mirror of
https://github.com/webmin/webmin.git
synced 2025-07-23 00:30:33 +00:00
Fix to quotemeta commands
This commit is contained in:
Ilia
@ -404,7 +404,7 @@ if (ref($opts)) {
|
|||||||
if (!$zone) {
|
if (!$zone) {
|
||||||
($zone) = get_default_zone();
|
($zone) = get_default_zone();
|
||||||
}
|
}
|
||||||
$zone = &sanitize_zone_name($zone->{'name'});
|
$zone = $zone->{'name'};
|
||||||
|
|
||||||
# Validate action
|
# Validate action
|
||||||
$action eq 'add' || $action eq 'remove' || &error($text{'list_rule_actionerr'});
|
$action eq 'add' || $action eq 'remove' || &error($text{'list_rule_actionerr'});
|
||||||
@ -415,13 +415,12 @@ $action eq 'add' || $action eq 'remove' || &error($text{'list_rule_actionerr'});
|
|||||||
# Set family
|
# Set family
|
||||||
my $family = $ip =~ /:/ ? 'ipv6' : 'ipv4';
|
my $family = $ip =~ /:/ ? 'ipv6' : 'ipv4';
|
||||||
|
|
||||||
# Apply block
|
# Add/remove rich rule
|
||||||
# (quotemeta doesn't work for params)
|
|
||||||
my $get_cmd = sub {
|
my $get_cmd = sub {
|
||||||
my ($rtype) = @_;
|
my ($rtype) = @_;
|
||||||
my $type;
|
my $type;
|
||||||
$type = " --permanent" if ($rtype eq 'permanent');
|
$type = " --permanent" if ($rtype eq 'permanent');
|
||||||
return "$config{'firewall_cmd'} --zone=".$zone."$type --$action-rich-rule=\"rule family='$family' source address='$ip' $action_type\"";
|
return "$config{'firewall_cmd'} --zone=".quotemeta($zone)."$type --".quotemeta($action)."-rich-rule=\"rule family=".quotemeta($family)." source address=".quotemeta($ip)." ".quotemeta($action_type)."\"";
|
||||||
};
|
};
|
||||||
my $out = &backquote_logged(&$get_cmd()." 2>&1 </dev/null");
|
my $out = &backquote_logged(&$get_cmd()." 2>&1 </dev/null");
|
||||||
return $out if ($?);
|
return $out if ($?);
|
||||||
@ -439,18 +438,14 @@ my ($rule, $zone) = @_;
|
|||||||
if (!$zone) {
|
if (!$zone) {
|
||||||
($zone) = get_default_zone();
|
($zone) = get_default_zone();
|
||||||
}
|
}
|
||||||
$zone = &sanitize_zone_name($zone->{'name'});
|
$zone = $zone->{'name'};
|
||||||
|
|
||||||
# Sanitize rule
|
|
||||||
$rule = &sanitize_rule_name($rule);
|
|
||||||
|
|
||||||
# Remove rule command
|
# Remove rule command
|
||||||
# (quotemeta doesn't work for params)
|
|
||||||
my $get_cmd = sub {
|
my $get_cmd = sub {
|
||||||
my ($rtype) = @_;
|
my ($rtype) = @_;
|
||||||
my $type;
|
my $type;
|
||||||
$type = " --permanent" if ($rtype eq 'permanent');
|
$type = " --permanent" if ($rtype eq 'permanent');
|
||||||
return "$config{'firewall_cmd'} --zone=${zone}${type} --remove-rich-rule '${rule}'";
|
return "$config{'firewall_cmd'} --zone=".quotemeta($zone)."$type --remove-rich-rule ".quotemeta(&trim($rule))."";
|
||||||
};
|
};
|
||||||
|
|
||||||
my $out = &backquote_logged(&$get_cmd()." 2>&1 </dev/null");
|
my $out = &backquote_logged(&$get_cmd()." 2>&1 </dev/null");
|
||||||
@ -465,16 +460,15 @@ sub remove_direct_rule
|
|||||||
{
|
{
|
||||||
my ($rule) = @_;
|
my ($rule) = @_;
|
||||||
|
|
||||||
# Sanitize rule
|
# Sanitize rule manually (couldn't make it work with quotemeta)
|
||||||
$rule = &sanitize_rule_name($rule);
|
$rule =~ tr/A-Za-z0-9\-\_\=\"\:\.\,\/ //cd;
|
||||||
|
|
||||||
# Remove rule command
|
# Remove rule command
|
||||||
# (quotemeta doesn't work for params)
|
|
||||||
my $get_cmd = sub {
|
my $get_cmd = sub {
|
||||||
my ($rtype) = @_;
|
my ($rtype) = @_;
|
||||||
my $type;
|
my $type;
|
||||||
$type = " --permanent" if ($rtype eq 'permanent');
|
$type = " --permanent" if ($rtype eq 'permanent');
|
||||||
return "$config{'firewall_cmd'}${type} --direct --remove-rule $rule";
|
return "$config{'firewall_cmd'}${type} --direct --remove-rule ".&trim($rule)."";
|
||||||
};
|
};
|
||||||
|
|
||||||
my $out = &backquote_logged(&$get_cmd()." 2>&1 </dev/null");
|
my $out = &backquote_logged(&$get_cmd()." 2>&1 </dev/null");
|
||||||
@ -483,18 +477,4 @@ $out = &backquote_logged(&$get_cmd('permanent')." 2>&1 </dev/null");
|
|||||||
return $? ? $out : undef;
|
return $? ? $out : undef;
|
||||||
}
|
}
|
||||||
|
|
||||||
sub sanitize_zone_name
|
|
||||||
{
|
|
||||||
my ($zone) = @_;
|
|
||||||
$zone =~ tr/A-Za-z0-9\-\_//cd;
|
|
||||||
return $zone;
|
|
||||||
}
|
|
||||||
|
|
||||||
sub sanitize_rule_name
|
|
||||||
{
|
|
||||||
my ($rule) = @_;
|
|
||||||
$rule =~ tr/A-Za-z0-9\-\_\=\"\:\.\,\/ //cd;
|
|
||||||
return $rule;
|
|
||||||
}
|
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|||||||
@ -21,7 +21,7 @@ my @links = ( &select_all_link("rules"),
|
|||||||
|
|
||||||
# Check rich rules first
|
# Check rich rules first
|
||||||
my $fh = 'rrules';
|
my $fh = 'rrules';
|
||||||
my $rcmd = "$config{'firewall_cmd'} --list-rich-rules --zone=$dzone";
|
my $rcmd = "$config{'firewall_cmd'} --list-rich-rules --zone=".quotemeta($dzone)."";
|
||||||
&open_execute_command($fh, "$rcmd 2>&1 </dev/null", 1);
|
&open_execute_command($fh, "$rcmd 2>&1 </dev/null", 1);
|
||||||
while(<$fh>) {
|
while(<$fh>) {
|
||||||
my @body;
|
my @body;
|
||||||
|
|||||||
Reference in New Issue
Block a user