/** * This function verifies subnet resizing * * @access public * @param mixed $subnet //subnet in decimal or dotted address format * @param mixed $mask //new subnet mask * @param mixed $subnetId //subnet Id * @param mixed $vrfId //vrfId * @param mixed $masterSubnetId //master Subnet Id * @param mixed $mask_old //old mask * @param mixed $sectionId //section ID * @return void */ public function verify_subnet_resize($subnet, $mask, $subnetId, $vrfId, $masterSubnetId, $mask_old, $sectionId = 0) { # fetch section and set section ordering $Sections = new Sections($this->Database); $section = $Sections->fetch_section(null, $sectionId); # new mask must be > 8 if ($mask < 8) { $this->Result->show("danger", _('New mask must be at least /8') . '!', true); } if (!is_numeric($mask)) { $this->Result->show("danger", _('Mask must be an integer') . '!', true); } //new subnet $new_boundaries = $this->get_network_boundaries($this->transform_address($subnet, "dotted"), $mask); $subnet = $this->transform_address($new_boundaries['network'], "decimal"); # verify new address $verify = $this->verify_cidr_address($this->transform_address($subnet, "dotted") . "/" . $mask); if ($verify !== true) { $this->Result->show("danger", $verify, true); } # same mask - ignore if ($mask == $mask_old) { $this->Result->show("warning", _("New network is same as old network"), true); } elseif ($mask < $mask_old) { //Checks for strict mode if ($section->strictMode == "1") { //if it has parent make sure it is still within boundaries if ((int) $masterSubnetId > 0) { //if parent is folder check for other in same folder $parent_subnet = $this->fetch_subnet(null, $masterSubnetId); if ($parent_subnet->isFolder != 1) { //check that new is inside its master subnet if (!$this->verify_subnet_nesting($parent_subnet->id, $this->transform_to_dotted($subnet) . "/" . $mask)) { $this->Result->show("danger", _("New subnet not in master subnet") . "!", true); } // it cannot be same ! if ($parent_subnet->mask == $mask) { $this->Result->show("danger", _("New subnet cannot be same as master subnet") . "!", true); } //fetch all slave subnets and validate $slave_subnets = $this->fetch_subnet_slaves($parent_subnet->id); if ($slave_subnets !== false) { foreach ($slave_subnets as $ss) { // not self if ($ss->id != $subnetId) { if ($this->verify_overlapping($this->transform_to_dotted($subnet) . "/" . $mask, $this->transform_to_dotted($ss->subnet) . "/" . $ss->mask)) { $this->Result->show("danger", _("Subnet overlapps with") . " " . $this->transform_to_dotted($ss->subnet) . "/" . $ss->mask, true); } } } } } else { //fetch all folder subnets, remove old subnet and verify overlapping! $folder_subnets = $this->fetch_subnet_slaves($parent_subnet->id); //check if (sizeof(@$folder_subnets) > 0) { foreach ($folder_subnets as $fs) { //dont check against old if ($fs->id != $subnetId) { //verify that all nested are inside its parent if ($this->verify_overlapping($this->transform_to_dotted($subnet) . "/" . $mask, $this->transform_to_dotted($fs->subnet) . "/" . $fs->mask)) { $this->Result->show("danger", _("Subnet overlapps with") . " " . $this->transform_to_dotted($fs->subnet) . "/" . $fs->mask, true); } } } } } } else { $section_subnets = $this->fetch_section_subnets($section->id); $overlap = $this->verify_subnet_resize_overlapping($section->id, $this->transform_to_dotted($subnet) . "/" . $mask, $subnetId, $vrfId); if ($overlap !== false) { $this->Result->show("danger", $overlap, true); } } } } else { # addresses class $Addresses = new Addresses($this->Database); // fetch all subnet addresses $subnet_addresses = $Addresses->fetch_subnet_addresses($subnetId, "ip_addr", "asc"); //check all IP addresses against new subnet foreach ($subnet_addresses as $ip) { $Addresses->verify_address($this->transform_to_dotted($ip->ip_addr), $this->transform_to_dotted($subnet) . "/" . $mask, false, true); } //Checks for strict mode if ($section->strictMode == 1) { //if it has slaves make sure they are still inside network if ($this->has_slaves($subnetId)) { //fetch slaves $nested = $this->fetch_subnet_slaves($subnetId); foreach ($nested as $nested_subnet) { //if masks and subnets match they are same, error! if ($nested_subnet->subnet == $subnet && $nested_subnet->mask == $mask) { $this->Result->show("danger", _("Subnet it same as ") . $this->transform_to_dotted($nested_subnet->subnet) . "/{$nested_subnet->mask} - {$nested_subnet->description})", true); } //verify that all nested are inside its parent if (!$this->is_subnet_inside_subnet($this->transform_to_dotted($nested_subnet->subnet) . "/" . $nested_subnet->mask, $this->transform_to_dotted($subnet) . "/" . $mask)) { $this->Result->show("danger", _("Nested subnet out of new subnet") . "!<br>(" . $this->transform_to_dotted($nested_subnet->subnet) . "/{$nested_subnet->mask} - {$nested_subnet->description})", true); } } } } } }
# remove possible spaces $address['ip_addr'] = str_replace(" ", "", $address['ip_addr']); # get start and stop of range $range = explode("-", $address['ip_addr']); $address['start'] = $range[0]; $address['stop'] = $range[1]; # verify both IP addresses if ($subnet['isFolder'] == "1") { if ($Addresses->validate_ip($address['start']) === false) { $Result->show("danger", _("Invalid IP address") . "!", true); } if ($Addresses->validate_ip($address['stop']) === false) { $Result->show("danger", _("Invalid IP address") . "!", true); } } else { $Addresses->verify_address($address['start'], "{$subnet['ip']}/{$subnet['mask']}", $not_strict); $Addresses->verify_address($address['stop'], "{$subnet['ip']}/{$subnet['mask']}", $not_strict); } # go from start to stop and insert / update / delete IPs $start = $Subnets->transform_to_decimal($address['start']); $stop = $Subnets->transform_to_decimal($address['stop']); # start cannot be higher than stop! if ($start > $stop) { $Result->show("danger", _("Invalid address range") . "!", true); } # we can manage only 4096 IP's at once! if (gmp_strval(gmp_sub($stop, $start)) > 4096) { $Result->show("danger", _("Only 4096 IP addresses at once") . "!", true); } # set limits $m = gmp_strval($start);
/* if action is reject set processed and accepted to 1 and 0 */ if ($_POST['action'] == "reject") { //set reject values $values = array("id" => $_POST['requestId'], "processed" => 1, "accepted" => 0, "adminComment" => @$_POST['adminComment']); if (!$Admin->object_modify("requests", "edit", "id", $values)) { $Result->show("danger", _("Failed to reject IP request"), true); } else { $Result->show("success", _("Request has beed rejected"), false); } # send mail $Tools->ip_request_send_mail("reject", $_POST); } else { // fetch subnet $subnet_temp = $Addresses->transform_to_dotted($subnet['subnet']) . "/" . $subnet['mask']; //verify IP and subnet $Addresses->verify_address($Addresses->transform_address($_POST['ip_addr'], "dotted"), $subnet_temp, false, true); //check if already existing and die if ($Addresses->address_exists($Addresses->transform_address($_POST['ip_addr'], "decimal"), $subnet['id'])) { $Result->show("danger", _('IP address already exists'), true); } //insert to ipaddresses table $values = array("action" => "add", "ip_addr" => $Addresses->transform_address($_POST['ip_addr'], "decimal"), "subnetId" => $_POST['subnetId'], "description" => @$_POST['description'], "dns_name" => @$_POST['dns_name'], "mac" => @$_POST['mac'], "owner" => @$_POST['owner'], "state" => @$_POST['state'], "switch" => @$_POST['switch'], "port" => @$_POST['port'], "note" => @$_POST['note']); if (!$Addresses->modify_address($values)) { $Result->show("danger", _("Failed to create IP address"), true); } //accept message $values2 = array("id" => $_POST['requestId'], "processed" => 1, "accepted" => 1, "adminComment" => $comment); if (!$Admin->object_modify("requests", "edit", "id", $values2)) { $Result->show("danger", _("Cannot confirm IP address"), true); } else { $Result->show("success", _("IP request accepted/rejected"), false);