(proxy) fix subnet computation using netaddr.IPNetwork, closes...

(proxy) fix subnet computation using netaddr.IPNetwork, closes https://github.com/opnsense/core/issues/1309 (cherry picked from commit 15657d87) (cherry picked from commit c726dc39)

(proxy) fix subnet computation using netaddr.IPNetwork, closes...
(proxy) fix subnet computation using netaddr.IPNetwork, closes https://github.com/opnsense/core/issues/1309 (cherry picked from commit 15657d87) (cherry picked from commit c726dc39)
6ea5f75e · Ad Schellevis · Franco Fichtner · 9ceb4860 · 6ea5f75e · 6ea5f75e
Commit 6ea5f75e authored Dec 27, 2016 by Ad Schellevis Committed by Franco Fichtner Jan 02, 2017
Show whitespace changes
Inline Side-by-side

Showing with 10 additions and 1 deletion

template_helpers.py src/opnsense/service/modules/addons/template_helpers.py +9 -0

squid.conf src/opnsense/service/templates/OPNsense/Proxy/squid.conf +1 -1

No files found.
--- a/src/opnsense/service/modules/addons/template_helpers.py
+++ b/src/opnsense/service/modules/addons/template_helpers.py
@@ -29,6 +29,7 @@
 """
 from operator import itemgetter
+import netaddr
 # noinspection PyPep8Naming
@@ -105,3 +106,11 @@ class Helpers(object):
            return self._template_in_data['__uuid__'][uuid]
        else:
            return {}
+    @staticmethod
+    def getIPNetwork(network):
+        """ generate network object using netaddr
+            :param network: network
+            :return: IPNetwork
+        """
+        return netaddr.IPNetwork(network)
--- a/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
+++ b/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
@@ -101,7 +101,7 @@ ftp_port {{intf_item.subnet}}:{{ OPNsense.proxy.forward.ftpPort }} accel ftp-tra
 {%      for interface in OPNsense.proxy.forward.interfaces.split(",") %}
 {%          for intf_key,intf_item in interfaces.iteritems() %}
 {%              if intf_key == interface and intf_item.ipaddr != 'dhcp' %}
-acl localnet src {{intf_item.ipaddr.split(".")[0:3]|join(".")}}.0/{{intf_item.subnet}} # Possible internal network
+acl localnet src {{ helpers.getIPNetwork(intf_item.ipaddr+'/'+intf_item.subnet)[0].format() }}/{{intf_item.subnet}} # Possible internal network
 {%              endif %}
 {%          endfor %}
 {%          if helpers.exists('virtualip') %}