* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 800077a68916409bd0aa3b5a240bd9f70ec27655
@ 2014-02-27 18:45 git
0 siblings, 0 replies; only message in thread
From: git @ 2014-02-27 18:45 UTC (permalink / raw)
To: ipfire-scm
[-- Attachment #1: Type: text/plain, Size: 7117 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 800077a68916409bd0aa3b5a240bd9f70ec27655 (commit)
via 5a7491ffd6023019d605aa773c1f6d8e3fb2ff17 (commit)
via 5eee5a607e213c25b350926c5234d2230cfc6e29 (commit)
from b18dba57de09607a047c75a5a704c48c060b7c3c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 800077a68916409bd0aa3b5a240bd9f70ec27655
Author: Alexander Marx <alexander.marx(a)ipfire.org>
Date: Thu Feb 27 13:38:40 2014 +0100
Firewall: Skip rules on boot when red has no ip
commit 5a7491ffd6023019d605aa773c1f6d8e3fb2ff17
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Thu Feb 27 19:39:18 2014 +0100
QoS: Actually accept subnets everywhere.
commit 5eee5a607e213c25b350926c5234d2230cfc6e29
Author: Alexander Marx <alexander.marx(a)ipfire.org>
Date: Wed Feb 26 16:07:02 2014 +0100
QOS: IP-Addresses can now be simple IP-Address or IP-Address and subnet
-----------------------------------------------------------------------
Summary of changes:
config/firewall/rules.pl | 10 +++++++++-
html/cgi-bin/qos.cgi | 20 ++++++++++----------
2 files changed, 19 insertions(+), 11 deletions(-)
Difference in files:
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index d8adb15..40ca824 100755
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -258,6 +258,10 @@ sub buildrules
$PROT="-p $PROT" if ($PROT ne '' && $PROT ne ' ');
foreach my $a (sort keys %sourcehash){
foreach my $b (sort keys %targethash){
+ if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){
+ #Skip rules when no RED IP is set (DHCP,DSL)
+ next;
+ }
next if ($targethash{$b}[0] eq 'none');
$STAG='';
if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -342,6 +346,10 @@ sub buildrules
}
foreach my $a (sort keys %sourcehash){
foreach my $b (sort keys %targethash){
+ if(! $sourcehash{$a}[0] || ! $targethash{$b}[0] || ($natip eq '-d ' && $$hash{$key}[28] eq 'ON') || (!$natip && $$hash{$key}[28] eq 'ON')){
+ #Skip rules when no RED IP is set (DHCP,DSL)
+ next;
+ }
next if ($targethash{$b}[0] eq 'none');
$STAG='';
if ($sourcehash{$a}[0] ne $targethash{$b}[0] && $targethash{$b}[0] ne 'none' || $sourcehash{$a}[0] eq '0.0.0.0/0.0.0.0'){
@@ -557,7 +565,7 @@ sub get_address
$$hash{$key}[0]='0.0.0.0/0';
}
if($base2 eq 'RED' || $base2 eq 'RED1'){
- open(FILE, "/var/ipfire/red/local-ipaddress")or die "Couldn't open local-ipaddress";
+ open(FILE, "/var/ipfire/red/local-ipaddress");
$$hash{$key}[0]= <FILE>;
close(FILE);
}else{
diff --git a/html/cgi-bin/qos.cgi b/html/cgi-bin/qos.cgi
index dee6f41..5542f65 100644
--- a/html/cgi-bin/qos.cgi
+++ b/html/cgi-bin/qos.cgi
@@ -251,13 +251,13 @@ END
if ($qossettings{'DOLEVEL7'} eq $Lang::tr{'save'})
{
if ( $qossettings{'QIP'} ne '' ) {
- unless ( &General::validip($qossettings{'QIP'}) ) {
+ if ((!&General::validipandmask($qossettings{'QIP'})) && (!&General::validip($qossettings{'QIP'}))) {
$qossettings{'VALID'} = 'no';
$message = $Lang::tr{'The source IP address is invalid.'};
}
}
if ( $qossettings{'DIP'} ne '' ) {
- unless ( &General::validip($qossettings{'DIP'}) ) {
+ if ((!&General::validipandmask($qossettings{'DIP'})) && (!&General::validip($qossettings{'DIP'}))) {
$qossettings{'VALID'} = 'no';
$message = $Lang::tr{'The destination IP address is invalid.'};
}
@@ -326,15 +326,15 @@ END
if ($qossettings{'DOPORT'} eq $Lang::tr{'save'})
{
if ( $qossettings{'QIP'} ne '' ) {
- unless ( &General::validip($qossettings{'QIP'}) ) {
+ if ((!&General::validipandmask($qossettings{'QIP'})) && (!&General::validip($qossettings{'QIP'}))) {
$qossettings{'VALID'} = 'no';
- $message = "$Lang::tr{'The source IP address is invalid.'}";
+ $message = $Lang::tr{'The source IP address is invalid.'};
}
}
if ( $qossettings{'DIP'} ne '' ) {
- unless ( &General::validip($qossettings{'DIP'}) ) {
+ if ((!&General::validipandmask($qossettings{'DIP'})) && (!&General::validip($qossettings{'DIP'}))) {
$qossettings{'VALID'} = 'no';
- $message = "$Lang::tr{'The destination IP address is invalid.'}";
+ $message = $Lang::tr{'The destination IP address is invalid.'};
}
}
if ($qossettings{'CLASS'} >= 100 && $qossettings{'CLASS'} < 121) {
@@ -1079,10 +1079,10 @@ END
print <<END
</select><td width='33%' align='center'>
<tr><td width='33%' align='right'>$Lang::tr{'source ip'}:
- <td width='33%' align='left'><input type='text' name='QIP' maxlength='15' value='$qossettings{'QIP'}' />
+ <td width='33%' align='left'><input type='text' name='QIP' maxlength='31' value='$qossettings{'QIP'}' />
<td width='33%' align='center'>
<tr><td width='33%' align='right'>$Lang::tr{'destination ip'}:
- <td width='33%' align='left'><input type='text' name='DIP' maxlength='15' value='$qossettings{'DIP'}' />
+ <td width='33%' align='left'><input type='text' name='DIP' maxlength='31' value='$qossettings{'DIP'}' />
<td width='33%' align='center'><input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' /><input type='submit' name='DOLEVEL7' value='$Lang::tr{'save'}' />
<tr><td colspan="3" align='center'><font color="red"><em>$Lang::tr{'qos warning'}</em></font>
</table></form>
@@ -1123,10 +1123,10 @@ END
<td width='33%' align='left'><input type='text' name='DPORT' maxlength='11' value='$qossettings{'DPORT'}' />
<td width='33%' align='center'>
<tr><td width='33%' align='right'>$Lang::tr{'source ip'}:
- <td width='33%' align='left'><input type='text' name='QIP' maxlength='15' value='$qossettings{'QIP'}' />
+ <td width='33%' align='left'><input type='text' name='QIP' maxlength='31' value='$qossettings{'QIP'}' />
<td width='33%' align='center'>
<tr><td width='33%' align='right'>$Lang::tr{'destination ip'}:
- <td width='33%' align='left'><input type='text' name='DIP' maxlength='15' value='$qossettings{'DIP'}' />
+ <td width='33%' align='left'><input type='text' name='DIP' maxlength='31' value='$qossettings{'DIP'}' />
<td width='33%' align='center'><input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' /><input type='submit' name='DOPORT' value='$Lang::tr{'save'}' />
</table></form>
END
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2014-02-27 18:45 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-02-27 18:45 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 800077a68916409bd0aa3b5a240bd9f70ec27655 git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox