Commit c6bed2a2 authored by Patrick J Cherry's avatar Patrick J Cherry
Browse files

* Fixed bug in Firewall::Directory

 * Changed "-" to "|" when specifying ranges for the firewall.
parent a7d9f31f
......@@ -63,7 +63,7 @@ test: ext/symbiosis_utmp.so
@touch i/outgoing.d/00-related
@touch i/outgoing.d/10-match-uid-not-www-data
@echo "212.110.161.177" > i/outgoing.d/20-accept
@echo "2001:41c8:20:862:ac1:1::" >> i/outgoing.d/20-accept
@echo "2001:41c8:20:862:ac1:1::|48" >> i/outgoing.d/20-accept
@touch i/outgoing.d/99-reject
@ruby -I lib ./sbin/symbiosis-firewall -p ./i -t rule.d -x -v -d
......
......@@ -132,7 +132,7 @@ module Symbiosis
ips << name
when String
ips << IPAddr.new(name)
when Nilclass
when NilClass
ips << name
else
warn "#{name.inspect} could not be resolved because it is a #{name.class}." if $VERBOSE
......@@ -296,7 +296,7 @@ module Symbiosis
#
# Cope with ranges by unmangling the CIDR notation.
#
if hostname =~ /^([0-9a-f\.:]+)-([0-9]+)$/
if hostname =~ /^([0-9a-f\.:]+)\|([0-9]+)$/
hostname = [$1, $2].join("/")
end
......
......@@ -239,7 +239,7 @@ blacklist.generate.each do |ip, ports|
#
# Check filename without .auto first.
#
fn = File.join(blacklist_d,ip.to_s.gsub("/","-"))
fn = File.join(blacklist_d,ip.to_s.gsub("/","|"))
if ( File.exists?(fn) )
puts "\tAlready manually blacklisted" if ( $VERBOSE )
......
......@@ -42,7 +42,7 @@
# Each addition is one of the two forms:
#
# 1.2.3.4.auto The IPv4 address 1.2.3.4
# 2001:123:456:789::-64.auto The IPv6 range 2001:123:456:789::/64
# 2001:123:456:789::|64.auto The IPv6 range 2001:123:456:789::/64
#
# Once that directory has been written, symbiosis-firewall(1) is called with
# the reload-whitelist action.
......@@ -226,7 +226,7 @@ Symbiosis::Utmp.read(wtmp_file).each do |entry|
#
# Check filename without .auto first.
#
fn = File.join(whitelist_d,ip.to_s.gsub("/","-"))
fn = File.join(whitelist_d,ip.to_s.gsub("/","|"))
if ( File.exists?(fn) )
puts "\tAlready manually whitelisted" if ( $VERBOSE )
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment