lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 08:34:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

(unbound) get_interface_subnet(v6) can return null, ignore network in that case.

Browse Source 
Eventually we should move this kind of "get all attached networks" to a single and simple function, which uses legacy_get_interface_addresses() underneath. but there's still too much obscure code in this region to remove it easily
This commit is contained in:
Ad Schellevis 2016-09-18 12:18:48 +02:00
parent ffbb29e414
commit 86996d7bf7
2 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/etc/inc/unbound.inc
View File

@ -707,13 +707,17 @@ function unbound_acls_config() {
if (!empty($ifip)) {
$subnet_bits = get_interface_subnet($ubif);
$subnet_ip = gen_subnet($ifip, $subnet_bits);
$aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
if (!empty($subnet_bits) && !empty($subnet_ip)) {
$aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
}
}
$ifip = get_interface_ipv6($ubif);
if (!empty($ifip)) {
$subnet_bits = get_interface_subnetv6($ubif);
$subnet_ip = gen_subnetv6($ifip, $subnet_bits);
$aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
if (!empty($subnet_bits) && !empty($subnet_ip)) {
$aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
}
}
}

8
src/www/services_unbound_acls.php
View File

@ -348,13 +348,17 @@ include("head.inc");
if (!empty($ifip)) {
$subnet_bits = get_interface_subnet($ubif);
$subnet_ip = gen_subnet($ifip, $subnet_bits);
$automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
if (!empty($subnet_bits) && !empty($subnet_ip)) {
$automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
}
}
$ifip = get_interface_ipv6($ubif);
if (!empty($ifip)) {
$subnet_bits = get_interface_subnetv6($ubif);
$subnet_ip = gen_subnetv6($ifip, $subnet_bits);
$automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
if (!empty($subnet_bits) && !empty($subnet_ip)) {
$automatic_allowed[] = "{$subnet_ip}/{$subnet_bits}";
}
}
}
foreach ($automatic_allowed as $network):?>