summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorOlivier Blin <oblin@mandriva.com>2008-03-04 23:05:05 +0000
committerOlivier Blin <oblin@mandriva.com>2008-03-04 23:05:05 +0000
commit8e96315be9031fab37a65ee5f49e007eaebb7573 (patch)
treebda14dc9a678f83bbf80c7ace7945a681344c131 /lib
parent20dbabf1ccf99770c39317bef8a7dc9ce47e590e (diff)
downloaddrakx-net-8e96315be9031fab37a65ee5f49e007eaebb7573.tar
drakx-net-8e96315be9031fab37a65ee5f49e007eaebb7573.tar.gz
drakx-net-8e96315be9031fab37a65ee5f49e007eaebb7573.tar.bz2
drakx-net-8e96315be9031fab37a65ee5f49e007eaebb7573.tar.xz
drakx-net-8e96315be9031fab37a65ee5f49e007eaebb7573.zip
protect all interfaces by default, let the user unselect local ones (#27978)
Diffstat (limited to 'lib')
-rw-r--r--lib/network/shorewall.pm6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/network/shorewall.pm b/lib/network/shorewall.pm
index ce90d4e..a78416e 100644
--- a/lib/network/shorewall.pm
+++ b/lib/network/shorewall.pm
@@ -43,11 +43,11 @@ sub dev_to_shorewall {
}
sub get_net_zone_interfaces {
- my ($net) = @_;
+ my ($net, $all_intf) = @_;
#- read shorewall configuration first
my @interfaces = map { $_->[1] } grep { $_->[0] eq 'net' } get_config_file('interfaces');
#- else try to find the best interface available
- @interfaces ? @interfaces : dev_to_shorewall(network::tools::get_default_gateway_interface($net));
+ @interfaces ? @interfaces : @{$all_intf || []};
}
sub get_zones {
@@ -57,7 +57,7 @@ sub get_zones {
#- find all interfaces but alias interfaces
my @all_intf = grep { !/:/ } uniq(keys(%{$net->{ifcfg}}), detect_devices::get_net_interfaces());
my %net_zone = map { $_ => undef } @all_intf;
- $net_zone{$_} = 1 foreach get_net_zone_interfaces($net);
+ $net_zone{$_} = 1 foreach get_net_zone_interfaces($net, \@all_intf);
$o_in and $o_in->ask_from('', N("Please select the interfaces that will be protected by the firewall.
All interfaces directly connected to Internet should be selected,