diff options
| author | An-Cheng Huang <ancheng@vyatta.com> | 2008-02-08 15:19:04 -0800 |
|---|---|---|
| committer | An-Cheng Huang <ancheng@vyatta.com> | 2008-02-08 15:19:04 -0800 |
| commit | 5b6d22043d674daa80efe3b72f39d951b75ccd82 (patch) | |
| tree | 70b2167c2a936c0c67fec67d6480959959ad7bca /scripts | |
| parent | 2ea5ac4cd9901a604ce92fc6836cef7dac946a09 (diff) | |
| download | vyatta-nat-5b6d22043d674daa80efe3b72f39d951b75ccd82.tar.gz vyatta-nat-5b6d22043d674daa80efe3b72f39d951b75ccd82.zip | |
move common function to vyatta-cfg
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/VyattaNatRule.pm | 69 |
1 files changed, 4 insertions, 65 deletions
diff --git a/scripts/VyattaNatRule.pm b/scripts/VyattaNatRule.pm index a840bee..eda8526 100644 --- a/scripts/VyattaNatRule.pm +++ b/scripts/VyattaNatRule.pm @@ -157,67 +157,6 @@ sub setupOrig { return 0; } -sub handle_ports { - my $port_str = shift; - my $can_use_port = shift; - my $prefix = shift; - my $proto = shift; - my $negate = ''; - if ($port_str =~ /^!(.*)$/) { - $port_str = $1; - $negate = '! '; - } - $port_str =~ s/-/:/g; - - my $num_ports = 0; - my @port_specs = split /,/, $port_str; - foreach my $port_spec (@port_specs) { - my ($success, $err) = (undef, undef); - if ($port_spec =~ /:/) { - ($success, $err) = VyattaMisc::isValidPortRange($port_spec, ':'); - if (defined($success)) { - $num_ports += 2; - next; - } else { - return (undef, $err); - } - } - if ($port_spec =~ /^\d/) { - ($success, $err) = VyattaMisc::isValidPortNumber($port_spec); - if (defined($success)) { - $num_ports += 1; - next; - } else { - return (undef, $err); - } - } - ($success, $err) = VyattaMisc::isValidPortName($port_spec, $proto); - if (defined($success)) { - $num_ports += 1; - next; - } else { - return (undef, $err); - } - } - - my $rule_str = ''; - if (($num_ports > 0) && (!$can_use_port)) { - return (undef, "ports can only be specified when protocol is \"tcp\" " - . "or \"udp\" (currently \"$proto\")"); - } - if ($num_ports > 15) { - return (undef, "source/destination port specification only supports " - . "up to 15 ports (port range counts as 2)"); - } - if ($num_ports > 1) { - $rule_str = " -m multiport --${prefix}ports ${negate}${port_str}"; - } elsif ($num_ports > 0) { - $rule_str = " --${prefix}port ${negate}${port_str}"; - } - - return ($rule_str, undef); -} - # returns (rule, error) sub rule_str { my ($self) = @_; @@ -352,15 +291,15 @@ sub rule_str { # source port(s) my ($port_str, $port_err) - = handle_ports($self->{_source}->{_port}, - $can_use_port, "s", $self->{_proto}); + = VyattaMisc::getPortRuleString($self->{_source}->{_port}, + $can_use_port, "s", $self->{_proto}); return (undef, $port_err) if (!defined($port_str)); $rule_str .= $port_str; # destination port(s) ($port_str, $port_err) - = handle_ports($self->{_destination}->{_port}, - $can_use_port, "d", $self->{_proto}); + = VyattaMisc::getPortRuleString($self->{_destination}->{_port}, + $can_use_port, "d", $self->{_proto}); return (undef, $port_err) if (!defined($port_str)); $rule_str .= $port_str; |