Volker Tanger's
W Y A E . D E
| bug fix - ICMP and IP protocol numbers w/ NG | |
| From: | Don Wood |
| Date: | Thu, 21 Oct 2004 15:44:38 -0500 |
Hi Volker,
Thanks for getting that last patch included so quickly. I have a
second similar patch for an issue that I believe only effects NG style
object files. With 4.1 the ":exp" field holds the data for ICMP or IP
protocol numbers, but NG breaks them out into ":icmp_type" and
":protocol". This patch should not affect 4.1 object files, and will
mimic the 4.1 functionality with NG object files.
--------------------------
$ diff fw1rules-7.3.41.pl fw1rules.pl
736a737,740
> } elsif ( $line =~ /^\t\t\t:icmp_type \(/ ){ # ICMP for NG
> $svc_dst_port{$name} = $lineparam;
> } elsif ( $line =~ /^\t\t\t:protocol \(/ ){ # IP prot for NG
> $svc_dst_port{$name} = $lineparam;
--------------------------
In context
--------------------------
} elsif ( $line =~ /^\t\t\t:exp \(/ ){ #
ICMP extensions
$lineparam =~ s/\"//g;
if ($svc_type{$name} =~ /^other$/i) {
$lineparam =~ s/\"//g;
$svc_dst_port{$name} = $lineparam;
} else {
$lineparam =~ s/\"//g;
$svc_dst_port{$name} = $ICMPtranslate{$lineparam};
}
$svc_dst_port{$name} = $ICMPtranslate{$lineparam};
} elsif ( $line =~ /^\t\t\t:icmp_type \(/ ){ # PATCH
$svc_dst_port{$name} = $lineparam; # PATCH
} elsif ( $line =~ /^\t\t\t:protocol \(/ ){ # PATCH
$svc_dst_port{$name} = $lineparam; # PATCH
} elsif ( $line =~ /^\t\t\t:port \(/ ){ #
TCP/UDP destination port
$lineparam =~ tr/-/:/;
$svc_dst_port{$name} = $lineparam;
--------------------------
--- StripMime Report --
Plain text mail. Excellent! Won't be converted or stripped.
---