]> git.ipfire.org Git - ipfire-2.x.git/blob - html/cgi-bin/fwhosts.cgi
projects / ipfire-2.x.git / blob
? search:


953f81e5f9d6e9863cd54794baf8417eb53fd2ad
[ipfire-2.x.git] / html / cgi-bin / fwhosts.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 Alexander Marx <amarx@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21 use strict;
22
23 # enable only the following on debugging purpose
24 #use warnings;
25
26 use Sort::Naturally;
27 use CGI::Carp 'fatalsToBrowser';
28 no warnings 'uninitialized';
29 require '/var/ipfire/general-functions.pl';
30 require '/var/ipfire/network-functions.pl';
31 require "/var/ipfire/location-functions.pl";
32 require "/usr/lib/firewall/firewall-lib.pl";
33 require "${General::swroot}/lang.pl";
34 require "${General::swroot}/header.pl";
35
36 my %fwhostsettings=();
37 my %customnetwork=();
38 my %customhost=();
39 my %customgrp=();
40 my %customservice=();
41 my %customservicegrp=();
42 my %customlocationgrp=();
43 my %ccdnet=();
44 my %ccdhost=();
45 my %ipsecconf=();
46 my %icmptypes=();
47 my %color=();
48 my %defaultNetworks=();
49 my %mainsettings=();
50 my %ownnet=();
51 my %ipsecsettings=();
52 my %fwfwd=();
53 my %fwinp=();
54 my %fwout=();
55 my %ovpnsettings=();
56 my %netsettings=();
57 my %optionsfw=();
58
59 my $errormessage;
60 my $hint;
61 my $update=0;
62 my $confignet = "${General::swroot}/fwhosts/customnetworks";
63 my $confighost = "${General::swroot}/fwhosts/customhosts";
64 my $configgrp = "${General::swroot}/fwhosts/customgroups";
65 my $configccdnet = "${General::swroot}/ovpn/ccd.conf";
66 my $configccdhost = "${General::swroot}/ovpn/ovpnconfig";
67 my $configipsec = "${General::swroot}/vpn/config";
68 my $configsrv = "${General::swroot}/fwhosts/customservices";
69 my $configsrvgrp = "${General::swroot}/fwhosts/customservicegrp";
70 my $configlocationgrp = "${General::swroot}/fwhosts/customlocationgrp";
71 my $fwconfigfwd = "${General::swroot}/firewall/config";
72 my $fwconfiginp = "${General::swroot}/firewall/input";
73 my $fwconfigout = "${General::swroot}/firewall/outgoing";
74 my $fwoptions = "${General::swroot}/optionsfw/settings";
75 my $configovpn = "${General::swroot}/ovpn/settings";
76 my $configipsecrw = "${General::swroot}/vpn/settings";
77
78 unless (-e $confignet) { &General::system("touch", "$confignet"); }
79 unless (-e $confighost) { &General::system("touch", "$confighost"); }
80 unless (-e $configgrp) { &General::system("touch", "$configgrp"); }
81 unless (-e $configsrv) { &General::system("touch", "$configsrv"); }
82 unless (-e $configsrvgrp) { &General::system("touch", "$configsrvgrp"); }
83 unless (-e $configlocationgrp) { &General::system("touch $configlocationgrp"); }
84
85 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
86 &General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
87 &General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
88 &General::readhash("$configovpn", \%ovpnsettings);
89 &General::readhasharray("$configipsec", \%ipsecconf);
90 &General::readhash("$configipsecrw", \%ipsecsettings);
91 &General::readhash("/var/ipfire/ethernet/settings", \%netsettings);
92 &General::readhash($fwoptions, \%optionsfw);
93
94 &Header::getcgihash(\%fwhostsettings);
95 &Header::showhttpheaders();
96 &Header::openpage($Lang::tr{'fwhost menu'}, 1, '');
97 &Header::openbigbox('100%', 'center');
98
99 #### JAVA SCRIPT ####
100 print<<END;
101 <script>
102 var PROTOCOLS_WITH_PORTS = ["TCP", "UDP"];
103 var update_protocol = function() {
104 var protocol = \$("#protocol").val();
105
106 if (protocol === undefined)
107 return;
108
109 // Check if we are dealing with a protocol, that knows ports.
110 if (\$.inArray(protocol, PROTOCOLS_WITH_PORTS) >= 0) {
111 \$("#PORT").show();
112 \$("#PROTOKOLL").hide();
113 } else {
114 \$("#PORT").hide();
115 \$("#PROTOKOLL").show();
116 }
117 };
118
119 \$(document).ready(function() {
120 var protocol = \$("#protocol").val();
121 \$("#protocol").change(update_protocol);
122 update_protocol();
123 // Automatically select radio buttons when corresponding
124 // dropdown menu changes.
125 \$("select").change(function() {
126 var id = \$(this).attr("name");
127 \$('#' + id).prop("checked", true);
128 });
129 });
130 </script>
131 END
132
133 ## ACTION ####
134 # Update
135 if ($fwhostsettings{'ACTION'} eq 'updatenet' )
136 {
137 &General::readhasharray("$confignet", \%customnetwork);
138 foreach my $key (keys %customnetwork)
139 {
140 if($customnetwork{$key}[0] eq $fwhostsettings{'orgname'})
141 {
142 $fwhostsettings{'orgname'} = $customnetwork{$key}[0];
143 $fwhostsettings{'orgip'} = $customnetwork{$key}[1];
144 $fwhostsettings{'orgsub'} = $customnetwork{$key}[2];
145 $fwhostsettings{'netremark'} = $customnetwork{$key}[3];
146 $fwhostsettings{'count'} = $customnetwork{$key}[4];
147 delete $customnetwork{$key};
148
149 }
150 }
151 &General::writehasharray("$confignet", \%customnetwork);
152 $fwhostsettings{'actualize'} = 'on';
153 $fwhostsettings{'ACTION'} = 'savenet';
154 }
155 if ($fwhostsettings{'ACTION'} eq 'updatehost')
156 {
157 my ($ip,$subnet);
158 &General::readhasharray("$confighost", \%customhost);
159 foreach my $key (keys %customhost)
160 {
161 if($customhost{$key}[0] eq $fwhostsettings{'orgname'})
162 {
163 if ($customhost{$key}[1] eq 'ip'){
164 ($ip,$subnet) = split (/\//,$customhost{$key}[2]);
165 }else{
166 $ip = $customhost{$key}[2];
167 }
168 $fwhostsettings{'orgip'} = $ip;
169 $fwhostsettings{'count'} = $customhost{$key}[4];
170 delete $customhost{$key};
171 &General::writehasharray("$confighost", \%customhost);
172 }
173 }
174 $fwhostsettings{'actualize'} = 'on';
175 if($fwhostsettings{'orgip'}){
176 $fwhostsettings{'ACTION'} = 'savehost';
177 }else{
178 $fwhostsettings{'ACTION'} = $Lang::tr{'fwhost newhost'};
179 }
180 }
181 if ($fwhostsettings{'ACTION'} eq 'updateservice')
182 {
183 my $count=0;
184 my $needrules=0;
185 $errormessage=&checkports(\%customservice);
186 if ($fwhostsettings{'oldsrvname'} ne $fwhostsettings{'SRV_NAME'} && !&checkgroup($fwhostsettings{'SRV_NAME'})){
187 $errormessage=$Lang::tr{'fwhost err grpexist'};
188 }
189 if (!$errormessage){
190 &General::readhasharray("$configsrv", \%customservice);
191 foreach my $key (keys %customservice)
192 {
193 if ($customservice{$key}[0] eq $fwhostsettings{'oldsrvname'})
194 {
195 delete $customservice{$key};
196 &General::writehasharray("$configsrv", \%customservice);
197 last;
198 }
199 }
200 if ($fwhostsettings{'PROT'} ne 'ICMP'){
201 $fwhostsettings{'ICMP_TYPES'}='BLANK';
202 }
203 my $key1 = &General::findhasharraykey(\%customservice);
204 #find out short ICMP-TYPE
205 &General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
206 foreach my $key (keys %icmptypes){
207 if ("$icmptypes{$key}[0] ($icmptypes{$key}[1])" eq $fwhostsettings{'ICMP_TYPES'}){
208 $fwhostsettings{'ICMP_TYPES'}=$icmptypes{$key}[0];
209 }
210 }
211 foreach my $i (0 .. 4) { $customservice{$key1}[$i] = "";}
212 $customservice{$key1}[0] = $fwhostsettings{'SRV_NAME'};
213 $customservice{$key1}[1] = $fwhostsettings{'SRV_PORT'};
214 $customservice{$key1}[2] = $fwhostsettings{'PROT'};
215 $customservice{$key1}[3] = $fwhostsettings{'ICMP_TYPES'};
216 &General::writehasharray("$configsrv", \%customservice);
217 #check if we need to update firewallrules
218 if ($fwhostsettings{'SRV_NAME'} ne $fwhostsettings{'oldsrvname'}){
219 if ( ! -z $fwconfigfwd ){
220 &General::readhasharray("$fwconfigfwd", \%fwfwd);
221 foreach my $key (sort keys %fwfwd){
222 if ($fwfwd{$key}[15] eq $fwhostsettings{'oldsrvname'}){
223 $fwfwd{$key}[15] = $fwhostsettings{'SRV_NAME'};
224 }
225 }
226 &General::writehasharray("$fwconfigfwd", \%fwfwd);
227 }
228 if ( ! -z $fwconfiginp ){
229 &General::readhasharray("$fwconfiginp", \%fwinp);
230 foreach my $line (sort keys %fwinp){
231 if ($fwfwd{$line}[15] eq $fwhostsettings{'oldsrvname'}){
232 $fwfwd{$line}[15] = $fwhostsettings{'SRV_NAME'};
233 }
234 }
235 &General::writehasharray("$fwconfiginp", \%fwinp);
236 }
237 if ( ! -z $fwconfigout ){
238 &General::readhasharray("$fwconfigout", \%fwout);
239 foreach my $line (sort keys %fwout){
240 if ($fwout{$line}[15] eq $fwhostsettings{'oldsrvname'}){
241 $fwout{$line}[15] = $fwhostsettings{'SRV_NAME'};
242 }
243 }
244 &General::writehasharray("$fwconfigout", \%fwout);
245 }
246 #check if we need to update groups
247 &General::readhasharray("$configsrvgrp", \%customservicegrp);
248 foreach my $key (sort keys %customservicegrp){
249 if($customservicegrp{$key}[2] eq $fwhostsettings{'oldsrvname'}){
250 $customservicegrp{$key}[2] = $fwhostsettings{'SRV_NAME'};
251 &checkrulereload($customservicegrp{$key}[0]);
252 }
253 }
254 &General::writehasharray("$configsrvgrp", \%customservicegrp);
255 }
256 &checkrulereload($fwhostsettings{'SRV_NAME'});
257 $fwhostsettings{'SRV_NAME'} = '';
258 $fwhostsettings{'SRV_PORT'} = '';
259 $fwhostsettings{'PROT'} = '';
260 $fwhostsettings{'ICMP'} = '';
261 $fwhostsettings{'oldsrvicmp'} = '';
262 $fwhostsettings{'updatesrv'} = '';
263 }else{
264 $fwhostsettings{'SRV_NAME'} = $fwhostsettings{'oldsrvname'};
265 $fwhostsettings{'SRV_PORT'} = $fwhostsettings{'oldsrvport'};
266 $fwhostsettings{'PROT'} = $fwhostsettings{'oldsrvprot'};
267 $fwhostsettings{'ICMP'} = $fwhostsettings{'oldsrvicmp'};
268 $fwhostsettings{'updatesrv'}= 'on';
269 }
270 &addservice;
271 }
272 # save
273 if ($fwhostsettings{'ACTION'} eq 'savenet' )
274 {
275 my $needrules=0;
276 if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
277 #check if all fields are set
278 if ($fwhostsettings{'HOSTNAME'} eq '' || $fwhostsettings{'IP'} eq '' || $fwhostsettings{'SUBNET'} eq '')
279 {
280 $errormessage=$errormessage.$Lang::tr{'fwhost err empty'};
281 &addnet;
282 &viewtablenet;
283 }else{
284 #convert ip if leading '0' exists
285 $fwhostsettings{'IP'} = &Network::ip_remove_zero($fwhostsettings{'IP'});
286
287 #check valid ip
288 if (!&General::validipandmask($fwhostsettings{'IP'}."/".$fwhostsettings{'SUBNET'}))
289 {
290 $errormessage=$errormessage.$Lang::tr{'fwhost err addr'};
291 $fwhostsettings{'BLK_HOST'} ='readonly';
292 $fwhostsettings{'NOCHECK'} ='false';
293 $fwhostsettings{'error'} ='on';
294 }
295 #check remark
296 if ($fwhostsettings{'NETREMARK'} ne '' && !&validremark($fwhostsettings{'NETREMARK'})){
297 $errormessage=$Lang::tr{'fwhost err remark'};
298 $fwhostsettings{'error'} ='on';
299 }
300 #check if subnet is sigle host
301 if(&General::iporsubtocidr($fwhostsettings{'SUBNET'}) eq '32')
302 {
303 $errormessage=$errormessage.$Lang::tr{'fwhost err sub32'};
304 }
305 if($fwhostsettings{'error'} ne 'on'){
306 my $fullip="$fwhostsettings{'IP'}/".&General::iporsubtocidr($fwhostsettings{'SUBNET'});
307 $errormessage=$errormessage.&General::checksubnets($fwhostsettings{'HOSTNAME'},$fullip,"","exact");
308 }
309 #only check plausi when no error till now
310 if (!$errormessage){
311 &plausicheck("editnet");
312 }
313 if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newnet'} ne 'on' && $errormessage)
314 {
315 $fwhostsettings{'actualize'} = '';
316 my $key = &General::findhasharraykey (\%customnetwork);
317 foreach my $i (0 .. 3) { $customnetwork{$key}[$i] = "";}
318 $customnetwork{$key}[0] = $fwhostsettings{'orgname'} ;
319 $customnetwork{$key}[1] = $fwhostsettings{'orgip'} ;
320 $customnetwork{$key}[2] = $fwhostsettings{'orgsub'};
321 $customnetwork{$key}[3] = $fwhostsettings{'orgnetremark'};
322 &General::writehasharray("$confignet", \%customnetwork);
323 undef %customnetwork;
324 }
325 if (!$errormessage){
326 &General::readhasharray("$confignet", \%customnetwork);
327 if ($fwhostsettings{'ACTION'} eq 'updatenet'){
328 if ($fwhostsettings{'update'} == '0'){
329 foreach my $key (keys %customnetwork) {
330 if($customnetwork{$key}[0] eq $fwhostsettings{'orgname'}){
331 delete $customnetwork{$key};
332 last;
333 }
334 }
335 }
336 }
337 #get count if actualize is 'on'
338 if($fwhostsettings{'actualize'} eq 'on'){
339 $fwhostsettings{'actualize'} = '';
340 #check if we need to reload rules
341 if($fwhostsettings{'orgip'} ne $fwhostsettings{'IP'}){
342 $needrules='on';
343 }
344 if ($fwhostsettings{'orgname'} ne $fwhostsettings{'HOSTNAME'}){
345 #check if we need to update groups
346 &General::readhasharray("$configgrp", \%customgrp);
347 foreach my $key (sort keys %customgrp){
348 if($customgrp{$key}[2] eq $fwhostsettings{'orgname'}){
349 $customgrp{$key}[2]=$fwhostsettings{'HOSTNAME'};
350 last;
351 }
352 }
353 &General::writehasharray("$configgrp", \%customgrp);
354 #check if we need to update firewallrules
355 if ( ! -z $fwconfigfwd ){
356 &General::readhasharray("$fwconfigfwd", \%fwfwd);
357 foreach my $line (sort keys %fwfwd){
358 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
359 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
360 }
361 if ($fwfwd{$line}[6] eq $fwhostsettings{'orgname'}){
362 $fwfwd{$line}[6] = $fwhostsettings{'HOSTNAME'};
363 }
364 }
365 &General::writehasharray("$fwconfigfwd", \%fwfwd);
366 }
367 if ( ! -z $fwconfiginp ){
368 &General::readhasharray("$fwconfiginp", \%fwinp);
369 foreach my $line (sort keys %fwinp){
370 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
371 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
372 }
373 }
374 &General::writehasharray("$fwconfiginp", \%fwinp);
375 }
376 }
377 }
378 my $key = &General::findhasharraykey (\%customnetwork);
379 foreach my $i (0 .. 3) { $customnetwork{$key}[$i] = "";}
380 $fwhostsettings{'SUBNET'} = &General::iporsubtocidr($fwhostsettings{'SUBNET'});
381 $customnetwork{$key}[0] = $fwhostsettings{'HOSTNAME'};
382 $customnetwork{$key}[1] = &General::getnetworkip($fwhostsettings{'IP'},$fwhostsettings{'SUBNET'}) ;
383 $customnetwork{$key}[2] = &General::iporsubtodec($fwhostsettings{'SUBNET'}) ;
384 $customnetwork{$key}[3] = $fwhostsettings{'NETREMARK'};
385 &General::writehasharray("$confignet", \%customnetwork);
386 $fwhostsettings{'IP'}=$fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
387 undef %customnetwork;
388 $fwhostsettings{'HOSTNAME'}='';
389 $fwhostsettings{'IP'}='';
390 $fwhostsettings{'SUBNET'}='';
391 $fwhostsettings{'NETREMARK'}='';
392 #check if an edited net affected groups and need to reload rules
393 if ($needrules eq 'on'){
394 &General::firewall_config_changed();
395 }
396 &addnet;
397 &viewtablenet;
398 }else{
399 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
400 &addnet;
401 &viewtablenet;
402 }
403 }
404 }
405 if ($fwhostsettings{'ACTION'} eq 'savehost')
406 {
407 my $needrules=0;
408 if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
409 $fwhostsettings{'SUBNET'}='32';
410 #check if all fields are set
411 if ($fwhostsettings{'HOSTNAME'} eq '' || $fwhostsettings{'IP'} eq '' || $fwhostsettings{'SUBNET'} eq '')
412 {
413 $errormessage=$errormessage.$Lang::tr{'fwhost err empty'};
414 $fwhostsettings{'ACTION'} = 'edithost';
415 }else{
416 if($fwhostsettings{'IP'}=~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/){
417 $fwhostsettings{'type'} = 'mac';
418 }elsif($fwhostsettings{'IP'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
419 $fwhostsettings{'type'} = 'ip';
420 }else{
421 $fwhostsettings{'type'} = '';
422 $errormessage=$Lang::tr{'fwhost err ipmac'};
423 }
424 #check remark
425 if ($fwhostsettings{'HOSTREMARK'} ne '' && !&validremark($fwhostsettings{'HOSTREMARK'})){
426 $errormessage=$Lang::tr{'fwhost err remark'};
427 }
428 #CHECK IP-PART
429 if ($fwhostsettings{'type'} eq 'ip'){
430 #convert ip if leading '0' exists
431 $fwhostsettings{'IP'} = &Network::ip_remove_zero($fwhostsettings{'IP'});
432
433 #check for subnet
434 if (rindex($fwhostsettings{'IP'},'/') eq '-1' ){
435 if($fwhostsettings{'type'} eq 'ip' && !&General::validipandmask($fwhostsettings{'IP'}."/32"))
436 {
437 $errormessage.=$errormessage.$Lang::tr{'fwhost err ip'};
438 $fwhostsettings{'error'}='on';
439 }
440 }elsif(rindex($fwhostsettings{'IP'},'/') ne '-1' ){
441 $errormessage=$errormessage.$Lang::tr{'fwhost err ipwithsub'};
442 $fwhostsettings{'error'}='on';
443 }
444 #check if net or broadcast
445 my @tmp= split (/\./,$fwhostsettings{'IP'});
446 if (($tmp[3] eq "0") || ($tmp[3] eq "255")){
447 $errormessage=$Lang::tr{'fwhost err hostip'};
448 }
449 }
450 #only check plausi when no error till now
451 if (!$errormessage){
452 &plausicheck("edithost");
453 }
454 if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newhost'} ne 'on' && $errormessage){
455 $fwhostsettings{'actualize'} = '';
456 my $key = &General::findhasharraykey (\%customhost);
457 foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";}
458 $customhost{$key}[0] = $fwhostsettings{'orgname'} ;
459 $customhost{$key}[1] = $fwhostsettings{'type'} ;
460 if($customhost{$key}[1] eq 'ip'){
461 $customhost{$key}[2] = $fwhostsettings{'orgip'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
462 }else{
463 $customhost{$key}[2] = $fwhostsettings{'orgip'};
464 }
465 $customhost{$key}[3] = $fwhostsettings{'orgremark'};
466 &General::writehasharray("$confighost", \%customhost);
467 undef %customhost;
468 }
469 if (!$errormessage){
470 #get count if host was edited
471 if($fwhostsettings{'actualize'} eq 'on'){
472 if($fwhostsettings{'orgip'} ne $fwhostsettings{'IP'}){
473 $needrules='on';
474 }
475 if($fwhostsettings{'orgname'} ne $fwhostsettings{'HOSTNAME'}){
476 #check if we need to update groups
477 &General::readhasharray("$configgrp", \%customgrp);
478 foreach my $key (sort keys %customgrp){
479 if($customgrp{$key}[2] eq $fwhostsettings{'orgname'}){
480 $customgrp{$key}[2]=$fwhostsettings{'HOSTNAME'};
481 }
482 }
483 &General::writehasharray("$configgrp", \%customgrp);
484 #check if we need to update firewallrules
485 if ( ! -z $fwconfigfwd ){
486 &General::readhasharray("$fwconfigfwd", \%fwfwd);
487 foreach my $line (sort keys %fwfwd){
488 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
489 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
490 }
491 if ($fwfwd{$line}[6] eq $fwhostsettings{'orgname'}){
492 $fwfwd{$line}[6] = $fwhostsettings{'HOSTNAME'};
493 }
494 }
495 &General::writehasharray("$fwconfigfwd", \%fwfwd);
496 }
497 if ( ! -z $fwconfiginp ){
498 &General::readhasharray("$fwconfiginp", \%fwinp);
499 foreach my $line (sort keys %fwinp){
500 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
501 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
502 }
503 }
504 &General::writehasharray("$fwconfiginp", \%fwinp);
505 }
506 }
507 }
508 my $key = &General::findhasharraykey (\%customhost);
509 foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";}
510 $customhost{$key}[0] = $fwhostsettings{'HOSTNAME'} ;
511 $customhost{$key}[1] = $fwhostsettings{'type'} ;
512 if ($fwhostsettings{'type'} eq 'ip'){
513 $customhost{$key}[2] = $fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
514 }else{
515 $customhost{$key}[2] = $fwhostsettings{'IP'};
516 }
517 $customhost{$key}[3] = $fwhostsettings{'HOSTREMARK'};
518 &General::writehasharray("$confighost", \%customhost);
519 undef %customhost;
520 $fwhostsettings{'HOSTNAME'}='';
521 $fwhostsettings{'IP'}='';
522 $fwhostsettings{'type'}='';
523 $fwhostsettings{'HOSTREMARK'}='';
524 #check if we need to update rules while host was edited
525 if($needrules eq 'on'){
526 &General::firewall_config_changed();
527 }
528 &addhost;
529 &viewtablehost;
530 }else{
531 &addhost;
532 &viewtablehost;
533 }
534 }
535 }
536 if ($fwhostsettings{'ACTION'} eq 'savegrp')
537 {
538 my $grp=$fwhostsettings{'grp_name'};
539 my $rem=$fwhostsettings{'remark'};
540 my $count;
541 my $type;
542 my $updcounter='off';
543 my @target;
544 my @newgrp;
545 &General::readhasharray("$configgrp", \%customgrp);
546 &General::readhasharray("$confignet", \%customnetwork);
547 &General::readhasharray("$confighost", \%customhost);
548 &General::readhasharray("$fwconfigfwd", \%fwfwd);
549 &General::readhasharray("$fwconfiginp", \%fwinp);
550 &General::readhasharray("$fwconfigout", \%fwout);
551 #check name
552 if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
553 #check existing name
554 if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){$errormessage.=$Lang::tr{'fwhost err grpexist'};}
555 #check remark
556 if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){
557 $errormessage.=$Lang::tr{'fwhost err remark'};
558 }
559 if ($fwhostsettings{'update'} eq 'on'){
560 #check standard networks
561 if ($fwhostsettings{'grp2'} eq 'std_net'){
562 @target=$fwhostsettings{'DEFAULT_SRC_ADR'};
563 $type='Standard Network';
564 }
565 #check custom networks
566 if ($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} ne ''){
567 @target=$fwhostsettings{'CUST_SRC_NET'};
568 $updcounter='net';
569 $type='Custom Network';
570 }elsif($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} eq ''){
571 $errormessage=$Lang::tr{'fwhost err groupempty'}."<br>";
572 $fwhostsettings{'grp_name'}='';
573 $fwhostsettings{'remark'}='';
574 }
575 #check custom addresses
576 if ($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} ne ''){
577 @target=$fwhostsettings{'CUST_SRC_HOST'};
578 $updcounter='host';
579 $type='Custom Host';
580 }elsif($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} eq ''){
581 $errormessage=$Lang::tr{'fwhost err groupempty'}."<br>";
582 $fwhostsettings{'grp_name'}='';
583 $fwhostsettings{'remark'}='';
584 }
585 # Fetch the address from a WireGuard Peer
586 if ($fwhostsettings{'grp2'} eq 'wg_peer' && $fwhostsettings{'WG_PEER'} ne ''){
587 @target=$fwhostsettings{'WG_PEER'};
588 $type='wg_peer';
589 }elsif ($fwhostsettings{'grp2'} eq 'wg_peer' && $fwhostsettings{'WG_PEER'} eq ''){
590 $errormessage=$Lang::tr{'fwhost err groupempty'};
591 }
592 #get address from ovpn ccd static net
593 if ($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} ne ''){
594 @target=$fwhostsettings{'OVPN_CCD_NET'};
595 $type='OpenVPN static network';
596 }elsif($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} eq ''){
597 $errormessage=$Lang::tr{'fwhost err groupempty'};
598 $fwhostsettings{'grp_name'}='';
599 $fwhostsettings{'remark'}='';
600 }
601 #get address from ovpn ccd static host
602 if ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} ne ''){
603 @target=$fwhostsettings{'OVPN_CCD_HOST'};
604 $type='OpenVPN static host';
605 }elsif ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} eq ''){
606 $errormessage=$Lang::tr{'fwhost err groupempty'};
607 }
608 #get address from ovpn ccd Net-2-Net
609 if ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} ne ''){
610 @target=$fwhostsettings{'OVPN_N2N'};
611 $type='OpenVPN N-2-N';
612 }elsif ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} eq ''){
613 $errormessage=$Lang::tr{'fwhost err groupempty'};
614 $fwhostsettings{'grp_name'}='';
615 $fwhostsettings{'remark'}='';
616 }
617 #get address from IPSEC HOST
618 if ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} ne ''){
619 @target=$fwhostsettings{'IPSEC_HOST'};
620 $type='IpSec Host';
621 }elsif ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} eq ''){
622 $errormessage=$Lang::tr{'fwhost err groupempty'};
623 $fwhostsettings{'grp_name'}='';
624 $fwhostsettings{'remark'}='';
625 }
626 #get address from IPSEC NETWORK
627 if ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} ne ''){
628 @target=$fwhostsettings{'IPSEC_NET'};
629 $type='IpSec Network';
630 }elsif ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} eq ''){
631 $errormessage=$Lang::tr{'fwhost err groupempty'};
632 $fwhostsettings{'grp_name'}='';
633 $fwhostsettings{'remark'}='';
634 }
635 #check if host/net exists in grp
636
637 my $test="$grp,$fwhostsettings{'oldremark'},@target,$type";
638 foreach my $key (keys %customgrp) {
639 my $test1="$customgrp{$key}[0],$customgrp{$key}[1],$customgrp{$key}[2],$customgrp{$key}[3]";
640 if ($test1 eq $test){
641 $errormessage=$Lang::tr{'fwhost err isingrp'};
642 $fwhostsettings{'update'} = 'on';
643 }
644 }
645 }
646
647 if (!$errormessage){
648 #on first save, we have an empty @target, so fill it with nothing
649 my $targetvalues=@target;
650 if ($targetvalues == '0'){
651 @target="none";
652 }
653 #on update, we have to delete the dummy entry
654 foreach my $key (keys %customgrp){
655 if ($customgrp{$key}[0] eq $grp && $customgrp{$key}[2] eq "none"){
656 delete $customgrp{$key};
657 last;
658 }
659 }
660 &General::writehasharray("$configgrp", \%customgrp);
661 &General::readhasharray("$configgrp", \%customgrp);
662 #create array with new lines
663 foreach my $line (@target){
664 push (@newgrp,"$grp,$rem,$line");
665 }
666 #append new entries
667 my $key = &General::findhasharraykey (\%customgrp);
668 foreach my $line (@newgrp){
669 foreach my $i (0 .. 3) { $customgrp{$key}[$i] = "";}
670 my ($a,$b,$c,$d) = split (",",$line);
671 $customgrp{$key}[0] = $a;
672 $customgrp{$key}[1] = $b;
673 $customgrp{$key}[2] = $c;
674 $customgrp{$key}[3] = $type;
675 }
676 &General::writehasharray("$configgrp", \%customgrp);
677 #update counter in Host/Net
678 $fwhostsettings{'update'}='on';
679 }
680 #check if ruleupdate is needed
681 my $netgrpcount=0;
682 $netgrpcount=&getnetcount($grp);
683 if($netgrpcount > 0 )
684 {
685 &General::firewall_config_changed();
686 }
687 &addgrp;
688 &viewtablegrp;
689 }
690 if ($fwhostsettings{'ACTION'} eq 'savelocationgrp')
691 {
692 my $grp=$fwhostsettings{'grp_name'};
693 my $rem=$fwhostsettings{'remark'};
694 my $count;
695 my $type;
696 my @target;
697 my @newgrp;
698 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
699 &General::readhasharray("$fwconfigfwd", \%fwfwd);
700 &General::readhasharray("$fwconfiginp", \%fwinp);
701 &General::readhasharray("$fwconfigout", \%fwout);
702
703 # Check name
704 if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
705
706 # Check for existing group name.
707 if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){
708 $errormessage = $Lang::tr{'fwhost err grpexist'};
709 }
710
711 # Check remark.
712 if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){
713 $errormessage = $Lang::tr{'fwhost err remark'};
714 }
715
716 if ($fwhostsettings{'update'} eq 'on'){
717 @target=$fwhostsettings{'COUNTRY_CODE'};
718 $type='Location Group';
719
720 #check if host/net exists in grp
721 my $test="$grp,$fwhostsettings{'oldremark'},@target";
722 foreach my $key (keys %customlocationgrp) {
723 my $test1="$customlocationgrp{$key}[0],$customlocationgrp{$key}[1],$customlocationgrp{$key}[2]";
724 if ($test1 eq $test){
725 $errormessage=$Lang::tr{'fwhost err isingrp'};
726 $fwhostsettings{'update'} = 'on';
727 }
728 }
729 }
730
731 if (!$errormessage){
732 #on first save, we have an empty @target, so fill it with nothing
733 my $targetvalues=@target;
734 if ($targetvalues == '0'){
735 @target="none";
736 }
737 #on update, we have to delete the dummy entry
738 foreach my $key (keys %customlocationgrp){
739 if ($customlocationgrp{$key}[0] eq $grp && $customlocationgrp{$key}[2] eq "none"){
740 delete $customlocationgrp{$key};
741 last;
742 }
743 }
744 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
745 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
746 #create array with new lines
747 foreach my $line (@target){
748 push (@newgrp,"$grp,$rem,$line");
749 }
750 #append new entries
751 my $key = &General::findhasharraykey (\%customlocationgrp);
752 foreach my $line (@newgrp){
753 foreach my $i (0 .. 3) { $customlocationgrp{$key}[$i] = "";}
754 my ($a,$b,$c,$d) = split (",",$line);
755 $customlocationgrp{$key}[0] = $a;
756 $customlocationgrp{$key}[1] = $b;
757 $customlocationgrp{$key}[2] = $c;
758 $customlocationgrp{$key}[3] = $type;
759 }
760 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
761 #update counter in Host/Net
762 $fwhostsettings{'update'}='on';
763 }
764 #check if ruleupdate is needed
765 my $locationgrpcount=0;
766 $locationgrpcount=&getlocationcount($grp);
767 if($locationgrpcount > 0 )
768 {
769 &General::firewall_config_changed();
770 }
771 &addlocationgrp;
772 &viewtablelocationgrp;
773 }
774 if ($fwhostsettings{'ACTION'} eq 'saveservice')
775 {
776 my $ICMP;
777 &General::readhasharray("$configsrv", \%customservice );
778 &General::readhasharray("$configgrp", \%customgrp);
779 $errormessage=&checkports(\%customservice);
780 if ($fwhostsettings{'PROT'} eq 'ICMP'){
781 &General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
782 foreach my $key (keys %icmptypes){
783 if ("$icmptypes{$key}[0] ($icmptypes{$key}[1])" eq $fwhostsettings{'ICMP_TYPES'}){
784 $ICMP=$icmptypes{$key}[0];
785 }
786 }
787 }
788 if($ICMP eq ''){$ICMP=$fwhostsettings{'ICMP_TYPES'};}
789 if ($fwhostsettings{'PROT'} ne 'ICMP'){$ICMP='BLANK';}
790 #Check if a group with the same name already exists
791 if (!&checkgroup($fwhostsettings{'SRV_NAME'})){
792 $errormessage = $Lang::tr{'fwhost err grpexist'};
793 }
794 if (!$errormessage){
795 my $key = &General::findhasharraykey (\%customservice);
796 foreach my $i (0 .. 4) { $customservice{$key}[$i] = "";}
797 $customservice{$key}[0] = $fwhostsettings{'SRV_NAME'};
798 $customservice{$key}[1] = $fwhostsettings{'SRV_PORT'};
799 $customservice{$key}[2] = $fwhostsettings{'PROT'};
800 $customservice{$key}[3] = $ICMP;
801 &General::writehasharray("$configsrv", \%customservice );
802 #reset fields
803 $fwhostsettings{'SRV_NAME'}='';
804 $fwhostsettings{'SRV_PORT'}='';
805 $fwhostsettings{'PROT'}='';
806 $fwhostsettings{'ICMP_TYPES'}='';
807 }
808 &addservice;
809 }
810 if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
811 {
812 my $prot;
813 my $port;
814 my $tcpcounter=0;
815 my $udpcounter=0;
816 &General::readhasharray("$configsrvgrp", \%customservicegrp );
817 &General::readhasharray("$configsrv", \%customservice );
818 $errormessage=&checkservicegroup;
819 #Check if we have more than 15 services from one Protocol in the group
820 #iptables can only handle 15 ports/portranges via multiport
821 foreach my $key (keys %customservicegrp){
822 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){
823 foreach my $key1 (keys %customservice){
824 $tcpcounter++ if $customservice{$key1}[2] eq 'TCP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0];
825 $tcpcounter++ if $customservice{$key1}[2] eq 'TCP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0] && $customservice{$key1}[1] =~m/:/i;
826 $udpcounter++ if $customservice{$key1}[2] eq 'UDP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0];
827 $udpcounter++ if $customservice{$key1}[2] eq 'UDP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0] && $customservice{$key1}[1] =~m/:/i;
828 }
829 }
830 }
831
832 # Loop through the hash of configured services.
833 foreach my $key (keys %customservice) {
834 # Assign nice human-readable values.
835 my $service_name = $customservice{$key}[0];
836 my $service_port = $customservice{$key}[1];
837 my $service_proto = $customservice{$key}[2];
838
839 # Skip services unless the processed one has found.
840 next unless $service_name eq $fwhostsettings{'CUST_SRV'};
841
842 # Increase the counters.
843 $tcpcounter++ if $service_proto eq 'TCP';
844 $tcpcounter++ if $service_proto eq 'TCP' && $service_port =~ m/:/i;
845 $udpcounter++ if $service_proto eq 'UDP';
846 $udpcounter++ if $service_proto eq 'UDP' && $service_port =~ m/:/i;
847 }
848
849 if ($tcpcounter > 15) {
850 $errormessage=$Lang::tr{'fwhost err maxservicetcp'};
851 }
852 if ($udpcounter > 15) {
853 $errormessage=$Lang::tr{'fwhost err maxserviceudp'};
854 }
855 $tcpcounter=0;
856 $udpcounter=0;
857 #check remark
858 if ($fwhostsettings{'SRVGRP_REMARK'} ne '' && !&validremark($fwhostsettings{'SRVGRP_REMARK'})){
859 $errormessage .= $Lang::tr{'fwhost err remark'};
860 }
861 #Check if there is already a service with the same name
862 if(!&checkservice($fwhostsettings{'SRVGRP_NAME'})){
863 $errormessage .= $Lang::tr{'fwhost err srv exists'};
864 }
865 if (!$errormessage){
866 #on first save, we have to enter a dummy value
867 if ($fwhostsettings{'CUST_SRV'} eq ''){
868 $fwhostsettings{'CUST_SRV'}='none';
869 }
870 #on update, we have to delete the dummy entry
871 foreach my $key (keys %customservicegrp){
872 if ($customservicegrp{$key}[2] eq 'none' && $customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){
873 delete $customservicegrp{$key};
874 last;
875 }
876 }
877 &General::writehasharray("$configsrvgrp", \%customservicegrp );
878 #check if remark has also changed
879 if ($fwhostsettings{'SRVGRP_REMARK'} ne $fwhostsettings{'oldsrvgrpremark'} && $fwhostsettings{'updatesrvgrp'} eq 'on')
880 {
881 foreach my $key (keys %customservicegrp)
882 {
883 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvgrpremark'})
884 {
885 $customservicegrp{$key}[1]='';
886 $customservicegrp{$key}[1]=$fwhostsettings{'SRVGRP_REMARK'};
887 }
888 }
889 }
890 my $key = &General::findhasharraykey (\%customservicegrp);
891 foreach my $i (0 .. 2) { $customservice{$key}[$i] = "";}
892 $customservicegrp{$key}[0] = $fwhostsettings{'SRVGRP_NAME'};
893 $customservicegrp{$key}[1] = $fwhostsettings{'SRVGRP_REMARK'};
894 $customservicegrp{$key}[2] = $fwhostsettings{'CUST_SRV'};
895 &General::writehasharray("$configsrvgrp", \%customservicegrp );
896 $fwhostsettings{'updatesrvgrp'}='on';
897 }
898 &checkrulereload($fwhostsettings{'SRVGRP_NAME'});
899 &addservicegrp;
900 &viewtableservicegrp;
901 }
902 # edit
903 if ($fwhostsettings{'ACTION'} eq 'editnet')
904 {
905 &addnet;
906 &viewtablenet;
907 }
908 if ($fwhostsettings{'ACTION'} eq 'edithost')
909 {
910 &addhost;
911 &viewtablehost;
912 }
913 if ($fwhostsettings{'ACTION'} eq 'editgrp')
914 {
915 $fwhostsettings{'update'}='on';
916 &addgrp;
917 &viewtablegrp;
918 }
919 if ($fwhostsettings{'ACTION'} eq 'editlocationgrp')
920 {
921 $fwhostsettings{'update'}='on';
922 &addlocationgrp;
923 &viewtablelocationgrp;
924 }
925 if ($fwhostsettings{'ACTION'} eq 'editservice')
926 {
927 $fwhostsettings{'updatesrv'}='on';
928 &addservice;
929 }
930 if ($fwhostsettings{'ACTION'} eq 'editservicegrp')
931 {
932 $fwhostsettings{'updatesrvgrp'} = 'on';
933 &addservicegrp;
934 &viewtableservicegrp;
935 }
936 # reset
937 if ($fwhostsettings{'ACTION'} eq 'resetnet')
938 {
939 $fwhostsettings{'HOSTNAME'} ="";
940 $fwhostsettings{'IP'} ="";
941 $fwhostsettings{'SUBNET'} ="";
942 &showmenu;
943 }
944 if ($fwhostsettings{'ACTION'} eq 'resethost')
945 {
946 $fwhostsettings{'HOSTNAME'} ="";
947 $fwhostsettings{'IP'} ="";
948 $fwhostsettings{'type'} ="";
949 &showmenu;
950 }
951 if ($fwhostsettings{'ACTION'} eq 'resetgrp')
952 {
953 $fwhostsettings{'grp_name'} ="";
954 $fwhostsettings{'remark'} ="";
955 &showmenu;
956 }
957 if ($fwhostsettings{'ACTION'} eq 'resetlocationgrp')
958 {
959 $fwhostsettings{'grp_name'} ="";
960 $fwhostsettings{'remark'} ="";
961 &showmenu;
962 }
963 # delete
964 if ($fwhostsettings{'ACTION'} eq 'delnet')
965 {
966 &General::readhasharray("$confignet", \%customnetwork);
967 foreach my $key (keys %customnetwork) {
968 if($fwhostsettings{'key'} eq $customnetwork{$key}[0]){
969 delete $customnetwork{$key};
970 &General::writehasharray("$confignet", \%customnetwork);
971 last;
972 }
973 }
974 &addnet;
975 &viewtablenet;
976 }
977 if ($fwhostsettings{'ACTION'} eq 'delhost')
978 {
979 &General::readhasharray("$confighost", \%customhost);
980 foreach my $key (keys %customhost) {
981 if($fwhostsettings{'key'} eq $customhost{$key}[0]){
982 delete $customhost{$key};
983 &General::writehasharray("$confighost", \%customhost);
984 last;
985 }
986 }
987 &addhost;
988 &viewtablehost;
989 }
990 if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
991 {
992 my $grpremark;
993 my $grpname;
994 &General::readhasharray("$configgrp", \%customgrp);
995 foreach my $key (keys %customgrp){
996 if($customgrp{$key}[0].",".$customgrp{$key}[1].",".$customgrp{$key}[2].",".$customgrp{$key}[3] eq $fwhostsettings{'delhost'}){
997 $grpname=$customgrp{$key}[0];
998 $grpremark=$customgrp{$key}[1];
999 #check if we delete the last entry, then generate dummy
1000 if ($fwhostsettings{'last'} eq 'on'){
1001 $customgrp{$key}[1] = '';
1002 $customgrp{$key}[2] = 'none';
1003 $customgrp{$key}[3] = '';
1004 $fwhostsettings{'last'}='';
1005 last;
1006 }else{
1007 delete $customgrp{$key};
1008 }
1009 }
1010 }
1011 &General::writehasharray("$configgrp", \%customgrp);
1012 &General::firewall_config_changed();
1013 if ($fwhostsettings{'update'} eq 'on'){
1014 $fwhostsettings{'remark'}= $grpremark;
1015 $fwhostsettings{'grp_name'}=$grpname;
1016 }
1017 &addgrp;
1018 &viewtablegrp;
1019 }
1020 if ($fwhostsettings{'ACTION'} eq 'deletelocationgrpentry')
1021 {
1022 my $grpremark;
1023 my $grpname;
1024 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
1025 foreach my $key (keys %customlocationgrp){
1026 if($customlocationgrp{$key}[0].",".$customlocationgrp{$key}[1].",".$customlocationgrp{$key}[2].",".$customlocationgrp{$key}[3] eq $fwhostsettings{'delentry'}){
1027 $grpname=$customlocationgrp{$key}[0];
1028 $grpremark=$customlocationgrp{$key}[1];
1029 #check if we delete the last entry, then generate dummy
1030 if ($fwhostsettings{'last'} eq 'on'){
1031 $customlocationgrp{$key}[1] = '';
1032 $customlocationgrp{$key}[2] = 'none';
1033 $customlocationgrp{$key}[3] = '';
1034 $fwhostsettings{'last'}='';
1035 last;
1036 }else{
1037 delete $customlocationgrp{$key};
1038 }
1039 }
1040 }
1041 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
1042 &General::firewall_config_changed();
1043 if ($fwhostsettings{'update'} eq 'on'){
1044 $fwhostsettings{'remark'}= $grpremark;
1045 $fwhostsettings{'grp_name'}=$grpname;
1046 }
1047 &addlocationgrp;
1048 &viewtablelocationgrp;
1049 }
1050
1051 if ($fwhostsettings{'ACTION'} eq 'delgrp')
1052 {
1053 &General::readhasharray("$configgrp", \%customgrp);
1054 &decrease($fwhostsettings{'grp_name'});
1055 foreach my $key (sort keys %customgrp)
1056 {
1057 if($customgrp{$key}[0] eq $fwhostsettings{'grp_name'})
1058 {
1059 delete $customgrp{$key};
1060 }
1061 }
1062 &General::writehasharray("$configgrp", \%customgrp);
1063 $fwhostsettings{'grp_name'}='';
1064 &addgrp;
1065 &viewtablegrp;
1066 }
1067 if ($fwhostsettings{'ACTION'} eq 'dellocationgrp')
1068 {
1069 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
1070 &decrease($fwhostsettings{'grp_name'});
1071 foreach my $key (sort keys %customlocationgrp)
1072 {
1073 if($customlocationgrp{$key}[0] eq $fwhostsettings{'grp_name'})
1074 {
1075 delete $customlocationgrp{$key};
1076 }
1077 }
1078 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
1079 $fwhostsettings{'grp_name'}='';
1080 &addlocationgrp;
1081 &viewtablelocationgrp;
1082 }
1083 if ($fwhostsettings{'ACTION'} eq 'delservice')
1084 {
1085 &General::readhasharray("$configsrv", \%customservice);
1086 foreach my $key (keys %customservice) {
1087 if($customservice{$key}[0] eq $fwhostsettings{'SRV_NAME'}){
1088 delete $customservice{$key};
1089 &General::writehasharray("$configsrv", \%customservice);
1090 last;
1091 }
1092 }
1093 $fwhostsettings{'SRV_NAME'}='';
1094 $fwhostsettings{'SRV_PORT'}='';
1095 $fwhostsettings{'PROT'}='';
1096 &addservice;
1097 }
1098 if ($fwhostsettings{'ACTION'} eq 'delservicegrp')
1099 {
1100 &General::readhasharray("$configsrvgrp", \%customservicegrp);
1101 &decreaseservice($fwhostsettings{'SRVGRP_NAME'});
1102 foreach my $key (sort keys %customservicegrp)
1103 {
1104 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'})
1105 {
1106 delete $customservicegrp{$key};
1107 }
1108 }
1109 &General::writehasharray("$configsrvgrp", \%customservicegrp);
1110 $fwhostsettings{'SRVGRP_NAME'}='';
1111 &addservicegrp;
1112 &viewtableservicegrp;
1113 }
1114 if ($fwhostsettings{'ACTION'} eq 'delgrpservice')
1115 {
1116 my $grpname;
1117 my $grpremark;
1118 &General::readhasharray("$configsrvgrp", \%customservicegrp);
1119 foreach my $key (keys %customservicegrp){
1120 if($customservicegrp{$key}[0].",".$customservicegrp{$key}[1].",".$customservicegrp{$key}[2] eq $fwhostsettings{'delsrvfromgrp'})
1121 {
1122 $grpname=$customservicegrp{$key}[0];
1123 $grpremark=$customservicegrp{$key}[1];
1124 if($fwhostsettings{'last'} eq 'on'){
1125 $customservicegrp{$key}[2] = 'none';
1126 $fwhostsettings{'last'} = '';
1127 last;
1128 }else{
1129 delete $customservicegrp{$key};
1130 }
1131 }
1132 }
1133 &General::writehasharray("$configsrvgrp", \%customservicegrp);
1134 &General::firewall_config_changed();
1135 if ($fwhostsettings{'updatesrvgrp'} eq 'on'){
1136 $fwhostsettings{'SRVGRP_NAME'}=$grpname;
1137 $fwhostsettings{'SRVGRP_REMARK'}=$grpremark;
1138 }
1139 &addservicegrp;
1140 &viewtableservicegrp;
1141 }
1142 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newnet'})
1143 {
1144 &addnet;
1145 &viewtablenet;
1146 }
1147 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newhost'})
1148 {
1149 &addhost;
1150 &viewtablehost;
1151 }
1152 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newgrp'})
1153 {
1154 &addgrp;
1155 &viewtablegrp;
1156 }
1157 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newlocationgrp'})
1158 {
1159 &addlocationgrp;
1160 &viewtablelocationgrp;
1161 }
1162 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservice'})
1163 {
1164 &addservice;
1165 }
1166 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservicegrp'})
1167 {
1168 &addservicegrp;
1169 &viewtableservicegrp;
1170 }
1171 if ($fwhostsettings{'ACTION'} eq 'changegrpremark')
1172 {
1173 &General::readhasharray("$configgrp", \%customgrp);
1174 if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){
1175 foreach my $key (sort keys %customgrp)
1176 {
1177 if($customgrp{$key}[0] eq $fwhostsettings{'grp'} && $customgrp{$key}[1] eq $fwhostsettings{'oldrem'})
1178 {
1179 $customgrp{$key}[1]='';
1180 $customgrp{$key}[1]=$fwhostsettings{'newrem'};
1181 }
1182 }
1183 &General::writehasharray("$configgrp", \%customgrp);
1184 $fwhostsettings{'update'}='on';
1185 $fwhostsettings{'remark'}=$fwhostsettings{'newrem'};
1186 }else{
1187 $errormessage=$Lang::tr{'fwhost err remark'};
1188 $fwhostsettings{'remark'}=$fwhostsettings{'oldrem'};
1189 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1190 $fwhostsettings{'update'} = 'on';
1191 }
1192 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1193 &addgrp;
1194 &viewtablegrp;
1195 }
1196 if ($fwhostsettings{'ACTION'} eq 'changelocationgrpremark')
1197 {
1198 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
1199 if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){
1200 foreach my $key (sort keys %customlocationgrp)
1201 {
1202 if($customlocationgrp{$key}[0] eq $fwhostsettings{'grp'} && $customlocationgrp{$key}[1] eq $fwhostsettings{'oldrem'})
1203 {
1204 $customlocationgrp{$key}[1]='';
1205 $customlocationgrp{$key}[1]=$fwhostsettings{'newrem'};
1206 }
1207 }
1208 &General::writehasharray("$configlocationgrp", \%customlocationgrp);
1209 $fwhostsettings{'update'}='on';
1210 $fwhostsettings{'remark'}=$fwhostsettings{'newrem'};
1211 }else{
1212 $errormessage=$Lang::tr{'fwhost err remark'};
1213 $fwhostsettings{'remark'}=$fwhostsettings{'oldrem'};
1214 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1215 $fwhostsettings{'update'} = 'on';
1216 }
1217 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1218 &addlocationgrp;
1219 &viewtablelocationgrp;
1220 }
1221 if ($fwhostsettings{'ACTION'} eq 'changesrvgrpremark')
1222 {
1223 &General::readhasharray("$configsrvgrp", \%customservicegrp );
1224 if ($fwhostsettings{'oldsrvrem'} ne $fwhostsettings{'newsrvrem'} && (&validremark($fwhostsettings{'newsrvrem'}) || $fwhostsettings{'newsrvrem'} eq '')){
1225 foreach my $key (sort keys %customservicegrp)
1226 {
1227 if($customservicegrp{$key}[0] eq $fwhostsettings{'srvgrp'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvrem'})
1228 {
1229 $customservicegrp{$key}[1]='';
1230 $customservicegrp{$key}[1]=$fwhostsettings{'newsrvrem'};
1231 }
1232 }
1233 &General::writehasharray("$configsrvgrp", \%customservicegrp);
1234 $fwhostsettings{'updatesrvgrp'}='on';
1235 $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'newsrvrem'};
1236 }elsif($fwhostsettings{'oldsrvrem'} eq $fwhostsettings{'newsrvrem'}){
1237 &addservicegrp;
1238 &viewtableservicegrp;
1239 }else{
1240 $errormessage=$Lang::tr{'fwhost err remark'};
1241 $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'oldsrvrem'};
1242 $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'};
1243 $fwhostsettings{'updatesrvgrp'} = 'on';
1244 }
1245 $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'};
1246 &addservicegrp;
1247 &viewtableservicegrp;
1248 }
1249 if ($fwhostsettings{'ACTION'} eq 'changesrvgrpname')
1250 {
1251 &General::readhasharray("$configsrvgrp", \%customservicegrp );
1252 if ($fwhostsettings{'oldsrvgrpname'} ne $fwhostsettings{'srvgrp'}){
1253 #Check new groupname
1254 if (!&validhostname($fwhostsettings{'srvgrp'})){
1255 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
1256 }
1257 if (!$errormessage){
1258 #Rename group in customservicegroup
1259 foreach my $key (keys %customservicegrp) {
1260 if($customservicegrp{$key}[0] eq $fwhostsettings{'oldsrvgrpname'}){
1261 $customservicegrp{$key}[0]=$fwhostsettings{'srvgrp'};
1262 }
1263 }
1264 &General::writehasharray("$configsrvgrp", \%customservicegrp );
1265 #change name in FW Rules
1266 &changenameinfw($fwhostsettings{'oldsrvgrpname'},$fwhostsettings{'srvgrp'},15);
1267 }
1268 }
1269 &addservicegrp;
1270 &viewtableservicegrp;
1271 }
1272 if ($fwhostsettings{'ACTION'} eq 'changegrpname')
1273 {
1274 &General::readhasharray("$configgrp", \%customgrp );
1275 if ($fwhostsettings{'oldgrpname'} ne $fwhostsettings{'grp'}){
1276 #Check new groupname
1277 if (!&validhostname($fwhostsettings{'grp'})){
1278 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
1279 }
1280 if (!$errormessage){
1281 #Rename group in customservicegroup
1282 foreach my $key (keys %customgrp) {
1283 if($customgrp{$key}[0] eq $fwhostsettings{'oldgrpname'}){
1284 $customgrp{$key}[0]=$fwhostsettings{'grp'};
1285 }
1286 }
1287 &General::writehasharray("$configgrp", \%customgrp );
1288 #change name in FW Rules
1289 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},4);
1290 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},6);
1291 }
1292 }
1293 &addgrp;
1294 &viewtablegrp;
1295 }
1296 if ($fwhostsettings{'ACTION'} eq 'changelocationgrpname')
1297 {
1298 &General::readhasharray("$configlocationgrp", \%customlocationgrp );
1299 if ($fwhostsettings{'oldgrpname'} ne $fwhostsettings{'grp'}){
1300 #Check new groupname
1301 if (!&validhostname($fwhostsettings{'grp'})){
1302 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
1303 }
1304 if (!$errormessage){
1305 # Rename group.
1306 foreach my $key (keys %customlocationgrp) {
1307 if($customlocationgrp{$key}[0] eq $fwhostsettings{'oldgrpname'}){
1308 $customlocationgrp{$key}[0]=$fwhostsettings{'grp'};
1309 }
1310 }
1311 &General::writehasharray("$configlocationgrp", \%customlocationgrp );
1312 #change name in FW Rules
1313 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},4,"location");
1314 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},6,"location");
1315 }
1316 }
1317 &addlocationgrp;
1318 &viewtablelocationgrp;
1319 }
1320 ### VIEW ###
1321 if($fwhostsettings{'ACTION'} eq '')
1322 {
1323 &showmenu;
1324 }
1325 ### FUNCTIONS ###
1326 sub showmenu {
1327 &Header::openbox('100%', 'left',);
1328 print "$Lang::tr{'fwhost welcome'}";
1329 print<<END;
1330 <br><br>
1331 <table border='0' width='100%'>
1332 <tr>
1333 <td>
1334 <form method='post'>
1335 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newnet'}'>
1336 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newhost'}'>
1337 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgrp'}'>
1338 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newlocationgrp'}'>
1339 </form>
1340 </td>
1341 <td align='right'>
1342 <form method='post'>
1343 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservice'}'>
1344 <input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservicegrp'}'>
1345 </form>
1346 </td>
1347 </tr>
1348 <tr>
1349 <td colspan='6'>
1350 </td>
1351 </tr>
1352 </table>
1353 END
1354 &Header::closebox();
1355
1356 }
1357 # Add
1358 sub addnet
1359 {
1360 &error;
1361 &showmenu;
1362 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addnet'});
1363 $fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};
1364 $fwhostsettings{'orgnetremark'}=$fwhostsettings{'NETREMARK'};
1365 print<<END;
1366 <table border='0' width='100%' >
1367 <tr><td width='15%'>$Lang::tr{'name'}:</td><td><form method='post'><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'} size='20'><script>document.getElementById('textbox1').focus()</script></td></tr>
1368 <tr><td>$Lang::tr{'fwhost netaddress'}:</td><td><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='15'></td></tr>
1369 <tr><td>$Lang::tr{'netmask'}:</td><td><input type='TEXT' name='SUBNET' value='$fwhostsettings{'SUBNET'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='15'></td></tr>
1370 <tr><td>$Lang::tr{'remark'}:</td><td><input type='TEXT' name='NETREMARK' value='$fwhostsettings{'NETREMARK'}' style='width: 98.5%;'></td></tr>
1371 <tr><td colspan='6'><br></td></tr><tr>
1372 END
1373 if ($fwhostsettings{'ACTION'} eq 'editnet' || $fwhostsettings{'error'} eq 'on')
1374 {
1375 print "<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='updatenet'><input type='hidden' name='orgnetremark' value='$fwhostsettings{'orgnetremark'}' ><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newnet' value='$fwhostsettings{'newnet'}'>";
1376 }else{
1377 print "<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'save'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='savenet'><input type='hidden' name='newnet' value='on'>";
1378 }
1379 print "</form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resetnet'></form></td></tr></table>";
1380 &Header::closebox();
1381 }
1382 sub addhost
1383 {
1384 &error;
1385 &showmenu;
1386 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addhost'});
1387 $fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};
1388 $fwhostsettings{'orgremark'}=$fwhostsettings{'HOSTREMARK'};
1389 print<<END;
1390 <table width='100%'>
1391 <tr><td>$Lang::tr{'name'}:</td><td><form method='post' style='display:inline;'><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'} size='20'><script>document.getElementById('textbox1').focus()</script></td></tr>
1392 <tr><td>IP/MAC:</td><td><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='17'></td></tr>
1393 <tr><td width='10%'>$Lang::tr{'remark'}:</td><td><input type='TEXT' name='HOSTREMARK' value='$fwhostsettings{'HOSTREMARK'}' style='width:98%;'></td></tr>
1394 <tr><td colspan='5'><br></td></tr><tr>
1395 END
1396
1397 if ($fwhostsettings{'ACTION'} eq 'edithost' || $fwhostsettings{'error'} eq 'on')
1398 {
1399
1400 print " <td colspan='4' align='right'><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'/><input type='hidden' name='ACTION' value='updatehost'><input type='hidden' name='orgremark' value='$fwhostsettings{'orgremark'}' ><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newhost' value='$fwhostsettings{'newhost'}'></form>";
1401 }else{
1402 print " <td colspan='4' align='right'><input type='submit' name='savehost' value='$Lang::tr{'save'}' style='min-width:100px;' /><input type='hidden' name='ACTION' value='savehost' /><input type='hidden' name='newhost' value='on'>";
1403 }
1404 print " </form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resethost'></form></td></tr></table>";
1405 &Header::closebox();
1406 }
1407 sub addgrp
1408 {
1409 &hint;
1410 &error;
1411 &showmenu;
1412 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addgrp'});
1413 &General::setup_default_networks(\%defaultNetworks);
1414 &General::readhasharray("$configccdnet", \%ccdnet);
1415 &General::readhasharray("$confignet", \%customnetwork);
1416 &General::readhasharray("$configccdhost", \%ccdhost);
1417 &General::readhasharray("$confighost", \%customhost);
1418 &General::readhasharray("$configipsec", \%ipsecconf);
1419
1420 my %checked=();
1421 my $show='';
1422 $checked{'check1'}{'off'} = '';
1423 $checked{'check1'}{'on'} = '';
1424 $checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED';
1425 $fwhostsettings{'oldremark'}=$fwhostsettings{'remark'};
1426 $fwhostsettings{'oldgrpname'}=$fwhostsettings{'grp_name'};
1427 my $grp=$fwhostsettings{'grp_name'};
1428 my $rem=$fwhostsettings{'remark'};
1429 if ($fwhostsettings{'update'} eq ''){
1430 print<<END;
1431 <table width='100%' border='0'>
1432 <tr>
1433 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1434 <td><form method='post'><input type='TEXT' name='grp_name' value='$fwhostsettings{'grp_name'}' size='30'></td>
1435 </tr>
1436 <tr>
1437 <td>$Lang::tr{'remark'}:</td>
1438 <td ><input type='TEXT' name='remark' value='$fwhostsettings{'remark'}' style='width: 99%;'></td>
1439 </tr>
1440 <tr>
1441 <td colspan='2'><br></td>
1442 </tr>
1443 </table>
1444 END
1445 }else{
1446 print<<END;
1447 <table width='100%' border='0'><form method='post'>
1448 <tr>
1449 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1450 <td style='width:30%;'><input type='TEXT' name='grp' value='$fwhostsettings{'grp_name'}' size='30'></td>
1451 <td><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldgrpname' value='$fwhostsettings{'oldgrpname'}'><input type='hidden' name='ACTION' value='changegrpname'></td>
1452 <td></td></form>
1453 </tr>
1454 <tr><form method='post' style='display:inline'>
1455 <td>$Lang::tr{'remark'}:</td>
1456 <td colspan='2' style='width:98%;'><input type='TEXT' name='newrem' value='$fwhostsettings{'remark'}' style='width:98%;'></td>
1457 <td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='grp' value='$fwhostsettings{'grp_name'}'><input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='ACTION' value='changegrpremark' ></td>
1458 </tr>
1459 </table></form>
1460 <br><br>
1461 END
1462 }
1463 if ($fwhostsettings{'update'} eq 'on'){
1464 print<<END;
1465 <form method='post'><input type='hidden' name='remark' value='$rem'><input type='hidden' name='grp_name' value='$grp'>
1466 <table width='100%' border='0'>
1467 <tr><td width=50% valign='top'>
1468 <table width='90%' border='0'>
1469 <tr>
1470 <td style='width:15em;'>
1471 <label>
1472 <input type='radio' name='grp2' value='std_net' id='DEFAULT_SRC_ADR' checked>
1473 $Lang::tr{'fwhost stdnet'}
1474 </label>
1475 </td>
1476 <td style='text-align:right;'>
1477 <select name='DEFAULT_SRC_ADR' style='width:16em;'>
1478 END
1479 foreach my $network (sort keys %defaultNetworks)
1480 {
1481 next if($defaultNetworks{$network}{'LOCATION'} eq "IPCOP");
1482 next if($defaultNetworks{$network}{'NAME'} eq "IPFire");
1483 print "<option value='$defaultNetworks{$network}{'NAME'}'";
1484 print " selected='selected'" if ($fwhostsettings{'DEFAULT_SRC_ADR'} eq $defaultNetworks{$network}{'NAME'});
1485 my $defnet="$defaultNetworks{$network}{'NAME'}_NETADDRESS";
1486 my $defsub="$defaultNetworks{$network}{'NAME'}_NETMASK";
1487 my $defsub1=&General::subtocidr($ownnet{$defsub});
1488 $ownnet{$defnet}='' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
1489 if ($ownnet{$defnet}){
1490 print ">$network ($ownnet{$defnet}/$defsub1)</option>";
1491 }else{
1492 print ">$network</option>";
1493 }
1494 }
1495 print"</select></td></tr>";
1496 if (! -z $confignet){
1497 print<<END;
1498 <tr>
1499 <td>
1500 <label>
1501 <input type='radio' name='grp2' id='CUST_SRC_NET' value='cust_net' $checked{'grp2'}{'cust_net'}>
1502 $Lang::tr{'fwhost cust net'}:
1503 </label>
1504 </td>
1505 <td style='text-align:right;'>
1506 <select name='CUST_SRC_NET' style='width:16em;'>";
1507 END
1508 foreach my $key (sort { ncmp($customnetwork{$a}[0],$customnetwork{$b}[0]) } keys %customnetwork) {
1509 print"<option>$customnetwork{$key}[0]</option>";
1510 }
1511 print"</select></td></tr>";
1512 }
1513 if (! -z $confighost){
1514 print<<END;
1515 <tr>
1516 <td valign='top'>
1517 <label>
1518 <input type='radio' name='grp2' id='CUST_SRC_HOST' value='cust_host' $checked{'grp2'}{'cust_host'}>
1519 $Lang::tr{'fwhost cust addr'}:
1520 </label>
1521 </td>
1522 <td style='text-align:right;'>
1523 <select name='CUST_SRC_HOST' style='width:16em;'>";
1524 END
1525 foreach my $key (sort { ncmp($customhost{$a}[0],$customhost{$b}[0]) } keys %customhost) {
1526 print"<option>$customhost{$key}[0]</option>";
1527 }
1528 print"</select></td></tr>";
1529 }
1530 print"</table>";
1531 #Inner table right
1532 print"</td><td align='right' style='vertical-align:top;'><table width='90%' border='0'>";
1533 # WireGuard Peers
1534 if (%Wireguard::peers) {
1535 print <<EOF;
1536 <tr>
1537 <td style='width:15em;'>
1538 <label>
1539 <input type='radio' name='grp2' value='wg_peer' $checked{'grp2'}{'wg_peer'}>
1540 $Lang::tr{'fwhost wg peers'}
1541 </label>
1542 </td>
1543 <td style='text-align:right;'>
1544 <select name='WG_PEER' style='width:16em;'>"
1545 EOF
1546
1547 foreach my $key (sort { $Wireguard::peers{$a}[2] cmp $Wireguard::peers{$b}[2] } keys %Wireguard::peers) {
1548 my $peer = &Wireguard::load_peer($key);
1549
1550 print <<EOF;
1551 <option value="$peer->{"NAME"}">$peer->{"NAME"}</option>
1552 EOF
1553 }
1554
1555 print <<EOF;
1556 </select>
1557 </td>
1558 </tr>
1559 EOF
1560 }
1561 #OVPN networks
1562 if (! -z $configccdnet){
1563 print<<END;
1564 <td style='width:15em;'>
1565 <label>
1566 <input type='radio' name='grp2' id='OVPN_CCD_NET' value='ovpn_net' $checked{'grp2'}{'ovpn_net'}>
1567 $Lang::tr{'fwhost ccdnet'}
1568 </label>
1569 </td>
1570 <td style='text-align:right;'>
1571 <select name='OVPN_CCD_NET' style='width:16em;'>";
1572 END
1573 foreach my $key (sort { ncmp($ccdnet{$a}[0],$ccdnet{$b}[0]) } keys %ccdnet)
1574 {
1575 print"<option value='$ccdnet{$key}[0]'>$ccdnet{$key}[0]</option>";
1576 }
1577 print"</select></td></tr>";
1578 }
1579 #OVPN clients
1580 my @ovpn_clients=();
1581 foreach my $key (sort { ncmp($ccdhost{$a}[0],$ccdhost{$b}[0]) } keys %ccdhost)
1582 {
1583 if ($ccdhost{$key}[33] ne ''){
1584 $show='1';
1585 push (@ovpn_clients,$ccdhost{$key}[1]);
1586 }
1587 }
1588 if ($show eq '1'){
1589 $show='';
1590 print<<END;
1591 <td style='width:15em;'>
1592 <label>
1593 <input type='radio' name='grp2' value='ovpn_host' $checked{'grp2'}{'ovpn_host'}>
1594 $Lang::tr{'fwhost ccdhost'}
1595 </label>
1596 </td>
1597 <td style='text-align:right;'>
1598 <select name='OVPN_CCD_HOST' style='width:16em;'>" if ($show eq '');
1599 END
1600 foreach(@ovpn_clients){
1601 print"<option value='$_'>$_</option>";
1602 }
1603 print"</select></td></tr>";
1604 }
1605 #OVPN n2n networks
1606 my @OVPN_N2N=();
1607 foreach my $key (sort { ncmp($ccdhost{$a}[1],$ccdhost{$b}[1]) } keys %ccdhost) {
1608 if($ccdhost{$key}[3] eq 'net'){
1609 $show='1';
1610 push (@OVPN_N2N,$ccdhost{$key}[1]);
1611 }
1612 }
1613 if ($show eq '1'){
1614 $show='';
1615 print<<END;
1616 <td style='width:15em;'>
1617 <label>
1618 <input type='radio' name='grp2' id='OVPN_N2N' value='ovpn_n2n' $checked{'grp2'}{'ovpn_n2n'}>
1619 $Lang::tr{'fwhost ovpn_n2n'}:
1620 </label>
1621 </td>
1622 <td style='text-align:right;'>
1623 <select name='OVPN_N2N' style='width:16em;'>"
1624 END
1625 foreach(@OVPN_N2N){
1626 print"<option>$_</option>";
1627 }
1628 print"</select></td></tr>";
1629 }
1630 #IPsec networks
1631
1632 foreach my $key (sort { ncmp($ipsecconf{$a}[0],$ipsecconf{$b}[0]) } keys %ipsecconf) {
1633 if ($ipsecconf{$key}[3] eq 'net' || ($optionsfw{'SHOWDROPDOWN'} eq 'on' && $ipsecconf{$key}[3] ne 'host')){
1634 print "<td style='width:15em;'><label><input type='radio' name='grp2' id='IPSEC_NET' value='ipsec_net' $checked{'grp2'}{'ipsec_net'}>$Lang::tr{'fwhost ipsec net'}</label></td><td style='text-align:right;'><select name='IPSEC_NET' style='width:16em;'>" if $show eq '';
1635 $show=1;
1636 #Check if we have more than one REMOTE subnet in config
1637 my @arr1 = split /\|/, $ipsecconf{$key}[11];
1638 my $cnt1 += @arr1;
1639
1640 print"<option value=$ipsecconf{$key}[1]>";
1641 print"$ipsecconf{$key}[1]";
1642 print" ($Lang::tr{'fwdfw all subnets'})" if $cnt1 > 1; #If this Conenction has more than one subnet, print one option for all subnets
1643 print"</option>";
1644
1645 if ($cnt1 > 1){
1646 foreach my $val (@arr1){
1647 #normalize subnet to cidr notation
1648 my ($val1,$val2) = split /\//, $val;
1649 my $val3 = &General::iporsubtocidr($val2);
1650 print "<option ";
1651 print "value='$ipsecconf{$key}[1]|$val1/$val3'";
1652 print ">$ipsecconf{$key}[1] ($val1/$val3)</option>";
1653 }
1654 }
1655 }
1656 }
1657 print"</select></td></tr>";
1658 print"</table>";
1659 print"</td></tr></table>";
1660 print"<br><br>";
1661 }
1662 print"<table width='100%'>";
1663 print"<tr><td style='text-align:right;'><input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' /><input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='update' value=\"$fwhostsettings{'update'}\"><input type='hidden' name='ACTION' value='savegrp' ></form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='resetgrp'></form></td></table>";
1664 &Header::closebox();
1665 }
1666 sub addlocationgrp
1667 {
1668 &hint;
1669 &error;
1670 &showmenu;
1671 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addlocationgrp'});
1672
1673 my %checked=();
1674 my $show='';
1675 $checked{'check1'}{'off'} = '';
1676 $checked{'check1'}{'on'} = '';
1677 $checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED';
1678 $fwhostsettings{'oldremark'}=$fwhostsettings{'remark'};
1679 $fwhostsettings{'oldgrpname'}=$fwhostsettings{'grp_name'};
1680 my $grp=$fwhostsettings{'grp_name'};
1681 my $rem=$fwhostsettings{'remark'};
1682 if ($fwhostsettings{'update'} eq ''){
1683 print<<END;
1684 <table width='100%' border='0'>
1685 <tr>
1686 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1687 <td><form method='post'><input type='TEXT' name='grp_name' value='$fwhostsettings{'grp_name'}' size='30'></td>
1688 </tr>
1689 <tr>
1690 <td>$Lang::tr{'remark'}:</td>
1691 <td ><input type='TEXT' name='remark' value='$fwhostsettings{'remark'}' style='width: 99%;'></td>
1692 </tr>
1693 <tr>
1694 <td colspan='2'><br></td>
1695 </tr>
1696 </table>
1697 END
1698 } else {
1699 print<<END;
1700 <table width='100%' border='0'>
1701 <form method='post'><tr>
1702 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1703 <td style='width:30%;'><input type='TEXT' name='grp' value='$fwhostsettings{'grp_name'}' size='30'></td>
1704 <td>
1705 <input type='submit' value='$Lang::tr{'fwhost change'}'>
1706 <input type='hidden' name='oldgrpname' value='$fwhostsettings{'oldgrpname'}'>
1707 <input type='hidden' name='ACTION' value='changelocationgrpname'>
1708 </td>
1709 <td></td>
1710 </tr></form>
1711 <tr><form method='post' style='display:inline'>
1712 <td>$Lang::tr{'remark'}:</td>
1713 <td colspan='2' style='width:98%;'>
1714 <input type='TEXT' name='newrem' value='$fwhostsettings{'remark'}' style='width:98%;'>
1715 </td>
1716 <td align='right'>
1717 <input type='submit' value='$Lang::tr{'fwhost change'}'>
1718 <input type='hidden' name='grp' value='$fwhostsettings{'grp_name'}'>
1719 <input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'>
1720 <input type='hidden' name='ACTION' value='changelocationgrpremark'>
1721 </td>
1722 </tr></form>
1723 </table>
1724 <br><br>
1725 END
1726 }
1727 if ($fwhostsettings{'update'} eq 'on') {
1728 my @location_locations = &fwlib::get_locations();
1729
1730 print<<END;
1731 <form method='post'>
1732 <input type='hidden' name='remark' value='$rem'>
1733 <input type='hidden' name='grp_name' value='$grp'>
1734
1735 <table width='100%' border='0'>
1736 <tr>
1737 <td style='text-align:left;'>
1738 <select name='COUNTRY_CODE' style='width:16em;'>";
1739 END
1740 foreach my $location (@location_locations) {
1741 # Get full country name.
1742 my $fullname = &Location::Functions::get_full_country_name($location);
1743
1744 print"<option value='$location'>$location - $fullname</option>\n";
1745 }
1746 print <<END;
1747 </select>
1748 </td>
1749 </tr>
1750 </table>
1751 <br><br>
1752 END
1753 }
1754 print <<END;
1755 <table width='100%'>
1756 <tr><td style='text-align:right;'>
1757 <input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' />
1758 <input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'>
1759 <input type='hidden' name='update' value=\"$fwhostsettings{'update'}\">
1760 <input type='hidden' name='ACTION' value='savelocationgrp' >
1761 </form>
1762
1763 <form method='post' style='display:inline'>
1764
1765 <input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'>
1766 <input type='hidden' name='ACTION' value='resetlocationgrp'>
1767
1768 </form>
1769 </td></tr></table>
1770 END
1771 &Header::closebox();
1772 }
1773 sub addservice
1774 {
1775 &error;
1776 &showmenu;
1777 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addservice'});
1778 if ($fwhostsettings{'updatesrv'} eq 'on')
1779 {
1780 $fwhostsettings{'oldsrvname'} = $fwhostsettings{'SRV_NAME'};
1781 $fwhostsettings{'oldsrvport'} = $fwhostsettings{'SRV_PORT'};
1782 $fwhostsettings{'oldsrvprot'} = $fwhostsettings{'PROT'};
1783 $fwhostsettings{'oldsrvicmp'} = $fwhostsettings{'ICMP'};
1784 }
1785 print<<END;
1786 <table width='100%' border='0'><form method='post'>
1787 <tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost srv_name'}:</td><td><input type='text' name='SRV_NAME' id='textbox1' value='$fwhostsettings{'SRV_NAME'}' size='24'><script>document.getElementById('textbox1').focus()</script></td></tr>
1788 <tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost prot'}:</td><td><select name='PROT' id='protocol' >
1789 END
1790 foreach ("TCP","UDP","ICMP")
1791 {
1792 if ($_ eq $fwhostsettings{'PROT'})
1793 {
1794 print"<option selected>$_</option>";
1795 }else{
1796 print"<option>$_</option>";
1797 }
1798 }
1799 print<<END;
1800 </select></td></tr></table>
1801 <div id='PROTOKOLL' class='noscript'><table width=100%' border='0'><tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost icmptype'}</td><td><select name='ICMP_TYPES'>
1802 END
1803 &General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
1804 print"<option value='All ICMP-Types'>$Lang::tr{'fwdfw all icmp'}</option>";
1805 foreach my $key (sort { ncmp($icmptypes{$a}[0],$icmptypes{$b}[0]) }keys %icmptypes){
1806 if ($icmptypes{$key}[0] eq $fwhostsettings{'oldsrvicmp'}){
1807 print"<option selected>$icmptypes{$key}[0] ($icmptypes{$key}[1])</option>";
1808 }else{
1809 print"<option>$icmptypes{$key}[0] ($icmptypes{$key}[1])</option>";
1810 }
1811 }
1812 print<<END;
1813 </select></td></tr></table></div>
1814 <div id='PORT' class='noscript'><table width='100%' border='0'><tr><td width='10%'>$Lang::tr{'fwhost port'}:</td><td><input type='text' name='SRV_PORT' value='$fwhostsettings{'SRV_PORT'}' maxlength='11' size='24'></td></tr></table></div>
1815 <table width='100%' border='0'><tr><td colspan='6'><br></td></tr>
1816 <tr><td colspan='6' align='right'>
1817 END
1818 if ($fwhostsettings{'updatesrv'} eq 'on')
1819 {
1820 print<<END;
1821 <input type='submit' value='$Lang::tr{'update'}'style='min-width:100px;' >
1822 <input type='hidden' name='ACTION' value='updateservice'>
1823 <input type='hidden' name='oldsrvname' value='$fwhostsettings{'oldsrvname'}'>
1824 <input type='hidden' name='oldsrvport' value='$fwhostsettings{'oldsrvport'}'>
1825 <input type='hidden' name='oldsrvprot' value='$fwhostsettings{'oldsrvprot'}'>
1826 <input type='hidden' name='oldsrvicmp' value='$fwhostsettings{'oldsrvicmp'}'>
1827 </form>
1828 END
1829 }else{
1830 print"<input type='submit' value='$Lang::tr{'save'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='saveservice'></form>";
1831 }
1832 print<<END;
1833 <form style='display:inline;' method='post'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'></form></td></tr>
1834 </table></form>
1835 END
1836 &Header::closebox();
1837 &viewtableservice;
1838 }
1839 sub addservicegrp
1840 {
1841 &hint;
1842 &error;
1843 &showmenu;
1844 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addservicegrp'});
1845 $fwhostsettings{'oldsrvgrpremark'}=$fwhostsettings{'SRVGRP_REMARK'};
1846 $fwhostsettings{'oldsrvgrpname'}=$fwhostsettings{'SRVGRP_NAME'};
1847 if ($fwhostsettings{'updatesrvgrp'} eq ''){
1848 print<<END;
1849 <table width='100%' border='0'><form method='post'>
1850 <tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td><input type='text' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}' size='24'></td></tr>
1851 <tr><td width='10%'>$Lang::tr{'remark'}:</td><td><input type='text' name='SRVGRP_REMARK' value='$fwhostsettings{'SRVGRP_REMARK'}' style='width: 98%;'></td></tr>
1852 <tr><td colspan='2'><br></tr>
1853 </table>
1854 END
1855 }else{
1856 print<<END;
1857 <table width='100%'><form method='post' style='display:inline'>
1858 <tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td width='20%'><input type='text' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}' size='14'></td><td align='left'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvgrpname' value='$fwhostsettings{'oldsrvgrpname'}'><input type='hidden' name='ACTION' value='changesrvgrpname'></td><td width='3%'></td></form></tr>
1859 <tr>
1860 <form method='post'>
1861 <td width='10%'>
1862 $Lang::tr{'remark'}:
1863 </td>
1864 <td colspan='2'>
1865 <input type='text' name='newsrvrem' value='$fwhostsettings{'SRVGRP_REMARK'}' style='width:98%;'>
1866 </td>
1867 <td align='right'>
1868 <input type='submit' value='$Lang::tr{'fwhost change'}'>
1869 <input type='hidden' name='oldsrvrem' value='$fwhostsettings{'oldsrvgrpremark'}'>
1870 <input type='hidden' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}'>
1871 <input type='hidden' name='ACTION' value='changesrvgrpremark' >
1872 </td>
1873 </tr>
1874 <tr>
1875 <td colspan='4'>
1876 <br>
1877 </td>
1878 </tr>
1879 </table>
1880 </form>
1881 END
1882 }
1883 if($fwhostsettings{'updatesrvgrp'} eq 'on'){
1884 print<<END;
1885 <form method='post'><input type='hidden' name='SRVGRP_REMARK' value='$fwhostsettings{'SRVGRP_REMARK'}'><input type='hidden' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}'><table border='0' width='100%'>
1886 <tr><td width='10%' nowrap='nowrap'>$Lang::tr{'add'}: </td><td><select name='CUST_SRV' style='min-width:185px;'>
1887 END
1888 &General::readhasharray("$configsrv", \%customservice);
1889 #Protocols for use in servicegroups
1890 print "<optgroup label='$Lang::tr{'fwhost cust service'}'>";
1891 foreach my $key (sort { ncmp($customservice{$a}[0],$customservice{$b}[0]) } keys %customservice)
1892 {
1893 print "<option>$customservice{$key}[0]</option>";
1894 }
1895 print "</optgroup>";
1896 print "<optgroup label='$Lang::tr{'protocol'}'>";
1897 print "<option>GRE</option>";
1898 print "<option>AH</option>";
1899 print "<option>ESP</option>";
1900 print "<option>IGMP</option>";
1901 print "<option>IPIP</option>";
1902 print "<option value='IPV6'>IPv6 encap</option>";
1903 print "</optgroup>";
1904 print<<END;
1905 </select></td></tr>
1906 <tr><td colspan='4'><br><br></td></tr>
1907 <tr><td colspan='4'></td></tr>
1908 </table>
1909 END
1910 }
1911 print<<END;
1912 <table width='100%'>
1913 <tr><td align='right'><input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' /><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'><input type='hidden' name='oldsrvgrpremark' value='$fwhostsettings{'oldsrvgrpremark'}'><input type='hidden' name='ACTION' value='saveservicegrp' ></form><form style='display:inline;' method='post'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'></td></tr>
1914 </table></form>
1915 END
1916 &Header::closebox();
1917 }
1918 # View
1919 sub viewtablenet
1920 {
1921 if(! -z $confignet){
1922 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust net'});
1923 &General::readhasharray("$confignet", \%customnetwork);
1924 &General::readhasharray("$configgrp", \%customgrp);
1925 &General::readhasharray("$fwconfigfwd", \%fwfwd);
1926 &General::readhasharray("$fwconfiginp", \%fwinp);
1927 &General::readhasharray("$fwconfigout", \%fwout);
1928
1929 if (!keys %customnetwork)
1930 {
1931 print "<center><b>$Lang::tr{'fwhost empty'}</b>";
1932 }else{
1933 print<<END;
1934 <table width='100%' cellspacing='0' class='tbl'>
1935 <tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost netaddress'}</b></th><th align='center'><b>$Lang::tr{'remark'}</b></th><th align='center'><b>$Lang::tr{'used'}</b></th><th></th><th width='3%'></th></tr>
1936 END
1937 }
1938 my $count=0;
1939 my $col='';
1940 foreach my $key (sort {ncmp($a,$b)} keys %customnetwork) {
1941 if ($fwhostsettings{'ACTION'} eq 'editnet' && $fwhostsettings{'HOSTNAME'} eq $customnetwork{$key}[0]) {
1942 print" <tr>";
1943 $col="bgcolor='${Header::colouryellow}'";
1944 }elsif ($count % 2)
1945 {
1946 $col="bgcolor='$color{'color20'}'";
1947 print" <tr>";
1948 }else
1949 {
1950 $col="bgcolor='$color{'color22'}'";
1951 print" <tr>";
1952 }
1953 my $colnet="$customnetwork{$key}[1]/".&General::subtocidr($customnetwork{$key}[2]);
1954 my $netcount=&getnetcount($customnetwork{$key}[0]);
1955 my $netusedin=&getusedin($customnetwork{$key}[0]);
1956 print"<td width='20%' $col><form method='post'>$customnetwork{$key}[0]</td><td width='15%' align='center' $col>".&getcolor($colnet)."</td><td width='40%' $col>$customnetwork{$key}[3]</td><td align='center' $col><span title='$netusedin'>$netcount x</span></td>";
1957 print<<END;
1958 <td width='1%' $col><input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
1959 <input type='hidden' name='ACTION' value='editnet'>
1960 <input type='hidden' name='HOSTNAME' value='$customnetwork{$key}[0]' />
1961 <input type='hidden' name='IP' value='$customnetwork{$key}[1]' />
1962 <input type='hidden' name='SUBNET' value='$customnetwork{$key}[2]' />
1963 <input type='hidden' name='NETREMARK' value='$customnetwork{$key}[3]' />
1964 </td></form>
1965 END
1966 if($netcount == '0')
1967 {
1968 print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' /><input type='hidden' name='ACTION' value='delnet' /><input type='hidden' name='key' value='$customnetwork{$key}[0]' /></td></form></tr>";
1969 }else{
1970 print"<td $col></td></tr>";
1971 }
1972 $count++;
1973 }
1974 print"</table>";
1975 &Header::closebox();
1976 }
1977
1978 }
1979 sub getcolor
1980 {
1981 my $c=shift;
1982 my $sip;
1983 my $scidr;
1984 my $tdcolor='';
1985 #Check if MAC
1986 if (&General::validmac($c)){ return $c;}
1987
1988 #Check if we got a full IP with subnet then split it
1989 if($c =~ /^(.*?)\/(.*?)$/){
1990 ($sip,$scidr) = split ("/",$c);
1991 }else{
1992 $sip=$c;
1993 }
1994
1995 #Now check if IP is part of ORANGE,BLUE or GREEN
1996 if ( &Header::orange_used() && &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){
1997 $tdcolor="<font style='color: $Header::colourorange;'>$c</font>";
1998 return $tdcolor;
1999 }
2000 if ( &General::IpInSubnet($sip,$netsettings{'GREEN_ADDRESS'},$netsettings{'GREEN_NETMASK'})){
2001 $tdcolor="<font style='color: $Header::colourgreen;'>$c</font>";
2002 return $tdcolor;
2003 }
2004 if ( &Header::blue_used() && &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){
2005 $tdcolor="<font style='color: $Header::colourblue;'>$c</font>";
2006 return $tdcolor;
2007 }
2008 if ("$sip/$scidr" eq "0.0.0.0/0"){
2009 $tdcolor="<font style='color: $Header::colourred;'>$c</font>";
2010 return $tdcolor;
2011 }
2012
2013 # WireGuard Roadwarrior
2014 if ($Wireguard::settings{'CLIENT_POOL'}) {
2015 if (&Network::ip_address_in_network($sip, $Wireguard::settings{'CLIENT_POOL'})) {
2016 return "<font style='color: $Header::colourwg;'>$c</font>"
2017 }
2018 }
2019
2020 #Check if IP is part of OpenVPN N2N subnet
2021 foreach my $key (sort keys %ccdhost){
2022 if ($ccdhost{$key}[3] eq 'net'){
2023 my ($a,$b) = split("/",$ccdhost{$key}[11]);
2024 if (&General::IpInSubnet($sip,$a,$b)){
2025 $tdcolor="<font style='color:$Header::colourovpn ;'>$c</font>";
2026 return $tdcolor;
2027 }
2028 }
2029 }
2030
2031 #Check if IP is part of OpenVPN dynamic subnet
2032 my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'});
2033 if (&General::IpInSubnet($sip,$a,$b)){
2034 $tdcolor="<font style='color: $Header::colourovpn;'>$c</font>";
2035 return $tdcolor;
2036 }
2037
2038 #Check if IP is part of OpenVPN static subnet
2039 foreach my $key (sort keys %ccdnet){
2040 my ($a,$b) = split("/",$ccdnet{$key}[1]);
2041 $b =&General::iporsubtodec($b);
2042 if (&General::IpInSubnet($sip,$a,$b)){
2043 $tdcolor="<font style='color: $Header::colourovpn;'>$c</font>";
2044 return $tdcolor;
2045 }
2046 }
2047
2048 #Check if IP is part of IPsec RW network
2049 if ($ipsecsettings{'RW_NET'} ne ''){
2050 my ($a,$b) = split("/",$ipsecsettings{'RW_NET'});
2051 $b=&General::iporsubtodec($b);
2052 if (&General::IpInSubnet($sip,$a,$b)){
2053 $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
2054 return $tdcolor;
2055 }
2056 }
2057
2058 #Check if IP is part of a IPsec N2N network
2059 foreach my $key (sort keys %ipsecconf){
2060 if ($ipsecconf{$key}[11]){
2061 foreach my $ipsecsubitem (split(/\|/, $ipsecconf{$key}[11])) {
2062 my ($a,$b) = split("/",$ipsecsubitem);
2063 $b=&General::iporsubtodec($b);
2064 if (&General::IpInSubnet($sip,$a,$b)){
2065 $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
2066 return $tdcolor;
2067 }
2068 }
2069 }
2070 }
2071 return "$c";
2072 }
2073 sub viewtablehost
2074 {
2075 if (! -z $confighost){
2076 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust addr'});
2077 &General::readhasharray("$confighost", \%customhost);
2078 &General::readhasharray("$configccdnet", \%ccdnet);
2079 &General::readhasharray("$configccdhost", \%ccdhost);
2080 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2081 &General::readhasharray("$fwconfiginp", \%fwinp);
2082 &General::readhasharray("$fwconfigout", \%fwout);
2083 &General::readhasharray("$configgrp", \%customgrp);
2084 if (!keys %customhost)
2085 {
2086 print "<center><b>$Lang::tr{'fwhost empty'}</b>";
2087 }else{
2088 print<<END;
2089 <table width='100%' cellspacing='0' class='tbl'>
2090 <tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost ip_mac'}</b></th><th align='center'><b>$Lang::tr{'remark'}</b></th><th align='center'><b>$Lang::tr{'used'}</b></th><th></th><th width='3%'></th></tr>
2091 END
2092 }
2093 my $count=0;
2094 my $col='';
2095 foreach my $key (sort { ncmp ($customhost{$a}[0],$customhost{$b}[0])} keys %customhost) {
2096 if ( ($fwhostsettings{'ACTION'} eq 'edithost' || $fwhostsettings{'error'}) && $fwhostsettings{'HOSTNAME'} eq $customhost{$key}[0]) {
2097 print" <tr>";
2098 $col="bgcolor='${Header::colouryellow}'";
2099 }elsif ($count % 2){
2100 print" <tr>";
2101 $col="bgcolor='$color{'color20'}'";
2102 }else{
2103 $col="bgcolor='$color{'color22'}'";
2104 print" <tr>";
2105 }
2106 my ($ip,$sub)=split(/\//,$customhost{$key}[2]);
2107 $customhost{$key}[4]=~s/\s+//g;
2108 my $hostcount=0;
2109 $hostcount=&gethostcount($customhost{$key}[0]);
2110 my $hostusedin=&getusedin($customhost{$key}[0]);
2111 my $color = &getcolor($ip);
2112 print <<END;
2113 <td width='20%' $col>$customhost{$key}[0]</td><td width='20%' align='center' $col >$color</td><td width='50%' align='left' $col>$customhost{$key}[3]</td><td align='center' $col><span title="$hostusedin">$hostcount x</span></td>
2114 <td width='1%' $col><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
2115 <input type='hidden' name='ACTION' value='edithost' />
2116 <input type='hidden' name='HOSTNAME' value='$customhost{$key}[0]' />
2117 <input type='hidden' name='IP' value='$ip' />
2118 <input type='hidden' name='type' value='$customhost{$key}[1]' />
2119 <input type='hidden' name='HOSTREMARK' value='$customhost{$key}[3]' />
2120 </form></td>
2121 END
2122 if($hostcount == '0')
2123 {
2124 print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' /><input type='hidden' name='ACTION' value='delhost' /><input type='hidden' name='key' value='$customhost{$key}[0]' /></td></form></tr>";
2125 }else{
2126 print"<td width='1%' $col></td></tr>";
2127 }
2128 $count++;
2129 }
2130 print"</table>";
2131 &Header::closebox();
2132 }
2133 }
2134 sub viewtablegrp
2135 {
2136 if(! -z "$configgrp"){
2137 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust grp'});
2138 &General::readhasharray("$configgrp", \%customgrp);
2139 &General::readhasharray("$configipsec", \%ipsecconf);
2140 &General::readhasharray("$configccdhost", \%ccdhost);
2141 &General::readhasharray("$configccdnet", \%ccdnet);
2142 &General::readhasharray("$confighost", \%customhost);
2143 &General::readhasharray("$confignet", \%customnetwork);
2144 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2145 &General::readhasharray("$fwconfiginp", \%fwinp);
2146 &General::readhasharray("$fwconfigout", \%fwout);
2147 my @grp=();
2148 my $helper='';
2149 my $count=1;
2150 my $grpname;
2151 my $remark;
2152 my $number;
2153 my $delflag;
2154 my @counter;
2155 my %hash;
2156 if (!keys %customgrp)
2157 {
2158 print "<center><b>$Lang::tr{'fwhost err emptytable'}</b>";
2159 }else{
2160 #get all groups in a hash
2161 foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
2162 push (@counter,$customgrp{$key}[0]);
2163 }
2164 foreach my $key1 (@counter) {
2165 $hash{$key1}++ ;
2166 }
2167 foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
2168 $count++;
2169 if ($helper ne $customgrp{$key}[0]){
2170 $delflag='0';
2171 foreach my $key1 (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
2172 if ($customgrp{$key}[0] eq $customgrp{$key1}[0])
2173 {
2174 $delflag++;
2175 }
2176 if($delflag > 1){
2177 last;
2178 }
2179 }
2180 $number=1;
2181 if ($customgrp{$key}[2] eq "none"){$customgrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};}
2182 $grpname=$customgrp{$key}[0];
2183 $remark="$customgrp{$key}[1]";
2184 if($count gt 1){ print"</table>";$count=1;}
2185 print "<br><b><u>$grpname</u></b>&nbsp; &nbsp;";
2186 print " <b>$Lang::tr{'remark'}:</b>&nbsp $remark &nbsp " if ($remark ne '');
2187 my $netgrpcount=&getnetcount($grpname);
2188 my $groupusedin=&getusedin($grpname);
2189 print "<b>$Lang::tr{'used'}:</b> <span title='$groupusedin'>$netgrpcount x</span>";
2190 if($netgrpcount == '0')
2191 {
2192 print"<form method='post' style='display:inline'><input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='ACTION' value='delgrp'></form>";
2193 }
2194 print"<form method='post' style='display:inline'><input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='remark' value='$remark' ><input type='hidden' name='ACTION' value='editgrp'></form>";
2195 print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost ip_mac'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost type'}</th><th></th></tr>";
2196 }
2197 my $col='';
2198 if ( ($fwhostsettings{'ACTION'} eq 'editgrp' || $fwhostsettings{'update'} ne '') && $fwhostsettings{'grp_name'} eq $customgrp{$key}[0]) {
2199 print" <tr>";
2200 $col="bgcolor='${Header::colouryellow}'";
2201 }elsif ($count %2 == 0){
2202 print"<tr>";
2203 $col="bgcolor='$color{'color20'}'";
2204 }else{
2205 print"<tr>";
2206 $col="bgcolor='$color{'color22'}'";
2207 }
2208 my $ip=&getipforgroup($customgrp{$key}[2],$customgrp{$key}[3]);
2209 if ($ip eq ''){
2210 print"<tr>";
2211 $col="bgcolor='${Header::colouryellow}'";
2212 }
2213 print "<td width='39%' align='left' $col>";
2214 if($customgrp{$key}[3] eq 'Standard Network'){
2215 print &get_name($customgrp{$key}[2])."</td>";
2216 }elsif($customgrp{$key}[3] eq "IpSec Network" && $customgrp{$key}[2] =~ /\|/){
2217 my ($a,$b) = split /\|/, $customgrp{$key}[2];
2218 print "$a</td>";
2219 }else{
2220 print "$customgrp{$key}[2]</td>";
2221 }
2222 if ($ip eq '' && $customgrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
2223 print "<td align='center' $col>$Lang::tr{'fwhost deleted'}</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
2224 }else{
2225 print"<td align='center' $col>".&getcolor($ip)."</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
2226 }
2227 if ($delflag > 0 && $ip ne ''){
2228 print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' />";
2229 #check if this group has only one entry
2230 foreach my $key2 (keys %hash) {
2231 if ($hash{$key2}<2 && $key2 eq $customgrp{$key}[0]){
2232 print "<input type='hidden' name='last' value='on'>" ;
2233 }
2234 }
2235 }
2236 print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
2237 $helper=$customgrp{$key}[0];
2238 $number++;
2239 }
2240 print"</table>";
2241 }
2242 &Header::closebox();
2243 }
2244
2245 }
2246 sub viewtablelocationgrp
2247 {
2248 # If our filesize is "zero" there is nothing to read-in.
2249 if (-z "$configlocationgrp") {
2250 return;
2251 }
2252
2253 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust locationgrp'});
2254 &General::readhasharray("$configlocationgrp", \%customlocationgrp);
2255 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2256 &General::readhasharray("$fwconfiginp", \%fwinp);
2257 &General::readhasharray("$fwconfigout", \%fwout);
2258 my @grp=();
2259 my $helper='';
2260 my $count=1;
2261 my $country_code;
2262 my $grpname;
2263 my $remark;
2264 my $number;
2265 my $delflag;
2266 my @counter;
2267 my %hash;
2268
2269 # If there are no groups we are finished here.
2270 if (!keys %customlocationgrp) {
2271 print "<center><b>$Lang::tr{'fwhost err emptytable'}</b>";
2272 return;
2273 }
2274
2275 # Put all groups in a hash.
2276 foreach my $key (sort { ncmp($customlocationgrp{$a}[0],$customlocationgrp{$b}[0]) }
2277 sort { ncmp($customlocationgrp{$a}[2],$customlocationgrp{$b}[2]) } keys %customlocationgrp) {
2278 push (@counter,$customlocationgrp{$key}[0]);
2279 }
2280
2281 # Increase current used key.
2282 foreach my $key1 (@counter) {
2283 $hash{$key1}++ ;
2284 }
2285
2286 # Sort hash.
2287 foreach my $key (sort { ncmp($customlocationgrp{$a}[0],$customlocationgrp{$b}[0]) }
2288 sort { ncmp($customlocationgrp{$a}[2],$customlocationgrp{$b}[2]) } keys %customlocationgrp) {
2289 $count++;
2290 if ($helper ne $customlocationgrp{$key}[0]) {
2291 $delflag='0';
2292
2293 foreach my $key1 (sort { ncmp($customlocationgrp{$a}[0],$customlocationgrp{$b}[0]) }
2294 sort { ncmp($customlocationgrp{$a}[2],$customlocationgrp{$b}[2]) } keys %customlocationgrp) {
2295
2296 if ($customlocationgrp{$key}[0] eq $customlocationgrp{$key1}[0])
2297 {
2298 $delflag++;
2299 }
2300 if($delflag > 1){
2301 last;
2302 }
2303 }
2304
2305 $number=1;
2306
2307 # Groupname.
2308 $grpname=$customlocationgrp{$key}[0];
2309
2310 # Group remark.
2311 $remark="$customlocationgrp{$key}[1]";
2312
2313 # Country code.
2314 $country_code="$customlocationgrp{$key}[2]";
2315
2316 if ($count gt 1){
2317 print"</table>";
2318 $count=1;
2319 }
2320
2321 # Display groups header.
2322 print "<br><b><u>$grpname</u></b>&nbsp; &nbsp;\n";
2323 print "<b>$Lang::tr{'remark'}:</b>&nbsp $remark &nbsp\n" if ($remark ne '');
2324
2325 # Get group count.
2326 my $locationgrpcount=&getlocationcount($grpname);
2327 my $locationusedin=&getlocusedin($grpname);
2328 print "<b>$Lang::tr{'used'}:</b> <span title='$locationusedin'>$locationgrpcount x</span>";
2329 # Only display delete icon, if the group is not used by a firewall rule.
2330 if($locationgrpcount == '0') {
2331 print"<form method='post' style='display:inline'>\n";
2332 print"<input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' />\n";
2333 print"<input type='hidden' name='grp_name' value='$grpname' >\n";
2334 print"<input type='hidden' name='ACTION' value='dellocationgrp'>\n";
2335 print"</form>";
2336 }
2337
2338 # Icon for group editing.
2339 print <<END;
2340 <form method='post' style='display:inline'>
2341 <input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right'/>
2342 <input type='hidden' name='grp_name' value='$grpname' >
2343 <input type='hidden' name='remark' value='$remark' >
2344 <input type='hidden' name='ACTION' value='editlocationgrp'>
2345 </form>
2346
2347 <table width='100%' cellspacing='0' class='tbl'>
2348 END
2349 # Display headlines if the group contains any entries.
2350 if ($country_code ne "none") {
2351 print <<END;
2352 <tr>
2353 <td width='10%' align='center'>
2354 <b>$Lang::tr{'flag'}</b>
2355 </td>
2356
2357 <td width='10%'align='center'>
2358 <b>$Lang::tr{'countrycode'}</b>
2359 </td>
2360
2361 <td width='70%'align='left'>
2362 <b>$Lang::tr{'country'}</b>
2363 </td>
2364
2365 <td width='10%' align='right'></td>
2366 </tr>
2367 END
2368 }
2369 }
2370
2371 # Check if our group contains any entries.
2372 if ($country_code eq "none") {
2373 print "<tr><td>$Lang::tr{'fwhost err emptytable'}</td></tr>\n";
2374 } else {
2375 # Check if we are currently editing a group and assign column backgound colors.
2376 my $col='';
2377 if ( ($fwhostsettings{'ACTION'} eq 'editlocationgrp' || $fwhostsettings{'update'} ne '')
2378 && $fwhostsettings{'grp_name'} eq $customlocationgrp{$key}[0]) {
2379 $col="bgcolor='${Header::colouryellow}'";
2380 } elsif ($count %2 == 0){
2381 $col="bgcolor='$color{'color20'}'";
2382 } else {
2383 $col="bgcolor='$color{'color22'}'";
2384 }
2385
2386 # Get country flag.
2387 my $icon = &Location::Functions::get_flag_icon($customlocationgrp{$key}[2]);
2388
2389 # Print column with flag icon.
2390 my $col_content;
2391 if ($icon) {
2392 $col_content = "<img src='$icon' alt='$customlocationgrp{$key}[2]' title='$customlocationgrp{$key}[2]'>";
2393 } else {
2394 $col_content = "<b>N/A</b>";
2395 }
2396
2397 print "<td align='center' $col>$col_content</td>\n";
2398
2399 # Print column with country code.
2400 print "<td align='center' $col>$customlocationgrp{$key}[2]</td>\n";
2401
2402 # Print column with full country name.
2403 my $country_name = &Location::Functions::get_full_country_name($customlocationgrp{$key}[2]);
2404 print "<td align='left' $col>$country_name</td>\n";
2405
2406 # Generate from for removing entries from a group.
2407 print "<td align='right' width='1%' $col><form method='post'>\n";
2408
2409 if ($delflag > 0){
2410 print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}'/>\n";
2411
2412 # Check if this group only has a single entry.
2413 foreach my $key2 (keys %hash) {
2414 if ($hash{$key2}<2 && $key2 eq $customlocationgrp{$key}[0]){
2415 print "<input type='hidden' name='last' value='on'>" ;
2416 }
2417 }
2418 }
2419
2420 print "<input type='hidden' name='ACTION' value='deletelocationgrpentry'>\n";
2421 print "<input type='hidden' name='update' value='$fwhostsettings{'update'}'>\n";
2422 print "<input type='hidden' name='delentry' value='$grpname,$remark,$customlocationgrp{$key}[2],$customlocationgrp{$key}[3]'>\n";
2423 print "</form>\n";
2424 print "</td>\n";
2425 print "</tr>\n";
2426 }
2427
2428 $helper=$customlocationgrp{$key}[0];
2429 $number++;
2430 }
2431
2432 print"</table>\n";
2433 &Header::closebox();
2434 }
2435 sub viewtableservice
2436 {
2437 my $count=0;
2438 my $srvcount;
2439 if(! -z "$configsrv")
2440 {
2441 &Header::openbox('100%', 'left', $Lang::tr{'fwhost services'});
2442 &General::readhasharray("$configsrv", \%customservice);
2443 &General::readhasharray("$configsrvgrp", \%customservicegrp);
2444 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2445 &General::readhasharray("$fwconfiginp", \%fwinp);
2446 &General::readhasharray("$fwconfigout", \%fwout);
2447 print<<END;
2448 <table width='100%' cellspacing='0' class='tbl'>
2449 <tr><th align='center'><b>$Lang::tr{'fwhost srv_name'}</b></th><th align='center'><b>$Lang::tr{'fwhost prot'}</b></th><th align='center'><b>$Lang::tr{'fwhost port'}</b></th><th align='center'><b>ICMP</b></th><th align='center'><b>$Lang::tr{'fwhost used'}</b></th><th></th><th width='3%'></th></tr>
2450 END
2451 my $col='';
2452 foreach my $key (sort { ncmp($customservice{$a}[0],$customservice{$b}[0])} keys %customservice)
2453 {
2454 $count++;
2455 if ( ($fwhostsettings{'updatesrv'} eq 'on' || $fwhostsettings{'error'}) && $fwhostsettings{'SRV_NAME'} eq $customservice{$key}[0]) {
2456 print" <tr>";
2457 $col="bgcolor='${Header::colouryellow}'";
2458 }elsif ($count % 2){
2459 print" <tr>";
2460 $col="bgcolor='$color{'color22'}'";
2461 }else{
2462 print" <tr>";
2463 $col="bgcolor='$color{'color20'}'";
2464 }
2465 print<<END;
2466 <td $col>$customservice{$key}[0]</td><td align='center' $col>$customservice{$key}[2]</td><td align='center' $col>$customservice{$key}[1]</td><td align='center' $col>
2467 END
2468 #Neuer count
2469 $srvcount=&getsrvcount($customservice{$key}[0]);
2470 my $serviceusedin=&getsrvusedin($customservice{$key}[0]);
2471 if($customservice{$key}[3] eq 'All ICMP-Types'){print $Lang::tr{'fwdfw all icmp'};}
2472 elsif($customservice{$key}[3] ne 'BLANK'){print $customservice{$key}[3];}
2473 print<<END;
2474 </td><td align='center' $col><span title='$serviceusedin'>$srvcount x</span></td>
2475 <td width='1%' $col><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' /><input type='hidden' name='ACTION' value='editservice' />
2476 <input type='hidden' name='SRV_NAME' value='$customservice{$key}[0]' />
2477 <input type='hidden' name='SRV_PORT' value='$customservice{$key}[1]' />
2478 <input type='hidden' name='PROT' value='$customservice{$key}[2]' />
2479 <input type='hidden' name='ICMP' value='$customservice{$key}[3]' /></form></td>
2480 END
2481 if ($srvcount eq '0')
2482 {
2483 print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' /><input type='hidden' name='ACTION' value='delservice' /><input type='hidden' name='SRV_NAME' value='$customservice{$key}[0]'></td></tr></form>";
2484 }else{
2485 print"<td $col></td></tr>";
2486 }
2487 }
2488 print"</table>";
2489 &Header::closebox();
2490 }
2491 }
2492 sub viewtableservicegrp
2493 {
2494 my $count=0;
2495 my $grpname;
2496 my $remark;
2497 my $helper;
2498 my $helper1;
2499 my $port;
2500 my $protocol;
2501 my $delflag;
2502 my $grpcount=0;
2503 my $col='';
2504 my $lastentry=0;
2505 my @counter;
2506 my %hash;
2507 if (! -z $configsrvgrp){
2508 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust srvgrp'});
2509 &General::readhasharray("$configsrvgrp", \%customservicegrp);
2510 &General::readhasharray("$configsrv", \%customservice);
2511 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2512 &General::readhasharray("$fwconfiginp", \%fwinp);
2513 &General::readhasharray("$fwconfigout", \%fwout);
2514 my $number= keys %customservicegrp;
2515 foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
2516 push (@counter,$customservicegrp{$key}[0]);
2517 }
2518 foreach my $key1 (@counter) {
2519 $hash{$key1}++ ;
2520 }
2521 foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
2522 $count++;
2523 if ($helper ne $customservicegrp{$key}[0]){
2524 #Get used groupcounter
2525 $grpcount=&getsrvcount($customservicegrp{$key}[0]);
2526 $delflag=0;
2527 foreach my $key1 (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) } keys %customservicegrp){
2528 if ($customservicegrp{$key}[0] eq $customservicegrp{$key1}[0])
2529 {
2530 $delflag++;
2531 }
2532 if($delflag > 1){
2533 last;
2534 }
2535 }
2536 $grpname=$customservicegrp{$key}[0];
2537 if ($customservicegrp{$key}[2] eq "none"){
2538 $customservicegrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};
2539 $port='';
2540 $protocol='';
2541 }
2542 $remark="$customservicegrp{$key}[1]";
2543 if($count >0){print"</table>";$count=1;}
2544 print "<br><b><u>$grpname</u></b>&nbsp; &nbsp; ";
2545 print "<b>$Lang::tr{'remark'}:</b>&nbsp; $remark " if ($remark ne '');
2546 my $srvgrpusedin=&getsrvusedin($customservicegrp{$key}[0]);
2547 print "&nbsp; <b>$Lang::tr{'used'}:</b> <span title='$srvgrpusedin'>$grpcount x</span>";
2548 if($grpcount == '0')
2549 {
2550 print"<form method='post' style='display:inline'><input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' /><input type='hidden' name='SRVGRP_NAME' value='$grpname' ><input type='hidden' name='ACTION' value='delservicegrp'></form>";
2551 }
2552 print"<form method='post' style='display:inline'><input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right' /><input type='hidden' name='SRVGRP_NAME' value='$grpname' ><input type='hidden' name='SRVGRP_REMARK' value='$remark' ><input type='hidden' name='ACTION' value='editservicegrp'></form>";
2553 print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>Name</b></th><th align='center'><b>$Lang::tr{'port'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost prot'}</th><th></th></tr>";
2554 }
2555 if( $fwhostsettings{'SRVGRP_NAME'} eq $customservicegrp{$key}[0]) {
2556 print"<tr>";
2557 $col="bgcolor='${Header::colouryellow}'";
2558 }elsif ($count %2 == 0){
2559 print"<tr>";
2560 $col="bgcolor='$color{'color20'}'";
2561 }else{
2562 print"<tr>";
2563 $col="bgcolor='$color{'color22'}'";
2564 }
2565 #make lines yellow if it is a dummy entry
2566 if ($customservicegrp{$key}[2] eq $Lang::tr{'fwhost err emptytable'}){
2567 print"<tr>";
2568 $col="bgcolor='${Header::colouryellow}'";
2569 }
2570 #Set fields if we use protocols in servicegroups
2571 if ($customservicegrp{$key}[2] ne 'TCP' || $customservicegrp{$key}[2] ne 'UDP' || $customservicegrp{$key}[2] ne 'ICMP'){
2572 $port='-';
2573 }
2574 if ($customservicegrp{$key}[2] eq 'GRE'){$protocol='GRE';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} GRE";}
2575 if ($customservicegrp{$key}[2] eq 'ESP'){$protocol='ESP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} ESP";}
2576 if ($customservicegrp{$key}[2] eq 'AH'){$protocol='AH';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} AH";}
2577 if ($customservicegrp{$key}[2] eq 'IGMP'){$protocol='IGMP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IGMP";}
2578 if ($customservicegrp{$key}[2] eq 'IPIP'){$protocol='IPIP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPIP";}
2579 if ($customservicegrp{$key}[2] eq 'IPV6'){$protocol='IPV6';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPv6 encapsulation";}
