Commit a7a36037 authored by Ad Schellevis's avatar Ad Schellevis Committed by Franco Fichtner

(filter) extend new style FilterRule, adds icmptype, tag, tagged

(cherry picked from commit 51d2acf4)
parent dbedf1b9
...@@ -51,11 +51,14 @@ class FilterRule ...@@ -51,11 +51,14 @@ class FilterRule
'from_port' => 'parsePlain, port {,}', 'from_port' => 'parsePlain, port {,}',
'to' => 'parsePlain,to {,}', 'to' => 'parsePlain,to {,}',
'to_port' => 'parsePlain, port {,}', 'to_port' => 'parsePlain, port {,}',
'icmp-type' => 'parsePlain,icmp-type {,}',
'icmp6-type' => 'parsePlain,icmp6-type {,}', 'icmp6-type' => 'parsePlain,icmp6-type {,}',
'flags' => 'parsePlain, flags ', 'flags' => 'parsePlain, flags ',
'state' => 'parseState', 'state' => 'parseState',
'set-prio' => 'parsePlain, set prio ', 'set-prio' => 'parsePlain, set prio ',
'prio' => 'parsePlain, prio ', 'prio' => 'parsePlain, prio ',
'tag' => 'parsePlain, tag ',
'tagged' => 'parsePlain, tagged ',
'allowopts' => 'parseBool,allow-opts', 'allowopts' => 'parseBool,allow-opts',
'label' => 'parsePlain,label ",",63' 'label' => 'parsePlain,label ",",63'
); );
...@@ -236,6 +239,14 @@ class FilterRule ...@@ -236,6 +239,14 @@ class FilterRule
"/" . $tmp['max-src-conn-rates'] . ", overload <virusprot> flush global "; "/" . $tmp['max-src-conn-rates'] . ", overload <virusprot> flush global ";
} }
} }
// icmp-type switch (ipv4/ipv6)
if ($tmp['protocol'] == "icmp" && !empty($tmp['icmptype'])) {
if ($ipproto == 'inet') {
$tmp['icmp-type'] = $tmp['icmptype'];
} elseif ($ipproto == 'inet6') {
$tmp['icmp6-type'] = $tmp['icmptype'];
}
}
// icmpv6 // icmpv6
if ($ipproto == 'inet6' && !empty($tmp['protocol']) && $tmp['protocol'] == "icmp") { if ($ipproto == 'inet6' && !empty($tmp['protocol']) && $tmp['protocol'] == "icmp") {
$tmp['protocol'] = 'ipv6-icmp'; $tmp['protocol'] = 'ipv6-icmp';
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment