WYAE - FWTOOLS Mailing List Archive

Re: bug fix - ICMP and IP protocol numbers w/ NG
From:	Don Wood
Date:	Thu, 21 Oct 2004 16:54:18 -0500

There was an error in my first attempt at this patch.  I neglected to
translate the ICMP type from a number to a name.  Here is the
corrected patch.

--------------------------
$ diff fw1rules-7.3.41.pl fw1rules.pl
736a737,740
>                 } elsif ( $line =~ /^\t\t\t:icmp_type \(/ ){      # ICMP for NG
>                    $svc_dst_port{$name} = $ICMPtranslate{$lineparam};
>                 } elsif ( $line =~ /^\t\t\t:protocol \(/ ){      # IP prot for NG
>                    $svc_dst_port{$name} = $lineparam;
--------------------------

On Thu, 21 Oct 2004 15:44:38 -0500, Don Wood  wrote:
> Hi Volker,
> 
> Thanks for getting that last patch included so quickly.  I have a
> second similar patch for an issue that I believe only effects NG style
> object files.  With 4.1 the ":exp" field holds the data for ICMP or IP
> protocol numbers, but NG breaks them out into ":icmp_type" and
> ":protocol".  This patch should not affect 4.1 object files, and will
> mimic the 4.1 functionality with NG object files.
> 
> --------------------------
> $ diff fw1rules-7.3.41.pl fw1rules.pl
> 736a737,740
> >                 } elsif ( $line =~ /^\t\t\t:icmp_type \(/ ){      # ICMP for NG
> >                    $svc_dst_port{$name} = $lineparam;
> >                 } elsif ( $line =~ /^\t\t\t:protocol \(/ ){      # IP prot for NG
> >                    $svc_dst_port{$name} = $lineparam;
> --------------------------
> 
> In context
> --------------------------
>                 } elsif ( $line =~ /^\t\t\t:exp \(/ ){           #
> ICMP extensions
>                    $lineparam =~ s/\"//g;
>                    if ($svc_type{$name} =~ /^other$/i) {
>                        $lineparam =~ s/\"//g;
>                        $svc_dst_port{$name} = $lineparam;
>                    } else {
>                        $lineparam =~ s/\"//g;
>                        $svc_dst_port{$name} = $ICMPtranslate{$lineparam};
>                    }
>                    $svc_dst_port{$name} = $ICMPtranslate{$lineparam};
>                 } elsif ( $line =~ /^\t\t\t:icmp_type \(/ ){     # PATCH
>                    $svc_dst_port{$name} = $lineparam;     # PATCH
>                 } elsif ( $line =~ /^\t\t\t:protocol \(/ ){          # PATCH
>                    $svc_dst_port{$name} = $lineparam;      # PATCH
>                 } elsif ( $line =~ /^\t\t\t:port \(/ ){          #
> TCP/UDP destination port
>                    $lineparam =~ tr/-/:/;
>                    $svc_dst_port{$name} = $lineparam;
> --------------------------
>

--- StripMime Report -- 
Plain text mail. Excellent! Won't be converted or stripped.
---