diff options
| author | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2012-04-30 16:12:05 -0700 |
|---|---|---|
| committer | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2012-04-30 16:12:05 -0700 |
| commit | 6fe2161e469ef7a4aeffcdb9567611481204d144 (patch) | |
| tree | 03687452f0b3d15830bb323ff6b85063e966d966 /scripts | |
| parent | ca1b8b565f86245cf413fb14a3e4a4e5a1a3a1de (diff) | |
| download | vyatta-cfg-firewall-6fe2161e469ef7a4aeffcdb9567611481204d144.tar.gz vyatta-cfg-firewall-6fe2161e469ef7a4aeffcdb9567611481204d144.zip | |
service names with hyphen need to be escaped using square brackets.
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/firewall/vyatta-ipset.pl | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/scripts/firewall/vyatta-ipset.pl b/scripts/firewall/vyatta-ipset.pl index 90abc34..ef964f3 100755 --- a/scripts/firewall/vyatta-ipset.pl +++ b/scripts/firewall/vyatta-ipset.pl @@ -62,19 +62,30 @@ sub ipset_check_member { } sub ipset_add_member { - my ($set_name, $member, $alias) = @_; - + my ($set_name, $member, $alias, $set_type) = @_; + my $hyphenated_port = 'false'; + if (($set_type eq 'port') and ($member =~ /^\D\w+-\w*/)){ + $member = "\[$member]"; + $hyphenated_port = 'true'; + } + die "Error: undefined member" if ! defined $member; my $group = new Vyatta::IpTables::IpSet($set_name); - return $group->add_member($member, $alias); + return $group->add_member($member, $alias, $hyphenated_port); } sub ipset_delete_member { - my ($set_name, $member) = @_; + my ($set_name, $member, $set_type) = @_; + + my $hyphenated_port = 'false'; + if (($set_type eq 'port') and ($member =~ /^\D\w+-\w*/)){ + $member = "\[$member]"; + $hyphenated_port = 'true'; + } die "Error: undefined member" if ! defined $member; my $group = new Vyatta::IpTables::IpSet($set_name); - return $group->delete_member($member); + return $group->delete_member($member, $hyphenated_port); } sub ipset_check_set_type { @@ -245,11 +256,11 @@ sub update_set { my %vals = $cfg->compareValueLists(\@ovals, \@nvals); while (1) { for my $d (@{$vals{deleted}}) { - last if (($rc = ipset_delete_member($tmpset, $d))); + last if (($rc = ipset_delete_member($tmpset, $d, $set_type))); } last if ($rc); for my $a (@{$vals{added}}) { - last if (($rc = ipset_add_member($tmpset, $a, $set_name))); + last if (($rc = ipset_add_member($tmpset, $a, $set_name, $set_type))); } last; } @@ -306,7 +317,7 @@ $rc = ipset_delete($set_name) if $action eq 'delete-set'; $rc = ipset_check_member($set_name, $set_type, $member) if $action eq 'check-member'; -$rc = ipset_add_member($set_name, $member, $alias) if $action eq 'add-member'; +$rc = ipset_add_member($set_name, $member, $alias, $set_type) if $action eq 'add-member'; $rc = ipset_delete_member($set_name, $member) if $action eq 'delete-member'; |