diff options
| author | Christian Poessinger <christian@poessinger.com> | 2022-09-22 19:38:14 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2022-09-22 19:44:50 +0200 |
| commit | e1d3fd0b29a1178e775cbc86f6c0011a682506ba (patch) | |
| tree | b1fa30654ce0686b342c95498f3d386858deedaa /interface-definitions | |
| parent | 4115503de153fd8e9222ab049141e890b4179719 (diff) | |
| download | vyos-1x-e1d3fd0b29a1178e775cbc86f6c0011a682506ba.tar.gz vyos-1x-e1d3fd0b29a1178e775cbc86f6c0011a682506ba.zip | |
xml: T4698: validating a range must be explicitly enabled in the validator
This extends commit 28573ffe4f ("xml: T4698: drop validator name="range" and
replace it with numeric"). The first version allowed both a range and discrete
numbers to be validated by the numeric validator.
This had a flaw as both 22 and 22-30 were valid at the same time. The generic
"port-number.xml.i" building block only allows a discrete number. Now if a user
set port 22-30 for e.g. SSH the daemon did no longer start. This is why range
validation must be explicitly enabled.
Diffstat (limited to 'interface-definitions')
4 files changed, 6 insertions, 6 deletions
diff --git a/interface-definitions/include/accel-ppp/vlan.xml.i b/interface-definitions/include/accel-ppp/vlan.xml.i index 9a00df214..5ef4de633 100644 --- a/interface-definitions/include/accel-ppp/vlan.xml.i +++ b/interface-definitions/include/accel-ppp/vlan.xml.i @@ -11,7 +11,7 @@ <description>VLAN range for automatic creation (e.g. 1-4094)</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 1-4094"/> + <validator name="numeric" argument="--allow-range --range 1-4094"/> </constraint> <constraintErrorMessage>VLAN IDs need to be in range 1-4094</constraintErrorMessage> <multi/> diff --git a/interface-definitions/include/firewall/dscp.xml.i b/interface-definitions/include/firewall/dscp.xml.i index 796bab548..dd4da4894 100644 --- a/interface-definitions/include/firewall/dscp.xml.i +++ b/interface-definitions/include/firewall/dscp.xml.i @@ -11,7 +11,7 @@ <description>DSCP range to match</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 0-63"/> + <validator name="numeric" argument="--allow-range --range 0-63"/> </constraint> <multi/> </properties> @@ -28,7 +28,7 @@ <description>DSCP range not to match</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 0-63"/> + <validator name="numeric" argument="--allow-range --range 0-63"/> </constraint> <multi/> </properties> diff --git a/interface-definitions/include/firewall/packet-length.xml.i b/interface-definitions/include/firewall/packet-length.xml.i index 91f08314a..fd2eb67b0 100644 --- a/interface-definitions/include/firewall/packet-length.xml.i +++ b/interface-definitions/include/firewall/packet-length.xml.i @@ -11,7 +11,7 @@ <description>Packet length range to match</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 1-65535"/> + <validator name="numeric" argument="--allow-range --range 1-65535"/> </constraint> <multi/> </properties> @@ -28,7 +28,7 @@ <description>Packet length range not to match</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 1-65535"/> + <validator name="numeric" argument="--allow-range --range 1-65535"/> </constraint> <multi/> </properties> diff --git a/interface-definitions/include/firewall/tcp-flags.xml.i b/interface-definitions/include/firewall/tcp-flags.xml.i index fc0da3135..e2ce7b9fd 100644 --- a/interface-definitions/include/firewall/tcp-flags.xml.i +++ b/interface-definitions/include/firewall/tcp-flags.xml.i @@ -126,7 +126,7 @@ <description>TCP MSS range (use '-' as delimiter)</description> </valueHelp> <constraint> - <validator name="numeric" argument="--range 1-16384"/> + <validator name="numeric" argument="--allow-range --range 1-16384"/> </constraint> </properties> </leafNode> |