[people/pmueller/ipfire-2.x.git] / html / cgi-bin / netexternal.cgi

#!/usr/bin/perl
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2005-2010  IPFire Team                                        #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

use strict;
use experimental 'smartmatch';

# enable only the following on debugging purpose
#use warnings;
#use CGI::Carp 'fatalsToBrowser';

use IO::Socket;

require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
require "${General::swroot}/geoip-functions.pl";
require "${General::swroot}/graphs.pl";

# Libloc database handle.
my $libloc_db_handle = &GeoIP::init();

my %color = ();
my %mainsettings = ();
my %netsettings=();
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);

my @graphs=();
my %dhcpinfo=();

my @querry = split(/\?/,$ENV{'QUERY_STRING'});
$querry[0] = '' unless defined $querry[0];
$querry[1] = 'hour' unless defined $querry[1];

if ( $querry[0] ne~ ""){
	print "Content-type: image/png\n\n";
	binmode(STDOUT);
	&Graphs::updateifgraph($querry[0],$querry[1]);
}else{

	&Header::showhttpheaders();
	&Header::openpage($Lang::tr{'network traffic graphs external'}, 1, '');
	&Header::openbigbox('100%', 'left');

	if ($netsettings{'RED_TYPE'} ne 'PPPOE'){
		if ($netsettings{'RED_DEV'} ne $netsettings{'GREEN_DEV'}){
			push (@graphs, ($netsettings{'RED_DEV'}));
		}
	}else{
		push (@graphs, "ppp0");
	}
	
	if (-e "/var/log/rrd/collectd/localhost/interface/if_octets-ipsec0.rrd"){
		push (@graphs, ("ipsec0"));
	}

	if (-e "/var/log/rrd/collectd/localhost/interface/if_octets-tun0.rrd"){
		push (@graphs, ("tun0"));
	}

	foreach (@graphs) {
		&Header::openbox('100%', 'center', "$_ $Lang::tr{'graph'}");
		&Graphs::makegraphbox("netexternal.cgi",$_,"day");
		&Header::closebox();
	}

	## DNSSEC
	my @nameservers = ();
	foreach my $f ("${General::swroot}/red/dns1", "${General::swroot}/red/dns2") {
		open(DNS, "<$f");
		my $nameserver = <DNS>;
		close(DNS);

		chomp($nameserver);
		if ($nameserver) {
			push(@nameservers, $nameserver);
		}
	}

	&Header::openbox('100%', 'center', $Lang::tr{'dnssec information'});

	print <<END;
		<table class="tbl" width='66%'>
			<thead>
				<tr>
					<th align="center">
						<strong>$Lang::tr{'nameserver'}</strong>
					</th>
					<th align="center">
						<strong>$Lang::tr{'country'}</strong>
					</th>
					<th align="center">
						<strong>$Lang::tr{'rdns'}</strong>
					</th>
					<th align="center">
						<strong>$Lang::tr{'status'}</strong>
					</th>
				</tr>
			</thead>
			<tbody>
END

	my $id = 0;
	for my $nameserver (@nameservers) {
		my $status = &check_dnssec($nameserver, "ping.ipfire.org");

		my $colour = "";
		my $bgcolour = "";
		my $message = "";

		# DNSSEC Not supported
		if ($status == 0) {
			$message = $Lang::tr{'dnssec not supported'};
			$colour = "white";
			$bgcolour = ${Header::colourred};

		# DNSSEC Aware
		} elsif ($status == 1) {
			$message = $Lang::tr{'dnssec aware'};
			$colour = "black";
			$bgcolour = ${Header::colouryellow};

		# DNSSEC Validating
		} elsif ($status == 2) {
			$message = $Lang::tr{'dnssec validating'};
			$colour = "white";
			$bgcolour = ${Header::colourgreen};

		# Error
		} else {
			$colour = ${Header::colourred};
		}

		my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};

		# collect more information about name server (rDNS, GeoIP country code)
		my $ccode = &GeoIP::lookup_country_code($libloc_db_handle, $nameserver);
		my $flag_icon = &GeoIP::get_flag_icon($ccode);

		my $iaddr = inet_aton($nameserver);
		my $rdns = gethostbyaddr($iaddr, AF_INET);
		if (!$rdns) { $rdns = $Lang::tr{'lookup failed'}; }

		print <<END;
			<tr bgcolor="$table_colour">
				<td>
					$nameserver
				</td>
				<td align="center">
					<a href='country.cgi#$ccode'><img src="$flag_icon" border="0" alt="$ccode" title="$ccode" /></a>
				</td>
				<td align="center">
					$rdns
				</td>
				<td bgcolor="$bgcolour" align="center">
					<font color="$colour"><strong>$message</strong></font>
				</td>
			</tr>
END
	}

	print <<END;
			</tbody>
		</table>
END

	&Header::closebox();

	if ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/  && $netsettings{'RED_TYPE'} eq "DHCP"){

		&Header::openbox('100%', 'left', "RED $Lang::tr{'dhcp configuration'}");
		if (-s "${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info") {

			&General::readhash("${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info", \%dhcpinfo);

			my $DNS1=`echo $dhcpinfo{'domain_name_servers'} | cut -f 1 -d " "`;
			my $DNS2=`echo $dhcpinfo{'domain_name_servers'} | cut -f 2 -d " "`;

			my $lsetme=0;
			my $leasetime="";
			if ($dhcpinfo{'dhcp_lease_time'} ne "") {
				$lsetme=$dhcpinfo{'dhcp_lease_time'};
				$lsetme=($lsetme/60);
				
				if ($lsetme > 59) {
					$lsetme=($lsetme/60); $leasetime=$lsetme." Hour";
				}else{
					$leasetime=$lsetme." Minute";
				}
				
				if ($lsetme > 1) {
					$leasetime=$leasetime."s";
				}
			}

			my $rentme=0;
			my $rnwltime="";

			if ($dhcpinfo{'dhcp_renewal_time'} ne "") {
				$rentme=$dhcpinfo{'dhcp_renewal_time'};
				$rentme=($rentme/60);
				
				if ($rentme > 59){
					$rentme=($rentme/60); $rnwltime=$rentme." Hour";
				}else{
					$rnwltime=$rentme." Minute";
				}
				
				if ($rentme > 1){
					$rnwltime=$rnwltime."s";
				}
			}

			my $maxtme=0;
			my $maxtime="";

			if ($dhcpinfo{'dhcp_rebinding_time'} ne "") {
				$maxtme=$dhcpinfo{'dhcp_rebinding_time'};
				$maxtme=($maxtme/60);

				if ($maxtme > 59){
					$maxtme=($maxtme/60); $maxtime=$maxtme." Hour";
				} else {
					$maxtime=$maxtme." Minute";
				}

				if ($maxtme > 1) {
					$maxtime=$maxtime."s";
				}
			}


			print <<END
<table width='100%'>
<tr><td width='30%'>$Lang::tr{'domain'}</td><td>$dhcpinfo{'domain_name'}</td></tr>
<tr><td>$Lang::tr{'gateway'}</td><td>$dhcpinfo{'routers'}</td></tr>
<tr><td>$Lang::tr{'primary dns'}</td><td>$DNS1</td></tr>
<tr><td>$Lang::tr{'secondary dns'}</td><td>$DNS2</td></tr>
<tr><td>$Lang::tr{'dhcp server'}</td><td>$dhcpinfo{'dhcp_server_identifier'}</td></tr>
<tr><td>$Lang::tr{'def lease time'}</td><td>$leasetime</td></tr>
<tr><td>$Lang::tr{'default renewal time'}</td><td>$rnwltime</td></tr>
<tr><td>$Lang::tr{'max renewal time'}</td><td>$maxtime</td></tr>
</table>
END
;
		}else{
			print "$Lang::tr{'no dhcp lease'}";
		}
		&Header::closebox();
	}

	&Header::closebigbox();
	&Header::closepage();
}

sub check_dnssec($$) {
	my $nameserver = shift;
	my $record = shift;

	my @command = ("dig", "+dnssec", $record, "\@$nameserver");

	my @output = qx(@command);
	my $output = join("", @output);

	my $status = 0;
	if ($output =~ m/status: (\w+)/) {
		$status = ($1 eq "NOERROR");

		if (!$status) {
			return -1;
		}
	}

	my @flags = ();
	if ($output =~ m/flags: (.*);/) {
		@flags = split(/ /, $1);
	}

	my $aware = ($output =~ m/RRSIG/);
	my $validating = ("ad" ~~ @flags);

	return $aware + $validating;
}
Commit	Line	Data
4e481c3a CS	1	#!/usr/bin/perl
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
0d08de33	5	# Copyright (C) 2005-2010 IPFire Team #
4e481c3a CS	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	use strict;
5653e551	23	use experimental 'smartmatch';
4e481c3a CS	24
	25	# enable only the following on debugging purpose
	26	#use warnings;
	27	#use CGI::Carp 'fatalsToBrowser';
	28
297110d4 PM	29	use IO::Socket;
297110d4 PM	30
4e481c3a CS	31	require '/var/ipfire/general-functions.pl';
	32	require "${General::swroot}/lang.pl";
	33	require "${General::swroot}/header.pl";
297110d4	34	require "${General::swroot}/geoip-functions.pl";
4e481c3a CS	35	require "${General::swroot}/graphs.pl";
4e481c3a CS	36
bb7ba3b4 SS	37	# Libloc database handle.
	38	my $libloc_db_handle = &GeoIP::init();
	39
4e481c3a CS	40	my %color = ();
	41	my %mainsettings = ();
	42	my %netsettings=();
	43	&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
	44	&General::readhash("${General::swroot}/main/settings", \%mainsettings);
	45	&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
	46
	47	my @graphs=();
	48	my %dhcpinfo=();
	49
	50	my @querry = split(/\?/,$ENV{'QUERY_STRING'});
	51	$querry[0] = '' unless defined $querry[0];
	52	$querry[1] = 'hour' unless defined $querry[1];
	53
	54	if ( $querry[0] ne~ ""){
	55	print "Content-type: image/png\n\n";
	56	binmode(STDOUT);
	57	&Graphs::updateifgraph($querry[0],$querry[1]);
	58	}else{
	59
	60	&Header::showhttpheaders();
	61	&Header::openpage($Lang::tr{'network traffic graphs external'}, 1, '');
	62	&Header::openbigbox('100%', 'left');
	63
	64	if ($netsettings{'RED_TYPE'} ne 'PPPOE'){
	65	if ($netsettings{'RED_DEV'} ne $netsettings{'GREEN_DEV'}){
	66	push (@graphs, ($netsettings{'RED_DEV'}));
	67	}
	68	}else{
	69	push (@graphs, "ppp0");
	70	}
	71
	72	if (-e "/var/log/rrd/collectd/localhost/interface/if_octets-ipsec0.rrd"){
	73	push (@graphs, ("ipsec0"));
	74	}
	75
	76	if (-e "/var/log/rrd/collectd/localhost/interface/if_octets-tun0.rrd"){
	77	push (@graphs, ("tun0"));
	78	}
	79
	80	foreach (@graphs) {
	81	&Header::openbox('100%', 'center', "$_ $Lang::tr{'graph'}");
	82	&Graphs::makegraphbox("netexternal.cgi",$_,"day");
	83	&Header::closebox();
	84	}
	85
ff5e4ef8 MT	86	## DNSSEC
	87	my @nameservers = ();
	88	foreach my $f ("${General::swroot}/red/dns1", "${General::swroot}/red/dns2") {
	89	open(DNS, "<$f");
	90	my $nameserver = <DNS>;
