Show validation error for FQDN aliases since we do not support them.

2 files changed, 8 insertions, 2 deletions

diff --git a/config/suricata/suricata_define_vars.php b/config/suricata/suricata_define_vars.php
index 1aff122c..eac0c2a8 100644
--- a/config/suricata/suricata_define_vars.php
+++ b/config/suricata/suricata_define_vars.php
@@ -101,10 +101,14 @@ if ($_POST) {
 	foreach ($suricata_servers as $key => $server) {
 		if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"]))
 			$input_errors[] = "Only aliases are allowed";
+		if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "")
+			$input_errors[] = "FQDN aliases are not allowed for IP variables in Suricata.";
 	}
 	foreach ($suricata_ports as $key => $server) {
 		if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"]))
 			$input_errors[] = "Only aliases are allowed";
+		if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "")
+			$input_errors[] = "FQDN aliases are not allowed for port variables in Suricata.";
 	}
 	/* if no errors write to suricata.yaml */
 	if (!$input_errors) {
diff --git a/config/suricata/suricata_passlist_edit.php b/config/suricata/suricata_passlist_edit.php
index 1d92e644..357b3818 100644
--- a/config/suricata/suricata_passlist_edit.php
+++ b/config/suricata/suricata_passlist_edit.php
@@ -154,10 +154,12 @@ if ($_POST['save']) {
 		}
 	}
 
-	if ($_POST['address'])
+	if ($_POST['address']) {
 		if (!is_alias($_POST['address']))
 			$input_errors[] = gettext("A valid alias must be provided");
-
+		if (is_alias($_POST['address']) && trim(filter_expand_alias($_POST['address'])) == "")
+			$input_errors[] = gettext("FQDN aliases are not supported in Suricata.");
+	}
 	if (!$input_errors) {
 		$p_list = array();
 		/* post user input */