[Ipcop-svn] SF.net SVN: ipcop:[2797] ipcop/trunk/src/scripts/puzzleFwRules.pl

Tue, 05 May 2009 05:47:09 -0700 

Revision: 2797
          http://ipcop.svn.sourceforge.net/ipcop/?rev=2797&view=rev
Author:   owes
Date:     2009-05-05 12:46:45 +0000 (Tue, 05 May 2009)

Log Message:
-----------
Add source IP/network in portforward DNAT rule to (finally) close bugs 1643698 
and 1669360

Modified Paths:
--------------
    ipcop/trunk/src/scripts/puzzleFwRules.pl

Modified: ipcop/trunk/src/scripts/puzzleFwRules.pl
===================================================================
--- ipcop/trunk/src/scripts/puzzleFwRules.pl    2009-05-05 12:06:41 UTC (rev 
2796)
+++ ipcop/trunk/src/scripts/puzzleFwRules.pl    2009-05-05 12:46:45 UTC (rev 
2797)
@@ -813,19 +813,18 @@
                     $tmpDestAdr =~ s/\/255.255.255.255//;
 
                     foreach my $service (@extPfwServices) {
-
-
-                        # create DNAT rule string
-                        $rulebody = " -t nat -A PORTFW -d $extPfwAdr $service 
-j DNAT --to $tmpDestAdr";
-                        my $destService =  $services[0];
-                        my $destPort = '';
-                        if($service =~ /-p (tcp|udp)/ && $destService =~ 
/--dport\s+(\d+:\d+|\d+)/) {
-                            $destPort = $1;
-                            $destPort =~ s/:/-/;
-                            $rulebody .= ":$destPort ";
-                        }
-                        &prepareRule("$rulebody");
-
+                         foreach my $tmpSrcAdr (@srcAdres) {
+                            # create DNAT rule string
+                            $rulebody = " -t nat -A PORTFW $tmpSrcAdr -d 
$extPfwAdr $service -j DNAT --to $tmpDestAdr";
+                            my $destService =  $services[0];
+                            my $destPort = '';
+                            if($service =~ /-p (tcp|udp)/ && $destService =~ 
/--dport\s+(\d+:\d+|\d+)/) {
+                                $destPort = $1;
+                                $destPort =~ s/:/-/;
+                                $rulebody .= ":$destPort ";
+                            }
+                            &prepareRule("$rulebody");
+                         }    # foreach my $tmpSrcAdr (@srcAdres)
                     }    # foreach $service (@extPfwServices)
 
                     #######


This was sent by the SourceForge.net collaborative development platform, the 
world's largest Open Source development site.

------------------------------------------------------------------------------
The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
production scanning environment may not be a perfect world - but thanks to
Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
Series Scanner you'll get full speed at 300 dpi even with all image 
processing features enabled. http://p.sf.net/sfu/kodak-com
_______________________________________________
Ipcop-svn mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ipcop-svn

Reply via email to