diff options
author | Ermal <eri@pfsense.org> | 2014-02-11 10:28:25 +0100 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2014-02-11 10:28:25 +0100 |
commit | 6ce0e31c66128746be4cdef256bcaaec209f616d (patch) | |
tree | c6247194451d2be2ac54a3101807b4fa6007a58a | |
parent | 5ba0cdf694fb1cf1861fd8bdd95f71ca4a3a263e (diff) | |
download | pfsense-6ce0e31c66128746be4cdef256bcaaec209f616d.zip pfsense-6ce0e31c66128746be4cdef256bcaaec209f616d.tar.gz |
When adding ip aliases on top of carp not in the subnet of the carp configured address but an ip alias of the real interface do not error out but accept this as a valid configuration.
-rw-r--r-- | etc/inc/interfaces.inc | 2 | ||||
-rwxr-xr-x | usr/local/www/firewall_virtual_ip_edit.php | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index feb2cff..22a109f 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -4117,7 +4117,7 @@ function find_carp_interface($ip) { function link_carp_interface_to_parent($interface) { global $config; - if ($interface == "") + if (empty($interface)) return; $carp_ip = get_interface_ip($interface); diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index bf03403..b97b593 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -194,7 +194,8 @@ if ($_POST) { $parent_sn = get_interface_subnetv6($_POST['interface']); $subnet = gen_subnetv6($parent_ip, $parent_sn); } - if (isset($parent_ip) && !ip_in_subnet($_POST['subnet'], "{$subnet}/{$parent_sn}") && !ip_in_interface_alias_subnet($_POST['interface'], $_POST['subnet'])) { + if (isset($parent_ip) && !ip_in_subnet($_POST['subnet'], "{$subnet}/{$parent_sn}") && + !ip_in_interface_alias_subnet(link_carp_interface_to_parent($_POST['interface']), $_POST['subnet'])) { $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ; $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find); } |