You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
45 lines
1.2 KiB
Plaintext
45 lines
1.2 KiB
Plaintext
{
|
|
@udpsvcs = ($DB->get_all_by_prop( UDPPort => '\d+'), $DB->get_all_by_prop( UDPPorts => '\d+(,\d+|:\d+)*'));
|
|
foreach my $filter ( sort {$a->key cmp $b->key} @udpsvcs )
|
|
{
|
|
my %props = $filter->props();
|
|
|
|
my @ports = grep { $_ } split /[;,]/, ($props{UDPPort} || '').",".($props{UDPPorts} || '');
|
|
|
|
my $deny_hosts = $props{DenyHosts} || '';
|
|
|
|
my $allow_hosts = $props{AllowHosts} || '0.0.0.0/0';
|
|
|
|
unless ( ($props{status} || 'disabled') eq 'enabled')
|
|
{
|
|
$allow_hosts = '';
|
|
}
|
|
|
|
unless ( ($props{access} || 'private') eq 'public')
|
|
{
|
|
$allow_hosts = '';
|
|
}
|
|
|
|
$OUT .= " # " . $filter->key . ": UDPPorts: " . (join ',', @ports) . ", AllowHosts: $allow_hosts, DenyHosts: $deny_hosts\n";
|
|
|
|
foreach my $port (sort { @a = split /[^\d]/, $a; @b = split /[^\d]/, $b; $a[0] <=> $b[0] || $a cmp $b } @ports)
|
|
{
|
|
foreach my $host (split(',', $deny_hosts))
|
|
{
|
|
$OUT .= <<HERE;
|
|
/sbin/iptables -A \$NEW_InboundUDP --proto udp --dport $port \\
|
|
--destination \$OUTERNET --src $host --jump denylog
|
|
HERE
|
|
}
|
|
|
|
foreach my $host (split(',', $allow_hosts))
|
|
{
|
|
$OUT .= <<HERE;
|
|
/sbin/iptables -A \$NEW_InboundUDP --proto udp --dport $port \\
|
|
--destination \$OUTERNET --src $host --jump ACCEPT
|
|
HERE
|
|
}
|
|
}
|
|
}
|
|
}
|