From 1e29168fffa886b15023787a227087a32d2a904d Mon Sep 17 00:00:00 2001 From: cy Date: Tue, 27 Oct 2009 20:12:54 +0000 Subject: Incorporate a fix for fwbuilder commit #2844561 which introduced a bug when generating IP Filter statements for bi-directional filtering. --- security/fwbuilder-devel/Makefile | 1 + .../files/patch-src-pflib-PolicyCompiler_pf.cpp | 24 ++++++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 security/fwbuilder-devel/files/patch-src-pflib-PolicyCompiler_pf.cpp (limited to 'security/fwbuilder-devel') diff --git a/security/fwbuilder-devel/Makefile b/security/fwbuilder-devel/Makefile index a828bb3a84f5..ab986486fad8 100644 --- a/security/fwbuilder-devel/Makefile +++ b/security/fwbuilder-devel/Makefile @@ -7,6 +7,7 @@ PORTNAME= fwbuilder PORTVERSION= 3.0.7 +PORTREVISION= 1 CATEGORIES= security .if defined(BUILD) MASTER_SITES= http://www.fwbuilder.org/nightly_builds/fwbuilder-3.0/build-${BUILD}/ diff --git a/security/fwbuilder-devel/files/patch-src-pflib-PolicyCompiler_pf.cpp b/security/fwbuilder-devel/files/patch-src-pflib-PolicyCompiler_pf.cpp new file mode 100644 index 000000000000..9cf6bf34c322 --- /dev/null +++ b/security/fwbuilder-devel/files/patch-src-pflib-PolicyCompiler_pf.cpp @@ -0,0 +1,24 @@ +diff -urPN --exclude=CVS --exclude=.svn --exclude=00_TRANS.TBL export/home/cy/freebsd/fwbuilder/work/fwbuilder-3.0.7/src/pflib/PolicyCompiler_pf.cpp usr/ports/security/fwbuilder.old/work/fwbuilder-3.0.6/src/pflib/PolicyCompiler_pf.cpp +--- src/pflib/PolicyCompiler_pf.cpp 2009-09-18 12:28:39.000000000 -0700 ++++ src/pflib/PolicyCompiler_pf.cpp 2009-08-18 08:27:52.000000000 -0700 +@@ -521,8 +521,7 @@ + { + PolicyRule *rule=getNext(); if (rule==NULL) return false; + +- if (rule->getDirection()==PolicyRule::Both && +- rule->getAction()==PolicyRule::Route) ++ if (rule->getDirection()==PolicyRule::Both) + { + PolicyRule *r= compiler->dbcopy->createPolicyRule(); + compiler->temp_ruleset->add(r); +@@ -1080,9 +1079,7 @@ + add( new fillDirection("determine directions" )); + + // commented out for bug #2828602 +-// ... and put back per #2844561 +-// both bug reports/patches are by Tom Judge (tomjudge on sourceforge) +- add( new SplitDirection("split rules with direction 'both'" )); ++// add( new SplitDirection("split rules with direction 'both'" )); + + add( new addLoopbackForRedirect( + "add loopback to rules that permit redirected services" ) ); -- cgit