applications/luci-splash: Add a filter for arguments, only allow valid mac and ip...

[project/luci.git] / applications / luci-splash / root / usr / sbin / luci-splash

diff --git a/applications/luci-splash/root/usr/sbin/luci-splash b/applications/luci-splash/root/usr/sbin/luci-splash
index 88f2250..a795421 100755 (executable)
--- a/applications/luci-splash/root/usr/sbin/luci-splash
+++ b/applications/luci-splash/root/usr/sbin/luci-splash
@@ -106,6 +106,26 @@ function get_filter_handle(parent, direction, device, mac)
        return handle
 end
 
+function macvalid(mac)
+       if mac and mac:match(
+               "^[a-fA-F0-9][a-fA-F0-9]:[a-fA-F0-9][a-fA-F0-9]:" ..
+               "[a-fA-F0-9][a-fA-F0-9]:[a-fA-F0-9][a-fA-F0-9]:" ..
+               "[a-fA-F0-9][a-fA-F0-9]:[a-fA-F0-9][a-fA-F0-9]$"
+       ) then
+               return true
+       end
+
+       return false
+end
+
+function ipvalid(ipaddr)
+       if ipaddr then
+               return ip.IPv4(ipaddr) and true or false
+       end
+
+       return false
+end
+
 function main(argv)
        local cmd = table.remove(argv, 1)
        local arg = argv[1]
@@ -116,6 +136,12 @@ function main(argv)
        if ( cmd == "lease" or cmd == "add-rules" or cmd == "remove" or
             cmd == "whitelist" or cmd == "blacklist" or cmd == "status" ) and #argv > 0
        then
+               if not (macvalid(arg) or ipvalid(arg)) then
+                       print("Invalid argument. The second argument must " ..
+                               "be a valid IPv4 or Mac Address.")
+                       os.exit(1)
+               end
+
                lock()
 
                local arp_cache      = net.arptable()
@@ -390,10 +416,12 @@ function remove_whitelist_tc(mac)
        end
         uci:foreach("luci_splash", "iface", function(s)
                local device = get_physdev(s['.name'])
-               local handle = get_filter_handle('ffff:', 'src', device, mac)
-               exec('tc filter del dev "%s" parent ffff: protocol ip prio 1 handle %s u32' % { device, handle })
-               local handle = get_filter_handle('1:', 'dest', device, mac)
-               exec('tc filter del dev "%s" parent 1:0 protocol ip prio 1 handle %s u32' % { device, handle })
+               if device and device ~= "" then
+                       local handle = get_filter_handle('ffff:', 'src', device, mac)
+                       exec('tc filter del dev "%s" parent ffff: protocol ip prio 1 handle %s u32' % { device, handle })
+                       local handle = get_filter_handle('1:', 'dest', device, mac)
+                       exec('tc filter del dev "%s" parent 1:0 protocol ip prio 1 handle %s u32' % { device, handle })
+               end
         end)
 end
 
@@ -486,8 +514,10 @@ function add_whitelist_rule(mac)
        end
         uci:foreach("luci_splash", "iface", function(s)
                local device = get_physdev(s['.name'])
-               exec('tc filter add dev "%s" parent ffff: protocol ip prio 1 u32 match ether src %s police pass' % { device, mac })
-               exec('tc filter add dev "%s" parent 1:0 protocol ip prio 1 u32 match ether dst %s classid 1:1' % { device, mac })
+               if device and device ~= "" then
+                       exec('tc filter add dev "%s" parent ffff: protocol ip prio 1 u32 match ether src %s police pass' % { device, mac })
+                       exec('tc filter add dev "%s" parent 1:0 protocol ip prio 1 u32 match ether dst %s classid 1:1' % { device, mac })
+               end
         end)
 end