* NATCompiler_PrintRule.cpp (processNext): fixed SF bug 3057503

"DNAT rule with dynamic IP has a white space, causing error".
2026-03-19 17:57:22 +01:00 · 2010-09-14 21:59:13 +00:00 · 2010-09-14 21:59:13 +00:00 · c3aa139f22
commit c3aa139f22
parent 75da3a7bac
4 changed files with 38 additions and 4 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-#define BUILD_NUM 3248
+#define BUILD_NUM 3249
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@ -1,5 +1,8 @@
 2010-09-14  Vadim Kurland  <vadim@vk.crocodile.org>

+	* NATCompiler_PrintRule.cpp (processNext): fixed SF bug 3057503
+	"DNAT rule with dynamic IP has a white space, causing error".
+
 	* PolicyCompiler_PrintRule.cpp (_printIpSetMatch): fixed #1705
 	"iptables (v>=1.4.4) "--set option deprecated ..."  (SF bug 3059893)
 	Option "--set" has been deprecated and renamed "--match-set" in
--- a/src/iptlib/NATCompiler_PrintRule.cpp
+++ b/src/iptlib/NATCompiler_PrintRule.cpp
@ -758,9 +758,19 @@ bool NATCompiler_ipt::PrintRule::processNext()
 	    cmdout << "--to-destination ";
            // if TDst is "any" and this is DNAT rule, then this rule only
            // translates source port. Skip address part.
-            if (!tdst->isAny()) cmdout << _printAddr(tdst, false, true);
+            QString addr_part;
+            if (!tdst->isAny())
+                addr_part = _printAddr(tdst, false, true).c_str();
+
 	    string ports = _printDNATPorts(tsrv);
-	    if (!ports.empty()) cmdout << ":" << ports;
+	    if (!ports.empty())
+            {
+                cmdout << addr_part.trimmed().toStdString()
+                       << ":" << ports;
+            } else
+            {
+                cmdout << addr_part.toStdString();
+            }

            if (ropt->getBool("ipt_nat_random")) cmdout << " --random";
            if (XMLTools::version_compare(version, "1.4.3")>=0)
--- a/test/ipt/objects-for-regression-tests.fwb
+++ b/test/ipt/objects-for-regression-tests.fwb
@ -14177,7 +14177,7 @@
          <Option name="verify_interfaces">False</Option>
        </FirewallOptions>
      </Firewall>
-      <Firewall id="id3D94D4F8" host_OS="linux24" inactive="False" lastCompiled="1272404308" lastInstalled="1142003872" lastModified="1282234973" platform="iptables" version="" name="firewall11" comment="testing rules with broadcasts and multicasts and action-on-reject 'TCP reset'. &#10;&#10;This is BRIDGING FIREWALL &#10;Firewall is part of any is OFF&#10;&#10;Interfaces eth0 and eth1 are parts of the bridge; Interface eth2 is external interface (doing NAT and routing on this interface) Interface eth3 is connected to protected network and is used to manage firewall. This is rather realistic configuration for the bridging firewall " ro="False">
+      <Firewall id="id3D94D4F8" host_OS="linux24" inactive="False" lastCompiled="1272404308" lastInstalled="1142003872" lastModified="1284500299" platform="iptables" version="" name="firewall11" comment="testing rules with broadcasts and multicasts and action-on-reject 'TCP reset'. &#10;&#10;This is BRIDGING FIREWALL &#10;Firewall is part of any is OFF&#10;&#10;Interfaces eth0 and eth1 are parts of the bridge; Interface eth2 is external interface (doing NAT and routing on this interface) Interface eth3 is connected to protected network and is used to manage firewall. This is rather realistic configuration for the bridging firewall " ro="False">
        <NAT id="id3D94D4F9" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
          <NATRule id="id3E854D22" disabled="True" position="0" action="Translate" comment="">
            <OSrc neg="False">
@ -14246,6 +14246,27 @@
              <Option name="ipt_use_snat_instead_of_masq">True</Option>
            </NATRuleOptions>
          </NATRule>
+          <NATRule id="id58296X15267" disabled="False" group="" position="3" action="Translate" comment="see SF bug 3057503&#10;">
+            <OSrc neg="False">
+              <ObjectRef ref="sysid0"/>
+            </OSrc>
+            <ODst neg="False">
+              <ObjectRef ref="sysid0"/>
+            </ODst>
+            <OSrv neg="False">
+              <ServiceRef ref="tcp-HTTP"/>
+            </OSrv>
+            <TSrc neg="False">
+              <ObjectRef ref="sysid0"/>
+            </TSrc>
+            <TDst neg="False">
+              <ObjectRef ref="id3E21FC66"/>
+            </TDst>
+            <TSrv neg="False">
+              <ServiceRef ref="id3B4FF09A"/>
+            </TSrv>
+            <NATRuleOptions/>
+          </NATRule>
          <RuleSetOptions/>
        </NAT>
        <Policy id="id3D94D508" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">