Forward Firewall: rules.pl supports now DMZ rules. These rules are applied first
authorAlexander Marx <amarx@ipfire.org>
Mon, 25 Feb 2013 12:56:48 +0000 (13:56 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 9 Aug 2013 12:09:15 +0000 (14:09 +0200)
config/forwardfw/rules.pl

index ffdb6c2ced90e4059a241a643df10f0c81ed9c54..0ff153d6175f5487d4d3364d389a2c2e5ff4ec49 100755 (executable)
@@ -43,6 +43,7 @@ our %targethash=();
 my @timeframe=();
 my %configinputfw=();
 my %configoutgoingfw=();
+my %configdmzfw=();
 my %aliases=();
 my @DPROT=();
 my @p2ps=();
@@ -50,6 +51,7 @@ require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/forward/bin/firewall-lib.pl";
 
+my $configdmz          = "${General::swroot}/forward/dmz";
 my $configfwdfw                = "${General::swroot}/forward/config";
 my $configinput            = "${General::swroot}/forward/input";
 my $configoutgoing  = "${General::swroot}/forward/outgoing";
@@ -66,6 +68,7 @@ my $CHAIN="FORWARDFW";
 
 &General::readhash("${General::swroot}/forward/settings", \%fwdfwsettings);
 &General::readhash("$netsettings", \%defaultNetworks);
+&General::readhasharray($configdmz, \%configdmzfw);
 &General::readhasharray($configfwdfw, \%configfwdfw);
 &General::readhasharray($configinput, \%configinputfw);
 &General::readhasharray($configoutgoing, \%configoutgoingfw);
@@ -132,6 +135,9 @@ sub flush
 }                      
 sub preparerules
 {
+       if (! -z  "${General::swroot}/forward/dmz"){
+               &buildrules(\%configdmzfw);
+       }
        if (! -z  "${General::swroot}/forward/config"){
                &buildrules(\%configfwdfw);
        }