diff options
| author | Stig Thormodsrud <stig@io.vyatta.com> | 2009-02-06 14:20:17 -0800 |
|---|---|---|
| committer | Stig Thormodsrud <stig@io.vyatta.com> | 2009-02-06 14:20:17 -0800 |
| commit | 7001e2e8453939b4871ce83135c047f1ebea6d1a (patch) | |
| tree | cb8159856814c31b01b69978766bd7d5531bdc24 | |
| parent | ed9e49270e7128cb82af76612b6beb7a4f82924e (diff) | |
| download | vyatta-nat-7001e2e8453939b4871ce83135c047f1ebea6d1a.tar.gz vyatta-nat-7001e2e8453939b4871ce83135c047f1ebea6d1a.zip | |
Fix 4107: nat inside-address port doesn't allow name of port
| -rw-r--r-- | lib/Vyatta/NatRule.pm | 32 |
1 files changed, 22 insertions, 10 deletions
diff --git a/lib/Vyatta/NatRule.pm b/lib/Vyatta/NatRule.pm index 8a0670c..84b0b2e 100644 --- a/lib/Vyatta/NatRule.pm +++ b/lib/Vyatta/NatRule.pm @@ -216,16 +216,22 @@ statically maps a whole network of addresses onto another network of addresses") $to_src .= ":"; } my ($success, $err) = (undef, undef); - if ($self->{_outside_addr}->{_port} =~ /-/) { + my $port = $self->{_outside_addr}->{_port}; + if ($port =~ /-/) { ($success, $err) - = Vyatta::Misc::isValidPortRange($self->{_outside_addr}->{_port}, '-'); + = Vyatta::Misc::isValidPortRange($port, '-'); return (undef, $err) if (!defined($success)); - } else { + } elsif ($port =~ /^\d/) { ($success, $err) - = Vyatta::Misc::isValidPortNumber($self->{_outside_addr}->{_port}); + = Vyatta::Misc::isValidPortNumber($port); + return (undef, $err) if (!defined($success)); + } else { + ($success, $err) + = Vyatta::Misc::isValidPortName($port); return (undef, $err) if (!defined($success)); + $port = getservbyname($port, $self->{_proto}); } - $to_src .= "$self->{_outside_addr}->{_port}"; + $to_src .= "$port"; } if ($self->{_exclude}) { @@ -307,16 +313,22 @@ statically maps a whole network of addresses onto another network of addresses") statically maps a whole network of addresses onto another network of addresses"); } my ($success, $err) = (undef, undef); - if ($self->{_inside_addr}->{_port} =~ /-/) { + my $port = $self->{_inside_addr}->{_port}; + if ($port =~ /-/) { ($success, $err) - = Vyatta::Misc::isValidPortRange($self->{_inside_addr}->{_port}, '-'); + = Vyatta::Misc::isValidPortRange($port, '-'); + return (undef, $err) if (!defined($success)); + } elsif ($port =~ /^\d/) { + ($success, $err) + = Vyatta::Misc::isValidPortNumber($port); return (undef, $err) if (!defined($success)); } else { - ($success, $err) - = Vyatta::Misc::isValidPortNumber($self->{_inside_addr}->{_port}); + ($success, $err) + = Vyatta::Misc::isValidPortName($port); return (undef, $err) if (!defined($success)); + $port = getservbyname($port, $self->{_proto}); } - $to_dst .= ":$self->{_inside_addr}->{_port}"; + $to_dst .= ":$port"; } if ($self->{_exclude}) { |