Merge pull request #1297 from phil-davis/patch-23
Expand range or subnet for host alias
When entering a host alias, if the user put an IP range (like 192.168.0.10-192.168.0.20) or a subnet (like 192.168.1.200/29) then expand it into a list of individual IP addresses. Check that it will not make too many rows to exceed the existing 5000 row limit on the GUI....
update input_error description after changes for ticket #3491
Clarify bracketing
to minimize risk of a problem when adding code here in the future.
Allow extended alias inputs #3890
Currently if you enter a space-separated list of subnets in the IP address box when entering an alias, the code reports that the data is invalid. But it does actually expand the list of subnets into multiple rows, and enters the various subnet CIDRs into the CIDR column for the user. The user can press Save a second time and the data is now valid so the code saves it happily. This is rather odd, as reported in redmine #3890....
firewall_aliases_edit UI text changes
If type URL Table then the heading "Description" on the 3rd column gets suppressed (I am not really sure why that is, since the description data entry box still appears - I guess someone intended that the data entry box itself also be suppressed, since URL Table takes just a single line entry, the overall description of the alias should be enough - no need for a per-line description.)...
Remove useless check for alias description matching an interface description
While looking at other checks in the code I noticed this check. It was not effective anyway, because the first line inside "if ($_POST)" below doesunset($input_errors);which undoes this check anyway....
Remove almost all calls to history.back() and make Cancel button back to HTTP_REFERER, there are a couple of places I didn't touch on this commit because it requires more work
Change is_port() to only validate a single port, we have is_portrange() for specific cases. Make necessary adjustments after check all is_port() calls. It fixes #3857
Alias name cannot have more than 31 chars, add maxlength here just as an extra check. Ticket #3827
Encode the detail field of an alias entry before displaying its contents back to the user.
Change Cancel button to call history.back() as done in Firewall Rules, the current method has issues with IE 11, it should fix #3728
Improve checks for params 'id', 'dup' and other similar ones to make sure they are numeric integer, also, pass them through htmlspecialchars() before print
Help ticket #3449:
Improve data validation to avoid save a host/subnet or a IPv4 withinvalid mask. The reported error is on javascript and only happen onIE8,but this fix will prevent the same issue happening in the future ona different browser.
Catch a validation issue reported on the mailing list thread: IPv6 address data validation from: Brian Candler. It prevents putting a subnet in the address field since it then breaks the whole filter generation process
Use unlink_if_exists or @unlink to avoid PHP errors when file doesn't exist
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Really fix #3376
Thanks to Grischa Zengel for spotting the semi-colon at the end of the "if" line that was the real cause. Please also back merge this to 2.1 branch.
Check for vertical bars in alias detail descriptions
The descriptions of each entry in an alias are stored in config.xml as a list delimited by "||". So you cannot have "||" in the actual description (or the description effectively splits into the next entry). Also you cannot start or end the description with "|" or it will be very confusing having the config with "|||" in it....
Fix display of CIDR/Update Freq in Alias Edit
Fixes #3376. I have no idea what the "^" characters were meant to do, but removing them makes the CIDR/Update Freq value be displayed correctly when editing. Will there be some other side-effect from removing the "^"?
Make it more explicit that 'update freq.' unit is days
Remove unused variable
Fix #3283, use jQuery to change attributes based on id
Actually there is no reason to set a variable just to use once
Fix #3242 and some code cleanup:
- Only explode '/' and set address_subnet when address is a subnet, it fixes issue reported at #3242- While I'm here, do some cleanup on the way addresses are treated - Remove unecessary variable $tracker, we already have $counter set...
Fix #3268 - avoid pf table names conflict:
. Create a list of reserved table names for the hardcoded ones. Use this list to validate aliases and load balance pool names. Check if alias names don't conflict with LB pool names and vice-versa
Remove call-time pass by reference for do_input_validation, helps ticket #2565
Fix #3113, fix multiple english spell errors s/seperet/separat/
When adding Port or URL alias default the alias type
When viewing the Port or URL aliases tab, and pressing "+" (add), make the default alias type match the Port or URL tab from which the user pressed "+".
Implement URL Table aliases for ports instead of IP addresses
Process zipped aliases list
Use download_file() and check ssl certificates
Remove useless code
Add a new alias type, URLs containing Ports
"block" is also a reserved keyword that can't be an alias name, or pf tosses an error.
Permit to use aliases containing hostnames on static routes
Prohibit adding aliases containing FQDNs in static routes. Fixes #2941
Tidy up "firewall_aliases*.php" XHTML
Add CDATA sections to SCRIPT tagsClose INPUT and BR tagsUpdate HTML boolean operatorsMove NOWRAP to class statementAdd missing closing TD tag
Fix URL add when you break sequence for addresses and details, shile I'm here, simplify logic
Preserve all URLs when one of them is invalid
Back to previous tab when click on Cancel
Preserve old URLs when an error happens, also, fix descriptions save for URLs
Simplify logic
Return to correct tab after save or delete an alias
Save URLs and URL Table details
Fix whitespaces and indent
Use class tabcont for table
Fix: Repopulate field
Refine saving/applying on more pages - don't show apply or take an action unless the user is allowed to do that.
Return the user to the tab they were working originally working on
Fix hardcodded alias type so alias suggestion works as expected while creating nested aliases.
Overcome laziness to avoid unnecessary loop
Fix of bug #2374 "When entering values in firewall rules leading andtrailing spaces are not deleted"
cleanup: code for building arrays for autocompleted fields
Add _ to the list of are allowed characters
When the "OpenVPN" users type was commented out of the drop-down, this function wasn't adjusted so it was off by one in its counts, making the URL table update frequency box disabled.
feature #2320: JS helper to toggle subnet mask for ipv4/v6 during input
http://redmine.pfsense.org/issues/2320
prep work for feature #2320: tag fields for ipv4v6
Update help text for Host alaises to indicate FQDNs are allowed.
The function split() is replaced by the function explode(). Starting with PHP 5.3 this is deprecated and with version 6 gone.Replacing it surpresses all the warnings
Adding hook
Add hooks
Add alias edit hook
Merge remote branch 'upstream/master'
Feature #1603. Correct nested urltable alias code to be more fullproof to errors and does not break the ruleset on large lists of urltables. Though this needs a revisit to work properly since it breaks urltable alias property of reloading contents.
Merge remote-tracking branch 'upstream/master'
Feature#1603. URL table aliases should be usable within network type aliases.
Reject alias names that are too long. Fixes #1510
Conflicts: etc/inc/rrd.inc usr/local/www/interfaces.php
Add all to the reserved keywords
add subnet mask clarification for IPv6 and correct default count to 128 bits
Add alias support for source and destination ports on outbound NAT.
Check for aliases in 1:1 and outbound NAT rules, too.
In update_alias_names_upon_change function add capability to access more deeply nested sections and fields.
Resolves #1224. Correctly change name on port alias in firewall rules if the alias name changes.
Conflicts: etc/inc/interfaces.inc etc/inc/system.inc
Ticket #1183. Skip call to filter_configure() here, this will be done when user will click on 'apply changes' button in firewall_aliases.php
Don't run mb_convert_encoding on descr field, it's cdata protected in the config now and this just causes some characters to be lost on input. Ticket #1168
comment out unfinished OpenVPN Users alias option, can finish for a post-2.0 release
Conflicts: etc/inc/interfaces.inc etc/inc/vslb.inc usr/local/www/interfaces.php
Move to index.php.
Conflicts: etc/inc/filter.inc etc/inc/system.inc usr/local/www/interfaces.php usr/local/www/interfaces_gif_edit.php
Fix XSS issues
Bring in XSS id fixes from m0n0wall
up the subnet bits from 32 to 128 so that the access can be locked down to the host for ipv6.This will require a javascript routine that prevents a subnet mask higher then 32 bits for a ipv4 address.
Alternatively the subnet bits should be steered by javascript to prevent use of more then 32 bits on a ipv4 address. When a hostname is used all bets are off, even worse if the hostname is a combined ipv4/ipv6.
Use a list that includes WAN and LAN here rather than only OPT.
Fix the delete button and a couple other small errors. Ticket #891
Simplify sprintf
Modify various (s)printf format strings to allow translations to change the order of the inserted strings.
Fix text
Fixing gettext calls on firewall_aliases_edit.php
Merge remote branch 'mainline/master' into 2_firewall
Conflicts: usr/local/www/diag_nanobsd.php usr/local/www/diag_packet_capture.php usr/local/www/firewall_shaper.php
Change these to lower-case to match the lower-case names from the previous revert.
Update the VPN names in the reserved keywords list for aliases.
Checked gettext() implementation on firewall_aliases_edit.php
Corrections gettext implementation on firewall_aliases_edit.php