]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - html/cgi-bin/zoneconf.cgi
projects / people / pmueller / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
zoneconf.cgi: Clean up HTML output
[people/pmueller/ipfire-2.x.git] / html / cgi-bin / zoneconf.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # VLAN Management for IPFire #
5 # Copyright (C) 2019 Florian Bührle <fbuehrle@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use strict;
23 use Scalar::Util qw(looks_like_number);
24
25 require '/var/ipfire/general-functions.pl';
26 require "${General::swroot}/lang.pl";
27 require "${General::swroot}/header.pl";
28
29 my $css = <<END
30 <style>
31 table {
32 width: 100%;
33 border-collapse: collapse;
34 table-layout: fixed;
35 }
36
37 tr {
38 height: 4em;
39 }
40
41 td.narrow {
42 width: 11em;
43 }
44
45 td {
46 padding: 5px;
47 padding-left: 10px;
48 padding-right: 10px;
49 border: 0.5px solid black;
50 }
51
52 td.slightlygrey {
53 background-color: #F0F0F0;
54 }
55
56 td.h {
57 background-color: grey;
58 color: white;
59 font-weight: 800;
60 }
61
62 td.green {
63 background-color: $Header::colourgreen;
64 }
65
66 td.red {
67 background-color: $Header::colourred;
68 }
69
70 td.blue {
71 background-color: $Header::colourblue;
72 }
73
74 td.orange {
75 background-color: $Header::colourorange;
76 }
77
78 td.topleft {
79 background-color: white;
80 border-top-style: none;
81 border-left-style: none;
82 }
83
84 td.textcenter {
85 text-align: center;
86 }
87
88 input.vlanid {
89 width: 4em;
90 }
91
92 #submit-container {
93 width: 100%;
94 padding-top: 20px;
95 text-align: right;
96 color: red;
97 }
98
99 #submit-container.input {
100 margin-left: auto;
101 }
102
103 button {
104 margin-top: 1em;
105 }
106 </style>
107 END
108 ;
109
110 my %ethsettings = ();
111 my %vlansettings = ();
112 my %cgiparams = ();
113
114 my $restart_notice = "";
115
116 &General::readhash("${General::swroot}/ethernet/settings",\%ethsettings);
117 &General::readhash("${General::swroot}/ethernet/vlans",\%vlansettings);
118
119 &Header::getcgihash(\%cgiparams);
120 &Header::showhttpheaders();
121
122 # Define all zones we will check for NIC assignment
123 my @zones = ("green", "red", "orange", "blue");
124
125 # Get all physical NICs present
126 opendir(my $dh, "/sys/class/net/");
127 my @nics = ();
128
129 while (my $nic = readdir($dh)) {
130 if (-e "/sys/class/net/$nic/device") { # Indicates that the NIC is physical
131 push(@nics, [&Network::get_nic_property($nic, "address"), $nic, 0]);
132 }
133 }
134
135 closedir($dh);
136
137 @nics = sort {$a->[0] cmp $b->[0]} @nics; # Sort nics by their MAC address
138
139 # Name the physical NICs
140 # Even though they may not be really named like this, we will name them ethX or wlanX
141 my $ethcount = 0;
142 my $wlancount = 0;
143
144 foreach (@nics) {
145 my $nic = $_->[1];
146
147 if (-e "/sys/class/net/$nic/wireless") {
148 $_->[1] = "wlan$wlancount";
149 $_->[2] = 1;
150 $wlancount++;
151 } else {
152 $_->[1] = "eth$ethcount";
153 $ethcount++;
154 }
155 }
156
157 &Header::openpage($Lang::tr{"zoneconf title"}, 1, $css);
158 &Header::openbigbox('100%', 'center');
159
160 ### Evaluate POST parameters ###
161
162 if ($cgiparams{"ACTION"} eq $Lang::tr{"save"}) {
163 my %VALIDATE_nic_check = ();
164 my $VALIDATE_error = "";
165
166 foreach (@zones) {
167 my $uc = uc $_;
168 my $slave_string = "";
169 my $zone_mode = $cgiparams{"MODE $uc"};
170 my $VALIDATE_vlancount = 0;
171 my $VALIDATE_zoneslaves = 0;
172
173 $ethsettings{"${uc}_MACADDR"} = "";
174 $ethsettings{"${uc}_MODE"} = "";
175 $ethsettings{"${uc}_SLAVES"} = "";
176 $vlansettings{"${uc}_PARENT_DEV"} = "";
177 $vlansettings{"${uc}_VLAN_ID"} = "";
178 $vlansettings{"${uc}_MAC_ADDRESS"} = "";
179
180 # If RED is not in DHCP or static mode, we only set its MACADDR property
181 if ($uc eq "RED" && ! $cgiparams{"PPPACCESS"} eq "") {
182 foreach (@nics) {
183 my $mac = $_->[0];
184
185 if ($mac eq $cgiparams{"PPPACCESS"}) {
186 $ethsettings{"${uc}_MACADDR"} = $mac;
187
188 # Check if this interface is already accessed by any other zone
189 # If this is the case, show an error message
190 if ($VALIDATE_nic_check{"ACC $mac"}) {
191 $VALIDATE_error = $Lang::tr{"zoneconf val ppp assignment error"};
192 }
193
194 $VALIDATE_nic_check{"RESTRICT $mac"} = 1;
195 last;
196 }
197 }
198
199 next;
200 }
201
202 foreach (@nics) {
203 my $mac = $_->[0];
204 my $nic_access = $cgiparams{"ACCESS $uc $mac"};
205
206 next unless ($nic_access);
207
208 if ($nic_access ne "NONE") {
209 if ($VALIDATE_nic_check{"RESTRICT $mac"}) { # If this interface is already assigned to RED in PPP mode, throw an error
210 $VALIDATE_error = $Lang::tr{"zoneconf val ppp assignment error"};
211 last;
212 }
213
214 if ($zone_mode ne "BRIDGE" && $VALIDATE_zoneslaves > 0 && $nic_access ne "") {
215 $VALIDATE_error = $Lang::tr{"zoneconf val zoneslave amount error"};
216 last;
217 }
218
219 $VALIDATE_nic_check{"ACC $mac"} = 1;
220 $VALIDATE_zoneslaves++;
221 }
222
223 if ($nic_access eq "NATIVE") {
224 if ($VALIDATE_nic_check{"NATIVE $mac"}) {
225 $VALIDATE_error = $Lang::tr{"zoneconf val native assignment error"};
226 last;
227 }
228
229 $VALIDATE_nic_check{"NATIVE $mac"} = 1;
230
231 if ($zone_mode eq "BRIDGE") {
232 $slave_string = "${slave_string}${mac} ";
233 } else {
234 $ethsettings{"${uc}_MACADDR"} = $mac;
235 }
236 } elsif ($nic_access eq "VLAN") {
237 my $vlan_tag = $cgiparams{"TAG $uc $mac"};
238
239 if ($VALIDATE_nic_check{"VLAN $mac $vlan_tag"}) {
240 $VALIDATE_error = $Lang::tr{"zoneconf val vlan tag assignment error"};
241 last;
242 }
243
244 $VALIDATE_nic_check{"VLAN $mac $vlan_tag"} = 1;
245
246 if (! looks_like_number($vlan_tag)) {
247 last;
248 }
249 if ($vlan_tag < 1 || $vlan_tag > 4095) {
250 last;
251 }
252
253 my $rnd_mac = &Network::random_mac();
254
255 $vlansettings{"${uc}_PARENT_DEV"} = $mac;
256 $vlansettings{"${uc}_VLAN_ID"} = $vlan_tag;
257 $vlansettings{"${uc}_MAC_ADDRESS"} = $rnd_mac;
258
259 if ($zone_mode eq "BRIDGE") {
260 $slave_string = "${slave_string}${rnd_mac} ";
261 }
262
263 $VALIDATE_vlancount++; # We can't allow more than one VLAN per zone
264 }
265 }
266
267 if ($VALIDATE_vlancount > 1) {
268 $VALIDATE_error = $Lang::tr{"zoneconf val vlan amount assignment error"};
269 last;
270 }
271
272 chop($slave_string);
273
274 if ($zone_mode eq "BRIDGE") {
275 $ethsettings{"${uc}_MODE"} = "bridge";
276 $ethsettings{"${uc}_SLAVES"} = $slave_string;
277 } elsif ($zone_mode eq "MACVTAP") {
278 $ethsettings{"${uc}_MODE"} = "macvtap";
279 }
280 }
281
282 if ($VALIDATE_error) {
283 &Header::openbox('100%', 'left', $Lang::tr{"error"});
284
285 print "$VALIDATE_error<br><a href='/cgi-bin/zoneconf.cgi'><button>$Lang::tr{'ok'}</button></a>";
286
287 &Header::closebox();
288 &Header::closebigbox();
289 &Header::closepage();
290
291 exit 0;
292 }
293
294 &General::writehash("${General::swroot}/ethernet/settings",\%ethsettings);
295 &General::writehash("${General::swroot}/ethernet/vlans",\%vlansettings);
296
297 $restart_notice = $Lang::tr{'zoneconf notice reboot'};
298 }
299
300 &Header::openbox('100%', 'left', $Lang::tr{"zoneconf nic assignment"});
301
302 ### START OF TABLE ###
303
304 print <<END
305 <form method='post' enctype='multipart/form-data'>
306 <table>
307 <tr>
308 <td class="h narrow topleft"></td>
309 END
310 ;
311
312 # Fill the table header with all activated zones
313 foreach (@zones) {
314 my $uc = uc $_;
315 my $dev_name = $ethsettings{"${uc}_DEV"};
316
317 if ($dev_name eq "") { # If the zone is not activated, don't show it
318 next;
319 }
320
321 # If the zone is in PPP mode, don't show a mode dropdown
322 if ($uc eq "RED") {
323 my $red_type = $ethsettings{"RED_TYPE"};
324 my $red_restricted = ($uc eq "RED" && ! ($red_type eq "STATIC" || $red_type eq "DHCP"));
325
326 if ($red_restricted) {
327 print "\t\t<td class='h textcenter $_'>$uc ($red_type)</td>\n";
328
329 next; # We're done here
330 }
331 }
332
333 my %mode_selected = ();
334 my $zone_mode = $ethsettings{"${uc}_MODE"};
335
336 if ($zone_mode eq "") {
337 $mode_selected{"DEFAULT"} = "selected";
338 } elsif ($zone_mode eq "bridge") {
339 $mode_selected{"BRIDGE"} = "selected";
340 } elsif ($zone_mode eq "macvtap") {
341 $mode_selected{"MACVTAP"} = "selected";
342 }
343
344 print <<END
345 <td class='h textcenter $_'>$uc<br>
346 <select name="MODE $uc">
347 <option value="DEFAULT" $mode_selected{"DEFAULT"}>$Lang::tr{"zoneconf nicmode default"}</option>
348 <option value="BRIDGE" $mode_selected{"BRIDGE"}>$Lang::tr{"zoneconf nicmode bridge"}</option>
349 <option value="MACVTAP" $mode_selected{"MACVTAP"}>$Lang::tr{"zoneconf nicmode macvtap"}</option>
350 </select>
351 </td>
352 END
353 ;
354 }
355
356 print "\t</tr>\n";
357
358 my $slightlygrey = "";
359
360 foreach (@nics) {
361 my $mac = $_->[0];
362 my $nic = $_->[1];
363 my $wlan = $_->[2];
364
365 print "\t<tr>\n";
366 print "\t\t<td class='h narrow textcenter'>$nic<br>$mac</td>\n";
367
368 # Iterate through all zones and check if the current NIC is assigned to it
369 foreach (@zones) {
370 my $uc = uc $_;
371 my $dev_name = $ethsettings{"${uc}_DEV"};
372
373 if ($dev_name eq "") { # Again, skip the zone if it is not activated
374 next;
375 }
376
377 if ($uc eq "RED") {
378 my $red_type = $ethsettings{"RED_TYPE"};
379 my $red_restricted = ($uc eq "RED" && ! ($red_type eq "STATIC" || $red_type eq "DHCP"));
380
381 # VLANs/Bridging is not possible if the RED interface is set to PPP, PPPoE, VDSL, ...
