On 02/13/2013 12:59 PM, Steven Jan Springl wrote: > Tom > > Shorewall6 rule: > > ACCEPT lan:[2001:1::1],[2001:1::2],[] wan tcp 23 > > Produces the following message: > > Use of uninitialized value $net in pattern match (m//) at > /usr/share/shorewall/Shorewall/IPAddrs.pm line 659, <$currentfile> line 19.
The attached patch seems to close that hole. Thanks Steven, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/IPAddrs.pm b/Shorewall/Perl/Shorewall/IPAddrs.pm
index dcb9080..203240b 100644
--- a/Shorewall/Perl/Shorewall/IPAddrs.pm
+++ b/Shorewall/Perl/Shorewall/IPAddrs.pm
@@ -648,12 +648,14 @@ sub resolve_6dnsname( $ ) {
sub validate_6net( $$ ) {
my ( $net, $allow_name ) = @_;
- if ( $net =~ /^\[(.*)]$/ ) {
+ if ( $net =~ /^\[(.+)]$/ ) {
$net = $1;
- } elsif ( $net =~ /^\[(.*)\]\/(\d+)$/ ) {
+ } elsif ( $net =~ /^\[(.+)\]\/(\d+)$/ ) {
$net = join( '/', $1, $2 );
}
+ fatal_error "Invalid Network Address($net)" if $net =~ /\[/;
+
($net, my $vlsm, my $rest) = split( '/', $net, 3 );
if ( $net =~ /\+(\[?)/ ) {
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
