From e210c854c30322f67d6c045c2cf3f81d58e37187 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Mon, 12 Feb 2024 09:46:30 +0100
Subject: [PATCH] Services: Kea DHCP: Kea DHCPv4 / Reservations - add address
 constraint (address should lie inside requested netblock)

---
 .../mvc/app/models/OPNsense/Kea/KeaDhcpv4.php | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php b/src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
index 7ef659725..338af2a8d 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+++ b/src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
@@ -28,6 +28,7 @@
 
 namespace OPNsense\Kea;
 
+use Phalcon\Messages\Message;
 use OPNsense\Base\BaseModel;
 use OPNsense\Core\Config;
 use OPNsense\Core\Backend;
@@ -66,6 +67,31 @@ class KeaDhcpv4 extends BaseModel
         return parent::setNodes($data);
     }
 
+    /**
+     * {@inheritdoc}
+     */
+    public function performValidation($validateFullModel = false)
+    {
+        $messages = parent::performValidation($validateFullModel);
+        // validate changed reservations
+        foreach ($this->reservations->reservation->iterateItems() as $reservation) {
+            if (!$validateFullModel && !$reservation->isFieldChanged()) {
+                continue;
+            }
+            $key = $reservation->__reference;
+            $subnet = "";
+            $subnet_node = $this->getNodeByReference("subnets.subnet4.{$reservation->subnet}");
+            if ($subnet_node) {
+                $subnet = (string)$subnet_node->subnet;
+            }
+            if (!Util::isIPInCIDR((string)$reservation->ip_address, $subnet)) {
+                $messages->appendMessage(new Message(gettext("Address not in specified subnet"), $key . ".ip_address"));
+            }
+        }
+        return $messages;
+    }
+
+
     /**
      * should filter rules be enabled
      * @return bool