summaryrefslogtreecommitdiffstats
path: root/iptables-model.lua
diff options
context:
space:
mode:
Diffstat (limited to 'iptables-model.lua')
-rw-r--r--iptables-model.lua26
1 files changed, 13 insertions, 13 deletions
diff --git a/iptables-model.lua b/iptables-model.lua
index cad707a..0447e41 100644
--- a/iptables-model.lua
+++ b/iptables-model.lua
@@ -260,7 +260,7 @@ function update_chain(chain)
if success then
if chain.value.policy then
- local cmd = path .. "iptables -t "..chain.value.table.value.." -P "..chain.value.chain.value.." "..chain.value.policy.value.." 2>&1"
+ local cmd = path .. "iptables -t "..format.escapespecialcharacters(chain.value.table.value).." -P "..format.escapespecialcharacters(chain.value.chain.value).." "..format.escapespecialcharacters(chain.value.policy.value).." 2>&1"
local f = io.popen(cmd)
local errtxt = f:read("*a")
f:close()
@@ -292,7 +292,7 @@ function create_chain(chain)
end
if success then
- local cmd = path .. "iptables -t "..chain.value.table.value.." -N "..chain.value.chain.value.." 2>&1"
+ local cmd = path .. "iptables -t "..format.escapespecialcharacters(chain.value.table.value).." -N "..format.escapespecialcharacters(chain.value.chain.value).." 2>&1"
local f = io.popen(cmd)
local errtxt = f:read("*a")
if errtxt ~= "" then
@@ -318,7 +318,7 @@ function delete_chain(tab, chain)
elseif chn.references and tonumber(chn.references) > 0 then
retval.errtxt = "Cannot delete chain with references"
else
- local cmd = path .. "iptables -t "..tab.." -X "..chain.." 2>&1"
+ local cmd = path .. "iptables -t "..format.escapespecialcharacters(tab).." -X "..format.escapespecialcharacters(chain).." 2>&1"
local f = io.popen(cmd)
local errtxt = f:read("*a")
if errtxt ~= "" then
@@ -488,13 +488,13 @@ function create_rule(rule)
if success then
local spec = generate_rule_specification(rule)
- local cmd = path .. "iptables -t " .. rule.value.table.value
- if rule.value.position.value ~= "" then
- cmd = cmd .. " -I " .. rule.value.chain.value .. " " .. rule.value.position.value
+ local cmd = path .. "iptables -t " .. format.escapespecialcharacters(rule.value.table.value)
+ if tonumber(rule.value.position.value) then
+ cmd = cmd .. " -I " .. format.escapespecialcharacters(rule.value.chain.value) .. " " .. format.escapespecialcharacters(rule.value.position.value)
else
- cmd = cmd .. " -A " .. rule.value.chain.value
+ cmd = cmd .. " -A " .. format.escapespecialcharacters(rule.value.chain.value)
end
- cmd = cmd .. " " .. spec .. " 2>&1"
+ cmd = cmd .. " " .. format.escapespecialcharacters(spec) .. " 2>&1"
local f = io.popen(cmd)
rule.errtxt = f:read("*a")
f:close()
@@ -510,14 +510,14 @@ end
function update_rule(rule)
local success, rule = validate_rule(rule)
- if rule.value.position.value == "" then
- rule.value.position.errtxt = "Cannot be empty"
- successs = false
+ if not tonumber(rule.value.position.value) then
+ rule.value.position.errtxt = "Must be a number"
+ success = false
end
if success then
local spec = generate_rule_specification(rule)
- local cmd = path .. "iptables -t " .. rule.value.table.value .. " -R " .. rule.value.chain.value .. " " .. rule.value.position.value .. " " .. spec .. " 2>&1"
+ local cmd = path .. "iptables -t " .. format.escapespecialcharacters(rule.value.table.value) .. " -R " .. format.escapespecialcharacters(rule.value.chain.value) .. " " .. format.escapespecialcharacters(rule.value.position.value) .. " " .. format.escapespecialcharacters(spec) .. " 2>&1"
local f = io.popen(cmd)
rule.errtxt = f:read("*a")
f:close()
@@ -536,7 +536,7 @@ function delete_rule(tab, chain, pos)
if not tab or not chain or not pos then
cmdresult.errtxt = "Incomplete specification - must define table, chain, and position"
else
- local cmd = path .. "iptables -t " .. tab .. " -D " .. chain .. " " .. pos
+ local cmd = path .. "iptables -t " .. format.escapespecialcharacters(tab) .. " -D " .. format.escapespecialcharacters(chain) .. " " .. format.escapespecialcharacters(pos)
local f = io.popen(cmd)
cmdresult.value = f:read("*a")
f:close()