From f6e1eca6fc89de90118b5ab458340b851e5c8b99 Mon Sep 17 00:00:00 2001 From: Ilia Ross Date: Fri, 28 Feb 2025 11:23:05 +0200 Subject: [PATCH] Fix to simplify clearing known IPs --- usermin/change_access.cgi | 2 +- usermin/edit_access.cgi | 4 +--- webmin/change_access.cgi | 4 ++-- webmin/edit_access.cgi | 4 +--- webmin/lang/en | 1 - 5 files changed, 5 insertions(+), 10 deletions(-) diff --git a/usermin/change_access.cgi b/usermin/change_access.cgi index 9cbd90269..b7678939a 100755 --- a/usermin/change_access.cgi +++ b/usermin/change_access.cgi @@ -16,7 +16,7 @@ delete($miniserv{"deny"}); if ($in{"access"} == 1) { $miniserv{"allow"} = join(' ', @hosts); } elsif ($in{"access"} == 2) { $miniserv{"deny"} = join(' ', @hosts); } $miniserv{"known_ips"} = $miniserv{"allow"} || $miniserv{"deny"} || - (!$in{'noknown'} ? $miniserv{"known_ips"} : ""); + (!@hosts && $in{"access"} == 0 ? "" : $miniserv{"known_ips"}); $miniserv{'libwrap'} = $in{'libwrap'}; $miniserv{'alwaysresolve'} = $in{'alwaysresolve'}; &put_usermin_miniserv_config(\%miniserv); diff --git a/usermin/edit_access.cgi b/usermin/edit_access.cgi index 9cca8f425..9f438656e 100755 --- a/usermin/edit_access.cgi +++ b/usermin/edit_access.cgi @@ -22,9 +22,7 @@ print &ui_table_row($text{'access_ip'}, $access == 1 ? join("\n", split(/\s+/, $miniserv{"allow"})) : $access == 2 ? join("\n", split(/\s+/, $miniserv{"deny"})) : $miniserv{"known_ips"} ? join("\n", split(/\s+/, $miniserv{"known_ips"})) : - "", 6, 30). - ($miniserv{"known_ips"} ? - "
\n".&ui_checkbox("noknown", 1, $text{'access_known'}, 0) : "")); + "", 6, 30)); print &ui_table_row($text{'access_always'}, &ui_yesno_radio("alwaysresolve", int($miniserv{'alwaysresolve'}))); diff --git a/webmin/change_access.cgi b/webmin/change_access.cgi index 54887a3c3..b9eac3f19 100755 --- a/webmin/change_access.cgi +++ b/webmin/change_access.cgi @@ -7,8 +7,8 @@ require './webmin-lib.pl'; &error_setup($text{'access_err'}); $raddr = $ENV{'REMOTE_ADDR'}; +@hosts = split(/\s+/, $in{"ip"}); if ($in{"access"}) { - @hosts = split(/\s+/, $in{"ip"}); push(@hosts, "LOCAL") if ($in{'local'}); if (!@hosts) { &error($text{'access_enone'}); } foreach $h (@hosts) { @@ -37,7 +37,7 @@ delete($miniserv{"deny"}); if ($in{"access"} == 1) { $miniserv{"allow"} = join(' ', @hosts); } elsif ($in{"access"} == 2) { $miniserv{"deny"} = join(' ', @hosts); } $miniserv{"known_ips"} = $miniserv{"allow"} || $miniserv{"deny"} || - (!$in{'noknown'} ? $miniserv{"known_ips"} : ""); + (!@hosts && $in{"access"} == 0 ? "" : $miniserv{"known_ips"}); $miniserv{'libwrap'} = $in{'libwrap'}; $miniserv{'alwaysresolve'} = $in{'alwaysresolve'}; if ($in{'trust'} == 2) { diff --git a/webmin/edit_access.cgi b/webmin/edit_access.cgi index a5700532c..c81880cc8 100755 --- a/webmin/edit_access.cgi +++ b/webmin/edit_access.cgi @@ -25,9 +25,7 @@ print &ui_table_row($text{'access_ip'}, [ 1, $text{'access_allow'} ], [ 2, $text{'access_deny'} ] ])."
\n". &ui_textarea("ip", join("\n", @list), 6, 30)."
\n". - &ui_checkbox("local", 1, $text{'access_local'}, $idx >= 0). - ($miniserv{"known_ips"} ? - &ui_checkbox("noknown", 1, $text{'access_known'}, 0) : "")); + &ui_checkbox("local", 1, $text{'access_local'}, $idx >= 0)); print &ui_table_row($text{'access_always'}, &ui_yesno_radio("alwaysresolve", int($miniserv{'alwaysresolve'}))); diff --git a/webmin/lang/en b/webmin/lang/en index 2b958c795..b62fa285f 100644 --- a/webmin/lang/en +++ b/webmin/lang/en @@ -14,7 +14,6 @@ access_title=IP Access Control access_desc=Webmin can be configured to deny or allow access only from certain IP addresses using this form. Hostnames (like foo.bar.com) and IP networks (like 10.254.3.0 or 10.254.1.0/255.255.255.128 or 10.254.1.0/25 or 10.254.1.5-10.254.97.127 or 2001:DB8::A0BC:0001 or 2001:DB8::/32) can also be entered. You should limit access to Webmin to trusted addresses, especially if it is accessible from the Internet. Otherwise, anyone who guesses your password will have complete control of your system. access_ip=Allowed IP addresses access_local=Include local network in list -access_known=Clear list of known IPs access_header=Access control options access_all=Allow from all addresses access_allow=Only allow from listed addresses