382 if ($red_restricted) {
383 my $checked = "";
384
385 if ($mac eq $ethsettings{"${uc}_MACADDR"}) {
386 $checked = "checked";
387 }
388
389 print <<END
390 <td class="textcenter $slightlygrey">
391 <input type="radio" id="PPPACCESS $mac" name="PPPACCESS" value="$mac" $checked>
392 </td>
393 END
394 ;
395 next; # We're done here
396 }
397 }
398
399 my %access_selected = ();
400 my $zone_mode = $ethsettings{"${uc}_MODE"};
401 my $zone_parent_dev = $vlansettings{"${uc}_PARENT_DEV"}; # ZONE_PARENT_DEV is set if this zone accesses any interface via a VLAN
402 my $field_disabled = "disabled"; # Only enable the VLAN ID input field if the current access mode is VLAN
403 my $zone_vlan_id = "";
404
405 # If ZONE_PARENT_DEV is set to a NICs name (e.g. green0 or eth0) instead of a MAC address, we have to find out this NICs MAC address
406 $zone_parent_dev = &Network::get_mac_by_name($zone_parent_dev);
407
408 # If the current NIC is accessed by the current zone via a VLAN, the ZONE_PARENT_DEV option corresponds to the current NIC
409 if ($mac eq $zone_parent_dev) {
410 $access_selected{"VLAN"} = "selected";
411 $field_disabled = "";
412 $zone_vlan_id = $vlansettings{"${uc}_VLAN_ID"};
413 } elsif ($zone_mode eq "bridge") { # If the current zone is in bridge mode, all corresponding NICs (Native as well as VLAN) are set via the ZONE_SLAVES option
414 my @slaves = split(/ /, $ethsettings{"${uc}_SLAVES"});
415
416 foreach (@slaves) {
417 # Slaves can be set to a NICs name so we have to find out its MAC address
418 $_ = &Network::get_mac_by_name($_);
419
420 if ($_ eq $mac) {
421 $access_selected{"NATIVE"} = "selected";
422 last;
423 }
424 }
425 } elsif ($mac eq $ethsettings{"${uc}_MACADDR"}) { # Native access via ZONE_MACADDR is only set if the zone does not access a NIC via a VLAN and the zone is not in bridge mode
426 $access_selected{"NATIVE"} = "selected";
427 }
428
429 $access_selected{"NONE"} = ($access_selected{"NATIVE"} eq "") && ($access_selected{"VLAN"} eq "") ? "selected" : "";
430 my $vlan_disabled = ($wlan) ? "disabled" : "";
431
432 print <<END
433 <td class="textcenter $slightlygrey">
434 <select name="ACCESS $uc $mac" onchange="document.getElementById('TAG $uc $mac').disabled = (this.value === 'VLAN' ? false : true)">
435 <option value="NONE" $access_selected{"NONE"}>- $Lang::tr{"zoneconf access none"} -</option>
436 <option value="NATIVE" $access_selected{"NATIVE"}>$Lang::tr{"zoneconf access native"}</option>
437 <option value="VLAN" $access_selected{"VLAN"} $vlan_disabled>$Lang::tr{"zoneconf access vlan"}</option>
438 </select>
439 <input type="number" class="vlanid" id="TAG $uc $mac" name="TAG $uc $mac" min="1" max="4095" value="$zone_vlan_id" $field_disabled>
440 </td>
441 END
442 ;
443 }
444
445 print "\t</tr>\n";
446
447 if ($slightlygrey) {
448 $slightlygrey = "";
449 } else {
450 $slightlygrey = "slightlygrey";
451 }
452 }
453
454 print <<END
455 </table>
456
457 <div id="submit-container">
458 $restart_notice
459 <input type="submit" name="ACTION" value="$Lang::tr{"save"}">
460 </div>
461 </form>
462 END
463 ;
464
465 ### END OF TABLE ###
466
467 &Header::closebox();
468 &Header::closebigbox();
469 &Header::closepage();
Peter's tree of IPFire 2.x