From 853a56308e23724f4e2a9e4067015f59b088e169 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Wed, 24 Nov 2010 08:01:59 -0800 Subject: Use regex to test for name length rather than wc program More efficient to use shell pattern match to test for name length. --- templates/firewall/group/address-group/node.def | 10 +++++----- templates/firewall/group/network-group/node.def | 10 +++++----- templates/firewall/group/port-group/node.def | 10 +++++----- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/templates/firewall/group/address-group/node.def b/templates/firewall/group/address-group/node.def index 9c118ff..40462fa 100644 --- a/templates/firewall/group/address-group/node.def +++ b/templates/firewall/group/address-group/node.def @@ -3,11 +3,8 @@ priority: 200 type: txt help: Firewall address-group -syntax:expression: exec " \ - if [ `echo $VAR(@) | wc -c` -gt 31 ]; then \ - echo group name must be 31 characters or less;\ - exit 1 ; \ - fi ; " +syntax:expression: pattern $VAR(@) "^[[:graph:]]{1,31}$" ; \ + "Firewall group name must be 31 characters or less" syntax:expression: pattern $VAR(@) "^[^-]" ; \ "Firewall group name cannot start with \"-\"" @@ -15,6 +12,9 @@ syntax:expression: pattern $VAR(@) "^[^-]" ; \ syntax:expression: pattern $VAR(@) "^[^!]" ; \ "Firewall group name cannot start with \"!\"" +syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \ + "Firewall group name cannot contain shell punctuation" + create: sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=create-set \ --set-type=address \ diff --git a/templates/firewall/group/network-group/node.def b/templates/firewall/group/network-group/node.def index c09176f..e20b536 100644 --- a/templates/firewall/group/network-group/node.def +++ b/templates/firewall/group/network-group/node.def @@ -3,11 +3,8 @@ priority: 200 type: txt help: Firewall network-group -syntax:expression: exec " \ - if [ `echo $VAR(@) | wc -c` -gt 31 ]; then \ - echo group name must be 31 characters or less;\ - exit 1 ; \ - fi ; " +syntax:expression: pattern $VAR(@) "^[[:graph:]]{1,31}$" ; \ + "Firewall group name must be 31 characters or less" syntax:expression: pattern $VAR(@) "^[^-]" ; \ "Firewall group name cannot start with \"-\"" @@ -15,6 +12,9 @@ syntax:expression: pattern $VAR(@) "^[^-]" ; \ syntax:expression: pattern $VAR(@) "^[^!]" ; \ "Firewall group name cannot start with \"!\"" +syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \ + "Firewall group name cannot contain shell punctuation" + create: sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=create-set \ --set-type=network \ diff --git a/templates/firewall/group/port-group/node.def b/templates/firewall/group/port-group/node.def index 0500ac1..76fef9e 100644 --- a/templates/firewall/group/port-group/node.def +++ b/templates/firewall/group/port-group/node.def @@ -3,11 +3,8 @@ priority: 200 type: txt help: Firewall port-group -syntax:expression: exec " \ - if [ `echo $VAR(@) | wc -c` -gt 31 ]; then \ - echo group name must be 31 characters or less;\ - exit 1 ; \ - fi ; " +syntax:expression: pattern $VAR(@) "^[[:graph:]]{1,31}$" ; \ + "Firewall group name must be 31 characters or less" syntax:expression: pattern $VAR(@) "^[^-]" ; \ "Firewall group name cannot start with \"-\"" @@ -15,6 +12,9 @@ syntax:expression: pattern $VAR(@) "^[^-]" ; \ syntax:expression: pattern $VAR(@) "^[^!]" ; \ "Firewall group name cannot start with \"!\"" +syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \ + "Firewall group name cannot contain shell punctuation" + create: sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=create-set \ --set-type=port \ -- cgit v1.2.3