From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 800077a68916409bd0aa3b5a240bd9f70ec27655
Date: Thu, 27 Feb 2014 19:45:58 +0100 [thread overview]
Message-ID: <20140227184600.844FD204CD@argus.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 7117 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 800077a68916409bd0aa3b5a240bd9f70ec27655 (commit)
via 5a7491ffd6023019d605aa773c1f6d8e3fb2ff17 (commit)
via 5eee5a607e213c25b350926c5234d2230cfc6e29 (commit)
from b18dba57de09607a047c75a5a704c48c060b7c3c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 800077a68916409bd0aa3b5a240bd9f70ec27655
Author: Alexander Marx <alexander.marx(a)ipfire.org>
Date: Thu Feb 27 13:38:40 2014 +0100
Firewall: Skip rules on boot when red has no ip
commit 5a7491ffd6023019d605aa773c1f6d8e3fb2ff17
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Feb 27 19:39:18 2014 +0100
QoS: Actually accept subnets everywhere.
commit 5eee5a607e213c25b350926c5234d2230cfc6e29
Author: Alexander Marx <alexander.marx(a)ipfire.org>
Date: Wed Feb 26 16:07:02 2014 +0100
QOS: IP-Addresses can now be simple IP-Address or IP-Address and subnet
-----------------------------------------------------------------------
Summary of changes:
config/firewall/rules.pl | 10 +++++++++-
html/cgi-bin/qos.cgi | 20 ++++++++++----------
2 files changed, 19 insertions(+), 11 deletions(-)
Difference in files:
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index d8adb15..40ca824 100755
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -258,6 +258,10 @@ sub buildrules
$PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
foreach my $a (sort keys %sourcehash){
foreach my $b (sort keys %targethash){
+ if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){
+ #Skip rules when no RED IP is set (DHCP,DSL)
+ next;
+ }
next if ($targethash{$b}[0] eq 'none');
$STAG='';
if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -342,6 +346,10 @@ sub buildrules
}
foreach my $a (sort keys %sourcehash){
foreach my $b (sort keys %targethash){
+ if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){
+ #Skip rules when no RED IP is set (DHCP,DSL)
+ next;
+ }
next if ($targethash{$b}[0] eq 'none');
$STAG='';
if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -557,7 +565,7 @@ sub get_address
$$hash{$key}[0]='0.0.0.0/0';
}
if($base2 eq 'RED' || $base2 eq 'RED1'){
- open(FILE, "/var/ipfire/red/local-ipaddress")or die "Couldn't open local-ipaddress";
+ open(FILE, "/var/ipfire/red/local-ipaddress");
$$hash{$key}[0]= <FILE>;
close(FILE);
}else{
diff --git a/html/cgi-bin/qos.cgi b/html/cgi-bin/qos.cgi
index dee6f41..5542f65 100644
--- a/html/cgi-bin/qos.cgi
+++ b/html/cgi-bin/qos.cgi
@@ -251,13 +251,13 @@ END
if ($qossettings{'DOLEVEL7'} eq $Lang::tr{'save'})
{
if ( $qossettings{'QIP'} ne '' ) {
- unless ( &General::validip($qossettings{'QIP'}) ) {
+ if ((!&General::validipandmask($qossettings{'QIP'})) && (!&General::validip($qossettings{'QIP'}))) {
$qossettings{'VALID'} = 'no';
$message = $Lang::tr{'The source IP address is invalid.'};
}
}
if ( $qossettings{'DIP'} ne '' ) {
- unless ( &General::validip($qossettings{'DIP'}) ) {
+ if ((!&General::validipandmask($qossettings{'DIP'})) && (!&General::validip($qossettings{'DIP'}))) {
$qossettings{'VALID'} = 'no';
$message = $Lang::tr{'The destination IP address is invalid.'};
}
@@ -326,15 +326,15 @@ END
if ($qossettings{'DOPORT'} eq $Lang::tr{'save'})
{
if ( $qossettings{'QIP'} ne '' ) {
- unless ( &General::validip($qossettings{'QIP'}) ) {
+ if ((!&General::validipandmask($qossettings{'QIP'})) && (!&General::validip($qossettings{'QIP'}))) {
$qossettings{'VALID'} = 'no';
- $message = "$Lang::tr{'The source IP address is invalid.'}";
+ $message = $Lang::tr{'The source IP address is invalid.'};
}
}
if ( $qossettings{'DIP'} ne '' ) {
- unless ( &General::validip($qossettings{'DIP'}) ) {
+ if ((!&General::validipandmask($qossettings{'DIP'})) && (!&General::validip($qossettings{'DIP'}))) {
$qossettings{'VALID'} = 'no';
- $message = "$Lang::tr{'The destination IP address is invalid.'}";
+ $message = $Lang::tr{'The destination IP address is invalid.'};
}
}
if ($qossettings{'CLASS'} >= 100 && $qossettings{'CLASS'} < 121) {
@@ -1079,10 +1079,10 @@ END
print <<END
</select><td width='33%' align='center'>
<tr><td width='33%' align='right'>$Lang::tr{'source ip'}:
- <td width='33%' align='left'><input type='text' name='QIP' maxlength='15' value='$qossettings{'QIP'}' />
+ <td width='33%' align='left'><input type='text' name='QIP' maxlength='31' value='$qossettings{'QIP'}' />
<td width='33%' align='center'>
<tr><td width='33%' align='right'>$Lang::tr{'destination ip'}:
- <td width='33%' align='left'><input type='text' name='DIP' maxlength='15' value='$qossettings{'DIP'}' />
+ <td width='33%' align='left'><input type='text' name='DIP' maxlength='31' value='$qossettings{'DIP'}' />
<td width='33%' align='center'><input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' /><input type='submit' name='DOLEVEL7' value='$Lang::tr{'save'}' />
<tr><td colspan="3" align='center'><font color="red"><em>$Lang::tr{'qos warning'}</em></font>
</table></form>
@@ -1123,10 +1123,10 @@ END
<td width='33%' align='left'><input type='text' name='DPORT' maxlength='11' value='$qossettings{'DPORT'}' />
<td width='33%' align='center'>
<tr><td width='33%' align='right'>$Lang::tr{'source ip'}:
- <td width='33%' align='left'><input type='text' name='QIP' maxlength='15' value='$qossettings{'QIP'}' />
+ <td width='33%' align='left'><input type='text' name='QIP' maxlength='31' value='$qossettings{'QIP'}' />
<td width='33%' align='center'>
<tr><td width='33%' align='right'>$Lang::tr{'destination ip'}:
- <td width='33%' align='left'><input type='text' name='DIP' maxlength='15' value='$qossettings{'DIP'}' />
+ <td width='33%' align='left'><input type='text' name='DIP' maxlength='31' value='$qossettings{'DIP'}' />
<td width='33%' align='center'><input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' /><input type='submit' name='DOPORT' value='$Lang::tr{'save'}' />
</table></form>
END
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2014-02-27 18:45 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140227184600.844FD204CD@argus.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox