diff options
| author | Stig Thormodsrud <stig@vyatta.com> | 2009-06-14 11:14:37 -0700 |
|---|---|---|
| committer | Stig Thormodsrud <stig@vyatta.com> | 2009-06-14 11:23:54 -0700 |
| commit | 7675f0cb3e5af8079b75965279ccb3c8b7134ec7 (patch) | |
| tree | bba7e638ee71ae420f0d5ed972c3fdf3f808e971 /scripts/firewall/vyatta-firewall.pl | |
| parent | bb04b19bb10934ecc4c5ef0f6e06065e88f544f2 (diff) | |
| download | vyatta-cfg-firewall-7675f0cb3e5af8079b75965279ccb3c8b7134ec7.tar.gz vyatta-cfg-firewall-7675f0cb3e5af8079b75965279ccb3c8b7134ec7.zip | |
Fix 4581: Firewall name issue causes failed commit
Diffstat (limited to 'scripts/firewall/vyatta-firewall.pl')
| -rwxr-xr-x | scripts/firewall/vyatta-firewall.pl | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/scripts/firewall/vyatta-firewall.pl b/scripts/firewall/vyatta-firewall.pl index 9cfe279..209791d 100755 --- a/scripts/firewall/vyatta-firewall.pl +++ b/scripts/firewall/vyatta-firewall.pl @@ -273,7 +273,7 @@ sub is_conntrack_enabled { return 0 if scalar(@lines) < 1; foreach my $line (@lines) { - if ($line =~ /^([^\.]+)\.([^\.]+)$/) { + if ($line =~ /^([^\s]+)\s([^\s]+)$/) { my ($tree, $chain) = ($1, $2); return 1 if $cmd_hash{$tree} eq $iptables_cmd; } else { @@ -290,7 +290,7 @@ sub is_tree_in_use { my @lines = read_refcnt_file($fw_tree_file); my %tree_hash; foreach my $line (@lines) { - if ($line =~ /^([^\.]+)\.([^\.]+)$/) { + if ($line =~ /^([^\s]+)\s([^\s]+)$/) { my ($tmp_tree, $tmp_chain) = ($1, $2); $tree_hash{$tmp_tree}++; } else { @@ -350,7 +350,7 @@ sub update_rules { exit 1; } setup_chain($table, "$name", $iptables_cmd, $policy); - add_refcnt($fw_tree_file, "$tree.$name"); + add_refcnt($fw_tree_file, "$tree $name"); # handle the rules below. } elsif ($nodes{$name} eq 'deleted') { @@ -364,7 +364,7 @@ sub update_rules { exit 1; } delete_chain($table, "$name", $iptables_cmd); - remove_refcnt($fw_tree_file, "$tree.$name"); + remove_refcnt($fw_tree_file, "$tree $name"); goto end_of_rules; } elsif ($nodes{$name} eq 'changed') { log_msg "$tree $name = changed\n"; @@ -410,7 +410,7 @@ sub update_rules { if ($nodes{$name} eq 'added') { # undo setup_chain work, remove_refcnt delete_chain($table, "$name", $iptables_cmd); - remove_refcnt($fw_tree_file, "$tree.$name"); + remove_refcnt($fw_tree_file, "$tree $name"); } print STDERR "Firewall config error: $err_str\n"; exit 1; @@ -426,7 +426,7 @@ sub update_rules { if ($nodes{$name} eq 'added') { # undo setup_chain work, remove_refcnt delete_chain($table, "$name", $iptables_cmd); - remove_refcnt($fw_tree_file, "$tree.$name"); + remove_refcnt($fw_tree_file, "$tree $name"); } die "$iptables_cmd error: $! - $_"; } @@ -492,10 +492,10 @@ end_of_rules: my $global_stateful = is_conntrack_enabled($iptables_cmd); log_msg "stateful [$tree][$name] = [$global_stateful][$chain_stateful]\n"; if ($chain_stateful) { - add_refcnt($fw_stateful_file, "$tree.$name"); + add_refcnt($fw_stateful_file, "$tree $name"); enable_fw_conntrack($iptables_cmd) if ! $global_stateful; } else { - remove_refcnt($fw_stateful_file, "$tree.$name"); + remove_refcnt($fw_stateful_file, "$tree $name"); disable_fw_conntrack($iptables_cmd) if ! is_conntrack_enabled($iptables_cmd); } } |