| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
| |
The GUI should show descriptions according to what's selected from the dropdown, but currently does not for URL Table (IPs) and URL Table (Ports) type of aliases.
|
|\ |
|
| |
| |
| |
| |
| |
| | |
If you click "+" to add an alias, then press Save without entering anything, you get:
Warning: Invalid argument supplied for foreach() in /usr/local/www/firewall_aliases_edit.php on line 402
as well as the various messages related to $input_errors.
This change ensures that $input_addresses array always exists (even if it has no real entries) so that the foreach() warning does not happen.
|
|/
|
|
|
|
|
|
|
|
|
| |
If there is an input error then the edit page is redrawn showing the
input errors. The HTTP_REFERER becomes the current page, rather than the
true original referer. Then if you click Cancel the current page is just
redrawn.
This change makes the code remember the original referer, so if the user
enters some invalid data, presses Save, reads the input error messages
then presses Cancel they are taken back out to the original page - the
same as if Cancel was used before Save.
|
|
|
|
|
|
|
| |
and other random stuff I noticed.
I think this finishes messing with code style. The codebase should match
the developer style guide closely enough that 99.9% of changes will not
feel the need to also massage the formatting.
|
|
|
|
| |
The old advancedoutbound key in config.xml is now called outbound.
|
| |
|
|
|
|
| |
should fix #4238
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Move redundant code to a function parse_aliases_file(). Before the max
number of items was not being respected when URL content is updated,
only when alias was saved. Same was happening with ip/subnet/port
validation and user could end up with a bad pf.conf
- Remove unused variables
These changes were based on Pull Request #1264. It should fix #4189
Submitted by:▸ PiBa-NL
|
|
|
|
|
| |
and module names and other bits of formatting and typos in header
comment sections.
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| |
| | |
When entering a host alias, if the user put an IP range (like 192.168.0.10-192.168.0.20) or a subnet (like 192.168.1.200/29) then expand it into a list of individual IP addresses. Check that it will not make too many rows to exceed the existing 5000 row limit on the GUI.
Note: expanding ranges and subnets like this is only for IPv4 for now. Entering an IPv6 range or subnet in a hosts alias will display a message telling the user that is not supported - it could be done in future but currently the routines that convert this stuff are only for IPv4.
I have done as much validation as I can think of, and where there is a problem the original user-entered data is preserved for re-display, as well as the input errors being displayed. So IMO it should be self-documenting.
|
| |
| |
| | |
to minimize risk of a problem when adding code here in the future.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently if you enter a space-separated list of subnets in the IP address box when entering an alias, the code reports that the data is invalid. But it does actually expand the list of subnets into multiple rows, and enters the various subnet CIDRs into the CIDR column for the user. The user can press Save a second time and the data is now valid so the code saves it happily. This is rather odd, as reported in redmine #3890.
Also, if you input an IP range (e.g. 192.168.20.0-192.168.20.30) plus description and in the 2nd row put some other subnet and description, the range is correctly expanded, but the description only appears against the 1st subnet of the range. The description from the 2nd row ends up as the description against the 2nd subnet of the range, and the rest of the descriptions are blank. i.e. the descriptions do not get copied and pushed down as the IP ranges are expanded.
This change fixes all that stuff by first parsing the posted data and expanding any IP ranges and/or space-separated lists, building arrays that have all their entries lined up:
$input_addresses[]
$input_address_subnet[]
$final_address_details[]
which are then validated.
This is for master (2.2) branch. Actually it was not too difficult to integrate.
|
|/ |
|
|
|
|
|
|
| |
If type URL Table then the heading "Description" on the 3rd column gets suppressed (I am not really sure why that is, since the description data entry box still appears - I guess someone intended that the data entry box itself also be suppressed, since URL Table takes just a single line entry, the overall description of the alias should be enough - no need for a per-line description.)
In any case, if the user then selects some other Alias Type, the "Description" heading on the 3rd column is not re-enabled.
This change fixes that.
I also implemented what is suggested in Redmine #3893 - making the 1st column heading say "IP or FQDN", "Network or FQDN". IMHO that looks fine on the UI and cannot do any harm. (and yes, the longer explanatory text already tells the user that an FQDN is allowed in these cases.)
|
|
|
|
|
|
|
|
|
|
|
| |
While looking at other checks in the code I noticed this check. It was not effective anyway, because the first line inside "if ($_POST)" below does
unset($input_errors);
which undoes this check anyway.
In any case the check is not relevant. For example I might have interface WAN with description (which is really the alternate/display name for an interface) as MYISP.
I cannot also have an Alias with name MYISP - that is checked for already later in the code.
But I can have an Alias with description MYISP - in the case of an Alias the description really is just helpful text for the user, it is the name that really counts for use in the pf configuration.
So the code is not needed.
|
|
|
|
| |
HTTP_REFERER, there are a couple of places I didn't touch on this commit because it requires more work
|
|
|
|
| |
specific cases. Make necessary adjustments after check all is_port() calls. It fixes #3857
|
|
|
|
| |
extra check. Ticket #3827
|
|
|
|
| |
back to the user.
|
|
|
|
| |
current method has issues with IE 11, it should fix #3728
|
|
|
|
| |
they are numeric integer, also, pass them through htmlspecialchars() before print
|
|
|
|
|
|
|
| |
Improve data validation to avoid save a host/subnet or a IPv4 with
invalid mask. The reported error is on javascript and only happen on
IE8,but this fix will prevent the same issue happening in the future on
a different browser.
|
|
|
|
| |
data validation from: Brian Candler. It prevents putting a subnet in the address field since it then breaks the whole filter generation process
|
| |
|
|
|
|
| |
exec() calls by php functions like symlink, copy, unlink, mkdir
|
|
|
| |
Thanks to Grischa Zengel for spotting the semi-colon at the end of the "if" line that was the real cause. Please also back merge this to 2.1 branch.
|
|
|
|
| |
The descriptions of each entry in an alias are stored in config.xml as a list delimited by "||". So you cannot have "||" in the actual description (or the description effectively splits into the next entry). Also you cannot start or end the description with "|" or it will be very confusing having the config with "|||" in it.
This code validates all that sort of invalid input.
|
|
|
| |
Fixes #3376. I have no idea what the "^" characters were meant to do, but removing them makes the CIDR/Update Freq value be displayed correctly when editing. Will there be some other side-effect from removing the "^"?
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Only explode '/' and set address_subnet when address is a subnet, it
fixes issue reported at #3242
- While I'm here, do some cleanup on the way addresses are treated
- Remove unecessary variable $tracker, we already have $counter set
with the same value
- Use if:endif and while:endwhile where there is html block inside the
block
- Use more meaning names for variables instead of item, item2, item3
and item4
- Use while($counter <= $count()) instead of using foreach referencing
array using $counter inside
|
|
|
|
|
|
| |
. Create a list of reserved table names for the hardcoded ones
. Use this list to validate aliases and load balance pool names
. Check if alias names don't conflict with LB pool names and vice-versa
|
| |
|
| |
|
|
|
| |
When viewing the Port or URL aliases tab, and pressing "+" (add), make the default alias type match the Port or URL tab from which the user pressed "+".
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
an error.
|
| |
|
| |
|