UTMFW
UTMFW copied to clipboard
Configuration of Webfilter produces invalid config file
I was testing the firewall, and configuring the Webfilter produced an invalid config file.
These lines where in the file /etc/e2guardian/lists/authplugins/ipgroups.
"utmfw = filter1 = filter2 bjt = filter5 all = filter1 bj = filter2"
I didnt edit the file manually, so i think this was produced by the interface.
Hi, yes, you are right, it's a bug on the E2g Groups>General config page. The backend of the page is supposed to reject blank user names being added to groups, but it does accept them instead.
Apparently, you have clicked the Add button for the filter group 2 while the edit box for it was empty. I can replicate the issue here.
The following patch fixes the issue you have reported:
--- /var/www/htdocs/utmfw/Model/validate.php Fri Mar 4 22:37:42 2022
+++ /var/www/htdocs/utmfw/Model/validate.php.orig Fri Mar 4 22:37:38 2022
@@ -23,7 +23,7 @@
*/
define('RE_BOOL', '^[01]$');
-define('RE_NAME', '^[\w_.-]{1,50}$');
+define('RE_NAME', '^[\w_.-]{0,50}$');
define('RE_NUM', '^\d{1,20}$');
define('RE_SHA1', '^[a-f\d]{40}$');
define('RE_DGSUBCAT', '^[\w/]{1,50}$');
But I am not sure if it breaks the other parts of the code (the RE_NAME definition is used elsewhere too). I should check this patch carefully before committing it.
Thanks for reporting.
The correct patch is the reverse:
--- /var/www/htdocs/utmfw/Model/validate.php.orig Fri Mar 4 22:37:38 2022
+++ /var/www/htdocs/utmfw/Model/validate.php Fri Mar 4 22:37:42 2022
@@ -23,7 +23,7 @@
*/
define('RE_BOOL', '^[01]$');
-define('RE_NAME', '^[\w_.-]{0,50}$');
+define('RE_NAME', '^[\w_.-]{1,50}$');
define('RE_NUM', '^\d{1,20}$');
define('RE_SHA1', '^[a-f\d]{40}$');
define('RE_DGSUBCAT', '^[\w/]{1,50}$');
excuse me, why have you chosen php for this? AFAIK it's not reliable enough
No it's human developers who are not reliable (and in this case that's me myself), not PHP.
yah, it's a popular argument, but is it really has reliable basis? any theory behind it?
as I understand dhall-lang developers have opposite opinion
anyway, thank you for your work