diff options
| -rw-r--r-- | iptables-model.lua | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/iptables-model.lua b/iptables-model.lua index cad707a..0447e41 100644 --- a/iptables-model.lua +++ b/iptables-model.lua @@ -260,7 +260,7 @@ function update_chain(chain) if success then if chain.value.policy then - local cmd = path .. "iptables -t "..chain.value.table.value.." -P "..chain.value.chain.value.." "..chain.value.policy.value.." 2>&1" + local cmd = path .. "iptables -t "..format.escapespecialcharacters(chain.value.table.value).." -P "..format.escapespecialcharacters(chain.value.chain.value).." "..format.escapespecialcharacters(chain.value.policy.value).." 2>&1" local f = io.popen(cmd) local errtxt = f:read("*a") f:close() @@ -292,7 +292,7 @@ function create_chain(chain) end if success then - local cmd = path .. "iptables -t "..chain.value.table.value.." -N "..chain.value.chain.value.." 2>&1" + local cmd = path .. "iptables -t "..format.escapespecialcharacters(chain.value.table.value).." -N "..format.escapespecialcharacters(chain.value.chain.value).." 2>&1" local f = io.popen(cmd) local errtxt = f:read("*a") if errtxt ~= "" then @@ -318,7 +318,7 @@ function delete_chain(tab, chain) elseif chn.references and tonumber(chn.references) > 0 then retval.errtxt = "Cannot delete chain with references" else - local cmd = path .. "iptables -t "..tab.." -X "..chain.." 2>&1" + local cmd = path .. "iptables -t "..format.escapespecialcharacters(tab).." -X "..format.escapespecialcharacters(chain).." 2>&1" local f = io.popen(cmd) local errtxt = f:read("*a") if errtxt ~= "" then @@ -488,13 +488,13 @@ function create_rule(rule) if success then local spec = generate_rule_specification(rule) - local cmd = path .. "iptables -t " .. rule.value.table.value - if rule.value.position.value ~= "" then - cmd = cmd .. " -I " .. rule.value.chain.value .. " " .. rule.value.position.value + local cmd = path .. "iptables -t " .. format.escapespecialcharacters(rule.value.table.value) + if tonumber(rule.value.position.value) then + cmd = cmd .. " -I " .. format.escapespecialcharacters(rule.value.chain.value) .. " " .. format.escapespecialcharacters(rule.value.position.value) else - cmd = cmd .. " -A " .. rule.value.chain.value + cmd = cmd .. " -A " .. format.escapespecialcharacters(rule.value.chain.value) end - cmd = cmd .. " " .. spec .. " 2>&1" + cmd = cmd .. " " .. format.escapespecialcharacters(spec) .. " 2>&1" local f = io.popen(cmd) rule.errtxt = f:read("*a") f:close() @@ -510,14 +510,14 @@ end function update_rule(rule) local success, rule = validate_rule(rule) - if rule.value.position.value == "" then - rule.value.position.errtxt = "Cannot be empty" - successs = false + if not tonumber(rule.value.position.value) then + rule.value.position.errtxt = "Must be a number" + success = false end if success then local spec = generate_rule_specification(rule) - local cmd = path .. "iptables -t " .. rule.value.table.value .. " -R " .. rule.value.chain.value .. " " .. rule.value.position.value .. " " .. spec .. " 2>&1" + local cmd = path .. "iptables -t " .. format.escapespecialcharacters(rule.value.table.value) .. " -R " .. format.escapespecialcharacters(rule.value.chain.value) .. " " .. format.escapespecialcharacters(rule.value.position.value) .. " " .. format.escapespecialcharacters(spec) .. " 2>&1" local f = io.popen(cmd) rule.errtxt = f:read("*a") f:close() @@ -536,7 +536,7 @@ function delete_rule(tab, chain, pos) if not tab or not chain or not pos then cmdresult.errtxt = "Incomplete specification - must define table, chain, and position" else - local cmd = path .. "iptables -t " .. tab .. " -D " .. chain .. " " .. pos + local cmd = path .. "iptables -t " .. format.escapespecialcharacters(tab) .. " -D " .. format.escapespecialcharacters(chain) .. " " .. format.escapespecialcharacters(pos) local f = io.popen(cmd) cmdresult.value = f:read("*a") f:close() |