Revision: 2812
http://ipcop.svn.sourceforge.net/ipcop/?rev=2812&view=rev
Author: dotzball
Date: 2009-05-08 19:38:42 +0000 (Fri, 08 May 2009)
Log Message:
-----------
Check if an address is used as destination/in portforwarding and handle
it accortingly.
Modified Paths:
--------------
ipcop/trunk/html/cgi-bin/addresses.cgi
ipcop/trunk/src/libs/DataAccess.pl
Modified: ipcop/trunk/html/cgi-bin/addresses.cgi
===================================================================
--- ipcop/trunk/html/cgi-bin/addresses.cgi 2009-05-08 18:03:56 UTC (rev
2811)
+++ ipcop/trunk/html/cgi-bin/addresses.cgi 2009-05-08 19:38:42 UTC (rev
2812)
@@ -428,9 +428,7 @@
return;
}
- #
- # TODO: Check if an address is used in Portforwarding, if yes no subnets
are allowed
- #
+ my $usedAsDest = &DATA::isUsedAsDestAdr($cgiparams{'ADR_NAME'});
if ($cgiparams{'ADDRESS_TYPE'} eq 'ip') {
unless (&General::validip($cgiparams{'ADDRESS_TXT'})) {
@@ -445,6 +443,14 @@
unless (&General::validmask($cgiparams{'NETMASK'})) {
$errormessage .= "$Lang::tr{'subnet is invalid'} <br />";
}
+
+ # check if it is used in portforwardiing
+ if($usedAsDest == 2) {
+ if($cgiparams{'NETMASK'} ne '32' && $cgiparams{'NETMASK'} ne
'255.255.255.255') {
+ $errormessage .= "$Lang::tr{'adr is used in portfw'}:<br />";
+ $errormessage .= "$Lang::tr{'only host ip adr allowed in
portfw'}<br />";
+ }
+ }
}
elsif ($cgiparams{'ADDRESS_TYPE'} eq 'mac') {
@@ -455,6 +461,12 @@
$errormessage .= "$Lang::tr{'invalid mac'} <br />";
}
+ # check if it is used as destination
+ if($usedAsDest == 1) {
+ $errormessage .= "$Lang::tr{'adr is used as dest'}:<br />";
+ $errormessage .= "$Lang::tr{'mac adr not as dest'}<br />";
+ }
+
# we don't need a mask when MAC is selected
$cgiparams{'NETMASK'} = '';
}
Modified: ipcop/trunk/src/libs/DataAccess.pl
===================================================================
--- ipcop/trunk/src/libs/DataAccess.pl 2009-05-08 18:03:56 UTC (rev 2811)
+++ ipcop/trunk/src/libs/DataAccess.pl 2009-05-08 19:38:42 UTC (rev 2812)
@@ -978,6 +978,45 @@
return 0;
}
+#######################################################
+# Check if an address is used as destination
+# Returns
+# 2 - if used as destination in portforwarding
+# 1 - if used as destionation (not portforwarding)
+# 0 - if not used as destination
+#######################################################
+sub isUsedAsDestAdr
+{
+ my $adr = shift;
+
+ my %ruleConfig = ();
+ &DATA::readRuleConfig(\%ruleConfig);
+
+ my $usedAsDest = 0;
+ my $usedInPfw = 0;
+ foreach my $type (keys %ruleConfig) {
+ foreach my $rule (@{$ruleConfig{$type}}) {
+
+ if($rule->{'DST_IP_TYPE'} eq 'custDestIP' && $rule->{'DST_IP'} eq
$adr) {
+ $usedAsDest = 1;
+ if($type eq 'PORTFW') {
+ $usedInPfw = 2;
+ }
+ }
+ }
+ }
+
+ if($usedInPfw == 2) {
+ return 2;
+ }
+ elsif( $usedAsDest == 1) {
+ return 1;
+ }
+
+ # not used as dest
+ return 0;
+}
+
#EOF
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
production scanning environment may not be a perfect world - but thanks to
Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
Series Scanner you'll get full speed at 300 dpi even with all image
processing features enabled. http://p.sf.net/sfu/kodak-com
_______________________________________________
Ipcop-svn mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ipcop-svn
