sub get_srv_prot
{
my $val=shift;
- foreach my $key (sort keys %customservice){
+ foreach my $key (sort {$a <=> $b} keys %customservice){
if($customservice{$key}[0] eq $val){
if ($customservice{$key}[0] eq $val){
return $customservice{$key}[2];
my $tcp;
my $udp;
my $icmp;
- foreach my $key (sort keys %customservicegrp){
+ foreach my $key (sort {$a <=> $b} keys %customservicegrp){
if($customservicegrp{$key}[0] eq $val){
if (&get_srv_prot($customservicegrp{$key}[2]) eq 'TCP'){
$tcp=1;
my $val=shift;
my $field=shift;
my $prot=shift;
- foreach my $key (sort keys %customservice){
+ foreach my $key (sort {$a <=> $b} keys %customservice){
if($customservice{$key}[0] eq $val){
if($customservice{$key}[2] eq $prot){
return $customservice{$key}[$field];
my $back;
my $value;
my @ips=();
- foreach my $key (sort keys %customservicegrp){
+ foreach my $key (sort {$a <=> $b} keys %customservicegrp){
if($customservicegrp{$key}[0] eq $val){
if ($prot ne 'ICMP'){
$value=&get_srv_port($customservicegrp{$key}[2],1,$prot);
{
my $val=shift;
my $field=shift;
- foreach my $key (sort keys %ipsecconf){
+ foreach my $key (sort {$a <=> $b} keys %ipsecconf){
if($ipsecconf{$key}[1] eq $val){
return $ipsecconf{$key}[$field];
}
{
my $val=shift;
my $field=shift;
- foreach my $key (sort keys %ipsecconf){
+ foreach my $key (sort {$a <=> $b} keys %ipsecconf){
if($ipsecconf{$key}[1] eq $val){
return $ipsecconf{$key}[$field];
}
{
my $val=shift;
my $field=shift;
- foreach my $key (sort keys %ccdhost){
+ foreach my $key (sort {$a <=> $b} keys %ccdhost){
if($ccdhost{$key}[1] eq $val){
return $ccdhost{$key}[$field];
}
{
my $val=shift;
my $field=shift;
- foreach my $key (sort keys %ccdhost){
+ foreach my $key (sort {$a <=> $b} keys %ccdhost){
if($ccdhost{$key}[1] eq $val){
return $ccdhost{$key}[$field];
}
my $val=shift;
my $field=shift;
- foreach my $key (sort keys %ccdnet){
+ foreach my $key (sort {$a <=> $b} keys %ccdnet){
if($ccdnet{$key}[0] eq $val){
return $ccdnet{$key}[$field];
}
{
my $val=shift;
my $src=shift;
- foreach my $key (sort keys %customgrp){
+ foreach my $key (sort {$a <=> $b} keys %customgrp){
if ($customgrp{$key}[0] eq $val){
&get_address($customgrp{$key}[3],$src);
}
sub get_net_ip
{
my $val=shift;
- foreach my $key (sort keys %customnetwork){
+ foreach my $key (sort {$a <=> $b} keys %customnetwork){
if($customnetwork{$key}[0] eq $val){
return "$customnetwork{$key}[1]/$customnetwork{$key}[2]";
}
{
my $val=shift;
my $src=shift;
- foreach my $key (sort keys %customhost){
+ foreach my $key (sort {$a <=> $b} keys %customhost){
if($customhost{$key}[0] eq $val){
if ($customhost{$key}[1] eq 'mac' && $src eq 'src'){
return "-m mac --mac-source $customhost{$key}[2]";
$errormessage=&checksource;
if(!$errormessage){&checktarget;}
if(!$errormessage){&checkrule;}
-
#check if we change an forward rule to an external access
if( $fwdfwsettings{'grp2'} eq 'ipfire' && $fwdfwsettings{'oldgrp2a'} ne 'ipfire' && $fwdfwsettings{'updatefwrule'} eq 'on'){
$fwdfwsettings{'updatefwrule'}='';
&checkcounter(0,0,$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}});
&checkcounter(0,0,$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}});
}
-
#check if we change an external access rule to an forward
if( $fwdfwsettings{'grp2'} ne 'ipfire' && $fwdfwsettings{'oldgrp2a'} eq 'ipfire' && $fwdfwsettings{'updatefwrule'} eq 'on'){
$fwdfwsettings{'updatefwrule'}='';
if ("$fwdfwsettings{'RULE_ACTION'},$fwdfwsettings{'ACTIVE'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}},$fwdfwsettings{'USE_SRC_PORT'},$fwdfwsettings{'PROT'},$fwdfwsettings{'ICMP_TYPES'},$fwdfwsettings{'SRC_PORT'},$fwdfwsettings{'USESRV'},$fwdfwsettings{'TGT_PROT'},$fwdfwsettings{'ICMP_TGT'},$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}},$fwdfwsettings{'LOG'},$fwdfwsettings{'TIME'},$fwdfwsettings{'TIME_MON'},$fwdfwsettings{'TIME_TUE'},$fwdfwsettings{'TIME_WED'},$fwdfwsettings{'TIME_THU'},$fwdfwsettings{'TIME_FRI'},$fwdfwsettings{'TIME_SAT'},$fwdfwsettings{'TIME_SUN'},$fwdfwsettings{'TIME_FROM'},$fwdfwsettings{'TIME_TO'}"
eq "$configinputfw{$key}[0],$configinputfw{$key}[2],$configinputfw{$key}[3],$configinputfw{$key}[4],$configinputfw{$key}[5],$configinputfw{$key}[6],$configinputfw{$key}[7],$configinputfw{$key}[8],$configinputfw{$key}[9],$configinputfw{$key}[10],$configinputfw{$key}[11],$configinputfw{$key}[12],$configinputfw{$key}[13],$configinputfw{$key}[14],$configinputfw{$key}[15],$configinputfw{$key}[17],$configinputfw{$key}[18],$configinputfw{$key}[19],$configinputfw{$key}[20],$configinputfw{$key}[21],$configinputfw{$key}[22],$configinputfw{$key}[23],$configinputfw{$key}[24],$configinputfw{$key}[25],$configinputfw{$key}[26],$configinputfw{$key}[27]"){
$errormessage.=$Lang::tr{'fwdfw err ruleexists'};
+ $fwdfwsettings{'nosave'} = 'on';
}
}
}
+ #check if we just close a rule
+ if( $fwdfwsettings{'oldgrp1a'} eq $fwdfwsettings{'grp1'} && $fwdfwsettings{'oldgrp1b'} eq $fwdfwsettings{$fwdfwsettings{'grp1'}} && $fwdfwsettings{'oldgrp2a'} eq $fwdfwsettings{'grp2'} && $fwdfwsettings{'oldgrp2b'} eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $fwdfwsettings{'oldgrp3a'} eq $fwdfwsettings{'grp3'} && $fwdfwsettings{'oldgrp3b'} eq $fwdfwsettings{$fwdfwsettings{'grp3'}} && $fwdfwsettings{'oldusesrv'} eq $fwdfwsettings{'USESRV'} ) {
+ if($fwdfwsettings{'nosave'} eq 'on' && $fwdfwsettings{'updatefwrule'} eq 'on'){
+ $errormessage='';
+ $fwdfwsettings{'nosave2'} = 'on';
+ }
+ }
&checkcounter($fwdfwsettings{'oldgrp1a'},$fwdfwsettings{'oldgrp1b'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}});
if ($fwdfwsettings{'nobase'} ne 'on'){
&checkcounter($fwdfwsettings{'oldgrp2a'},$fwdfwsettings{'oldgrp2b'},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}});
}elsif ($fwdfwsettings{'oldusesrv'} eq $fwdfwsettings{'USESRV'} && $fwdfwsettings{'oldgrp3b'} ne $fwdfwsettings{$fwdfwsettings{'grp3'}} && $fwdfwsettings{'updatefwrule'} eq 'on'){
&checkcounter($fwdfwsettings{'oldgrp3a'},$fwdfwsettings{'oldgrp3b'},$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}});
}
-
- &saverule(\%configinputfw,$configinput);
+ if($fwdfwsettings{'nosave2'} ne 'on'){
+ &saverule(\%configinputfw,$configinput);
+ }
#print "Source: $fwdfwsettings{'grp1'} -> $fwdfwsettings{$fwdfwsettings{'grp1'}}<br>";
#print "Sourceport: $fwdfwsettings{'USE_SRC_PORT'}, $fwdfwsettings{'PROT'}, $fwdfwsettings{'ICMP_TYPES'}, $fwdfwsettings{'SRC_PORT'}<br>";
#print "Target: $fwdfwsettings{'grp2'} -> $fwdfwsettings{$fwdfwsettings{'grp2'}}<br>";
if ("$fwdfwsettings{'RULE_ACTION'},$fwdfwsettings{'ACTIVE'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}},$fwdfwsettings{'USE_SRC_PORT'},$fwdfwsettings{'PROT'},$fwdfwsettings{'ICMP_TYPES'},$fwdfwsettings{'SRC_PORT'},$fwdfwsettings{'USESRV'},$fwdfwsettings{'TGT_PROT'},$fwdfwsettings{'ICMP_TGT'},$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}},$fwdfwsettings{'LOG'},$fwdfwsettings{'TIME'},$fwdfwsettings{'TIME_MON'},$fwdfwsettings{'TIME_TUE'},$fwdfwsettings{'TIME_WED'},$fwdfwsettings{'TIME_THU'},$fwdfwsettings{'TIME_FRI'},$fwdfwsettings{'TIME_SAT'},$fwdfwsettings{'TIME_SUN'},$fwdfwsettings{'TIME_FROM'},$fwdfwsettings{'TIME_TO'}"
eq "$configfwdfw{$key}[0],$configfwdfw{$key}[2],$configfwdfw{$key}[3],$configfwdfw{$key}[4],$configfwdfw{$key}[5],$configfwdfw{$key}[6],$configfwdfw{$key}[7],$configfwdfw{$key}[8],$configfwdfw{$key}[9],$configfwdfw{$key}[10],$configfwdfw{$key}[11],$configfwdfw{$key}[12],$configfwdfw{$key}[13],$configfwdfw{$key}[14],$configfwdfw{$key}[15],$configfwdfw{$key}[17],$configfwdfw{$key}[18],$configfwdfw{$key}[19],$configfwdfw{$key}[20],$configfwdfw{$key}[21],$configfwdfw{$key}[22],$configfwdfw{$key}[23],$configfwdfw{$key}[24],$configfwdfw{$key}[25],$configfwdfw{$key}[26],$configfwdfw{$key}[27]"){
$errormessage.=$Lang::tr{'fwdfw err ruleexists'};
+ $fwdfwsettings{'nosave'} = 'on';
}
}
}
+ #check if we just close a rule
+ if( $fwdfwsettings{'oldgrp1a'} eq $fwdfwsettings{'grp1'} && $fwdfwsettings{'oldgrp1b'} eq $fwdfwsettings{$fwdfwsettings{'grp1'}} && $fwdfwsettings{'oldgrp2a'} eq $fwdfwsettings{'grp2'} && $fwdfwsettings{'oldgrp2b'} eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $fwdfwsettings{'oldgrp3a'} eq $fwdfwsettings{'grp3'} && $fwdfwsettings{'oldgrp3b'} eq $fwdfwsettings{$fwdfwsettings{'grp3'}} && $fwdfwsettings{'oldusesrv'} eq $fwdfwsettings{'USESRV'} ) {
+ if($fwdfwsettings{'nosave'} eq 'on' && $fwdfwsettings{'updatefwrule'} eq 'on'){
+ $fwdfwsettings{'nosave2'} = 'on';
+ $errormessage='';
+ }
+ }
#increase counters
&checkcounter($fwdfwsettings{'oldgrp1a'},$fwdfwsettings{'oldgrp1b'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}});
&checkcounter($fwdfwsettings{'oldgrp2a'},$fwdfwsettings{'oldgrp2b'},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}});
if ($fwdfwsettings{'nobase'} eq 'on'){
&checkcounter(0,0,$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}});
}
- &saverule(\%configfwdfw,$configfwdfw);
+ if ($fwdfwsettings{'nosave2'} ne 'on'){
+ &saverule(\%configfwdfw,$configfwdfw);
+ }
#print "Source: $fwdfwsettings{'grp1'} -> $fwdfwsettings{$fwdfwsettings{'grp1'}}<br>";
#print "Sourceport: $fwdfwsettings{'USE_SRC_PORT'}, $fwdfwsettings{'PROT'}, $fwdfwsettings{'ICMP_TYPES'}, $fwdfwsettings{'SRC_PORT'}<br>";
#print "Target: $fwdfwsettings{'grp2'} -> $fwdfwsettings{$fwdfwsettings{'grp2'}}<br>";
if ($errormessage){
&newrule;
}else{
- &rules;
+ if($fwdfwsettings{'nosave2'} ne 'on'){
+ &rules;
+ }
&base;
}
}
my %delhash=();
&General::readhasharray($fwdfwsettings{'config'}, \%delhash);
foreach my $key (sort {$a <=> $b} keys %delhash){
- if ($key eq $fwdfwsettings{'key'}){
+ if ($key == $fwdfwsettings{'key'}){
#check hosts/net and groups
&checkcounter($delhash{$key}[3],$delhash{$key}[4],,);
&checkcounter($delhash{$key}[5],$delhash{$key}[6],,);
&checkcounter($delhash{$key}[14],$delhash{$key}[15],,);
}
}
- if ($key ge $fwdfwsettings{'key'}) {
+ if ($key >= $fwdfwsettings{'key'}) {
my $next = $key + 1;
if (exists $delhash{$next}) {
foreach my $i (0 .. $#{$delhash{$next}}) {
projects / people / teissler / ipfire-2.x.git / commitdiff
