Proxmox/pve-firewall
5
0
Fork 0
mirror of git://git.proxmox.com/git/pve-firewall.git synced 2025-02-01 09:47:24 +03:00
Code Releases Activity

fix ipv6 address normalization

Browse Source 
inet_ntop only takes an addres, not a CIDR notation. Since
the normalized address should just be a compressed
lower-case address, Net::IP::ip_compress_address should be
sufficient.

inet_ntop didn't succeed before, the result of which was
that ipsets weren't generated at all for ipv6 address ranges.
This commit is contained in:
Wolfgang Bumiller 2015-07-28 08:46:04 +02:00 committed by Dietmar Maurer
parent 8feec9fa34
commit ab03c1a753
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/PVE/Firewall.pm
View File

@ -2952,8 +2952,7 @@ sub generate_ipset_chains {
}
#http://backreference.org/2013/03/01/ipv6-address-normalization/
if ($ver == 6) {
my $ipv6 = inet_pton(AF_INET6, lc($cidr));
$cidr = inet_ntop(AF_INET6, $ipv6);
$cidr = lc(Net::IP::ip_compress_address($cidr, 6));
$cidr =~ s|/128$||;
} else {
$cidr =~ s|/32$||;