diff options
author | Phil Davis <phil.davis@inf.org> | 2015-07-12 22:03:35 +0545 |
---|---|---|
committer | Phil Davis <phil.davis@inf.org> | 2015-07-12 22:03:35 +0545 |
commit | 81a73bcba3b3a79bb3a7add2e14a46e6af748f50 (patch) | |
tree | b178375e75cc3cec5e0281bb66b6ea75cc1430f6 /root | |
parent | fd29caa1c8bc3aa547c50e4842aecd7314cc8d89 (diff) | |
download | pfsense-81a73bcba3b3a79bb3a7add2e14a46e6af748f50.zip pfsense-81a73bcba3b3a79bb3a7add2e14a46e6af748f50.tar.gz |
Avoid error loading rules for numeric host name in alias
Create a host-type alias. Put just a number in "IP or FQDN" - e.g. I made alias name "Zqw" and a single host "23". The webGUI reports:
There were error(s) loading the rules: /tmp/rules.debug:44: syntax error - The line in question reads [44]: table { 23 }
and /tmp/rules.debug has:
table <Zqw> { 23 }
Zqw = "<Zqw>"
which pf does not cope with.
It is possible to have a host name that is a number, and end up with a domain name like 23.mycompany.com - unfortunately some Wally allowed such things in standards many years ago, so it can be rather difficult to tell the difference between a number and a host name.
This change improves the check when looking through alias entries and deciding if they are meant to be a name or a "bottom-level" value (address, subnet, port, port range). Anything that ends up looking like a host name gets given to filterdns to sort out. "Names" like "23" now get given to filterdns instead of being put directly into the table in pf. This makes things happier. Even if filterdns cannot resolve "23", at least it tries and nothing barfs.
Diffstat (limited to 'root')
0 files changed, 0 insertions, 0 deletions