[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfire-development
Subject: Re: [PATCH 2/2] proxy.cgi: fix subnet comparison
From: "Tom Rymes" <trymes () rymes ! com>
Date: 2018-02-11 20:47:31
Message-ID: A8DB05C9-B46B-4894-900B-46202E23423F () rymes ! com
[Download RAW message or body]
Bernhard,
Does any of this also apply to the subnet comparisons made when adding subnets in the \
"Firewall Groups" portion of the WUI?
Tom
> On Feb 11, 2018, at 1:52 PM, Bernhard Held <berny156@gmx.de> wrote:
>
> The logic of subnet comparison is broken. E.g. if the blue netmask is
> 255.255.255.0, it's impossible to add a VPN subnet with the same netmask.
> The proposed patch compares the subnets individually.
> ---
> html/cgi-bin/proxy.cgi | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi
> index ea3b41126..4993dde86 100644
> --- a/html/cgi-bin/proxy.cgi
> +++ b/html/cgi-bin/proxy.cgi
> @@ -3066,8 +3066,8 @@ END
> @temp = split(/\//);
> chomp $temp[1];
> if (
> - ($temp[0] ne $netsettings{'GREEN_NETADDRESS'}) && ($temp[1] ne \
> $netsettings{'GREEN_NETMASK'}) &&
> - ($temp[0] ne $netsettings{'BLUE_NETADDRESS'}) && ($temp[1] ne \
> $netsettings{'BLUE_NETMASK'}) + (($temp[0] ne \
> $netsettings{'GREEN_NETADDRESS'}) || ($temp[1] ne $netsettings{'GREEN_NETMASK'})) \
> && + (($temp[0] ne $netsettings{'BLUE_NETADDRESS'}) || ($temp[1] \
> ne $netsettings{'BLUE_NETMASK'})) )
> {
> print FILE " ||\n (isInNet(myIpAddress(), \"$temp[0]\", \"$temp[1]\"))";
> --
> 2.16.1
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic