X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=config%2Ffirewall%2Fconvert-portfw;h=447ef90a760784689fb142ed8835f1957f01450e;hp=f6ddd25a5322a85ec542c6de576e80a51d3b6fc8;hb=6ee9053548341eceba9e0126a8e903872384a961;hpb=ac14b325e03276f9e17e334b03a3d3129903bac7 diff --git a/config/firewall/convert-portfw b/config/firewall/convert-portfw index f6ddd25a5..447ef90a7 100755 --- a/config/firewall/convert-portfw +++ b/config/firewall/convert-portfw @@ -107,9 +107,9 @@ sub build_rules $active = uc $active; $prot = uc $prot; chomp($remark); - push (@built_rules,"ACCEPT,FORWARDFW,$active,$src,$src1,tgt_addr,$target/32,ON,$prot,,TGT_PORT,$targetport,$remark,00:00,00:00,ON,$alias,$ipfireport,dnat"); + push (@built_rules,"ACCEPT,FORWARDFW,$active,$src,$src1,tgt_addr,$target/32,,$prot,,TGT_PORT,$targetport,$remark,00:00,00:00,ON,$alias,$ipfireport,dnat"); my $now=localtime; - print LOG "$now Converted-> KEY: $count ACCEPT,FORWARDFW,$active,$src,$src1,tgt_addr,$target/32,ON,$prot,,TGT_PORT,$targetport,$remark,00:00,00:00,ON,$alias,$ipfireport,dnat\n"; + print LOG "$now Converted-> KEY: $count ACCEPT,FORWARDFW,$active,$src,$src1,tgt_addr,$target/32,*,$prot,,TGT_PORT,$targetport,$remark,00:00,00:00,ON,$alias,$ipfireport,dnat\n"; } } sub write_rules @@ -120,15 +120,22 @@ sub write_rules &General::readhasharray($confignat,\%nat); foreach my $line (@built_rules){ $skip=''; - my ($action,$chain,$active,$src,$src1,$tgt,$tgt1,$use_prot,$prot,$dummy,$tgt_port,$tgt_port1,$remark,$from,$to,$use_port,$alias,$ipfireport,$dnat) = split (",",$line); + my ($action,$chain,$active,$src,$src1,$tgt,$tgt1,$dummy,$prot,$dummy,$tgt_port,$tgt_port1,$remark,$from,$to,$use_port,$alias,$ipfireport,$dnat) = split (",",$line); foreach my $key (sort keys %nat){ - if ($line eq "$nat{$key}[0],$nat{$key}[1],$nat{$key}[2],$nat{$key}[3],$nat{$key}[4],$nat{$key}[5],$nat{$key}[6],$nat{$key}[11],$nat{$key}[12],$nat{$key}[13],$nat{$key}[14],$nat{$key}[15],$nat{$key}[16],$nat{$key}[26],$nat{$key}[27],$nat{$key}[28],$nat{$key}[29],$nat{$key}[30],$nat{$key}[31]"){ + if ($line eq "$nat{$key}[0],$nat{$key}[1],$nat{$key}[2],$nat{$key}[3],$nat{$key}[4],$nat{$key}[5],$nat{$key}[6],$nat{$key}[7],$nat{$key}[8],$nat{$key}[11],$nat{$key}[14],$nat{$key}[15],$nat{$key}[16],$nat{$key}[26],$nat{$key}[27],$nat{$key}[28],$nat{$key}[29],$nat{$key}[30],$nat{$key}[31]"){ my $now=localtime; - print LOG "$now SKIP-> Rule $nat{$key}[0],$nat{$key}[1],$nat{$key}[2],$nat{$key}[3],$nat{$key}[4],$nat{$key}[5],$nat{$key}[6],$nat{$key}[11],$nat{$key}[12],$nat{$key}[13],$nat{$key}[14],$nat{$key}[15],$nat{$key}[16],$nat{$key}[26],$nat{$key}[27],$nat{$key}[28],$nat{$key}[29],$nat{$key}[30],$nat{$key}[31] ->EXISTS\n"; + print LOG "$now SKIP-> Rule $nat{$key}[0],$nat{$key}[1],$nat{$key}[2],$nat{$key}[3],$nat{$key}[4],$nat{$key}[5],$nat{$key}[6],$nat{$key}[7],$nat{$key}[8],$nat{$key}[11],$nat{$key}[14],$nat{$key}[15],$nat{$key}[16],$nat{$key}[26],$nat{$key}[27],$nat{$key}[28],$nat{$key}[29],$nat{$key}[30],$nat{$key}[31] ->EXISTS\n"; $skip='1'; } } if ($skip ne '1'){ + if ( $prot eq 'GRE'){ + $tgt_port=''; + $tgt_port1=''; + $use_port=''; + $ipfireport=''; + $use_prot=''; + } $id = &General::findhasharraykey(\%nat); $nat{$id}[0] = $action; $nat{$id}[1] = $chain; @@ -137,9 +144,9 @@ sub write_rules $nat{$id}[4] = $src1; $nat{$id}[5] = $tgt; $nat{$id}[6] = $tgt1; - $nat{$id}[11] = $use_prot; - $nat{$id}[12] = $prot; - $nat{$id}[13] = $dummy; + $nat{$id}[7] = $dummy; + $nat{$id}[8] = $prot; + $nat{$id}[11] = $use_port; $nat{$id}[14] = $tgt_port; $nat{$id}[15] = $tgt_port1; $nat{$id}[16] = $remark;