Cleaner fix for blank variables
parent
94cda4a94b
commit
68e996592e
|
@ -370,10 +370,10 @@ function enable_forwarding {
|
||||||
# Although these next few rules seems like they duplicate some work, they
|
# Although these next few rules seems like they duplicate some work, they
|
||||||
# actually make handling later rules simpler even if we end up blanking
|
# actually make handling later rules simpler even if we end up blanking
|
||||||
# them yet again.
|
# them yet again.
|
||||||
[[ ${dstport} != "" ]] && dstport="-"
|
[[ -z ${dstport} ]] && dstport="-"
|
||||||
[[ ${srcport} != "" ]] && srcport="-"
|
[[ -z ${srcport} ]] && srcport="-"
|
||||||
[[ ${protocol} != "" ]] && protocol="-"
|
[[ -z ${protocol} ]] && protocol="-"
|
||||||
[[ ${syn} != "" ]] && syn="-"
|
[[ -z ${syn} ]] && syn="-"
|
||||||
|
|
||||||
([[ ${bidirectional} == "yes" ]] && [[ ${srcaddress} != "-" ]]) && revsrcaddress="-d ${srcaddress}"
|
([[ ${bidirectional} == "yes" ]] && [[ ${srcaddress} != "-" ]]) && revsrcaddress="-d ${srcaddress}"
|
||||||
([[ ${bidirectional} == "yes" ]] && [[ ${dstaddress} != "-" ]]) && revdstaddress="-s ${dstaddress}"
|
([[ ${bidirectional} == "yes" ]] && [[ ${dstaddress} != "-" ]]) && revdstaddress="-s ${dstaddress}"
|
||||||
|
@ -484,7 +484,7 @@ function enable_services {
|
||||||
while read -r service protocol interface address srcaddress; do
|
while read -r service protocol interface address srcaddress; do
|
||||||
multiport="no"
|
multiport="no"
|
||||||
[[ ${service} = \#* ]] && continue
|
[[ ${service} = \#* ]] && continue
|
||||||
[[ ${service} = "" ]] && continue
|
[[ -z ${service} ]] && continue
|
||||||
[[ ${service} == "-" ]] \
|
[[ ${service} == "-" ]] \
|
||||||
&& ${display} RED "service.conf: Error - must begin with service name or port number: ${DEFAULT_COLOR}${service} ${protocol} ${interface} ${address} ${srcaddress}" && continue
|
&& ${display} RED "service.conf: Error - must begin with service name or port number: ${DEFAULT_COLOR}${service} ${protocol} ${interface} ${address} ${srcaddress}" && continue
|
||||||
[[ ${protocol} == "-" ]] \
|
[[ ${protocol} == "-" ]] \
|
||||||
|
@ -556,19 +556,27 @@ function enable_portfw {
|
||||||
([[ ${IP_VERSION} == "ipv6" ]] && [[ ${Enablev6ConnectionTracking} == "yes" ]]) && conntrack_state="${M_STATE} ${C_STATE} NEW"
|
([[ ${IP_VERSION} == "ipv6" ]] && [[ ${Enablev6ConnectionTracking} == "yes" ]]) && conntrack_state="${M_STATE} ${C_STATE} NEW"
|
||||||
while read -r service protocol intip intport interface address srcaddress; do
|
while read -r service protocol intip intport interface address srcaddress; do
|
||||||
[[ ${service} = \#* ]] && continue
|
[[ ${service} = \#* ]] && continue
|
||||||
[[ ${service} = "" ]] && continue
|
[[ -z ${service} ]] && continue
|
||||||
[[ ${service} == "-" ]] \
|
[[ ${service} == "-" ]] \
|
||||||
&& ${display} RED "service.conf: Error - must begin with service name or port number: ${DEFAULT_COLOR}${service} ${intip} ${intport} ${protocol} ${interface} ${address} ${srcaddress}" && continue
|
&& ${display} RED "service.conf: Error - must begin with service name or port number: ${DEFAULT_COLOR}${service} ${intip} ${intport} ${protocol} ${interface} ${address} ${srcaddress}" && continue
|
||||||
[[ ${protocol} == "-" ]] \
|
[[ ${protocol} == "-" ]] \
|
||||||
&& ${display} RED "service.conf: Error - protocol can not be empty: ${DEFAULT_COLOR}${service} ${intip} ${intport} ${protocol} ${interface} ${address} ${srcaddress}" && continue
|
&& ${display} RED "service.conf: Error - protocol can not be empty: ${DEFAULT_COLOR}${service} ${intip} ${intport} ${protocol} ${interface} ${address} ${srcaddress}" && continue
|
||||||
|
|
||||||
# Do some creative work with variables to make building the iptables rules fairly painless
|
# Do some creative work with variables to make building the iptables rules fairly painless
|
||||||
|
|
||||||
|
# Although these next few rules seems like they duplicate some work, they
|
||||||
|
# actually make handling later rules simpler even if we end up blanking
|
||||||
|
# them yet again.
|
||||||
|
[[ -z ${interface} ]] && interface="-"
|
||||||
|
[[ -z ${address} ]] && address="-"
|
||||||
|
[[ -z ${srcaddress} ]] && srcaddress="-"
|
||||||
|
|
||||||
[[ ${service} != "-" ]] && service="--dport ${service}"
|
[[ ${service} != "-" ]] && service="--dport ${service}"
|
||||||
[[ ${protocol} != "-" ]] && protocol="-p ${protocol}"
|
[[ ${protocol} != "-" ]] && protocol="-p ${protocol}"
|
||||||
[[ ${intip} != "-" ]] && intdest="--to-destination ${intip}:${intport}"
|
[[ ${intip} != "-" ]] && intdest="--to-destination ${intip}:${intport}"
|
||||||
([[ ${interface} != "-" ]] && [[ ${interface} != "" ]]) && interface="-i ${interface}"
|
[[ ${interface} != "-" ]] && interface="-i ${interface}"
|
||||||
([[ ${address} != "-" ]] && [[ ${address} != "" ]]) && address="-d ${address}"
|
[[ ${address} != "-" ]] && address="-d ${address}"
|
||||||
([[ ${srcaddress} != "-" ]] && [[ ${srcaddress} != "" ]]) && srcaddress="-s ${srcaddress}"
|
[[ ${srcaddress} != "-" ]] && srcaddress="-s ${srcaddress}"
|
||||||
|
|
||||||
${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Read: ${service} ${protocol} ${intip} ${intport} ${interface} ${address} ${srcaddress}"
|
${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Read: ${service} ${protocol} ${intip} ${intport} ${interface} ${address} ${srcaddress}"
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue