diff --git a/src/www/firewall_aliases_import.php b/src/www/firewall_aliases_import.php index ff6aff790..1fb249a96 100644 --- a/src/www/firewall_aliases_import.php +++ b/src/www/firewall_aliases_import.php @@ -38,7 +38,7 @@ if (!isset($config['aliases']['alias'])) { if ($_SERVER['REQUEST_METHOD'] === 'GET') { // initialize form vars - $pconfig = array("name" => null, "descr" => null, "aliasimport" => null); + $pconfig = array("name" => null, "descr" => null, "aliasimport" => null, "type" => "network"); } elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { // save form data $input_errors = array(); @@ -94,39 +94,51 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { // no description given, use alias description $impdesc = trim(str_replace('|',' ' , $pconfig['descr'])); } - - if (strpos($impip,'-') !== false) { - // ip range provided - $ipaddr1 = explode('-', $impip)[0]; - $ipaddr2 = explode('-', $impip)[1]; - if (!is_ipaddr($ipaddr1)) { - $input_errors[] = sprintf(gettext("%s is not an IP address. Please correct the error to continue"), $ipaddr1); - } elseif (!is_ipaddr($ipaddr2)) { - $input_errors[] = sprintf(gettext("%s is not an IP address. Please correct the error to continue"), $ipaddr2); + if (empty($impip)) { + // skip empty lines + continue; + } elseif ($pconfig['type'] == "network") { + // import networks + if (strpos($impip,'-') !== false) { + // ip range provided + $ipaddr1 = explode('-', $impip)[0]; + $ipaddr2 = explode('-', $impip)[1]; + if (!is_ipaddr($ipaddr1)) { + $input_errors[] = sprintf(gettext("%s is not an IP address. Please correct the error to continue"), $ipaddr1); + } elseif (!is_ipaddr($ipaddr2)) { + $input_errors[] = sprintf(gettext("%s is not an IP address. Please correct the error to continue"), $ipaddr2); + } else { + foreach (ip_range_to_subnet_array($ipaddr1, $ipaddr2) as $network) { + $imported_ips[] = $network; + $imported_descs[] = $impdesc; + } + } } else { - foreach (ip_range_to_subnet_array($ipaddr1, $ipaddr2) as $network) { - $imported_ips[] = $network; + // single ip or network + if (!is_ipaddr($impip) && !is_subnet($impip)) { + $input_errors[] = sprintf(gettext("%s is not an IP address. Please correct the error to continue"), $impip); + } else { + $imported_ips[] = $impip; $imported_descs[] = $impdesc; } } } else { - // single ip or network - if (!is_ipaddr($impip) && !is_subnet($impip) && !is_hostname($impip) && !empty($impip)) { - $input_errors[] = sprintf(gettext("%s is not an IP address. Please correct the error to continue"), $impip); + // import hosts + if (!is_hostname($impip)) { + $input_errors[] = sprintf(gettext("%s is not an IP address or hostname. Please correct the error to continue"), $impip); } else { $imported_ips[] = $impip; $imported_descs[] = $impdesc; } } } - if (count($input_errors) == 0) { // create output structure and serialize to config $alias = array(); $alias['address'] = implode(" ", $imported_ips); $alias['detail'] = implode("||", $imported_descs); $alias['name'] = $pconfig['name']; - $alias['type'] = "network"; + $alias['type'] = $pconfig['type']; $alias['descr'] = $pconfig['descr']; $config['aliases']['alias'][] = $alias; @@ -151,7 +163,7 @@ include("head.inc");
- 0) print_input_errors($input_errors); ?> + 0) print_input_errors($input_errors); ?>
@@ -163,6 +175,31 @@ include("head.inc"); + + + + + + +