In order to cleanup code, the old function IpInSubnet is deleted from general-functions. In the future only network functions from network-functions.pl should be used. So this commit deletes the IpInSubnet and replaces it with the ip_address_in_network from the new network-functions.pl
Signed-off-by: Alexander Marx alexander.marx@ipfire.org --- config/cfgroot/general-functions.pl | 32 ++++++++++++-------------------- config/firewall/convert-dmz | 8 ++++---- config/firewall/convert-outgoingfw | 6 +++--- config/firewall/firewall-lib.pl | 6 +++--- html/cgi-bin/dhcp.cgi | 22 ++++++---------------- html/cgi-bin/firewall.cgi | 29 ++++++++++++++--------------- html/cgi-bin/fwhosts.cgi | 17 ++++++++--------- html/cgi-bin/ovpnmain.cgi | 33 ++++++++++++++------------------- html/cgi-bin/wireless.cgi | 4 +--- 9 files changed, 65 insertions(+), 92 deletions(-)
diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index f448c34..4a0b56f 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -487,7 +487,7 @@ sub checksubnets foreach my $key (keys %ovpnconfhash) { if ($ovpnconfhash{$key}[3] eq 'net'){ my @ovpnnet=split (///,$ovpnconfhash{$key}[11]); - if (&IpInSubnet($ip,$ovpnnet[0],&iporsubtodec($ovpnnet[1]))){ + if (&Network::ip_address_in_network($ip,$ovpnnet[0]."/".&iporsubtodec($ovpnnet[1]))){ $errormessage=$errormessage.$Lang::tr{'ccd err isovpnn2n'}." $ovpnconfhash{$key}[1] <br>"; return $errormessage; } @@ -505,7 +505,7 @@ sub checksubnets return $errormessage; } my ($newip,$newsub) = split(///,$ccdnet); - if (&IpInSubnet($newip,$ccdconf[0],&iporsubtodec($ccdconf[1]))) + if (&Network::ip_address_in_network($newip,$ccdconf[0]."/".&iporsubtodec($ccdconf[1]))) { $errormessage=$errormessage.$Lang::tr{'ccd err issubnet'}." $ccdconfhash{$key}[0]<br>"; return $errormessage; @@ -521,7 +521,7 @@ sub checksubnets my ($ipsecip,$ipsecsub) = split (///, $ipsecconf{$key}[11]); $ipsecsub=&iporsubtodec($ipsecsub); if($ipsecconf{$key}[1] ne $ccdname){ - if ( &IpInSubnet ($ip,$ipsecip,$ipsecsub) ){ + if (&Network::ip_address_in_network($ip,$ipsecip."/".$ipsecsub)){ $errormessage=$Lang::tr{'ccd err isipsecnet'}." Name: $ipsecconf{$key}[1]"; return $errormessage; } @@ -535,7 +535,7 @@ sub checksubnets &readhash("${General::swroot}/vpn/settings", %vpnconf); if ($vpnconf{'RW_NET'} ne ''){ my ($ipsecrwnet,$ipsecrwsub)=split (///, $vpnconf{'RW_NET'}); - if (&IpInSubnet($ip,$ipsecrwnet,&iporsubtodec($ipsecrwsub))) + if (&Network::ip_address_in_network($ip,$ipsecrwnet."/".&iporsubtodec($ipsecrwsub))) { $errormessage=$errormessage.$Lang::tr{'ccd err isipsecrw'}."<br>"; return $errormessage; @@ -559,10 +559,10 @@ sub check_net_internal_range{ $cidr=&iporsubtocidr($cidr); #check if we use one of ipfire's networks (green,orange,blue) &readhash("${General::swroot}/ethernet/settings", %ownnet); - if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'GREEN_NETADDRESS'},&iporsubtodec($ownnet{'GREEN_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;} - if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'ORANGE_NETADDRESS'},&iporsubtodec($ownnet{'ORANGE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;} - if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'BLUE_NETADDRESS'},&iporsubtodec($ownnet{'BLUE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;} - if (($ownnet{'RED_NETADDRESS'} ne '' && $ownnet{'RED_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'RED_NETADDRESS'},&iporsubtodec($ownnet{'RED_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;} + if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &Network::ip_address_in_network($ip,$ownnet{'GREEN_NETADDRESS'}."/".&iporsubtodec($ownnet{'GREEN_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;} + if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &Network::ip_address_in_network($ip,$ownnet{'ORANGE_NETADDRESS'}."/".&iporsubtodec($ownnet{'ORANGE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;} + if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &Network::ip_address_in_network($ip,$ownnet{'BLUE_NETADDRESS'}."/".&iporsubtodec($ownnet{'BLUE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;} + if (($ownnet{'RED_NETADDRESS'} ne '' && $ownnet{'RED_NETADDRESS'} ne '0.0.0.0') && &Network::ip_address_in_network($ip,$ownnet{'RED_NETADDRESS'}."/".&iporsubtodec($ownnet{'RED_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;} }
sub check_net_internal_exact{ @@ -727,14 +727,6 @@ sub validportrange # used to check a port range } }
-sub IpInSubnet { - my $addr = shift; - my $network = shift; - my $netmask = shift; - - return &Network::ip_address_in_network($addr, "$network/$netmask"); -} - # # Return the following IP (IP+1) in dotted notation. # Call: NextIP ('1.1.1.1'); @@ -985,10 +977,10 @@ sub GetDyndnsRedIP { chomp $ip;
# 100.64.0.0/10 is reserved for dual-stack lite (http://tools.ietf.org/html/rfc6598). - if (&General::IpInSubnet ($ip,'10.0.0.0','255.0.0.0') || - &General::IpInSubnet ($ip,'172.16.0.0.','255.240.0.0') || - &General::IpInSubnet ($ip,'192.168.0.0','255.255.0.0') || - &General::IpInSubnet ($ip,'100.64.0.0', '255.192.0.0')) + if (&Network::ip_address_in_network($ip,'10.0.0.0/255.0.0.0') || + &Network::ip_address_in_network($ip,'172.16.0.0/255.240.0.0') || + &Network::ip_address_in_network($ip,'192.168.0.0/255.255.0.0') || + &Network::ip_address_in_network($ip,'100.64.0.0/255.192.0.0')) { if ($settings{'BEHINDROUTER'} eq 'FETCH_IP') { my $RealIP = &General::FetchPublicIp; diff --git a/config/firewall/convert-dmz b/config/firewall/convert-dmz index 7b77045..11bd405 100755 --- a/config/firewall/convert-dmz +++ b/config/firewall/convert-dmz @@ -95,10 +95,10 @@ sub process_rules{ }elsif($f eq 'blue' && $ip eq $ifaces{'BLUE_NETADDRESS'}){ $field3='std_net_src'; $field4='BLUE'; - }elsif($f eq 'orange' && &General::IpInSubnet($ip,$ifaces{'ORANGE_NETADDRESS'},$ifaces{'ORANGE_NETMASK'})){ + }elsif($f eq 'orange' && &Network::ip_address_in_network($ip,$ifaces{'ORANGE_NETADDRESS'}."/".$ifaces{'ORANGE_NETMASK'})){ $field3='src_addr'; $field4=$b; - }elsif($f eq 'blue' && &General::IpInSubnet($ip,$ifaces{'BLUE_NETADDRESS'},$ifaces{'BLUE_NETMASK'})){ + }elsif($f eq 'blue' && &Network::ip_address_in_network($ip,$ifaces{'BLUE_NETADDRESS'}."/".$ifaces{'BLUE_NETMASK'})){ $field3='src_addr'; $field4=$b; }else{ @@ -121,10 +121,10 @@ sub process_rules{ }elsif($g eq 'blue' && $ip eq $ifaces{'BLUE_NETADDRESS'}){ $field5='std_net_tgt'; $field6='BLUE'; - }elsif($g eq 'green' && &General::IpInSubnet($ip,$ifaces{'GREEN_NETADDRESS'},$ifaces{'GREEN_NETMASK'})){ + }elsif($g eq 'green' && &Network::ip_address_in_network($ip,$ifaces{'GREEN_NETADDRESS'}."/".$ifaces{'GREEN_NETMASK'})){ $field5='tgt_addr'; $field6=$c; - }elsif($g eq 'blue' && &General::IpInSubnet($ip,$ifaces{'BLUE_NETADDRESS'},$ifaces{'BLUE_NETMASK'})){ + }elsif($g eq 'blue' && &Network::ip_address_in_network($ip,$ifaces{'BLUE_NETADDRESS'}."/".$ifaces{'BLUE_NETMASK'})){ $field5='tgt_addr'; $field6=$c; }else{ diff --git a/config/firewall/convert-outgoingfw b/config/firewall/convert-outgoingfw index c917f84..553df50 100755 --- a/config/firewall/convert-outgoingfw +++ b/config/firewall/convert-outgoingfw @@ -221,15 +221,15 @@ sub new_hostgrp print LOG "Processing NETWORK $ippart/$subnet from Group $grp\n"; if(!&check_net($ippart,$subnet)){ #Check if this network is one one of IPFire internal networks - if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($ippart,$ownnet{'GREEN_NETADDRESS'},$ownnet{'GREEN_NETMASK'})) + if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &Network::ip_address_in_network($ippart,$ownnet{'GREEN_NETADDRESS'}."/".$ownnet{'GREEN_NETMASK'})) { $name2='GREEN'; $name3='Standard Network'; - }elsif (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($ippart,$ownnet{'ORANGE_NETADDRESS'},$ownnet{'ORANGE_NETMASK'})) + }elsif (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &Network::ip_address_in_network($ippart,$ownnet{'ORANGE_NETADDRESS'}."/".$ownnet{'ORANGE_NETMASK'})) { $name2='ORANGE'; $name3='Standard Network'; - }elsif (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($ippart,$ownnet{'BLUE_NETADDRESS'},$ownnet{'BLUE_NETMASK'})) + }elsif (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &Network::ip_address_in_network($ippart,$ownnet{'BLUE_NETADDRESS'}."/".$ownnet{'BLUE_NETMASK'})) { $name2='BLUE'; $name3='Standard Network'; diff --git a/config/firewall/firewall-lib.pl b/config/firewall/firewall-lib.pl index eabd9a4..6f86a16 100644 --- a/config/firewall/firewall-lib.pl +++ b/config/firewall/firewall-lib.pl @@ -551,7 +551,7 @@ sub get_matching_firewall_address my $zone_subnet = $netsettings{$zone . "_NETADDRESS"}; my $zone_mask = $netsettings{$zone . "_NETMASK"};
- if (&General::IpInSubnet($address, $zone_subnet, $zone_mask)) { + if (&Network::ip_address_in_network($address,$zone_subnet."/".$zone_mask)){ return $netsettings{$zone . "_ADDRESS"}; } } @@ -568,12 +568,12 @@ sub get_internal_firewall_ip_address return 0; }
- # Convert net mask into correct format for &General::IpInSubnet(). + # Convert net mask into correct format for &Network::ip_address_in_network(). $net_mask = &General::iporsubtodec($net_mask);
my @addresses = &get_internal_firewall_ip_addresses($use_orange); foreach my $zone_address (@addresses) { - if (&General::IpInSubnet($zone_address, $net_address, $net_mask)) { + if (&Network::ip_address_in_network($zone_address,$net_address."/".$net_mask)){ return $zone_address; } } diff --git a/html/cgi-bin/dhcp.cgi b/html/cgi-bin/dhcp.cgi index 3eb5349..6bc50d3 100644 --- a/html/cgi-bin/dhcp.cgi +++ b/html/cgi-bin/dhcp.cgi @@ -142,9 +142,7 @@ if ($dhcpsettings{'ACTION'} eq $Lang::tr{'save'}) { $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid end address'}; goto ERROR; } - if (! &General::IpInSubnet ( $dhcpsettings{"START_ADDR_${itf}"}, - $netsettings{"${itf}_NETADDRESS"}, - $netsettings{"${itf}_NETMASK"})) { + if (!&Network::ip_address_in_network($dhcpsettings{"START_ADDR_${itf}"},$netsettings{"${itf}_NETADDRESS"}."/".$netsettings{"${itf}_NETMASK"})){ $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid start address'}; goto ERROR; } @@ -159,9 +157,7 @@ if ($dhcpsettings{'ACTION'} eq $Lang::tr{'save'}) { $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid start address'}; goto ERROR; } - if (! &General::IpInSubnet ( $dhcpsettings{"END_ADDR_${itf}"}, - $netsettings{"${itf}_NETADDRESS"}, - $netsettings{"${itf}_NETMASK"})) { + if (!&Network::ip_address_in_network($dhcpsettings{"END_ADDR_${itf}"},$netsettings{"${itf}_NETADDRESS"}."/".$netsettings{"${itf}_NETMASK"})){ $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid end address'}; goto ERROR; } @@ -419,15 +415,11 @@ if ($dhcpsettings{'ACTION'} eq $Lang::tr{'add'}.'2') { # if ip are not inside a known subnet, I don't warn. # Also it may be needed to put duplicate fixed lease in their right subnet definition.. foreach my $itf (@ITFs) { - my $scoped = &General::IpInSubnet($dhcpsettings{'FIX_ADDR'}, - $netsettings{"${itf}_NETADDRESS"}, - $netsettings{"${itf}_NETMASK"}) && - $dhcpsettings{"ENABLE_${itf}"} eq 'on'; + my $scoped = &Network::ip_address_in_network($dhcpsettings{'FIX_ADDR'},$netsettings{"${itf}_NETADDRESS"}."/".$netsettings{"${itf}_NETMASK"}) && + $dhcpsettings{"ENABLE_${itf}"} eq 'on'; if ( $scoped && (lc($dhcpsettings{'FIX_MAC'}) eq lc($temp[0])) && - &General::IpInSubnet($temp[1], - $netsettings{"${itf}_NETADDRESS"}, - $netsettings{"${itf}_NETMASK"})) { + &Network::ip_address_in_network($temp[1],$netsettings{"${itf}_NETADDRESS"}."/".$netsettings{"${itf}_NETMASK"})){ $errormessage = "$Lang::tr{'mac address in use'} $dhcpsettings{'FIX_MAC'}"; last CHECK; } @@ -993,9 +985,7 @@ foreach my $line (@current2) { # Mark IP addresses outwith known subnets $ipoutside{$temp[1]} = 1; foreach my $itf (@ITFs) { - if ( &General::IpInSubnet($temp[1], - $netsettings{"${itf}_NETADDRESS"}, - $netsettings{"${itf}_NETMASK"})) { + if (&Network::ip_address_in_network($temp[1],$netsettings{"${itf}_NETADDRESS"}."/".$netsettings{"${itf}_NETMASK"})){ $ipoutside{$temp[1]} = 0; } } diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi index face0f4..0edb648 100644 --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -31,7 +31,6 @@ no warnings 'uninitialized'; #use CGI::Carp 'fatalsToBrowser';
require '/var/ipfire/general-functions.pl'; -require '/var/ipfire/network-functions.pl'; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; require "${General::swroot}/geoip-functions.pl"; @@ -237,7 +236,7 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule') #check if manual ip (source) is orange network if ($fwdfwsettings{'grp1'} eq 'src_addr'){ my ($sip,$scidr) = split("/",$fwdfwsettings{$fwdfwsettings{'grp1'}}); - if ( &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){ + if (&Network::ip_address_in_network($sip,$netsettings{'ORANGE_ADDRESS'}."/".$netsettings{'ORANGE_NETMASK'})){ $checkorange='on'; } } @@ -817,7 +816,7 @@ sub checkrule my $networkip1=&General::getnetworkip($sip,$scidr); my $networkip2=&General::getnetworkip($tip,$tcidr); if ($scidr gt $tcidr){ - if ( &General::IpInSubnet($networkip1,$tip,&General::iporsubtodec($tcidr))){ + if (&Network::ip_address_in_network($networkip1,$tip."/".&General::iporsubtodec($tcidr))){ $errormessage.=$Lang::tr{'fwdfw err samesub'}; } }elsif($scidr eq $tcidr && $scidr eq '32'){ @@ -828,7 +827,7 @@ sub checkrule $hint.=$Lang::tr{'fwdfw hint ip2'}." Source: $networkip1/$scidr Target: $networkip2/$tcidr<br>"; } }else{ - if ( &General::IpInSubnet($networkip2,$sip,&General::iporsubtodec($scidr)) ){ + if (&Network::ip_address_in_network($networkip2,$sip."/".&General::iporsubtodec($scidr))){ $errormessage.=$Lang::tr{'fwdfw err samesub'}; } } @@ -919,7 +918,7 @@ sub checkvpn foreach my $key (sort keys %ccdnet){ my ($vpnip,$vpnsubnet) = split ("/",$ccdnet{$key}[1]); my $sub=&General::iporsubtodec($vpnsubnet); - if (&General::IpInSubnet($ip,$vpnip,$sub)){ + if (&Network::ip_address_in_network($ip,$vpnip."/".$sub)){ return 0; } } @@ -1352,15 +1351,15 @@ sub getcolor return; }elsif($val =~ /^(.*?)/(.*?)$/){ my ($sip,$scidr) = split ("/",$val); - if ( &Header::orange_used() && &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){ + if (&Header::orange_used() && &Network::ip_address_in_network($sip,$netsettings{'ORANGE_ADDRESS'}."/".$netsettings{'ORANGE_NETMASK'})){ $tdcolor="style='background-color: $Header::colourorange;color:white;'"; return; } - if ( &General::IpInSubnet($sip,$netsettings{'GREEN_ADDRESS'},$netsettings{'GREEN_NETMASK'})){ + if (&Network::ip_address_in_network($sip,$netsettings{'GREEN_ADDRESS'}."/".$netsettings{'GREEN_NETMASK'})){ $tdcolor="style='background-color: $Header::colourgreen;color:white;'"; return; } - if ( &Header::blue_used() && &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){ + if (&Header::blue_used() && &Network::ip_address_in_network($sip,$netsettings{'BLUE_ADDRESS'}."/".$netsettings{'BLUE_NETMASK'})){ $tdcolor="style='background-color: $Header::colourblue;color:white;'"; return; } @@ -1373,7 +1372,7 @@ sub getcolor #Check if IP is part of OpenVPN dynamic subnet my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'}); my ($c,$d) = split("/",$val); - if (&General::IpInSubnet($c,$a,$b)){ + if (&Network::ip_address_in_network($c,$a."/".$b)){ $tdcolor="style='background-color: $Header::colourovpn;color:white;'"; return; } @@ -1381,7 +1380,7 @@ sub getcolor foreach my $key (sort keys %ccdnet){ my ($a,$b) = split("/",$ccdnet{$key}[1]); $b =&General::iporsubtodec($b); - if (&General::IpInSubnet($c,$a,$b)){ + if (&Network::ip_address_in_network($c,$a."/".$b)){ $tdcolor="style='background-color: $Header::colourovpn;color:white;'"; return; } @@ -1390,7 +1389,7 @@ sub getcolor foreach my $key (sort keys %ccdhost){ if ($ccdhost{$key}[3] eq 'net'){ my ($a,$b) = split("/",$ccdhost{$key}[11]); - if (&General::IpInSubnet($c,$a,$b)){ + if (&Network::ip_address_in_network($c,$a."/".$b)){ $tdcolor="style='background-color: $Header::colourovpn;color:white;'"; return; } @@ -1400,7 +1399,7 @@ sub getcolor if ($ipsecsettings{'RW_NET'} ne ''){ my ($a,$b) = split("/",$ipsecsettings{'RW_NET'}); $b=&General::iporsubtodec($b); - if (&General::IpInSubnet($c,$a,$b)){ + if (&Network::ip_address_in_network($c,$a."/".$b)){ $tdcolor="style='background-color: $Header::colourvpn;color:white;'"; return; } @@ -1410,7 +1409,7 @@ sub getcolor if ($ipsecconf{$key}[11]){ my ($a,$b) = split("/",$ipsecconf{$key}[11]); $b=&General::iporsubtodec($b); - if (&General::IpInSubnet($c,$a,$b)){ + if (&Network::ip_address_in_network($c,$a."/".$b)){ $tdcolor="style='background-color: $Header::colourvpn;color:white;'"; return; } @@ -1587,7 +1586,7 @@ sub newrule #check if manual ip (source) is orange network if ($fwdfwsettings{'grp1'} eq 'src_addr'){ my ($sip,$scidr) = split("/",$fwdfwsettings{$fwdfwsettings{'grp1'}}); - if ( &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){ + if (&Network::ip_address_in_network($sip,$netsettings{'ORANGE_ADDRESS'}."/".$netsettings{'ORANGE_NETMASK'})){ $fwdfwsettings{'oldorange'} ='on'; } } @@ -1609,7 +1608,7 @@ sub newrule #check if manual ip (source) is orange network if ($fwdfwsettings{'grp1'} eq 'src_addr'){ my ($sip,$scidr) = split("/",$fwdfwsettings{$fwdfwsettings{'grp1'}}); - if ( &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){ + if (&Network::ip_address_in_network($sip,$netsettings{'ORANGE_ADDRESS'}."/".$netsettings{'ORANGE_NETMASK'})){ $fwdfwsettings{'oldorange'} ='on'; } } diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi index a2ade8a..22d8ef9 100644 --- a/html/cgi-bin/fwhosts.cgi +++ b/html/cgi-bin/fwhosts.cgi @@ -27,7 +27,6 @@ use Sort::Naturally; use CGI::Carp 'fatalsToBrowser'; no warnings 'uninitialized'; require '/var/ipfire/general-functions.pl'; -require '/var/ipfire/network-functions.pl'; require "/var/ipfire/geoip-functions.pl"; require "/usr/lib/firewall/firewall-lib.pl"; require "${General::swroot}/lang.pl"; @@ -1909,15 +1908,15 @@ sub getcolor }
#Now check if IP is part of ORANGE,BLUE or GREEN - if ( &Header::orange_used() && &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){ + if (&Header::orange_used() && &Network::ip_address_in_network($sip,$netsettings{'ORANGE_ADDRESS'}."/".$netsettings{'ORANGE_NETMASK'})){ $tdcolor="<font style='color: $Header::colourorange;'>$c</font>"; return $tdcolor; } - if ( &General::IpInSubnet($sip,$netsettings{'GREEN_ADDRESS'},$netsettings{'GREEN_NETMASK'})){ + if (&Network::ip_address_in_network($sip,$netsettings{'GREEN_ADDRESS'}."/".$netsettings{'GREEN_NETMASK'})){ $tdcolor="<font style='color: $Header::colourgreen;'>$c</font>"; return $tdcolor; } - if ( &Header::blue_used() && &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){ + if (&Header::blue_used() && &Network::ip_address_in_network($sip,$netsettings{'BLUE_ADDRESS'}."/".$netsettings{'BLUE_NETMASK'})){ $tdcolor="<font style='color: $Header::colourblue;'>$c</font>"; return $tdcolor; } @@ -1929,7 +1928,7 @@ sub getcolor foreach my $key (sort keys %ccdhost){ if ($ccdhost{$key}[3] eq 'net'){ my ($a,$b) = split("/",$ccdhost{$key}[11]); - if (&General::IpInSubnet($sip,$a,$b)){ + if (&Network::ip_address_in_network($sip,$a."/".$b)){ $tdcolor="<font style='color:$Header::colourovpn ;'>$c</font>"; return $tdcolor; } @@ -1938,7 +1937,7 @@ sub getcolor
#Check if IP is part of OpenVPN dynamic subnet my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'}); - if (&General::IpInSubnet($sip,$a,$b)){ + if (&Network::ip_address_in_network($sip,$a."/".$b)){ $tdcolor="<font style='color: $Header::colourovpn;'>$c</font>"; return $tdcolor; } @@ -1947,7 +1946,7 @@ sub getcolor foreach my $key (sort keys %ccdnet){ my ($a,$b) = split("/",$ccdnet{$key}[1]); $b =&General::iporsubtodec($b); - if (&General::IpInSubnet($sip,$a,$b)){ + if (&Network::ip_address_in_network($sip,$a."/".$b)){ $tdcolor="<font style='color: $Header::colourovpn;'>$c</font>"; return $tdcolor; } @@ -1957,7 +1956,7 @@ sub getcolor if ($ipsecsettings{'RW_NET'} ne ''){ my ($a,$b) = split("/",$ipsecsettings{'RW_NET'}); $b=&General::iporsubtodec($b); - if (&General::IpInSubnet($sip,$a,$b)){ + if (&Network::ip_address_in_network($sip,$a."/".$b)){ $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>"; return $tdcolor; } @@ -1968,7 +1967,7 @@ sub getcolor if ($ipsecconf{$key}[11]){ my ($a,$b) = split("/",$ipsecconf{$key}[11]); $b=&General::iporsubtodec($b); - if (&General::IpInSubnet($sip,$a,$b)){ + if (&Network::ip_address_in_network($sip,$a."/".$b)){ $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>"; return $tdcolor; } diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index d46a14e..476b877 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -579,7 +579,7 @@ sub check_routes_push return 0; } #subnetcheck - if (&General::IpInSubnet ($ip,$ip2,&General::iporsubtodec($cidr2))){ + if (&Network::ip_address_in_network($ip,$ip2."/".&General::iporsubtodec($cidr2))){ return 0; } }; @@ -602,7 +602,7 @@ sub check_ccdroute } my ($ip2,$cidr2) = split (///,$ccdroutehash{$key}[$i]); #subnetcheck - if (&General::IpInSubnet ($ip,$ip2,$cidr2)&& $ccdroutehash{$key}[0] ne $cgiparams{'NAME'} ){ + if (&Network::ip_address_in_network($ip,$ip2."/".$cidr2) && $ccdroutehash{$key}[0] ne $cgiparams{'NAME'}){ return 0; } } @@ -622,7 +622,7 @@ sub check_ccdconf } my ($ip2,$cidr2) = split (///,$ccdconfhash{$key}[1]); #subnetcheck - if (&General::IpInSubnet ($ip,$ip2,&General::cidrtosub($cidr2))){ + if (&Network::ip_address_in_network($ip,$ip2."/".&General::cidrtosub($cidr2))){ return 0; } @@ -835,7 +835,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) { goto ADV_ERROR; } my ($ip2,$cidr2) = split(///,$ccdroutehash{$key}[$i]); - if (&General::IpInSubnet ($ip,$ip2,$cidr2)){ + if (&Network::ip_address_in_network($ip,$ip2."/".$cidr2)){ $errormessage="Route $ip/$cidr ".$Lang::tr{'ccd err inuse'}." $ccdroutehash{$key}[0]" ; goto ADV_ERROR; } @@ -1113,26 +1113,22 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg } my @tmpovpnsubnet = split("/",$cgiparams{'DOVPN_SUBNET'});
- if (&General::IpInSubnet ( $netsettings{'RED_ADDRESS'}, - $tmpovpnsubnet[0], $tmpovpnsubnet[1])) { + if (&Network::ip_address_in_network($netsettings{'RED_ADDRESS'},$tmpovpnsubnet[0]."/".$tmpovpnsubnet[1])){ $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire RED Network $netsettings{'RED_ADDRESS'}"; goto SETTINGS_ERROR; }
- if (&General::IpInSubnet ( $netsettings{'GREEN_ADDRESS'}, - $tmpovpnsubnet[0], $tmpovpnsubnet[1])) { + if (&Network::ip_address_in_network($netsettings{'GREEN_ADDRESS'},$tmpovpnsubnet[0]."/".$tmpovpnsubnet[1])){ $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Green Network $netsettings{'GREEN_ADDRESS'}"; goto SETTINGS_ERROR; }
- if (&General::IpInSubnet ( $netsettings{'BLUE_ADDRESS'}, - $tmpovpnsubnet[0], $tmpovpnsubnet[1])) { + if (&Network::ip_address_in_network($netsettings{'BLUE_ADDRESS'},$tmpovpnsubnet[0]."/".$tmpovpnsubnet[1])){ $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Blue Network $netsettings{'BLUE_ADDRESS'}"; goto SETTINGS_ERROR; }
- if (&General::IpInSubnet ( $netsettings{'ORANGE_ADDRESS'}, - $tmpovpnsubnet[0], $tmpovpnsubnet[1])) { + if (&Network::ip_address_in_network($netsettings{'ORANGE_ADDRESS'},$tmpovpnsubnet[0]."/".$tmpovpnsubnet[1])){ $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Orange Network $netsettings{'ORANGE_ADDRESS'}"; goto SETTINGS_ERROR; } @@ -1142,8 +1138,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg chomp($_); my @tempalias = split(/,/,$_); if ($tempalias[1] eq 'on') { - if (&General::IpInSubnet ($tempalias[0] , - $tmpovpnsubnet[0], $tmpovpnsubnet[1])) { + if (&Network::ip_address_in_network($tempalias[0],$tmpovpnsubnet[0]."/".$tmpovpnsubnet[1])){ $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire alias entry $tempalias[0]"; } } @@ -3651,7 +3646,7 @@ if ($cgiparams{'TYPE'} eq 'host') { my ($ip1,$cidr1) = split (///, $val); $ip1 = &General::getnetworkip($ip1,&General::iporsubtocidr($cidr1)); my ($ip2,$cidr2) = split (///, $ccdroutehash{$key}[$oldiroute]); - if (&General::IpInSubnet ($ip1,$ip2,$cidr2)){ + if (&Network::ip_address_in_network($ip1,$ip2."/".$cidr2)){ $errormessage=$errormessage.$Lang::tr{'ccd err irouteexist'}; goto VPNCONF_ERROR; } @@ -3670,19 +3665,19 @@ if ($cgiparams{'TYPE'} eq 'host') { } #check for existing network IP's - if (&General::IpInSubnet ($ip,$netsettings{GREEN_NETADDRESS},$netsettings{GREEN_NETMASK}) && $netsettings{GREEN_NETADDRESS} ne '0.0.0.0') + if (&Network::ip_address_in_network($ip,$netsettings{GREEN_NETADDRESS}."/".$netsettings{GREEN_NETMASK}) && $netsettings{GREEN_NETADDRESS} ne '0.0.0.0') { $errormessage=$Lang::tr{'ccd err green'}; goto VPNCONF_ERROR; - }elsif(&General::IpInSubnet ($ip,$netsettings{RED_NETADDRESS},$netsettings{RED_NETMASK}) && $netsettings{RED_NETADDRESS} ne '0.0.0.0') + }elsif(&Network::ip_address_in_network($ip,$netsettings{RED_NETADDRESS}."/".$netsettings{RED_NETMASK}) && $netsettings{RED_NETADDRESS} ne '0.0.0.0') { $errormessage=$Lang::tr{'ccd err red'}; goto VPNCONF_ERROR; - }elsif(&General::IpInSubnet ($ip,$netsettings{BLUE_NETADDRESS},$netsettings{BLUE_NETMASK}) && $netsettings{BLUE_NETADDRESS} ne '0.0.0.0' && $netsettings{BLUE_NETADDRESS} gt '') + }elsif(&Network::ip_address_in_network($ip,$netsettings{BLUE_NETADDRESS}."/".$netsettings{BLUE_NETMASK}) && $netsettings{BLUE_NETADDRESS} ne '0.0.0.0' && $netsettings{BLUE_NETADDRESS} gt '') { $errormessage=$Lang::tr{'ccd err blue'}; goto VPNCONF_ERROR; - }elsif(&General::IpInSubnet ($ip,$netsettings{ORANGE_NETADDRESS},$netsettings{ORANGE_NETMASK}) && $netsettings{ORANGE_NETADDRESS} ne '0.0.0.0' && $netsettings{ORANGE_NETADDRESS} gt '' ) + }elsif(&Network::ip_address_in_network($ip,$netsettings{ORANGE_NETADDRESS}."/".$netsettings{ORANGE_NETMASK}) && $netsettings{ORANGE_NETADDRESS} ne '0.0.0.0' && $netsettings{ORANGE_NETADDRESS} gt '' ) { $errormessage=$Lang::tr{'ccd err orange'}; goto VPNCONF_ERROR; diff --git a/html/cgi-bin/wireless.cgi b/html/cgi-bin/wireless.cgi index d4592a2..afa8edc 100644 --- a/html/cgi-bin/wireless.cgi +++ b/html/cgi-bin/wireless.cgi @@ -447,9 +447,7 @@ END $hostname =~ s/"//g; } elsif ($line eq "}") { # Select records in Blue subnet - if ( &General::IpInSubnet ( $ip, - $netsettings{"BLUE_NETADDRESS"}, - $netsettings{"BLUE_NETMASK"} ) ) { + if (&Network::ip_address_in_network($ip,$netsettings{'BLUE_NETADDRESS'}."/".$netsettings{'BLUE_NETMASK'})){ @record = ('IPADDR',$ip,'ENDTIME',$endtime,'ETHER',$ether,'HOSTNAME',$hostname); $record = {}; # create a reference to empty hash %{$record} = @record; # populate that hash with @record