diff options
author | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2012-04-30 16:12:05 -0700 |
---|---|---|
committer | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2012-04-30 16:12:05 -0700 |
commit | 6fe2161e469ef7a4aeffcdb9567611481204d144 (patch) | |
tree | 03687452f0b3d15830bb323ff6b85063e966d966 /lib/Vyatta | |
parent | ca1b8b565f86245cf413fb14a3e4a4e5a1a3a1de (diff) | |
download | vyatta-cfg-firewall-6fe2161e469ef7a4aeffcdb9567611481204d144.tar.gz vyatta-cfg-firewall-6fe2161e469ef7a4aeffcdb9567611481204d144.zip |
service names with hyphen need to be escaped using square brackets.
Diffstat (limited to 'lib/Vyatta')
-rwxr-xr-x | lib/Vyatta/IpTables/IpSet.pm | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/lib/Vyatta/IpTables/IpSet.pm b/lib/Vyatta/IpTables/IpSet.pm index 607333c..583085e 100755 --- a/lib/Vyatta/IpTables/IpSet.pm +++ b/lib/Vyatta/IpTables/IpSet.pm @@ -337,12 +337,14 @@ sub add_member_range { } sub add_member { - my ($self, $member, $alias) = @_; + my ($self, $member, $alias, $hyphenated_port) = @_; return "Error: undefined group name" if ! defined $self->{_name}; return "Error: group [$self->{_name}] doesn't exists\n" if !$self->exists(); - if ($member =~ /^([^-]+)-([^-]+)$/) { + # service name or port name may contain a hyphen, which needs to be escaped + # using square brackets in ipset, to avoid confusion with port ranges + if (($member =~ /^([^-]+)-([^-]+)$/) and ($hyphenated_port eq 'false')) { return $self->add_member_range($1, $2, $alias); } @@ -378,12 +380,14 @@ sub delete_member_range { } sub delete_member { - my ($self, $member) = @_; + my ($self, $member, $hyphenated_port) = @_; return "Error: undefined group name" if ! defined $self->{_name}; return "Error: group [$self->{_name}] doesn't exists\n" if !$self->exists(); - if ($member =~ /^([^-]+)-([^-]+)$/) { + # service name or port name may contain a hyphen, which needs to be escaped + # using square brackets in ipset, to avoid confusion with port ranges + if (($member =~ /^([^-]+)-([^-]+)$/) and ($hyphenated_port eq 'false')) { return $self->delete_member_range($1, $2); } |