@@ -2131,6 +2154,9 @@ sub saverule
&changerule($configfwdfw);
#print"6";
}
+ $fwdfwsettings{'ruleremark'}=~ s/,/;/g;
+ utf8::decode($fwdfwsettings{'ruleremark'});
+ $fwdfwsettings{'ruleremark'}=&Header::escape($fwdfwsettings{'ruleremark'});
if ($fwdfwsettings{'updatefwrule'} ne 'on'){
my $key = &General::findhasharraykey ($hash);
$$hash{$key}[0] = $fwdfwsettings{'RULE_ACTION'};
@@ -2266,22 +2292,19 @@ sub saverule
sub validremark
{
# Checks a hostname against RFC1035
- my $remark = $_[0];
-
- # Each part should be at least two characters in length
- # but no more than 63 characters
- if (length ($remark) < 1 || length ($remark) > 255) {
- return 0;}
- # Only valid characters are a-z, A-Z, 0-9 and -
- if ($remark !~ /^[a-zäöüA-ZÃÃÃ0-9-.:;\|_()\/\s]*$/) {
- return 0;}
- # First character can only be a letter or a digit
- if (substr ($remark, 0, 1) !~ /^[a-zäöüA-ZÃÃÃ0-9(]*$/) {
- return 0;}
- # Last character can only be a letter or a digit
- if (substr ($remark, -1, 1) !~ /^[a-zöäüA-ZÃÃÃ0-9.:;_)]*$/) {
- return 0;}
- return 1;
+ my $remark = $_[0];
+
+ # Try to decode $remark into UTF-8. If this doesn't work,
+ # we assume that the string it not sane.
+ if (!utf8::decode($remark)) {
+ return 0;
+ }
+
+ # Check if the string only contains of printable characters.
+ if ($remark =~ /^[[:print:]]*$/) {
+ return 1;
+ }
+ return 0;
}
sub viewtablerule
{
@@ -2361,26 +2384,18 @@ END
if($$hash{$key}[3] eq 'ipsec_net_src'){
if(&fwlib::get_ipsec_net_ip($host,11) eq ''){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}elsif($$hash{$key}[3] eq 'ovpn_net_src'){
if(&fwlib::get_ovpn_net_ip($host,1) eq ''){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}elsif($$hash{$key}[3] eq 'ovpn_n2n_src'){
if(&fwlib::get_ovpn_n2n_ip($host,27) eq ''){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}elsif($$hash{$key}[3] eq 'ovpn_host_src'){
if(&fwlib::get_ovpn_host_ip($host,33) eq ''){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}
}
@@ -2388,26 +2403,18 @@ END
if($$hash{$key}[5] eq 'ipsec_net_tgt'){
if(&fwlib::get_ipsec_net_ip($host,11) eq ''){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}elsif($$hash{$key}[5] eq 'ovpn_net_tgt'){
if(&fwlib::get_ovpn_net_ip($host,1) eq ''){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}elsif($$hash{$key}[5] eq 'ovpn_n2n_tgt'){
if(&fwlib::get_ovpn_n2n_ip($host,27) eq ''){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}elsif($$hash{$key}[5] eq 'ovpn_host_tgt'){
if(&fwlib::get_ovpn_host_ip($host,33) eq ''){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}
}
@@ -2415,15 +2422,11 @@ END
foreach my $netgroup (sort keys %customgrp){
if(($$hash{$key}[4] eq $customgrp{$netgroup}[0] || $$hash{$key}[6] eq $customgrp{$netgroup}[0]) && $customgrp{$netgroup}[2] eq 'none'){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}
foreach my $srvgroup (sort keys %customservicegrp){
if($$hash{$key}[15] eq $customservicegrp{$srvgroup}[0] && $customservicegrp{$srvgroup}[2] eq 'none'){
$coloryellow='on';
- &disable_rule($key);
- $$hash{$key}[2]='';
}
}
$$hash{'ACTIVE'}=$$hash{$key}[2];
@@ -2558,8 +2561,21 @@ END
END
#Is this a DNAT rule?
+ my $natstring;
if ($$hash{$key}[31] eq 'dnat' && $$hash{$key}[28] eq 'ON'){
- print "Firewall ($$hash{$key}[29])";
+ if ($$hash{$key}[29] eq 'Default IP'){$$hash{$key}[29]=$Lang::tr{'red1'};}
+ if ($$hash{$key}[29] eq 'AUTO'){
+ my @src_addresses=&fwlib::get_addresses(\%$hash,$key,'src');
+ my @nat_ifaces;
+ foreach my $val (@src_addresses){
+ push (@nat_ifaces,&fwlib::get_nat_address($$hash{$key}[29],$val));
+ }
+ @nat_ifaces=&del_double(@nat_ifaces);
+ $natstring = join(', ', @nat_ifaces);
+ }else{
+ $natstring = $$hash{$key}[29];
+ }
+ print "$Lang::tr{'firewall'} ($natstring)";
if($$hash{$key}[30] ne ''){
$$hash{$key}[30]=~ tr/|/,/;
print": $$hash{$key}[30]";
|