Project

General

Profile

Actions

Bug #1639

closed

Port alias missing input validation in firewall_rules_edit.php

Added by Chris Buechler over 10 years ago. Updated over 10 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
Start date:
07/03/2011
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

A port alias can be assigned only as the "to" or "from" port, which is invalid and results in a pf syntax error. If an alias is used, it must either be in the "from" box only, or in "from" and "to" both, a numeric port cannot be in either field when a port alias is specified.

Actions #1

Updated by Evgeny Yurchenko over 10 years ago

A port alias can be assigned only as the "to" or "from" port, which is invalid and results in a pf syntax error.

I did not manage to reproduce. If I put port alias only in from: and leave to: empty it is properly applied as if 'to=from'. If I put port alias only in to: leaving empty from: it is ignored and applied as 'to=from=any'.

Actions #3

Updated by Ermal Luçi over 10 years ago

  • Status changed from New to Feedback
Actions #4

Updated by Ermal Luçi over 10 years ago

Isnt this commit a bit drastic?
Possibly just check impossible combination should be enough?

Actions #5

Updated by Evgeny Yurchenko over 10 years ago

Basically it checks for invalid combinations. I did not feel safe to call is_alias(something) without making sure 'something' is set. We can remove this things.

Actions #6

Updated by Chris Buechler over 10 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF