diff options
| author | An-Cheng Huang <ancheng@vyatta.com> | 2008-05-12 19:46:18 -0700 |
|---|---|---|
| committer | An-Cheng Huang <ancheng@vyatta.com> | 2008-05-12 19:46:18 -0700 |
| commit | c09cc9020f12a3790448a55afd0cfa58015cf9af (patch) | |
| tree | 03c6c5add59dada33e1c9e05747d19d476c47dc4 /scripts | |
| parent | f21ff3ed3c1cb6d93a5b3aaeee5f9faeb73e74d0 (diff) | |
| download | vyatta-nat-c09cc9020f12a3790448a55afd0cfa58015cf9af.tar.gz vyatta-nat-c09cc9020f12a3790448a55afd0cfa58015cf9af.zip | |
fix for bug 3249: disallow multiport if both source and destination ports
are specified.
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/VyattaNatRule.pm | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/scripts/VyattaNatRule.pm b/scripts/VyattaNatRule.pm index 2e57df6..03240bc 100644 --- a/scripts/VyattaNatRule.pm +++ b/scripts/VyattaNatRule.pm @@ -288,14 +288,20 @@ sub rule_str { } # source rule string - my ($addr_str, $addr_err) = $src->rule(); - return (undef, $addr_err) if (!defined($addr_str)); - $rule_str .= " $addr_str"; + my ($src_str, $src_err) = $src->rule(); + return (undef, $src_err) if (!defined($src_str)); # destination rule string - ($addr_str, $addr_err) = $dst->rule(); - return (undef, $addr_err) if (!defined($addr_str)); - $rule_str .= " $addr_str"; + my ($dst_str, $dst_err) = $dst->rule(); + return (undef, $dst_err) if (!defined($dst_str)); + + if ((grep /multiport/, $src_str) || (grep /multiport/, $dst_str)) { + if ((grep /sport/, $src_str) && (grep /dport/, $dst_str)) { + return (undef, 'cannot specify multiple ports when both ' + . 'source and destination ports are specified'); + } + } + $rule_str .= " $src_str $dst_str"; return ($rule_str, undef); } |