From f287c8845a766aae5a9d73ad93c44b44d7f8963d Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Fri, 20 Nov 2015 10:32:25 +0100
Subject: Tighten the input validation to make sure 'Bind IP Address' is
 configured on the local system

---
 config/nrpe2/nrpe2.inc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'config/nrpe2')

diff --git a/config/nrpe2/nrpe2.inc b/config/nrpe2/nrpe2.inc
index 5a23a585..182664b8 100644
--- a/config/nrpe2/nrpe2.inc
+++ b/config/nrpe2/nrpe2.inc
@@ -29,6 +29,7 @@
 	POSSIBILITY OF SUCH DAMAGE.
 */
 require_once("filter.inc");
+require_once("pfsense-utils.inc");
 require_once("pkg-utils.inc");
 require_once("util.inc");
 
@@ -245,8 +246,8 @@ function nrpe2_custom_php_validation_command($post, &$input_errors) {
 		$input_errors[] = gettext("'Port Number' must be a valid port.");
 	}
 	if ($post['server_address'] != "") {
-		if (!is_ipaddr($post['server_address'])) {
-			$input_errors[] = gettext("'Bind IP Address' must be a valid IP address.");
+		if (!is_ipaddr_configured($post['server_address']) && !preg_match("/(127.0.0.1|0.0.0.0)/", $post['server_address'])) {
+			$input_errors[] = gettext("'Bind IP Address' is not a valid, locally configured IP address.");
 		}
 	}
 	foreach (explode(",", $post['allowed_hosts']) as $host) {
-- 
cgit v1.2.3