= "Thu,"}
+ if ($configline[14]){$DAY .= "Fri,"}
+ if ($configline[15]){$DAY .= "Sat,"}
+ if ($configline[16]){$DAY .= "Sun"}
+ $CMD = "$CMD -m time --timestart $configline[17] --timestop $configline[18] --weekdays $DAY";
+ }
+
+ $CMD = "$CMD -o $netsettings{'RED_DEV'}";
+
+ if ($configline[9] eq "aktiv") {
+ if ($DEBUG) {
+ print "$CMD -m limit --limit 10/minute -j LOG --log-prefix 'DROP_OUTGOINGFW'\n";
+ } else {
+ system("$CMD -m limit --limit 10/minute -j LOG --log-prefix 'DROP_OUTGOINGFW'");
+ }
+ }
+