[PATCH] modified proxy.cgi to make it possible that all subnets declared in "network access control" will be translated from cidr to subnet notation in proxy.pac
From: Steffen Klammer steffen.klammer@staderschulen.de
--- html/cgi-bin/proxy.cgi | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index fdf9bddaf..a63e1c2df 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -3004,7 +3004,8 @@ END ) { chomp $temp[1]; - print FILE " ||\n (isInNet(myIpAddress(), "$temp[0]", "$temp[1]"))"; + my $tempmask = &Network::convert_prefix2netmask($temp[1]); + print FILE " ||\n (isInNet(myIpAddress(), "$temp[0]", "$tempmask"))"; } }
Hello,
Thank you very much for submitting your patch.
This looks good to me. Has anyone tried this and can confirm that it works as intended?
What would be added if the net mask was invalid? Let’s say if someone writes 192.168.0.0/38?
Reviewed-by: Michael Tremer michael.tremer@ipfire.org
Best, -Michael
On 16 Oct 2020, at 09:08, steffen.klammer@staderschulen.de wrote:
From: Steffen Klammer steffen.klammer@staderschulen.de
html/cgi-bin/proxy.cgi | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index fdf9bddaf..a63e1c2df 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -3004,7 +3004,8 @@ END ) { chomp $temp[1];
print FILE " ||\n (isInNet(myIpAddress(), \"$temp[0]\", \"$temp[1]\"))";
my $tempmask = &Network::convert_prefix2netmask($temp[1]);print FILE " ||\n (isInNet(myIpAddress(), \"$temp[0]\", \"$tempmask\"))"; } }-- 2.25.1
-
Michael Tremer -
steffen.klammer@staderschulen.de