X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=config%2Fforwardfw%2Ffirewall-lib.pl;h=e616d7efa9c9025d8f1e0540bf4e1336d7f6b5cd;hp=24b990c7727634be4b97b2f232e8ee8cdcf718c6;hb=dc21519f683d5bb0f7e5a9dfcfb4806afb895217;hpb=fd10a52ca2860678368d162ce6b52b8c1cf25d0e

diff --git a/config/forwardfw/firewall-lib.pl b/config/forwardfw/firewall-lib.pl
index 24b990c77..e616d7efa 100755
--- a/config/forwardfw/firewall-lib.pl
+++ b/config/forwardfw/firewall-lib.pl
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2012														  #
+# Copyright (C) 2013                                                          #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -18,7 +18,8 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
 #                                                                             #
 ###############################################################################
-
+# Author: Alexander Marx (amarx@ipfire.org)                                   #
+###############################################################################
 
 use strict;
 no warnings 'uninitialized';
@@ -68,7 +69,7 @@ my $field;
 sub get_srv_prot
 {
 	my $val=shift;
-	foreach my $key (sort keys %customservice){
+	foreach my $key (sort {$a <=> $b} keys %customservice){
 		if($customservice{$key}[0] eq $val){
 			if ($customservice{$key}[0] eq $val){
 				return $customservice{$key}[2];
@@ -83,7 +84,7 @@ sub get_srvgrp_prot
 	my $tcp;
 	my $udp;
 	my $icmp;
-	foreach my $key (sort keys %customservicegrp){
+	foreach my $key (sort {$a <=> $b} keys %customservicegrp){
 		if($customservicegrp{$key}[0] eq $val){
 			if (&get_srv_prot($customservicegrp{$key}[2]) eq 'TCP'){ 
 				$tcp=1;
@@ -108,7 +109,7 @@ sub get_srv_port
 	my $val=shift;
 	my $field=shift;
 	my $prot=shift;
-	foreach my $key (sort keys %customservice){
+	foreach my $key (sort {$a <=> $b} keys %customservice){
 		if($customservice{$key}[0] eq $val){
 			if($customservice{$key}[2] eq $prot){
 				return $customservice{$key}[$field];
@@ -123,7 +124,7 @@ sub get_srvgrp_port
 	my $back;
 	my $value;
 	my @ips=();
-	foreach my $key (sort keys %customservicegrp){
+	foreach my $key (sort {$a <=> $b} keys %customservicegrp){
 		if($customservicegrp{$key}[0] eq $val){
 			if ($prot ne 'ICMP'){
 				$value=&get_srv_port($customservicegrp{$key}[2],1,$prot);
@@ -146,7 +147,7 @@ sub get_ipsec_net_ip
 {
 	my $val=shift;
 	my $field=shift;
-	foreach my $key (sort keys %ipsecconf){
+	foreach my $key (sort {$a <=> $b} keys %ipsecconf){
 		if($ipsecconf{$key}[1] eq $val){
 			return $ipsecconf{$key}[$field];
 		}
@@ -156,7 +157,7 @@ sub get_ipsec_host_ip
 {
 	my $val=shift;
 	my $field=shift;
-	foreach my $key (sort keys %ipsecconf){
+	foreach my $key (sort {$a <=> $b} keys %ipsecconf){
 		if($ipsecconf{$key}[1] eq $val){
 			return $ipsecconf{$key}[$field];
 		}
@@ -166,7 +167,7 @@ sub get_ovpn_n2n_ip
 {
 	my $val=shift;
 	my $field=shift;
-	foreach my $key (sort keys %ccdhost){
+	foreach my $key (sort {$a <=> $b} keys %ccdhost){
 		if($ccdhost{$key}[1] eq $val){
 			return $ccdhost{$key}[$field];
 		}
@@ -176,7 +177,7 @@ sub get_ovpn_host_ip
 {
 	my $val=shift;
 	my $field=shift;
-	foreach my $key (sort keys %ccdhost){
+	foreach my $key (sort {$a <=> $b} keys %ccdhost){
 		if($ccdhost{$key}[1] eq $val){
 			return $ccdhost{$key}[$field];
 		}
@@ -187,7 +188,7 @@ sub get_ovpn_net_ip
 	
 	my $val=shift;
 	my $field=shift;
-	foreach my $key (sort keys %ccdnet){
+	foreach my $key (sort {$a <=> $b} keys %ccdnet){
 		if($ccdnet{$key}[0] eq $val){
 			return $ccdnet{$key}[$field];
 		}
@@ -197,7 +198,7 @@ sub get_grp_ip
 {
 	my $val=shift;
 	my $src=shift;
-	foreach my $key (sort keys %customgrp){
+	foreach my $key (sort {$a <=> $b} keys %customgrp){
 		if ($customgrp{$key}[0] eq $val){
 			&get_address($customgrp{$key}[3],$src);
 		}
@@ -207,6 +208,7 @@ sub get_grp_ip
 sub get_std_net_ip
 {
 	my $val=shift;
+	my $con=shift;
 	if ($val eq 'ALL'){
 		return "0.0.0.0/0.0.0.0";
 	}elsif($val eq 'GREEN'){
@@ -215,16 +217,20 @@ sub get_std_net_ip
 		return "$netsettings{'ORANGE_NETADDRESS'}/$netsettings{'ORANGE_NETMASK'}";
 	}elsif($val eq 'BLUE'){
 		return "$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";
+	}elsif($val eq 'RED'){
+		return "0.0.0.0/0 -o $con";
 	}elsif($val =~ /OpenVPN/i){
 		return "$ovpnsettings{'DOVPN_SUBNET'}";
 	}elsif($val =~ /IPsec/i){
 		return "$ipsecsettings{'RW_NET'}";
+	}elsif($val eq 'IPFire'){
+		return ;
 	}
 }
 sub get_net_ip
 {
 	my $val=shift;
-	foreach my $key (sort keys %customnetwork){
+	foreach my $key (sort {$a <=> $b} keys %customnetwork){
 		if($customnetwork{$key}[0] eq $val){
 			return "$customnetwork{$key}[1]/$customnetwork{$key}[2]";
 		}  
@@ -234,7 +240,7 @@ sub get_host_ip
 {
 	my $val=shift;
 	my $src=shift;
-	foreach my $key (sort keys %customhost){
+	foreach my $key (sort {$a <=> $b} keys %customhost){
 		if($customhost{$key}[0] eq $val){
 			if ($customhost{$key}[1] eq 'mac' && $src eq 'src'){
 			return "-m mac --mac-source $customhost{$key}[2]";