From 35b66e9d6bd3243b3afd979b3305e7c9e5f48c57 Mon Sep 17 00:00:00 2001 From: Alexandre Derumier Date: Tue, 25 Feb 2014 09:44:53 +0100 Subject: [PATCH] parse_port_name_number_or_range fix range check for port range a:b, we need to check that b > a this kind of range is invalid 80:22 80:ssh http:ssh Signed-off-by: Alexandre Derumier --- PVE/Firewall.pm | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/PVE/Firewall.pm b/PVE/Firewall.pm index da8b4a2..f5ae88f 100644 --- a/PVE/Firewall.pm +++ b/PVE/Firewall.pm @@ -389,6 +389,7 @@ sub get_etc_services { if ($line =~ m!^(\S+)\s+(\S+)/(tcp|udp).*$!) { $services->{byid}->{$2}->{name} = $1; + $services->{byid}->{$2}->{port} = $2; $services->{byid}->{$2}->{$3} = 1; $services->{byname}->{$1} = $services->{byid}->{$2}; } @@ -457,9 +458,13 @@ sub parse_port_name_number_or_range { my $nbports = 0; foreach my $item (split(/,/, $str)) { my $portlist = ""; + my $oldpon = undef; foreach my $pon (split(':', $item, 2)) { + $pon = $services->{byname}->{$pon}->{port} if $services->{byname}->{$pon}->{port}; if ($pon =~ m/^\d+$/){ die "invalid port '$pon'\n" if $pon < 0 && $pon > 65535; + die "port '$pon' must be bigger than port '$oldpon' \n" if $oldpon && ($pon < $oldpon); + $oldpon = $pon; }else{ die "invalid port $services->{byname}->{$pon}\n" if !$services->{byname}->{$pon}; } -- 2.39.2