Never mind, I sent before reading the notes. Sorry about that.

Tom

On Oct 25, 2017, at 6:50 AM, Tom Rymes <trymes@rymes.com> wrote:

Alexander,

Will this also fix the behavior seen in bug 11235?

https://bugzilla.ipfire.org/show_bug.cgi?id=11235

Tom

On Oct 25, 2017, at 5:42 AM, Alexander Marx <alexander.marx@ipfire.org> wrote:

The check_net_internal_exact function needs subnetmask in cidr notation to work.
Routing.cgi was also updated to use this function.
---
config/cfgroot/general-functions.pl | 8 ++++----
html/cgi-bin/routing.cgi            | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 0577afe..024285e 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -579,10 +579,10 @@ sub check_net_internal_exact{
   $cidr=&iporsubtocidr($cidr);
   #check if we use one of ipfire's networks (green,orange,blue)
   &readhash("${General::swroot}/ethernet/settings", \%ownnet);
-    if (($ownnet{'GREEN_NETADDRESS'}      ne '' && $ownnet{'GREEN_NETADDRESS'}    ne '0.0.0.0') && &Network::network_equal("$ownnet{'GREEN_NETADDRESS'}/$ownnet{'GREEN_NETMASK'}", $network)){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;}
-    if (($ownnet{'ORANGE_NETADDRESS'}    ne '' && $ownnet{'ORANGE_NETADDRESS'}    ne '0.0.0.0') && &Network::network_equal("$ownnet{'ORANGE_NETADDRESS'}/$ownnet{'ORANGE_NETMASK'}", $network)){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;}
-    if (($ownnet{'BLUE_NETADDRESS'}    ne '' && $ownnet{'BLUE_NETADDRESS'}    ne '0.0.0.0') && &Network::network_equal("$ownnet{'BLUE_NETADDRESS'}/$ownnet{'BLUE_NETMASK'}", $network)){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;}
-    if (($ownnet{'RED_NETADDRESS'}        ne '' && $ownnet{'RED_NETADDRESS'}        ne '0.0.0.0') && &Network::network_equal("$ownnet{'RED_NETADDRESS'}/$ownnet{'RED_NETMASK'}", $network)){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
+    if (($ownnet{'GREEN_NETADDRESS'}      ne '' && $ownnet{'GREEN_NETADDRESS'}    ne '0.0.0.0') && &Network::network_equal("$ownnet{'GREEN_NETADDRESS'}/".&iporsubtocidr($ownnet{'GREEN_NETMASK'}), $network)){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;}
+    if (($ownnet{'ORANGE_NETADDRESS'}    ne '' && $ownnet{'ORANGE_NETADDRESS'}    ne '0.0.0.0') && &Network::network_equal("$ownnet{'ORANGE_NETADDRESS'}/".&iporsubtocidr($ownnet{'ORANGE_NETMASK'}), $network)){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;}
+    if (($ownnet{'BLUE_NETADDRESS'}    ne '' && $ownnet{'BLUE_NETADDRESS'}    ne '0.0.0.0') && &Network::network_equal("$ownnet{'BLUE_NETADDRESS'}/".&iporsubtocidr($ownnet{'BLUE_NETMASK'}), $network)){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;}
+    if (($ownnet{'RED_NETADDRESS'}        ne '' && $ownnet{'RED_NETADDRESS'}        ne '0.0.0.0') && &Network::network_equal("$ownnet{'RED_NETADDRESS'}/".&iporsubtocidr($ownnet{'RED_NETMASK'}), $network)){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
}

sub validport
diff --git a/html/cgi-bin/routing.cgi b/html/cgi-bin/routing.cgi
index 15989bd..f2014e2 100644
--- a/html/cgi-bin/routing.cgi
+++ b/html/cgi-bin/routing.cgi
@@ -154,7 +154,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
           last;
       }
       #Is the network part of an internal network?
-        $errormessage .= &General::check_net_internal($settings{'IP'});
+        $errormessage .= &General::check_net_internal_exact($settings{'IP'});
       last;
   }

--
2.7.4