diff options
author | Stig Thormodsrud <stig@vyatta.com> | 2010-02-12 13:08:30 -0800 |
---|---|---|
committer | Stig Thormodsrud <stig@vyatta.com> | 2010-02-12 13:08:30 -0800 |
commit | af6d8e47ecb5917f1f81b61cf536e2efac790f10 (patch) | |
tree | 96909a05ac5226b37d0d9da1f8a1bf5e4d80dc25 /lib | |
parent | e659fd609925f016b8682985313eb5322fb86115 (diff) | |
download | vyatta-cfg-firewall-af6d8e47ecb5917f1f81b61cf536e2efac790f10.tar.gz vyatta-cfg-firewall-af6d8e47ecb5917f1f81b61cf536e2efac790f10.zip |
Fix 5326: firewall group address range wraps at 255.
Diffstat (limited to 'lib')
-rwxr-xr-x | lib/Vyatta/IpTables/IpSet.pm | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/Vyatta/IpTables/IpSet.pm b/lib/Vyatta/IpTables/IpSet.pm index f0839b9..25cf74a 100755 --- a/lib/Vyatta/IpTables/IpSet.pm +++ b/lib/Vyatta/IpTables/IpSet.pm @@ -13,7 +13,7 @@ # General Public License for more details. # # This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2009 Vyatta, Inc. +# Portions created by Vyatta are Copyright (C) 2009-2010 Vyatta, Inc. # All Rights Reserved. # # Author: Stig Thormodsrud @@ -310,7 +310,8 @@ sub add_member_range { } elsif ($self->{_type} eq 'address') { # $start_ip++ won't work if it doesn't know the # prefix, so we'll make a big range. - my $start_ip = new NetAddr::IP("$start/$addr_range_mask"); + my $wrap_mask = $addr_range_mask - 1; + my $start_ip = new NetAddr::IP("$start/$wrap_mask"); my $stop_ip = new NetAddr::IP($stop); for (; $start_ip <= $stop_ip; $start_ip++) { my $rc = $self->add_member($start_ip->addr()); |