| line |
true |
false |
branch |
|
53
|
0 |
0 |
if ($self->{'_skip_ipt_exec_check'}) { } |
|
54
|
0 |
0 |
unless ($self->{'_firewall_cmd'} or $self->{'_iptables'}) |
|
59
|
0 |
0 |
if ($self->{'_firewall_cmd'}) { } |
|
|
0 |
0 |
elsif ($self->{'_iptables'}) { } |
|
61
|
0 |
0 |
unless -e $self->{'_firewall_cmd'} |
|
63
|
0 |
0 |
unless -x $self->{'_firewall_cmd'} |
|
66
|
0 |
0 |
unless -e $self->{'_iptables'} |
|
68
|
0 |
0 |
unless -x $self->{'_iptables'} |
|
73
|
0 |
0 |
if (-e $fwc_bin and -x $fwc_bin) { } |
|
|
0 |
0 |
elsif (-e $ipt_bin and -x $ipt_bin) { } |
|
|
0 |
0 |
elsif (-e $ipt6_bin and -x $ipt6_bin) { } |
|
86
|
0 |
0 |
if ($self->{'_ipv6'} and $self->{'_iptables'} eq $ipt_bin) |
|
87
|
0 |
0 |
if (-e $ipt6_bin and -x $ipt6_bin) { } |
|
97
|
0 |
0 |
if ($self->{'_firewall_cmd'}) { } |
|
98
|
0 |
0 |
if $self->{'_firewall_cmd'} =~ m[.*/(\S+)] |
|
100
|
0 |
0 |
if $self->{'_iptables'} =~ m[.*/(\S+)] |
|
104
|
0 |
0 |
if ($self->{'_ipv6'}) |
|
105
|
0 |
0 |
if ($self->{'_firewall_cmd'}) { } |
|
106
|
0 |
0 |
if ($self->{'_fwd_args'} =~ /ipv4/i) |
|
110
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'iptables') |
|
111
|
0 |
0 |
unless ($self->{'_skip_ipt_exec_check'}) |
|
119
|
0 |
0 |
if $self->{'_ipt_bin_name'} eq 'ip6tables' |
|
120
|
0 |
0 |
if ($self->{'_firewall_cmd'}) |
|
121
|
0 |
0 |
if $self->{'_fwd_args'} =~ /ipv6/ |
|
127
|
0 |
0 |
if ($self->{'_firewall_cmd'}) |
|
131
|
0 |
0 |
unless ($self->{'_skip_ipt_exec_check'}) |
|
132
|
0 |
0 |
unless ($self->{'_lockless_ipt_exec'}) |
|
137
|
0 |
0 |
if $rv |
|
150
|
0 |
0 |
unless ($self->{'_debug'}) |
|
270
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
274
|
0 |
0 |
if ($file) { } |
|
277
|
0 |
0 |
unless open F, "< $file" |
|
287
|
0 |
0 |
if (/^\s*Chain\s(.*?)\s\(/) |
|
302
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
306
|
0 |
0 |
if ($file) { } |
|
309
|
0 |
0 |
unless open F, "< $file" |
|
322
|
0 |
0 |
if ($line =~ /^\s*Chain\s+$chain\s+\(policy\s+(\w+)/) |
|
345
|
0 |
0 |
if $self->{'_verbose'} |
|
354
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
358
|
0 |
0 |
if ($file) { } |
|
361
|
0 |
0 |
unless open F, "< $file" |
|
374
|
0 |
0 |
if ($line =~ /\spkts\s+bytes\s+target/) |
|
381
|
0 |
0 |
if ($line =~ /^num\s+pkts\s+bytes\s+target/) |
|
392
|
0 |
0 |
if $found_chain and $line =~ /^\s*Chain\s+/ |
|
394
|
0 |
0 |
if ($line =~ /^\s*Chain\s\Q$chain\E\s\(/i) |
|
398
|
0 |
0 |
if $line =~ /\starget\s{2,}prot/i |
|
399
|
0 |
0 |
unless $found_chain |
|
400
|
0 |
0 |
unless $line |
|
424
|
0 |
0 |
if ($ipt_verbose) { } |
|
425
|
0 |
0 |
if ($has_line_numbers) { } |
|
426
|
0 |
0 |
if ($line =~ /^\s*(\d+)\s+(\S+)\s+(\S+)\s+(.*)/) |
|
433
|
0 |
0 |
if ($line =~ /^\s*(\S+)\s+(\S+)\s+(.*)/) |
|
440
|
0 |
0 |
if ($has_line_numbers) { } |
|
441
|
0 |
0 |
if ($line =~ /^\s*(\d+)\s+(.*)/) |
|
452
|
0 |
0 |
if ($rnum and $rnum ne $rule_num) |
|
456
|
0 |
0 |
if ($ipt_verbose) { } |
|
472
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /\sipv6/) |
|
479
|
0 |
0 |
if ($rule_body =~ /$match_re/) { } |
|
484
|
0 |
0 |
if $proto eq '0' |
|
494
|
0 |
0 |
if ($self->{'_debug'}) |
|
519
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /\sipv6/) |
|
525
|
0 |
0 |
if ($rule_body =~ /$match_re/) { } |
|
528
|
0 |
0 |
if $proto eq '0' |
|
536
|
0 |
0 |
if ($self->{'_debug'}) |
|
550
|
0 |
0 |
if ($rule_hr->{'extended'} =~ /$ext_keys_hr->{$key}{'regex'}/) |
|
556
|
0 |
0 |
if ($rule_hr->{'protocol'} eq '0') { } |
|
|
0 |
0 |
elsif ($rule_hr->{'protocol'} eq 'tcp' or $rule_hr->{'protocol'} eq 'udp') { } |
|
562
|
0 |
0 |
if $rule_hr->{'s_port'} eq '' |
|
564
|
0 |
0 |
if $rule_hr->{'d_port'} eq '' |
|
578
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
582
|
0 |
0 |
if ($file) { } |
|
585
|
0 |
0 |
unless open F, "< $file" |
|
595
|
0 |
0 |
unless @ipt_lines |
|
609
|
0 |
0 |
if $found_chain and $line =~ /^\s*Chain\s+/ |
|
613
|
0 |
0 |
if ($line =~ /^\s*Chain\s+$chain\s+\(policy\s+(\w+)\)/) |
|
617
|
0 |
0 |
if $line =~ /^\s*target\s/i |
|
618
|
0 |
0 |
unless $found_chain |
|
626
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /ipv6/) |
|
636
|
0 |
0 |
if ($line =~ /$log_re/) { } |
|
|
0 |
0 |
elsif ($policy eq 'ACCEPT' and $line =~ /$drop_re/) { } |
|
643
|
0 |
0 |
if $proto eq '0' |
|
645
|
0 |
0 |
if ($p_tmp and $p_tmp =~ /LOG.*\s+prefix\s+
� \`\s*(.+?)\s*\'/x) |
|
654
|
0 |
0 |
if $proto eq '0' |
|
664
|
0 |
0 |
if ($policy eq 'DROP') |
|
669
|
0 |
0 |
unless %protocols and $found_default_drop |
|
687
|
0 |
0 |
if ($self->{'_ipt_rules_file'} and not $file) |
|
695
|
0 |
0 |
if ($file) { } |
|
698
|
0 |
0 |
unless open F, "< $file" |
|
711
|
0 |
0 |
if ($line =~ /^\s*pkts\s+bytes\s+target/) |
|
717
|
0 |
0 |
unless @ipt_lines |
|
728
|
0 |
0 |
if ($line =~ /^\s*Chain\s+(.*?)\s+\(/ and not $line =~ /0\s+references/) |
|
732
|
0 |
0 |
unless $line =~ /\S/ |
|
733
|
0 |
0 |
unless $log_chain |
|
737
|
0 |
0 |
if ($ipt_verbose) { } |
|
738
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /\sipv6/) { } |
|
741
|
0 |
0 |
if ($line =~ /^\s*\d+\s+\d+\s*U?LOG\s+(\w+)\s+
� \S+\s+\S+\s+$any_ip_re
� \s+$any_ip_re\s+.*U?LOG/x) |
|
748
|
0 |
0 |
