do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
for ($i = 0; isset($config['load_balancer']['virtual_server'][$i]); $i++) {
if ($_POST['name'] == $config['load_balancer']['virtual_server'][$i]['name'] && $i != $id) {
$input_errors[] = gettext("This virtual server name has already been used. Virtual server names must be unique.");
}
}
if (preg_match('/[ \\/]/', $_POST['name'])) {
$input_errors[] = gettext("You cannot use spaces or slashes in the 'name' field.");
}
if ($_POST['port'] != "" && !is_portoralias($_POST['port'])) {
$input_errors[] = gettext("The port must be an integer between 1 and 65535, a port alias, or left blank.");
}
if (!is_ipaddroralias($_POST['ipaddr']) && !is_subnetv4($_POST['ipaddr'])) {
$input_errors[] = sprintf(gettext("%s is not a valid IP address, IPv4 subnet, or alias."), $_POST['ipaddr']);
} else {
if (is_subnetv4($_POST['ipaddr']) && subnet_size($_POST['ipaddr']) > 64) {
$input_errors[] = sprintf(gettext("%s is a subnet containing more than 64 IP addresses."), $_POST['ipaddr']);
}
}
if (strtolower($_POST['relay_protocol']) == "dns" && !empty($_POST['sitedown'])) {
$input_errors[] = gettext("You cannot select a Fall Back Pool when using the DNS relay protocol.");
}
if (!$input_errors) {
$vsent = array();
if (isset($id) && $a_vs[$id]) {
$vsent = $a_vs[$id];
}
if ($vsent['name'] != "") {
$changedesc .= " " . sprintf(gettext("modified '%s' vs:"), $vsent['name']);
} else {
$changedesc .= " " . sprintf(gettext("created '%s' vs:"), $_POST['name']);
foreach ($pconfig['servers'] as $svrent) {
if (!is_ipaddr($svrent) && !is_subnetv4($svrent)) {
$input_errors[] = sprintf(gettext("%s is not a valid IP address or IPv4 subnet (in \"enabled\" list)."), $svrent);
} else {
if (is_subnetv4($svrent) && subnet_size($svrent) > 64) {
$input_errors[] = sprintf(gettext("%s is a subnet containing more than 64 IP addresses (in \"enabled\" list)."), $svrent);
}
}
}
}
if (is_array($_POST['serversdisabled'])) {
foreach ($pconfig['serversdisabled'] as $svrent) {
if (!is_ipaddr($svrent) && !is_subnetv4($svrent)) {
$input_errors[] = sprintf(gettext("%s is not a valid IP address or IPv4 subnet (in \"disabled\" list)."), $svrent);
} else {
if (is_subnetv4($svrent) && subnet_size($svrent) > 64) {
$input_errors[] = sprintf(gettext("%s is a subnet containing more than 64 IP addresses (in \"disabled\" list)."), $svrent);
}
}
}
}
$m = array();
for ($i = 0; isset($config['load_balancer']['monitor_type'][$i]); $i++) {
$m[$config['load_balancer']['monitor_type'][$i]['name']] = $config['load_balancer']['monitor_type'][$i];
}
if (!isset($m[$_POST['monitor']])) {
$input_errors[] = gettext("Invalid monitor chosen.");
}
if (!$input_errors) {
$poolent = array();
if (isset($id) && $a_pool[$id]) {
if (empty($suricatacfg['libhtp_policy']['item'])) {
$http_hosts_default_policy = "default-config:\n personality: IDS\n request-body-limit: 4096\n response-body-limit: 4096\n";
$http_hosts_default_policy .= " double-decode-path: no\n double-decode-query: no\n uri-include-all: no\n";
} else {
foreach ($suricatacfg['libhtp_policy']['item'] as $k => $v) {
if ($v['bind_to'] != "all") {
$engine = "server-config:\n - {$v['name']}:\n";
$tmp = trim(filter_expand_alias($v['bind_to']));
if (!empty($tmp)) {
$engine .= " address: [";
$tmp = preg_replace('/\\s+/', ',', $tmp);
$list = explode(',', $tmp);
foreach ($list as $addr) {
if (is_ipaddrv6($addr) || is_subnetv6($addr)) {
$engine .= "\"{$addr}\", ";
} elseif (is_ipaddrv4($addr) || is_subnetv4($addr)) {
$engine .= "{$addr}, ";
} else {
log_error("[suricata] WARNING: invalid IP address value '{$addr}' in Alias {$v['bind_to']} will be ignored.");
continue;
}
}
$engine = trim($engine, ' ,');
$engine .= "]\n";
$engine .= " personality: {$v['personality']}\n request-body-limit: {$v['request-body-limit']}\n";
$engine .= " response-body-limit: {$v['response-body-limit']}\n";
$engine .= " double-decode-path: {$v['double-decode-path']}\n";
$engine .= " double-decode-query: {$v['double-decode-query']}\n";
$engine .= " uri-include-all: {$v['uri-include-all']}\n";
$http_hosts_policy .= " {$engine}\n";
} else {