UTIL type=rule 'filter=(service has.value.recursive PORT-RANGE)' | bu…

…gfix if searched PORT-RANGE is partial available, and if multiple port-range are available in service-group

CHANGELOG.txt

@@ -12,6 +12,7 @@ BUGFIX:
 * class SecurityProfilStore | bugfix to handle parentStore correctly
 * UTIL type=securityprofile | bugfix missing array variable declaration
 * UTIL type=rule | bugfix for 'filter=(service has.value.recursive PORT-RANGE)'
+* UTIL type=rule 'filter=(service has.value.recursive PORT-RANGE)' | bugfix if searched PORT-RANGE is partial available, and if multiple port-range are available in service-group
 
 GENERAL:
 * framework all Object Classes | improve code for usage of single method parentCentralStore()

lib/container-classes/ServiceRuleContainer.php

@@ -604,6 +604,7 @@ public function generateFastHashComp($force = FALSE)
     function hasValue($value, $check_recursive = FALSE)
     {
         $rangeValue = false;
+        $port_value_range = array();
         if( strpos($value, "-") !== FALSE )
         {
             $rangeValue = true;
@@ -634,36 +635,48 @@ function hasValue($value, $check_recursive = FALSE)
                 $text_replace = array('tcp/', 'udp/');
                 $port_mapping_text = str_replace($text_replace, "", $port_mapping_text);
 
-                if( strpos($port_mapping_text, "-") !== FALSE )
+                if( strpos($port_mapping_text, ",") !== FALSE )
                 {
-                    $port_mapping_range = explode("-", $port_mapping_text);
-                    if( $rangeValue )
-                    {
-                        if( intval($port_mapping_range[0]) <= intval($port_value_range[0]) && intval($port_mapping_range[1]) >= intval($port_value_range[1]) )
-                            return TRUE;
-                    }
-                    else
-                    {
-                        if( intval($port_mapping_range[0]) <= intval($value) && intval($port_mapping_range[1]) >= intval($value) )
-                            return TRUE;
-                    }
-                }
-                elseif( strpos($port_mapping_text, ",") !== FALSE )
-                {
-                    $port_mapping_list = explode(",", $port_mapping_text);
+                $port_mapping_list = explode(",", $port_mapping_text);
                     foreach( $port_mapping_list as $list_object )
                     {
                         if( $value == $list_object )
                             return TRUE;
+                        elseif( strpos($list_object, "-") !== FALSE )
+                        {
+                            if( self::checkValueRange( $rangeValue, $port_value_range, $value, $list_object) )
+                                return TRUE;
+                        }
                     }
                 }
+                elseif( strpos($port_mapping_text, "-") !== FALSE )
+                {
+                    if( self::checkValueRange( $rangeValue, $port_value_range, $value, $port_mapping_text) )
+                        return TRUE;
+                }
+
                 elseif( $value == $port_mapping_text )
                     return TRUE;
             }
         }
 
         return FALSE;
     }
+
+    public function checkValueRange( $rangeValue, $port_value_range, $value, $port_mapping_text)
+    {
+        $port_mapping_range = explode("-", $port_mapping_text);
+        if( $rangeValue )
+        {
+            if( intval($port_mapping_range[0]) <= intval($port_value_range[0]) && intval($port_mapping_range[1]) >= intval($port_value_range[1]) )
+                return TRUE;
+        }
+        else
+        {
+            if( intval($port_mapping_range[0]) <= intval($value) && intval($port_mapping_range[1]) >= intval($value) )
+                return TRUE;
+        }
+    }
 }