]> git.ipfire.org Git - ipfire-2.x.git/blob - html/cgi-bin/fwhosts.cgi
projects / ipfire-2.x.git / blob
? search:


dca425b692f9c5f74fa6776e83da98a29ef26d7e
[ipfire-2.x.git] / html / cgi-bin / fwhosts.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013-2025 IPFire Team <info@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21 use strict;
22
23 # enable only the following on debugging purpose
24 #use warnings;
25
26 use Sort::Naturally;
27 use CGI::Carp 'fatalsToBrowser';
28 no warnings 'uninitialized';
29 require '/var/ipfire/general-functions.pl';
30 require '/var/ipfire/network-functions.pl';
31 require "/var/ipfire/location-functions.pl";
32 require "/usr/lib/firewall/firewall-lib.pl";
33 require "${General::swroot}/lang.pl";
34 require "${General::swroot}/header.pl";
35
36 my %fwhostsettings=();
37 my %customnetwork=();
38 my %customhost=();
39 my %customgrp=();
40 my %customservice=();
41 my %customservicegrp=();
42 my %customlocationgrp=();
43 my %ccdnet=();
44 my %ccdhost=();
45 my %ipsecconf=();
46 my %icmptypes=();
47 my %color=();
48 my %defaultNetworks=();
49 my %mainsettings=();
50 my %ownnet=();
51 my %ipsecsettings=();
52 my %fwfwd=();
53 my %fwinp=();
54 my %fwout=();
55 my %ovpnsettings=();
56 my %netsettings=();
57 my %optionsfw=();
58
59 my $errormessage;
60 my $hint;
61 my $update=0;
62 my $confignet = "${General::swroot}/fwhosts/customnetworks";
63 my $confighost = "${General::swroot}/fwhosts/customhosts";
64 my $configgrp = "${General::swroot}/fwhosts/customgroups";
65 my $configccdnet = "${General::swroot}/ovpn/ccd.conf";
66 my $configccdhost = "${General::swroot}/ovpn/ovpnconfig";
67 my $configipsec = "${General::swroot}/vpn/config";
68 my $configsrv = "${General::swroot}/fwhosts/customservices";
69 my $configsrvgrp = "${General::swroot}/fwhosts/customservicegrp";
70 my $configlocationgrp = "${General::swroot}/fwhosts/customlocationgrp";
71 my $fwconfigfwd = "${General::swroot}/firewall/config";
72 my $fwconfiginp = "${General::swroot}/firewall/input";
73 my $fwconfigout = "${General::swroot}/firewall/outgoing";
74 my $fwoptions = "${General::swroot}/optionsfw/settings";
75 my $configovpn = "${General::swroot}/ovpn/settings";
76 my $configipsecrw = "${General::swroot}/vpn/settings";
77
78 unless (-e $confignet) { &General::system("touch", "$confignet"); }
79 unless (-e $confighost) { &General::system("touch", "$confighost"); }
80 unless (-e $configgrp) { &General::system("touch", "$configgrp"); }
81 unless (-e $configsrv) { &General::system("touch", "$configsrv"); }
82 unless (-e $configsrvgrp) { &General::system("touch", "$configsrvgrp"); }
83 unless (-e $configlocationgrp) { &General::system("touch $configlocationgrp"); }
84
85 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
86 &General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
87 &General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
88 &General::readhash("$configovpn", \%ovpnsettings);
89 &General::readhasharray("$configipsec", \%ipsecconf);
90 &General::readhash("$configipsecrw", \%ipsecsettings);
91 &General::readhash("/var/ipfire/ethernet/settings", \%netsettings);
92 &General::readhash($fwoptions, \%optionsfw);
93
94 &Header::getcgihash(\%fwhostsettings);
95 &Header::showhttpheaders();
96 &Header::openpage($Lang::tr{'fwhost menu'}, 1, '');
97 &Header::openbigbox('100%', 'center');
98
99 #### JAVA SCRIPT ####
100 print<<END;
101 <script>
102 var PROTOCOLS_WITH_PORTS = ["TCP", "UDP"];
103 var update_protocol = function() {
104 var protocol = \$("#protocol").val();
105
106 if (protocol === undefined)
107 return;
108
109 // Check if we are dealing with a protocol, that knows ports.
110 if (\$.inArray(protocol, PROTOCOLS_WITH_PORTS) >= 0) {
111 \$("#PORT").show();
112 \$("#PROTOKOLL").hide();
113 } else {
114 \$("#PORT").hide();
115 \$("#PROTOKOLL").show();
116 }
117 };
118
119 \$(document).ready(function() {
120 var protocol = \$("#protocol").val();
121 \$("#protocol").change(update_protocol);
122 update_protocol();
123 // Automatically select radio buttons when corresponding
124 // dropdown menu changes.
125 \$("select").change(function() {
126 var id = \$(this).attr("name");
127 \$('#' + id).prop("checked", true);
128 });
129 });
130 </script>
131 END
132
133 ## ACTION ####
134 # Update
135 if ($fwhostsettings{'ACTION'} eq 'updatenet' )
136 {
137 &General::readhasharray("$confignet", \%customnetwork);
138 foreach my $key (keys %customnetwork)
139 {
140 if($customnetwork{$key}[0] eq $fwhostsettings{'orgname'})
141 {
142 $fwhostsettings{'orgname'} = $customnetwork{$key}[0];
143 $fwhostsettings{'orgip'} = $customnetwork{$key}[1];
144 $fwhostsettings{'orgsub'} = $customnetwork{$key}[2];
145 $fwhostsettings{'netremark'} = $customnetwork{$key}[3];
146 $fwhostsettings{'count'} = $customnetwork{$key}[4];
147 delete $customnetwork{$key};
148
149 }
150 }
151 &General::writehasharray("$confignet", \%customnetwork);
152 $fwhostsettings{'actualize'} = 'on';
153 $fwhostsettings{'ACTION'} = 'savenet';
154 }
155 if ($fwhostsettings{'ACTION'} eq 'updatehost')
156 {
157 my ($ip,$subnet);
158 &General::readhasharray("$confighost", \%customhost);
159 foreach my $key (keys %customhost)
160 {
161 if($customhost{$key}[0] eq $fwhostsettings{'orgname'})
162 {
163 if ($customhost{$key}[1] eq 'ip'){
164 ($ip,$subnet) = split (/\//,$customhost{$key}[2]);
165 }else{
166 $ip = $customhost{$key}[2];
167 }
168 $fwhostsettings{'orgip'} = $ip;
169 $fwhostsettings{'count'} = $customhost{$key}[4];
170 delete $customhost{$key};
171 &General::writehasharray("$confighost", \%customhost);
172 }
173 }
174 $fwhostsettings{'actualize'} = 'on';
175 if($fwhostsettings{'orgip'}){
176 $fwhostsettings{'ACTION'} = 'savehost';
177 }else{
178 $fwhostsettings{'ACTION'} = $Lang::tr{'fwhost newhost'};
179 }
180 }
181 if ($fwhostsettings{'ACTION'} eq 'updateservice')
182 {
183 my $count=0;
184 my $needrules=0;
185 $errormessage=&checkports(\%customservice);
186 if ($fwhostsettings{'oldsrvname'} ne $fwhostsettings{'SRV_NAME'} && !&checkgroup($fwhostsettings{'SRV_NAME'})){
187 $errormessage=$Lang::tr{'fwhost err grpexist'};
188 }
189 if (!$errormessage){
190 &General::readhasharray("$configsrv", \%customservice);
191 foreach my $key (keys %customservice)
192 {
193 if ($customservice{$key}[0] eq $fwhostsettings{'oldsrvname'})
194 {
195 delete $customservice{$key};
196 &General::writehasharray("$configsrv", \%customservice);
197 last;
198 }
199 }
200 if ($fwhostsettings{'PROT'} ne 'ICMP'){
201 $fwhostsettings{'ICMP_TYPES'}='BLANK';
202 }
203 my $key1 = &General::findhasharraykey(\%customservice);
204 #find out short ICMP-TYPE
205 &General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
206 foreach my $key (keys %icmptypes){
207 if ("$icmptypes{$key}[0] ($icmptypes{$key}[1])" eq $fwhostsettings{'ICMP_TYPES'}){
208 $fwhostsettings{'ICMP_TYPES'}=$icmptypes{$key}[0];
209 }
210 }
211 foreach my $i (0 .. 4) { $customservice{$key1}[$i] = "";}
212 $customservice{$key1}[0] = $fwhostsettings{'SRV_NAME'};
213 $customservice{$key1}[1] = $fwhostsettings{'SRV_PORT'};
214 $customservice{$key1}[2] = $fwhostsettings{'PROT'};
215 $customservice{$key1}[3] = $fwhostsettings{'ICMP_TYPES'};
216 &General::writehasharray("$configsrv", \%customservice);
217 #check if we need to update firewallrules
218 if ($fwhostsettings{'SRV_NAME'} ne $fwhostsettings{'oldsrvname'}){
219 if ( ! -z $fwconfigfwd ){
220 &General::readhasharray("$fwconfigfwd", \%fwfwd);
221 foreach my $key (sort keys %fwfwd){
222 if ($fwfwd{$key}[15] eq $fwhostsettings{'oldsrvname'}){
223 $fwfwd{$key}[15] = $fwhostsettings{'SRV_NAME'};
224 }
225 }
226 &General::writehasharray("$fwconfigfwd", \%fwfwd);
227 }
228 if ( ! -z $fwconfiginp ){
229 &General::readhasharray("$fwconfiginp", \%fwinp);
230 foreach my $line (sort keys %fwinp){
231 if ($fwfwd{$line}[15] eq $fwhostsettings{'oldsrvname'}){
232 $fwfwd{$line}[15] = $fwhostsettings{'SRV_NAME'};
233 }
234 }
235 &General::writehasharray("$fwconfiginp", \%fwinp);
236 }
237 if ( ! -z $fwconfigout ){
238 &General::readhasharray("$fwconfigout", \%fwout);
239 foreach my $line (sort keys %fwout){
240 if ($fwout{$line}[15] eq $fwhostsettings{'oldsrvname'}){
241 $fwout{$line}[15] = $fwhostsettings{'SRV_NAME'};
242 }
243 }
244 &General::writehasharray("$fwconfigout", \%fwout);
245 }
246 #check if we need to update groups
247 &General::readhasharray("$configsrvgrp", \%customservicegrp);
248 foreach my $key (sort keys %customservicegrp){
249 if($customservicegrp{$key}[2] eq $fwhostsettings{'oldsrvname'}){
250 $customservicegrp{$key}[2] = $fwhostsettings{'SRV_NAME'};
251 &checkrulereload($customservicegrp{$key}[0]);
252 }
253 }
254 &General::writehasharray("$configsrvgrp", \%customservicegrp);
255 }
256 &checkrulereload($fwhostsettings{'SRV_NAME'});
257 $fwhostsettings{'SRV_NAME'} = '';
258 $fwhostsettings{'SRV_PORT'} = '';
259 $fwhostsettings{'PROT'} = '';
260 $fwhostsettings{'ICMP'} = '';
261 $fwhostsettings{'oldsrvicmp'} = '';
262 $fwhostsettings{'updatesrv'} = '';
263 }else{
264 $fwhostsettings{'SRV_NAME'} = $fwhostsettings{'oldsrvname'};
265 $fwhostsettings{'SRV_PORT'} = $fwhostsettings{'oldsrvport'};
266 $fwhostsettings{'PROT'} = $fwhostsettings{'oldsrvprot'};
267 $fwhostsettings{'ICMP'} = $fwhostsettings{'oldsrvicmp'};
268 $fwhostsettings{'updatesrv'}= 'on';
269 }
270 &addservice;
271 }
272 # save
273 if ($fwhostsettings{'ACTION'} eq 'savenet' )
274 {
275 my $needrules=0;
276 if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
277 #check if all fields are set
278 if ($fwhostsettings{'HOSTNAME'} eq '' || $fwhostsettings{'IP'} eq '' || $fwhostsettings{'SUBNET'} eq '')
279 {
280 $errormessage=$errormessage.$Lang::tr{'fwhost err empty'};
281 &addnet;
282 &viewtablenet;
283 }else{
284 #convert ip if leading '0' exists
285 $fwhostsettings{'IP'} = &Network::ip_remove_zero($fwhostsettings{'IP'});
286
287 #check valid ip
288 if (!&General::validipandmask($fwhostsettings{'IP'}."/".$fwhostsettings{'SUBNET'}))
289 {
290 $errormessage=$errormessage.$Lang::tr{'fwhost err addr'};
291 $fwhostsettings{'BLK_HOST'} ='readonly';
292 $fwhostsettings{'NOCHECK'} ='false';
293 $fwhostsettings{'error'} ='on';
294 }
295 #check remark
296 if ($fwhostsettings{'NETREMARK'} ne '' && !&validremark($fwhostsettings{'NETREMARK'})){
297 $errormessage=$Lang::tr{'fwhost err remark'};
298 $fwhostsettings{'error'} ='on';
299 }
300 #check if subnet is sigle host
301 if(&General::iporsubtocidr($fwhostsettings{'SUBNET'}) eq '32')
302 {
303 $errormessage=$errormessage.$Lang::tr{'fwhost err sub32'};
304 }
305 if($fwhostsettings{'error'} ne 'on'){
306 my $fullip="$fwhostsettings{'IP'}/".&General::iporsubtocidr($fwhostsettings{'SUBNET'});
307 $errormessage=$errormessage.&General::checksubnets($fwhostsettings{'HOSTNAME'},$fullip,"","exact");
308 }
309 #only check plausi when no error till now
310 if (!$errormessage){
311 &plausicheck("editnet");
312 }
313 if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newnet'} ne 'on' && $errormessage)
314 {
315 $fwhostsettings{'actualize'} = '';
316 my $key = &General::findhasharraykey (\%customnetwork);
317 foreach my $i (0 .. 3) { $customnetwork{$key}[$i] = "";}
318 $customnetwork{$key}[0] = $fwhostsettings{'orgname'} ;
319 $customnetwork{$key}[1] = $fwhostsettings{'orgip'} ;
320 $customnetwork{$key}[2] = $fwhostsettings{'orgsub'};
321 $customnetwork{$key}[3] = $fwhostsettings{'orgnetremark'};
322 &General::writehasharray("$confignet", \%customnetwork);
323 undef %customnetwork;
324 }
325 if (!$errormessage){
326 &General::readhasharray("$confignet", \%customnetwork);
327 if ($fwhostsettings{'ACTION'} eq 'updatenet'){
328 if ($fwhostsettings{'update'} == '0'){
329 foreach my $key (keys %customnetwork) {
330 if($customnetwork{$key}[0] eq $fwhostsettings{'orgname'}){
331 delete $customnetwork{$key};
332 last;
333 }
334 }
335 }
336 }
337 #get count if actualize is 'on'
338 if($fwhostsettings{'actualize'} eq 'on'){
339 $fwhostsettings{'actualize'} = '';
340 #check if we need to reload rules
341 if($fwhostsettings{'orgip'} ne $fwhostsettings{'IP'}){
342 $needrules='on';
343 }
344 if ($fwhostsettings{'orgname'} ne $fwhostsettings{'HOSTNAME'}){
345 #check if we need to update groups
346 &General::readhasharray("$configgrp", \%customgrp);
347 foreach my $key (sort keys %customgrp){
348 if($customgrp{$key}[2] eq $fwhostsettings{'orgname'}){
349 $customgrp{$key}[2]=$fwhostsettings{'HOSTNAME'};
350 last;
351 }
352 }
353 &General::writehasharray("$configgrp", \%customgrp);
354 #check if we need to update firewallrules
355 if ( ! -z $fwconfigfwd ){
356 &General::readhasharray("$fwconfigfwd", \%fwfwd);
357 foreach my $line (sort keys %fwfwd){
358 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
359 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
360 }
361 if ($fwfwd{$line}[6] eq $fwhostsettings{'orgname'}){
362 $fwfwd{$line}[6] = $fwhostsettings{'HOSTNAME'};
363 }
364 }
365 &General::writehasharray("$fwconfigfwd", \%fwfwd);
366 }
367 if ( ! -z $fwconfiginp ){
368 &General::readhasharray("$fwconfiginp", \%fwinp);
369 foreach my $line (sort keys %fwinp){
370 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
371 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
372 }
373 }
374 &General::writehasharray("$fwconfiginp", \%fwinp);
375 }
376 }
377 }
378 my $key = &General::findhasharraykey (\%customnetwork);
379 foreach my $i (0 .. 3) { $customnetwork{$key}[$i] = "";}
380 $fwhostsettings{'SUBNET'} = &General::iporsubtocidr($fwhostsettings{'SUBNET'});
381 $customnetwork{$key}[0] = $fwhostsettings{'HOSTNAME'};
382 $customnetwork{$key}[1] = &General::getnetworkip($fwhostsettings{'IP'},$fwhostsettings{'SUBNET'}) ;
383 $customnetwork{$key}[2] = &General::iporsubtodec($fwhostsettings{'SUBNET'}) ;
384 $customnetwork{$key}[3] = $fwhostsettings{'NETREMARK'};
385 &General::writehasharray("$confignet", \%customnetwork);
386 $fwhostsettings{'IP'}=$fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
387 undef %customnetwork;
388 $fwhostsettings{'HOSTNAME'}='';
389 $fwhostsettings{'IP'}='';
390 $fwhostsettings{'SUBNET'}='';
391 $fwhostsettings{'NETREMARK'}='';
392 #check if an edited net affected groups and need to reload rules
393 if ($needrules eq 'on'){
394 &General::firewall_config_changed();
395 }
396 &addnet;
397 &viewtablenet;
398 }else{
399 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
400 &addnet;
401 &viewtablenet;
402 }
403 }
404 }
405 if ($fwhostsettings{'ACTION'} eq 'savehost')
406 {
407 my $needrules=0;
408 if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
409 $fwhostsettings{'SUBNET'}='32';
410 #check if all fields are set
411 if ($fwhostsettings{'HOSTNAME'} eq '' || $fwhostsettings{'IP'} eq '' || $fwhostsettings{'SUBNET'} eq '')
412 {
413 $errormessage=$errormessage.$Lang::tr{'fwhost err empty'};
414 $fwhostsettings{'ACTION'} = 'edithost';
415 }else{
416 if($fwhostsettings{'IP'}=~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/){
417 $fwhostsettings{'type'} = 'mac';
418 }elsif($fwhostsettings{'IP'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
419 $fwhostsettings{'type'} = 'ip';
420 }else{
421 $fwhostsettings{'type'} = '';
422 $errormessage=$Lang::tr{'fwhost err ipmac'};
423 }
424 #check remark
425 if ($fwhostsettings{'HOSTREMARK'} ne '' && !&validremark($fwhostsettings{'HOSTREMARK'})){
426 $errormessage=$Lang::tr{'fwhost err remark'};
427 }
428 #CHECK IP-PART
429 if ($fwhostsettings{'type'} eq 'ip'){
430 #convert ip if leading '0' exists
431 $fwhostsettings{'IP'} = &Network::ip_remove_zero($fwhostsettings{'IP'});
