From 7001e2e8453939b4871ce83135c047f1ebea6d1a Mon Sep 17 00:00:00 2001
From: Stig Thormodsrud <stig@io.vyatta.com>
Date: Fri, 6 Feb 2009 14:20:17 -0800
Subject: Fix 4107: nat inside-address port doesn't allow name of port

---
 lib/Vyatta/NatRule.pm | 32 ++++++++++++++++++++++----------
 1 file changed, 22 insertions(+), 10 deletions(-)

(limited to 'lib')

diff --git a/lib/Vyatta/NatRule.pm b/lib/Vyatta/NatRule.pm
index 8a0670c..84b0b2e 100644
--- a/lib/Vyatta/NatRule.pm
+++ b/lib/Vyatta/NatRule.pm
@@ -216,16 +216,22 @@ statically maps a whole network of addresses onto another network of addresses")
         $to_src .= ":";
       }
       my ($success, $err) = (undef, undef);
-      if ($self->{_outside_addr}->{_port} =~ /-/) {
+      my $port = $self->{_outside_addr}->{_port};
+      if ($port =~ /-/) {
         ($success, $err)
-          = Vyatta::Misc::isValidPortRange($self->{_outside_addr}->{_port}, '-');
+          = Vyatta::Misc::isValidPortRange($port, '-');
         return (undef, $err) if (!defined($success));
-      } else {
+      } elsif ($port =~ /^\d/) {
         ($success, $err)
-          = Vyatta::Misc::isValidPortNumber($self->{_outside_addr}->{_port});
+          = Vyatta::Misc::isValidPortNumber($port);
+        return (undef, $err) if (!defined($success));
+      } else {
+	($success, $err)
+	  = Vyatta::Misc::isValidPortName($port);
         return (undef, $err) if (!defined($success));
+	$port = getservbyname($port, $self->{_proto});
       }
-      $to_src .= "$self->{_outside_addr}->{_port}";
+      $to_src .= "$port";
     }
     
     if ($self->{_exclude}) {
@@ -307,16 +313,22 @@ statically maps a whole network of addresses onto another network of addresses")
 statically maps a whole network of addresses onto another network of addresses");
       }
       my ($success, $err) = (undef, undef);
-      if ($self->{_inside_addr}->{_port} =~ /-/) {
+      my $port = $self->{_inside_addr}->{_port};
+      if ($port =~ /-/) {
         ($success, $err)
-          = Vyatta::Misc::isValidPortRange($self->{_inside_addr}->{_port}, '-');
+          = Vyatta::Misc::isValidPortRange($port, '-');
+        return (undef, $err) if (!defined($success));
+      } elsif ($port =~ /^\d/) {
+	($success, $err)
+	  = Vyatta::Misc::isValidPortNumber($port);
         return (undef, $err) if (!defined($success));
       } else {
-        ($success, $err)
-          = Vyatta::Misc::isValidPortNumber($self->{_inside_addr}->{_port});
+	  ($success, $err)
+	  = Vyatta::Misc::isValidPortName($port);
         return (undef, $err) if (!defined($success));
+	$port = getservbyname($port, $self->{_proto});
       }
-      $to_dst .= ":$self->{_inside_addr}->{_port}";
+      $to_dst .= ":$port";
     }
     
     if ($self->{_exclude}) {
-- 
cgit v1.2.3