my %configinputfw=();
my %configoutgoingfw=();
my %confignatfw=();
-my %aliases=();
my @p2ps=();
my $configfwdfw = "${General::swroot}/firewall/config";
&General::readhasharray($configinput, \%configinputfw);
&General::readhasharray($configoutgoing, \%configoutgoingfw);
&General::readhasharray($configgrp, \%customgrp);
-&General::get_aliases(\%aliases);
my @log_limit_options = &make_log_limit_options();
# Check if this protocol knows ports.
my $protocol_has_ports = ($protocol ~~ @PROTOCOLS_WITH_PORTS);
- foreach my $source (@sources) {
- foreach my $destination (@destinations) {
- # Skip invalid rules.
- next if (!$source || !$destination || ($destination eq "none"));
+ foreach my $src (@sources) {
+ # Skip invalid source.
+ next unless ($src);
- # Sanitize source.
- if ($source ~~ @ANY_ADDRESSES) {
- $source = "";
- }
+ # Sanitize source.
+ my $source = $src;
+ if ($source ~~ @ANY_ADDRESSES) {
+ $source = "";
+ }
+
+ foreach my $dst (@destinations) {
+ # Skip invalid rules.
+ next if (!$dst || ($dst eq "none"));
# Sanitize destination.
+ my $destination = $dst;
if ($destination ~~ @ANY_ADDRESSES) {
$destination = "";
}
}
push(@nat_options, @source_options);
push(@nat_options, ("-d", $nat_address));
+ push(@nat_options, @time_options);
my $dnat_port;
if ($protocol_has_ports) {