diff options
author | John Southworth <john.southworth@vyatta.com> | 2012-02-28 12:39:18 -0800 |
---|---|---|
committer | John Southworth <john.southworth@vyatta.com> | 2012-02-28 12:39:18 -0800 |
commit | 1c8050df7ca1a08d07aee949096ce0a71d9f8f6d (patch) | |
tree | e4d301ea28df21e743cd92199c3f8b25f3c3b441 /scripts/firewall | |
parent | 5e92c92fb57015cdd655be05ca19f5f1740af6d5 (diff) | |
download | vyatta-op-firewall-1c8050df7ca1a08d07aee949096ce0a71d9f8f6d.tar.gz vyatta-op-firewall-1c8050df7ca1a08d07aee949096ce0a71d9f8f6d.zip |
Bugfix 6870: don't use reverse dns on firewall rules
Diffstat (limited to 'scripts/firewall')
-rwxr-xr-x | scripts/firewall/vyatta-show-firewall.pl | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/scripts/firewall/vyatta-show-firewall.pl b/scripts/firewall/vyatta-show-firewall.pl index 9eed5b0..55424cd 100755 --- a/scripts/firewall/vyatta-show-firewall.pl +++ b/scripts/firewall/vyatta-show-firewall.pl @@ -275,11 +275,11 @@ sub print_detail_rule { # log enabled in rule so actual rule in iptables is second rule # now get line-num for 1st rule and use line-num+1 to list actual rule - $mul_lines=`sudo /sbin/$iptables_cmd -t $table -L $chain -xv --line-num | + $mul_lines=`sudo /sbin/$iptables_cmd -t $table -L $chain -nxv --line-num | awk '/$chain-$rule / {print \$0}'`; my @lines = split(/\s+/, $mul_lines, 2); my $line_num = $lines[0] + 1; - $string=`sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -xv | + $string=`sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -nxv | awk '/$chain-$rule / {print \$0}'`; if (defined $cli_rule->{_protocol} && $cli_rule->{_protocol} eq 'tcp_udp') { @@ -289,7 +289,7 @@ sub print_detail_rule { } else { $line_num = $line_num + 2; } - $udp_string = `sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -xv | + $udp_string = `sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -nxv | awk '/$chain-$rule / {print \$0}'`; } } elsif ( (defined($cli_rule->{_recent_time}) || defined($cli_rule->{_recent_cnt})) || @@ -297,27 +297,27 @@ sub print_detail_rule { # recent enabled but not log so actual rule in iptables is first rule # now get line-num for 1st rule and use that to list actual rule - $mul_lines=`sudo /sbin/$iptables_cmd -t $table -L $chain -xv --line-num | + $mul_lines=`sudo /sbin/$iptables_cmd -t $table -L $chain -nxv --line-num | awk '/$chain-$rule / {print \$0}'`; my @lines = split(/\s+/, $mul_lines, 2); my $line_num = $lines[0]; - $string=`sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -xv | + $string=`sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -nxv | awk '/$chain-$rule / {print \$0}'`; # we need the udp rule as well if (defined($cli_rule->{_recent_time}) || defined($cli_rule->{_recent_cnt})) { $line_num = $line_num + 2; - $udp_string=`sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -xv | + $udp_string=`sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -nxv | awk '/$chain-$rule / {print \$0}'`; } else { $line_num = $line_num + 1; - $udp_string=`sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -xv | + $udp_string=`sudo /sbin/$iptables_cmd -t $table -L $chain $line_num -nxv | awk '/$chain-$rule / {print \$0}'`; } } else { # there's a one-to-one relation between our CLI rule and iptable rule - $string=`sudo /sbin/$iptables_cmd -t $table -L $chain -xv | + $string=`sudo /sbin/$iptables_cmd -t $table -L $chain -nxv | awk '/$chain-$rule / {print \$0}'`; } |