diff options
-rw-r--r-- | config/suricata/suricata_define_vars.php | 4 | ||||
-rw-r--r-- | config/suricata/suricata_passlist_edit.php | 6 |
2 files changed, 8 insertions, 2 deletions
diff --git a/config/suricata/suricata_define_vars.php b/config/suricata/suricata_define_vars.php index 1aff122c..eac0c2a8 100644 --- a/config/suricata/suricata_define_vars.php +++ b/config/suricata/suricata_define_vars.php @@ -101,10 +101,14 @@ if ($_POST) { foreach ($suricata_servers as $key => $server) { if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"])) $input_errors[] = "Only aliases are allowed"; + if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "") + $input_errors[] = "FQDN aliases are not allowed for IP variables in Suricata."; } foreach ($suricata_ports as $key => $server) { if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"])) $input_errors[] = "Only aliases are allowed"; + if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "") + $input_errors[] = "FQDN aliases are not allowed for port variables in Suricata."; } /* if no errors write to suricata.yaml */ if (!$input_errors) { diff --git a/config/suricata/suricata_passlist_edit.php b/config/suricata/suricata_passlist_edit.php index 1d92e644..357b3818 100644 --- a/config/suricata/suricata_passlist_edit.php +++ b/config/suricata/suricata_passlist_edit.php @@ -154,10 +154,12 @@ if ($_POST['save']) { } } - if ($_POST['address']) + if ($_POST['address']) { if (!is_alias($_POST['address'])) $input_errors[] = gettext("A valid alias must be provided"); - + if (is_alias($_POST['address']) && trim(filter_expand_alias($_POST['address'])) == "") + $input_errors[] = gettext("FQDN aliases are not supported in Suricata."); + } if (!$input_errors) { $p_list = array(); /* post user input */ |