|
 |
b8221b |
From 12fd98893d190df9581d04155fa9207d2adb5573 Mon Sep 17 00:00:00 2001
|
|
|
b8221b |
From: Eric Garver <eric@garver.life>
|
|
|
b8221b |
Date: Wed, 15 Sep 2021 14:12:37 -0400
|
|
|
b8221b |
Subject: [PATCH 40/50] fix(nftables): rich: source address with netmask
|
|
|
b8221b |
|
|
|
b8221b |
Fixes: rhbz1917766
|
|
|
b8221b |
(cherry picked from commit 3809fef17dc779052a3f050041fe90e3599f35be)
|
|
|
b8221b |
(cherry picked from commit 32d5eb8d94a2b39a4dda10fec351ad6fbab7d486)
|
|
|
b8221b |
---
|
|
|
b8221b |
src/firewall/core/nftables.py | 5 +++--
|
|
|
b8221b |
1 file changed, 3 insertions(+), 2 deletions(-)
|
|
|
b8221b |
|
|
|
b8221b |
diff --git a/src/firewall/core/nftables.py b/src/firewall/core/nftables.py
|
|
|
b8221b |
index 29a9a2492032..059cd8869dbb 100644
|
|
|
b8221b |
--- a/src/firewall/core/nftables.py
|
|
|
b8221b |
+++ b/src/firewall/core/nftables.py
|
|
|
b8221b |
@@ -22,6 +22,7 @@ from __future__ import absolute_import
|
|
|
b8221b |
|
|
|
b8221b |
import copy
|
|
|
b8221b |
import json
|
|
|
b8221b |
+import ipaddress
|
|
|
b8221b |
|
|
|
b8221b |
from firewall.core.logger import log
|
|
|
b8221b |
from firewall.functions import check_mac, getPortRange, normalizeIP6, \
|
|
|
b8221b |
@@ -1213,8 +1214,8 @@ class nftables(object):
|
|
|
b8221b |
family = "ip"
|
|
|
b8221b |
elif check_address("ipv4", address):
|
|
|
b8221b |
family = "ip"
|
|
|
b8221b |
- addr_len = address.split("/")
|
|
|
b8221b |
- address = {"prefix": {"addr": addr_len[0], "len": int(addr_len[1])}}
|
|
|
b8221b |
+ normalized_address = ipaddress.IPv4Network(address, strict=False)
|
|
|
b8221b |
+ address = {"prefix": {"addr": normalized_address.network_address.compressed, "len": normalized_address.prefixlen}}
|
|
|
b8221b |
elif check_single_address("ipv6", address):
|
|
|
b8221b |
family = "ip6"
|
|
|
b8221b |
address = normalizeIP6(address)
|
|
|
b8221b |
--
|
|
|
b8221b |
2.27.0
|
|
|
b8221b |
|