diff options
author | Renato Botelho <garga@FreeBSD.org> | 2013-10-16 09:16:00 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2013-10-16 09:18:29 -0300 |
commit | 78b0e51e9a135804bfea307ea30c25fe16473da1 (patch) | |
tree | ac3bf06f8119cca4208f13228499c8856576d786 /usr | |
parent | 4a913451bba01ac65dcaedf31e24fcd938bbe0a2 (diff) | |
download | pfsense-78b0e51e9a135804bfea307ea30c25fe16473da1.zip pfsense-78b0e51e9a135804bfea307ea30c25fe16473da1.tar.gz |
Fix #3268 - avoid pf table names conflict:
. Create a list of reserved table names for the hardcoded ones
. Use this list to validate aliases and load balance pool names
. Check if alias names don't conflict with LB pool names and vice-versa
Diffstat (limited to 'usr')
-rwxr-xr-x | usr/local/www/firewall_aliases_edit.php | 14 | ||||
-rwxr-xr-x | usr/local/www/load_balancer_pool_edit.php | 8 |
2 files changed, 17 insertions, 5 deletions
diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index cee13ef..5e9e5a5 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -44,10 +44,6 @@ ##|*MATCH=firewall_aliases_edit.php* ##|-PRIV - -// Keywords not allowed in names -$reserved_keywords = array("all", "pass", "block", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec"); - require("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); @@ -55,8 +51,16 @@ require_once("shaper.inc"); $pgtitle = array(gettext("Firewall"),gettext("Aliases"),gettext("Edit")); +// Keywords not allowed in names +$reserved_keywords = array("all", "pass", "block", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec"); + +// Add all Load balance names to resrved_keywords +if (is_array($config['load_balancer']['lbpool'])) + foreach ($config['load_balancer']['lbpool'] as $lbpool) + $reserved_keywords[] = $lbpool['name']; + $reserved_ifs = get_configured_interface_list(false, true); -$reserved_keywords = array_merge($reserved_keywords, $reserved_ifs); +$reserved_keywords = array_merge($reserved_keywords, $reserved_ifs, $reserved_table_names); if (!is_array($config['aliases']['alias'])) $config['aliases']['alias'] = array(); diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php index 32b2e4f..a47b8c8 100755 --- a/usr/local/www/load_balancer_pool_edit.php +++ b/usr/local/www/load_balancer_pool_edit.php @@ -40,6 +40,8 @@ ##|-PRIV require("guiconfig.inc"); +require_once("filter.inc"); +require_once("util.inc"); if (!is_array($config['load_balancer']['lbpool'])) { $config['load_balancer']['lbpool'] = array(); @@ -85,6 +87,12 @@ if ($_POST) { if (strpos($_POST['name'], " ") !== false) $input_errors[] = gettext("You cannot use spaces in the 'name' field."); + if (in_array($_POST['name'], $reserved_table_names)) + $input_errors[] = sprintf(gettext("The name '%s' is a reserved word and cannot be used."), $_POST['name']); + + if (is_alias($_POST['name'])) + $input_errors[] = sprintf(gettext("Sorry, an alias is already named %s."), $_POST['name']); + if (!is_portoralias($_POST['port'])) $input_errors[] = gettext("The port must be an integer between 1 and 65535, or a port alias."); |