holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Allow IP range in the hosts file

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-10-07 17:40:42 -07:00
parent 431309678a
commit b7e6b1aa41
2 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall/Perl/Shorewall/IPAddrs.pm
View File

@ -228,6 +228,8 @@ sub validate_4range( $$ ) {
my $last = decodeaddr $high; my $last = decodeaddr $high;
fatal_error "Invalid IP Range ($low-$high)" unless $first <= $last; fatal_error "Invalid IP Range ($low-$high)" unless $first <= $last;
"$low-$high";
} }
sub validate_4host( $$ ) { sub validate_4host( $$ ) {
@ -690,11 +692,13 @@ sub validate_6range( $$ ) {
while ( @low ) { while ( @low ) {
my ( $l, $h) = ( shift @low, shift @high ); my ( $l, $h) = ( shift @low, shift @high );
next if hex "0x$l" == hex "0x$h"; next if hex "0x$l" == hex "0x$h";
return 1 if hex "0x$l" < hex "0x$h"; return "$low-$high" if hex "0x$l" < hex "0x$h";
last; last;
} }
fatal_error "Invalid IPv6 Range ($low-$high)"; fatal_error "Invalid IPv6 Range ($low-$high)";
} }
sub validate_6host( $$ ) { sub validate_6host( $$ ) {

11
Shorewall/Perl/Shorewall/Zones.pm
View File

@ -763,8 +763,6 @@ sub add_group_to_zone($$$$$)
$new = \@exclusions; $new = \@exclusions;
} }
$host = validate_net( $host, 1 ) unless $host =~ /^\+/;
unless ( $switched ) { unless ( $switched ) {
if ( $type == $zonetype ) { if ( $type == $zonetype ) {
fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if $interfaces{$interface}{zone} eq $zone; fatal_error "Duplicate Host Group ($interface:$host) in zone $zone" if $interfaces{$interface}{zone} eq $zone;
@ -787,7 +785,7 @@ sub add_group_to_zone($$$$$)
fatal_error "Invalid ipset name ($host)" unless $host =~ /^\+(6_)?[a-zA-Z][-\w]*$/; fatal_error "Invalid ipset name ($host)" unless $host =~ /^\+(6_)?[a-zA-Z][-\w]*$/;
require_capability( 'IPSET_MATCH', 'Ipset names in host lists', ''); require_capability( 'IPSET_MATCH', 'Ipset names in host lists', '');
} else { } else {
validate_host $host, 0; $host = validate_host $host, 0;
} }
push @$new, $host; push @$new, $host;
@ -1819,9 +1817,10 @@ sub process_host( ) {
} else { } else {
fatal_error "Invalid HOST(S) column contents: $hosts"; fatal_error "Invalid HOST(S) column contents: $hosts";
} }
} elsif ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>$/ || } elsif ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>$/ ||
$hosts =~ /^([\w.@%-]+\+?):\[(.*)\]$/ || $hosts =~ /^([\w.@%-]+\+?)\[(.*)\]$/ ||
$hosts =~ /^([\w.@%-]+\+?):(\[.+\](?:\/\d+)?)$/ || $hosts =~ /^([\w.@%-]+\+?):(!?\[.+\](?:\/\d+)?)$/ ||
$hosts =~ /^([\w.@%-]+\+?):(!?\+.*)$/ ||
$hosts =~ /^([\w.@%-]+\+?):(dynamic)$/ ) { $hosts =~ /^([\w.@%-]+\+?):(dynamic)$/ ) {
$interface = $1; $interface = $1;
$hosts = $2; $hosts = $2;