IPset code cleanup and better rule description

2025-07-21 23:40:34 +00:00 · 2021-12-27 13:27:31 -08:00
parent ebe9d58594
commit 0e3b7e4d94
3 changed files with 30 additions and 25 deletions
--- a/firewall/firewall-lib.pl
+++ b/firewall/firewall-lib.pl
@ -281,6 +281,9 @@ foreach $d ('p', 's', 'd', 'i', 'o', 'f', 'dport',
 			if ($d eq 's' || $d eq 'd' );
 		# compose desc_$n$d to get myized message, provide values
 		# as $1, ..., $n
+		if ($d eq 'match-set') {
+			$v[1] = $text{'desc_'.$d.'_'.$v[1]} || $v[1];
+			}
 		my $txt = &text("desc_$d$n", map { "<b>$_</b>" } @v);
 		push(@c, $txt) if ($txt);
 		}
--- a/firewall/index.cgi
+++ b/firewall/index.cgi
@ -435,34 +435,34 @@ else {
        # may need to check if they are used by firewall rules
 	@ipsets = &get_ipsets_active();
 	if (@ipsets) {	
-	    print &ui_hr();
-	    print "<b>$text{'index_ipset_title'}</b>";
+		print &ui_hr();
+		print "<b>$text{'index_ipset_title'}</b>";

-	    # Generate the header
-	    @hcols = ( $text{'index_ipset'},
-		       $text{'index_ipset_name'},
-		       $text{'index_ipset_type'},
-		       $text{'index_ipset_elem'},
-		       $text{'index_ipset_maxe'},
-		       $text{'index_ipset_size'} );
-	    print &ui_columns_start(\@hcols, 100, 0);
+		# Generate the header
+		@hcols = ( $text{'index_ipset'},
+			   $text{'index_ipset_name'},
+			   $text{'index_ipset_type'},
+			   $text{'index_ipset_elem'},
+			   $text{'index_ipset_maxe'},
+			   $text{'index_ipset_size'} );
+		print &ui_columns_start(\@hcols, 100, 0);

-	    # Generate a row for each rule
-	    foreach $s (@ipsets) {
-		my @h = split(/ /, $s->{'Header'});
-		# print matching pínet version
-		if ($h[1] =~ /inet${ipvx}$/) {
-			my @cols = ( "$h[0] $h[1]",
-				     $s->{'Name'},
-				     $s->{'Type'},
-				     $s->{'Number'} || 0,
-				     $h[5],
-				     $s->{'Size'} );
-			print &ui_columns_row(\@cols);
+		# Generate a row for each rule
+		foreach $s (@ipsets) {
+			my @h = split(/ /, $s->{'Header'});
+			# print matching pínet version
+			if ($h[1] =~ /inet${ipvx}$/) {
+				my @cols = ( "$h[0] $h[1]",
+					     $s->{'Name'},
+					     $s->{'Type'},
+					     $s->{'Number'} || 0,
+					     $h[5],
+					     $s->{'Size'} );
+				print &ui_columns_row(\@cols);
+				}
 			}
-                }
-	    print &ui_columns_end();
-	    }
+		print &ui_columns_end();
+		}

 	# Display buttons for applying and un-applying the configuration,
 	# and for creating an init script if possible
--- a/firewall/lang/en
+++ b/firewall/lang/en
@ -142,6 +142,8 @@ desc_tos=type of service field is $1
 desc_tos!=type of service field is not $1
 desc_match-set=$2 matches IPset $1
 desc_match-set!=$2 does not match IPset $1
+desc_match-set_src=incoming traffic
+desc_match-set_dst=outgoing traffic
 desc_physdev-in=input physical interface is $1
 desc_physdev-in!=input physical interface is not $1
 desc_physdev-out=output physical interface is $1