From d9b05eb490ab4d31a132c3e993bd560933eadd8c Mon Sep 17 00:00:00 2001 From: Renato Botelho Date: Wed, 5 Nov 2014 15:31:31 -0200 Subject: [PATCH] When an alias contain hosts, add IPs and networks to filterdns too, otherwise you end up with a pre-defined and non-persistent table. Fixes #3939 --- etc/inc/filter.inc | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index cb4bfd038..8c76128d0 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -476,6 +476,7 @@ function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddr global $aliastable, $filterdns; $addresses = explode(" ", $alias); + $use_filterdns = false; $finallist = ""; $builtlist = ""; $urltable_nesting = ""; @@ -506,8 +507,10 @@ function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddr $tmpline = filter_generate_nested_alias($name, $aliastable[$address], $aliasnesting, $aliasaddrnesting); } else if(!isset($aliasaddrnesting[$address])) { if (!is_ipaddr($address) && !is_subnet($address) && !is_port($address) && !is_portrange($address) && is_hostname($address)) { - if (!isset($filterdns["{$address}{$name}"])) + if (!isset($filterdns["{$address}{$name}"])) { + $use_filterdns = true; $filterdns["{$address}{$name}"] = "pf {$address} {$name}\n"; + } continue; } $aliasaddrnesting[$address] = $address; @@ -521,6 +524,17 @@ function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddr $builtlist .= " {$tmpline}"; } $finallist .= $builtlist; + + if ($use_filterdns === true && !empty($finallist)) { + foreach (explode(" ", $finallist) as $address) { + if (empty($address)) + continue; + if ((is_ipaddr($address) || is_subnet($address)) && !isset($filterdns["{$address}{$name}"])) + $filterdns["{$address}{$name}"] = "pf {$address} {$name}\n"; + } + $finallist = ''; + } + return $finallist; }