From d9976a31c4e34a2787c2bc5212e6e8c49e95b442 Mon Sep 17 00:00:00 2001
From: Stig Thormodsrud <stig@io.vyatta.com>
Date: Sat, 20 Dec 2008 13:55:39 -0800
Subject: Fix 3626: Not all protocol numbers are accepted in firewall rules.

---
 lib/Vyatta/TypeChecker.pm | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lib')

diff --git a/lib/Vyatta/TypeChecker.pm b/lib/Vyatta/TypeChecker.pm
index 124dc17..086fee7 100755
--- a/lib/Vyatta/TypeChecker.pm
+++ b/lib/Vyatta/TypeChecker.pm
@@ -124,6 +124,10 @@ sub validate_protocol {
   my $value = shift;
   $value = lc $value;
   return 1 if ($value eq 'all');
+  if ($value =~ /^\d+$/) {
+      # 0 has special meaning to iptables
+      return 1 if $value >= 1 and $value <= 255;
+  }
   if (!open(IN, "</etc/protocols")) {
     print "can't open /etc/protocols";
     return 0;
-- 
cgit v1.2.3