diff options
| author | dneuhaeuser <dn@arbor.de> | 2015-04-03 19:48:55 +0200 |
|---|---|---|
| committer | dneuhaeuser <dn@arbor.de> | 2015-04-03 19:48:55 +0200 |
| commit | 914f2b481354f3e9326ad8fcf0180b6f4d0514f0 (patch) | |
| tree | 950e9cbb3c3ebdad25a3a167ed5550642335ae17 | |
| parent | a9d7f2034af6a28287ef85682a2fa1b6c8e0d05b (diff) | |
| download | pfsense-packages-914f2b481354f3e9326ad8fcf0180b6f4d0514f0.tar.gz pfsense-packages-914f2b481354f3e9326ad8fcf0180b6f4d0514f0.tar.bz2 pfsense-packages-914f2b481354f3e9326ad8fcf0180b6f4d0514f0.zip | |
correction of portrange checking
configured port needs checking against sysctl parameter sysctl "net.inet.ip.portrange.reservedhigh" instead of "net.inet.ip.portrange.first".
| -rwxr-xr-x | config/squid3/34/squid.inc | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc index 69a50125..089fba00 100755 --- a/config/squid3/34/squid.inc +++ b/config/squid3/34/squid.inc @@ -639,19 +639,19 @@ function squid_validate_reverse($post, &$input_errors) { $input_errors[] = 'The field \'external FQDN\' must contain a valid domain name'; $port = trim($post['reverse_http_port']); - preg_match("/(\d+)/",`sysctl net.inet.ip.portrange.first`,$portrange); + preg_match("/(\d+)/",`sysctl net.inet.ip.portrange.reservedhigh`,$portrange); if (!empty($port) && !is_port($port)) $input_errors[] = 'The field \'reverse HTTP port\' must contain a valid port number'; if (!empty($port) && is_port($port) && $port < $portrange[1]){ - $input_errors[] = "The field 'reverse HTTP port' must contain a port number higher than net.inet.ip.portrange.first sysctl value({$portrange[1]})."; - $input_errors[] = "To listen on low ports, change portrange.first sysctl value to 0 on system tunable options and restart squid daemon."; + $input_errors[] = "The field 'reverse HTTP port' must contain a port number higher than net.inet.ip.portrange.reservedhigh sysctl value({$portrange[1]})."; + $input_errors[] = "To listen on low ports, change portrange.reservedhigh sysctl value to 0 on system tunable options and restart squid daemon."; } $port = trim($post['reverse_https_port']); if (!empty($port) && !is_port($port)) $input_errors[] = 'The field \'reverse HTTPS port\' must contain a valid port number'; if (!empty($port) && is_port($port) && $port < $portrange[1]){ - $input_errors[] = "The field 'reverse HTTPS port' must contain a port number higher than net.inet.ip.portrange.first sysctl value({$portrange[1]})."; - $input_errors[] = "To listen on low ports, change portrange.first sysctl value to 0 on system tunable options and restart squid daemon."; + $input_errors[] = "The field 'reverse HTTPS port' must contain a port number higher than net.inet.ip.portrange.reservedhigh sysctl value({$portrange[1]})."; + $input_errors[] = "To listen on low ports, change portrange.reservedhigh sysctl value to 0 on system tunable options and restart squid daemon."; } if ($post['reverse_ssl_cert'] == 'none') $input_errors[] = 'A valid certificate for the external interface must be selected'; |