From e6283dfd0c71862431862adf5a7aab9e90ab9239 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ermal=20LU=C3=87I?= Date: Thu, 27 Nov 2014 21:43:41 +0100 Subject: Use the pfsense module functions rather than execing. Fixes also possible attack vectors. --- usr/local/www/diag_dump_states.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'usr') diff --git a/usr/local/www/diag_dump_states.php b/usr/local/www/diag_dump_states.php index 4e1891f..de11a90 100755 --- a/usr/local/www/diag_dump_states.php +++ b/usr/local/www/diag_dump_states.php @@ -46,8 +46,8 @@ require_once("interfaces.inc"); /* handle AJAX operations */ if(isset($_POST['action']) && $_POST['action'] == "remove") { if (isset($_POST['srcip']) && isset($_POST['dstip']) && is_ipaddr($_POST['srcip']) && is_ipaddr($_POST['dstip'])) { - $retval = mwexec("/sbin/pfctl -k " . escapeshellarg($_POST['srcip']) . " -k " . escapeshellarg($_POST['dstip'])); - echo htmlentities("|{$_POST['srcip']}|{$_POST['dstip']}|{$retval}|"); + $retval = pfSense_kill_states($_POST['srcip'], $_POST['dstip']); + echo htmlentities("|{$_POST['srcip']}|{$_POST['dstip']}|0|"); } else { echo gettext("invalid input"); } @@ -56,16 +56,16 @@ if(isset($_POST['action']) && $_POST['action'] == "remove") { if (isset($_POST['filter']) && isset($_POST['killfilter'])) { if (is_ipaddr($_POST['filter'])) { - $tokill = escapeshellarg($_POST['filter'] . "/32"); + $tokill = $_POST['filter'] . "/32"; } elseif (is_subnet($_POST['filter'])) { - $tokill = escapeshellarg($_POST['filter']); + $tokill = $_POST['filter']; } else { // Invalid filter $tokill = ""; } if (!empty($tokill)) { - $retval = mwexec("/sbin/pfctl -k {$tokill} -k 0/0"); - $retval = mwexec("/sbin/pfctl -k 0.0.0.0/0 -k {$tokill}"); + $retval = pfSense_kill_states($tokill); + $retval = pfSense_kill_states("0.0.0.0/0", $tokill); } } -- cgit v1.1