432
433 #check for subnet
434 if (rindex($fwhostsettings{'IP'},'/') eq '-1' ){
435 if($fwhostsettings{'type'} eq 'ip' && !&General::validipandmask($fwhostsettings{'IP'}."/32"))
436 {
437 $errormessage.=$errormessage.$Lang::tr{'fwhost err ip'};
438 $fwhostsettings{'error'}='on';
439 }
440 }elsif(rindex($fwhostsettings{'IP'},'/') ne '-1' ){
441 $errormessage=$errormessage.$Lang::tr{'fwhost err ipwithsub'};
442 $fwhostsettings{'error'}='on';
443 }
444 #check if net or broadcast
445 my @tmp= split (/\./,$fwhostsettings{'IP'});
446 if (($tmp[3] eq "0") || ($tmp[3] eq "255")){
447 $errormessage=$Lang::tr{'fwhost err hostip'};
448 }
449 }
450 #only check plausi when no error till now
451 if (!$errormessage){
452 &plausicheck("edithost");
453 }
454 if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newhost'} ne 'on' && $errormessage){
455 $fwhostsettings{'actualize'} = '';
456 my $key = &General::findhasharraykey (\%customhost);
457 foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";}
458 $customhost{$key}[0] = $fwhostsettings{'orgname'} ;
459 $customhost{$key}[1] = $fwhostsettings{'type'} ;
460 if($customhost{$key}[1] eq 'ip'){
461 $customhost{$key}[2] = $fwhostsettings{'orgip'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
462 }else{
463 $customhost{$key}[2] = $fwhostsettings{'orgip'};
464 }
465 $customhost{$key}[3] = $fwhostsettings{'orgremark'};
466 &General::writehasharray("$confighost", \%customhost);
467 undef %customhost;
468 }
469 if (!$errormessage){
470 #get count if host was edited
471 if($fwhostsettings{'actualize'} eq 'on'){
472 if($fwhostsettings{'orgip'} ne $fwhostsettings{'IP'}){
473 $needrules='on';
474 }
475 if($fwhostsettings{'orgname'} ne $fwhostsettings{'HOSTNAME'}){
476 #check if we need to update groups
477 &General::readhasharray("$configgrp", \%customgrp);
478 foreach my $key (sort keys %customgrp){
479 if($customgrp{$key}[2] eq $fwhostsettings{'orgname'}){
480 $customgrp{$key}[2]=$fwhostsettings{'HOSTNAME'};
481 }
482 }
483 &General::writehasharray("$configgrp", \%customgrp);
484 #check if we need to update firewallrules
485 if ( ! -z $fwconfigfwd ){
486 &General::readhasharray("$fwconfigfwd", \%fwfwd);
487 foreach my $line (sort keys %fwfwd){
488 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
489 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
490 }
491 if ($fwfwd{$line}[6] eq $fwhostsettings{'orgname'}){
492 $fwfwd{$line}[6] = $fwhostsettings{'HOSTNAME'};
493 }
494 }
495 &General::writehasharray("$fwconfigfwd", \%fwfwd);
496 }
497 if ( ! -z $fwconfiginp ){
498 &General::readhasharray("$fwconfiginp", \%fwinp);
499 foreach my $line (sort keys %fwinp){
500 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
501 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
502 }
503 }
504 &General::writehasharray("$fwconfiginp", \%fwinp);
505 }
506 }
507 }
508 my $key = &General::findhasharraykey (\%customhost);
509 foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";}
510 $customhost{$key}[0] = $fwhostsettings{'HOSTNAME'} ;
511 $customhost{$key}[1] = $fwhostsettings{'type'} ;
512 if ($fwhostsettings{'type'} eq 'ip'){
513 $customhost{$key}[2] = $fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
514 }else{
515 $customhost{$key}[2] = $fwhostsettings{'IP'};
516 }
517 $customhost{$key}[3] = $fwhostsettings{'HOSTREMARK'};
518 &General::writehasharray("$confighost", \%customhost);
519 undef %customhost;
520 $fwhostsettings{'HOSTNAME'}='';
521 $fwhostsettings{'IP'}='';
522 $fwhostsettings{'type'}='';
523 $fwhostsettings{'HOSTREMARK'}='';
524 #check if we need to update rules while host was edited
525 if($needrules eq 'on'){
526 &General::firewall_config_changed();
527 }
528 &addhost;
529 &viewtablehost;
530 }else{
531 &addhost;
532 &viewtablehost;
533 }
534 }
535 }
536 if ($fwhostsettings{'ACTION'} eq 'savegrp')
537 {
538 my $grp=$fwhostsettings{'grp_name'};
539 my $rem=$fwhostsettings{'remark'};
540 my $count;
541 my $type;
542 my $updcounter='off';
543 my @target;
544 my @newgrp;
545 &General::readhasharray("$configgrp", \%customgrp);
546 &General::readhasharray("$confignet", \%customnetwork);
547 &General::readhasharray("$confighost", \%customhost);
548 &General::readhasharray("$fwconfigfwd", \%fwfwd);
549 &General::readhasharray("$fwconfiginp", \%fwinp);
550 &General::readhasharray("$fwconfigout", \%fwout);
551 #check name
552 if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
553 #check existing name
554 if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){$errormessage.=$Lang::tr{'fwhost err grpexist'};}
555 #check remark
556 if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){
557 $errormessage.=$Lang::tr{'fwhost err remark'};
558 }
559 if ($fwhostsettings{'update'} eq 'on'){
560 #check standard networks
561 if ($fwhostsettings{'grp2'} eq 'std_net'){
562 @target=$fwhostsettings{'DEFAULT_SRC_ADR'};
563 $type='Standard Network';
564 }
565 #check custom networks
566 if ($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} ne ''){
567 @target=$fwhostsettings{'CUST_SRC_NET'};
568 $updcounter='net';
569 $type='Custom Network';
570 }elsif($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} eq ''){
571 $errormessage=$Lang::tr{'fwhost err groupempty'}."<br>";
572 $fwhostsettings{'grp_name'}='';
573 $fwhostsettings{'remark'}='';
574 }
575 #check custom addresses
576 if ($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} ne ''){
577 @target=$fwhostsettings{'CUST_SRC_HOST'};
578 $updcounter='host';
579 $type='Custom Host';
580 }elsif($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} eq ''){
581 $errormessage=$Lang::tr{'fwhost err groupempty'}."<br>";
582 $fwhostsettings{'grp_name'}='';
583 $fwhostsettings{'remark'}='';
584 }
585 # Fetch the address from a WireGuard Peer
586 if ($fwhostsettings{'grp2'} eq 'wg_peer' && $fwhostsettings{'WG_PEER'} ne ''){
587 @target=$fwhostsettings{'WG_PEER'};
588 $type='wg_peer';
589 }elsif ($fwhostsettings{'grp2'} eq 'wg_peer' && $fwhostsettings{'WG_PEER'} eq ''){
590 $errormessage=$Lang::tr{'fwhost err groupempty'};
591 }
592 #get address from ovpn ccd static net
593 if ($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} ne ''){
594 @target=$fwhostsettings{'OVPN_CCD_NET'};
595 $type='OpenVPN static network';
596 }elsif($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} eq ''){
597 $errormessage=$Lang::tr{'fwhost err groupempty'};
598 $fwhostsettings{'grp_name'}='';
599 $fwhostsettings{'remark'}='';
600 }
601 #get address from ovpn ccd static host
602 if ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} ne ''){
603 @target=$fwhostsettings{'OVPN_CCD_HOST'};
604 $type='OpenVPN static host';
605 }elsif ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} eq ''){
606 $errormessage=$Lang::tr{'fwhost err groupempty'};
607 }
608 #get address from ovpn ccd Net-2-Net
609 if ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} ne ''){
610 @target=$fwhostsettings{'OVPN_N2N'};
611 $type='OpenVPN N-2-N';
612 }elsif ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} eq ''){
613 $errormessage=$Lang::tr{'fwhost err groupempty'};
614 $fwhostsettings{'grp_name'}='';
615 $fwhostsettings{'remark'}='';
616 }
617 #get address from IPSEC HOST
618 if ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} ne ''){
619 @target=$fwhostsettings{'IPSEC_HOST'};
620 $type='IpSec Host';
621 }elsif ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} eq ''){
622 $errormessage=$Lang::tr{'fwhost err groupempty'};
623 $fwhostsettings{'grp_name'}='';
624 $fwhostsettings{'remark'}='';
625 }
626 #get address from IPSEC NETWORK
627 if ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} ne ''){
628 @target=$fwhostsettings{'IPSEC_NET'};
629 $type='IpSec Network';
630 }elsif ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} eq ''){
631 $errormessage=$Lang::tr{'fwhost err groupempty'};
632 $fwhostsettings{'grp_name'}='';
633 $fwhostsettings{'remark'}='';
634 }
635 #check if host/net exists in grp
636
637 my $test="$grp,$fwhostsettings{'oldremark'},@target,$type";
638 foreach my $key (keys %customgrp) {
639 my $test1="$customgrp{$key}[0],$customgrp{$key}[1],$customgrp{$key}[2],$customgrp{$key}[3]";
640 if ($test1 eq $test){
641 $errormessage=$Lang::tr{'fwhost err isingrp'};
642 $fwhostsettings{'update'} = 'on';
643 }
644 }
645 }
646
647 if (!$errormessage){
648 #on first save, we have an empty @target, so fill it with nothing
649 my $targetvalues=@target;
650 if ($targetvalues == '0'){
651 @target="none";
652 }
653 #on update, we have to delete the dummy entry
654 foreach my $key (keys %customgrp){
655 if ($customgrp{$key}[0] eq $grp && $customgrp{$key}[2] eq "none"){
656 delete $customgrp{$key};
657 last;
658 }
659 }
660 &General::writehasharray("$configgrp", \%customgrp);
661 &General::readhasharray("$configgrp", \%customgrp);
662 #create array with new lines
663 foreach my $line (@target){
664 push (@newgrp,"$grp,$rem,$line");
665 }
666 #append new entries
667 my $key = &General::findhasharraykey (\%customgrp);
668 foreach my $line (@newgrp){
669 foreach my $i (0 .. 3) { $customgrp{$key}[$i] = "";}
670 my ($a,$b,$c,$d) = split (",",$line);
671 $customgrp{$key}[0] = $a;
672 $customgrp{$key}[1] = $b;
673 $customgrp{$key}[2] = $c;
674 $customgrp{$key}[3] = $type;
675 }
676 &General::writehasharray("$configgrp", \%customgrp);
677 #update counter in Host/Net
678 $fwhostsettings{'update'}='on';
679 }
680 #check if ruleupdate is needed
681 my $netgrpcount=0;
682 $netgrpcount=&getnetcount($grp);
683 if($netgrpcount > 0 )
684 {
685 &General::firewall_config_changed();
686 }
687 &addgrp;
688 &viewtablegrp;
689 }
690 if ($fwhostsettings{'ACTION'} eq 'savelocationgrp')
691 {
692 my $grp=$fwhostsettings{'grp_name'};
693 my $rem=$fwhostsettings{'remark'};
694 my $count;
695 my $type;
696 my @target;
697 my @newgrp;
698 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
699 &General::readhasharray("$fwconfigfwd", \%fwfwd);
700 &General::readhasharray("$fwconfiginp", \%fwinp);
701 &General::readhasharray("$fwconfigout", \%fwout);
702
703 # Check name
704 if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
705
706 unless (&General::validcc($fwhostsettings{'COUNTRY_CODE'})) {
707 $errormessage = $Lang::tr{'fwhost invalid country code'};
708 }
709
710 # Check for existing group name.
711 if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){
712 $errormessage = $Lang::tr{'fwhost err grpexist'};
713 }
714
715 # Check remark.
716 if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){
717 $errormessage = $Lang::tr{'fwhost err remark'};
718 }
719
720 if ($fwhostsettings{'update'} eq 'on'){
721 @target = $fwhostsettings{'COUNTRY_CODE'};
722 $type='Location Group';
723
724 #check if host/net exists in grp
725 my $test="$grp,$fwhostsettings{'oldremark'},@target";
726 foreach my $key (keys %customlocationgrp) {
727 my $test1="$customlocationgrp{$key}[0],$customlocationgrp{$key}[1],$customlocationgrp{$key}[2]";
728 if ($test1 eq $test){
729 $errormessage=$Lang::tr{'fwhost err isingrp'};
730 $fwhostsettings{'update'} = 'on';
731 }
732 }
733 }
734
735 if (!$errormessage){
736 #on first save, we have an empty @target, so fill it with nothing
737 my $targetvalues=@target;
738 if ($targetvalues == '0'){
739 @target="none";
740 }
741 #on update, we have to delete the dummy entry
742 foreach my $key (keys %customlocationgrp){
743 if ($customlocationgrp{$key}[0] eq $grp && $customlocationgrp{$key}[2] eq "none"){
744 delete $customlocationgrp{$key};
745 last;
746 }
747 }
748 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
749 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
750 #create array with new lines
751 foreach my $line (@target){
752 push (@newgrp,"$grp,$rem,$line");
753 }
754 #append new entries
755 my $key = &General::findhasharraykey (\%customlocationgrp);
756 foreach my $line (@newgrp){
757 foreach my $i (0 .. 3) { $customlocationgrp{$key}[$i] = "";}
758 my ($a,$b,$c,$d) = split (",",$line);
759 $customlocationgrp{$key}[0] = $a;
760 $customlocationgrp{$key}[1] = $b;
761 $customlocationgrp{$key}[2] = $c;
762 $customlocationgrp{$key}[3] = $type;
763 }
764 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
765 #update counter in Host/Net
766 $fwhostsettings{'update'}='on';
767 }
768 #check if ruleupdate is needed
769 my $locationgrpcount=0;
770 $locationgrpcount=&getlocationcount($grp);
771 if($locationgrpcount > 0 )
772 {
773 &General::firewall_config_changed();
774 }
775 &addlocationgrp;
776 &viewtablelocationgrp;
777 }
778 if ($fwhostsettings{'ACTION'} eq 'saveservice')
779 {
780 my $ICMP;
781 &General::readhasharray("$configsrv", \%customservice );
782 &General::readhasharray("$configgrp", \%customgrp);
783 $errormessage=&checkports(\%customservice);
784 if ($fwhostsettings{'PROT'} eq 'ICMP'){
785 &General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
786 foreach my $key (keys %icmptypes){
787 if ("$icmptypes{$key}[0] ($icmptypes{$key}[1])" eq $fwhostsettings{'ICMP_TYPES'}){
788 $ICMP=$icmptypes{$key}[0];
789 }
790 }
791 }
792 if($ICMP eq ''){$ICMP=$fwhostsettings{'ICMP_TYPES'};}
793 if ($fwhostsettings{'PROT'} ne 'ICMP'){$ICMP='BLANK';}
794 #Check if a group with the same name already exists
795 if (!&checkgroup($fwhostsettings{'SRV_NAME'})){
796 $errormessage = $Lang::tr{'fwhost err grpexist'};
797 }
798 if (!$errormessage){
799 my $key = &General::findhasharraykey (\%customservice);
800 foreach my $i (0 .. 4) { $customservice{$key}[$i] = "";}
801 $customservice{$key}[0] = $fwhostsettings{'SRV_NAME'};
802 $customservice{$key}[1] = $fwhostsettings{'SRV_PORT'};
803 $customservice{$key}[2] = $fwhostsettings{'PROT'};
804 $customservice{$key}[3] = $ICMP;
805 &General::writehasharray("$configsrv", \%customservice );
806 #reset fields
807 $fwhostsettings{'SRV_NAME'}='';
808 $fwhostsettings{'SRV_PORT'}='';
809 $fwhostsettings{'PROT'}='';
810 $fwhostsettings{'ICMP_TYPES'}='';
811 }
812 &addservice;
813 }
814 if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
815 {
816 my $prot;
817 my $port;
818 my $tcpcounter=0;
819 my $udpcounter=0;
820 &General::readhasharray("$configsrvgrp", \%customservicegrp );
821 &General::readhasharray("$configsrv", \%customservice );
822 $errormessage=&checkservicegroup;
823 #Check if we have more than 15 services from one Protocol in the group
824 #iptables can only handle 15 ports/portranges via multiport
825 foreach my $key (keys %customservicegrp){
826 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){
827 foreach my $key1 (keys %customservice){
828 $tcpcounter++ if $customservice{$key1}[2] eq 'TCP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0];
829 $tcpcounter++ if $customservice{$key1}[2] eq 'TCP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0] && $customservice{$key1}[1] =~m/:/i;
830 $udpcounter++ if $customservice{$key1}[2] eq 'UDP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0];
831 $udpcounter++ if $customservice{$key1}[2] eq 'UDP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0] && $customservice{$key1}[1] =~m/:/i;
832 }
833 }
834 }
835
836 # Loop through the hash of configured services.
837 foreach my $key (keys %customservice) {
838 # Assign nice human-readable values.
839 my $service_name = $customservice{$key}[0];
840 my $service_port = $customservice{$key}[1];
841 my $service_proto = $customservice{$key}[2];
842
843 # Skip services unless the processed one has found.
844 next unless $service_name eq $fwhostsettings{'CUST_SRV'};
845
846 # Increase the counters.
