summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGaurav Sinha <gaurav.sinha@vyatta.com>2012-09-10 15:13:37 -0700
committerGaurav Sinha <gaurav.sinha@vyatta.com>2012-09-10 15:13:37 -0700
commit29bf9110d7c576e8c965e7f976ca364599c43391 (patch)
treea4978e925faaf7e8f277df53ac1754b2bd07ae64
parente66ece266359e4e3a684b2570dfd2dc014154a67 (diff)
downloadvyatta-conntrack-29bf9110d7c576e8c965e7f976ca364599c43391.tar.gz
vyatta-conntrack-29bf9110d7c576e8c965e7f976ca364599c43391.zip
8325: do port check on negated protocol input
-rw-r--r--lib/Vyatta/Conntrack/RuleIgnore.pm6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/Vyatta/Conntrack/RuleIgnore.pm b/lib/Vyatta/Conntrack/RuleIgnore.pm
index 7c3f668..30cd33d 100644
--- a/lib/Vyatta/Conntrack/RuleIgnore.pm
+++ b/lib/Vyatta/Conntrack/RuleIgnore.pm
@@ -80,7 +80,7 @@ sub setup_base {
my $rule = $self->{_rule_number};
if (($src->{_port})) {
- if (($src->{_protocol} ne 'udp') and ($src->{_protocol} ne 'tcp')) {
+ if (!((grep /tcp/, $src->{_protocol}) or (grep /udp/, $src->{_protocol}))) {
die "Error: port requires tcp / udp as protocol in rule $rule\n";
}
}
@@ -89,10 +89,10 @@ sub setup_base {
$dst->{_protocol} = $self->{_protocol};#needed to use address filter
if (($dst->{_port})) {
- if (($dst->{_protocol} ne 'udp') and ($dst->{_protocol} ne 'tcp')) {
+ if (!((grep /tcp/, $dst->{_protocol}) or (grep /udp/, $dst->{_protocol}))) {
die "Error: port requires tcp / udp as protocol in rule $rule\n";
}
- }
+ }
return 0;
}