diff options
author | Ermal Luçi <eri@pfsense.org> | 2009-12-03 13:54:11 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2009-12-03 13:54:43 +0000 |
commit | 1e578a7f10843f470d2bf5274bbef695a14bb9d0 (patch) | |
tree | 9cb418145d2f8ab621e320f0961e971da6783715 /usr/local/www/firewall_rules_edit.php | |
parent | b96cad97eafee7dc4b2cdb143af07f92ff35c68e (diff) | |
download | pfsense-1e578a7f10843f470d2bf5274bbef695a14bb9d0.zip pfsense-1e578a7f10843f470d2bf5274bbef695a14bb9d0.tar.gz |
Resolves #146 Add propper validation on alias usage. Allow port type aliases only on port side and other aliases in ip specifications and similar. Introduce a new function is_portoralias to ressemble the is_ipaddroralias to check for the cases.
Diffstat (limited to 'usr/local/www/firewall_rules_edit.php')
-rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 8231692..d647ae7 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -45,7 +45,7 @@ require("guiconfig.inc"); require("filter.inc"); require("shaper.inc"); -$specialsrcdst = explode(" ", "any pptp pppoe l2tp"); +$specialsrcdst = explode(" ", "any pptp pppoe l2tp openvpn"); $ifdisp = get_configured_interface_with_descr(); foreach ($ifdisp as $kif => $kdescr) { $specialsrcdst[] = "{$kif}"; @@ -273,16 +273,16 @@ if ($_POST) { $_POST['dstendport'] = 0; } - if (($_POST['srcbeginport'] && !alias_expand($_POST['srcbeginport']) && !is_port($_POST['srcbeginport']))) { + if ($_POST['srcbeginport'] && !is_portoralias($_POST['srcbeginport'])) { $input_errors[] = "The start source port must be an alias or integer between 1 and 65535."; } - if (($_POST['srcendport'] && !alias_expand($_POST['srcendport']) && !is_port($_POST['srcendport']))) { + if ($_POST['srcendport'] && !is_portoralias($_POST['srcendport'])) { $input_errors[] = "The end source port must be an alias or integer between 1 and 65535."; } - if (($_POST['dstbeginport'] && !alias_expand($_POST['dstbeginport']) && !is_port($_POST['dstbeginport']))) { + if ($_POST['dstbeginport'] && !is_portoralias($_POST['dstbeginport'])) { $input_errors[] = "The start destination port must be an alias or integer between 1 and 65535."; } - if (($_POST['dstendport'] && !alias_expand($_POST['dstbeginport']) && !is_port($_POST['dstendport']))) { + if ($_POST['dstendport'] && !is_portoralias($_POST['dstbeginport'])) { $input_errors[] = "The end destination port must be an alias or integer between 1 and 65535."; } @@ -297,7 +297,7 @@ if ($_POST) { } if (!is_specialnet($_POST['srctype'])) { - if (($_POST['src'] && !is_ipaddroranyalias($_POST['src']))) { + if (($_POST['src'] && !is_ipaddroralias($_POST['src']))) { $input_errors[] = "A valid source IP address or alias must be specified."; } if (($_POST['srcmask'] && !is_numericint($_POST['srcmask']))) { @@ -305,7 +305,7 @@ if ($_POST) { } } if (!is_specialnet($_POST['dsttype'])) { - if (($_POST['dst'] && !is_ipaddroranyalias($_POST['dst']))) { + if (($_POST['dst'] && !is_ipaddroralias($_POST['dst']))) { $input_errors[] = "A valid destination IP address or alias must be specified."; } if (($_POST['dstmask'] && !is_numericint($_POST['dstmask']))) { |