Commit e2fe9488 authored by Franco Fichtner's avatar Franco Fichtner

firewall: skip empty lines and // type comments too

parent 45cdeef9
...@@ -198,35 +198,36 @@ function process_alias_urltable($name, $url, $freq, $forceupdate = false) ...@@ -198,35 +198,36 @@ function process_alias_urltable($name, $url, $freq, $forceupdate = false)
$verify_ssl = isset($config['system']['checkaliasesurlcert']); $verify_ssl = isset($config['system']['checkaliasesurlcert']);
if (download_file($url, "{$urltable_filename}.tmp", $verify_ssl)) { if (download_file($url, "{$urltable_filename}.tmp", $verify_ssl)) {
foreach (preg_split('/[\n\r]+/', file_get_contents("{$urltable_filename}.tmp"), -1, PREG_SPLIT_NO_EMPTY) as $line) { foreach (preg_split('/[\n\r]+/', file_get_contents("{$urltable_filename}.tmp"), -1, PREG_SPLIT_NO_EMPTY) as $line) {
$line = trim($line); // remove leading spaces $line = trim($line);
if ($line[0] != '#') { if (!strlen($line) || !strncmp($line, '#', 1) || !strncmp($line, '//', 2)) {
// cleanse line item continue;
$line = preg_split('/\s+/', $line)[0]; }
if ($alias_type == "urltable_ports") { // cleanse line item
// todo: add proper validation for ports here $line = preg_split('/\s+/', $line)[0];
if ($alias_type == "urltable_ports") {
// todo: add proper validation for ports here
fwrite($output_file_handle, "{$line}\n");
} else {
// validate or resolve line items, skip unparseable content
if (is_subnet($line) || is_ipaddr($line)) {
fwrite($output_file_handle, "{$line}\n"); fwrite($output_file_handle, "{$line}\n");
} else { } elseif (is_hostname($line)) {
// validate or resolve line items, skip unparseable content foreach (array(DNS_AAAA, DNS_A) as $dns_type) {
if (is_subnet($line) || is_ipaddr($line)) { // normally dns_get_record should be able to use DNS_A + DNS_AAAA
fwrite($output_file_handle, "{$line}\n"); // but for some strange reason not on our platform...
} elseif (is_hostname($line)) { $dns_records = @dns_get_record($line, $dns_type);
foreach (array(DNS_AAAA, DNS_A) as $dns_type) { if ($dns_records) {
// normally dns_get_record should be able to use DNS_A + DNS_AAAA foreach ($dns_records as $dns_record) {
// but for some strange reason not on our platform... if (!empty($dns_record['ipv6'])) {
$dns_records = @dns_get_record($line, $dns_type); fwrite($output_file_handle, $dns_record['ipv6'] . "\n");
if ($dns_records) { } elseif (!empty($dns_record['ip'])) {
foreach ($dns_records as $dns_record) { fwrite($output_file_handle, $dns_record['ip'] . "\n");
if (!empty($dns_record['ipv6'])) {
fwrite($output_file_handle, $dns_record['ipv6'] . "\n");
} elseif (!empty($dns_record['ip'])) {
fwrite($output_file_handle, $dns_record['ip'] . "\n");
}
} }
} }
} }
} }
fflush($output_file_handle);
} }
fflush($output_file_handle);
} }
} }
fclose($output_file_handle); fclose($output_file_handle);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment