This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  800077a68916409bd0aa3b5a240bd9f70ec27655 (commit)
       via  5a7491ffd6023019d605aa773c1f6d8e3fb2ff17 (commit)
       via  5eee5a607e213c25b350926c5234d2230cfc6e29 (commit)
      from  b18dba57de09607a047c75a5a704c48c060b7c3c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 800077a68916409bd0aa3b5a240bd9f70ec27655
Author: Alexander Marx <alexander.marx(a)ipfire.org>
Date:   Thu Feb 27 13:38:40 2014 +0100

    Firewall: Skip rules on boot when red has no ip

commit 5a7491ffd6023019d605aa773c1f6d8e3fb2ff17
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Thu Feb 27 19:39:18 2014 +0100

    QoS: Actually accept subnets everywhere.

commit 5eee5a607e213c25b350926c5234d2230cfc6e29
Author: Alexander Marx <alexander.marx(a)ipfire.org>
Date:   Wed Feb 26 16:07:02 2014 +0100

    QOS: IP-Addresses can now be simple IP-Address or IP-Address and subnet

-----------------------------------------------------------------------

Summary of changes:
 config/firewall/rules.pl | 10 +++++++++-
 html/cgi-bin/qos.cgi     | 20 ++++++++++----------
 2 files changed, 19 insertions(+), 11 deletions(-)

Difference in files:
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index d8adb15..40ca824 100755
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -258,6 +258,10 @@ sub buildrules
 					$PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
 					foreach my $a (sort keys %sourcehash){
 						foreach my $b (sort keys %targethash){
+							if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){
+								#Skip rules when no RED IP is set (DHCP,DSL)
+								next;
+							}
 							next if ($targethash{$b}[0] eq 'none');
 							$STAG='';
 							if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -342,6 +346,10 @@ sub buildrules
 					}
 					foreach my $a (sort keys %sourcehash){
 						foreach my $b (sort keys %targethash){
+							if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){
+								#Skip rules when no RED IP is set (DHCP,DSL)
+								next;
+							}
 							next if ($targethash{$b}[0] eq 'none');
 							$STAG='';
 							if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -557,7 +565,7 @@ sub get_address
 			$$hash{$key}[0]='0.0.0.0/0';
 		}
 		if($base2 eq 'RED' || $base2 eq 'RED1'){
-			open(FILE, "/var/ipfire/red/local-ipaddress")or die "Couldn't open local-ipaddress";
+			open(FILE, "/var/ipfire/red/local-ipaddress");
 			$$hash{$key}[0]= <FILE>;
 			close(FILE);
 		}else{
diff --git a/html/cgi-bin/qos.cgi b/html/cgi-bin/qos.cgi
index dee6f41..5542f65 100644
--- a/html/cgi-bin/qos.cgi
+++ b/html/cgi-bin/qos.cgi
@@ -251,13 +251,13 @@ END
 if ($qossettings{'DOLEVEL7'} eq $Lang::tr{'save'})
 {
 	if ( $qossettings{'QIP'} ne '' ) {
-		unless ( &General::validip($qossettings{'QIP'}) ) {
+		if ((!&General::validipandmask($qossettings{'QIP'})) && (!&General::validip($qossettings{'QIP'}))) {
 			$qossettings{'VALID'} = 'no';
 			$message = $Lang::tr{'The source IP address is invalid.'};
 		}
 	}
 	if ( $qossettings{'DIP'} ne '' ) {
-		unless ( &General::validip($qossettings{'DIP'}) ) {
+		if ((!&General::validipandmask($qossettings{'DIP'})) && (!&General::validip($qossettings{'DIP'}))) {
 			$qossettings{'VALID'} = 'no';
 			$message = $Lang::tr{'The destination IP address is invalid.'};
 		}
@@ -326,15 +326,15 @@ END
 if ($qossettings{'DOPORT'} eq $Lang::tr{'save'})
 {
 	if ( $qossettings{'QIP'} ne '' ) {
-		unless ( &General::validip($qossettings{'QIP'}) ) {
+		if ((!&General::validipandmask($qossettings{'QIP'})) && (!&General::validip($qossettings{'QIP'}))) {
 			$qossettings{'VALID'} = 'no';
-			$message = "$Lang::tr{'The source IP address is invalid.'}";
+			$message = $Lang::tr{'The source IP address is invalid.'};
 		}
 	}
 	if ( $qossettings{'DIP'} ne '' ) {
-		unless ( &General::validip($qossettings{'DIP'}) ) {
+		if ((!&General::validipandmask($qossettings{'DIP'})) && (!&General::validip($qossettings{'DIP'}))) {
 			$qossettings{'VALID'} = 'no';
-			$message = "$Lang::tr{'The destination IP address is invalid.'}";
+			$message = $Lang::tr{'The destination IP address is invalid.'};
 		}
 	}
 	if ($qossettings{'CLASS'} >= 100 && $qossettings{'CLASS'} < 121) {
@@ -1079,10 +1079,10 @@ END
 	print <<END
 		    </select><td width='33%' align='center'>&nbsp;
 		<tr><td width='33%' align='right'>$Lang::tr{'source ip'}:
-		    <td width='33%' align='left'><input type='text' name='QIP' maxlength='15' value='$qossettings{'QIP'}' />
+		    <td width='33%' align='left'><input type='text' name='QIP' maxlength='31' value='$qossettings{'QIP'}' />
 		    <td width='33%' align='center'>&nbsp;
 		<tr><td width='33%' align='right'>$Lang::tr{'destination ip'}:
-		    <td width='33%' align='left'><input type='text' name='DIP' maxlength='15' value='$qossettings{'DIP'}' />
+		    <td width='33%' align='left'><input type='text' name='DIP' maxlength='31' value='$qossettings{'DIP'}' />
 		    <td width='33%' align='center'><input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' /><input type='submit' name='DOLEVEL7' value='$Lang::tr{'save'}' />
 		<tr><td colspan="3" align='center'><font color="red"><em>$Lang::tr{'qos warning'}</em></font>
 		</table></form>
@@ -1123,10 +1123,10 @@ END
 		    <td width='33%' align='left'><input type='text' name='DPORT' maxlength='11' value='$qossettings{'DPORT'}' />
 		    <td width='33%' align='center'>&nbsp;
 		<tr><td width='33%' align='right'>$Lang::tr{'source ip'}:
-		    <td width='33%' align='left'><input type='text' name='QIP' maxlength='15' value='$qossettings{'QIP'}' />
+		    <td width='33%' align='left'><input type='text' name='QIP' maxlength='31' value='$qossettings{'QIP'}' />
 		    <td width='33%' align='center'>&nbsp;
 		<tr><td width='33%' align='right'>$Lang::tr{'destination ip'}:
-		    <td width='33%' align='left'><input type='text' name='DIP' maxlength='15' value='$qossettings{'DIP'}' />
+		    <td width='33%' align='left'><input type='text' name='DIP' maxlength='31' value='$qossettings{'DIP'}' />
 		    <td width='33%' align='center'><input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' /><input type='submit' name='DOPORT' value='$Lang::tr{'save'}' />
 		</table></form>
 END


hooks/post-receive
--
IPFire 2.x development tree