diff options
| author | Seth Mos <seth.mos@dds.nl> | 2011-08-24 22:10:55 +0200 |
|---|---|---|
| committer | Seth Mos <seth.mos@dds.nl> | 2011-08-24 22:10:55 +0200 |
| commit | 99bdb17e397910c96d7bbc1541fbcccd1e0294fe (patch) | |
| tree | 5d6e867f815e4baf5bc953a17f22ec067662a464 /usr/local/www/firewall_rules_edit.php | |
| parent | 4108dee880e7fd552d588101ce383938803eb149 (diff) | |
| download | pfsense-99bdb17e397910c96d7bbc1541fbcccd1e0294fe.zip pfsense-99bdb17e397910c96d7bbc1541fbcccd1e0294fe.tar.gz | |
Unbreak the firewall rule Edit page, input error array was unset halfway the validation. Set that back up ontop.
Add gateway validation
Diffstat (limited to 'usr/local/www/firewall_rules_edit.php')
| -rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 21fee77..6a2da45 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -189,6 +189,7 @@ if (isset($_GET['dup'])) unset($id); if ($_POST) { + unset($input_errors); if( isset($a_filter[$id]['associated-rule-id']) ) { $_POST['proto'] = $pconfig['proto']; @@ -202,6 +203,30 @@ if ($_POST) { if ($_POST['type'] == "match" && $_POST['defaultqueue'] == "none") $input_errors[] = gettext("Queue type rules only work with queues."); + if (($_POST['ipprotocol'] <> "") && ($_POST['gateway'] <> "")) { + foreach($config['gateways']['gateway_group'] as $gw_group) { + if($gw_group['name'] == $_POST['gateway']) { + $af = explode("|", $gw_group['item'][0]); + $ip = lookup_gateway_ip_by_name($af[0]); + if(($_POST['ipprotocol'] == "inet6") && (!is_ipaddrv6($ip))) { + $input_errors[] = gettext("You can not assign a IPv4 gateway group on IPv6 Address Family rule"); + } + if(($_POST['ipprotocol'] == "inet") && (!is_ipaddrv4($ip))) { + $input_errors[] = gettext("You can not assign a IPv6 gateway group on IPv4 Address Family rule"); + } + } + } + } + if (($_POST['ipprotocol'] <> "") && ($_POST['gateway'] <> "")) { + if(($_POST['ipprotocol'] == "inet6") && (!is_ipaddrv6(lookup_gateway_ip_by_name($_POST['gateway'])))) { + $input_errors[] = gettext("You can not assign the IPv4 Gateway to a IPv6 Filter rule"); + } + if(($_POST['ipprotocol'] == "inet") && (!is_ipaddrv4(lookup_gateway_ip_by_name($_POST['gateway'])))) { + $input_errors[] = gettext("You can not assign the IPv6 Gateway to a IPv4 Filter rule"); + } + } + + if (($_POST['proto'] != "tcp") && ($_POST['proto'] != "udp") && ($_POST['proto'] != "tcp/udp")) { $_POST['srcbeginport'] = 0; $_POST['srcendport'] = 0; @@ -253,7 +278,6 @@ if ($_POST) { $_POST['dstmask'] = 32; } - unset($input_errors); $pconfig = $_POST; /* input validation */ |