	91	close(DNS);
	92
	93	chomp($nameserver);
	94	if ($nameserver) {
	95	push(@nameservers, $nameserver);
	96	}
	97	}
	98
	99	&Header::openbox('100%', 'center', $Lang::tr{'dnssec information'});
	100
	101	print <<END;
	102	<table class="tbl" width='66%'>
	103	<thead>
	104	<tr>
	105	<th align="center">
	106	<strong>$Lang::tr{'nameserver'}</strong>
	107	</th>
297110d4 PM	108	<th align="center">
	109	<strong>$Lang::tr{'country'}</strong>
	110	</th>
	111	<th align="center">
	112	<strong>$Lang::tr{'rdns'}</strong>
	113	</th>
ff5e4ef8 MT	114	<th align="center">
	115	<strong>$Lang::tr{'status'}</strong>
	116	</th>
	117	</tr>
	118	</thead>
	119	<tbody>
	120	END
	121
	122	my $id = 0;
	123	for my $nameserver (@nameservers) {
	124	my $status = &check_dnssec($nameserver, "ping.ipfire.org");
	125
	126	my $colour = "";
ed94927d	127	my $bgcolour = "";
ff5e4ef8 MT	128	my $message = "";
	129
	130	# DNSSEC Not supported
	131	if ($status == 0) {
	132	$message = $Lang::tr{'dnssec not supported'};
ed94927d MT	133	$colour = "white";
ed94927d MT	134	$bgcolour = ${Header::colourred};
ff5e4ef8 MT	135
	136	# DNSSEC Aware
	137	} elsif ($status == 1) {
	138	$message = $Lang::tr{'dnssec aware'};
ed94927d MT	139	$colour = "black";
ed94927d MT	140	$bgcolour = ${Header::colouryellow};
ff5e4ef8 MT	141
	142	# DNSSEC Validating
	143	} elsif ($status == 2) {
	144	$message = $Lang::tr{'dnssec validating'};
ed94927d MT	145	$colour = "white";
ed94927d MT	146	$bgcolour = ${Header::colourgreen};
ff5e4ef8 MT	147
	148	# Error
	149	} else {
	150	$colour = ${Header::colourred};
	151	}
	152
	153	my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};
	154
297110d4	155	# collect more information about name server (rDNS, GeoIP country code)
bb7ba3b4	156	my $ccode = &GeoIP::lookup_country_code($libloc_db_handle, $nameserver);
297110d4 PM	157	my $flag_icon = &GeoIP::get_flag_icon($ccode);
	158
	159	my $iaddr = inet_aton($nameserver);
	160	my $rdns = gethostbyaddr($iaddr, AF_INET);
	161	if (!$rdns) { $rdns = $Lang::tr{'lookup failed'}; }
	162
ff5e4ef8 MT	163	print <<END;
ff5e4ef8 MT	164	<tr bgcolor="$table_colour">
297110d4 PM	165	<td>
	166	$nameserver
	167	</td>
	168	<td align="center">
	169	<a href='country.cgi#$ccode'><img src="$flag_icon" border="0" alt="$ccode" title="$ccode" /></a>
	170	</td>
	171	<td align="center">
	172	$rdns
	173	</td>
ed94927d MT	174	<td bgcolor="$bgcolour" align="center">
ed94927d MT	175	<font color="$colour"><strong>$message</strong></font>
ff5e4ef8 MT	176	</td>
	177	</tr>
	178	END
	179	}
	180
	181	print <<END;
	182	</tbody>
	183	</table>
	184	END
	185
	186	&Header::closebox();
	187
4e481c3a CS	188	if ( $netsettings{'CONFIG_TYPE'} =~ /^(1\|2\|3\|4)$/ && $netsettings{'RED_TYPE'} eq "DHCP"){
	189
	190	&Header::openbox('100%', 'left', "RED $Lang::tr{'dhcp configuration'}");
	191	if (-s "${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info") {
	192
	193	&General::readhash("${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info", \%dhcpinfo);
	194
f4e869ff AH	195	my $DNS1=`echo $dhcpinfo{'domain_name_servers'} \| cut -f 1 -d " "`;
f4e869ff AH	196	my $DNS2=`echo $dhcpinfo{'domain_name_servers'} \| cut -f 2 -d " "`;
4e481c3a CS	197
	198	my $lsetme=0;
	199	my $leasetime="";
21d1c72e AF	200	if ($dhcpinfo{'dhcp_lease_time'} ne "") {
21d1c72e AF	201	$lsetme=$dhcpinfo{'dhcp_lease_time'};
4e481c3a CS	202	$lsetme=($lsetme/60);
	203
	204	if ($lsetme > 59) {
	205	$lsetme=($lsetme/60); $leasetime=$lsetme." Hour";
	206	}else{
	207	$leasetime=$lsetme." Minute";
	208	}
	209
	210	if ($lsetme > 1) {
	211	$leasetime=$leasetime."s";
	212	}
	213	}
	214
	215	my $rentme=0;
	216	my $rnwltime="";
	217
21d1c72e AF	218	if ($dhcpinfo{'dhcp_renewal_time'} ne "") {
21d1c72e AF	219	$rentme=$dhcpinfo{'dhcp_renewal_time'};
4e481c3a CS	220	$rentme=($rentme/60);
	221
	222	if ($rentme > 59){
	223	$rentme=($rentme/60); $rnwltime=$rentme." Hour";
	224	}else{
	225	$rnwltime=$rentme." Minute";
	226	}
	227
	228	if ($rentme > 1){
	229	$rnwltime=$rnwltime."s";
	230	}
	231	}
	232
	233	my $maxtme=0;
	234	my $maxtime="";
	235
21d1c72e AF	236	if ($dhcpinfo{'dhcp_rebinding_time'} ne "") {
21d1c72e AF	237	$maxtme=$dhcpinfo{'dhcp_rebinding_time'};
4e481c3a CS	238	$maxtme=($maxtme/60);
	239
	240	if ($maxtme > 59){
	241	$maxtme=($maxtme/60); $maxtime=$maxtme." Hour";
	242	} else {
	243	$maxtime=$maxtme." Minute";
	244	}
	245
	246	if ($maxtme > 1) {
	247	$maxtime=$maxtime."s";
	248	}
	249	}
	250
4e481c3a CS	251
4e481c3a CS	252	print <<END
21d1c72e AF	253	<table width='100%'>
	254	<tr><td width='30%'>$Lang::tr{'domain'}</td><td>$dhcpinfo{'domain_name'}</td></tr>
	255	<tr><td>$Lang::tr{'gateway'}</td><td>$dhcpinfo{'routers'}</td></tr>
4e481c3a CS	256	<tr><td>$Lang::tr{'primary dns'}</td><td>$DNS1</td></tr>
4e481c3a CS	257	<tr><td>$Lang::tr{'secondary dns'}</td><td>$DNS2</td></tr>
21d1c72e	258	<tr><td>$Lang::tr{'dhcp server'}</td><td>$dhcpinfo{'dhcp_server_identifier'}</td></tr>
4e481c3a CS	259	<tr><td>$Lang::tr{'def lease time'}</td><td>$leasetime</td></tr>
	260	<tr><td>$Lang::tr{'default renewal time'}</td><td>$rnwltime</td></tr>
	261	<tr><td>$Lang::tr{'max renewal time'}</td><td>$maxtime</td></tr>
	262	</table>
	263	END
	264	;
	265	}else{
	266	print "$Lang::tr{'no dhcp lease'}";
	267	}
	268	&Header::closebox();
	269	}
	270
	271	&Header::closebigbox();
	272	&Header::closepage();
ff5e4ef8 MT	273	}
	274
	275	sub check_dnssec($$) {
	276	my $nameserver = shift;
	277	my $record = shift;
	278
	279	my @command = ("dig", "+dnssec", $record, "\@$nameserver");
	280
	281	my @output = qx(@command);
	282	my $output = join("", @output);
	283
	284	my $status = 0;
	285	if ($output =~ m/status: (\w+)/) {
	286	$status = ($1 eq "NOERROR");
	287
	288	if (!$status) {
	289	return -1;
	290	}
	291	}
	292
	293	my @flags = ();
	294	if ($output =~ m/flags: (.*);/) {
	295	@flags = split(/ /, $1);
	296	}
	297
	298	my $aware = ($output =~ m/RRSIG/);
	299	my $validating = ("ad" ~~ @flags);
	300
	301	return $aware + $validating;
	302	}