From 45f26735547337cc1398c98af4f986be2939f55e Mon Sep 17 00:00:00 2001
From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Thu, 24 Jun 2010 13:14:05 +0200
Subject: [PATCH] Allow also ip/netmask for blue access.

---
 config/rootfiles/core/38/filelists/files | 1 +
 html/cgi-bin/wireless.cgi                | 2 +-
 src/misc-progs/wirelessctrl.c            | 4 ++--
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/config/rootfiles/core/38/filelists/files b/config/rootfiles/core/38/filelists/files
index 1dccfbcfe7..ee03488efb 100644
--- a/config/rootfiles/core/38/filelists/files
+++ b/config/rootfiles/core/38/filelists/files
@@ -39,6 +39,7 @@ srv/web/ipfire/cgi-bin/time.cgi
 srv/web/ipfire/cgi-bin/updatexlrator.cgi
 srv/web/ipfire/cgi-bin/urlfilter.cgi
 srv/web/ipfire/cgi-bin/vpnmain.cgi
+srv/web/ipfire/cgi-bin/wireless.cgi
 srv/web/ipfire/html/themes/ipfire/include/functions.pl
 srv/web/ipfire/html/themes/maniac/include/functions.pl
 var/ipfire/langs/de.pl
diff --git a/html/cgi-bin/wireless.cgi b/html/cgi-bin/wireless.cgi
index a1dcf71986..ecff1796b9 100644
--- a/html/cgi-bin/wireless.cgi
+++ b/html/cgi-bin/wireless.cgi
@@ -92,7 +92,7 @@ if ($cgiparams{'ACTION'} eq 'add')
 	{
 		$cgiparams{'SOURCE_IP'} = 'NONE';
 	} else {
-		unless(&General::validip($cgiparams{'SOURCE_IP'})) 
+		unless(&General::validipormask($cgiparams{'SOURCE_IP'})) 
 		{
 			$errormessage = $Lang::tr{'invalid fixed ip address'}; 
 			goto ADDERROR;
diff --git a/src/misc-progs/wirelessctrl.c b/src/misc-progs/wirelessctrl.c
index fbcf90e018..12b954baa3 100644
--- a/src/misc-progs/wirelessctrl.c
+++ b/src/misc-progs/wirelessctrl.c
@@ -151,7 +151,7 @@ int main(void)
 
 							/* both specified, added security */
 							if ((strlen(macaddress) == 17) &&
-									(VALID_IP(ipaddress))) {
+									(VALID_IP_AND_MASK(ipaddress))) {
 									snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSINPUT -m mac --mac-source %s -s %s -i %s -j ACCEPT", macaddress, ipaddress, blue_dev);
 									safe_system(command);
 									snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -m mac --mac-source %s -s %s -i %s ! -o %s -j ACCEPT", macaddress, ipaddress, blue_dev, green_dev);
@@ -170,7 +170,7 @@ int main(void)
 													safe_system(command);
 									}
 
-									if (VALID_IP(ipaddress)) {
+									if (VALID_IP_AND_MASK(ipaddress)) {
 													snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSINPUT -s %s -i %s -j ACCEPT", ipaddress, blue_dev);
 													safe_system(command);
 													snprintf(command, STRING_SIZE-1, "/sbin/iptables -A WIRELESSFORWARD -s %s -i %s ! -o %s -j ACCEPT", ipaddress, blue_dev, green_dev);
-- 
2.39.2