aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/suricata/suricata_define_vars.php4
-rw-r--r--config/suricata/suricata_passlist_edit.php6
2 files changed, 8 insertions, 2 deletions
diff --git a/config/suricata/suricata_define_vars.php b/config/suricata/suricata_define_vars.php
index 1aff122c..eac0c2a8 100644
--- a/config/suricata/suricata_define_vars.php
+++ b/config/suricata/suricata_define_vars.php
@@ -101,10 +101,14 @@ if ($_POST) {
foreach ($suricata_servers as $key => $server) {
if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"]))
$input_errors[] = "Only aliases are allowed";
+ if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "")
+ $input_errors[] = "FQDN aliases are not allowed for IP variables in Suricata.";
}
foreach ($suricata_ports as $key => $server) {
if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"]))
$input_errors[] = "Only aliases are allowed";
+ if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "")
+ $input_errors[] = "FQDN aliases are not allowed for port variables in Suricata.";
}
/* if no errors write to suricata.yaml */
if (!$input_errors) {
diff --git a/config/suricata/suricata_passlist_edit.php b/config/suricata/suricata_passlist_edit.php
index 1d92e644..357b3818 100644
--- a/config/suricata/suricata_passlist_edit.php
+++ b/config/suricata/suricata_passlist_edit.php
@@ -154,10 +154,12 @@ if ($_POST['save']) {
}
}
- if ($_POST['address'])
+ if ($_POST['address']) {
if (!is_alias($_POST['address']))
$input_errors[] = gettext("A valid alias must be provided");
-
+ if (is_alias($_POST['address']) && trim(filter_expand_alias($_POST['address'])) == "")
+ $input_errors[] = gettext("FQDN aliases are not supported in Suricata.");
+ }
if (!$input_errors) {
$p_list = array();
/* post user input */