-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2013 Alexander Marx <amarx@ipfire.org> #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-# #
-#This script converts old xtaccess rules to new firewall #
-#Logfiles are created under /var/log/converters #
-# #
-###############################################################################
-my @current=();
-my @alias=();
-my %configinputfw=();
-require '/var/ipfire/general-functions.pl';
-my $xtaccessconfig = "${General::swroot}/xtaccess/config";
-my $inputfwconfig = "${General::swroot}/forward/input";
-my $aliasconfig = "${General::swroot}/ethernet/aliases";
-my $field0='ACCEPT';
-my $field1='INPUTFW';
-my $field2=''; #ON or emtpy
-my $field3=''; #std_net_src or src_addr
-my $field4=''; #ALL or IP-Address with /32
-my $field5='ipfire';
-my $field6=''; #Default IP or alias name
-my $field11='ON'; #use target port
-my $field12=''; #TCP or UDP
-my $field13='All ICMP-Types';
-my $field14='TGT_PORT';
-my $field15=''; #Port Number
-my $field16=''; #remark
-my $field26='00:00';
-my $field27='00:00';
-my $field28 = '';
-my $field29 = 'ALL';
-my $field30 = '';
-my $field31 = 'dnat';
-open(FILE, $xtaccessconfig) or die 'Unable to open config file.';
-my @current = <FILE>;
-close(FILE);
-open(FILE1, $aliasconfig) or die 'Unable to open config file.';
-my @alias = <FILE1>;
-close(FILE1);
-&General::readhasharray($inputfwconfig,\%configinputfw);
-
-foreach my $line (@current){
- my ($a,$b,$c,$d,$e,$f) = split (",",$line);
- $e =~ s/\R//g;
- if ($f gt ''){
- $f =~ s/\R//g;
- $field16=$f;
- }
- #active or not
- $field2=uc($d);
- #get protocol
- if ($a eq 'tcp'){ $field12 ='TCP';}else{$field12='UDP';}
- #check source address
- if ($b eq '0.0.0.0/0'){
- $field3='std_net_src';
- $field4='ALL';
- }elsif($b =~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
- $field3='src_addr';
- $field4=$b."/32";
- }elsif ($b =~ /^(.*?)\/(.*?)$/) {
- $field3='src_addr';
- $field4=$b;
- }else{
- print "Regel konnte nicht konvertiert werden!\n";
- }
- #check ipfire address
- if ($e eq '0.0.0.0'){
- $field6 = 'RED1';
- }else{
- foreach my $line (@alias){
- my ($ip,$state,$aliasname) = split (",",$line);
- if ($ip eq $e){
- $aliasname =~ s/\R//g;
- $field6 = $aliasname;
- }
- }
- }
- #get target port
- $c=~ s/\R//g;
- $c=~ tr/-/:/;
- if ($c =~ /^(\D)\:(\d+)$/) {
- $c = "1:$2";
- }
- if ($c =~ /^(\d+)\:(\D)$/) {
- $c = "$1:65535";
- }
- $field15=$c;
- my $key = &General::findhasharraykey (\%configinputfw);
- foreach my $i (0 .. 31) { $configinputfw{$key}[$i] = "";}
- $configinputfw{$key}[0] = $field0;
- $configinputfw{$key}[1] = $field1;
- $configinputfw{$key}[2] = $field2;
- $configinputfw{$key}[3] = $field3;
- $configinputfw{$key}[4] = $field4;
- $configinputfw{$key}[5] = $field5;
- $configinputfw{$key}[6] = $field6;
- $configinputfw{$key}[7] = '';
- $configinputfw{$key}[8] = '';
- $configinputfw{$key}[9] = '';
- $configinputfw{$key}[10] = '';
- $configinputfw{$key}[11] = $field11;
- $configinputfw{$key}[12] = $field12;
- $configinputfw{$key}[13] = $field13;
- $configinputfw{$key}[14] = $field14;
- $configinputfw{$key}[15] = $field15;
- $configinputfw{$key}[16] = $field16;
- $configinputfw{$key}[17] = '';
- $configinputfw{$key}[18] = '';
- $configinputfw{$key}[19] = '';
- $configinputfw{$key}[20] = '';
- $configinputfw{$key}[21] = '';
- $configinputfw{$key}[22] = '';
- $configinputfw{$key}[23] = '';
- $configinputfw{$key}[24] = '';
- $configinputfw{$key}[25] = '';
- $configinputfw{$key}[26] = $field26;
- $configinputfw{$key}[27] = $field27;
- $configinputfw{$key}[28] = $field28;
- $configinputfw{$key}[29] = $field29;
- $configinputfw{$key}[30] = $field30;
- $configinputfw{$key}[31] = $field31;
- &General::writehasharray($inputfwconfig,\%configinputfw);
-}