bugzilla-daemon at netfilter.org
2016-Aug-30 10:43 UTC
[Bug 1085] New: No warning for weird interface characters if interface contains wildcard character
https://bugzilla.netfilter.org/show_bug.cgi?id=1085
Bug ID: 1085
Summary: No warning for weird interface characters if interface
contains wildcard character
Product: iptables
Version: CVS (please indicate timestamp)
Hardware: All
OS: All
Status: NEW
Severity: trivial
Priority: P5
Component: iptables
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: netfilterbugzilla at s.cdmweb.de
When I try to match on an interface with illegal characters (e.g. whitespace or
/), I get a warning, as expected:
# iptables -A FORWARD -i "asd f"
Warning: weird character in interface `asd f' ('/' and ' '
are not allowed by
the kernel).
The rule is inserted successfully into the ruleset.
However, when I make the interface match a wildcard, I do no longer get the
warning:
# iptables -A FORWARD -i "asd f+"
Expected behavior: I get a warning about the whitespace in my interface match.
Observed behavior Rule is accepted without any warning, iptables-save confirms
that the rule was successfully inserted.
The issue can be seen directly in the function xtables_parse_interface:
https://git.netfilter.org/iptables/tree/libxtables/xtables.c?h=v1.6.0#n518
The for loop which checks for weird characters is not executed if the interface
match string ends on '+'.
Version: iptables 1.6.0
As of git commit 921dfe98c69b7a71e31e48df79f4986d7bde7810 (HEAD on 30th Aug
2016), the mentioned code did not change.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160830/2b1faae1/attachment.html>
bugzilla-daemon at netfilter.org
2017-Apr-30 13:37 UTC
[Bug 1085] No warning for weird interface characters if interface contains wildcard character
https://bugzilla.netfilter.org/show_bug.cgi?id=1085
Oliver Ford <ojford at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ojford at gmail.com
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170430/cb96bd2c/attachment.html>
bugzilla-daemon at netfilter.org
2017-Apr-30 13:45 UTC
[Bug 1085] No warning for weird interface characters if interface contains wildcard character
https://bugzilla.netfilter.org/show_bug.cgi?id=1085
Oliver Ford <ojford at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|netfilter-buglog at lists.netf |ojford at gmail.com
|ilter.org |
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170430/8f84cc18/attachment.html>
bugzilla-daemon at netfilter.org
2017-Apr-30 13:46 UTC
[Bug 1085] No warning for weird interface characters if interface contains wildcard character
https://bugzilla.netfilter.org/show_bug.cgi?id=1085
Oliver Ford <ojford at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170430/885abaa2/attachment.html>
bugzilla-daemon at netfilter.org
2017-May-05 11:30 UTC
[Bug 1085] No warning for weird interface characters if interface contains wildcard character
https://bugzilla.netfilter.org/show_bug.cgi?id=1085 --- Comment #1 from Oliver Ford <ojford at gmail.com> --- Created attachment 500 --> https://bugzilla.netfilter.org/attachment.cgi?id=500&action=edit Patch Fixed in the attached patch. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170505/718126e5/attachment.html>
bugzilla-daemon at netfilter.org
2017-May-08 19:02 UTC
[Bug 1085] No warning for weird interface characters if interface contains wildcard character
https://bugzilla.netfilter.org/show_bug.cgi?id=1085
Oliver Ford <ojford at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #2 from Oliver Ford <ojford at gmail.com> ---
Fix committed.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170508/a88a14d4/attachment.html>
Reasonably Related Threads
- [Bug 989] New: Deprecated function gethostbyaddr used in xtables
- [Bug 1078] New: please provide a firewall scripts drop-in folder
- [Bug 905] New: Please support passing a filename to iptables-save
- [Bug 1152] New: iptables-xml crashed on -D rules
- [Bug 961] New: Can not remove rules with the default --mask parameter (-m recent)