#print rules to console
foreach my $DPROT (@DPROT){
$DPORT = &get_port($hash,$key,$DPROT);
+ if ($DPROT ne 'TCP' && $DPROT ne 'UDP' && $DPROT ne 'ICMP' ){
+ $DPORT='';
+ }
$PROT=$DPROT;
$PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
foreach my $a (sort keys %sourcehash){
foreach my $b (sort keys %targethash){
+ next if ($targethash{$b}[0] eq 'none');
+ $STAG='';
if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
if($DPROT ne ''){
if(substr($sourcehash{$a}[0], 3, 3) ne 'mac' && $sourcehash{$a}[0] ne ''){ $STAG="-s";}
#Process ICMP RULE
if(substr($DPORT, 2, 4) eq 'icmp'){
- print"uzlputz ICMP Regel\n";
my @icmprule= split(",",substr($DPORT, 12,));
foreach (@icmprule){
$icmptype="--icmp-type ";
$DPORT = &get_port($hash,$key,$DPROT);
$PROT=$DPROT;
$PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
+ if ($DPROT ne 'TCP' && $DPROT ne'UDP' && $DPROT ne 'ICMP' ){
+ $DPORT='';
+ }
foreach my $a (sort keys %sourcehash){
foreach my $b (sort keys %targethash){
+ next if ($targethash{$b}[0] eq 'none');
+ $STAG='';
if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
if($DPROT ne ''){
if(substr($sourcehash{$a}[0], 3, 3) ne 'mac' && $sourcehash{$a}[0] ne ''){ $STAG="-s";}