]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/blame_incremental - html/cgi-bin/iptables.cgi
Forward Firewall: deleted configfile "nat" in ovpnmain.cgi for portfw check. File...
[people/teissler/ipfire-2.x.git] / html / cgi-bin / iptables.cgi
... / ...
CommitLineData
1#!/usr/bin/perl
2###############################################################################
3# #
4# IPFire.org - A linux based firewall #
5# Copyright (C) 2010 IPFire Team #
6# #
7# This program is free software: you can redistribute it and/or modify #
8# it under the terms of the GNU General Public License as published by #
9# the Free Software Foundation, either version 3 of the License, or #
10# (at your option) any later version. #
11# #
12# This program is distributed in the hope that it will be useful, #
13# but WITHOUT ANY WARRANTY; without even the implied warranty of #
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15# GNU General Public License for more details. #
16# #
17# You should have received a copy of the GNU General Public License #
18# along with this program. If not, see <http://www.gnu.org/licenses/>. #
19# #
20###############################################################################
21
22require '/var/ipfire/general-functions.pl';
23require "${General::swroot}/lang.pl";
24require "${General::swroot}/header.pl";
25
26#use warnings;
27#use CGI::Carp 'fatalsToBrowser';
28
29my $debug = 0;
30my @iplines;
31my $string = "";
32my $lines = 0;
33my @ipmanlines;
34my $manlines = 0;
35my @ipnatlines;
36my $natlines = 0;
37my %chains;
38my %chainsman;
39my %chainsnat;
40my $chainname;
41my $selectedchain;
42my %netsettings = ();
43my %cgiparams=();
44
45&Header::getcgihash(\%cgiparams);
46
47system('/usr/local/bin/getipstat');
48
49&Header::showhttpheaders();
50&Header::openpage($Lang::tr{'ipts'}, 1, '');
51&Header::openbigbox('100%', 'LEFT');
52
53# This debug is used to see what inputs are done via the cgi and
54# what parameters are to be executed
55
56if ( $debug ){
57 &Header::openbox('100%', 'center', 'DEBUG');
58 my $debugCount = 0;
59 foreach my $line (sort keys %cgiparams) {
60 print "$line = '$cgiparams{$line}'<br />\n";
61 $debugCount++;
62 }
63 print "&nbsp;Count: $debugCount\n";
64 &Header::closebox();
65}
66
67&Header::openbox('100%', 'LEFT', $Lang::tr{'ipts'}.':');
68
69# If the cgi is called the first time the default chain is
70# used, otherwise if user selected a chains in the selectboxes
71# those one are displayed, it is possible to change all 3 at
72# the same time
73
74if ( $cgiparams{'selectedchain'} ne "" ){
75 my @multi = split(/\|/,$cgiparams{'selectedchain'});
76 $selectedchain = $multi[0];
77} else {
78 $selectedchain = "INPUT";
79}
80
81print <<END
82
83<DIV align='left'>
84END
85;
86
87# We´ll open the txt files and extract each line, if the line
88# start with an Chain the the name, start- and endline of the
89# chain is extracted into a hash
90
91 open (FILE, '/srv/web/ipfire/html/iptables.txt');
92 while (<FILE>){
93
94 $iplines[$lines] = $_;
95
96 if ( $_ =~ /^Chain/ ){
97
98 my @chainstring = split(/ /,$_);
99
100 if ( $chainname ne "" ){
101 $chains{$chainname."end"} = $lines-2;
102 }
103
104 $chainname = $chainstring[1];
105 $chains{$chainname."start"} = $lines;
106 }
107
108 $lines++;
109
110 }
111 $chains{$chainname."end"} = $lines-1;
112 close (FILE);
113
114# now the chain hash is extracted to get the correct name of the chain
115# all chains are displayed as a select box and can be choosen for display
116# after this all corresponding lines for the chain are extraced and seperated
117# into table rows, sometimes we need to handle leading blank so the offset is
118# needed, some lines need to chomp trailing seperators. The interfaces and
119# network addresses should be colorized by an extra function to make a nice
120# colored gui
121
122 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
123 foreach (sort(keys(%chains))){
124
125 if ( $_ =~ /end$/ ){
126 next;
127 } else {
128 $_ =~ s/start$//gi;
129 }
130
131 print " <option value='".$_;
132 if ( $_ eq $selectedchain ){
133 print "' selected='selected' >".$_."</option>\n";
134 } else {
135 print "'>".$_."</option>\n";
136 }
137 }
138 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
139
140 $string = $iplines[$chains{$selectedchain."start"}];
141 $string =~ s/\s$//gi;
142
143 print "<strong>".$string."</strong><br />\n\n";
144 print "<table width='100%' cellspacing='1'>\n<tr>\n";
145 foreach (split(/ +/,$iplines[$chains{$selectedchain."start"}+1])){
146 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
147 print " <th align='left'><strong>".$_."</strong></th>\n";
148 }
149
150 print "</tr>\n";
151
152 print "<tr>\n";
153 print " <td width='0'></td>\n <td width='35'></td>\n <td width='35'></td>\n";
154 print " <td width='130'></td>\n <td width='30'></td>\n";
155 print " <td width='30'></td>\n <td width='40'></td>\n";
156 print " <td width='40'></td>\n <td width='95'></td>\n";
157 print " <td width='95'></td>\n <td width='260'></td>\n";
158 print "</tr>\n";
159
160
161 for(my $i = $chains{$selectedchain."start"}+2; $i <= $chains{$selectedchain."end"}; $i++) {
162 print "<tr>\n";
163
164 my @iptablesline = split(/ +/,$iplines[$i]);
165 my $offset=0;
166
167 if ( $iptablesline[0] eq "" ){
168 $offset=1;
169 }
170
171 print " <td></td>\n <td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
172 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
173 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header::colorize($iptablesline[5+$offset])."</td>\n";
174 print " <td>".&Header::colorize($iptablesline[6+$offset])."</td>\n";
175 print " <td>".&Header::colorize($iptablesline[7+$offset])."</td>\n";
176 print " <td>".&Header::colorize($iptablesline[8+$offset])."</td>\n <td>";
177
178 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
179 $string = $iptablesline[$i];
180 $string =~ s/\s$//gi;
181 print " ".$string;
182 }
183 print "</td>\n</tr>\n";
184 }
185print "</table></DIV><br />";
186&Header::closebox();
187
188## MANGLE
189&Header::openbox('100%', 'LEFT', $Lang::tr{'iptmangles'}.':');
190
191# If the cgi is called the first time the default chain is
192# used, otherwise if user selected a chains in the selectboxes
193# those one are displayed, it is possible to change all 3 at
194# the same time
195
196if ( $cgiparams{'selectedchain'} ne "" ){
197 my @multi = split(/\|/,$cgiparams{'selectedchain'});
198 $selectedchain = $multi[1];
199} else {
200 $selectedchain = "PREROUTING";
201}
202
203print <<END
204
205<DIV align='left'>
206END
207;
208
209# We´ll open the txt files and extract each line, if the line
210# start with an Chain the the name, start- and endline of the
211# chain is extracted into a hash
212
213 open (FILE, '/srv/web/ipfire/html/iptablesmangle.txt');
214 while (<FILE>){
215
216 $ipmlines[$manlines] = $_;
217
218 if ( $_ =~ /^Chain/ ){
219
220 my @chainstring = split(/ /,$_);
221
222 if ( $chainname ne "" ){
223 $chainsman{$chainname."end"} = $manlines-2;
224 }
225
226 $chainname = $chainstring[1];
227 $chainsman{$chainname."start"} = $manlines;
228 }
229
230 $manlines++;
231
232 }
233 $chainsman{$chainname."end"} = $manlines-1;
234 close (FILE);
235
236# now the chain hash is extracted to get the correct name of the chain
237# all chains are displayed as a select box and can be choosen for display
238# after this all corresponding lines for the chain are extraced and seperated
239# into table rows, sometimes we need to handle leading blank so the offset is
240# needed, some lines need to chomp trailing seperators. The interfaces and
241# network addresses should be colorized by an extra function to make a nice
242# colored gui
243
244 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
245 foreach (sort(keys(%chainsman))){
246
247 if ( $_ =~ /end$/ ){
248 next;
249 } else {
250 $_ =~ s/start$//gi;
251 }
252
253 print " <option value='".$_;
254 if ( $_ eq $selectedchain ){
255 print "' selected='selected' >".$_."</option>\n";
256 } else {
257 print "'>".$_."</option>\n";
258 }
259 }
260 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
261
262 $string = $ipmanlines[$chainsman{$selectedchain."start"}];
263 $string =~ s/\s$//gi;
264
265 print "<strong>".$string."</strong><br />\n\n";
266 print "<table width='100%' cellspacing='1'>\n<tr>\n";
267 foreach (split(/ +/,$ipmlines[$chainsman{$selectedchain."start"}+1])){
268 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
269 print " <th align='left'><strong>".$_."</strong></th>\n";
270 }
271
272 print "</tr>\n";
273
274 print "<tr>\n";
275 print " <td width='0'></td>\n <td width='35'></td>\n <td width='35'></td>\n";
276 print " <td width='130'></td>\n <td width='30'></td>\n";
277 print " <td width='30'></td>\n <td width='40'></td>\n";
278 print " <td width='40'></td>\n <td width='95'></td>\n";
279 print " <td width='95'></td>\n <td width='260'></td>\n";
280 print "</tr>\n";
281
282 for(my $i = $chainsman{$selectedchain."start"}+2; $i <= $chainsman{$selectedchain."end"}; $i++) {
283 print "<tr>\n";
284 my @iptablesline = split(/ +/,$ipmlines[$i]);
285 my $offset=0;
286
287 if ( $iptablesline[0] eq "" ){
288 $offset=1;
289 }
290
291 print " <td></td>\n <td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
292 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
293 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header::colorize($iptablesline[5+$offset])."</td>\n";
