Project

General

Profile

Bug #1639

Port alias missing input validation in firewall_rules_edit.php

Added by Chris Buechler about 8 years ago. Updated almost 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Rules/NAT
Target version:
Start date:
07/03/2011
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.0
Affected Architecture:

Description

A port alias can be assigned only as the "to" or "from" port, which is invalid and results in a pf syntax error. If an alias is used, it must either be in the "from" box only, or in "from" and "to" both, a numeric port cannot be in either field when a port alias is specified.

Associated revisions

Revision 5909b520 (diff)
Added by Evgeny Yurchenko about 8 years ago

Bug #1639. Port alias missing input validation in firewall_rules_edit.php.

Revision cfceda6d (diff)
Added by Evgeny Yurchenko about 8 years ago

Bug #1639. Port alias missing input validation in firewall_rules_edit.php.

History

#1 Updated by Evgeny Yurchenko about 8 years ago

A port alias can be assigned only as the "to" or "from" port, which is invalid and results in a pf syntax error.

I did not manage to reproduce. If I put port alias only in from: and leave to: empty it is properly applied as if 'to=from'. If I put port alias only in to: leaving empty from: it is ignored and applied as 'to=from=any'.

#3 Updated by Ermal Luçi about 8 years ago

  • Status changed from New to Feedback

#4 Updated by Ermal Luçi about 8 years ago

Isnt this commit a bit drastic?
Possibly just check impossible combination should be enough?

#5 Updated by Evgeny Yurchenko about 8 years ago

Basically it checks for invalid combinations. I did not feel safe to call is_alias(something) without making sure 'something' is set. We can remove this things.

#6 Updated by Chris Buechler almost 8 years ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF