projects
/
flowspy
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
acb313f
)
Add port checks plus a minor IP validation scheme
author
Leonidas Poulopoulos
<leopoul@noc.grnet.gr>
Mon, 29 Apr 2013 15:00:14 +0000
(18:00 +0300)
committer
Leonidas Poulopoulos
<leopoul@noc.grnet.gr>
Mon, 29 Apr 2013 15:00:14 +0000
(18:00 +0300)
flowspec/forms.py
patch
|
blob
|
history
diff --git
a/flowspec/forms.py
b/flowspec/forms.py
index
5d2c799
..
28b5141
100644
(file)
--- a/
flowspec/forms.py
+++ b/
flowspec/forms.py
@@
-63,6
+63,8
@@
class RouteForm(forms.ModelForm):
data = self.cleaned_data['source']
private_error = False
protected_error = False
data = self.cleaned_data['source']
private_error = False
protected_error = False
+ networkaddr_error = False
+ broadcast_error = False
if data:
try:
address = IPNetwork(data)
if data:
try:
address = IPNetwork(data)
@@
-77,12
+79,22
@@
class RouteForm(forms.ModelForm):
if address.is_private:
private_error = True
raise Exception
if address.is_private:
private_error = True
raise Exception
- else:
- return self.cleaned_data["source"]
+ if address.version == 4 and int(address.prefixlen) == 32:
+ if int(address.network.compressed.split('.')[-1]) == 0:
+ broadcast_error = True
+ raise Exception
+ elif int(address.network.compressed.split('.')[-1]) == 255:
+ networkaddr_error = True
+ raise Exception
+ return self.cleaned_data["source"]
except Exception:
error_text = _('Invalid network address format')
if private_error:
error_text = _('Private addresses not allowed')
except Exception:
error_text = _('Invalid network address format')
if private_error:
error_text = _('Private addresses not allowed')
+ if networkaddr_error:
+ error_text = _('Malformed address format. Cannot be ...255/32')
+ if broadcast_error:
+ error_text = _('Malformed address format. Cannot be ...0/32')
if protected_error:
error_text = _('You have no authority on this subnet')
raise forms.ValidationError(error_text)
if protected_error:
error_text = _('You have no authority on this subnet')
raise forms.ValidationError(error_text)
@@
-93,6
+105,8
@@
class RouteForm(forms.ModelForm):
data = self.cleaned_data['destination']
error = None
protected_error = False
data = self.cleaned_data['destination']
error = None
protected_error = False
+ networkaddr_error = False
+ broadcast_error = False
if data:
try:
address = IPNetwork(data)
if data:
try:
address = IPNetwork(data)
@@
-107,6
+121,13
@@
class RouteForm(forms.ModelForm):
if address.prefixlen < settings.PREFIX_LENGTH:
error = _("Currently no prefix lengths < %s are allowed") %settings.PREFIX_LENGTH
raise Exception
if address.prefixlen < settings.PREFIX_LENGTH:
error = _("Currently no prefix lengths < %s are allowed") %settings.PREFIX_LENGTH
raise Exception
+ if address.version == 4 and int(address.prefixlen) == 32:
+ if int(address.network.compressed.split('.')[-1]) == 0:
+ broadcast_error = True
+ raise Exception
+ elif int(address.network.compressed.split('.')[-1]) == 255:
+ networkaddr_error = True
+ raise Exception
return self.cleaned_data["destination"]
except Exception:
error_text = _('Invalid network address format')
return self.cleaned_data["destination"]
except Exception:
error_text = _('Invalid network address format')
@@
-114,6
+135,10
@@
class RouteForm(forms.ModelForm):
error_text = error
if protected_error:
error_text = _('You have no authority on this subnet')
error_text = error
if protected_error:
error_text = _('You have no authority on this subnet')
+ if networkaddr_error:
+ error_text = _('Malformed address format. Cannot be ...255/32')
+ if broadcast_error:
+ error_text = _('Malformed address format. Cannot be ...0/32')
raise forms.ValidationError(error_text)
def clean_expires(self):
raise forms.ValidationError(error_text)
def clean_expires(self):
@@
-243,8
+268,12
@@
class PortPlainForm(forms.ModelForm):
port = self.cleaned_data['port']
if port:
try:
port = self.cleaned_data['port']
if port:
try:
- assert(int(port))
+ p = int(port)
+ if int(port) > 65535 or int(port) < 0:
+ raise forms.ValidationError(_(''))
return "%s" %self.cleaned_data["port"]
return "%s" %self.cleaned_data["port"]
+ except forms.ValidationError:
+ raise forms.ValidationError(_('Port should be < 65535 and >= 0'))
except:
raise forms.ValidationError(_('Port should be an integer'))
else:
except:
raise forms.ValidationError(_('Port should be an integer'))
else: