Firewall: Added new feature: Now protocols can be added to servicegroups (GRE,AH...

[people/teissler/ipfire-2.x.git] / config / firewall / rules.pl

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index c54a2eb82ab9c60d2066101348ad176a663f76d9..d0a9e20b758f4cad6b6408f094e15ce76f77b1f9 100755 (executable)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -252,6 +252,9 @@ sub buildrules
                                #print rules to console
                                foreach my $DPROT (@DPROT){
                                        $DPORT = &get_port($hash,$key,$DPROT);
+                                       if ($DPROT ne 'TCP' && $DPROT ne 'UDP' && $DPROT ne 'ICMP' ){
+                                               $DPORT='';
+                                       }
                                        $PROT=$DPROT;
                                        $PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
                                        foreach my $a (sort keys %sourcehash){
@@ -333,6 +336,9 @@ sub buildrules
                                        $DPORT = &get_port($hash,$key,$DPROT);
                                        $PROT=$DPROT;
                                        $PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
+                                       if ($DPROT ne 'TCP' && $DPROT ne'UDP' && $DPROT ne 'ICMP' ){
+                                               $DPORT='';
+                                       }
                                        foreach my $a (sort keys %sourcehash){
                                                foreach my $b (sort keys %targethash){
                                                        if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){