if ($line =~ /^\s*\d+\s+\d+\s*U?LOG\s+(\w+)\s+\-\-\s+
� \S+\s+\S+\s+$any_ip_re
� \s+$any_ip_re\s+.*U?LOG/x) |
|
756
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'ip6tables' or $self->{'_ipt_bin_name'} eq 'firewall-cmd' and $self->{'_fwd_args'} =~ /\sipv6/) { } |
|
759
|
0 |
0 |
if ($line =~ /^\s*U?LOG\s+(\w+)\s+$any_ip_re
� \s+$any_ip_re\s+.*U?LOG/x) |
|
765
|
0 |
0 |
if ($line =~ /^\s*U?LOG\s+(\w+)\s+\-\-\s+$any_ip_re
� \s+$any_ip_re\s+.*U?LOG/x) |
|
773
|
0 |
0 |
if ($found) |
|
774
|
0 |
0 |
if $proto eq '0' |
|
777
|
0 |
0 |
if $log_chain eq $chain |
|
781
|
0 |
0 |
unless %log_chains |
|
792
|
0 |
0 |
if (defined $sub_chains{$log_chain}) |
|
810
|
0 |
0 |
if ($line =~ /^\s*Chain\s+\Q$start_chain\E\s+\(/ and not $line =~ /0\s+references/) |
|
815
|
0 |
0 |
unless $found |
|
816
|
0 |
0 |
if ($found and $line =~ /^\s*Chain\s/) |
|
819
|
0 |
0 |
if ($line =~ /^\s*(\S+)\s+\S+\s+/) |
|
821
|
0 |
0 |
if ($new_chain ne 'LOG' and $new_chain ne 'DROP' and $new_chain ne 'REJECT' and $new_chain ne 'ACCEPT' and $new_chain ne 'RETURN' and $new_chain ne 'QUEUE' and $new_chain ne 'SNAT' and $new_chain ne 'DNAT' and $new_chain ne 'MASQUERADE' and $new_chain ne 'pkts' and $new_chain ne 'Chain' and $new_chain ne 'target') |
|
854
|
0 |
0 |
unless $cmd =~ /^\s*iptables/ or $cmd =~ m[^\S+/iptables] or $cmd =~ /^\s*ip6tables/ or $cmd =~ m[^\S+/ip6tables] or $cmd =~ /^\s*firewall-cmd/ or $cmd =~ m[^\S+/firewall-cmd] |
|
870
|
0 |
0 |
if $verbose |
|
872
|
0 |
0 |
if ($debug or $verbose) |
|
875
|
0 |
0 |
if ($ipt_exec_sleep > 0) |
|
881
|
0 |
0 |
if ($ipt_exec_sleep > 0) |
|
882
|
0 |
0 |
if ($debug or $verbose) |
|
890
|
0 |
0 |
if ($ipt_exec_style eq 'system') { } |
|
|
0 |
0 |
elsif ($ipt_exec_style eq 'popen') { } |
|
893
|
0 |
0 |
unless open CMD, "$cmd 2> $ipterr |" |
|
896
|
0 |
0 |
unless open F, "> $iptout" |
|
902
|
0 |
0 |
if ($debug or $verbose) |
|
908
|
0 |
0 |
if ($ipt_pid = fork) { } |
|
919
|
0 |
0 |
if ($@) |
|
920
|
0 |
0 |
unless kill 15, $ipt_pid |
|
923
|
0 |
0 |
unless defined $ipt_pid |
|
931
|
0 |
0 |
if (-e $iptout) |
|
932
|
0 |
0 |
unless open F, "< $iptout" |
|
936
|
0 |
0 |
if (-e $ipterr) |
|
937
|
0 |
0 |
unless open F, "< $ipterr" |
|
941
|
0 |
0 |
if @stderr |
|
944
|
0 |
0 |
if (@stdout) |
|
945
|
0 |
0 |
if ($stdout[$#stdout] =~ /^success/) |
|
948
|
0 |
0 |
if ($self->{'_ipt_bin_name'} eq 'firewall-cmd') |
|
950
|
0 |
0 |
if (/COMMAND_FAILED/) |
|
958
|
0 |
0 |
if ($debug or $verbose) |
|
962
|
0 |
0 |
if ($line =~ /\n$/) { } |
|
971
|
0 |
0 |
if ($line =~ /\n$/) { } |
|
979
|
0 |
0 |
if ($debug or $verbose) |