| line |
true |
false |
branch |
|
51
|
0 |
0 |
if ($self->{'_skip_ipt_exec_check'}) { } |
|
52
|
0 |
0 |
unless ($self->{'_firewall_cmd'} or $self->{'_iptables'}) |
|
57
|
0 |
0 |
if ($self->{'_firewall_cmd'}) { } |
|
|
0 |
0 |
elsif ($self->{'_iptables'}) { } |
|
59
|
0 |
0 |
unless -e $self->{'_firewall_cmd'} |
|
61
|
0 |
0 |
unless -x $self->{'_firewall_cmd'} |
|
64
|
0 |
0 |
unless -e $self->{'_iptables'} |
|
66
|
0 |
0 |
unless -x $self->{'_iptables'} |
|
71
|
0 |
0 |
if (-e $fwc_bin and -x $fwc_bin) { } |
|
|
0 |
0 |
elsif (-e $ipt_bin and -x $ipt_bin) { } |
|
|
0 |
0 |
elsif (-e $ipt6_bin and -x $ipt6_bin) { } |
|
84
|
0 |
0 |
if ($self->{'_ipv6'} and $self->{'_iptables'} eq $ipt_bin) |
|
85
|
0 |
0 |
if (-e $ipt6_bin and -x $ipt6_bin) { } |
|
95
|
0 |
0 |
if ($self->{'_firewall_cmd'}) { } |
|
96
|
0 |
0 |
if $self->{'_firewall_cmd'} =~ m[.*/(\S+)] |
|
98
|
0 |
0 |
if $self->{'_iptables'} =~ m[.*/(\S+)] |
|
102
|
0 |
0 |
if ($self->{'_ipv6'}) |
|
103
|
0 |
0 |
if ($self->{'_firewall_cmd'}) { } |
|
104
|
0 |
0 |
if ($self->{'_fwd_args'} =~ /ipv4/i) |
|
108
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'iptables') |
|
109
|
0 |
0 |
unless ($self->{'_skip_ipt_exec_check'}) |
|
117
|
0 |
0 |
if $self->{'_ipt_bin_name'} eq 'ip6tables' |
|
118
|
0 |
0 |
if ($self->{'_firewall_cmd'}) |
|
119
|
0 |
0 |
if $self->{'_fwd_args'} =~ /ipv6/ |
|
125
|
0 |
0 |
if ($self->{'_firewall_cmd'}) |
|
138
|
0 |
0 |
unless ($self->{'_debug'}) |
|
258
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
262
|
0 |
0 |
if ($file) { } |
|
265
|
0 |
0 |
unless open F, "< $file" |
|
275
|
0 |
0 |
if (/^\s*Chain\s(.*?)\s\(/) |
|
290
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
294
|
0 |
0 |
if ($file) { } |
|
297
|
0 |
0 |
unless open F, "< $file" |
|
310
|
0 |
0 |
if ($line =~ /^\s*Chain\s+$chain\s+\(policy\s+(\w+)/) |
|
339
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
343
|
0 |
0 |
if ($file) { } |
|
346
|
0 |
0 |
unless open F, "< $file" |
|
359
|
0 |
0 |
if ($line =~ /\spkts\s+bytes\s+target/) |
|
366
|
0 |
0 |
if ($line =~ /^num\s+pkts\s+bytes\s+target/) |
|
377
|
0 |
0 |
if $found_chain and $line =~ /^\s*Chain\s+/ |
|
379
|
0 |
0 |
if ($line =~ /^\s*Chain\s\Q$chain\E\s\(/i) |
|
383
|
0 |
0 |
if $line =~ /\starget\s{2,}prot/i |
|
384
|
0 |
0 |
unless $found_chain |
|
385
|
0 |
0 |
unless $line |
|
409
|
0 |
0 |
if ($ipt_verbose) { } |
|
410
|
0 |
0 |
if ($has_line_numbers) { } |
|
411
|
0 |
0 |
