WYAE - FWTOOLS Mailing List Archive
| service template enhancement
|
| From: | Kevin Steves |
| Date: | Fri, 6 May 2005 09:22:12 -0700
|
Patch from Stefan Brunner to add the
following enhancements for services template:
1) add protocol variable: set to protocol for type "other"
2) set sport_from to ICMP type if set
3) set sport_to to ICMP code if set
4) set d_port to UUID if set
5) add timeout variable for custom service timeout
--- fw1rules-7.3.42.orig/fw1rules.pl Tue Nov 30 02:53:01 2004
+++ fw1rules-7.3.42/fw1rules.pl Fri May 6 08:58:18 2005
@@ -680,6 +680,7 @@
# $svc_number = number of services read
# @svc_name = names of all services
# %svc_type = tcp, udp, icmp, rpc, group
+# %svc_protocol = protocol for type other
# %svc_dst_port = destination port
# %svc_src_low = range source port from
# %svc_src_high = range source port to
@@ -690,6 +691,7 @@
# %svc_colour = colour of the service
# %svc_used = count service usage in the rulebase
# (set later when evaluating the ruleset)
+# %svc_timeout = timeout of the service
sub ReadServices{
my ($dummy) = '';
my ($name) = '';
@@ -724,6 +726,8 @@
$svc_dst_port{$name} = $lineparam;
} elsif ( $line =~ /^\t\t\t:type \(/ ){
$svc_type{$name} = lc($lineparam);
+ } elsif ( $line =~ /^\t\t\t:protocol \(/ ){ # protocol for type other
+ $svc_protocol{$name} = $lineparam;
} elsif ( $line =~ /^\t\t\t:exp \(/ ){ # ICMP extensions
$lineparam =~ s/\"//g;
if ($svc_type{$name} =~ /^other$/i) {
@@ -744,6 +748,12 @@
$svc_src_low{$name} = $lineparam;
} elsif ( $line =~ /^\t\t\t:src_port_to \(/ ){
$svc_src_high{$name} = $lineparam;
+ } elsif ( $line =~ /^\t\t\t:icmp_type \(/ ){
+ $svc_src_low{$name} = $lineparam;
+ } elsif ( $line =~ /^\t\t\t:icmp_code \(/ ){
+ $svc_src_high{$name} = $lineparam;
+ } elsif ( $line =~ /^\t\t\t:uuid \(/ ){
+ $svc_dst_port{$name} = $lineparam;
} elsif ( $line =~ /^\t\t\t:prematch \(/ ){
$svc_match{$name} = $lineparam;
} elsif ( $line =~ /^\t\t\t:prolog \(/ ){
@@ -755,6 +765,8 @@
} elsif ( $line =~ /^\t\t\t:color \(/ ){
$svc_colour{$name} = lc($lineparam);
$svc_colour{$name} =~ s/^\"|\"$//g; #--- remove " at beginning and end
+ } elsif ( $line =~ /^\t\t\t:timeout \(/ ){
+ $svc_timeout{$name} = $lineparam;
} elsif ( $line =~ /^\t\t\t: \(ReferenceObject/ ){
while ( ($line = ) && ( fromdos("$line") ne "\t\t\t)" ) ) {
$line = &fromdos($line);
@@ -3561,9 +3573,11 @@
if ( $svc_used{$name} || $FLAG_allservices ) {
$line =~ s/<<>>/$name/g;
$line =~ s/<<>>/$svc_type{$name}/g;
+ $line =~ s/<<>>/$svc_protocol{$name}/g;
$line =~ s/<<>>/$svc_dst_port{$name}/g;
$line =~ s/<<>>/$svc_src_low{$name}/g;
$line =~ s/<<>>/$svc_src_high{$name}/g;
+ $line =~ s/<<>>/$svc_timeout{$name}/g;
$line =~ s/<<>>/$svc_match{$name}/g;
$line =~ s/<<>>/$svc_prolog{$name}/g;
$svcmem = "$svc_members{$name}"; $svcmem =~ s/§/$TemplateITEMSEP/g;
--- StripMime Report --
Plain text mail. Excellent! Won't be converted or stripped.
---
