return 1;
}
+sub validwildcarddomainname($) {
+ my $domainname = shift;
+
+ # Ignore any leading dots
+ if ($domainname =~ m/^\*\.(.*)/) {
+ $domainname = $1;
+ }
+
+ return &validdomainname($domainname);
+}
+
sub validfqdn
{
# Checks a fully qualified domain name against RFC1035 and RFC2181
var/ipfire/ids-functions.pl
var/ipfire/ipblocklist-functions.pl
var/ipfire/ipblocklist
+#var/ipfire/ipblocklist/modified
#var/ipfire/ipblocklist/settings
var/ipfire/isdn
#var/ipfire/isdn/settings
srv/web/ipfire/cgi-bin/aliases.cgi
srv/web/ipfire/cgi-bin/index.cgi
srv/web/ipfire/cgi-bin/ipblocklist.cgi
+srv/web/ipfire/cgi-bin/mail.cgi
srv/web/ipfire/cgi-bin/pakfire.cgi
+srv/web/ipfire/cgi-bin/proxy.cgi
srv/web/ipfire/cgi-bin/services.cgi
srv/web/ipfire/cgi-bin/vpnmain.cgi
srv/web/ipfire/cgi-bin/vulnerabilities.cgi
usr/share/terminfo/t/tmux-direct
var/ipfire/backup/bin/backup.pl
var/ipfire/backup/include
+var/ipfire/general-functions.pl
var/ipfire/ipblocklist-functions.pl
var/ipfire/menu.d/50-firewall.menu
var/ipfire/menu.d/70-log.menu
mkdir -pv /var/lib/ipblocklist
chown nobody:nobody /var/lib/ipblocklist
+# Create necessary files for IPBlocklist and set their ownership accordingly (#12917)
+touch /var/ipfire/ipblocklist/{settings,modified}
+chown nobody:nobody /var/ipfire/ipblocklist/{settings,modified}
+
# Rebuild fcrontab from scratch
/usr/bin/fcrontab -z
$errormessage .= "$Lang::tr{'email invalid'} $Lang::tr{'email mailsender'}<br>";
}
}
+ # Check for a valid recipient
+ if (!&General::validemail($cgiparams{'txt_recipient'})) {
+ $errormessage .= $Lang::tr{'email recipient invalid'} . "<br>";
+ }
return $errormessage;
}
if ($_)
{
if (/^\./) { $_ = '*'.$_; }
+ unless (&General::validwildcarddomainname($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid url'} . ": " . &Header::escape($_); }
$proxysettings{'DST_NOCACHE'} .= $_."\n";
}
}
if ($_)
{
if (/^\./) { $_ = '*'.$_; }
+ unless (&General::validwildcarddomainname($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid url'} . ": " . &Header::escape($_); }
$proxysettings{'DST_NOPROXY_URL'} .= $_."\n";
}
}
'advproxy errmsg invalid proxy port' => 'Ungültiger Proxyport',
'advproxy errmsg invalid upstream proxy' => 'Ungültige IP/Hostname für vorgelagerten Proxy',
'advproxy errmsg invalid upstream proxy username or password setting' => 'Ungültiger Benutzername oder ungültiges Kennwort für vorgelagerten Proxy',
+'advproxy errmsg invalid url' => 'Ungültige URL',
'advproxy errmsg invalid user' => 'Benutzername existiert nicht',
'advproxy errmsg ldap base dn' => 'LDAP Base DN erforderlich',
'advproxy errmsg ldap bind dn' => 'LDAP Bind DN Benutzername und Passwort erforderlich',
'email mailrcpt' => 'E-Mail-Empfänger',
'email mailsender' => 'E-Mail-Absender',
'email mailuser' => 'Benutzername',
+'email recipient invalid' => 'Ungültiger Emailempfänger',
'email server can not be empty' => 'E-Mail-Server darf nicht leer sein',
'email settings' => 'Mailversand',
'email subject' => 'IPFire Test-E-Mail',
'advproxy errmsg invalid proxy port' => 'Invalid proxy port',
'advproxy errmsg invalid upstream proxy' => 'Invalid upstream proxy IP/hostname',
'advproxy errmsg invalid upstream proxy username or password setting' => 'Invalid upstream proxy username or password setting',
+'advproxy errmsg invalid url' => 'Invalid URL',
'advproxy errmsg invalid user' => 'Username does not exist',
'advproxy errmsg ldap base dn' => 'LDAP base DN required',
'advproxy errmsg ldap bind dn' => 'LDAP bind DN username and password required',
'email mailrcpt' => 'Mail Recipient',
'email mailsender' => 'Mail Sender',
'email mailuser' => 'Username',
+'email recipient invalid' => 'Invalid email recipient',
'email server can not be empty' => 'E-mail server can not be empty',
'email settings' => 'Mail Service',
'email subject' => 'IPFire Test Mail',
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
captive/settings captive/agb.txt captive/clients captive/voucher_out certs/index.txt certs/index.txt.attr ddns/config ddns/settings ddns/ipcache dhcp/settings \
dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings dns/servers dnsforward/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/scanned_nics \
ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extrahd/settings firewall/settings firewall/config firewall/locationblock firewall/input firewall/outgoing \
- fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwhosts/customlocationgrp fwlogs/ipsettings fwlogs/portsettings ipblocklist/settings \
- isdn/settings mac/settings main/hosts main/routing main/security main/settings optionsfw/settings \
+ fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwhosts/customlocationgrp fwlogs/ipsettings fwlogs/portsettings ipblocklist/modified \
+ ipblocklist/settings isdn/settings mac/settings main/hosts main/routing main/security main/settings optionsfw/settings \
ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
qos/tosconfig suricata/settings vpn/config vpn/settings vpn/ipsec.conf \
struct keyvalue *kv = NULL;
FILE *file = NULL;
-#define SCOPE 128
-
void exithandler(void)
{
if (kv) freekeyvalues(kv);
alias = 0;
do {
snprintf(command, STRING_SIZE - 1,
- "ip addr flush dev red%d scope %d 2>/dev/null", alias++, SCOPE);
+ "ip addr flush secondary dev red%d 2>/dev/null", alias++);
} while (safe_system(command) == 0);
/* Now set up the new aliases from the config file */
if (!intf)
intf = red_dev;
- snprintf(command, STRING_SIZE - 1, "ip addr add %s/%s dev %s scope %d",
- aliasip, red_netmask, intf, SCOPE);
+ snprintf(command, STRING_SIZE - 1, "ip addr add %s/%s secondary dev %s 2>/dev/null",
+ aliasip, red_netmask, intf);
safe_system(command);
alias++;