Project

General

Profile

Actions

Feature #2731

closed

Add input validation of static route destination networks

Added by Chris Buechler over 11 years ago. Updated almost 11 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Routing
Target version:
Start date:
12/24/2012
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

We need input validation on system_routes_edit.php to prevent adding a static route with "Destination network" == any locally-configured subnet. e.g. if your LAN is 192.168.1.1/24, a destination network of 192.168.1.0/24 on a static route is not valid. People have a tendency of adding such routes for some reason, which breaks their network in various ways. Worse, when you delete such a static route, "route delete" also whacks the interface's link route, so that NIC is dead until you click Save under Interfaces on it.

Needs to check against all locally-configured IPs (interface IPs, VIPs, IPv4 and v6). Route destination must be an exact match to a locally configured IP to be rejected, for instance 192.168.1.128/25 is a potentially valid route when you have a 192.168.1.0/24 subnet locally.

Actions

Also available in: Atom PDF