]>
Commit | Line | Data |
---|---|---|
ac1cfefa MT |
1 | #!/usr/bin/perl |
2 | # | |
3 | # SmoothWall CGIs | |
4 | # | |
5 | # This code is distributed under the terms of the GPL | |
6 | # | |
7 | # (c) The SmoothWall Team | |
8 | # Copyright (c) 2002/04/13 Steve Bootes - Add destination IP support | |
9 | # | |
10 | # $Id: xtaccess.cgi,v 1.6.2.15 2005/03/05 08:44:32 eoberlander Exp $ | |
11 | # | |
12 | ||
13 | use strict; | |
14 | ||
15 | # enable only the following on debugging purpose | |
16 | #use warnings; | |
17 | #use CGI::Carp 'fatalsToBrowser'; | |
18 | ||
986e08d9 | 19 | require '/var/ipfire/general-functions.pl'; |
ac1cfefa MT |
20 | require "${General::swroot}/lang.pl"; |
21 | require "${General::swroot}/header.pl"; | |
22 | ||
23 | #workaround to suppress a warning when a variable is used only once | |
24 | my @dummy = ( ${Header::colouryellow} ); | |
25 | undef (@dummy); | |
26 | ||
27 | my %cgiparams=(); | |
28 | my %checked=(); | |
29 | my %selected=(); | |
30 | my $errormessage = ''; | |
31 | my $filename = "${General::swroot}/xtaccess/config"; | |
32 | my $aliasfile = "${General::swroot}/ethernet/aliases"; | |
33 | my $changed = 'no'; | |
34 | ||
f2fdd0c1 CS |
35 | my %color = (); |
36 | my %mainsettings = (); | |
37 | &General::readhash("${General::swroot}/main/settings", \%mainsettings); | |
38 | &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); | |
39 | ||
ac1cfefa MT |
40 | &Header::showhttpheaders(); |
41 | ||
42 | $cgiparams{'ENABLED'} = 'off'; | |
43 | $cgiparams{'ACTION'} = ''; | |
44 | $cgiparams{'SRC'} = ''; | |
45 | $cgiparams{'DEST_PORT'} = ''; | |
46 | $cgiparams{'REMARK'} =''; | |
47 | &Header::getcgihash(\%cgiparams); | |
48 | open(FILE, $filename) or die 'Unable to open config file.'; | |
49 | my @current = <FILE>; | |
50 | close(FILE); | |
51 | ||
52 | if ($cgiparams{'ACTION'} eq $Lang::tr{'add'}) | |
53 | { | |
54 | unless($cgiparams{'PROTOCOL'} =~ /^(tcp|udp)$/) { $errormessage = $Lang::tr{'invalid input'}; } | |
55 | unless(&General::validipormask($cgiparams{'SRC'})) | |
56 | { | |
57 | if ($cgiparams{'SRC'} ne '') { | |
58 | $errormessage = $Lang::tr{'source ip bad'}; } | |
59 | else { | |
60 | $cgiparams{'SRC'} = '0.0.0.0/0'; } | |
61 | } | |
62 | unless($errormessage){ $errormessage = &General::validportrange($cgiparams{'DEST_PORT'},'dst'); } | |
63 | if ( ! $errormessage) | |
64 | { | |
65 | $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'}); | |
66 | ||
67 | if($cgiparams{'EDITING'} eq 'no') { | |
68 | open(FILE,">>$filename") or die 'Unable to open config file.'; | |
69 | flock FILE, 2; | |
70 | print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n"; | |
71 | } else { | |
72 | open(FILE, ">$filename") or die 'Unable to open config file.'; | |
73 | flock FILE, 2; | |
74 | my $id = 0; | |
75 | foreach my $line (@current) | |
76 | { | |
77 | $id++; | |
78 | if ($cgiparams{'EDITING'} eq $id) { | |
79 | print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n"; | |
80 | } else { print FILE "$line"; } | |
81 | } | |
82 | } | |
83 | close(FILE); | |
84 | undef %cgiparams; | |
85 | $changed = 'yes'; | |
86 | &General::log($Lang::tr{'external access rule added'}); | |
87 | system('/usr/local/bin/setxtaccess'); | |
88 | } else { | |
89 | # stay on edit mode if an error occur | |
90 | if ($cgiparams{'EDITING'} ne 'no') | |
91 | { | |
92 | $cgiparams{'ACTION'} = $Lang::tr{'edit'}; | |
93 | $cgiparams{'ID'} = $cgiparams{'EDITING'}; | |
94 | } | |
95 | } | |
96 | } | |
97 | if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) | |
98 | { | |
99 | my $id = 0; | |
100 | open(FILE, ">$filename") or die 'Unable to open config file.'; | |
101 | flock FILE, 2; | |
102 | foreach my $line (@current) | |
103 | { | |
104 | $id++; | |
105 | unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; } | |
106 | } | |
107 | close(FILE); | |
108 | system('/usr/local/bin/setxtaccess'); | |
109 | &General::log($Lang::tr{'external access rule removed'}); | |
110 | } | |
111 | if ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) | |
112 | { | |
113 | open(FILE, ">$filename") or die 'Unable to open config file.'; | |
114 | flock FILE, 2; | |
115 | my $id = 0; | |
116 | foreach my $line (@current) | |
117 | { | |
118 | $id++; | |
119 | unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; } | |
120 | else | |
121 | { | |
122 | chomp($line); | |
123 | my @temp = split(/\,/,$line); | |
124 | print FILE "$temp[0],$temp[1],$temp[2],$cgiparams{'ENABLE'},$temp[4],$temp[5]\n"; | |
125 | } | |
126 | } | |
127 | close(FILE); | |
128 | system('/usr/local/bin/setxtaccess'); | |
129 | } | |
130 | if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) | |
131 | { | |
132 | my $id = 0; | |
133 | foreach my $line (@current) | |
134 | { | |
135 | $id++; | |
136 | if ($cgiparams{'ID'} eq $id) | |
137 | { | |
138 | chomp($line); | |
139 | my @temp = split(/\,/,$line); | |
140 | $cgiparams{'PROTOCOL'} = $temp[0]; | |
141 | $cgiparams{'SRC'} = $temp[1]; | |
142 | $cgiparams{'DEST_PORT'} = $temp[2]; | |
143 | $cgiparams{'ENABLED'} = $temp[3]; | |
144 | $cgiparams{'DEST'} = $temp[4]; | |
145 | $cgiparams{'REMARK'} = $temp[5]; | |
146 | } | |
147 | } | |
148 | } | |
149 | ||
150 | if ($cgiparams{'ACTION'} eq '') | |
151 | { | |
152 | $cgiparams{'PROTOCOL'} = 'tcp'; | |
153 | $cgiparams{'DEST'} = '0.0.0.0'; | |
154 | $cgiparams{'ENABLED'} = 'on'; | |
155 | } | |
156 | ||
157 | $selected{'PROTOCOL'}{'udp'} = ''; | |
158 | $selected{'PROTOCOL'}{'tcp'} = ''; | |
159 | $selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = "selected='selected'"; | |
160 | ||
161 | $selected{'DEST'}{$cgiparams{'DEST'}} = "selected='selected'"; | |
162 | ||
163 | $checked{'ENABLED'}{'off'} = ''; | |
164 | $checked{'ENABLED'}{'on'} = ''; | |
165 | $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'"; | |
166 | ||
167 | &Header::openpage($Lang::tr{'external access configuration'}, 1, ''); | |
168 | ||
169 | &Header::openbigbox('100%', 'left', '', $errormessage); | |
170 | ||
171 | if ($errormessage) { | |
172 | &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); | |
173 | print "<class name='base'>$errormessage\n"; | |
174 | print " </class>\n"; | |
175 | &Header::closebox(); | |
176 | } | |
177 | ||
178 | print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n"; | |
179 | ||
180 | my $buttontext = $Lang::tr{'add'}; | |
181 | if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) { | |
182 | &Header::openbox('100%', 'left', $Lang::tr{'edit a rule'}); | |
183 | $buttontext = $Lang::tr{'update'}; | |
184 | } else { | |
185 | &Header::openbox('100%', 'left', $Lang::tr{'add a new rule'}); | |
186 | } | |
187 | print <<END | |
188 | <table width='100%'> | |
189 | <tr> | |
190 | <td width='10%'> | |
191 | <select name='PROTOCOL'> | |
192 | <option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option> | |
193 | <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option> | |
194 | </select> | |
195 | </td> | |
196 | <td class='base'><font color='${Header::colourred}'>$Lang::tr{'source network'}</font></td> | |
197 | <td><input type='text' name='SRC' value='$cgiparams{'SRC'}' size='32' /></td> | |
198 | <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination port'}:</font></td> | |
199 | <td><input type='text' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td> | |
200 | </tr> | |
201 | </table> | |
202 | <table width='100%'> | |
203 | <tr> | |
204 | <td width='10%' class='base'>$Lang::tr{'enabled'}<input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td> | |
205 | <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination ip'}: </font> | |
206 | <select name='DEST'> | |
207 | <option value='0.0.0.0' $selected{'DEST'}{'0.0.0.0'}>DEFAULT IP</option> | |
208 | END | |
209 | ; | |
210 | ||
211 | open(ALIASES, "$aliasfile") or die 'Unable to open aliases file.'; | |
212 | while (<ALIASES>) | |
213 | { | |
214 | chomp($_); | |
215 | my @temp = split(/\,/,$_); | |
216 | if ($temp[1] eq 'on') { | |
217 | print "<option value='$temp[0]' $selected{'DEST'}{$temp[0]}>$temp[0]"; | |
218 | if (defined $temp[2] and ($temp[2] ne '')) { print " ($temp[2])"; } | |
219 | print "</option>\n"; | |
220 | } | |
221 | } | |
222 | close(ALIASES); | |
223 | print <<END | |
224 | </select> | |
225 | </td> | |
226 | </tr> | |
227 | </table> | |
228 | <table width='100%'> | |
229 | <tr> | |
230 | <td width ='10%' class='base'> | |
231 | <font class='boldbase'>$Lang::tr{'remark'}:</font> <img src='/blob.gif' alt='*' /> | |
232 | </td> | |
233 | <td width='65%'> | |
234 | <input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /> | |
235 | </td> | |
236 | <td width='25%' align='center'> | |
237 | <input type='hidden' name='ACTION' value='$Lang::tr{'add'}' /> | |
238 | <input type='submit' name='SUBMIT' value='$buttontext' /> | |
239 | </td> | |
240 | </tr> | |
241 | </table> | |
242 | <table width='100%'> | |
243 | <tr> | |
244 | <td class='base' width='30%'><img src='/blob.gif' alt ='*' align='top' /> <font class='base'>$Lang::tr{'this field may be blank'}</font> | |
245 | </td> | |
246 | </tr> | |
247 | </table> | |
248 | END | |
249 | ; | |
250 | if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) { | |
251 | print "<input type='hidden' name='EDITING' value='$cgiparams{'ID'}' />\n"; | |
252 | } else { | |
253 | print "<input type='hidden' name='EDITING' value='no' />\n"; | |
254 | } | |
255 | ||
256 | &Header::closebox(); | |
257 | print "</form>\n"; | |
258 | ||
259 | &Header::openbox('100%', 'left', $Lang::tr{'current rules'}); | |
260 | print <<END | |
261 | <table width='100%'> | |
262 | <tr> | |
263 | <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'proto'}</b></td> | |
264 | <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'source ip'}</b></td> | |
265 | <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'destination ip'}</b></td> | |
266 | <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'destination port'}</b></td> | |
267 | <td width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></td> | |
268 | <td width='5%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td> | |
269 | </tr> | |
270 | END | |
271 | ; | |
272 | ||
273 | # If something has happened re-read config | |
274 | if($cgiparams{'ACTION'} ne '' or $changed ne 'no') | |
275 | { | |
276 | open(FILE, $filename) or die 'Unable to open config file.'; | |
277 | @current = <FILE>; | |
278 | close(FILE); | |
279 | } | |
280 | my $id = 0; | |
281 | foreach my $line (@current) | |
282 | { | |
283 | $id++; | |
284 | chomp($line); | |
285 | my @temp = split(/\,/,$line); | |
286 | my $protocol = ''; | |
287 | my $gif = ''; | |
288 | my $gdesc = ''; | |
289 | my $toggle = ''; | |
290 | if ($temp[0] eq 'udp') { | |
291 | $protocol = 'UDP'; } | |
292 | else { | |
293 | $protocol = 'TCP' } | |
294 | if($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'ID'} eq $id) { | |
295 | print "<tr bgcolor='${Header::colouryellow}'>\n"; } | |
296 | elsif ($id % 2) { | |
f2fdd0c1 | 297 | print "<tr bgcolor='$color{'color22'}'>\n"; } |
ac1cfefa | 298 | else { |
f2fdd0c1 | 299 | print "<tr bgcolor='$color{'color20'}'>\n"; } |
ac1cfefa MT |
300 | if ($temp[3] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};} |
301 | else { $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; } | |
302 | if ($temp[1] eq '0.0.0.0/0') { | |
303 | $temp[1] = $Lang::tr{'caps all'}; } | |
304 | # catch for 'old-style' rules file - assume default ip if | |
305 | # none exists | |
306 | if (!&General::validip($temp[4]) || $temp[4] eq '0.0.0.0') { | |
307 | $temp[4] = 'DEFAULT IP'; } | |
308 | $temp[5] = '' unless defined $temp[5]; | |
309 | print <<END | |
310 | <td align='center'>$protocol</td> | |
311 | <td align='center'>$temp[1]</td> | |
312 | <td align='center'>$temp[4]</td> | |
313 | <td align='center'>$temp[2]</td> | |
314 | <td align='left'> $temp[5]</td> | |
315 | <td align='center'> | |
316 | <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'> | |
317 | <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' /> | |
318 | <input type='hidden' name='ID' value='$id' /> | |
319 | <input type='hidden' name='ENABLE' value='$toggle' /> | |
320 | <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' /> | |
321 | </form> | |
322 | </td> | |
323 | <td align='center'> | |
324 | <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'> | |
325 | <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' /> | |
326 | <input type='hidden' name='ID' value='$id' /> | |
327 | <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' /> | |
328 | </form> | |
329 | </td> | |
330 | <td align='center'> | |
331 | <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'> | |
332 | <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' /> | |
333 | <input type='hidden' name='ID' value='$id' /> | |
334 | <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' /> | |
335 | </form> | |
336 | </td> | |
337 | ||
338 | </tr> | |
339 | END | |
340 | ; | |
341 | } | |
342 | print "</table>\n"; | |
343 | ||
344 | # If the xt access file contains entries, print Key to action icons | |
345 | if ( ! -z "$filename") { | |
346 | print <<END | |
347 | <table> | |
348 | <tr> | |
349 | <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td> | |
350 | <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td> | |
351 | <td class='base'>$Lang::tr{'click to disable'}</td> | |
352 | <td> <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td> | |
353 | <td class='base'>$Lang::tr{'click to enable'}</td> | |
354 | <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td> | |
355 | <td class='base'>$Lang::tr{'edit'}</td> | |
356 | <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td> | |
357 | <td class='base'>$Lang::tr{'remove'}</td> | |
358 | </tr> | |
359 | </table> | |
360 | END | |
361 | ; | |
362 | } | |
363 | ||
364 | &Header::closebox(); | |
365 | ||
366 | &Header::closebigbox(); | |
367 | ||
368 | &Header::closepage(); |