extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-25 09:03:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct parsing of the hosts file:

Browse Source 
1) Fixed IPv6 parsing of the HOSTS column
2) Properly detect IPv4 loopback violations

Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2024-03-03 09:54:33 -08:00
parent 11fb1ab6cf
commit f21d8b2a27
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -2207,23 +2207,24 @@ sub process_host( ) {
fatal_error "Invalid HOST(S) column contents: $hosts"; fatal_error "Invalid HOST(S) column contents: $hosts";
} }
} elsif ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>$/ || } elsif ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>$/ ||
$hosts =~ /^([\w.@%-]+\+?)\[(.*)\]$/ || $hosts =~ /^([\w.@%-]+\+?):\[(.*)\]$/ ||
$hosts =~ /^([\w.@%-]+\+?):(!?\[.+\](?:\/\d+)?)$/ || $hosts =~ /^([\w.@%-]+\+?):(!?\[.+\](?:\/\d+)?)$/ ||
$hosts =~ /^([\w.@%-]+\+?):(!?\+.*)$/ || $hosts =~ /^([\w.@%-]+\+?):(!?\+.*)$/ ||
$hosts =~ /^([\w.@%-]+\+?):(dynamic)$/ ) { $hosts =~ /^([\w.@%-]+\+?):(dynamic)$/ ) {
$interface = $1; $interface = $1;
$hosts = $2; $hosts = $2;
fatal_error "Unknown interface ($interface)" unless ($interfaceref = $interfaces{$interface}) && $interfaceref->{root}; fatal_error "Unknown interface ($interface)" unless ($interfaceref = $interfaces{$interface}) && $interfaceref->{root};
fatal_error "Unmanaged interfaces may not be associated with a zone" if $interfaceref->{unmanaged};
$interface = $interfaceref->{name}; $interface = $interfaceref->{name};
if ( $interfaceref->{physical} eq $loopback_interface ) {
fatal_error "Only a loopback zone may be associated with the loopback interface ($loopback_interface)" if $type != LOOPBACK;
} else {
fatal_error "Loopback zones may only be associated with the loopback interface ($loopback_interface)" if $type == LOOPBACK;
}
} else { } else {
fatal_error "Invalid HOST(S) column contents: $hosts" fatal_error "Invalid HOST(S) column contents: $hosts";
}
fatal_error "Unmanaged interfaces may not be associated with a zone" if $interfaceref->{unmanaged};
if ( $interfaceref->{physical} eq $loopback_interface ) {
fatal_error "Only a loopback zone may be associated with the loopback interface ($loopback_interface)" if $type != LOOPBACK;
} else {
fatal_error "Loopback zones may only be associated with the loopback interface ($loopback_interface)" if $type == LOOPBACK;
} }
if ( $hosts =~ /^!?\+/ ) { if ( $hosts =~ /^!?\+/ ) {