[people/teissler/ipfire-2.x.git] / config / forwardfw / convert-xtaccess

#!/usr/bin/perl
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2013 Alexander Marx <amarx@ipfire.org>                        #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################
#                                                                             #
#This script converts old xtaccess rules to new firewall                      #
#Logfiles are created under /var/log/converters                               #
#                                                                             #
###############################################################################
my @current=();
my @alias=();
my %configinputfw=();
require '/var/ipfire/general-functions.pl';
my $xtaccessconfig 	= "${General::swroot}/xtaccess/config";
my $inputfwconfig = "${General::swroot}/forward/input";
my $aliasconfig 	= "${General::swroot}/ethernet/aliases";
my $field0='ACCEPT';
my $field1='INPUTFW';
my $field2=''; #ON or emtpy
my $field3=''; #std_net_src or src_addr
my $field4=''; #ALL or IP-Address with /32
my $field5='ipfire';
my $field6=''; #Default IP or alias name
my $field11='ON'; #use target port 
my $field12=''; #TCP or UDP
my $field13='All ICMP-Types';
my $field14='TGT_PORT';
my $field15=''; #Port Number
my $field16=''; #remark
my $field26='00:00';
my $field27='00:00';
my $field28 = '';
my $field29 = 'ALL';
my $field30 = '';
my $field31 = 'dnat';
open(FILE, $xtaccessconfig) or die 'Unable to open config file.';
my @current = <FILE>;
close(FILE);
open(FILE1, $aliasconfig) or die 'Unable to open config file.';
my @alias = <FILE1>;
close(FILE1);
&General::readhasharray($inputfwconfig,\%configinputfw);

foreach my $line (@current){
	my ($a,$b,$c,$d,$e,$f) = split (",",$line);
	$e =~ s/\R//g;
	if ($f gt ''){
		$f =~ s/\R//g;
		$field16=$f;
	}
	#active or not
	$field2=uc($d);
	#get protocol
	if ($a eq 'tcp'){ $field12 ='TCP';}else{$field12='UDP';}
	#check source address
	if ($b eq '0.0.0.0/0'){
		$field3='std_net_src';
		$field4='ALL';
	}elsif($b =~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
		$field3='src_addr';
		$field4=$b."/32";
	}elsif ($b =~ /^(.*?)\/(.*?)$/) {
		$field3='src_addr';
		$field4=$b;
	}else{
		print "Regel konnte nicht konvertiert werden!\n";
	}
	#check ipfire address
	if ($e eq '0.0.0.0'){ 
		$field6 = 'RED1';
	}else{
		foreach my $line (@alias){
			my ($ip,$state,$aliasname) = split (",",$line);
			if ($ip eq $e){
				$aliasname =~ s/\R//g; 
				$field6 = $aliasname;
			}
		}
	}
	#get target port
	$c=~ s/\R//g;
	$c=~ tr/-/:/;
	if ($c =~ /^(\D)\:(\d+)$/) {
		$c = "1:$2";
	}
	if ($c =~ /^(\d+)\:(\D)$/) {
		$c = "$1:65535";
	}
	$field15=$c;
	my $key = &General::findhasharraykey (\%configinputfw);
	foreach my $i (0 .. 31) { $configinputfw{$key}[$i] = "";}
	$configinputfw{$key}[0] = $field0;
	$configinputfw{$key}[1] = $field1;
	$configinputfw{$key}[2] = $field2;
	$configinputfw{$key}[3] = $field3;
	$configinputfw{$key}[4] = $field4;
	$configinputfw{$key}[5] = $field5;
	$configinputfw{$key}[6] = $field6;
	$configinputfw{$key}[7] = '';
	$configinputfw{$key}[8] = '';
	$configinputfw{$key}[9] = '';
	$configinputfw{$key}[10] = '';
	$configinputfw{$key}[11] = $field11;
	$configinputfw{$key}[12] = $field12;
	$configinputfw{$key}[13] = $field13;
	$configinputfw{$key}[14] = $field14;
	$configinputfw{$key}[15] = $field15;
	$configinputfw{$key}[16] = $field16;
	$configinputfw{$key}[17] = '';
	$configinputfw{$key}[18] = '';
	$configinputfw{$key}[19] = '';
	$configinputfw{$key}[20] = '';
	$configinputfw{$key}[21] = '';
	$configinputfw{$key}[22] = '';
	$configinputfw{$key}[23] = '';
	$configinputfw{$key}[24] = '';
	$configinputfw{$key}[25] = '';
	$configinputfw{$key}[26] = $field26;
	$configinputfw{$key}[27] = $field27;
	$configinputfw{$key}[28] = $field28;
	$configinputfw{$key}[29] = $field29;
	$configinputfw{$key}[30] = $field30;
	$configinputfw{$key}[31] = $field31;
	&General::writehasharray($inputfwconfig,\%configinputfw);
}
Commit	Line	Data
27f4a6b1	1	#!/usr/bin/perl
dc21519f AM	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
5bee9a9d	5	# Copyright (C) 2013 Alexander Marx <amarx@ipfire.org> #
dc21519f AM	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
dc21519f AM	21	# #
	22	#This script converts old xtaccess rules to new firewall #
	23	#Logfiles are created under /var/log/converters #
	24	# #
	25	###############################################################################
27f4a6b1 AM	26	my @current=();
	27	my @alias=();
	28	my %configinputfw=();
	29	require '/var/ipfire/general-functions.pl';
	30	my $xtaccessconfig = "${General::swroot}/xtaccess/config";
	31	my $inputfwconfig = "${General::swroot}/forward/input";
	32	my $aliasconfig = "${General::swroot}/ethernet/aliases";
	33	my $field0='ACCEPT';
	34	my $field1='INPUTFW';
	35	my $field2=''; #ON or emtpy
	36	my $field3=''; #std_net_src or src_addr
	37	my $field4=''; #ALL or IP-Address with /32
	38	my $field5='ipfire';
	39	my $field6=''; #Default IP or alias name
	40	my $field11='ON'; #use target port
	41	my $field12=''; #TCP or UDP
	42	my $field13='All ICMP-Types';
	43	my $field14='TGT_PORT';
	44	my $field15=''; #Port Number
	45	my $field16=''; #remark
	46	my $field26='00:00';
	47	my $field27='00:00';
ac9e77e3 AM	48	my $field28 = '';
	49	my $field29 = 'ALL';
	50	my $field30 = '';
	51	my $field31 = 'dnat';
27f4a6b1 AM	52	open(FILE, $xtaccessconfig) or die 'Unable to open config file.';
	53	my @current = <FILE>;
	54	close(FILE);
	55	open(FILE1, $aliasconfig) or die 'Unable to open config file.';
	56	my @alias = <FILE1>;
	57	close(FILE1);
	58	&General::readhasharray($inputfwconfig,\%configinputfw);
	59
	60	foreach my $line (@current){
	61	my ($a,$b,$c,$d,$e,$f) = split (",",$line);
	62	$e =~ s/\R//g;
	63	if ($f gt ''){
	64	$f =~ s/\R//g;
	65	$field16=$f;
	66	}
	67	#active or not
	68	$field2=uc($d);
	69	#get protocol
	70	if ($a eq 'tcp'){ $field12 ='TCP';}else{$field12='UDP';}
	71	#check source address
	72	if ($b eq '0.0.0.0/0'){
	73	$field3='std_net_src';
	74	$field4='ALL';
	75	}elsif($b =~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
	76	$field3='src_addr';
	77	$field4=$b."/32";
	78	}elsif ($b =~ /^(.?)\/(.?)$/) {
	79	$field3='src_addr';
	80	$field4=$b;
	81	}else{
	82	print "Regel konnte nicht konvertiert werden!\n";
	83	}
	84	#check ipfire address
	85	if ($e eq '0.0.0.0'){
fb0ce575	86	$field6 = 'RED1';
27f4a6b1 AM	87	}else{
	88	foreach my $line (@alias){
	89	my ($ip,$state,$aliasname) = split (",",$line);
	90	if ($ip eq $e){
	91	$aliasname =~ s/\R//g;
	92	$field6 = $aliasname;
	93	}
	94	}
	95	}
	96	#get target port
	97	$c=~ s/\R//g;
	98	$c=~ tr/-/:/;
	99	if ($c =~ /^(\D)\:(\d+)$/) {
	100	$c = "1:$2";
	101	}
	102	if ($c =~ /^(\d+)\:(\D)$/) {
	103	$c = "$1:65535";
	104	}
	105	$field15=$c;
27f4a6b1	106	my $key = &General::findhasharraykey (\%configinputfw);
ac9e77e3	107	foreach my $i (0 .. 31) { $configinputfw{$key}[$i] = "";}
27f4a6b1 AM	108	$configinputfw{$key}[0] = $field0;
	109	$configinputfw{$key}[1] = $field1;
	110	$configinputfw{$key}[2] = $field2;
	111	$configinputfw{$key}[3] = $field3;
	112	$configinputfw{$key}[4] = $field4;
	113	$configinputfw{$key}[5] = $field5;
	114	$configinputfw{$key}[6] = $field6;
	115	$configinputfw{$key}[7] = '';
	116	$configinputfw{$key}[8] = '';
	117	$configinputfw{$key}[9] = '';
	118	$configinputfw{$key}[10] = '';
	119	$configinputfw{$key}[11] = $field11;
	120	$configinputfw{$key}[12] = $field12;
	121	$configinputfw{$key}[13] = $field13;
	122	$configinputfw{$key}[14] = $field14;
	123	$configinputfw{$key}[15] = $field15;
	124	$configinputfw{$key}[16] = $field16;
	125	$configinputfw{$key}[17] = '';
	126	$configinputfw{$key}[18] = '';
	127	$configinputfw{$key}[19] = '';
	128	$configinputfw{$key}[20] = '';
	129	$configinputfw{$key}[21] = '';
	130	$configinputfw{$key}[22] = '';
	131	$configinputfw{$key}[23] = '';
	132	$configinputfw{$key}[24] = '';
	133	$configinputfw{$key}[25] = '';
	134	$configinputfw{$key}[26] = $field26;
	135	$configinputfw{$key}[27] = $field27;
ac9e77e3 AM	136	$configinputfw{$key}[28] = $field28;
	137	$configinputfw{$key}[29] = $field29;
	138	$configinputfw{$key}[30] = $field30;
	139	$configinputfw{$key}[31] = $field31;
27f4a6b1 AM	140	&General::writehasharray($inputfwconfig,\%configinputfw);
27f4a6b1 AM	141	}