if ($line =~ /^\s*(\d+)\s+(\d+)\s+(\d+)\s+(.*)/) |
|
418
|
0 |
0 |
if ($line =~ /^\s*(\d+)\s+(\d+)\s+(.*)/) |
|
425
|
0 |
0 |
if ($has_line_numbers) |
|
426
|
0 |
0 |
if ($line =~ /^\s*(\d+)\s+(\d+)\s+(.*)/) |
|
433
|
0 |
0 |
if ($rnum and $rnum ne $rule_num) |
|
437
|
0 |
0 |
if ($ipt_verbose) { } |
|
453
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /\sipv6/) |
|
460
|
0 |
0 |
if ($rule_body =~ /$match_re/) |
|
465
|
0 |
0 |
if $proto eq '0' |
|
496
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /\sipv6/) |
|
502
|
0 |
0 |
if ($rule_body =~ /$match_re/) |
|
505
|
0 |
0 |
if $proto eq '0' |
|
523
|
0 |
0 |
if ($rule_hr->{'extended'} =~ /$ext_keys_hr->{$key}{'regex'}/) |
|
529
|
0 |
0 |
if ($rule_hr->{'protocol'} eq '0') { } |
|
|
0 |
0 |
elsif ($rule_hr->{'protocol'} eq 'tcp' or $rule_hr->{'protocol'} eq 'udp') { } |
|
535
|
0 |
0 |
if $rule_hr->{'s_port'} eq '' |
|
537
|
0 |
0 |
if $rule_hr->{'d_port'} eq '' |
|
551
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
555
|
0 |
0 |
if ($file) { } |
|
558
|
0 |
0 |
unless open F, "< $file" |
|
568
|
0 |
0 |
unless @ipt_lines |
|
582
|
0 |
0 |
if $found_chain and $line =~ /^\s*Chain\s+/ |
|
586
|
0 |
0 |
if ($line =~ /^\s*Chain\s+$chain\s+\(policy\s+(\w+)\)/) |
|
590
|
0 |
0 |
if $line =~ /^\s*target\s/i |
|
591
|
0 |
0 |
unless $found_chain |
|
599
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /ipv6/) |
|
609
|
0 |
0 |
if ($line =~ /$log_re/) { } |
|
|
0 |
0 |
elsif ($policy eq 'ACCEPT' and $line =~ /$drop_re/) { } |
|
616
|
0 |
0 |
if $proto eq '0' |
|
618
|
0 |
0 |
if ($p_tmp and $p_tmp =~ /LOG.*\s+prefix\s+
� \`\s*(.+?)\s*\'/x) |
|
627
|
0 |
0 |
if $proto eq '0' |
|
637
|
0 |
0 |
if ($policy eq 'DROP') |
|
642
|
0 |
0 |
unless %protocols and $found_default_drop |
|
660
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
668
|
0 |
0 |
if ($file) { } |
|
671
|
0 |
0 |
unless open F, "< $file" |
|
684
|
0 |
0 |
if ($line =~ /^\s*pkts\s+bytes\s+target/) |
|
690
|
0 |
0 |
unless @ipt_lines |
|
701
|
0 |
0 |
if ($line =~ /^\s*Chain\s+(.*?)\s+\(/ and not $line =~ /0\s+references/) |
|
705
|
0 |
0 |
unless $line =~ /\S/ |
|
706
|
0 |
0 |
unless $log_chain |
|
710
|
0 |
0 |
if ($ipt_verbose) { } |
|
711
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /\sipv6/) { } |
|
714
|
0 |
0 |
if ($line =~ /^\s*\d+\s+\d+\s*U?LOG\s+(\w+)\s+
� \S+\s+\S+\s+$any_ip_re
� \s+$any_ip_re\s+.*U?LOG/x) |
|
721
|
0 |
0 |
if ($line =~ /^\s*\d+\s+\d+\s*U?LOG\s+(\w+)\s+\-\-\s+
� \S+\s+\S+\s+$any_ip_re
� \s+$any_ip_re\s+.*U?LOG/x) |
|
729
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /\sipv6/) { } |
|
732
|
0 |
0 |
if ($line =~ /^\s*U?LOG\s+(\w+)\s+$any_ip_re
� \s+$any_ip_re\s+.*U?LOG/x) |
|
738
|
0 |
0 |
if ($line =~ /^\s*U?LOG\s+(\w+)\s+\-\-\s+$any_ip_re
� \s+$any_ip_re\s+.*U?LOG/x) |
|
746
|
0 |
0 |
if ($found) |
|
747
|
0 |
0 |
if $proto eq '0' |
|
750
|
0 |
0 |
if $log_chain eq $chain |
|
754
|
0 |
0 |
unless %log_chains |
|
765
|
0 |
0 |
if (defined $sub_chains{$log_chain}) |
|
783
|
0 |
0 |
if ($line =~ /^\s*Chain\s+\Q$start_chain\E\s+\(/ and not $line =~ /0\s+references/) |
|
788
|
0 |
0 |
unless $found |
|
789
|
0 |
0 |
if ($found and $line =~ /^\s*Chain\s/) |
|
792
|
0 |
0 |
if ($line =~ /^\s*(\S+)\s+\S+\s+/) |
|
794
|
0 |
0 |
if ($new_chain ne 'LOG' and $new_chain ne 'DROP' and $new_chain ne 'REJECT' and $new_chain ne 'ACCEPT' and $new_chain ne 'RETURN' and $new_chain ne 'QUEUE' and $new_chain ne 'SNAT' and $new_chain ne 'DNAT' and $new_chain ne 'MASQUERADE' and $new_chain ne 'pkts' and $new_chain ne 'Chain' and $new_chain ne 'target') |
|
827
|
0 |
0 |
unless $cmd =~ /^\s*iptables/ or $cmd =~ m[^\S+/iptables] or $cmd =~ /^\s*ip6tables/ or $cmd =~ m[^\S+/ip6tables] or $cmd =~ /^\s*firewall-cmd/ or $cmd =~ m[^\S+/firewall-cmd] |
|
843
|
0 |
0 |
if $verbose |
|
845
|
0 |
0 |
if ($debug or $verbose) |
|
848
|
0 |
0 |
if ($ipt_exec_sleep > 0) |
|
854
|
0 |
0 |
if ($ipt_exec_sleep > 0) |
|
855
|
0 |
0 |
if ($debug or $verbose) |
|
863
|
0 |
0 |
if ($ipt_exec_style eq 'system') { } |
|
|
0 |
0 |
elsif ($ipt_exec_style eq 'popen') { } |
|
866
|
0 |
0 |
unless open CMD, "$cmd 2> $ipterr |" |
|
869
|
0 |
0 |
unless open F, "> $iptout" |
|
875
|
0 |
0 |
if ($debug or $verbose) |
|
881
|
0 |
0 |
if ($ipt_pid = fork) { } |
|
892
|
0 |
0 |
if ($@) |
|
893
|
0 |
0 |
unless kill 15, $ipt_pid |
|
896
|
0 |
0 |
unless defined $ipt_pid |
|
904
|
0 |
0 |
if (-e $iptout) |
|
905
|
0 |
0 |
unless open F, "< $iptout" |
|
909
|
0 |
0 |
if (-e $ipterr) |
|
910
|
0 |
0 |
unless open F, "< $ipterr" |
|
914
|
0 |
0 |
if @stderr |
|
917
|
0 |
0 |
if (@stdout) |
|
918
|
0 |
0 |
if ($stdout[$#stdout] =~ /^success/) |
|
921
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'firewall-cmd') |
|
923
|
0 |
0 |
if (/COMMAND_FAILED/) |
|
931
|
0 |
0 |
if ($debug or $verbose) |
|
935
|
0 |
0 |
if ($line =~ /\n$/) { } |
|
944
|
0 |
0 |
if ($line =~ /\n$/) { } |
|
952
|
0 |
0 |
if ($debug or $verbose) |