diff options
| -rw-r--r-- | templates/firewall/group/address-group/node.def | 10 | ||||
| -rw-r--r-- | templates/firewall/group/network-group/node.def | 10 | ||||
| -rw-r--r-- | templates/firewall/group/port-group/node.def | 10 |
3 files changed, 15 insertions, 15 deletions
diff --git a/templates/firewall/group/address-group/node.def b/templates/firewall/group/address-group/node.def index 9c118ff..40462fa 100644 --- a/templates/firewall/group/address-group/node.def +++ b/templates/firewall/group/address-group/node.def @@ -3,11 +3,8 @@ priority: 200 type: txt help: Firewall address-group -syntax:expression: exec " \ - if [ `echo $VAR(@) | wc -c` -gt 31 ]; then \ - echo group name must be 31 characters or less;\ - exit 1 ; \ - fi ; " +syntax:expression: pattern $VAR(@) "^[[:graph:]]{1,31}$" ; \ + "Firewall group name must be 31 characters or less" syntax:expression: pattern $VAR(@) "^[^-]" ; \ "Firewall group name cannot start with \"-\"" @@ -15,6 +12,9 @@ syntax:expression: pattern $VAR(@) "^[^-]" ; \ syntax:expression: pattern $VAR(@) "^[^!]" ; \ "Firewall group name cannot start with \"!\"" +syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \ + "Firewall group name cannot contain shell punctuation" + create: sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=create-set \ --set-type=address \ diff --git a/templates/firewall/group/network-group/node.def b/templates/firewall/group/network-group/node.def index c09176f..e20b536 100644 --- a/templates/firewall/group/network-group/node.def +++ b/templates/firewall/group/network-group/node.def @@ -3,11 +3,8 @@ priority: 200 type: txt help: Firewall network-group -syntax:expression: exec " \ - if [ `echo $VAR(@) | wc -c` -gt 31 ]; then \ - echo group name must be 31 characters or less;\ - exit 1 ; \ - fi ; " +syntax:expression: pattern $VAR(@) "^[[:graph:]]{1,31}$" ; \ + "Firewall group name must be 31 characters or less" syntax:expression: pattern $VAR(@) "^[^-]" ; \ "Firewall group name cannot start with \"-\"" @@ -15,6 +12,9 @@ syntax:expression: pattern $VAR(@) "^[^-]" ; \ syntax:expression: pattern $VAR(@) "^[^!]" ; \ "Firewall group name cannot start with \"!\"" +syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \ + "Firewall group name cannot contain shell punctuation" + create: sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=create-set \ --set-type=network \ diff --git a/templates/firewall/group/port-group/node.def b/templates/firewall/group/port-group/node.def index 0500ac1..76fef9e 100644 --- a/templates/firewall/group/port-group/node.def +++ b/templates/firewall/group/port-group/node.def @@ -3,11 +3,8 @@ priority: 200 type: txt help: Firewall port-group -syntax:expression: exec " \ - if [ `echo $VAR(@) | wc -c` -gt 31 ]; then \ - echo group name must be 31 characters or less;\ - exit 1 ; \ - fi ; " +syntax:expression: pattern $VAR(@) "^[[:graph:]]{1,31}$" ; \ + "Firewall group name must be 31 characters or less" syntax:expression: pattern $VAR(@) "^[^-]" ; \ "Firewall group name cannot start with \"-\"" @@ -15,6 +12,9 @@ syntax:expression: pattern $VAR(@) "^[^-]" ; \ syntax:expression: pattern $VAR(@) "^[^!]" ; \ "Firewall group name cannot start with \"!\"" +syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \ + "Firewall group name cannot contain shell punctuation" + create: sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=create-set \ --set-type=port \ |