fixes #1936 NATCompiler_ipt::separateSourcePorts could be redundant

2026-03-22 11:17:31 +01:00 · 2011-01-17 18:22:20 -08:00 · 2011-01-17 18:22:20 -08:00 · 08003fceb6
commit 08003fceb6
parent 6e12d51dac
2 changed files with 3 additions and 61 deletions
--- a/src/iptlib/NATCompiler_ipt.cpp
+++ b/src/iptlib/NATCompiler_ipt.cpp
@ -1427,60 +1427,6 @@ bool NATCompiler_ipt::splitServices::processNext()
    return true;
 }

-bool NATCompiler_ipt::separateSourcePorts::processNext()
-{
-    NATRule *rule=getNext(); if (rule==NULL) return false;
-
-    RuleElementOSrv *rel= rule->getOSrv();
-
-    if (rel->size()==1) {
-	tmp_queue.push_back(rule);
-	return true;
-    }
-
-    NATRule         *rule_4_src_ports=NULL;
-    RuleElementOSrv *nsrv = NULL;
-
-    list<Service*> services;
-    for (FWObject::iterator i=rel->begin(); i!=rel->end(); i++) 
-    {
-	FWObject *o= *i;
-	if (FWReference::cast(o)!=NULL) o=FWReference::cast(o)->getPointer();
-	Service *s=Service::cast(o);
-	assert(s!=NULL);
-
-	if ( TCPService::isA(s) || UDPService::isA(s) ) {
-            int srs=TCPUDPService::cast(s)->getSrcRangeStart();
-            int sre=TCPUDPService::cast(s)->getSrcRangeEnd();
-
-            compiler->normalizePortRange(srs,sre);
-
-            if (srs!=0 || sre!=0)
-            {
-                if (rule_4_src_ports==NULL)
-                {
-                    rule_4_src_ports= compiler->dbcopy->createNATRule();
-                    compiler->temp_ruleset->add(rule_4_src_ports);
-                    rule_4_src_ports->duplicate(rule);
-                    nsrv=rule_4_src_ports->getOSrv();
-                    nsrv->clearChildren();
-                    tmp_queue.push_back(rule_4_src_ports);
-                }
-                assert(nsrv!=NULL);
-                nsrv->addRef( s );
-                services.push_back(s);
-            }
-        }
-    }
-    for (list<Service*>::iterator i=services.begin(); i!=services.end(); i++) 
-	rel->removeRef( (*i) );
-
-    if (!rel->isAny())
-	tmp_queue.push_back(rule);
-
-    return true;
-}
-
 bool NATCompiler_ipt::separateSourceAndDestinationPorts::processNext()
 {
    NATRule *rule=getNext(); if (rule==NULL) return false;
@ -2685,7 +2631,9 @@ void NATCompiler_ipt::compile()
    add( new splitServices("split on services") );
    add( new VerifyRules2("check correctness of TSrv") );
    add( new separatePortRanges("separate port ranges") );
-    add( new separateSourcePorts("separate objects with src") );
+
+    add( new separateSrcPort("separate objects with src") );
+
    add( new separateSourceAndDestinationPorts(
             "separate objects with both src and dest ports" ) );
    add( new prepareForMultiport("prepare for multiport") );
--- a/src/iptlib/NATCompiler_ipt.h
+++ b/src/iptlib/NATCompiler_ipt.h
@ -291,12 +291,6 @@ namespace fwcompiler {
 	 */
        DECLARE_NAT_RULE_PROCESSOR(splitServices);

-	/**
-	 * for TCP/UDP services separate objects with source ports
-         * from objects with destination ports
-	 */
-        DECLARE_NAT_RULE_PROCESSOR(separateSourcePorts);
-
 	/**
 	 * for TCP/UDP services separate objects that have both source
 	 * and destination ports