294 print " <td>".&Header::colorize($iptablesline[6+$offset])."</td>\n";
295 print " <td>".&Header::colorize($iptablesline[7+$offset])."</td>\n";
296 print " <td>".&Header::colorize($iptablesline[8+$offset])."</td>\n <td>";
297
298 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
299 $string = $iptablesline[$i];
300 $string =~ s/\s$//gi;
301
302# mangles with marks need to be converted from hex to number to show the correct qos class
303
304 if ( $string =~ /^0x/){
305 $string = hex($string);
306 }
307
308 print " ".$string;
309 }
310 print "</td>\n</tr>\n";
311 }
312print "</table></DIV><br />";
313&Header::closebox();
314
315## NAT
316&Header::openbox('100%', 'LEFT', $Lang::tr{'iptnats'}.':');
317
318# If the cgi is called the first time the default chain is
319# used, otherwise if user selected a chains in the selectboxes
320# those one are displayed, it is possible to change all 3 at
321# the same time
322
323if ( $cgiparams{'selectedchain'} ne "" ){
324 my @multi = split(/\|/,$cgiparams{'selectedchain'});
325 $selectedchain = $multi[2];
326} else {
327 $selectedchain = "PREROUTING";
328}
329
330print <<END
331
332<DIV align='left'>
333END
334;
335
336# We´ll open the txt files and extract each line, if the line
337# start with an Chain the the name, start- and endline of the
338# chain is extracted into a hash
339
340 open (FILE, '/srv/web/ipfire/html/iptablesnat.txt');
341 while (<FILE>){
342
343 $ipnatlines[$natlines] = $_;
344
345 if ( $_ =~ /^Chain/ ){
346
347 my @chainstring = split(/ /,$_);
348
349 if ( $chainname ne "" ){
350 $chainsnat{$chainname."end"} = $natlines-2;
351 }
352
353 $chainname = $chainstring[1];
354 $chainsnat{$chainname."start"} = $natlines;
355 }
356
357 $natlines++;
358
359 }
360 $chainsnat{$chainname."end"} = $natlines-1;
361 close (FILE);
362
363# now the chain hash is extracted to get the correct name of the chain
364# all chains are displayed as a select box and can be choosen for display
365# after this all corresponding lines for the chain are extraced and seperated
366# into table rows, sometimes we need to handle leading blank so the offset is
367# needed, some lines need to chomp trailing seperators. The interfaces and
368# network addresses should be colorized by an extra function to make a nice
369# colored gui
370
371 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
372 foreach (sort(keys(%chainsnat))){
373
374 if ( $_ =~ /end$/ ){
375 next;
376 } else {
377 $_ =~ s/start$//gi;
378 }
379
380 print " <option value='".$_;
381 if ( $_ eq $selectedchain ){
382 print "' selected='selected' >".$_."</option>\n";
383 } else {
384 print "'>".$_."</option>\n";
385 }
386 }
387 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
388
389 $string = $ipnatlines[$chainsnat{$selectedchain."start"}];
390 $string =~ s/\s$//gi;
391
392 print "<strong>".$string."</strong><br />\n\n";
393 print "<table width='100%' cellspacing='1'>\n<tr>\n";
394 foreach (split(/ +/,$ipnatlines[$chainsnat{$selectedchain."start"}+1])){
395 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
396 print "<th align='left'><strong>".$_."</strong></th>\n";
397 }
398
399 print "</tr>\n";
400
401 print "<tr>\n";
402 print " <td width='0'></td>\n <td width='35'></td>\n <td width='35'></td>\n";
403 print " <td width='130'></td>\n <td width='30'></td>\n";
404 print " <td width='30'></td>\n <td width='40'></td>\n";
405 print " <td width='40'></td>\n <td width='95'></td>\n";
406 print " <td width='95'></td>\n <td width='260'></td>\n";
407 print "</tr>\n";
408
409 for(my $i = $chainsnat{$selectedchain."start"}+2; $i <= $chainsnat{$selectedchain."end"}; $i++) {
410 print "<tr>\n";
411 my @iptablesline = split(/ +/,$ipnatlines[$i]);
412 my $offset=0;
413
414 if ( $iptablesline[0] eq "" ){
415 $offset=1;
416 }
417
418 print " <td></td>\n<td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
419 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
420 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header::colorize($iptablesline[5+$offset])."</td>\n";
421 print " <td>".&Header::colorize($iptablesline[6+$offset])."</td>\n";
422 print " <td>".&Header::colorize($iptablesline[7+$offset])."</td>\n";
423 print " <td>".&Header::colorize($iptablesline[8+$offset])."</td>\n <td>";
424
425 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
426 $string = $iptablesline[$i];
427 $string =~ s/\s$//gi;
428 print " ".$string;
429 }
430 print "</td>\n</tr>\n";
431 }
432print "</table></DIV><br />";
433&Header::closebox();
434&Header::closebigbox();
435&Header::closepage();
436
437system(rm -f "/srv/web/ipfire/html/iptables.txt");
438system(rm -f "/srv/web/ipfire/html/iptablesmangle.txt");
439system(rm -f "/srv/web/ipfire/html/iptablesnat.txt");