mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 08:34:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

ui, fw: added more checks for rules creation

Browse source 
- Don't allow a 0 or empty statement value, except for Meta.
- snat, dnat and redirect parameters must contain ":" to specify a port
  or ip+port (192.168.1.1:8080, :8080).
- queue verdict parameter must be an integer.
This commit is contained in:
Gustavo Iñiguez Goia 2023-04-13 00:07:08 +02:00
parent 31f9f904f3
commit 05bb37e862
Failed to generate hash of commit
1 changed files with 15 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
ui/opensnitch/dialogs/firewall_rule.py
View file

@ -1042,6 +1042,20 @@ class FwRuleDialog(QtWidgets.QDialog, uic.loadUiType(DIALOG_UI_PATH)[0]):
if self.lineVerdictParms.text() == "":
return None, None, None, QC.translate("firewall", "Verdict ({0}) parameters cannot be empty.".format(verdict))
# these verdicts parameters need ":" to specify a port or ip:port
if (self.comboVerdict.currentText().lower() == Config.ACTION_REDIRECT or \
self.comboVerdict.currentText().lower() == Config.ACTION_TPROXY or \
self.comboVerdict.currentText().lower() == Config.ACTION_SNAT or \
self.comboVerdict.currentText().lower() == Config.ACTION_DNAT) and \
":" not in self.lineVerdictParms.text():
return None, None, None, QC.translate("firewall", "Verdict ({0}) parameters format is: <IP>:port.".format(verdict))
if self.comboVerdict.currentText().lower() == Config.ACTION_QUEUE:
try:
t = int(self.lineVerdictParms.text())
except:
return None, None, None, QC.translate("firewall", "Verdict ({0}) parameters format must be a number".format(verdict))
vidx = self.comboVerdictParms.currentIndex()
_target_parms = "{0} {1}".format(
self.comboVerdictParms.itemData(vidx),
@ -1074,7 +1088,7 @@ class FwRuleDialog(QtWidgets.QDialog, uic.loadUiType(DIALOG_UI_PATH)[0]):
statem_value = self.statements[k]['value'].currentText()
val_idx = self.statements[k]['value'].currentIndex()
if statem_value == "" or statem_value == "0":
if statem_value == "" or (statem_value == "0" and st_idx != self.STATM_META):
return None, None, None, QC.translate("firewall", "value cannot be 0 or empty.")
if st_idx == self.STATM_QUOTA: