diff options
| author | Olivier Blin <oblin@mandriva.com> | 2008-03-26 14:41:34 +0000 |
|---|---|---|
| committer | Olivier Blin <oblin@mandriva.com> | 2008-03-26 14:41:34 +0000 |
| commit | 9d123c26749cbcf7498b0051abf5777a9031ecde (patch) | |
| tree | 0e02826961172968c9d632f4528cd2f0a310b787 | |
| parent | 2009218ba0e971ebf51551b979d4f1e9261ef752 (diff) | |
| download | drakx-net-9d123c26749cbcf7498b0051abf5777a9031ecde.tar drakx-net-9d123c26749cbcf7498b0051abf5777a9031ecde.tar.gz drakx-net-9d123c26749cbcf7498b0051abf5777a9031ecde.tar.bz2 drakx-net-9d123c26749cbcf7498b0051abf5777a9031ecde.tar.xz drakx-net-9d123c26749cbcf7498b0051abf5777a9031ecde.zip | |
add has_loc_zone variable
| -rw-r--r-- | lib/network/shorewall.pm | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/network/shorewall.pm b/lib/network/shorewall.pm index f9eb027..5588792 100644 --- a/lib/network/shorewall.pm +++ b/lib/network/shorewall.pm @@ -133,6 +133,7 @@ sub write { my ($conf, $o_in) = @_; my $use_pptp = any { /^ppp/ && cat_("$::prefix/etc/ppp/peers/$_") =~ /pptp/ } @{$conf->{net_zone}}; my $ports_by_proto = ports_by_proto($conf->{ports}); + my $has_loc_zone = to_bool(@{$conf->{loc_zone} || []}); my ($include_drakx, $other_rules) = partition { $_ eq "INCLUDE\trules.drakx\n" } grep { !/^#/ } cat_("$::prefix${shorewall_root}/rules"); #- warn if the config is already in rules.drakx and additionnal rules are configured @@ -162,7 +163,7 @@ What do you want to do?"), set_config_file("zones", [ 'net', 'ipv4' ], - if_($conf->{loc_zone}[0], [ 'loc', 'ipv4' ]), + if_($has_loc_zone, [ 'loc', 'ipv4' ]), [ 'fw', 'firewall' ], ); set_config_file('interfaces', @@ -170,7 +171,7 @@ What do you want to do?"), (map { $interface_settings->('loc', $_) } @{$conf->{loc_zone} || []}), ); set_config_file('policy', - if_($conf->{loc_zone}[0], [ 'loc', 'net', 'ACCEPT' ], [ 'loc', 'fw', 'ACCEPT' ], [ 'fw', 'loc', 'ACCEPT' ]), + if_($has_loc_zone, [ 'loc', 'net', 'ACCEPT' ], [ 'loc', 'fw', 'ACCEPT' ], [ 'fw', 'loc', 'ACCEPT' ]), [ 'fw', 'net', 'ACCEPT' ], [ 'net', 'all', 'DROP', if_($conf->{log_net_drop}, 'info') ], [ 'all', 'all', 'REJECT', 'info' ], |