From: Alexander Marx <alexander.marx@ipfire.org>
Date: Mon, 16 Jun 2014 07:45:59 +0000 (+0200)
Subject: BUG 10538: Routes may only added once and should not be part of an internal network
X-Git-Tag: v2.15-core80~67^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=29f238b239b1a038a8d6541c98969f90f7a1274d;p=ipfire-2.x.git

BUG 10538: Routes may only added once and should not be part of an internal network
---

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 271dc41dac..19cfebb687 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -598,6 +598,19 @@ sub checksubnets
 	if (($ownnet{'RED_NETADDRESS'} 		ne '' && $ownnet{'RED_NETADDRESS'} 		ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'RED_NETADDRESS'},&iporsubtodec($ownnet{'RED_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
 }
 
+sub check_net_internal{
+	my $network=shift;
+	my ($ip,$cidr)=split(/\//,$network);
+	my %ownnet=();
+	my $errormessage;
+	$cidr=&iporsubtocidr($cidr);
+	#check if we use one of ipfire's networks (green,orange,blue)
+	&readhash("${General::swroot}/ethernet/settings", \%ownnet);
+	if (($ownnet{'GREEN_NETADDRESS'}  	ne '' && $ownnet{'GREEN_NETADDRESS'} 	ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'GREEN_NETADDRESS'},&iporsubtodec($ownnet{'GREEN_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;}
+	if (($ownnet{'ORANGE_NETADDRESS'}	ne '' && $ownnet{'ORANGE_NETADDRESS'} 	ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'ORANGE_NETADDRESS'},&iporsubtodec($ownnet{'ORANGE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;}
+	if (($ownnet{'BLUE_NETADDRESS'} 	ne '' && $ownnet{'BLUE_NETADDRESS'} 	ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'BLUE_NETADDRESS'},&iporsubtodec($ownnet{'BLUE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;}
+	if (($ownnet{'RED_NETADDRESS'} 		ne '' && $ownnet{'RED_NETADDRESS'} 		ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'RED_NETADDRESS'},&iporsubtodec($ownnet{'RED_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err red'};return $errormessage;}
+}
 
 sub validport
 {
diff --git a/html/cgi-bin/routing.cgi b/html/cgi-bin/routing.cgi
index 5798fb8968..c460a74e7c 100644
--- a/html/cgi-bin/routing.cgi
+++ b/html/cgi-bin/routing.cgi
@@ -134,6 +134,27 @@ if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
 	$errormessage = $Lang::tr{'invalid ip'}. " - ".$Lang::tr{'gateway ip'};
 	}
 
+	#set networkip if not already correctly defined
+	my($ip,$cidr) = split(/\//,$settings{'IP'});
+	my $netip=&General::getnetworkip($ip,$cidr);
+	$settings{'IP'} = "$netip/$cidr";
+
+	#Check for already existing routing entry
+	foreach my $line (@current) {
+		chomp($line);				# remove newline
+		my @temp=split(/\,/,$line);
+		$temp[2] ='' unless defined $temp[2]; # not always populated
+		$temp[3] ='' unless defined $temp[2]; # not always populated
+		#Same ip already used?
+		if($temp[1] eq $settings{'IP'}){
+			$errormessage = $Lang::tr{'ccd err irouteexist'};
+			last;
+		}
+		#Is the network part of an internal network?
+		$errormessage .= &General::check_net_internal($settings{'IP'});
+		last;
+	}
+
     unless ($errormessage) {
 	if ($settings{'KEY1'} eq '') { #add or edit ?
 	    unshift (@current, "$settings{'EN'},$settings{'IP'},$settings{'GATEWAY'},$settings{'REMARK'}\n");