svc/conntrack.in: Fix netmask parsing.

  * Improve the checking for a prefix length: see if the thing is
    entirely made of digits, rather than searching for a `.'.

  * More importantly, if we have a general netmask, then parse the
    correct part of the network spec as the mask.

diff --git a/svc/conntrack.in b/svc/conntrack.in
index 79b47d88b47ec56da42e7e45e2f1066902613251..1b9f5819dcf6a0ec518cd3137fd11b5429c0e22a 100644 (file)
--- a/svc/conntrack.in
+++ b/svc/conntrack.in
@@ -171,11 +171,11 @@ class Config (object):
         ## a mask with N leading ones followed by trailing zeroes.
         slash = net.index('/')
         addr, = unpack('>L', S.inet_aton(net[:slash]))
-        if net.find('.', slash + 1) >= 0:
-          mask, = unpack('>L', S.inet_aton(net[:slash]))
-        else:
+        if net[slash + 1:].isdigit():
           n = int(net[slash + 1:], 10)
           mask = (1 << 32) - (1 << 32 - n)
+        else:
+          mask, = unpack('>L', S.inet_aton(net[slash + 1:]))
         pats.append((tag, peer, addr & mask, mask))
 
       ## Annoyingly, RawConfigParser doesn't preserve the order of options.