847 $tcpcounter++ if $service_proto eq 'TCP';
848 $tcpcounter++ if $service_proto eq 'TCP' && $service_port =~ m/:/i;
849 $udpcounter++ if $service_proto eq 'UDP';
850 $udpcounter++ if $service_proto eq 'UDP' && $service_port =~ m/:/i;
851 }
852
853 if ($tcpcounter > 15) {
854 $errormessage=$Lang::tr{'fwhost err maxservicetcp'};
855 }
856 if ($udpcounter > 15) {
857 $errormessage=$Lang::tr{'fwhost err maxserviceudp'};
858 }
859 $tcpcounter=0;
860 $udpcounter=0;
861 #check remark
862 if ($fwhostsettings{'SRVGRP_REMARK'} ne '' && !&validremark($fwhostsettings{'SRVGRP_REMARK'})){
863 $errormessage .= $Lang::tr{'fwhost err remark'};
864 }
865 #Check if there is already a service with the same name
866 if(!&checkservice($fwhostsettings{'SRVGRP_NAME'})){
867 $errormessage .= $Lang::tr{'fwhost err srv exists'};
868 }
869 if (!$errormessage){
870 #on first save, we have to enter a dummy value
871 if ($fwhostsettings{'CUST_SRV'} eq ''){
872 $fwhostsettings{'CUST_SRV'}='none';
873 }
874 #on update, we have to delete the dummy entry
875 foreach my $key (keys %customservicegrp){
876 if ($customservicegrp{$key}[2] eq 'none' && $customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){
877 delete $customservicegrp{$key};
878 last;
879 }
880 }
881 &General::writehasharray("$configsrvgrp", \%customservicegrp );
882 #check if remark has also changed
883 if ($fwhostsettings{'SRVGRP_REMARK'} ne $fwhostsettings{'oldsrvgrpremark'} && $fwhostsettings{'updatesrvgrp'} eq 'on')
884 {
885 foreach my $key (keys %customservicegrp)
886 {
887 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvgrpremark'})
888 {
889 $customservicegrp{$key}[1]='';
890 $customservicegrp{$key}[1]=$fwhostsettings{'SRVGRP_REMARK'};
891 }
892 }
893 }
894 my $key = &General::findhasharraykey (\%customservicegrp);
895 foreach my $i (0 .. 2) { $customservice{$key}[$i] = "";}
896 $customservicegrp{$key}[0] = $fwhostsettings{'SRVGRP_NAME'};
897 $customservicegrp{$key}[1] = $fwhostsettings{'SRVGRP_REMARK'};
898 $customservicegrp{$key}[2] = $fwhostsettings{'CUST_SRV'};
899 &General::writehasharray("$configsrvgrp", \%customservicegrp );
900 $fwhostsettings{'updatesrvgrp'}='on';
901 }
902 &checkrulereload($fwhostsettings{'SRVGRP_NAME'});
903 &addservicegrp;
904 &viewtableservicegrp;
905 }
906 # edit
907 if ($fwhostsettings{'ACTION'} eq 'editnet')
908 {
909 &addnet;
910 &viewtablenet;
911 }
912 if ($fwhostsettings{'ACTION'} eq 'edithost')
913 {
914 &addhost;
915 &viewtablehost;
916 }
917 if ($fwhostsettings{'ACTION'} eq 'editgrp')
918 {
919 $fwhostsettings{'update'}='on';
920 &addgrp;
921 &viewtablegrp;
922 }
923 if ($fwhostsettings{'ACTION'} eq 'editlocationgrp')
924 {
925 $fwhostsettings{'update'}='on';
926 &addlocationgrp;
927 &viewtablelocationgrp;
928 }
929 if ($fwhostsettings{'ACTION'} eq 'editservice')
930 {
931 $fwhostsettings{'updatesrv'}='on';
932 &addservice;
933 }
934 if ($fwhostsettings{'ACTION'} eq 'editservicegrp')
935 {
936 $fwhostsettings{'updatesrvgrp'} = 'on';
937 &addservicegrp;
938 &viewtableservicegrp;
939 }
940 # reset
941 if ($fwhostsettings{'ACTION'} eq 'resetnet')
942 {
943 $fwhostsettings{'HOSTNAME'} ="";
944 $fwhostsettings{'IP'} ="";
945 $fwhostsettings{'SUBNET'} ="";
946 &showmenu;
947 }
948 if ($fwhostsettings{'ACTION'} eq 'resethost')
949 {
950 $fwhostsettings{'HOSTNAME'} ="";
951 $fwhostsettings{'IP'} ="";
952 $fwhostsettings{'type'} ="";
953 &showmenu;
954 }
955 if ($fwhostsettings{'ACTION'} eq 'resetgrp')
956 {
957 $fwhostsettings{'grp_name'} ="";
958 $fwhostsettings{'remark'} ="";
959 &showmenu;
960 }
961 if ($fwhostsettings{'ACTION'} eq 'resetlocationgrp')
962 {
963 $fwhostsettings{'grp_name'} ="";
964 $fwhostsettings{'remark'} ="";
965 &showmenu;
966 }
967 # delete
968 if ($fwhostsettings{'ACTION'} eq 'delnet')
969 {
970 &General::readhasharray("$confignet", \%customnetwork);
971 foreach my $key (keys %customnetwork) {
972 if($fwhostsettings{'key'} eq $customnetwork{$key}[0]){
973 delete $customnetwork{$key};
974 &General::writehasharray("$confignet", \%customnetwork);
975 last;
976 }
977 }
978 &addnet;
979 &viewtablenet;
980 }
981 if ($fwhostsettings{'ACTION'} eq 'delhost')
982 {
983 &General::readhasharray("$confighost", \%customhost);
984 foreach my $key (keys %customhost) {
985 if($fwhostsettings{'key'} eq $customhost{$key}[0]){
986 delete $customhost{$key};
987 &General::writehasharray("$confighost", \%customhost);
988 last;
989 }
990 }
991 &addhost;
992 &viewtablehost;
993 }
994 if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
995 {
996 my $grpremark;
997 my $grpname;
998 &General::readhasharray("$configgrp", \%customgrp);
999 foreach my $key (keys %customgrp){
1000 if($customgrp{$key}[0].",".$customgrp{$key}[1].",".$customgrp{$key}[2].",".$customgrp{$key}[3] eq $fwhostsettings{'delhost'}){
1001 $grpname=$customgrp{$key}[0];
1002 $grpremark=$customgrp{$key}[1];
1003 #check if we delete the last entry, then generate dummy
1004 if ($fwhostsettings{'last'} eq 'on'){
1005 $customgrp{$key}[1] = '';
1006 $customgrp{$key}[2] = 'none';
1007 $customgrp{$key}[3] = '';
1008 $fwhostsettings{'last'}='';
1009 last;
1010 }else{
1011 delete $customgrp{$key};
1012 }
1013 }
1014 }
1015 &General::writehasharray("$configgrp", \%customgrp);
1016 &General::firewall_config_changed();
1017 if ($fwhostsettings{'update'} eq 'on'){
1018 $fwhostsettings{'remark'}= $grpremark;
1019 $fwhostsettings{'grp_name'}=$grpname;
1020 }
1021 &addgrp;
1022 &viewtablegrp;
1023 }
1024 if ($fwhostsettings{'ACTION'} eq 'deletelocationgrpentry')
1025 {
1026 my $grpremark;
1027 my $grpname;
1028 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
1029 foreach my $key (keys %customlocationgrp){
1030 if($customlocationgrp{$key}[0].",".$customlocationgrp{$key}[1].",".$customlocationgrp{$key}[2].",".$customlocationgrp{$key}[3] eq $fwhostsettings{'delentry'}){
1031 $grpname=$customlocationgrp{$key}[0];
1032 $grpremark=$customlocationgrp{$key}[1];
1033 #check if we delete the last entry, then generate dummy
1034 if ($fwhostsettings{'last'} eq 'on'){
1035 $customlocationgrp{$key}[1] = '';
1036 $customlocationgrp{$key}[2] = 'none';
1037 $customlocationgrp{$key}[3] = '';
1038 $fwhostsettings{'last'}='';
1039 last;
1040 }else{
1041 delete $customlocationgrp{$key};
1042 }
1043 }
1044 }
1045 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
1046 &General::firewall_config_changed();
1047 if ($fwhostsettings{'update'} eq 'on'){
1048 $fwhostsettings{'remark'}= $grpremark;
1049 $fwhostsettings{'grp_name'}=$grpname;
1050 }
1051 &addlocationgrp;
1052 &viewtablelocationgrp;
1053 }
1054
1055 if ($fwhostsettings{'ACTION'} eq 'delgrp')
1056 {
1057 &General::readhasharray("$configgrp", \%customgrp);
1058 &decrease($fwhostsettings{'grp_name'});
1059 foreach my $key (sort keys %customgrp)
1060 {
1061 if($customgrp{$key}[0] eq $fwhostsettings{'grp_name'})
1062 {
1063 delete $customgrp{$key};
1064 }
1065 }
1066 &General::writehasharray("$configgrp", \%customgrp);
1067 $fwhostsettings{'grp_name'}='';
1068 &addgrp;
1069 &viewtablegrp;
1070 }
1071 if ($fwhostsettings{'ACTION'} eq 'dellocationgrp')
1072 {
1073 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
1074 &decrease($fwhostsettings{'grp_name'});
1075 foreach my $key (sort keys %customlocationgrp)
1076 {
1077 if($customlocationgrp{$key}[0] eq $fwhostsettings{'grp_name'})
1078 {
1079 delete $customlocationgrp{$key};
1080 }
1081 }
1082 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
1083 $fwhostsettings{'grp_name'}='';
1084 &addlocationgrp;
1085 &viewtablelocationgrp;
1086 }
1087 if ($fwhostsettings{'ACTION'} eq 'delservice')
1088 {
1089 &General::readhasharray("$configsrv", \%customservice);
1090 foreach my $key (keys %customservice) {
1091 if($customservice{$key}[0] eq $fwhostsettings{'SRV_NAME'}){
1092 delete $customservice{$key};
1093 &General::writehasharray("$configsrv", \%customservice);
1094 last;
1095 }
1096 }
1097 $fwhostsettings{'SRV_NAME'}='';
1098 $fwhostsettings{'SRV_PORT'}='';
1099 $fwhostsettings{'PROT'}='';
1100 &addservice;
1101 }
1102 if ($fwhostsettings{'ACTION'} eq 'delservicegrp')
1103 {
1104 &General::readhasharray("$configsrvgrp", \%customservicegrp);
1105 &decreaseservice($fwhostsettings{'SRVGRP_NAME'});
1106 foreach my $key (sort keys %customservicegrp)
1107 {
1108 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'})
1109 {
1110 delete $customservicegrp{$key};
1111 }
1112 }
1113 &General::writehasharray("$configsrvgrp", \%customservicegrp);
1114 $fwhostsettings{'SRVGRP_NAME'}='';
1115 &addservicegrp;
1116 &viewtableservicegrp;
1117 }
1118 if ($fwhostsettings{'ACTION'} eq 'delgrpservice')
1119 {
1120 my $grpname;
1121 my $grpremark;
1122 &General::readhasharray("$configsrvgrp", \%customservicegrp);
1123 foreach my $key (keys %customservicegrp){
1124 if($customservicegrp{$key}[0].",".$customservicegrp{$key}[1].",".$customservicegrp{$key}[2] eq $fwhostsettings{'delsrvfromgrp'})
1125 {
1126 $grpname=$customservicegrp{$key}[0];
1127 $grpremark=$customservicegrp{$key}[1];
1128 if($fwhostsettings{'last'} eq 'on'){
1129 $customservicegrp{$key}[2] = 'none';
1130 $fwhostsettings{'last'} = '';
1131 last;
1132 }else{
1133 delete $customservicegrp{$key};
1134 }
1135 }
1136 }
1137 &General::writehasharray("$configsrvgrp", \%customservicegrp);
1138 &General::firewall_config_changed();
1139 if ($fwhostsettings{'updatesrvgrp'} eq 'on'){
1140 $fwhostsettings{'SRVGRP_NAME'}=$grpname;
1141 $fwhostsettings{'SRVGRP_REMARK'}=$grpremark;
1142 }
1143 &addservicegrp;
1144 &viewtableservicegrp;
1145 }
1146 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newnet'})
1147 {
1148 &addnet;
1149 &viewtablenet;
1150 }
1151 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newhost'})
1152 {
1153 &addhost;
1154 &viewtablehost;
1155 }
1156 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newgrp'})
1157 {
1158 &addgrp;
1159 &viewtablegrp;
1160 }
1161 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newlocationgrp'})
1162 {
1163 &addlocationgrp;
1164 &viewtablelocationgrp;
1165 }
1166 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservice'})
1167 {
1168 &addservice;
1169 }
1170 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservicegrp'})
1171 {
1172 &addservicegrp;
1173 &viewtableservicegrp;
1174 }
1175 if ($fwhostsettings{'ACTION'} eq 'changegrpremark')
1176 {
1177 &General::readhasharray("$configgrp", \%customgrp);
1178 if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){
1179 foreach my $key (sort keys %customgrp)
1180 {
1181 if($customgrp{$key}[0] eq $fwhostsettings{'grp'} && $customgrp{$key}[1] eq $fwhostsettings{'oldrem'})
1182 {
1183 $customgrp{$key}[1]='';
1184 $customgrp{$key}[1]=$fwhostsettings{'newrem'};
1185 }
1186 }
1187 &General::writehasharray("$configgrp", \%customgrp);
1188 $fwhostsettings{'update'}='on';
1189 $fwhostsettings{'remark'}=$fwhostsettings{'newrem'};
1190 }else{
1191 $errormessage=$Lang::tr{'fwhost err remark'};
1192 $fwhostsettings{'remark'}=$fwhostsettings{'oldrem'};
1193 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1194 $fwhostsettings{'update'} = 'on';
1195 }
1196 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1197 &addgrp;
1198 &viewtablegrp;
1199 }
1200 if ($fwhostsettings{'ACTION'} eq 'changelocationgrpremark')
1201 {
1202 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
1203 if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){
1204 foreach my $key (sort keys %customlocationgrp)
1205 {
1206 if($customlocationgrp{$key}[0] eq $fwhostsettings{'grp'} && $customlocationgrp{$key}[1] eq $fwhostsettings{'oldrem'})
1207 {
1208 $customlocationgrp{$key}[1]='';
1209 $customlocationgrp{$key}[1]=$fwhostsettings{'newrem'};
1210 }
1211 }
1212 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
1213 $fwhostsettings{'update'}='on';
1214 $fwhostsettings{'remark'}=$fwhostsettings{'newrem'};
1215 }else{
1216 $errormessage=$Lang::tr{'fwhost err remark'};
1217 $fwhostsettings{'remark'}=$fwhostsettings{'oldrem'};
1218 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1219 $fwhostsettings{'update'} = 'on';
1220 }
1221 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1222 &addlocationgrp;
1223 &viewtablelocationgrp;
1224 }
1225 if ($fwhostsettings{'ACTION'} eq 'changesrvgrpremark')
1226 {
1227 &General::readhasharray("$configsrvgrp", \%customservicegrp );
1228 if ($fwhostsettings{'oldsrvrem'} ne $fwhostsettings{'newsrvrem'} && (&validremark($fwhostsettings{'newsrvrem'}) || $fwhostsettings{'newsrvrem'} eq '')){
1229 foreach my $key (sort keys %customservicegrp)
1230 {
1231 if($customservicegrp{$key}[0] eq $fwhostsettings{'srvgrp'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvrem'})
1232 {
1233 $customservicegrp{$key}[1]='';
1234 $customservicegrp{$key}[1]=$fwhostsettings{'newsrvrem'};
1235 }
1236 }
1237 &General::writehasharray("$configsrvgrp", \%customservicegrp);
1238 $fwhostsettings{'updatesrvgrp'}='on';
1239 $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'newsrvrem'};
1240 }elsif($fwhostsettings{'oldsrvrem'} eq $fwhostsettings{'newsrvrem'}){
1241 &addservicegrp;
1242 &viewtableservicegrp;
1243 }else{
1244 $errormessage=$Lang::tr{'fwhost err remark'};
1245 $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'oldsrvrem'};
1246 $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'};
1247 $fwhostsettings{'updatesrvgrp'} = 'on';
1248 }
1249 $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'};
1250 &addservicegrp;
1251 &viewtableservicegrp;
1252 }
1253 if ($fwhostsettings{'ACTION'} eq 'changesrvgrpname')
1254 {
1255 &General::readhasharray("$configsrvgrp", \%customservicegrp );
1256 if ($fwhostsettings{'oldsrvgrpname'} ne $fwhostsettings{'srvgrp'}){
1257 #Check new groupname
1258 if (!&validhostname($fwhostsettings{'srvgrp'})){
1259 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
1260 }
1261 if (!$errormessage){
1262 #Rename group in customservicegroup
1263 foreach my $key (keys %customservicegrp) {
1264 if($customservicegrp{$key}[0] eq $fwhostsettings{'oldsrvgrpname'}){
1265 $customservicegrp{$key}[0]=$fwhostsettings{'srvgrp'};
1266 }
1267 }
1268 &General::writehasharray("$configsrvgrp", \%customservicegrp );
1269 #change name in FW Rules
1270 &changenameinfw($fwhostsettings{'oldsrvgrpname'},$fwhostsettings{'srvgrp'},15);
1271 }
1272 }
1273 &addservicegrp;
1274 &viewtableservicegrp;
1275 }
1276 if ($fwhostsettings{'ACTION'} eq 'changegrpname')
1277 {
1278 &General::readhasharray("$configgrp", \%customgrp );
1279 if ($fwhostsettings{'oldgrpname'} ne $fwhostsettings{'grp'}){
1280 #Check new groupname
1281 if (!&validhostname($fwhostsettings{'grp'})){
1282 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
1283 }
1284 if (!$errormessage){
1285 #Rename group in customservicegroup
1286 foreach my $key (keys %customgrp) {
1287 if($customgrp{$key}[0] eq $fwhostsettings{'oldgrpname'}){
1288 $customgrp{$key}[0]=$fwhostsettings{'grp'};
1289 }
1290 }
1291 &General::writehasharray("$configgrp", \%customgrp );
1292 #change name in FW Rules
1293 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},4);
1294 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},6);
1295 }
1296 }
1297 &addgrp;
1298 &viewtablegrp;
1299 }
1300 if ($fwhostsettings{'ACTION'} eq 'changelocationgrpname')
1301 {
1302 &General::readhasharray("$configlocationgrp", \%customlocationgrp );
1303 if ($fwhostsettings{'oldgrpname'} ne $fwhostsettings{'grp'}){
1304 #Check new groupname
1305 if (!&validhostname($fwhostsettings{'grp'})){
1306 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
1307 }
1308 if (!$errormessage){
1309 # Rename group.
