The docs mention --<opt> as valid syntax for firewall rules, but the
code that parses the .fw files only accepts -<opt>. To make it
consistent with the docs and the API, also accept --<opt>.
In addition allow 'proto' as option, not only '-p'.
Signed-off-by: Mira Limbeck <m.limb...@proxmox.com>
---
src/PVE/Firewall.pm | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 0bbe7d2..92ea33d 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -2747,33 +2747,33 @@ sub parse_fw_rule {
last if $rule->{type} eq 'group';
- if ($line =~ s/^-p (\S+)\s*//) {
+ if ($line =~ s/^(?:-p|--?proto) (\S+)\s*//) {
$rule->{proto} = $1;
next;
}
- if ($line =~ s/^-dport (\S+)\s*//) {
+ if ($line =~ s/^--?dport (\S+)\s*//) {
$rule->{dport} = $1;
next;
}
- if ($line =~ s/^-sport (\S+)\s*//) {
+ if ($line =~ s/^--?sport (\S+)\s*//) {
$rule->{sport} = $1;
next;
}
- if ($line =~ s/^-source (\S+)\s*//) {
+ if ($line =~ s/^--?source (\S+)\s*//) {
$rule->{source} = $1;
next;
}
- if ($line =~ s/^-dest (\S+)\s*//) {
+ if ($line =~ s/^--?dest (\S+)\s*//) {
$rule->{dest} = $1;
next;
}
- if ($line =~ s/^-log
(emerg|alert|crit|err|warning|notice|info|debug|nolog)\s*//) {
+ if ($line =~ s/^--?log
(emerg|alert|crit|err|warning|notice|info|debug|nolog)\s*//) {
$rule->{log} = $1;
next;
}
- if ($line =~ s/^-icmp-type (\S+)\s*//) {
+ if ($line =~ s/^--?icmp-type (\S+)\s*//) {
$rule->{'icmp-type'} = $1;
next;
}
--
2.20.1
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
