- } else {
- warn "unknown action '$action'\n";
- next;
- }
-
- $iface = undef if $iface && $iface eq '-';
- if ($iface && $iface !~ m/^(net0|net1|net2|net3|net4|net5)$/) {
- warn "unknown interface '$iface'\n";
- next;
- }
-
- $proto = undef if $proto && $proto eq '-';
- if ($proto && $proto !~ m/^(icmp|tcp|udp)$/) {
- warn "unknown protokol '$proto'\n";
- next;
- }
-
- $source = undef if $source && $source eq '-';
-
-# if ($source !~ m/^(XYZ)$/) {
-# warn "unknown source '$source'\n";
-# next;
-# }
-
- $dest = undef if $dest && $dest eq '-';
-# if ($dest !~ m/^XYZ)$/) {
-# warn "unknown destination '$dest'\n";
-# next;
-# }
-
- $dport = undef if $dport && $dport eq '-';
- $sport = undef if $sport && $sport eq '-';
-
- my $rule = {
- action => $action,
- service => $service,
- iface => $iface,
- source => $source,
- dest => $dest,
- proto => $proto,
- dport => $dport,
- sport => $sport,