Commit e850f56c authored by Ad Schellevis's avatar Ad Schellevis

filter.inc, fix filter_address_add_vips_subnets

parent 0eef8441
......@@ -1732,38 +1732,31 @@ function filter_address_add_vips_subnets(&$FilterIflist, &$subnets, $if, $not)
$subnets = "!{$subnets}";
}
if (!isset($FilterIflist[$if]['vips']) || !is_array($FilterIflist[$if]['vips'])) {
return;
}
foreach ($FilterIflist[$if]['vips'] as $vip) {
foreach ($if_subnets as $subnet) {
if (ip_in_subnet($vip['ip'], $subnet)) {
continue 2;
if (!empty($FilterIflist[$if]['vips']) || !empty($FilterIflist[$if]['vips6'])) {
$all_vips = array();
$all_vips = array_merge($all_vips, !empty($FilterIflist[$if]['vips']) ? $FilterIflist[$if]['vips'] : array());
$all_vips = array_merge($all_vips, !empty($FilterIflist[$if]['vips6']) ? $FilterIflist[$if]['vips6'] : array());
foreach ($all_vips as $vip) {
foreach ($if_subnets as $subnet) {
if (ip_in_subnet($vip['ip'], $subnet)) {
continue 2;
}
}
}
if (is_ipaddrv4($vip['ip'])) {
if (!is_subnetv4($if_subnets[0])) {
continue;
$network = null;
if (is_ipaddrv4($vip['ip']) && is_subnetv4($if_subnets[0])) {
$network = gen_subnet($vip['ip'], $vip['sn']);
} elseif (is_ipaddrv6($vip['ip']) && is_subnetv6($if_subnets[0])) {
$network = gen_subnetv6($vip['ip'], $vip['sn']);
}
$network = gen_subnet($vip['ip'], $vip['sn']);
} else if (is_ipaddrv6($vip['ip'])) {
if (!is_subnetv6($if_subnets[0])) {
continue;
if (!empty($network)) {
$subnets .= ' ' . ($not == true ? '!' : '') . $network . '/' . $vip['sn'];
$if_subnets[] = $network . '/' . $vip['sn'];
}
$network = gen_subnetv6($vip['ip'], $vip['sn']);
} else {
continue;
}
$subnets .= ' ' . ($not == true ? '!' : '') . $network . '/' . $vip['sn'];
$if_subnets[] = $network . '/' . $vip['sn'];
}
unset($if_subnets);
if (strpos($subnets, ' ') !== false) {
$subnets = "{ {$subnets} }";
if (strpos($subnets, ' ') !== false) {
$subnets = "{ {$subnets} }";
}
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment