From 08d07c92584a7cf5da9762fd585fff8090a89def Mon Sep 17 00:00:00 2001
From: Maarten Vanraes <alien@mageia.org>
Date: Tue, 30 Dec 2014 19:27:51 +0100
Subject: make sure net and loc zones don't have the same interface (mga#14904)

---
 bin/drakgw | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'bin')

diff --git a/bin/drakgw b/bin/drakgw
index 76532bd..974c0ee 100755
--- a/bin/drakgw
+++ b/bin/drakgw
@@ -125,6 +125,8 @@ What would you like to do?"); #- FIXME : not used for now
 	      data => [ { label => N("Net Device"), val => \$shorewall->{masq}{net_interface}, list => [ sort keys %{$net->{ifcfg}} ], format => sub { network::tools::get_interface_description($net, $_[0]) } } ],
 	      post => sub {
 		  network::shorewall::add_interface_to_net_zone($shorewall, $shorewall->{masq}{net_interface});
+		  # filter out the chosen net interface from loc_zone
+		  $shorewall->{loc_zone} = [ grep {!/^$shorewall->{masq}{net_interface}$/} @{$shorewall->{loc_zone}} ];
 		  # if loc_zone is unconfigured and has no interfaces, have all interfaces be local (except the chosen net interface)
 		  $shorewall->{loc_zone} = [ sort grep {!/^$shorewall->{masq}{net_interface}$/} keys %{$net->{ifcfg}} ] if scalar(@{$shorewall->{loc_zone}}) == 0;
 		  my $locals = @{$shorewall->{loc_zone}};
@@ -170,6 +172,10 @@ configuring Internet Connection sharing.", format_interfaces($lan_interface_name
 	     lan_configure =>
 	     {
 	      pre => sub {
+		  # filter out loc_zone interfaces from net_zone
+		  for my $loc_if (@{$shorewall->{loc_zone}}) {
+		      $shorewall->{net_zone} = [ grep {!/^$loc_if$/} @{$shorewall->{net_zone}} ];
+		  }
 		  $lan_intf = $net->{ifcfg}{$lan_interface_name} ||= {};
 		  $lan_intf->{DEVICE} = $lan_interface_name;
 		  $lan_intf->{ONBOOT} = 'yes';
-- 
cgit v1.2.1