From ec022f4282e96546842fb47b82483321c6fef472 Mon Sep 17 00:00:00 2001
From: Olivier Blin <oblin@mandriva.com>
Date: Wed, 26 Mar 2008 15:01:18 +0000
Subject: allow to accept local users for specific ports

---
 lib/network/shorewall.pm | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'lib')

diff --git a/lib/network/shorewall.pm b/lib/network/shorewall.pm
index fc19c92..de22d75 100644
--- a/lib/network/shorewall.pm
+++ b/lib/network/shorewall.pm
@@ -94,6 +94,7 @@ sub read {
                     map { "$_/$e->[3]" } split(',', $e->[4]);
                 } grep { $_->[0] eq 'ACCEPT' && $_->[1] eq 'net' } @rules),
                );
+    $conf{accept_local_user}{$_->[4]} = $_->[8] foreach grep { $_->[0] eq 'ACCEPT+' } @rules;
     $conf{redirects}{$_->[3]}{$_->[4]} = $_->[2] foreach grep { $_->[0] eq 'REDIRECT' } @rules;
 
     if (my ($e) = get_config_file('masq')) {
@@ -184,6 +185,10 @@ What do you want to do?"),
     		    if_($use_pptp, [ 'ACCEPT', 'fw', 'loc:10.0.0.138', 'tcp', '1723' ]),
 		    if_($use_pptp, [ 'ACCEPT', 'fw', 'loc:10.0.0.138', 'gre' ]),
 		    (map_each { [ 'ACCEPT', 'net', 'fw', $::a, join(',', @$::b), '-' ] } %$ports_by_proto),
+		    (map_each {
+                        print "b: $::b\n";
+                        if_($::b, [ 'ACCEPT+', 'fw', 'net', 'tcp', $::a, '-', '-', '-', $::b ]);
+		    } %{$conf->{accept_local_user}}),
 		    (map {
                         #- WARNING: won't redirect ports from the firewall system if a local zone exists
 			map_each {
-- 
cgit v1.2.1