diff options
| author | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2011-11-15 11:39:40 -0800 |
|---|---|---|
| committer | Gaurav Sinha <gaurav.sinha@vyatta.com> | 2011-11-15 11:39:40 -0800 |
| commit | 03abd03326370e9b900bc0927452ae1bee841e80 (patch) | |
| tree | 150a81f209e6af71aa76e6c899005ed1b152fea0 | |
| parent | 5a3a8b33ab2deda8874764686724df62b29ee94d (diff) | |
| download | vyatta-conntrack-03abd03326370e9b900bc0927452ae1bee841e80.tar.gz vyatta-conntrack-03abd03326370e9b900bc0927452ae1bee841e80.zip | |
Bug 7411: improving validations for IPv4 address / port combinations for conntrack
| -rwxr-xr-x | scripts/vyatta-delete-conntrack.pl | 28 | ||||
| -rwxr-xr-x | scripts/vyatta-show-conntrack.pl | 26 |
2 files changed, 50 insertions, 4 deletions
diff --git a/scripts/vyatta-delete-conntrack.pl b/scripts/vyatta-delete-conntrack.pl index 516635f..a465c11 100755 --- a/scripts/vyatta-delete-conntrack.pl +++ b/scripts/vyatta-delete-conntrack.pl @@ -147,9 +147,21 @@ if ($family eq "ipv4") { my @address = split(/:/, $sourceIP); $sourceIP = $address[0]; $sourcePort = $address[1]; + + #Validate the entered IP and port my( $success, $err ) = isValidPortNumber($sourcePort); + if (!(isIpAddress($sourceIP))and !($sourceIP eq "0.0.0.0")) { + if(!defined($success)) { + #both IP and port are invalid + die "Please enter a valid source IPv4 address and port \n"; + } else { + #only IP is invalid + die "Please enter a valid source IPv4 address\n"; + } + } if(!defined($success)) { - die "Please enter a valid source port number\n"; + #port is invalid + die "Please enter a valid source port \n"; } $command .= " --orig-port-src $sourcePort"; } @@ -158,9 +170,21 @@ if ($family eq "ipv4") { my @address = split(/:/, $destIP); $destIP = $address[0]; $destPort = $address[1]; + + #Validate the entered IP and port my( $success, $err ) = isValidPortNumber($destPort); + if (!(isIpAddress($destIP))and !($destIP eq "0.0.0.0")) { + if(!defined($success)) { + #both IP and port are invalid + die "Please enter a valid destination IPv4 address and port \n"; + } else { + #only IP is invalid + die "Please enter a valid destination IPv4 address\n"; + } + } if(!defined($success)) { - die "Please enter a valid destination port number\n"; + #port is invalid + die "Please enter a valid destination port \n"; } $command .= " --orig-port-dst $destPort"; } diff --git a/scripts/vyatta-show-conntrack.pl b/scripts/vyatta-show-conntrack.pl index 6a461f8..7dfa196 100755 --- a/scripts/vyatta-show-conntrack.pl +++ b/scripts/vyatta-show-conntrack.pl @@ -157,9 +157,21 @@ if ($family eq "ipv4") { my @address = split(/:/, $sourceIP); $sourceIP = $address[0]; $sourcePort = $address[1]; + + # Check if IP address is a valid IPv4 address my( $success, $err ) = isValidPortNumber($sourcePort); + if (!(isIpAddress($sourceIP))and !($sourceIP eq "0.0.0.0")) { + if(!defined($success)) { + #both IP and port are invalid + die "Please enter a valid source IPv4 address and port \n"; + } else { + #only IP is invalid + die "Please enter a valid source IPv4 address\n"; + } + } if(!defined($success)) { - die "Please enter a valid source port number\n"; + #port is invalid + die "Please enter a valid source port \n"; } $command .= " --orig-port-src $sourcePort"; } @@ -169,8 +181,18 @@ if ($family eq "ipv4") { $destIP = $address[0]; $destPort = $address[1]; my( $success, $err ) = isValidPortNumber($destPort); + if (!(isIpAddress($destIP))and !($destIP eq "0.0.0.0")) { + if(!defined($success)) { + #both IP and port are invalid + die "Please enter a valid destination IPv4 address and port \n"; + } else { + #only IP is invalid + die "Please enter a valid destination IPv4 address\n"; + } + } if(!defined($success)) { - die "Please enter a valid destination port number\n"; + #port is invalid + die "Please enter a valid destination port \n"; } $command .= " --orig-port-dst $destPort"; } |