Mail archive
alpine-devel

Re: [alpine-devel] [Patch] acf-iptables: fixing model

From: Der Tiger <der.tiger.alpine_at_arcor.de>
Date: Wed, 11 Apr 2012 15:40:32 +0200

ReHi Ted,

The patch works nicely! So far I didn't encounter any more problems
entering and editing data in the existing fields of the iptables GUI form.

Due to the complexity of the iptables configuration not all possible
options are represented in the form by dedicated field. For instance
port REDIRECT statements in the nat table are not handled, so far.
Unfortunately this causes the parameters to be thrown out, once the rule
is edited, because the is no field in the form to hold the data.

Therefore, I'd suggest to add an "Additional Options" field to the form,
that is filled with all unrecognised fractions of the rule string in
order to prevent those fractions from getting lost when the rule is saved.

Regards, Tiger

Am 2012-04-06 19:20, schrieb Ted Trask:
> Thank you for the patch, and sorry for the long delay before properly
> responding. Unfortunately, the bugs you found were not the only ones
> present. I guess acf-iptables hadn't been tested in a while. Please
> see http://git.alpinelinux.org/cgit/acf-iptables/commit/?id=ce765fba9cf9fd1c4b1981ab137df35c4b662b04
> for the changes I committed. Please try using the file
> http://git.alpinelinux.org/cgit/acf-iptables/tree/iptables-model.lua to
> make sure I fixed your reported problems. Once I hear back from you,
> I'll feel more confident in bumping the package version.
>
> Ted
>
> ------------------------------------------------------------------------
> *From:* Der Tiger <der.tiger.alpine_at_arcor.de>
> *To:* alpine-devel_at_lists.alpinelinux.org
> *Sent:* Saturday, March 24, 2012 2:23 PM
> *Subject:* [alpine-devel] [Patch] acf-iptables: fixing model
>
> Hi,
>
> There are two bugs causing the web interface to malfunction when either
> a protocol selection is negated using a exclamation mark (!) or a
> comment is entered in the appropriate field of the form.
>
> PLEASE, make sure removing the escaping of the spec string does not
> cause problems with certain data entered in the form! So far, I had no
> troubles while testing, because the fields are checked in
> validate_rule(), anyway.
>
> Regards, Tiger
>
> --- /usr/share/acf/app/iptables/iptables-model.lua.orig
> +++ /usr/share/acf/app/iptables/iptables-model.lua
> _at_@ -147 +147 @@
> - addparameter(rule.value.protocol.value, "-p")
> + addparameter(rule.value.protocol.value, "-p", true)
> _at_@ -520 +520 @@
> - local cmd = path .. "iptables -t " ..
> format.escapespecialcharacters(rule.value.table.value) .. " -R " ..
> format.escapespecialcharacters(rule.value.chain.value) .. " " ..
> format.escapespecialcharacters(rule.value.position.value) .. " " ..
> format.escapespecialcharacters(spec) .. " 2>&1"
> + local cmd = path .. "iptables -t " ..
> format.escapespecialcharacters(rule.value.table.value) .. " -R " ..
> format.escapespecialcharacters(rule.value.chain.value) .. " " ..
> format.escapespecialcharacters(rule.value.position.value) .. " " .. spec
> .. " 2>&1"
>
>
>
> ---
> Unsubscribe: alpine-devel+unsubscribe_at_lists.alpinelinux.org
> <mailto:unsubscribe_at_lists.alpinelinux.org>
> Help: alpine-devel+help_at_lists.alpinelinux.org
> <mailto:help_at_lists.alpinelinux.org>
> ---
>
>
>


---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Wed Apr 11 2012 - 15:40:32 UTC