diff options
author | Renato Botelho <garga@FreeBSD.org> | 2013-10-16 09:16:00 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2013-10-16 09:18:29 -0300 |
commit | 78b0e51e9a135804bfea307ea30c25fe16473da1 (patch) | |
tree | ac3bf06f8119cca4208f13228499c8856576d786 /etc | |
parent | 4a913451bba01ac65dcaedf31e24fcd938bbe0a2 (diff) | |
download | pfsense-78b0e51e9a135804bfea307ea30c25fe16473da1.zip pfsense-78b0e51e9a135804bfea307ea30c25fe16473da1.tar.gz |
Fix #3268 - avoid pf table names conflict:
. Create a list of reserved table names for the hardcoded ones
. Use this list to validate aliases and load balance pool names
. Check if alias names don't conflict with LB pool names and vice-versa
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 0790f93..95bcf0a 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -58,6 +58,18 @@ $filterdns = array(); /* Used for aliases and interface macros */ $aliases = ""; +/* Reserved table names to avoid colision */ +$reserved_table_names = array( + "bogons", + "bogonsv6", + "negate_networks", + "snort2c", + "sshlockout", + "tonatsubnets", + "virusprot", + "vpn_networks", + "webConfiguratorlockout"); + function is_bogonsv6_used() { global $config, $g; # Only use bogonsv6 table if IPv6 Allow is on, and at least 1 enabled interface also has "blockbogons" enabled. |