diff options
| -rwxr-xr-x | usr/local/www/firewall_aliases_edit.php | 5 | ||||
| -rwxr-xr-x | usr/local/www/firewall_nat_1to1_edit.php | 7 | ||||
| -rwxr-xr-x | usr/local/www/firewall_nat_edit.php | 17 | ||||
| -rw-r--r-- | usr/local/www/firewall_nat_npt_edit.php | 5 | ||||
| -rwxr-xr-x | usr/local/www/firewall_nat_out_edit.php | 17 | ||||
| -rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 28 | ||||
| -rwxr-xr-x | usr/local/www/firewall_virtual_ip_edit.php | 3 |
7 files changed, 61 insertions, 21 deletions
diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index e11d32e..64b9c56 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -179,6 +179,7 @@ if ($_POST) { /* item is a url type */ if ($_POST['address0']) { /* fetch down and add in */ + $_POST['address0'] = trim($_POST['address0']); $isfirst = 0; $address = ""; $alias['url'] = $_POST['address0']; @@ -196,7 +197,8 @@ if ($_POST) { $address_count = 2; /* item is a url type */ - for($x=0; isset($_POST['address'. $x]); $x++) { + for($x=0; isset($_POST['address' . $x]); $x++) { + $_POST['address' . $x] = trim($_POST['address' . $x]); if($_POST['address' . $x]) { /* fetch down and add in */ $isfirst = 0; @@ -250,6 +252,7 @@ if ($_POST) { $wrongaliases = ""; for($x=0; $x<4999; $x++) { if($_POST["address{$x}"] <> "") { + $_POST["address{$x}"] = trim($_POST["address{$x}"]); if (is_alias($_POST["address{$x}"])) { if (!alias_same_type($_POST["address{$x}"], $_POST['type'])) // But alias type network can include alias type urltable. Feature#1603. diff --git a/usr/local/www/firewall_nat_1to1_edit.php b/usr/local/www/firewall_nat_1to1_edit.php index d6dc9af..db79f6f 100755 --- a/usr/local/www/firewall_nat_1to1_edit.php +++ b/usr/local/www/firewall_nat_1to1_edit.php @@ -123,6 +123,13 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + if ($_POST['external']) + $_POST['external'] = trim($_POST['external']); + if ($_POST['src']) + $_POST['src'] = trim($_POST['src']); + if ($_POST['dst']) + $_POST['dst'] = trim($_POST['dst']); + if (is_specialnet($_POST['srctype'])) { $_POST['src'] = $_POST['srctype']; $_POST['srcmask'] = 0; diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index ad91112..b50967b 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -113,9 +113,9 @@ if ($_POST) { if(strtoupper($_POST['proto']) == "TCP" || strtoupper($_POST['proto']) == "UDP" || strtoupper($_POST['proto']) == "TCP/UDP") { if ($_POST['srcbeginport_cust'] && !$_POST['srcbeginport']) - $_POST['srcbeginport'] = $_POST['srcbeginport_cust']; + $_POST['srcbeginport'] = trim($_POST['srcbeginport_cust']); if ($_POST['srcendport_cust'] && !$_POST['srcendport']) - $_POST['srcendport'] = $_POST['srcendport_cust']; + $_POST['srcendport'] = trim($_POST['srcendport_cust']); if ($_POST['srcbeginport'] == "any") { $_POST['srcbeginport'] = 0; @@ -128,9 +128,9 @@ if ($_POST) { $_POST['srcendport'] = $_POST['srcbeginport']; if ($_POST['dstbeginport_cust'] && !$_POST['dstbeginport']) - $_POST['dstbeginport'] = $_POST['dstbeginport_cust']; + $_POST['dstbeginport'] = trim($_POST['dstbeginport_cust']); if ($_POST['dstendport_cust'] && !$_POST['dstendport']) - $_POST['dstendport'] = $_POST['dstendport_cust']; + $_POST['dstendport'] = trim($_POST['dstendport_cust']); if ($_POST['dstbeginport'] == "any") { $_POST['dstbeginport'] = 0; @@ -143,7 +143,7 @@ if ($_POST) { $_POST['dstendport'] = $_POST['dstbeginport']; if ($_POST['localbeginport_cust'] && !$_POST['localbeginport']) - $_POST['localbeginport'] = $_POST['localbeginport_cust']; + $_POST['localbeginport'] = trim($_POST['localbeginport_cust']); /* Make beginning port end port if not defined and endport is */ if (!$_POST['srcbeginport'] && $_POST['srcendport']) @@ -209,6 +209,13 @@ if ($_POST) { $_POST['dstendport'] = 0; } + if ($_POST['src']) + $_POST['src'] = trim($_POST['src']); + if ($_POST['dst']) + $_POST['dst'] = trim($_POST['dst']); + if ($_POST['localip']) + $_POST['localip'] = trim($_POST['localip']); + if (!isset($_POST['nordr']) && ($_POST['localip'] && !is_ipaddroralias($_POST['localip']))) { $input_errors[] = sprintf(gettext("\"%s\" is not a valid redirect target IP address or host alias."), $_POST['localip']); } diff --git a/usr/local/www/firewall_nat_npt_edit.php b/usr/local/www/firewall_nat_npt_edit.php index 3537186..ee03792 100644 --- a/usr/local/www/firewall_nat_npt_edit.php +++ b/usr/local/www/firewall_nat_npt_edit.php @@ -116,6 +116,11 @@ if ($_POST) { $natent['descr'] = $_POST['descr']; $natent['interface'] = $_POST['interface']; + if ($_POST['src']) + $_POST['src'] = trim($_POST['src']); + if ($_POST['dst']) + $_POST['dst'] = trim($_POST['dst']); + pconfig_to_address($natent['source'], $_POST['src'], $_POST['srcmask'], $_POST['srcnot']); diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 2ef7210..62d0ecc 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -133,13 +133,26 @@ if ($_POST) { $protocol_uses_ports = in_array($_POST['protocol'], explode(" ", "any tcp udp tcp/udp")); + if ($_POST['source']) + $_POST['source'] = trim($_POST['source']); + if ($_POST['destination']) + $_POST['destination'] = trim($_POST['destination']); + if ($_POST['targetip']) + $_POST['targetip'] = trim($_POST['targetip']); + if ($_POST['sourceport']) + $_POST['sourceport'] = trim($_POST['sourceport']); + if ($_POST['dstport']) + $_POST['dstport'] = trim($_POST['dstport']); + if ($_POST['natport']) + $_POST['natport'] = trim($_POST['natport']); + if($protocol_uses_ports && $_POST['sourceport'] <> "" && !is_portoralias($_POST['sourceport'])) $input_errors[] = gettext("You must supply either a valid port or port alias for the source port entry."); - if($protocol_uses_ports and $_POST['dstport'] <> "" and !is_portoralias($_POST['dstport'])) + if($protocol_uses_ports && $_POST['dstport'] <> "" && !is_portoralias($_POST['dstport'])) $input_errors[] = gettext("You must supply either a valid port or port alias for the destination port entry."); - if($protocol_uses_ports and $_POST['natport'] <> "" and !is_port($_POST['natport']) and !isset($_POST['nonat'])) + if($protocol_uses_ports && $_POST['natport'] <> "" && !is_port($_POST['natport']) && !isset($_POST['nonat'])) $input_errors[] = gettext("You must supply a valid port for the nat port entry."); if ($_POST['source_type'] != "any") { diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 2629731..8b24f46 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -228,19 +228,16 @@ if ($_POST) { } } - if (($_POST['proto'] != "tcp") && ($_POST['proto'] != "udp") && ($_POST['proto'] != "tcp/udp")) { $_POST['srcbeginport'] = 0; $_POST['srcendport'] = 0; $_POST['dstbeginport'] = 0; $_POST['dstendport'] = 0; } else { - if ($_POST['srcbeginport_cust'] && !$_POST['srcbeginport']) - $_POST['srcbeginport'] = $_POST['srcbeginport_cust']; + $_POST['srcbeginport'] = trim($_POST['srcbeginport_cust']); if ($_POST['srcendport_cust'] && !$_POST['srcendport']) - $_POST['srcendport'] = $_POST['srcendport_cust']; - + $_POST['srcendport'] = trim($_POST['srcendport_cust']); if ($_POST['srcbeginport'] == "any") { $_POST['srcbeginport'] = 0; $_POST['srcendport'] = 0; @@ -252,9 +249,9 @@ if ($_POST) { $_POST['srcendport'] = $_POST['srcbeginport']; if ($_POST['dstbeginport_cust'] && !$_POST['dstbeginport']) - $_POST['dstbeginport'] = $_POST['dstbeginport_cust']; + $_POST['dstbeginport'] = trim($_POST['dstbeginport_cust']); if ($_POST['dstendport_cust'] && !$_POST['dstendport']) - $_POST['dstendport'] = $_POST['dstendport_cust']; + $_POST['dstendport'] = trim($_POST['dstendport_cust']); if ($_POST['dstbeginport'] == "any") { $_POST['dstbeginport'] = 0; @@ -325,12 +322,12 @@ if ($_POST) { if ($_POST['srcbeginport'] && !is_portoralias($_POST['srcbeginport'])) $input_errors[] = sprintf(gettext("%s is not a valid start source port. It must be a port alias or integer between 1 and 65535."),$_POST['srcbeginposrt']); - if ($_POST['srcendport'] && !is_portoralias($_POST['srcendport'])) - $input_errors[] = sprintf(gettext("%s is not a valid end source port. It must be a port alias or integer between 1 and 65535."),$_POST['srcendport']); - if ($_POST['dstbeginport'] && !is_portoralias($_POST['dstbeginport'])) - $input_errors[] = sprintf(gettext("%s is not a valid start destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstbeginport']); - if ($_POST['dstendport'] && !is_portoralias($_POST['dstendport'])) - $input_errors[] = sprintf(gettext("%s is not a valid end destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstendport']); + if ($_POST['srcendport'] && !is_portoralias($_POST['srcendport'])) + $input_errors[] = sprintf(gettext("%s is not a valid end source port. It must be a port alias or integer between 1 and 65535."),$_POST['srcendport']); + if ($_POST['dstbeginport'] && !is_portoralias($_POST['dstbeginport'])) + $input_errors[] = sprintf(gettext("%s is not a valid start destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstbeginport']); + if ($_POST['dstendport'] && !is_portoralias($_POST['dstendport'])) + $input_errors[] = sprintf(gettext("%s is not a valid end destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstendport']); if ( !$_POST['srcbeginport_cust'] && $_POST['srcendport_cust']) if (is_alias($_POST['srcendport_cust'])) $input_errors[] = 'If you put port alias in Source port range to: field you must put the same port alias in from: field'; @@ -352,6 +349,11 @@ if ($_POST) { $input_errors[] = 'You cannot specify numbers and port aliases at the same time in Destination port range from: and to: field'; } + if ($_POST['src']) + $_POST['src'] = trim($_POST['src']); + if ($_POST['dst']) + $_POST['dst'] = trim($_POST['dst']); + /* if user enters an alias and selects "network" then disallow. */ if($_POST['srctype'] == "network") { if(is_alias($_POST['src'])) diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index df176f9..c0a21dc 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -107,6 +107,9 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + if ($_POST['subnet']) + $_POST['subnet'] = trim($_POST['subnet']); + if (($_POST['subnet'] && !is_ipaddr($_POST['subnet']))) $input_errors[] = gettext("A valid IP address must be specified."); |
