diff options
| author | Ermal <eri@pfsense.org> | 2011-07-06 18:50:55 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2011-07-06 18:59:24 +0000 |
| commit | 3a26fb7f03a0336ed8dd642c46c6e513fca794da (patch) | |
| tree | a225ddee7362b84564308e1f03132f04e091e2b1 /etc | |
| parent | b4a7f7f230f55baa18a8eca7a0100db84ccd2171 (diff) | |
| download | pfsense-3a26fb7f03a0336ed8dd642c46c6e513fca794da.zip pfsense-3a26fb7f03a0336ed8dd642c46c6e513fca794da.tar.gz | |
Feature #1603. Correct nested urltable alias code to be more fullproof to errors and does not break the ruleset on large lists of urltables. Though this needs a revisit to work properly since it breaks urltable alias property of reloading contents.
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/filter.inc | 27 | ||||
| -rw-r--r-- | etc/inc/util.inc | 28 |
2 files changed, 34 insertions, 21 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 646aea6..dc6b95f 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -452,21 +452,13 @@ function filter_generate_scrubing() { return $scrubrules; } -function get_alias_type($name) { - global $config; - - foreach ($config['aliases']['alias'] as $alias) - if ($name == $alias['name']) - return $alias['type']; - return ""; -} - function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddrnesting) { global $aliastable, $filterdns; $addresses = split(" ", $alias); $finallist = ""; $builtlist = ""; + $urltable_nesting = ""; $aliasnesting[$name] = $name; foreach ($addresses as $address) { if (empty($address)) @@ -474,13 +466,18 @@ function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddr $linelength = strlen($builtlist); $tmpline = ""; if(is_alias($address)) { - if (get_alias_type($address) == 'urltable'){ + if (alias_get_type($address) == 'urltable') { // Feature#1603. For this type of alias we do not need to recursively call filter_generate_nested_alias. Just load IPs from the file. - $urlfn = alias_expand_urltable($address); - if ($file_as_arr=file($urlfn)){ - foreach($file_as_arr as $line){ + $urltable_netsting = alias_expand_urltable($address); + if (!empty($urltable_nesting)) { + $urlfile_as_arr = file($urltable_nesting); + foreach($urlfile_as_arr as $line) { $address= rtrim($line); - $tmpline .= " $address"; + if ((strlen($tmpline) + $linelength) > 4036) { + $finallist .= "{$tmpline} \\\n"; + $tmpline = ""; + } + $tmpline .= " {$address}"; } } } @@ -493,7 +490,7 @@ function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddr continue; } $aliasaddrnesting[$address] = $address; - $tmpline = " $address"; + $tmpline = " {$address}"; } if ((strlen($tmpline)+ $linelength) > 4036) { $finallist .= "{$builtlist} \\\n"; diff --git a/etc/inc/util.inc b/etc/inc/util.inc index 683a1d8..bcb7845 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -883,6 +883,7 @@ function alias_make_table($config) { } } } + /* check if an alias exists */ function is_alias($name) { global $aliastable; @@ -890,6 +891,19 @@ function is_alias($name) { return isset($aliastable[$name]); } +function alias_get_type($name) { + global $config; + + if (is_array($config['aliases']['alias'])) { + foreach ($config['aliases']['alias'] as $alias) { + if ($name == $alias['name']) + return $alias['type']; + } + } + + return ""; +} + /* expand a host or network alias, if necessary */ function alias_expand($name) { global $aliastable; @@ -907,12 +921,14 @@ function alias_expand_urltable($name) { $urltable_prefix = "/var/db/aliastables/"; $urltable_filename = $urltable_prefix . $name . ".txt"; - foreach ($config['aliases']['alias'] as $alias) { - if (($alias['type'] == 'urltable') && ($alias['name'] == $name)) { - if (is_URL($alias["url"]) && file_exists($urltable_filename) && filesize($urltable_filename)) - return $urltable_filename; - else if (process_alias_urltable($name, $alias["url"], 0, true)) - return $urltable_filename; + if (is_array($config['aliases']['alias'])) { + foreach ($config['aliases']['alias'] as $alias) { + if (($alias['type'] == 'urltable') && ($alias['name'] == $name)) { + if (is_URL($alias["url"]) && file_exists($urltable_filename) && filesize($urltable_filename)) + return $urltable_filename; + else if (process_alias_urltable($name, $alias["url"], 0, true)) + return $urltable_filename; + } } } return null; |
