diff options
| author | Marcello Coutinho <marcellocoutinho@gmail.com> | 2012-07-11 16:42:41 -0300 |
|---|---|---|
| committer | marcelloc <marcellocoutinho@gmail.com> | 2012-07-11 16:42:41 -0300 |
| commit | 5a519f7e667fea73434b3c1433f8c8ba1fe66eae (patch) | |
| tree | c9d4d1ad99f30447adf00de9f0eab508cdd1e98a /config/squid-reverse/squid.inc | |
| parent | 338d3bf70dceac5baa0cd2eab68d8a4db256483a (diff) | |
| download | pfsense-packages-5a519f7e667fea73434b3c1433f8c8ba1fe66eae.tar.gz pfsense-packages-5a519f7e667fea73434b3c1433f8c8ba1fe66eae.tar.bz2 pfsense-packages-5a519f7e667fea73434b3c1433f8c8ba1fe66eae.zip | |
squid3 - change Unrestricted IPs and Banned host addresses check to allow CIDR networks
Diffstat (limited to 'config/squid-reverse/squid.inc')
| -rw-r--r-- | config/squid-reverse/squid.inc | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/config/squid-reverse/squid.inc b/config/squid-reverse/squid.inc index 51e5892c..e00da80c 100644 --- a/config/squid-reverse/squid.inc +++ b/config/squid-reverse/squid.inc @@ -492,10 +492,18 @@ function squid_validate_nac($post, $input_errors) { } foreach (array( 'unrestricted_hosts', 'banned_hosts') as $hosts) { - foreach (explode("\n", $post[$hosts]) as $host) { - $host = trim($host); - if (!empty($host) && !is_ipaddr($host)) - $input_errors[] = "The host '$host' is not a valid IP address"; + + if (preg_match_all("@([0-9.]+)(/[0-9.]+|)@",$_POST[$hosts],$matches)){ + for ($x=0;$x < count($matches[1]);$x++){ + if ($matches[2][$x] == ""){ + if (!is_ipaddr($matches[1][$x])) + $input_errors[] = "'{$matches[1][$x]}' is not a valid IP address"; + } + else{ + if (!is_subnet($matches[0][$x])) + $input_errors[] = "The subnet '{$matches[0][$x]}' is not a valid CIDR range"; + } + } } } |