extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improve error message generated when a token beginning with '+' reaches validate_net()

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-09-26 07:56:55 -07:00
parent 74f1cb2443
commit 2828b65326
1 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Shorewall/Perl/Shorewall/IPAddrs.pm
View File

@ -184,7 +184,16 @@ sub validate_4net( $$ ) {
$net = '' unless defined $net; $net = '' unless defined $net;
fatal_error "Missing address" if $net eq ''; fatal_error "Missing address" if $net eq '';
fatal_error "An ipset name ($net) is not allowed in this context" if substr( $net, 0, 1 ) eq '+';
if ( $net =~ /\+(\[?)/ ) {
if ( $1 ) {
fatal_error "An ipset list ($net) is not allowed in this context";
} elsif ( $net =~ /^\+[a-zA-Z][-\w]+$/ ) {
fatal_error "An ipset name ($net) is not allowed in this context";
} else {
fatal_error "Invalid ipset name ($net)";
}
}
if ( defined $vlsm ) { if ( defined $vlsm ) {
fatal_error "Invalid VLSM ($vlsm)" unless $vlsm =~ /^\d+$/ && $vlsm <= 32; fatal_error "Invalid VLSM ($vlsm)" unless $vlsm =~ /^\d+$/ && $vlsm <= 32;
@ -540,7 +549,15 @@ sub validate_6net( $$ ) {
my ($net, $vlsm, $rest) = split( '/', $_[0], 3 ); my ($net, $vlsm, $rest) = split( '/', $_[0], 3 );
my $allow_name = $_[1]; my $allow_name = $_[1];
fatal_error "An ipset name ($net) is not allowed in this context" if substr( $net, 0, 1 ) eq '+'; if ( $net =~ /\+(\[?)/ ) {
if ( $1 ) {
fatal_error "An ipset list ($net) is not allowed in this context";
} elsif ( $net =~ /^\+[a-zA-Z][-\w]+$/ ) {
fatal_error "An ipset name ($net) is not allowed in this context";
} else {
fatal_error "Invalid ipset name ($net)";
}
}
if ( defined $vlsm ) { if ( defined $vlsm ) {
fatal_error "Invalid VLSM ($vlsm)" unless $vlsm =~ /^\d+$/ && $vlsm <= 128; fatal_error "Invalid VLSM ($vlsm)" unless $vlsm =~ /^\d+$/ && $vlsm <= 128;