Bug #173
closed
Missing input validation for gateways
Added by Chris Buechler about 15 years ago.
Updated almost 15 years ago.
Description
system_gateways_edit.php does not sanity check entries. Two checks should be added:
1) The gateway IP is within the IP subnet of the interface selected
2) The monitor IP is not used on any other gateway (otherwise the static routes can't be added properly)
- Status changed from New to Feedback
- Assignee set to Seth Mos
- % Done changed from 0 to 100
- Status changed from Feedback to New
- % Done changed from 100 to 0
Seth Mos wrote:
The monitor IP check was caused by a incorrect variable name which was fixed in #166.
Adding code for subnet check and comitting that.
- Status changed from New to Feedback
- % Done changed from 0 to 70
unexpected ',' on line 97
The parse error is now gone, but upon further inspection I can create empty array entries by attempting to delete a gateway entry.
- Status changed from Feedback to Resolved
the particular issues mentioned in the ticket are fixed after my last commit fixing the input validation
not sure on the empty array entries. If I delete a gateway it is removed properly, the only thing I see is when all gateways are deleted it leaves <gateways></gateways> which shouldn't be a problem from what I see.
Seth, if you know of any other outstanding issues, please open a new ticket.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by