diff options
| author | Stig Thormodsrud <stig@vyatta.com> | 2010-03-24 17:11:19 -0700 |
|---|---|---|
| committer | Stig Thormodsrud <stig@vyatta.com> | 2010-03-24 17:11:19 -0700 |
| commit | 827abe453fccf1c5ee0f5f6ac9bb2cb806ea4d5c (patch) | |
| tree | 39a22eb3bacfedd838108d877eb6f3a1a30e34e4 /lib/Vyatta/IpTables/Rule.pm | |
| parent | a8726c8630503d2183159c1947dae59f93dda43c (diff) | |
| download | vyatta-cfg-firewall-827abe453fccf1c5ee0f5f6ac9bb2cb806ea4d5c.tar.gz vyatta-cfg-firewall-827abe453fccf1c5ee0f5f6ac9bb2cb806ea4d5c.zip | |
Fix 5203: negation in firewall rule causes deprecation message
Diffstat (limited to 'lib/Vyatta/IpTables/Rule.pm')
| -rw-r--r-- | lib/Vyatta/IpTables/Rule.pm | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/lib/Vyatta/IpTables/Rule.pm b/lib/Vyatta/IpTables/Rule.pm index 6105ae7..e6b6ca7 100644 --- a/lib/Vyatta/IpTables/Rule.pm +++ b/lib/Vyatta/IpTables/Rule.pm @@ -332,14 +332,18 @@ sub rule { # set the protocol if (defined($self->{_protocol})) { - my $str = $self->{_protocol}; - $str =~ s/^\!(.*)$/! $1/; - if ($str eq 'tcp_udp') { - $tcp_and_udp = 1; - $rule .= " -p tcp "; # we'll add the '-p udp' to 2nd rule later - } else { - $rule .= " -p $str "; - } + my $str = $self->{_protocol}; + my $negate = ''; + if ($str =~ /^\!(.*)$/) { + $str = $1; + $negate = '! '; + } + if ($str eq 'tcp_udp') { + $tcp_and_udp = 1; + $rule .= " $negate -p tcp "; # we'll add the '-p udp' to 2nd rule later + } else { + $rule .= " $negate -p $str "; + } } my $state_str = uc (get_state_str($self)); |