summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2011-08-15 19:32:29 +0000
committerErmal <eri@pfsense.org>2011-08-15 19:32:29 +0000
commitdf58fd4680ca5a9df8ad7dc3d09ea7c7d6dfd4a7 (patch)
treeb71bcca0f2081686141209913fb77e834e85aeeb
parent6dd45e0ddf0c792612740262fd98625ddfa24fdc (diff)
downloadpfsense-df58fd4680ca5a9df8ad7dc3d09ea7c7d6dfd4a7.zip
pfsense-df58fd4680ca5a9df8ad7dc3d09ea7c7d6dfd4a7.tar.gz
Revert "Feature #1603. Correct nested urltable alias code to be more fullproof to errors and does not break the ruleset on large lists of urltables. Though this needs a revisit to work properly since it breaks urltable alias property of reloading contents."
This reverts commit 3a26fb7f03a0336ed8dd642c46c6e513fca794da.
Diffstat
-rw-r--r--etc/inc/filter.inc27
-rw-r--r--etc/inc/util.inc28
-rwxr-xr-xusr/local/www/firewall_aliases_edit.php2
3 files changed, 22 insertions, 35 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 248935c..f5ec71a 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -456,13 +456,21 @@ function filter_generate_scrubing() {
return $scrubrules;
}
+function get_alias_type($name) {
+ global $config;
+
+ foreach ($config['aliases']['alias'] as $alias)
+ if ($name == $alias['name'])
+ return $alias['type'];
+ return "";
+}
+
function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddrnesting) {
global $aliastable, $filterdns;
$addresses = split(" ", $alias);
$finallist = "";
$builtlist = "";
- $urltable_nesting = "";
$aliasnesting[$name] = $name;
foreach ($addresses as $address) {
if (empty($address))
@@ -470,18 +478,13 @@ function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddr
$linelength = strlen($builtlist);
$tmpline = "";
if(is_alias($address)) {
- if (alias_get_type($address) == 'urltable') {
+ if (get_alias_type($address) == 'urltable'){
// Feature#1603. For this type of alias we do not need to recursively call filter_generate_nested_alias. Just load IPs from the file.
- $urltable_netsting = alias_expand_urltable($address);
- if (!empty($urltable_nesting)) {
- $urlfile_as_arr = file($urltable_nesting);
- foreach($urlfile_as_arr as $line) {
+ $urlfn = alias_expand_urltable($address);
+ if ($file_as_arr=file($urlfn)){
+ foreach($file_as_arr as $line){
$address= rtrim($line);
- if ((strlen($tmpline) + $linelength) > 4036) {
- $finallist .= "{$tmpline} \\\n";
- $tmpline = "";
- }
- $tmpline .= " {$address}";
+ $tmpline .= " $address";
}
}
}
@@ -494,7 +497,7 @@ function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddr
continue;
}
$aliasaddrnesting[$address] = $address;
- $tmpline = " {$address}";
+ $tmpline = " $address";
}
if ((strlen($tmpline)+ $linelength) > 4036) {
$finallist .= "{$builtlist} \\\n";
diff --git a/etc/inc/util.inc b/etc/inc/util.inc
index f2889d3..96a48c72 100644
--- a/etc/inc/util.inc
+++ b/etc/inc/util.inc
@@ -886,7 +886,6 @@ function alias_make_table($config) {
}
}
}
-
/* check if an alias exists */
function is_alias($name) {
global $aliastable;
@@ -894,19 +893,6 @@ function is_alias($name) {
return isset($aliastable[$name]);
}
-function alias_get_type($name) {
- global $config;
-
- if (is_array($config['aliases']['alias'])) {
- foreach ($config['aliases']['alias'] as $alias) {
- if ($name == $alias['name'])
- return $alias['type'];
- }
- }
-
- return "";
-}
-
/* expand a host or network alias, if necessary */
function alias_expand($name) {
global $aliastable;
@@ -924,14 +910,12 @@ function alias_expand_urltable($name) {
$urltable_prefix = "/var/db/aliastables/";
$urltable_filename = $urltable_prefix . $name . ".txt";
- if (is_array($config['aliases']['alias'])) {
- foreach ($config['aliases']['alias'] as $alias) {
- if (($alias['type'] == 'urltable') && ($alias['name'] == $name)) {
- if (is_URL($alias["url"]) && file_exists($urltable_filename) && filesize($urltable_filename))
- return $urltable_filename;
- else if (process_alias_urltable($name, $alias["url"], 0, true))
- return $urltable_filename;
- }
+ foreach ($config['aliases']['alias'] as $alias) {
+ if (($alias['type'] == 'urltable') && ($alias['name'] == $name)) {
+ if (is_URL($alias["url"]) && file_exists($urltable_filename) && filesize($urltable_filename))
+ return $urltable_filename;
+ else if (process_alias_urltable($name, $alias["url"], 0, true))
+ return $urltable_filename;
}
}
return null;
diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php
index c5ffb48..96f7ce8 100755
--- a/usr/local/www/firewall_aliases_edit.php
+++ b/usr/local/www/firewall_aliases_edit.php
@@ -254,7 +254,7 @@ if ($_POST) {
if (!alias_same_type($_POST["address{$x}"], $_POST['type']))
// But alias type network can include alias type urltable. Feature#1603.
if (!($_POST['type'] == 'network' &&
- alias_get_type($_POST["address{$x}"]) == 'urltable'))
+ get_alias_type($_POST["address{$x}"]) == 'urltable'))
$wrongaliases .= " " . $_POST["address{$x}"];
} else if ($_POST['type'] == "port") {
if (!is_port($_POST["address{$x}"]))
OpenPOWER on IntegriCloud