From 207db033b88761933541f8b2f6ebd51b0a177e50 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Tue, 1 Feb 2011 12:58:05 -0800 Subject: [PATCH] Disallow '.' in accounting and manual chain names --- Shorewall/Perl/Shorewall/Chains.pm | 4 ++-- manpages/shorewall-accounting.xml | 3 ++- manpages6/shorewall6-accounting.xml | 3 ++- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm index 803264193..cffb24b88 100644 --- a/Shorewall/Perl/Shorewall/Chains.pm +++ b/Shorewall/Perl/Shorewall/Chains.pm @@ -1262,7 +1262,7 @@ sub ensure_accounting_chain( $$ ) fatal_error "Non-accounting chain ($chain) used in an accounting rule" unless $chainref->{accounting}; } else { fatal_error "Chain name ($chain) too long" if length $chain > 29; - fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w.]+$/; + fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w]+$/; $chainref = new_chain 'filter' , $chain; $chainref->{accounting} = 1; $chainref->{referenced} = 1; @@ -1351,7 +1351,7 @@ sub new_nat_chain($) { sub new_manual_chain($) { my $chain = $_[0]; fatal_error "Chain name ($chain) too long" if length $chain > 29; - fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w.]+$/; + fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w]+$/; fatal_error "Duplicate Chain Name ($chain)" if $targets{$chain} || $filter_table->{$chain}; $targets{$chain} = CHAIN; ( my $chainref = ensure_filter_chain( $chain, 0) )->{manual} = 1; diff --git a/manpages/shorewall-accounting.xml b/manpages/shorewall-accounting.xml index e315bb0ad..f20f7f44b 100644 --- a/manpages/shorewall-accounting.xml +++ b/manpages/shorewall-accounting.xml @@ -74,7 +74,8 @@ role="bold">:COUNT is included, a counting rule matching this entry will be added to chain. The chain may - not exceed 29 characters in length. + not exceed 29 characters in length and may be composed of + letters, digits, dash ('-') and underscore ('_'). diff --git a/manpages6/shorewall6-accounting.xml b/manpages6/shorewall6-accounting.xml index d8928d6fb..c9dcd7d64 100644 --- a/manpages6/shorewall6-accounting.xml +++ b/manpages6/shorewall6-accounting.xml @@ -74,7 +74,8 @@ role="bold">:COUNT is included, a counting rule matching this entry will be added to chain. The chain may - not exceed 29 characters in length. + not exceed 29 characters in length and may be composed of + letters, digits, dash ('-') and underscore ('_').