Revert "Firewall: Fix errormessages on rulecreation when red has no IP"
authorMichael Tremer <michael.tremer@ipfire.org>
Wed, 26 Feb 2014 19:02:24 +0000 (20:02 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 26 Feb 2014 19:02:24 +0000 (20:02 +0100)
This reverts commit f942937c29ca76a7f153fc16ea13157eb4cf05cc.

This completely destroys external access rules and is therefore
reverted.

config/firewall/rules.pl

index 2589ac6..d8adb15 100755 (executable)
@@ -258,10 +258,6 @@ sub buildrules
                                        $PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
                                        foreach my $a (sort keys %sourcehash){
                                                foreach my $b (sort keys %targethash){
-                                                       if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){
-                                                               #Skip rules when no RED IP is set (DHCP,DSL)
-                                                               next;
-                                                       }
                                                        next if ($targethash{$b}[0] eq 'none');
                                                        $STAG='';
                                                        if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -346,10 +342,6 @@ sub buildrules
                                        }
                                        foreach my $a (sort keys %sourcehash){
                                                foreach my $b (sort keys %targethash){
-                                                       if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || $natip eq '-d ' || !$natip){
-                                                               #Skip rules when no RED IP is set (DHCP,DSL)
-                                                               next;
-                                                       }
                                                        next if ($targethash{$b}[0] eq 'none');
                                                        $STAG='';
                                                        if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -565,7 +557,7 @@ sub get_address
                        $$hash{$key}[0]='0.0.0.0/0';
                }
                if($base2 eq 'RED' || $base2 eq 'RED1'){
-                       open(FILE, "/var/ipfire/red/local-ipaddress");
+                       open(FILE, "/var/ipfire/red/local-ipaddress")or die "Couldn't open local-ipaddress";
                        $$hash{$key}[0]= <FILE>;
                        close(FILE);
                }else{