1310 foreach my $key (keys %customlocationgrp) {
1311 if($customlocationgrp{$key}[0] eq $fwhostsettings{'oldgrpname'}){
1312 $customlocationgrp{$key}[0]=$fwhostsettings{'grp'};
1313 }
1314 }
1315 &General::writehasharray("$configlocationgrp", \%customlocationgrp );
1316 #change name in FW Rules
1317 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},4,"location");
1318 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},6,"location");
1319 }
1320 }
1321 &addlocationgrp;
1322 &viewtablelocationgrp;
1323 }
1324 ### VIEW ###
1325 if($fwhostsettings{'ACTION'} eq '')
1326 {
1327 &showmenu;
1328 }
1329 ### FUNCTIONS ###
1330 sub showmenu {
1331 &Header::openbox('100%', 'left',);
1332 print "$Lang::tr{'fwhost welcome'}";
1333 print<<END;
1334 <br><br>
1335 <table border='0' width='100%'>
1336 <tr>
1337 <td>
1338 <form method='post'>
1339 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newnet'}'>
1340 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newhost'}'>
1341 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgrp'}'>
1342 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newlocationgrp'}'>
1343 </form>
1344 </td>
1345 <td align='right'>
1346 <form method='post'>
1347 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservice'}'>
1348 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservicegrp'}'>
1349 </form>
1350 </td>
1351 </tr>
1352 <tr>
1353 <td colspan='6'>
1354 </td>
1355 </tr>
1356 </table>
1357 END
1358 &Header::closebox();
1359
1360 }
1361 # Add
1362 sub addnet
1363 {
1364 &error;
1365 &showmenu;
1366 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addnet'});
1367 $fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};
1368 $fwhostsettings{'orgnetremark'}=$fwhostsettings{'NETREMARK'};
1369 print<<END;
1370 <table border='0' width='100%' >
1371 <tr><td width='15%'>$Lang::tr{'name'}:</td><td><form method='post'><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'} size='20'><script>document.getElementById('textbox1').focus()</script></td></tr>
1372 <tr><td>$Lang::tr{'fwhost netaddress'}:</td><td><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='15'></td></tr>
1373 <tr><td>$Lang::tr{'netmask'}:</td><td><input type='TEXT' name='SUBNET' value='$fwhostsettings{'SUBNET'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='15'></td></tr>
1374 <tr><td>$Lang::tr{'remark'}:</td><td><input type='TEXT' name='NETREMARK' value='$fwhostsettings{'NETREMARK'}' style='width: 98.5%;'></td></tr>
1375 <tr><td colspan='6'><br></td></tr><tr>
1376 END
1377 if ($fwhostsettings{'ACTION'} eq 'editnet' || $fwhostsettings{'error'} eq 'on')
1378 {
1379 print "<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='updatenet'><input type='hidden' name='orgnetremark' value='$fwhostsettings{'orgnetremark'}' ><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newnet' value='$fwhostsettings{'newnet'}'>";
1380 }else{
1381 print "<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'save'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='savenet'><input type='hidden' name='newnet' value='on'>";
1382 }
1383 print "</form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resetnet'></form></td></tr></table>";
1384 &Header::closebox();
1385 }
1386 sub addhost
1387 {
1388 &error;
1389 &showmenu;
1390 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addhost'});
1391 $fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};
1392 $fwhostsettings{'orgremark'}=$fwhostsettings{'HOSTREMARK'};
1393 print<<END;
1394 <table width='100%'>
1395 <tr><td>$Lang::tr{'name'}:</td><td><form method='post' style='display:inline;'><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'} size='20'><script>document.getElementById('textbox1').focus()</script></td></tr>
1396 <tr><td>IP/MAC:</td><td><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='17'></td></tr>
1397 <tr><td width='10%'>$Lang::tr{'remark'}:</td><td><input type='TEXT' name='HOSTREMARK' value='$fwhostsettings{'HOSTREMARK'}' style='width:98%;'></td></tr>
1398 <tr><td colspan='5'><br></td></tr><tr>
1399 END
1400
1401 if ($fwhostsettings{'ACTION'} eq 'edithost' || $fwhostsettings{'error'} eq 'on')
1402 {
1403
1404 print " <td colspan='4' align='right'><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'/><input type='hidden' name='ACTION' value='updatehost'><input type='hidden' name='orgremark' value='$fwhostsettings{'orgremark'}' ><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newhost' value='$fwhostsettings{'newhost'}'></form>";
1405 }else{
1406 print " <td colspan='4' align='right'><input type='submit' name='savehost' value='$Lang::tr{'save'}' style='min-width:100px;' /><input type='hidden' name='ACTION' value='savehost' /><input type='hidden' name='newhost' value='on'>";
1407 }
1408 print " </form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resethost'></form></td></tr></table>";
1409 &Header::closebox();
1410 }
1411 sub addgrp
1412 {
1413 &hint;
1414 &error;
1415 &showmenu;
1416 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addgrp'});
1417 &General::setup_default_networks(\%defaultNetworks);
1418 &General::readhasharray("$configccdnet", \%ccdnet);
1419 &General::readhasharray("$confignet", \%customnetwork);
1420 &General::readhasharray("$configccdhost", \%ccdhost);
1421 &General::readhasharray("$confighost", \%customhost);
1422 &General::readhasharray("$configipsec", \%ipsecconf);
1423
1424 my %checked=();
1425 my $show='';
1426 $checked{'check1'}{'off'} = '';
1427 $checked{'check1'}{'on'} = '';
1428 $checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED';
1429 $fwhostsettings{'oldremark'}=$fwhostsettings{'remark'};
1430 $fwhostsettings{'oldgrpname'}=$fwhostsettings{'grp_name'};
1431 my $grp=$fwhostsettings{'grp_name'};
1432 my $rem=$fwhostsettings{'remark'};
1433 if ($fwhostsettings{'update'} eq ''){
1434 print<<END;
1435 <table width='100%' border='0'>
1436 <tr>
1437 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1438 <td><form method='post'><input type='TEXT' name='grp_name' value='$fwhostsettings{'grp_name'}' size='30'></td>
1439 </tr>
1440 <tr>
1441 <td>$Lang::tr{'remark'}:</td>
1442 <td ><input type='TEXT' name='remark' value='$fwhostsettings{'remark'}' style='width: 99%;'></td>
1443 </tr>
1444 <tr>
1445 <td colspan='2'><br></td>
1446 </tr>
1447 </table>
1448 END
1449 }else{
1450 print<<END;
1451 <table width='100%' border='0'><form method='post'>
1452 <tr>
1453 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1454 <td style='width:30%;'><input type='TEXT' name='grp' value='$fwhostsettings{'grp_name'}' size='30'></td>
1455 <td><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldgrpname' value='$fwhostsettings{'oldgrpname'}'><input type='hidden' name='ACTION' value='changegrpname'></td>
1456 <td></td></form>
1457 </tr>
1458 <tr><form method='post' style='display:inline'>
1459 <td>$Lang::tr{'remark'}:</td>
1460 <td colspan='2' style='width:98%;'><input type='TEXT' name='newrem' value='$fwhostsettings{'remark'}' style='width:98%;'></td>
1461 <td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='grp' value='$fwhostsettings{'grp_name'}'><input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='ACTION' value='changegrpremark' ></td>
1462 </tr>
1463 </table></form>
1464 <br><br>
1465 END
1466 }
1467 if ($fwhostsettings{'update'} eq 'on'){
1468 print<<END;
1469 <form method='post'><input type='hidden' name='remark' value='$rem'><input type='hidden' name='grp_name' value='$grp'>
1470 <table width='100%' border='0'>
1471 <tr><td width=50% valign='top'>
1472 <table width='90%' border='0'>
1473 <tr>
1474 <td style='width:15em;'>
1475 <label>
1476 <input type='radio' name='grp2' value='std_net' id='DEFAULT_SRC_ADR' checked>
1477 $Lang::tr{'fwhost stdnet'}
1478 </label>
1479 </td>
1480 <td style='text-align:right;'>
1481 <select name='DEFAULT_SRC_ADR' style='width:16em;'>
1482 END
1483 foreach my $network (sort keys %defaultNetworks)
1484 {
1485 next if($defaultNetworks{$network}{'LOCATION'} eq "IPCOP");
1486 next if($defaultNetworks{$network}{'NAME'} eq "IPFire");
1487 print "<option value='$defaultNetworks{$network}{'NAME'}'";
1488 print " selected='selected'" if ($fwhostsettings{'DEFAULT_SRC_ADR'} eq $defaultNetworks{$network}{'NAME'});
1489 my $defnet="$defaultNetworks{$network}{'NAME'}_NETADDRESS";
1490 my $defsub="$defaultNetworks{$network}{'NAME'}_NETMASK";
1491 my $defsub1=&General::subtocidr($ownnet{$defsub});
1492 $ownnet{$defnet}='' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
1493 if ($ownnet{$defnet}){
1494 print ">$network ($ownnet{$defnet}/$defsub1)</option>";
1495 }else{
1496 print ">$network</option>";
1497 }
1498 }
1499 print"</select></td></tr>";
1500 if (! -z $confignet){
1501 print<<END;
1502 <tr>
1503 <td>
1504 <label>
1505 <input type='radio' name='grp2' id='CUST_SRC_NET' value='cust_net' $checked{'grp2'}{'cust_net'}>
1506 $Lang::tr{'fwhost cust net'}:
1507 </label>
1508 </td>
1509 <td style='text-align:right;'>
1510 <select name='CUST_SRC_NET' style='width:16em;'>";
1511 END
1512 foreach my $key (sort { ncmp($customnetwork{$a}[0],$customnetwork{$b}[0]) } keys %customnetwork) {
1513 print"<option>$customnetwork{$key}[0]</option>";
1514 }
1515 print"</select></td></tr>";
1516 }
1517 if (! -z $confighost){
1518 print<<END;
1519 <tr>
1520 <td valign='top'>
1521 <label>
1522 <input type='radio' name='grp2' id='CUST_SRC_HOST' value='cust_host' $checked{'grp2'}{'cust_host'}>
1523 $Lang::tr{'fwhost cust addr'}:
1524 </label>
1525 </td>
1526 <td style='text-align:right;'>
1527 <select name='CUST_SRC_HOST' style='width:16em;'>";
1528 END
1529 foreach my $key (sort { ncmp($customhost{$a}[0],$customhost{$b}[0]) } keys %customhost) {
1530 print"<option>$customhost{$key}[0]</option>";
1531 }
1532 print"</select></td></tr>";
1533 }
1534 print"</table>";
1535 #Inner table right
1536 print"</td><td align='right' style='vertical-align:top;'><table width='90%' border='0'>";
1537 # WireGuard Peers
1538 if (%Wireguard::peers) {
1539 print <<EOF;
1540 <tr>
1541 <td style='width:15em;'>
1542 <label>
1543 <input type='radio' name='grp2' value='wg_peer' $checked{'grp2'}{'wg_peer'}>
1544 $Lang::tr{'fwhost wg peers'}
1545 </label>
1546 </td>
1547 <td style='text-align:right;'>
1548 <select name='WG_PEER' style='width:16em;'>"
1549 EOF
1550
1551 foreach my $key (sort { $Wireguard::peers{$a}[2] cmp $Wireguard::peers{$b}[2] } keys %Wireguard::peers) {
1552 my $peer = &Wireguard::load_peer($key);
1553
1554 print <<EOF;
1555 <option value="$peer->{"NAME"}">$peer->{"NAME"}</option>
1556 EOF
1557 }
1558
1559 print <<EOF;
1560 </select>
1561 </td>
1562 </tr>
1563 EOF
1564 }
1565 #OVPN networks
1566 if (! -z $configccdnet){
1567 print<<END;
1568 <td style='width:15em;'>
1569 <label>
1570 <input type='radio' name='grp2' id='OVPN_CCD_NET' value='ovpn_net' $checked{'grp2'}{'ovpn_net'}>
1571 $Lang::tr{'fwhost ccdnet'}
1572 </label>
1573 </td>
1574 <td style='text-align:right;'>
1575 <select name='OVPN_CCD_NET' style='width:16em;'>";
1576 END
1577 foreach my $key (sort { ncmp($ccdnet{$a}[0],$ccdnet{$b}[0]) } keys %ccdnet)
1578 {
1579 print"<option value='$ccdnet{$key}[0]'>$ccdnet{$key}[0]</option>";
1580 }
1581 print"</select></td></tr>";
1582 }
1583 #OVPN clients
1584 my @ovpn_clients=();
1585 foreach my $key (sort { ncmp($ccdhost{$a}[0],$ccdhost{$b}[0]) } keys %ccdhost)
1586 {
1587 if ($ccdhost{$key}[33] ne ''){
1588 $show='1';
1589 push (@ovpn_clients,$ccdhost{$key}[1]);
1590 }
1591 }
1592 if ($show eq '1'){
1593 $show='';
1594 print<<END;
1595 <td style='width:15em;'>
1596 <label>
1597 <input type='radio' name='grp2' value='ovpn_host' $checked{'grp2'}{'ovpn_host'}>
1598 $Lang::tr{'fwhost ccdhost'}
1599 </label>
1600 </td>
1601 <td style='text-align:right;'>
1602 <select name='OVPN_CCD_HOST' style='width:16em;'>" if ($show eq '');
1603 END
1604 foreach(@ovpn_clients){
1605 print"<option value='$_'>$_</option>";
1606 }
1607 print"</select></td></tr>";
1608 }
1609 #OVPN n2n networks
1610 my @OVPN_N2N=();
1611 foreach my $key (sort { ncmp($ccdhost{$a}[1],$ccdhost{$b}[1]) } keys %ccdhost) {
1612 if($ccdhost{$key}[3] eq 'net'){
1613 $show='1';
1614 push (@OVPN_N2N,$ccdhost{$key}[1]);
1615 }
1616 }
1617 if ($show eq '1'){
1618 $show='';
1619 print<<END;
1620 <td style='width:15em;'>
1621 <label>
1622 <input type='radio' name='grp2' id='OVPN_N2N' value='ovpn_n2n' $checked{'grp2'}{'ovpn_n2n'}>
1623 $Lang::tr{'fwhost ovpn_n2n'}:
1624 </label>
1625 </td>
1626 <td style='text-align:right;'>
1627 <select name='OVPN_N2N' style='width:16em;'>"
1628 END
1629 foreach(@OVPN_N2N){
1630 print"<option>$_</option>";
1631 }
1632 print"</select></td></tr>";
1633 }
1634 #IPsec networks
1635
1636 foreach my $key (sort { ncmp($ipsecconf{$a}[0],$ipsecconf{$b}[0]) } keys %ipsecconf) {
1637 if ($ipsecconf{$key}[3] eq 'net' || ($optionsfw{'SHOWDROPDOWN'} eq 'on' && $ipsecconf{$key}[3] ne 'host')){
1638 print "<td style='width:15em;'><label><input type='radio' name='grp2' id='IPSEC_NET' value='ipsec_net' $checked{'grp2'}{'ipsec_net'}>$Lang::tr{'fwhost ipsec net'}</label></td><td style='text-align:right;'><select name='IPSEC_NET' style='width:16em;'>" if $show eq '';
1639 $show=1;
1640 #Check if we have more than one REMOTE subnet in config
1641 my @arr1 = split /\|/, $ipsecconf{$key}[11];
1642 my $cnt1 += @arr1;
1643
1644 print"<option value=$ipsecconf{$key}[1]>";
1645 print"$ipsecconf{$key}[1]";
1646 print" ($Lang::tr{'fwdfw all subnets'})" if $cnt1 > 1; #If this Conenction has more than one subnet, print one option for all subnets
1647 print"</option>";
1648
1649 if ($cnt1 > 1){
1650 foreach my $val (@arr1){
1651 #normalize subnet to cidr notation
1652 my ($val1,$val2) = split /\//, $val;
1653 my $val3 = &General::iporsubtocidr($val2);
1654 print "<option ";
1655 print "value='$ipsecconf{$key}[1]|$val1/$val3'";
1656 print ">$ipsecconf{$key}[1] ($val1/$val3)</option>";
1657 }
1658 }
1659 }
1660 }
1661 print"</select></td></tr>";
1662 print"</table>";
1663 print"</td></tr></table>";
1664 print"<br><br>";
1665 }
1666 print"<table width='100%'>";
1667 print"<tr><td style='text-align:right;'><input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' /><input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='update' value=\"$fwhostsettings{'update'}\"><input type='hidden' name='ACTION' value='savegrp' ></form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='resetgrp'></form></td></table>";
1668 &Header::closebox();
1669 }
1670 sub addlocationgrp
1671 {
1672 &hint;
1673 &error;
1674 &showmenu;
1675 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addlocationgrp'});
1676
1677 my %checked=();
1678 my $show='';
1679 $checked{'check1'}{'off'} = '';
1680 $checked{'check1'}{'on'} = '';
1681 $checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED';
1682 $fwhostsettings{'oldremark'}=$fwhostsettings{'remark'};
1683 $fwhostsettings{'oldgrpname'}=$fwhostsettings{'grp_name'};
1684 my $grp=$fwhostsettings{'grp_name'};
1685 my $rem=$fwhostsettings{'remark'};
1686 if ($fwhostsettings{'update'} eq ''){
1687 print<<END;
1688 <table width='100%' border='0'>
1689 <tr>
1690 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1691 <td><form method='post'><input type='TEXT' name='grp_name' value='$fwhostsettings{'grp_name'}' size='30'></td>
1692 </tr>
1693 <tr>
1694 <td>$Lang::tr{'remark'}:</td>
1695 <td ><input type='TEXT' name='remark' value='$fwhostsettings{'remark'}' style='width: 99%;'></td>
1696 </tr>
1697 <tr>
1698 <td colspan='2'><br></td>
1699 </tr>
1700 </table>
1701 END
1702 } else {
1703 print<<END;
1704 <table width='100%' border='0'>
1705 <form method='post'><tr>
1706 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1707 <td style='width:30%;'><input type='TEXT' name='grp' value='$fwhostsettings{'grp_name'}' size='30'></td>
1708 <td>
1709 <input type='submit' value='$Lang::tr{'fwhost change'}'>
1710 <input type='hidden' name='oldgrpname' value='$fwhostsettings{'oldgrpname'}'>
1711 <input type='hidden' name='ACTION' value='changelocationgrpname'>
1712 </td>
1713 <td></td>
1714 </tr></form>
1715 <tr><form method='post' style='display:inline'>
1716 <td>$Lang::tr{'remark'}:</td>
1717 <td colspan='2' style='width:98%;'>
1718 <input type='TEXT' name='newrem' value='$fwhostsettings{'remark'}' style='width:98%;'>
1719 </td>
1720 <td align='right'>
1721 <input type='submit' value='$Lang::tr{'fwhost change'}'>
1722 <input type='hidden' name='grp' value='$fwhostsettings{'grp_name'}'>
1723 <input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'>
1724 <input type='hidden' name='ACTION' value='changelocationgrpremark'>
1725 </td>
1726 </tr></form>
1727 </table>
1728 <br><br>
1729 END
1730 }
1731 if ($fwhostsettings{'update'} eq 'on') {
1732 my @location_locations = &fwlib::get_locations();
1733
1734 print<<END;
1735 <form method='post'>
1736 <input type='hidden' name='remark' value='$rem'>
1737 <input type='hidden' name='grp_name' value='$grp'>
1738
1739 <table width='100%' border='0'>
1740 <tr>
1741 <td style='text-align:left;'>
1742 <select name='COUNTRY_CODE' style='width:16em;'>";
1743 END
1744 foreach my $location (@location_locations) {
1745 # Get full country name.
1746 my $fullname = &Location::Functions::get_full_country_name($location);
1747
1748 print"<option value='$location'>$location - $fullname</option>\n";
1749 }
1750 print <<END;
1751 </select>
1752 </td>
1753 </tr>
1754 </table>
1755 <br><br>
1756 END
1757 }
1758 print <<END;
1759 <table width='100%'>
1760 <tr><td style='text-align:right;'>
1761 <input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' />
1762 <input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'>
1763 <input type='hidden' name='update' value=\"$fwhostsettings{'update'}\">
1764 <input type='hidden' name='ACTION' value='savelocationgrp' >
1765 </form>
1766
1767 <form method='post' style='display:inline'>
1768
1769 <input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'>
1770 <input type='hidden' name='ACTION' value='resetlocationgrp'>
1771
1772 </form>
1773 </td></tr></table>
1774 END
1775 &Header::closebox();
1776 }
1777 sub addservice
1778 {
1779 &error;
1780 &showmenu;
1781 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addservice'});
1782 if ($fwhostsettings{'updatesrv'} eq 'on')
1783 {
1784 $fwhostsettings{'oldsrvname'} = $fwhostsettings{'SRV_NAME'};
1785 $fwhostsettings{'oldsrvport'} = $fwhostsettings{'SRV_PORT'};
1786 $fwhostsettings{'oldsrvprot'} = &Header::escape($fwhostsettings{'PROT'});
1787 $fwhostsettings{'oldsrvicmp'} = $fwhostsettings{'ICMP'};
1788 }
1789 print<<END;
1790 <table width='100%' border='0'><form method='post'>
1791 <tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost srv_name'}:</td><td><input type='text' name='SRV_NAME' id='textbox1' value='$fwhostsettings{'SRV_NAME'}' size='24'><script>document.getElementById('textbox1').focus()</script></td></tr>
1792 <tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost prot'}:</td><td><select name='PROT' id='protocol' >
1793 END
1794 foreach ("TCP","UDP","ICMP")
1795 {
1796 if ($_ eq $fwhostsettings{'PROT'})
1797 {
1798 print"<option selected>$_</option>";
1799 }else{
1800 print"<option>$_</option>";
1801 }
1802 }
1803 print<<END;
1804 </select></td></tr></table>
1805 <div id='PROTOKOLL' class='noscript'><table width=100%' border='0'><tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost icmptype'}</td><td><select name='ICMP_TYPES'>
1806 END
1807 &General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
1808 print"<option value='All ICMP-Types'>$Lang::tr{'fwdfw all icmp'}</option>";
1809 foreach my $key (sort { ncmp($icmptypes{$a}[0],$icmptypes{$b}[0]) }keys %icmptypes){
1810 if ($icmptypes{$key}[0] eq $fwhostsettings{'oldsrvicmp'}){
1811 print"<option selected>$icmptypes{$key}[0] ($icmptypes{$key}[1])</option>";
1812 }else{
1813 print"<option>$icmptypes{$key}[0] ($icmptypes{$key}[1])</option>";
1814 }
1815 }
1816 print<<END;
1817 </select></td></tr></table></div>
1818 <div id='PORT' class='noscript'><table width='100%' border='0'><tr><td width='10%'>$Lang::tr{'fwhost port'}:</td><td><input type='text' name='SRV_PORT' value='$fwhostsettings{'SRV_PORT'}' maxlength='11' size='24'></td></tr></table></div>
1819 <table width='100%' border='0'><tr><td colspan='6'><br></td></tr>
1820 <tr><td colspan='6' align='right'>
1821 END
1822 if ($fwhostsettings{'updatesrv'} eq 'on')
1823 {
1824 print<<END;
1825 <input type='submit' value='$Lang::tr{'update'}'style='min-width:100px;' >
1826 <input type='hidden' name='ACTION' value='updateservice'>
1827 <input type='hidden' name='oldsrvname' value='$fwhostsettings{'oldsrvname'}'>
1828 <input type='hidden' name='oldsrvport' value='$fwhostsettings{'oldsrvport'}'>
1829 <input type='hidden' name='oldsrvprot' value='$fwhostsettings{'oldsrvprot'}'>
1830 <input type='hidden' name='oldsrvicmp' value='$fwhostsettings{'oldsrvicmp'}'>
1831 </form>
1832 END
1833 }else{
1834 print"<input type='submit' value='$Lang::tr{'save'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='saveservice'></form>";
1835 }
1836 print<<END;
1837 <form style='display:inline;' method='post'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'></form></td></tr>
1838 </table></form>
1839 END
1840 &Header::closebox();
1841 &viewtableservice;
1842 }
1843 sub addservicegrp
1844 {
1845 &hint;
1846 &error;
1847 &showmenu;
1848 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addservicegrp'});
1849 $fwhostsettings{'oldsrvgrpremark'}=$fwhostsettings{'SRVGRP_REMARK'};
1850 $fwhostsettings{'oldsrvgrpname'}=$fwhostsettings{'SRVGRP_NAME'};
1851 if ($fwhostsettings{'updatesrvgrp'} eq ''){
1852 print<<END;
1853 <table width='100%' border='0'><form method='post'>
1854 <tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td><input type='text' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}' size='24'></td></tr>
1855 <tr><td width='10%'>$Lang::tr{'remark'}:</td><td><input type='text' name='SRVGRP_REMARK' value='$fwhostsettings{'SRVGRP_REMARK'}' style='width: 98%;'></td></tr>
1856 <tr><td colspan='2'><br></tr>
1857 </table>
1858 END
1859 }else{
1860 print<<END;
1861 <table width='100%'><form method='post' style='display:inline'>
1862 <tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td width='20%'><input type='text' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}' size='14'></td><td align='left'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvgrpname' value='$fwhostsettings{'oldsrvgrpname'}'><input type='hidden' name='ACTION' value='changesrvgrpname'></td><td width='3%'></td></form></tr>
1863 <tr>
1864 <form method='post'>
1865 <td width='10%'>
1866 $Lang::tr{'remark'}:
1867 </td>
1868 <td colspan='2'>
1869 <input type='text' name='newsrvrem' value='$fwhostsettings{'SRVGRP_REMARK'}' style='width:98%;'>
1870 </td>
1871 <td align='right'>
1872 <input type='submit' value='$Lang::tr{'fwhost change'}'>
1873 <input type='hidden' name='oldsrvrem' value='$fwhostsettings{'oldsrvgrpremark'}'>
1874 <input type='hidden' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}'>
1875 <input type='hidden' name='ACTION' value='changesrvgrpremark' >
1876 </td>
1877 </tr>
1878 <tr>
1879 <td colspan='4'>
1880 <br>
1881 </td>
1882 </tr>
1883 </table>
1884 </form>
1885 END
1886 }
1887 if($fwhostsettings{'updatesrvgrp'} eq 'on'){
1888 print<<END;
1889 <form method='post'><input type='hidden' name='SRVGRP_REMARK' value='$fwhostsettings{'SRVGRP_REMARK'}'><input type='hidden' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}'><table border='0' width='100%'>
1890 <tr><td width='10%' nowrap='nowrap'>$Lang::tr{'add'}: </td><td><select name='CUST_SRV' style='min-width:185px;'>
1891 END
1892 &General::readhasharray("$configsrv", \%customservice);
1893 #Protocols for use in servicegroups
1894 print "<optgroup label='$Lang::tr{'fwhost cust service'}'>";
1895 foreach my $key (sort { ncmp($customservice{$a}[0],$customservice{$b}[0]) } keys %customservice)
1896 {
1897 print "<option>$customservice{$key}[0]</option>";
1898 }
1899 print "</optgroup>";
1900 print "<optgroup label='$Lang::tr{'protocol'}'>";
1901 print "<option>GRE</option>";
1902 print "<option>AH</option>";
1903 print "<option>ESP</option>";
1904 print "<option>IGMP</option>";
1905 print "<option>IPIP</option>";
1906 print "<option value='IPV6'>IPv6 encap</option>";
1907 print "</optgroup>";
1908 print<<END;
1909 </select></td></tr>
1910 <tr><td colspan='4'><br><br></td></tr>
1911 <tr><td colspan='4'></td></tr>
1912 </table>
1913 END
1914 }
1915 print<<END;
1916 <table width='100%'>
1917 <tr><td align='right'><input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' /><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'><input type='hidden' name='oldsrvgrpremark' value='$fwhostsettings{'oldsrvgrpremark'}'><input type='hidden' name='ACTION' value='saveservicegrp' ></form><form style='display:inline;' method='post'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'></td></tr>
1918 </table></form>
1919 END
1920 &Header::closebox();
1921 }
1922 # View
1923 sub viewtablenet
1924 {
1925 if(! -z $confignet){
1926 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust net'});
1927 &General::readhasharray("$confignet", \%customnetwork);
1928 &General::readhasharray("$configgrp", \%customgrp);
1929 &General::readhasharray("$fwconfigfwd", \%fwfwd);
1930 &General::readhasharray("$fwconfiginp", \%fwinp);
1931 &General::readhasharray("$fwconfigout", \%fwout);
1932
1933 if (!keys %customnetwork)
1934 {
1935 print "<center><b>$Lang::tr{'fwhost empty'}</b>";
1936 }else{
1937 print<<END;
1938 <table width='100%' cellspacing='0' class='tbl'>
1939 <tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost netaddress'}</b></th><th align='center'><b>$Lang::tr{'remark'}</b></th><th align='center'><b>$Lang::tr{'used'}</b></th><th></th><th width='3%'></th></tr>
1940 END
1941 }
1942 my $count=0;
1943 my $col='';
1944 foreach my $key (sort {ncmp($a,$b)} keys %customnetwork) {
1945 if ($fwhostsettings{'ACTION'} eq 'editnet' && $fwhostsettings{'HOSTNAME'} eq $customnetwork{$key}[0]) {
1946 print" <tr>";
1947 $col="bgcolor='${Header::colouryellow}'";
1948 }elsif ($count % 2)
1949 {
1950 $col="bgcolor='$color{'color20'}'";
1951 print" <tr>";
1952 }else
1953 {
1954 $col="bgcolor='$color{'color22'}'";
1955 print" <tr>";
1956 }
1957 my $colnet="$customnetwork{$key}[1]/".&General::subtocidr($customnetwork{$key}[2]);
1958 my $netcount=&getnetcount($customnetwork{$key}[0]);
1959 my $netusedin=&getusedin($customnetwork{$key}[0]);
1960 print"<td width='20%' $col><form method='post'>$customnetwork{$key}[0]</td><td width='15%' align='center' $col>".&getcolor($colnet)."</td><td width='40%' $col>$customnetwork{$key}[3]</td><td align='center' $col><span title='$netusedin'>$netcount x</span></td>";
1961 print<<END;
1962 <td width='1%' $col><input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
1963 <input type='hidden' name='ACTION' value='editnet'>
1964 <input type='hidden' name='HOSTNAME' value='$customnetwork{$key}[0]' />
1965 <input type='hidden' name='IP' value='$customnetwork{$key}[1]' />
1966 <input type='hidden' name='SUBNET' value='$customnetwork{$key}[2]' />
1967 <input type='hidden' name='NETREMARK' value='$customnetwork{$key}[3]' />
1968 </td></form>
1969 END
1970 if($netcount == '0')
1971 {
1972 print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' /><input type='hidden' name='ACTION' value='delnet' /><input type='hidden' name='key' value='$customnetwork{$key}[0]' /></td></form></tr>";
1973 }else{
1974 print"<td $col></td></tr>";
1975 }
1976 $count++;
1977 }
1978 print"</table>";
1979 &Header::closebox();
1980 }
1981
1982 }
1983 sub getcolor
1984 {
1985 my $c=shift;
1986 my $sip;
1987 my $scidr;
1988 my $tdcolor='';
1989 #Check if MAC
1990 if (&General::validmac($c)){ return $c;}
1991
1992 #Check if we got a full IP with subnet then split it
1993 if($c =~ /^(.*?)\/(.*?)$/){
1994 ($sip,$scidr) = split ("/",$c);
1995 }else{
1996 $sip=$c;
1997 }
1998
1999 #Now check if IP is part of ORANGE,BLUE or GREEN
2000 if ( &Header::orange_used() && &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){
2001 $tdcolor="<font style='color: $Header::colourorange;'>$c</font>";
2002 return $tdcolor;
2003 }
2004 if ( &General::IpInSubnet($sip,$netsettings{'GREEN_ADDRESS'},$netsettings{'GREEN_NETMASK'})){
2005 $tdcolor="<font style='color: $Header::colourgreen;'>$c</font>";
2006 return $tdcolor;
2007 }
2008 if ( &Header::blue_used() && &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){
2009 $tdcolor="<font style='color: $Header::colourblue;'>$c</font>";
2010 return $tdcolor;
2011 }
2012 if ("$sip/$scidr" eq "0.0.0.0/0"){
2013 $tdcolor="<font style='color: $Header::colourred;'>$c</font>";
2014 return $tdcolor;
2015 }
2016
2017 # WireGuard Roadwarrior
2018 if ($Wireguard::settings{'CLIENT_POOL'}) {
2019 if (&Network::ip_address_in_network($sip, $Wireguard::settings{'CLIENT_POOL'})) {
2020 return "<font style='color: $Header::colourwg;'>$c</font>"
2021 }
2022 }
2023
2024 #Check if IP is part of OpenVPN N2N subnet
2025 foreach my $key (sort keys %ccdhost){
2026 if ($ccdhost{$key}[3] eq 'net'){
2027 my ($a,$b) = split("/",$ccdhost{$key}[11]);
2028 if (&General::IpInSubnet($sip,$a,$b)){
2029 $tdcolor="<font style='color:$Header::colourovpn ;'>$c</font>";
2030 return $tdcolor;
2031 }
2032 }
2033 }
2034
2035 #Check if IP is part of OpenVPN dynamic subnet
2036 my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'});
2037 if (&General::IpInSubnet($sip,$a,$b)){
2038 $tdcolor="<font style='color: $Header::colourovpn;'>$c</font>";
2039 return $tdcolor;
2040 }
2041
2042 #Check if IP is part of OpenVPN static subnet
2043 foreach my $key (sort keys %ccdnet){
2044 my ($a,$b) = split("/",$ccdnet{$key}[1]);
2045 $b =&General::iporsubtodec($b);
2046 if (&General::IpInSubnet($sip,$a,$b)){
2047 $tdcolor="<font style='color: $Header::colourovpn;'>$c</font>";
2048 return $tdcolor;
2049 }
2050 }
2051
2052 #Check if IP is part of IPsec RW network
2053 if ($ipsecsettings{'RW_NET'} ne ''){
2054 my ($a,$b) = split("/",$ipsecsettings{'RW_NET'});
2055 $b=&General::iporsubtodec($b);
2056 if (&General::IpInSubnet($sip,$a,$b)){
2057 $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
2058 return $tdcolor;
2059 }
2060 }
2061
2062 #Check if IP is part of a IPsec N2N network
2063 foreach my $key (sort keys %ipsecconf){
2064 if ($ipsecconf{$key}[11]){
2065 foreach my $ipsecsubitem (split(/\|/, $ipsecconf{$key}[11])) {
2066 my ($a,$b) = split("/",$ipsecsubitem);
2067 $b=&General::iporsubtodec($b);
2068 if (&General::IpInSubnet($sip,$a,$b)){
2069 $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
2070 return $tdcolor;
2071 }
2072 }
2073 }
2074 }
2075 return "$c";
2076 }
2077 sub viewtablehost
2078 {
2079 if (! -z $confighost){
2080 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust addr'});
2081 &General::readhasharray("$confighost", \%customhost);
2082 &General::readhasharray("$configccdnet", \%ccdnet);
2083 &General::readhasharray("$configccdhost", \%ccdhost);
2084 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2085 &General::readhasharray("$fwconfiginp", \%fwinp);
2086 &General::readhasharray("$fwconfigout", \%fwout);
2087 &General::readhasharray("$configgrp", \%customgrp);
2088 if (!keys %customhost)
2089 {
2090 print "<center><b>$Lang::tr{'fwhost empty'}</b>";
2091 }else{
2092 print<<END;
2093 <table width='100%' cellspacing='0' class='tbl'>
2094 <tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost ip_mac'}</b></th><th align='center'><b>$Lang::tr{'remark'}</b></th><th align='center'><b>$Lang::tr{'used'}</b></th><th></th><th width='3%'></th></tr>
2095 END
2096 }
2097 my $count=0;
2098 my $col='';
2099 foreach my $key (sort { ncmp ($customhost{$a}[0],$customhost{$b}[0])} keys %customhost) {
2100 if ( ($fwhostsettings{'ACTION'} eq 'edithost' || $fwhostsettings{'error'}) && $fwhostsettings{'HOSTNAME'} eq $customhost{$key}[0]) {
2101 print" <tr>";
2102 $col="bgcolor='${Header::colouryellow}'";
2103 }elsif ($count % 2){
2104 print" <tr>";
2105 $col="bgcolor='$color{'color20'}'";
2106 }else{
2107 $col="bgcolor='$color{'color22'}'";
2108 print" <tr>";
2109 }
2110 my ($ip,$sub)=split(/\//,$customhost{$key}[2]);
2111 $customhost{$key}[4]=~s/\s+//g;
2112 my $hostcount=0;
2113 $hostcount=&gethostcount($customhost{$key}[0]);
2114 my $hostusedin=&getusedin($customhost{$key}[0]);
2115 my $color = &getcolor($ip);
2116 print <<END;
2117 <td width='20%' $col>$customhost{$key}[0]</td><td width='20%' align='center' $col >$color</td><td width='50%' align='left' $col>$customhost{$key}[3]</td><td align='center' $col><span title="$hostusedin">$hostcount x</span></td>
2118 <td width='1%' $col><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
2119 <input type='hidden' name='ACTION' value='edithost' />
2120 <input type='hidden' name='HOSTNAME' value='$customhost{$key}[0]' />
2121 <input type='hidden' name='IP' value='$ip' />
2122 <input type='hidden' name='type' value='$customhost{$key}[1]' />
2123 <input type='hidden' name='HOSTREMARK' value='$customhost{$key}[3]' />
2124 </form></td>
2125 END
2126 if($hostcount == '0')
2127 {
2128 print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' /><input type='hidden' name='ACTION' value='delhost' /><input type='hidden' name='key' value='$customhost{$key}[0]' /></td></form></tr>";
2129 }else{
2130 print"<td width='1%' $col></td></tr>";
2131 }
2132 $count++;
2133 }
2134 print"</table>";
2135 &Header::closebox();
2136 }
2137 }
2138 sub viewtablegrp
2139 {
2140 if(! -z "$configgrp"){
2141 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust grp'});
2142 &General::readhasharray("$configgrp", \%customgrp);
2143 &General::readhasharray("$configipsec", \%ipsecconf);
2144 &General::readhasharray("$configccdhost", \%ccdhost);
2145 &General::readhasharray("$configccdnet", \%ccdnet);
2146 &General::readhasharray("$confighost", \%customhost);
2147 &General::readhasharray("$confignet", \%customnetwork);
2148 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2149 &General::readhasharray("$fwconfiginp", \%fwinp);
2150 &General::readhasharray("$fwconfigout", \%fwout);
2151 my @grp=();
2152 my $helper='';
2153 my $count=1;
2154 my $grpname;
2155 my $remark;
2156 my $number;
2157 my $delflag;
2158 my @counter;
2159 my %hash;
2160 if (!keys %customgrp)
2161 {
2162 print "<center><b>$Lang::tr{'fwhost err emptytable'}</b>";
2163 }else{
2164 #get all groups in a hash
2165 foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
2166 push (@counter,$customgrp{$key}[0]);
2167 }
2168 foreach my $key1 (@counter) {
2169 $hash{$key1}++ ;
2170 }
2171 foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
2172 $count++;
2173 if ($helper ne $customgrp{$key}[0]){
2174 $delflag='0';
2175 foreach my $key1 (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
2176 if ($customgrp{$key}[0] eq $customgrp{$key1}[0])
2177 {
2178 $delflag++;
2179 }
2180 if($delflag > 1){
2181 last;
2182 }
2183 }
2184 $number=1;
2185 if ($customgrp{$key}[2] eq "none"){$customgrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};}
2186 $grpname=$customgrp{$key}[0];
2187 $remark="$customgrp{$key}[1]";
2188 if($count gt 1){ print"</table>";$count=1;}
2189 print "<br><b><u>$grpname</u></b>&nbsp; &nbsp;";
2190 print " <b>$Lang::tr{'remark'}:</b>&nbsp $remark &nbsp " if ($remark ne '');
2191 my $netgrpcount=&getnetcount($grpname);
2192 my $groupusedin=&getusedin($grpname);
2193 print "<b>$Lang::tr{'used'}:</b> <span title='$groupusedin'>$netgrpcount x</span>";
2194 if($netgrpcount == '0')
2195 {
2196 print"<form method='post' style='display:inline'><input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='ACTION' value='delgrp'></form>";
2197 }
2198 print"<form method='post' style='display:inline'><input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='remark' value='$remark' ><input type='hidden' name='ACTION' value='editgrp'></form>";
2199 print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost ip_mac'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost type'}</th><th></th></tr>";
2200 }
2201 my $col='';
2202 if ( ($fwhostsettings{'ACTION'} eq 'editgrp' || $fwhostsettings{'update'} ne '') && $fwhostsettings{'grp_name'} eq $customgrp{$key}[0]) {
2203 print" <tr>";
2204 $col="bgcolor='${Header::colouryellow}'";
2205 }elsif ($count %2 == 0){
2206 print"<tr>";
2207 $col="bgcolor='$color{'color20'}'";
2208 }else{
2209 print"<tr>";
2210 $col="bgcolor='$color{'color22'}'";
2211 }
2212 my $ip=&getipforgroup($customgrp{$key}[2],$customgrp{$key}[3]);
2213 if ($ip eq ''){
2214 print"<tr>";
2215 $col="bgcolor='${Header::colouryellow}'";
2216 }
2217 print "<td width='39%' align='left' $col>";
2218 if($customgrp{$key}[3] eq 'Standard Network'){
2219 print &get_name($customgrp{$key}[2])."</td>";
2220 }elsif($customgrp{$key}[3] eq "IpSec Network" && $customgrp{$key}[2] =~ /\|/){
2221 my ($a,$b) = split /\|/, $customgrp{$key}[2];
2222 print "$a</td>";
2223 }else{
2224 print "$customgrp{$key}[2]</td>";
2225 }
2226 if ($ip eq '' && $customgrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
2227 print "<td align='center' $col>$Lang::tr{'fwhost deleted'}</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
2228 }else{
2229 print"<td align='center' $col>".&getcolor($ip)."</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
2230 }
2231 if ($delflag > 0 && $ip ne ''){
2232 print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' />";
2233 #check if this group has only one entry
2234 foreach my $key2 (keys %hash) {
2235 if ($hash{$key2}<2 && $key2 eq $customgrp{$key}[0]){
2236 print "<input type='hidden' name='last' value='on'>" ;
2237 }
2238 }
2239 }
2240 print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
2241 $helper=$customgrp{$key}[0];
2242 $number++;
2243 }
2244 print"</table>";
2245 }
2246 &Header::closebox();
2247 }
2248
2249 }
2250 sub viewtablelocationgrp
2251 {
2252 # If our filesize is "zero" there is nothing to read-in.
2253 if (-z "$configlocationgrp") {
2254 return;
2255 }
2256
2257 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust locationgrp'});
2258 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
2259 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2260 &General::readhasharray("$fwconfiginp", \%fwinp);
2261 &General::readhasharray("$fwconfigout", \%fwout);
2262 my @grp=();
2263 my $helper='';
2264 my $count=1;
2265 my $country_code;
2266 my $grpname;
2267 my $remark;
2268 my $number;
2269 my $delflag;
2270 my @counter;
2271 my %hash;
2272
2273 # If there are no groups we are finished here.
2274 if (!keys %customlocationgrp) {
2275 print "<center><b>$Lang::tr{'fwhost err emptytable'}</b>";
2276 return;
2277 }
2278
2279 # Put all groups in a hash.
2280 foreach my $key (sort { ncmp($customlocationgrp{$a}[0],$customlocationgrp{$b}[0]) }
2281 sort { ncmp($customlocationgrp{$a}[2],$customlocationgrp{$b}[2]) } keys %customlocationgrp) {
2282 push (@counter,$customlocationgrp{$key}[0]);
2283 }
2284
2285 # Increase current used key.
2286 foreach my $key1 (@counter) {
2287 $hash{$key1}++ ;
2288 }
2289
2290 # Sort hash.
2291 foreach my $key (sort { ncmp($customlocationgrp{$a}[0],$customlocationgrp{$b}[0]) }
2292 sort { ncmp($customlocationgrp{$a}[2],$customlocationgrp{$b}[2]) } keys %customlocationgrp) {
2293 $count++;
2294 if ($helper ne $customlocationgrp{$key}[0]) {
2295 $delflag='0';
2296
2297 foreach my $key1 (sort { ncmp($customlocationgrp{$a}[0],$customlocationgrp{$b}[0]) }
2298 sort { ncmp($customlocationgrp{$a}[2],$customlocationgrp{$b}[2]) } keys %customlocationgrp) {
2299
2300 if ($customlocationgrp{$key}[0] eq $customlocationgrp{$key1}[0])
2301 {
2302 $delflag++;
2303 }
2304 if($delflag > 1){
2305 last;
2306 }
2307 }
2308
2309 $number=1;
2310
2311 # Groupname.
2312 $grpname=$customlocationgrp{$key}[0];
2313
2314 # Group remark.
2315 $remark="$customlocationgrp{$key}[1]";
2316
2317 # Country code.
2318 $country_code="$customlocationgrp{$key}[2]";
2319
2320 if ($count gt 1){
2321 print"</table>";
2322 $count=1;
2323 }
2324
2325 # Display groups header.
2326 print "<br><b><u>$grpname</u></b>&nbsp; &nbsp;\n";
2327 print "<b>$Lang::tr{'remark'}:</b>&nbsp $remark &nbsp\n" if ($remark ne '');
2328
2329 # Get group count.
2330 my $locationgrpcount=&getlocationcount($grpname);
2331 my $locationusedin=&getlocusedin($grpname);
2332 print "<b>$Lang::tr{'used'}:</b> <span title='$locationusedin'>$locationgrpcount x</span>";
2333 # Only display delete icon, if the group is not used by a firewall rule.
2334 if($locationgrpcount == '0') {
2335 print"<form method='post' style='display:inline'>\n";
2336 print"<input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' />\n";
2337 print"<input type='hidden' name='grp_name' value='$grpname' >\n";
2338 print"<input type='hidden' name='ACTION' value='dellocationgrp'>\n";
2339 print"</form>";
2340 }
2341
2342 # Icon for group editing.
2343 print <<END;
2344 <form method='post' style='display:inline'>
2345 <input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right'/>
2346 <input type='hidden' name='grp_name' value='$grpname' >
2347 <input type='hidden' name='remark' value='$remark' >
2348 <input type='hidden' name='ACTION' value='editlocationgrp'>
2349 </form>
2350
2351 <table width='100%' cellspacing='0' class='tbl'>
2352 END
2353 # Display headlines if the group contains any entries.
2354 if ($country_code ne "none") {
2355 print <<END;
2356 <tr>
2357 <td width='10%' align='center'>
2358 <b>$Lang::tr{'flag'}</b>
2359 </td>
2360
2361 <td width='10%'align='center'>
2362 <b>$Lang::tr{'countrycode'}</b>
2363 </td>
2364
2365 <td width='70%'align='left'>
2366 <b>$Lang::tr{'country'}</b>
2367 </td>
2368
2369 <td width='10%' align='right'></td>
2370 </tr>
2371 END
2372 }
2373 }
2374
2375 # Check if our group contains any entries.
2376 if ($country_code eq "none") {
2377 print "<tr><td>$Lang::tr{'fwhost err emptytable'}</td></tr>\n";
2378 } else {
2379 # Check if we are currently editing a group and assign column backgound colors.
2380 my $col='';
2381 if ( ($fwhostsettings{'ACTION'} eq 'editlocationgrp' || $fwhostsettings{'update'} ne '')
2382 && $fwhostsettings{'grp_name'} eq $customlocationgrp{$key}[0]) {
2383 $col="bgcolor='${Header::colouryellow}'";
2384 } elsif ($count %2 == 0){
2385 $col="bgcolor='$color{'color20'}'";
2386 } else {
2387 $col="bgcolor='$color{'color22'}'";
2388 }
2389
2390 # Get country flag.
2391 my $icon = &Location::Functions::get_flag_icon($customlocationgrp{$key}[2]);
2392
2393 # Print column with flag icon.
2394 my $col_content;
2395 if ($icon) {
2396 $col_content = "<img src='$icon' alt='$customlocationgrp{$key}[2]' title='$customlocationgrp{$key}[2]'>";
2397 } else {
2398 $col_content = "<b>N/A</b>";
2399 }
2400
2401 print "<td align='center' $col>$col_content</td>\n";
2402
2403 # Print column with country code.
2404 print "<td align='center' $col>$customlocationgrp{$key}[2]</td>\n";
2405
2406 # Print column with full country name.
2407 my $country_name = &Location::Functions::get_full_country_name($customlocationgrp{$key}[2]);
2408 print "<td align='left' $col>$country_name</td>\n";
2409
2410 # Generate from for removing entries from a group.
2411 print "<td align='right' width='1%' $col><form method='post'>\n";
2412
2413 if ($delflag > 0){
2414 print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}'/>\n";
2415
2416 # Check if this group only has a single entry.
2417 foreach my $key2 (keys %hash) {
2418 if ($hash{$key2}<2 && $key2 eq $customlocationgrp{$key}[0]){
2419 print "<input type='hidden' name='last' value='on'>" ;
2420 }
2421 }
2422 }
2423
2424 print "<input type='hidden' name='ACTION' value='deletelocationgrpentry'>\n";
2425 print "<input type='hidden' name='update' value='$fwhostsettings{'update'}'>\n";
2426 print "<input type='hidden' name='delentry' value='$grpname,$remark,$customlocationgrp{$key}[2],$customlocationgrp{$key}[3]'>\n";
2427 print "</form>\n";
2428 print "</td>\n";
2429 print "</tr>\n";
2430 }
2431
2432 $helper=$customlocationgrp{$key}[0];
2433 $number++;
2434 }
2435
2436 print"</table>\n";
2437 &Header::closebox();
2438 }
2439 sub viewtableservice
2440 {
2441 my $count=0;
2442 my $srvcount;
2443 if(! -z "$configsrv")
2444 {
2445 &Header::openbox('100%', 'left', $Lang::tr{'fwhost services'});
2446 &General::readhasharray("$configsrv", \%customservice);
2447 &General::readhasharray("$configsrvgrp", \%customservicegrp);
2448 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2449 &General::readhasharray("$fwconfiginp", \%fwinp);
2450 &General::readhasharray("$fwconfigout", \%fwout);
2451 print<<END;
2452 <table width='100%' cellspacing='0' class='tbl'>
2453 <tr><th align='center'><b>$Lang::tr{'fwhost srv_name'}</b></th><th align='center'><b>$Lang::tr{'fwhost prot'}</b></th><th align='center'><b>$Lang::tr{'fwhost port'}</b></th><th align='center'><b>ICMP</b></th><th align='center'><b>$Lang::tr{'fwhost used'}</b></th><th></th><th width='3%'></th></tr>
2454 END
2455 my $col='';
2456 foreach my $key (sort { ncmp($customservice{$a}[0],$customservice{$b}[0])} keys %customservice)
2457 {
2458 $count++;
2459 if ( ($fwhostsettings{'updatesrv'} eq 'on' || $fwhostsettings{'error'}) && $fwhostsettings{'SRV_NAME'} eq $customservice{$key}[0]) {
2460 print" <tr>";
2461 $col="bgcolor='${Header::colouryellow}'";
2462 }elsif ($count % 2){
2463 print" <tr>";
2464 $col="bgcolor='$color{'color22'}'";
2465 }else{
2466 print" <tr>";
2467 $col="bgcolor='$color{'color20'}'";
2468 }
2469 print<<END;
2470 <td $col>$customservice{$key}[0]</td><td align='center' $col>$customservice{$key}[2]</td><td align='center' $col>$customservice{$key}[1]</td><td align='center' $col>
2471 END
2472 #Neuer count
2473 $srvcount=&getsrvcount($customservice{$key}[0]);
2474 my $serviceusedin=&getsrvusedin($customservice{$key}[0]);
2475 if($customservice{$key}[3] eq 'All ICMP-Types'){print $Lang::tr{'fwdfw all icmp'};}
2476 elsif($customservice{$key}[3] ne 'BLANK'){print $customservice{$key}[3];}
2477 print<<END;
2478 </td><td align='center' $col><span title='$serviceusedin'>$srvcount x</span></td>
2479 <td width='1%' $col><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' /><input type='hidden' name='ACTION' value='editservice' />
2480 <input type='hidden' name='SRV_NAME' value='$customservice{$key}[0]' />
2481 <input type='hidden' name='SRV_PORT' value='$customservice{$key}[1]' />
2482 <input type='hidden' name='PROT' value='$customservice{$key}[2]' />
2483 <input type='hidden' name='ICMP' value='$customservice{$key}[3]' /></form></td>
2484 END
2485 if ($srvcount eq '0')
2486 {
2487 print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' /><input type='hidden' name='ACTION' value='delservice' /><input type='hidden' name='SRV_NAME' value='$customservice{$key}[0]'></td></tr></form>";
2488 }else{
2489 print"<td $col></td></tr>";
2490 }
2491 }
2492 print"</table>";
2493 &Header::closebox();
2494 }
2495 }
2496 sub viewtableservicegrp
2497 {
2498 my $count=0;
2499 my $grpname;
2500 my $remark;
2501 my $helper;
2502 my $helper1;
2503 my $port;
2504 my $protocol;
2505 my $delflag;
2506 my $grpcount=0;
2507 my $col='';
2508 my $lastentry=0;
2509 my @counter;
2510 my %hash;
2511 if (! -z $configsrvgrp){
2512 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust srvgrp'});
2513 &General::readhasharray("$configsrvgrp", \%customservicegrp);
2514 &General::readhasharray("$configsrv", \%customservice);
2515 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2516 &General::readhasharray("$fwconfiginp", \%fwinp);
2517 &General::readhasharray("$fwconfigout", \%fwout);
2518 my $number= keys %customservicegrp;
2519 foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
2520 push (@counter,$customservicegrp{$key}[0]);
2521 }
2522 foreach my $key1 (@counter) {
2523 $hash{$key1}++ ;
2524 }
2525 foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
2526 $count++;
2527 if ($helper ne $customservicegrp{$key}[0]){
2528 #Get used groupcounter
2529 $grpcount=&getsrvcount($customservicegrp{$key}[0]);
2530 $delflag=0;
2531 foreach my $key1 (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) } keys %customservicegrp){
2532 if ($customservicegrp{$key}[0] eq $customservicegrp{$key1}[0])
2533 {
2534 $delflag++;
2535 }
2536 if($delflag > 1){
2537 last;
2538 }
2539 }
2540 $grpname=$customservicegrp{$key}[0];
2541 if ($customservicegrp{$key}[2] eq "none"){
2542 $customservicegrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};
2543 $port='';
2544 $protocol='';
2545 }
2546 $remark="$customservicegrp{$key}[1]";
2547 if($count >0){print"</table>";$count=1;}
2548 print "<br><b><u>$grpname</u></b>&nbsp; &nbsp; ";
2549 print "<b>$Lang::tr{'remark'}:</b>&nbsp; $remark " if ($remark ne '');
2550 my $srvgrpusedin=&getsrvusedin($customservicegrp{$key}[0]);
2551 print "&nbsp; <b>$Lang::tr{'used'}:</b> <span title='$srvgrpusedin'>$grpcount x</span>";
2552 if($grpcount == '0')
2553 {
2554 print"<form method='post' style='display:inline'><input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' /><input type='hidden' name='SRVGRP_NAME' value='$grpname' ><input type='hidden' name='ACTION' value='delservicegrp'></form>";
2555 }
2556 print"<form method='post' style='display:inline'><input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right' /><input type='hidden' name='SRVGRP_NAME' value='$grpname' ><input type='hidden' name='SRVGRP_REMARK' value='$remark' ><input type='hidden' name='ACTION' value='editservicegrp'></form>";
2557 print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>Name</b></th><th align='center'><b>$Lang::tr{'port'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost prot'}</th><th></th></tr>";
2558 }
2559 if( $fwhostsettings{'SRVGRP_NAME'} eq $customservicegrp{$key}[0]) {
2560 print"<tr>";
2561 $col="bgcolor='${Header::colouryellow}'";
2562 }elsif ($count %2 == 0){
2563 print"<tr>";
2564 $col="bgcolor='$color{'color20'}'";
2565 }else{
2566 print"<tr>";
2567 $col="bgcolor='$color{'color22'}'";
2568 }
2569 #make lines yellow if it is a dummy entry
2570 if ($customservicegrp{$key}[2] eq $Lang::tr{'fwhost err emptytable'}){
2571 print"<tr>";
2572 $col="bgcolor='${Header::colouryellow}'";
2573 }
2574 #Set fields if we use protocols in servicegroups
2575 if ($customservicegrp{$key}[2] ne 'TCP' || $customservicegrp{$key}[2] ne 'UDP' || $customservicegrp{$key}[2] ne 'ICMP'){
2576 $port='-';
2577 }
2578 if ($customservicegrp{$key}[2] eq 'GRE'){$protocol='GRE';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} GRE";}
2579 if ($customservicegrp{$key}[2] eq 'ESP'){$protocol='ESP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} ESP";}
2580 if ($customservicegrp{$key}[2] eq 'AH'){$protocol='AH';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} AH";}
2581 if ($customservicegrp{$key}[2] eq 'IGMP'){$protocol='IGMP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IGMP";}
2582 if ($customservicegrp{$key}[2] eq 'IPIP'){$protocol='IPIP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPIP";}
2583 if ($customservicegrp{$key}[2] eq 'IPV6'){$protocol='IPV6';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPv6 encapsulation";}
2584 print "<td width='39%' $col>$customservicegrp{$key}[2]</td>";
2585 foreach my $srv (sort keys %customservice){
2586 if ($customservicegrp{$key}[2] eq $customservice{$srv}[0]){
2587 $protocol=$customservice{$srv}[2];
2588 $port=$customservice{$srv}[1];
2589 last;
2590 }
2591 }
2592 print"<td align='center' $col>$port</td><td align='center' $col>$protocol</td><td width='1%' $col><form method='post'>";
2593 if ($delflag gt '0'){
2594 if ($customservicegrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
2595 print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title=$Lang::tr{'delete'} />";
2596 }
2597 #check if this group has only one entry
2598 foreach my $key2 (keys %hash) {
2599 if ($hash{$key2}<2 && $key2 eq $customservicegrp{$key}[0]){
2600 print "<input type='hidden' name='last' value='on'>" ;
2601 }
2602 }
2603 }
2604 print"<input type='hidden' name='ACTION' value='delgrpservice'><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'>";
2605 if($protocol eq 'TCP' || $protocol eq 'UDP' || $protocol eq 'ICMP'){
2606 print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$customservicegrp{$key}[2]'></form></td></tr>";
2607 }else{
2608 print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$protocol'></form></td></tr>";
2609 }
2610 $helper=$customservicegrp{$key}[0];
2611 }
