From 4108dee880e7fd552d588101ce383938803eb149 Mon Sep 17 00:00:00 2001
From: Seth Mos <seth.mos@dds.nl>
Date: Wed, 24 Aug 2011 21:21:24 +0200
Subject: Catch another possiblity for invalid rule generation

---
 usr/local/www/firewall_rules_edit.php | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'usr/local/www/firewall_rules_edit.php')

diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php
index 3f207a1..21fee77 100755
--- a/usr/local/www/firewall_rules_edit.php
+++ b/usr/local/www/firewall_rules_edit.php
@@ -355,6 +355,10 @@ if ($_POST) {
 	if((is_ipaddr($_POST['src']) && is_ipaddr($_POST['dst']))) {
 		if(!validate_address_family($_POST['src'], $_POST['dst']))
 			$input_errors[] = sprintf(gettext("The Source IP address %s Address Family differs from the destination %s."), $_POST['src'], $_POST['dst']);
+		if((is_ipaddrv6($_POST['src']) || is_ipaddrv6($_POST['dst'])) && ($_POST['ipprotocol'] == "inet"))
+			$input_errors[] = gettext("You can not use IPv6 addresses in IPv4 rules.");
+		if((is_ipaddrv4($_POST['src']) || is_ipaddrv4($_POST['dst'])) && ($_POST['ipprotocol'] == "inet6"))
+			$input_errors[] = gettext("You can not use IPv4 addresses in IPv6 rules.");
 	}
 
 	if ($_POST['srcbeginport'] > $_POST['srcendport']) {
-- 
cgit v1.1