firewall: Fix perl coding error.
authorMichael Tremer <michael.tremer@ipfire.org>
Mon, 31 Mar 2014 11:16:26 +0000 (13:16 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Mon, 31 Mar 2014 11:16:26 +0000 (13:16 +0200)
Example:
my @as = (1, 2, 3);
foreach my $a (@as) {
$a += 1;
print "$a\n";
}

$a will be a reference to the number in the array and not
copied. Therefore $a += 1 will change the numbers in the
array as well, so that after the loop the content of @as
would be (2, 3, 4).
To avoid that, the number needs to be copied into a new
variable like: my $b = $a; and we are fine.

This caused that the content of the @sources and @destinations
array has been altered for the second run of the loop and
incorrect (i.e. no) rules were created.

config/firewall/rules.pl

index f25983c..a0bc32c 100755 (executable)
@@ -254,17 +254,22 @@ sub buildrules {
                        # Check if this protocol knows ports.
                        my $protocol_has_ports = ($protocol ~~ @PROTOCOLS_WITH_PORTS);
 
                        # Check if this protocol knows ports.
                        my $protocol_has_ports = ($protocol ~~ @PROTOCOLS_WITH_PORTS);
 
-                       foreach my $source (@sources) {
-                               foreach my $destination (@destinations) {
-                                       # Skip invalid rules.
-                                       next if (!$source || !$destination || ($destination eq "none"));
+                       foreach my $src (@sources) {
+                               # Skip invalid source.
+                               next unless ($src);
+
+                               # Sanitize source.
+                               my $source = $src;
+                               if ($source ~~ @ANY_ADDRESSES) {
+                                       $source = "";
+                               }
 
 
-                                       # Sanitize source.
-                                       if ($source ~~ @ANY_ADDRESSES) {
-                                               $source = "";
-                                       }
+                               foreach my $dst (@destinations) {
+                                       # Skip invalid rules.
+                                       next if (!$dst || ($dst eq "none"));
 
                                        # Sanitize destination.
 
                                        # Sanitize destination.
+                                       my $destination = $dst;
                                        if ($destination ~~ @ANY_ADDRESSES) {
                                                $destination = "";
                                        }
                                        if ($destination ~~ @ANY_ADDRESSES) {
                                                $destination = "";
                                        }