2612 print"</table>";
2613 &Header::closebox();
2614 }
2615 }
2616 # Check
2617 sub checkname
2618 {
2619 my %hash=%{(shift)};
2620 foreach my $key (keys %hash) {
2621 if($hash{$key}[0] eq $fwhostsettings{'HOSTNAME'}){
2622 return 0;
2623 }
2624 }
2625 return 1;
2626
2627 }
2628 sub checkgroup
2629 {
2630 &General::readhasharray("$configgrp", \%customgrp );
2631 my $name=shift;
2632 foreach my $key (keys %customservicegrp) {
2633 if($customservicegrp{$key}[0] eq $name){
2634 return 0;
2635 }
2636 }
2637 return 1;
2638 }
2639 sub checkservice
2640 {
2641 &General::readhasharray("$configsrv", \%customservice );
2642 my $name=shift;
2643 foreach my $key (keys %customservice) {
2644 if($customservice{$key}[0] eq $name){
2645 return 0;
2646 }
2647 }
2648 return 1;
2649 }
2650 sub checkip
2651 {
2652
2653 my %hash=%{(shift)};
2654 my $a=shift;
2655 foreach my $key (keys %hash) {
2656 if($hash{$key}[$a] eq $fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'})){
2657 return 0;
2658 }
2659 }
2660 return 1;
2661 }
2662 sub checkservicegroup
2663 {
2664 &General::readhasharray("$configsrvgrp", \%customservicegrp);
2665 #check name
2666 if ( ! &validhostname($fwhostsettings{'SRVGRP_NAME'}))
2667 {
2668 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
2669 return $errormessage;
2670 }
2671 #check empty selectbox
2672 if (keys %customservice lt 1)
2673 {
2674 $errormessage.=$Lang::tr{'fwhost err groupempty'}."<br>";
2675 }
2676 #check if name already exists
2677 if ($fwhostsettings{'updatesrvgrp'} ne 'on'){
2678 foreach my $key (keys %customservicegrp) {
2679 if( $customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} ){
2680 $errormessage.=$Lang::tr{'fwhost err grpexist'}."<br>";
2681
2682 }
2683 }
2684 }
2685 #check if service already exists in group
2686 foreach my $key (keys %customservicegrp) {
2687 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[2] eq $fwhostsettings{'CUST_SRV'} ){
2688 $errormessage.=$Lang::tr{'fwhost err srvexist'}."<br>";
2689 }
2690 }
2691 return $errormessage;
2692 }
2693 sub checkrulereload
2694 {
2695 my $search=shift;
2696 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2697 &General::readhasharray("$fwconfiginp", \%fwinp);
2698 &General::readhasharray("$fwconfigout", \%fwout);
2699
2700 #check if service or servicegroup is used in rules
2701 foreach my $key (keys %fwfwd){
2702 if($search eq $fwfwd{$key}[15]){
2703 &General::firewall_config_changed();
2704 return;
2705 }
2706 }
2707 foreach my $key (keys %fwinp){
2708 if($search eq $fwinp{$key}[15]){
2709 &General::firewall_config_changed();
2710 return;
2711 }
2712 }
2713 foreach my $key (keys %fwout){
2714 if($search eq $fwout{$key}[15]){
2715 &General::firewall_config_changed();
2716 return;
2717 }
2718 }
2719 }
2720 sub error
2721 {
2722 if ($errormessage) {
2723 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
2724 print "<class name='base'>$errormessage\n";
2725 print "&nbsp;</class>\n";
2726 &Header::closebox();
2727 }
2728 }
2729 sub hint
2730 {
2731 if ($hint) {
2732 &Header::openbox('100%', 'left', $Lang::tr{'fwhost hint'});
2733 print "<class name='base'>$hint\n";
2734 print "&nbsp;</class>\n";
2735 &Header::closebox();
2736 }
2737 }
2738 sub get_name
2739 {
2740 my $val=shift;
2741 &General::setup_default_networks(\%defaultNetworks);
2742 foreach my $network (sort keys %defaultNetworks)
2743 {
2744 return "$network" if ($val eq $defaultNetworks{$network}{'NAME'});
2745 }
2746 }
2747 sub gethostcount
2748 {
2749 my $searchstring=shift;
2750 my $srvcounter=0;
2751 #Count services used in servicegroups
2752 foreach my $key (keys %customgrp) {
2753 if($customgrp{$key}[2] eq $searchstring){
2754 $srvcounter++;
2755 }
2756 }
2757 #Count services used in firewall - config
2758 foreach my $key1 (keys %fwfwd) {
2759 if($fwfwd{$key1}[4] eq $searchstring){
2760 $srvcounter++;
2761 }
2762 if($fwfwd{$key1}[6] eq $searchstring){
2763 $srvcounter++;
2764 }
2765 }
2766 #Count services used in firewall - input
2767 foreach my $key2 (keys %fwinp) {
2768 if($fwinp{$key2}[4] eq $searchstring){
2769 $srvcounter++;
2770 }
2771 if($fwinp{$key2}[6] eq $searchstring){
2772 $srvcounter++;
2773 }
2774 }
2775 #Count services used in firewall - outgoing
2776 foreach my $key3 (keys %fwout) {
2777 if($fwout{$key3}[4] eq $searchstring){
2778 $srvcounter++;
2779 }
2780 if($fwout{$key3}[6] eq $searchstring){
2781 $srvcounter++;
2782 }
2783 }
2784 return $srvcounter;
2785 }
2786 sub getlocationcount
2787 {
2788 my $groupname=shift;
2789 my $counter=0;
2790
2791 # Location groups are stored as "group:groupname" in the
2792 # firewall settings files.
2793 my $searchstring = join(':', "group",$groupname);
2794
2795 # Count services used in firewall - forward
2796 foreach my $key1 (keys %fwfwd) {
2797 if($fwfwd{$key1}[4] eq $searchstring){
2798 $counter++;
2799 }
2800 if($fwfwd{$key1}[6] eq $searchstring){
2801 $counter++;
2802 }
2803 }
2804 #Count services used in firewall - input
2805 foreach my $key2 (keys %fwinp) {
2806 if($fwinp{$key2}[4] eq $searchstring){
2807 $counter++;
2808 }
2809 if($fwinp{$key2}[6] eq $searchstring){
2810 $counter++;
2811 }
2812 }
2813 #Count services used in firewall - outgoing
2814 foreach my $key3 (keys %fwout) {
2815 if($fwout{$key3}[4] eq $searchstring){
2816 $counter++;
2817 }
2818 if($fwout{$key3}[6] eq $searchstring){
2819 $counter++;
2820 }
2821 }
2822 return $counter;
2823 }
2824 sub getlocusedin
2825 {
2826 my $groupname=shift;
2827 my $titletext="";
2828
2829 # Location groups are stored as "group:groupname" in the
2830 # firewall settings files.
2831 my $searchstring = join(':', "group",$groupname);
2832
2833 #Count services used in firewall - config
2834 my $fwfwtext="";
2835 # first set title if found
2836 foreach my $key1 (keys %fwfwd) {
2837 if($fwfwd{$key1}[4] eq $searchstring){
2838 $fwfwtext = "$Lang::tr{'firewall rules'}:";
2839 }
2840 if($fwfwd{$key1}[6] eq $searchstring){
2841 $fwfwtext = "$Lang::tr{'firewall rules'}:";
2842 }
2843 }
2844 # then add rule numbers
2845 my @fwfwrules = ();
2846 foreach my $key1 (keys %fwfwd) {
2847 if($fwfwd{$key1}[4] eq $searchstring){
2848 push(@fwfwrules, $key1);
2849 }
2850 if($fwfwd{$key1}[6] eq $searchstring){
2851 push(@fwfwrules, $key1);
2852 }
2853 }
2854 my @fwfwarraysorted = sort { $a <=> $b } @fwfwrules;
2855 foreach my $rule (@fwfwarraysorted)
2856 {
2857 $fwfwtext .= "&#010- $rule";
2858 }
2859 #Count services used in firewall - input
2860 my $fwintext="";
2861 foreach my $key2 (keys %fwinp) {
2862 if($fwinp{$key2}[4] eq $searchstring){
2863 $fwintext = "$Lang::tr{'incoming firewall access'}:";
2864 }
2865 if($fwinp{$key2}[6] eq $searchstring){
2866 $fwintext = "$Lang::tr{'incoming firewall access'}:";
2867 }
2868 }
2869 my @fwinrules = ();
2870 foreach my $key2 (keys %fwinp) {
2871 if($fwinp{$key2}[4] eq $searchstring){
2872 push(@fwinrules, $key2);
2873 }
2874 if($fwinp{$key2}[6] eq $searchstring){
2875 push(@fwinrules, $key2);
2876 }
2877 }
2878 my @fwinarraysorted = sort { $a <=> $b } @fwinrules;
2879 foreach my $rule (@fwinarraysorted)
2880 {
2881 $fwintext .= "&#010- $rule";
2882 }
2883 #Count services used in firewall - outgoing
2884 my $fwouttext="";
2885 foreach my $key3 (keys %fwout) {
2886 if($fwout{$key3}[4] eq $searchstring){
2887 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
2888 }
2889 if($fwout{$key3}[6] eq $searchstring){
2890 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
2891 }
2892 }
2893 my @fwoutrules = ();
2894 foreach my $key3 (keys %fwout) {
2895 if($fwout{$key3}[4] eq $searchstring){
2896 push(@fwoutrules, $key3);
2897 }
2898 if($fwout{$key3}[6] eq $searchstring){
2899 push(@fwoutrules, $key3);
2900 }
2901 }
2902 my @fwoutarraysorted = sort { $a <=> $b } @fwoutrules;
2903 foreach my $rule (@fwoutarraysorted)
2904 {
2905 $fwouttext .= "&#010- $rule";
2906 }
2907 if ($fwfwtext) {
2908 $titletext .= "$fwfwtext"
2909 }
2910 if ($fwintext) {
2911 if ($titletext) {
2912 $titletext .= "&#010 "
2913 }
2914 $titletext .= "$fwintext"
2915 }
2916 if ($fwouttext) {
2917 if ($titletext) {
2918 $titletext .= "&#010 "
2919 }
2920 $titletext .= "$fwouttext"
2921 }
2922 return $titletext;
2923 }
2924 sub getnetcount
2925 {
2926 my $searchstring=shift;
2927 my $srvcounter=0;
2928 #Count services used in servicegroups
2929 foreach my $key (keys %customgrp) {
2930 if($customgrp{$key}[2] eq $searchstring){
2931 $srvcounter++;
2932 }
2933 }
2934 #Count services used in firewall - config
2935 foreach my $key1 (keys %fwfwd) {
2936 if($fwfwd{$key1}[4] eq $searchstring){
2937 $srvcounter++;
2938 }
2939 if($fwfwd{$key1}[6] eq $searchstring){
2940 $srvcounter++;
2941 }
2942 }
2943 #Count services used in firewall - input
2944 foreach my $key2 (keys %fwinp) {
2945 if($fwinp{$key2}[4] eq $searchstring){
2946 $srvcounter++;
2947 }
2948 if($fwinp{$key2}[6] eq $searchstring){
2949 $srvcounter++;
2950 }
2951 }
2952 #Count services used in firewall - outgoing
2953 foreach my $key3 (keys %fwout) {
2954 if($fwout{$key3}[4] eq $searchstring){
2955 $srvcounter++;
2956 }
2957 if($fwout{$key3}[6] eq $searchstring){
2958 $srvcounter++;
2959 }
2960 }
2961 return $srvcounter;
2962 }
2963 sub getusedin
2964 {
2965 my $searchstring=shift;
2966 my $titletext="";
2967 my $groups=();
2968 my $rules=();
2969
2970 #Count services used in Network/Host group
2971 my $servicegrouptext="";
2972 foreach my $key (keys %customgrp) {
2973 if($customgrp{$key}[2] eq $searchstring){
2974 $servicegrouptext = "$Lang::tr{'fwhost cust grp'}:";
2975 }
2976 }
2977 foreach my $key (keys %customgrp) {
2978 if($customgrp{$key}[2] eq $searchstring){
2979 $servicegrouptext .= "&#010- $customgrp{$key}[0]";
2980 }
2981 }
2982 #Count services used in firewall - config
2983 my $fwfwtext="";
2984 # first set title if found
2985 foreach my $key1 (keys %fwfwd) {
2986 if($fwfwd{$key1}[4] eq $searchstring){
2987 $fwfwtext = "$Lang::tr{'firewall rules'}:";
2988 }
2989 if($fwfwd{$key1}[6] eq $searchstring){
2990 $fwfwtext = "$Lang::tr{'firewall rules'}:";
2991 }
2992 }
2993 # then add rule numbers
2994 my @fwfwrules = ();
2995 foreach my $key1 (keys %fwfwd) {
2996 if($fwfwd{$key1}[4] eq $searchstring){
2997 push(@fwfwrules, $key1);
2998 }
2999 if($fwfwd{$key1}[6] eq $searchstring){
3000 push(@fwfwrules, $key1);
3001 }
3002 }
3003 my @fwfwarraysorted = sort { $a <=> $b } @fwfwrules;
3004 foreach my $rule (@fwfwarraysorted)
3005 {
3006 $fwfwtext .= "&#010- $rule";
3007 }
3008 #Count services used in firewall - input
3009 my $fwintext="";
3010 foreach my $key2 (keys %fwinp) {
3011 if($fwinp{$key2}[4] eq $searchstring){
3012 $fwintext = "$Lang::tr{'incoming firewall access'}:";
3013 }
3014 if($fwinp{$key2}[6] eq $searchstring){
3015 $fwintext = "$Lang::tr{'incoming firewall access'}:";
3016 }
3017 }
3018 my @fwinrules = ();
3019 foreach my $key2 (keys %fwinp) {
3020 if($fwinp{$key2}[4] eq $searchstring){
3021 push(@fwinrules, $key2);
3022 }
3023 if($fwinp{$key2}[6] eq $searchstring){
3024 push(@fwinrules, $key2);
3025 }
3026 }
3027 my @fwinarraysorted = sort { $a <=> $b } @fwinrules;
3028 foreach my $rule (@fwinarraysorted)
3029 {
3030 $fwintext .= "&#010- $rule";
3031 }
3032 #Count services used in firewall - outgoing
3033 my $fwouttext="";
3034 foreach my $key3 (keys %fwout) {
3035 if($fwout{$key3}[4] eq $searchstring){
3036 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
3037 }
3038 if($fwout{$key3}[6] eq $searchstring){
3039 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
3040 }
3041 }
3042 my @fwoutrules = ();
3043 foreach my $key3 (keys %fwout) {
3044 if($fwout{$key3}[4] eq $searchstring){
3045 push(@fwoutrules, $key3);
3046 }
3047 if($fwout{$key3}[6] eq $searchstring){
3048 push(@fwoutrules, $key3);
3049 }
3050 }
3051 my @fwoutarraysorted = sort { $a <=> $b } @fwoutrules;
3052 foreach my $rule (@fwoutarraysorted)
3053 {
3054 $fwouttext .= "&#010- $rule";
3055 }
3056 if ($servicegrouptext) {
3057 $titletext .= "$servicegrouptext"
3058 }
3059 if ($fwfwtext) {
3060 if ($titletext) {
3061 $titletext .= "&#010 "
3062 }
3063 $titletext .= "$fwfwtext"
3064 }
3065 if ($fwintext) {
3066 if ($titletext) {
3067 $titletext .= "&#010 "
3068 }
3069 $titletext .= "$fwintext"
3070 }
3071 if ($fwouttext) {
3072 if ($titletext) {
3073 $titletext .= "&#010 "
3074 }
3075 $titletext .= "$fwouttext"
3076 }
3077 return $titletext
3078 }
3079 sub getsrvcount
3080 {
3081 my $searchstring=shift;
3082 my $srvcounter=0;
3083 #Count services used in servicegroups
3084 foreach my $key (keys %customservicegrp) {
3085 if($customservicegrp{$key}[2] eq $searchstring){
3086 $srvcounter++;
3087 }
3088 }
3089 #Count services used in firewall - config
3090 foreach my $key1 (keys %fwfwd) {
3091 if($fwfwd{$key1}[15] eq $searchstring){
3092 $srvcounter++;
3093 }
3094 }
3095 #Count services used in firewall - input
3096 foreach my $key2 (keys %fwinp) {
3097 if($fwinp{$key2}[15] eq $searchstring){
3098 $srvcounter++;
3099 }
3100 }
3101 #Count services used in firewall - outgoing
3102 foreach my $key3 (keys %fwout) {
3103 if($fwout{$key3}[15] eq $searchstring){
3104 $srvcounter++;
3105 }
3106 }
3107 return $srvcounter;
3108 }
3109 sub getsrvusedin
3110 {
3111 my $searchstring=shift;
3112 my $titletext="";
3113 #Count services used in servicegroups
3114 my $servicegrouptext="";
3115 foreach my $key (keys %customservicegrp) {
3116 if($customservicegrp{$key}[2] eq $searchstring){
3117 $servicegrouptext = "$Lang::tr{'outgoing firewall access'}:";
3118 }
3119 }
3120 foreach my $key (keys %customservicegrp) {
3121 if($customservicegrp{$key}[2] eq $searchstring){
3122 $servicegrouptext .= "&#010- $customservicegrp{$key}[0]";
3123 }
3124 }
3125 my $fwfwtext="";
3126 # first set title if found
3127 foreach my $key1 (keys %fwfwd) {
3128 if($fwfwd{$key1}[15] eq $searchstring){
3129 $fwfwtext = "$Lang::tr{'firewall rules'}:";
3130 }
3131 }
3132 # then add rule numbers
3133 my @fwfwrules = ();
3134 foreach my $key1 (keys %fwfwd) {
3135 if($fwfwd{$key1}[15] eq $searchstring){
3136 push(@fwfwrules, $key1);
3137 }
3138 }
3139 my @fwfwarraysorted = sort { $a <=> $b } @fwfwrules;
3140 foreach my $rule (@fwfwarraysorted)
3141 {
3142 $fwfwtext .= "&#010- $rule";
3143 }
3144 #Count services used in firewall - input
3145 my $fwintext="";
3146 foreach my $key2 (keys %fwinp) {
3147 if($fwinp{$key2}[15] eq $searchstring){
3148 $fwintext = "$Lang::tr{'incoming firewall access'}:";
3149 }
3150 }
3151 my @fwinrules = ();
3152 foreach my $key2 (keys %fwinp) {
3153 if($fwinp{$key2}[15] eq $searchstring){
3154 push(@fwinrules, $key2);
3155 }
3156 }
3157 my @fwinarraysorted = sort { $a <=> $b } @fwinrules;
3158 foreach my $rule (@fwinarraysorted)
3159 {
3160 $fwintext .= "&#010- $rule";
3161 }
3162 #Count services used in firewall - outgoing
3163 my $fwouttext="";
3164 foreach my $key3 (keys %fwout) {
3165 if($fwout{$key3}[15] eq $searchstring){
3166 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
3167 }
3168 }
3169 my @fwoutrules = ();
3170 foreach my $key3 (keys %fwout) {
3171 if($fwout{$key3}[15] eq $searchstring){
3172 push(@fwoutrules, $key3);
3173 }
3174 }
3175 my @fwoutarraysorted = sort { $a <=> $b } @fwoutrules;
3176 foreach my $rule (@fwoutarraysorted)
3177 {
3178 $fwouttext .= "&#010- $rule";
3179 }
3180 if ($servicegrouptext ne '') {
3181 $titletext .= "$servicegrouptext";
3182 }
3183 if ($fwfwtext ne '') {
3184 if ($titletext) {
3185 $titletext .= "&#010 ";
3186 }
3187 $titletext .= "$fwfwtext";
3188 }
3189 if ($fwintext ne '') {
3190 if ($titletext) {
3191 $titletext .= "&#010 ";
3192 }
3193 $titletext .= "$fwintext";
3194 }
3195 if ($fwouttext) {
3196 if ($titletext ne '') {
3197 $titletext .= "&#010 ";
3198 }
3199 $titletext .= "$fwouttext";
3200 }
3201 return $titletext
3202 }
3203 sub deletefromgrp
3204 {
3205 my $target=shift;
3206 my $config=shift;
3207 my %hash=();
3208 &General::readhasharray("$config",\%hash);
3209 foreach my $key (keys %hash) {
3210 if($hash{$key}[2] eq $target){
3211 delete $hash{$key};
3212 }
3213 }
3214 &General::writehasharray("$config",\%hash);
3215
3216 }
3217 sub plausicheck
3218 {
3219 my $edit=shift;
3220 #check hostname
3221 if (!&validhostname($fwhostsettings{'HOSTNAME'}))
3222 {
3223 $errormessage=$errormessage.$Lang::tr{'fwhost err name'};
3224 $fwhostsettings{'BLK_IP'}='readonly';
3225 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
3226 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3227 }
3228 #check if name collides with CCD Netname
3229 &General::readhasharray("$configccdnet", \%ccdnet);
3230 foreach my $key (keys %ccdnet) {
3231 if($ccdnet{$key}[0] eq $fwhostsettings{'HOSTNAME'}){
3232 $errormessage=$errormessage.$Lang::tr{'fwhost err isccdnet'};;
3233 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
3234 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3235 last;
3236 }
3237 }
3238 #check if IP collides with CCD NetIP
3239 if ($fwhostsettings{'type'} ne 'mac'){
3240 &General::readhasharray("$configccdnet", \%ccdnet);
3241 foreach my $key (keys %ccdnet) {
3242 my $test=(&General::getnetworkip($fwhostsettings{'IP'},&General::iporsubtocidr($fwhostsettings{'SUBNET'})))."/".$fwhostsettings{'SUBNET'};
3243 if($ccdnet{$key}[1] eq $test){
3244 $errormessage=$errormessage.$Lang::tr{'fwhost err isccdipnet'};
3245 $fwhostsettings{'IP'} = $fwhostsettings{'orgip'};
3246 $fwhostsettings{'SUBNET'} = $fwhostsettings{'orgsubnet'};
3247 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3248 last;
3249 }
3250 }
3251 }
3252 #check if name collides with CCD Hostname
3253 &General::readhasharray("$configccdhost", \%ccdhost);
3254 foreach my $key (keys %ccdhost) {
3255 my ($ip,$sub)=split(/\//,$ccdhost{$key}[33]);
3256 if($ip eq $fwhostsettings{'IP'}){
3257 $errormessage=$Lang::tr{'fwhost err isccdiphost'};
3258 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3259 last;
3260 }
3261 }
3262 #check if IP collides with CCD HostIP (only hosts)
3263 if ($edit eq 'edithost')
3264 {
3265 foreach my $key (keys %ccdhost) {
3266 if($ccdhost{$key}[1] eq $fwhostsettings{'HOSTNAME'}){
3267 $errormessage=$Lang::tr{'fwhost err isccdhost'};
3268 $fwhostsettings{'IP'} = $fwhostsettings{'orgname'};
3269 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3270 last;
3271 }
3272 }
3273 }
3274 #check if network with this name already exists
3275 &General::readhasharray("$confignet", \%customnetwork);
3276 if (!&checkname(\%customnetwork))
3277 {
3278 $errormessage=$errormessage."<br>".$Lang::tr{'fwhost err netexist'};
3279 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
3280 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3281 }
3282 #check if network ip already exists
3283 if (!&checkip(\%customnetwork,1))
3284 {
3285 $errormessage=$errormessage."<br>".$Lang::tr{'fwhost err net'};
3286 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3287 }
3288 #check if host with this name already exists
3289 &General::readhasharray("$confighost", \%customhost);
3290 if (!&checkname(\%customhost))
3291 {
3292 $errormessage.="<br>".$Lang::tr{'fwhost err hostexist'};
3293 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
3294 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3295 }
3296 #check if host with this ip already exists
3297 if (!&checkip(\%customhost,2))
3298 {
3299 $errormessage=$errormessage."<br>".$Lang::tr{'fwhost err ipcheck'};
3300 }
3301 return;
3302 }
3303 sub getipforgroup
3304 {
3305 my $name=$_[0],
3306 my $type=$_[1];
3307 my $value;
3308
3309 #get address from IPSEC NETWORK
3310 if ($type eq 'IpSec Network'){
3311 foreach my $key (keys %ipsecconf) {
3312 if ($ipsecconf{$key}[1] eq $name){
3313 if ($ipsecconf{$key}[11] =~ /\|/) {
3314 my $string;
3315 my @parts = split /\|/ , $ipsecconf{$key}[11];
3316 foreach my $key1 (@parts){
3317 my ($val1,$val2) = split (/\//, $key1);
3318 my $val3 = &Network::convert_netmask2prefix($val2) || $val2;
3319 $string .= "$val1/$val3<br>";
3320 }
3321 return $string;
3322 }else{
3323 return $ipsecconf{$key}[11];
3324 }
3325 }else{
3326 if ($name =~ /\|/) {
3327 my ($a,$b) = split /\|/, $name;
3328 return $b;
3329 }
3330 }
3331 }
3332 &deletefromgrp($name,$configgrp);
3333 }
3334
3335 #get address from IPSEC HOST
3336 if ($type eq 'IpSec Host'){
3337 foreach my $key (keys %ipsecconf) {
3338 if ($ipsecconf{$key}[1] eq $name){
3339 return $ipsecconf{$key}[10];
3340 }
3341 }
3342 &deletefromgrp($name,$configgrp);
3343 }
3344
3345 # WireGuard Peers
3346 if ($type eq "wg_peer") {
3347 my $peer = &Wireguard::get_peer_by_name($name);
3348
3349 if (defined $peer) {
3350 my @addresses = ();
3351
3352 if ($peer->{"TYPE"} eq "host") {
3353 push(@addresses, @{ $peer->{"CLIENT_ADDRESS"} });
3354 } elsif ($peer->{"TYPE"} eq "net") {
3355 push(@addresses, @{ $peer->{"REMOTE_SUBNETS"} });
3356 }
3357
3358 return join(", ", @addresses);
3359 }
3360 }
3361
3362 #get address from ovpn ccd Net-2-Net
3363 if ($type eq 'OpenVPN N-2-N'){
3364 foreach my $key (keys %ccdhost) {
3365 if($ccdhost{$key}[1] eq $name){
3366 my ($a,$b) = split ("/",$ccdhost{$key}[11]);
3367 $b=&Network::convert_netmask2prefix($b) || ($b);
3368 return "$a/$b";
3369 }
3370 }
3371 &deletefromgrp($name,$configgrp);
3372 }
3373
3374 #get address from ovpn ccd static host
3375 if ($type eq 'OpenVPN static host'){
3376 foreach my $key (keys %ccdhost) {
3377 if($ccdhost{$key}[1] eq $name){
3378 my ($a,$b) = split (/\//,$ccdhost{$key}[33]);
3379 $b=&Network::convert_netmask2prefix($b) || ($b) ;
3380 return "$a/$b";
3381 }
3382 }
3383 &deletefromgrp($name,$configgrp);
3384 }
3385
3386 #get address from ovpn ccd static net
3387 if ($type eq 'OpenVPN static network'){
3388 foreach my $key (keys %ccdnet) {
3389 if ($ccdnet{$key}[0] eq $name){
3390 my ($a,$b) = split (/\//,$ccdnet{$key}[1]);
3391 $b=&Network::convert_netmask2prefix($b) || ($b);
3392 return "$a/$b";
3393 }
3394 }
3395 }
3396
3397 #check custom addresses
3398 if ($type eq 'Custom Host'){
3399 foreach my $key (keys %customhost) {
3400 if ($customhost{$key}[0] eq $name){
3401 my ($ip,$sub) = split("/",$customhost{$key}[2]);
3402 return $ip;
3403 }
3404 }
3405 }
3406
3407 ##check custom networks
3408 if ($type eq 'Custom Network'){
3409 foreach my $key (keys %customnetwork) {
3410 if($customnetwork{$key}[0] eq $name){
3411 return $customnetwork{$key}[1]."/".&Network::convert_netmask2prefix($customnetwork{$key}[2]) || $customnetwork{$key}[2];
3412 }
3413 }
3414 }
3415
3416 #check standard networks
3417 if ($type eq 'Standard Network'){
3418 if ($name =~ /OpenVPN/i){
3419 my %ovpn=();
3420 &General::readhash("${General::swroot}/ovpn/settings",\%ovpn);
3421 return $ovpn{'DOVPN_SUBNET'};
3422 }
3423 if ($name eq 'GREEN'){
3424 my %hash=();
3425 &General::readhash("${General::swroot}/ethernet/settings",\%hash);
3426 return $hash{'GREEN_NETADDRESS'}."/".&Network::convert_netmask2prefix($hash{'GREEN_NETMASK'}) || $hash{'GREEN_NETMASK'};
3427 }
3428 if ($name eq 'BLUE'){
3429 my %hash=();
3430 &General::readhash("${General::swroot}/ethernet/settings",\%hash);
3431 return $hash{'BLUE_NETADDRESS'}."/".&Network::convert_netmask2prefix($hash{'BLUE_NETMASK'}) || $hash{'BLUE_NETMASK'};
3432 }
3433 if ($name eq 'ORANGE'){
3434 my %hash=();
3435 &General::readhash("${General::swroot}/ethernet/settings",\%hash);
3436 return $hash{'ORANGE_NETADDRESS'}."/".&Network::convert_netmask2prefix($hash{'ORANGE_NETMASK'}) || $hash{'ORANGE_NETMASK'};
3437 }
3438 if ($name eq "WGRW") {
3439 return $Wireguard::settings{'CLIENT_POOL'};
3440 }
3441 if ($name eq 'ALL'){
3442 return "0.0.0.0/0";
3443 }
3444 if ($name =~ /IPsec/i){
3445 my %hash=();
3446 &General::readhash("${General::swroot}/vpn/settings",\%hash);
3447 return $hash{'RW_NET'};
3448 }
3449 if ($name eq 'RED'){
3450 return "0.0.0.0/0";
3451 }
3452 }
3453 }
3454 sub decrease
3455 {
3456 my $grp=$_[0];
3457 &General::readhasharray("$confignet", \%customnetwork);
3458 &General::readhasharray("$confighost", \%customhost);
3459 foreach my $key (sort keys %customgrp ){
3460 if ( ($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Network')){
3461 foreach my $key1 (sort keys %customnetwork){
3462 if ($customnetwork{$key1}[0] eq $customgrp{$key}[2]){
3463 $customnetwork{$key1}[4]=$customnetwork{$key1}[4]-1;
3464 last;
3465 }
3466 }
3467 }
3468
3469 if (($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Host')){
3470 foreach my $key2 (sort keys %customhost){
3471 if ($customhost{$key2}[0] eq $customgrp{$key}[2]){
3472 $customhost{$key2}[4]=$customhost{$key2}[4]-1;
3473 last;
3474 }
3475 }
3476
3477 }
3478 }
3479 &General::writehasharray("$confignet", \%customnetwork);
3480 &General::writehasharray("$confighost", \%customhost);
3481 }
3482 sub decreaseservice
3483 {
3484 my $grp=$_[0];
3485 &General::readhasharray("$configsrv", \%customservice);
3486 &General::readhasharray("$configsrvgrp", \%customservicegrp);
3487
3488 foreach my $key (sort keys %customservicegrp){
3489 if ($customservicegrp{$key}[0] eq $grp ){
3490 foreach my $key2 (sort keys %customservice){
3491 if ($customservice{$key2}[0] eq $customservicegrp{$key}[2]){
3492 $customservice{$key2}[4]--;
3493 }
3494 }
3495 }
3496 }
3497 &General::writehasharray("$configsrv", \%customservice);
3498
3499 }
3500 sub changenameinfw
3501 {
3502 my $old=shift;
3503 my $new=shift;
3504 my $fld=shift;
3505 my $type=shift;
3506
3507 if ($type eq 'location'){
3508 $old="group:$old";
3509 $new="group:$new";
3510 }
3511 &General::readhasharray("$fwconfigfwd", \%fwfwd);
3512 &General::readhasharray("$fwconfiginp", \%fwinp);
3513 &General::readhasharray("$fwconfigout", \%fwout);
3514 #Rename group in Firewall-CONFIG
3515 foreach my $key1 (keys %fwfwd) {
3516 if($fwfwd{$key1}[$fld] eq $old){
3517 $fwfwd{$key1}[$fld]=$new;
3518 }
3519 }
3520 &General::writehasharray("$fwconfigfwd", \%fwfwd );
3521 #Rename group in Firewall-INPUT
3522 foreach my $key2 (keys %fwinp) {
3523 if($fwinp{$key2}[$fld] eq $old){
3524 $fwinp{$key2}[$fld]=$new;
3525 }
3526 }
3527 &General::writehasharray("$fwconfiginp", \%fwinp );
3528 #Rename group in Firewall-OUTGOING
3529 foreach my $key3 (keys %fwout) {
3530 if($fwout{$key3}[$fld] eq $old){
3531 $fwout{$key3}[$fld]=$new;
3532 }
3533 }
3534 &General::writehasharray("$fwconfigout", \%fwout );
3535 }
3536 sub checkports
3537 {
3538
3539 my %hash=%{(shift)};
3540 #check empty fields
3541 if ($fwhostsettings{'SRV_NAME'} eq '' ){
3542 $errormessage=$Lang::tr{'fwhost err name1'};
3543 }
3544 if ($fwhostsettings{'SRV_PORT'} eq '' && $fwhostsettings{'PROT'} ne 'ICMP'){
3545 $errormessage=$Lang::tr{'fwhost err port'};
3546 }
3547 #check valid name
3548 if (! &validhostname($fwhostsettings{'SRV_NAME'})){
3549 $errormessage="<br>".$Lang::tr{'fwhost err name'};
3550 }
3551 #change dashes with :
3552 $fwhostsettings{'SRV_PORT'}=~ tr/-/:/;
3553
3554 if ($fwhostsettings{'SRV_PORT'} eq "*") {
3555 $fwhostsettings{'SRV_PORT'} = "1:65535";
3556 }
3557 if ($fwhostsettings{'SRV_PORT'} =~ /^(\D)\:(\d+)$/) {
3558 $fwhostsettings{'SRV_PORT'} = "1:$2";
3559 }
3560 if ($fwhostsettings{'SRV_PORT'} =~ /^(\d+)\:(\D)$/) {
3561 $fwhostsettings{'SRV_PORT'} = "$1:65535";
3562 }
3563 if($fwhostsettings{'PROT'} ne 'ICMP'){
3564 $errormessage = $errormessage.&General::validportrange($fwhostsettings{'SRV_PORT'}, 'src');
3565 }
3566 # a new service has to have a different name
3567 foreach my $key (keys %hash){
3568 if ($hash{$key}[0] eq $fwhostsettings{'SRV_NAME'}){
3569 $errormessage = "<br>".$Lang::tr{'fwhost err srv exists'};
3570 last;
3571 }
3572 }
3573 return $errormessage;
3574 }
3575 sub validhostname
3576 {
3577 # Checks a hostname against RFC1035
3578 my $hostname = $_[0];
3579
3580 # Each part should be at least two characters in length
3581 # but no more than 63 characters
3582 if (length ($hostname) < 1 || length ($hostname) > 63) {
3583 return 0;}
3584 # Only valid characters are a-z, A-Z, 0-9 and -
3585 if ($hostname !~ /^[a-zA-ZäöüÖÄÜ0-9-_.;()\/\s]*$/) {
3586 return 0;}
3587 # First character can only be a letter or a digit
3588 if (substr ($hostname, 0, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/) {
3589 return 0;}
3590 # Last character can only be a letter or a digit
3591 if (substr ($hostname, -1, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9()]*$/) {
3592 return 0;}
3593 return 1;
3594 }
3595 sub validremark
3596 {
3597 # Checks a hostname against RFC1035
3598 my $remark = $_[0];
3599 # Each part should be at least two characters in length
3600 # but no more than 63 characters
3601 if (length ($remark) < 1 || length ($remark) > 255) {
3602 return 0;}
3603 # Only valid characters are a-z, A-Z, 0-9 and -
3604 if ($remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:;\|_()\/\s]*$/) {
3605 return 0;}
3606 # First character can only be a letter or a digit
3607 if (substr ($remark, 0, 1) !~ /^[a-zäöüA-ZÖÄÜ0-9]*$/) {
3608 return 0;}
3609 # Last character can only be a letter or a digit
3610 if (substr ($remark, -1, 1) !~ /^[a-zöäüA-ZÖÄÜ0-9.:;_)]*$/) {
3611 return 0;}
3612 return 1;
3613 }
3614 &Header::closebigbox();
3615 &Header::closepage();
IPFire 2.x development tree