diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2013-10-16 09:16:00 -0300 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2013-10-16 09:18:10 -0300 |
| commit | c48fdaa40effe9edc8bb4fb933e124a93cb24a0d (patch) | |
| tree | e1549ed8b708fb27a6e08bd83edb3fe30976bcac /usr/local | |
| parent | c858a035120118e76010e73ac99b4e66ed0c4517 (diff) | |
| download | pfsense-c48fdaa40effe9edc8bb4fb933e124a93cb24a0d.zip pfsense-c48fdaa40effe9edc8bb4fb933e124a93cb24a0d.tar.gz | |
Fix #3268 - avoid pf table names conflict:
. Create a list of reserved table names for the hardcoded ones
. Use this list to validate aliases and load balance pool names
. Check if alias names don't conflict with LB pool names and vice-versa
Diffstat (limited to 'usr/local')
| -rwxr-xr-x | usr/local/www/firewall_aliases_edit.php | 14 | ||||
| -rwxr-xr-x | usr/local/www/load_balancer_pool_edit.php | 8 |
2 files changed, 17 insertions, 5 deletions
diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index e1d7153..0f5ea1f 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -44,10 +44,6 @@ ##|*MATCH=firewall_aliases_edit.php* ##|-PRIV - -// Keywords not allowed in names -$reserved_keywords = array("all", "pass", "block", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec"); - require("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); @@ -55,8 +51,16 @@ require_once("shaper.inc"); $pgtitle = array(gettext("Firewall"),gettext("Aliases"),gettext("Edit")); +// Keywords not allowed in names +$reserved_keywords = array("all", "pass", "block", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec"); + +// Add all Load balance names to resrved_keywords +if (is_array($config['load_balancer']['lbpool'])) + foreach ($config['load_balancer']['lbpool'] as $lbpool) + $reserved_keywords[] = $lbpool['name']; + $reserved_ifs = get_configured_interface_list(false, true); -$reserved_keywords = array_merge($reserved_keywords, $reserved_ifs); +$reserved_keywords = array_merge($reserved_keywords, $reserved_ifs, $reserved_table_names); if (!is_array($config['aliases']['alias'])) $config['aliases']['alias'] = array(); diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php index 9ce0e2b..13a114a 100755 --- a/usr/local/www/load_balancer_pool_edit.php +++ b/usr/local/www/load_balancer_pool_edit.php @@ -40,6 +40,8 @@ ##|-PRIV require("guiconfig.inc"); +require_once("filter.inc"); +require_once("util.inc"); if (!is_array($config['load_balancer']['lbpool'])) { $config['load_balancer']['lbpool'] = array(); @@ -85,6 +87,12 @@ if ($_POST) { if (strpos($_POST['name'], " ") !== false) $input_errors[] = gettext("You cannot use spaces in the 'name' field."); + if (in_array($_POST['name'], $reserved_table_names)) + $input_errors[] = sprintf(gettext("The name '%s' is a reserved word and cannot be used."), $_POST['name']); + + if (is_alias($_POST['name'])) + $input_errors[] = sprintf(gettext("Sorry, an alias is already named %s."), $_POST['name']); + if (!is_portoralias($_POST['port'])) $input_errors[] = gettext("The port must be an integer between 1 and 65535, or a port alias."); |
