From 800077a68916409bd0aa3b5a240bd9f70ec27655 Mon Sep 17 00:00:00 2001 From: Alexander Marx Date: Thu, 27 Feb 2014 13:38:40 +0100 Subject: [PATCH] Firewall: Skip rules on boot when red has no ip --- config/firewall/rules.pl | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index d8adb156b..40ca8245f 100755 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -258,6 +258,10 @@ sub buildrules $PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' '); foreach my $a (sort keys %sourcehash){ foreach my $b (sort keys %targethash){ + if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){ + #Skip rules when no RED IP is set (DHCP,DSL) + next; + } next if ($targethash{$b}[0] eq 'none'); $STAG=''; if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){ @@ -342,6 +346,10 @@ sub buildrules } foreach my $a (sort keys %sourcehash){ foreach my $b (sort keys %targethash){ + if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){ + #Skip rules when no RED IP is set (DHCP,DSL) + next; + } next if ($targethash{$b}[0] eq 'none'); $STAG=''; if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){ @@ -557,7 +565,7 @@ sub get_address $$hash{$key}[0]='0.0.0.0/0'; } if($base2 eq 'RED' || $base2 eq 'RED1'){ - open(FILE, "/var/ipfire/red/local-ipaddress")or die "Couldn't open local-ipaddress"; + open(FILE, "/var/ipfire/red/local-ipaddress"); $$hash{$key}[0]= ; close(FILE); }else{ -- 2.39.2