2580 print "<td width='39%' $col>$customservicegrp{$key}[2]</td>";
2581 foreach my $srv (sort keys %customservice){
2582 if ($customservicegrp{$key}[2] eq $customservice{$srv}[0]){
2583 $protocol=$customservice{$srv}[2];
2584 $port=$customservice{$srv}[1];
2585 last;
2586 }
2587 }
2588 print"<td align='center' $col>$port</td><td align='center' $col>$protocol</td><td width='1%' $col><form method='post'>";
2589 if ($delflag gt '0'){
2590 if ($customservicegrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
2591 print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title=$Lang::tr{'delete'} />";
2592 }
2593 #check if this group has only one entry
2594 foreach my $key2 (keys %hash) {
2595 if ($hash{$key2}<2 && $key2 eq $customservicegrp{$key}[0]){
2596 print "<input type='hidden' name='last' value='on'>" ;
2597 }
2598 }
2599 }
2600 print"<input type='hidden' name='ACTION' value='delgrpservice'><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'>";
2601 if($protocol eq 'TCP' || $protocol eq 'UDP' || $protocol eq 'ICMP'){
2602 print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$customservicegrp{$key}[2]'></form></td></tr>";
2603 }else{
2604 print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$protocol'></form></td></tr>";
2605 }
2606 $helper=$customservicegrp{$key}[0];
2607 }
2608 print"</table>";
2609 &Header::closebox();
2610 }
2611 }
2612 # Check
2613 sub checkname
2614 {
2615 my %hash=%{(shift)};
2616 foreach my $key (keys %hash) {
2617 if($hash{$key}[0] eq $fwhostsettings{'HOSTNAME'}){
2618 return 0;
2619 }
2620 }
2621 return 1;
2622
2623 }
2624 sub checkgroup
2625 {
2626 &General::readhasharray("$configgrp", \%customgrp );
2627 my $name=shift;
2628 foreach my $key (keys %customservicegrp) {
2629 if($customservicegrp{$key}[0] eq $name){
2630 return 0;
2631 }
2632 }
2633 return 1;
2634 }
2635 sub checkservice
2636 {
2637 &General::readhasharray("$configsrv", \%customservice );
2638 my $name=shift;
2639 foreach my $key (keys %customservice) {
2640 if($customservice{$key}[0] eq $name){
2641 return 0;
2642 }
2643 }
2644 return 1;
2645 }
2646 sub checkip
2647 {
2648
2649 my %hash=%{(shift)};
2650 my $a=shift;
2651 foreach my $key (keys %hash) {
2652 if($hash{$key}[$a] eq $fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'})){
2653 return 0;
2654 }
2655 }
2656 return 1;
2657 }
2658 sub checkservicegroup
2659 {
2660 &General::readhasharray("$configsrvgrp", \%customservicegrp);
2661 #check name
2662 if ( ! &validhostname($fwhostsettings{'SRVGRP_NAME'}))
2663 {
2664 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
2665 return $errormessage;
2666 }
2667 #check empty selectbox
2668 if (keys %customservice lt 1)
2669 {
2670 $errormessage.=$Lang::tr{'fwhost err groupempty'}."<br>";
2671 }
2672 #check if name already exists
2673 if ($fwhostsettings{'updatesrvgrp'} ne 'on'){
2674 foreach my $key (keys %customservicegrp) {
2675 if( $customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} ){
2676 $errormessage.=$Lang::tr{'fwhost err grpexist'}."<br>";
2677
2678 }
2679 }
2680 }
2681 #check if service already exists in group
2682 foreach my $key (keys %customservicegrp) {
2683 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[2] eq $fwhostsettings{'CUST_SRV'} ){
2684 $errormessage.=$Lang::tr{'fwhost err srvexist'}."<br>";
2685 }
2686 }
2687 return $errormessage;
2688 }
2689 sub checkrulereload
2690 {
2691 my $search=shift;
2692 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2693 &General::readhasharray("$fwconfiginp", \%fwinp);
2694 &General::readhasharray("$fwconfigout", \%fwout);
2695
2696 #check if service or servicegroup is used in rules
2697 foreach my $key (keys %fwfwd){
2698 if($search eq $fwfwd{$key}[15]){
2699 &General::firewall_config_changed();
2700 return;
2701 }
2702 }
2703 foreach my $key (keys %fwinp){
2704 if($search eq $fwinp{$key}[15]){
2705 &General::firewall_config_changed();
2706 return;
2707 }
2708 }
2709 foreach my $key (keys %fwout){
2710 if($search eq $fwout{$key}[15]){
2711 &General::firewall_config_changed();
2712 return;
2713 }
2714 }
2715 }
2716 sub error
2717 {
2718 if ($errormessage) {
2719 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
2720 print "<class name='base'>$errormessage\n";
2721 print "&nbsp;</class>\n";
2722 &Header::closebox();
2723 }
2724 }
2725 sub hint
2726 {
2727 if ($hint) {
2728 &Header::openbox('100%', 'left', $Lang::tr{'fwhost hint'});
2729 print "<class name='base'>$hint\n";
2730 print "&nbsp;</class>\n";
2731 &Header::closebox();
2732 }
2733 }
2734 sub get_name
2735 {
2736 my $val=shift;
2737 &General::setup_default_networks(\%defaultNetworks);
2738 foreach my $network (sort keys %defaultNetworks)
2739 {
2740 return "$network" if ($val eq $defaultNetworks{$network}{'NAME'});
2741 }
2742 }
2743 sub gethostcount
2744 {
2745 my $searchstring=shift;
2746 my $srvcounter=0;
2747 #Count services used in servicegroups
2748 foreach my $key (keys %customgrp) {
2749 if($customgrp{$key}[2] eq $searchstring){
2750 $srvcounter++;
2751 }
2752 }
2753 #Count services used in firewall - config
2754 foreach my $key1 (keys %fwfwd) {
2755 if($fwfwd{$key1}[4] eq $searchstring){
2756 $srvcounter++;
2757 }
2758 if($fwfwd{$key1}[6] eq $searchstring){
2759 $srvcounter++;
2760 }
2761 }
2762 #Count services used in firewall - input
2763 foreach my $key2 (keys %fwinp) {
2764 if($fwinp{$key2}[4] eq $searchstring){
2765 $srvcounter++;
2766 }
2767 if($fwinp{$key2}[6] eq $searchstring){
2768 $srvcounter++;
2769 }
2770 }
2771 #Count services used in firewall - outgoing
2772 foreach my $key3 (keys %fwout) {
2773 if($fwout{$key3}[4] eq $searchstring){
2774 $srvcounter++;
2775 }
2776 if($fwout{$key3}[6] eq $searchstring){
2777 $srvcounter++;
2778 }
2779 }
2780 return $srvcounter;
2781 }
2782 sub getlocationcount
2783 {
2784 my $groupname=shift;
2785 my $counter=0;
2786
2787 # Location groups are stored as "group:groupname" in the
2788 # firewall settings files.
2789 my $searchstring = join(':', "group",$groupname);
2790
2791 # Count services used in firewall - forward
2792 foreach my $key1 (keys %fwfwd) {
2793 if($fwfwd{$key1}[4] eq $searchstring){
2794 $counter++;
2795 }
2796 if($fwfwd{$key1}[6] eq $searchstring){
2797 $counter++;
2798 }
2799 }
2800 #Count services used in firewall - input
2801 foreach my $key2 (keys %fwinp) {
2802 if($fwinp{$key2}[4] eq $searchstring){
2803 $counter++;
2804 }
2805 if($fwinp{$key2}[6] eq $searchstring){
2806 $counter++;
2807 }
2808 }
2809 #Count services used in firewall - outgoing
2810 foreach my $key3 (keys %fwout) {
2811 if($fwout{$key3}[4] eq $searchstring){
2812 $counter++;
2813 }
2814 if($fwout{$key3}[6] eq $searchstring){
2815 $counter++;
2816 }
2817 }
2818 return $counter;
2819 }
2820 sub getlocusedin
2821 {
2822 my $groupname=shift;
2823 my $titletext="";
2824
2825 # Location groups are stored as "group:groupname" in the
2826 # firewall settings files.
2827 my $searchstring = join(':', "group",$groupname);
2828
2829 #Count services used in firewall - config
2830 my $fwfwtext="";
2831 # first set title if found
2832 foreach my $key1 (keys %fwfwd) {
2833 if($fwfwd{$key1}[4] eq $searchstring){
2834 $fwfwtext = "$Lang::tr{'firewall rules'}:";
2835 }
2836 if($fwfwd{$key1}[6] eq $searchstring){
2837 $fwfwtext = "$Lang::tr{'firewall rules'}:";
2838 }
2839 }
2840 # then add rule numbers
2841 my @fwfwrules = ();
2842 foreach my $key1 (keys %fwfwd) {
2843 if($fwfwd{$key1}[4] eq $searchstring){
2844 push(@fwfwrules, $key1);
2845 }
2846 if($fwfwd{$key1}[6] eq $searchstring){
2847 push(@fwfwrules, $key1);
2848 }
2849 }
2850 my @fwfwarraysorted = sort { $a <=> $b } @fwfwrules;
2851 foreach my $rule (@fwfwarraysorted)
2852 {
2853 $fwfwtext .= "&#010- $rule";
2854 }
2855 #Count services used in firewall - input
2856 my $fwintext="";
2857 foreach my $key2 (keys %fwinp) {
2858 if($fwinp{$key2}[4] eq $searchstring){
2859 $fwintext = "$Lang::tr{'incoming firewall access'}:";
2860 }
2861 if($fwinp{$key2}[6] eq $searchstring){
2862 $fwintext = "$Lang::tr{'incoming firewall access'}:";
2863 }
2864 }
2865 my @fwinrules = ();
2866 foreach my $key2 (keys %fwinp) {
2867 if($fwinp{$key2}[4] eq $searchstring){
2868 push(@fwinrules, $key2);
2869 }
2870 if($fwinp{$key2}[6] eq $searchstring){
2871 push(@fwinrules, $key2);
2872 }
2873 }
2874 my @fwinarraysorted = sort { $a <=> $b } @fwinrules;
2875 foreach my $rule (@fwinarraysorted)
2876 {
2877 $fwintext .= "&#010- $rule";
2878 }
2879 #Count services used in firewall - outgoing
2880 my $fwouttext="";
2881 foreach my $key3 (keys %fwout) {
2882 if($fwout{$key3}[4] eq $searchstring){
2883 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
2884 }
2885 if($fwout{$key3}[6] eq $searchstring){
2886 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
2887 }
2888 }
2889 my @fwoutrules = ();
2890 foreach my $key3 (keys %fwout) {
2891 if($fwout{$key3}[4] eq $searchstring){
2892 push(@fwoutrules, $key3);
2893 }
2894 if($fwout{$key3}[6] eq $searchstring){
2895 push(@fwoutrules, $key3);
2896 }
2897 }
2898 my @fwoutarraysorted = sort { $a <=> $b } @fwoutrules;
2899 foreach my $rule (@fwoutarraysorted)
2900 {
2901 $fwouttext .= "&#010- $rule";
2902 }
2903 if ($fwfwtext) {
2904 $titletext .= "$fwfwtext"
2905 }
2906 if ($fwintext) {
2907 if ($titletext) {
2908 $titletext .= "&#010 "
2909 }
2910 $titletext .= "$fwintext"
2911 }
2912 if ($fwouttext) {
2913 if ($titletext) {
2914 $titletext .= "&#010 "
2915 }
2916 $titletext .= "$fwouttext"
2917 }
2918 return $titletext;
2919 }
2920 sub getnetcount
2921 {
2922 my $searchstring=shift;
2923 my $srvcounter=0;
2924 #Count services used in servicegroups
2925 foreach my $key (keys %customgrp) {
2926 if($customgrp{$key}[2] eq $searchstring){
2927 $srvcounter++;
2928 }
2929 }
2930 #Count services used in firewall - config
2931 foreach my $key1 (keys %fwfwd) {
2932 if($fwfwd{$key1}[4] eq $searchstring){
2933 $srvcounter++;
2934 }
2935 if($fwfwd{$key1}[6] eq $searchstring){
2936 $srvcounter++;
2937 }
2938 }
2939 #Count services used in firewall - input
2940 foreach my $key2 (keys %fwinp) {
2941 if($fwinp{$key2}[4] eq $searchstring){
2942 $srvcounter++;
2943 }
2944 if($fwinp{$key2}[6] eq $searchstring){
2945 $srvcounter++;
2946 }
2947 }
2948 #Count services used in firewall - outgoing
2949 foreach my $key3 (keys %fwout) {
2950 if($fwout{$key3}[4] eq $searchstring){
2951 $srvcounter++;
2952 }
2953 if($fwout{$key3}[6] eq $searchstring){
2954 $srvcounter++;
2955 }
2956 }
2957 return $srvcounter;
2958 }
2959 sub getusedin
2960 {
2961 my $searchstring=shift;
2962 my $titletext="";
2963 my $groups=();
2964 my $rules=();
2965
2966 #Count services used in Network/Host group
2967 my $servicegrouptext="";
2968 foreach my $key (keys %customgrp) {
2969 if($customgrp{$key}[2] eq $searchstring){
2970 $servicegrouptext = "$Lang::tr{'fwhost cust grp'}:";
2971 }
2972 }
2973 foreach my $key (keys %customgrp) {
2974 if($customgrp{$key}[2] eq $searchstring){
2975 $servicegrouptext .= "&#010- $customgrp{$key}[0]";
2976 }
2977 }
2978 #Count services used in firewall - config
2979 my $fwfwtext="";
2980 # first set title if found
2981 foreach my $key1 (keys %fwfwd) {
2982 if($fwfwd{$key1}[4] eq $searchstring){
2983 $fwfwtext = "$Lang::tr{'firewall rules'}:";
2984 }
2985 if($fwfwd{$key1}[6] eq $searchstring){
2986 $fwfwtext = "$Lang::tr{'firewall rules'}:";
2987 }
2988 }
2989 # then add rule numbers
2990 my @fwfwrules = ();
2991 foreach my $key1 (keys %fwfwd) {
2992 if($fwfwd{$key1}[4] eq $searchstring){
2993 push(@fwfwrules, $key1);
2994 }
2995 if($fwfwd{$key1}[6] eq $searchstring){
2996 push(@fwfwrules, $key1);
2997 }
2998 }
2999 my @fwfwarraysorted = sort { $a <=> $b } @fwfwrules;
3000 foreach my $rule (@fwfwarraysorted)
3001 {
3002 $fwfwtext .= "&#010- $rule";
3003 }
3004 #Count services used in firewall - input
3005 my $fwintext="";
3006 foreach my $key2 (keys %fwinp) {
3007 if($fwinp{$key2}[4] eq $searchstring){
3008 $fwintext = "$Lang::tr{'incoming firewall access'}:";
3009 }
3010 if($fwinp{$key2}[6] eq $searchstring){
3011 $fwintext = "$Lang::tr{'incoming firewall access'}:";
3012 }
3013 }
3014 my @fwinrules = ();
3015 foreach my $key2 (keys %fwinp) {
3016 if($fwinp{$key2}[4] eq $searchstring){
3017 push(@fwinrules, $key2);
3018 }
3019 if($fwinp{$key2}[6] eq $searchstring){
3020 push(@fwinrules, $key2);
3021 }
3022 }
3023 my @fwinarraysorted = sort { $a <=> $b } @fwinrules;
3024 foreach my $rule (@fwinarraysorted)
3025 {
3026 $fwintext .= "&#010- $rule";
3027 }
3028 #Count services used in firewall - outgoing
3029 my $fwouttext="";
3030 foreach my $key3 (keys %fwout) {
3031 if($fwout{$key3}[4] eq $searchstring){
3032 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
3033 }
3034 if($fwout{$key3}[6] eq $searchstring){
3035 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
3036 }
3037 }
3038 my @fwoutrules = ();
3039 foreach my $key3 (keys %fwout) {
3040 if($fwout{$key3}[4] eq $searchstring){
3041 push(@fwoutrules, $key3);
3042 }
3043 if($fwout{$key3}[6] eq $searchstring){
3044 push(@fwoutrules, $key3);
3045 }
3046 }
3047 my @fwoutarraysorted = sort { $a <=> $b } @fwoutrules;
3048 foreach my $rule (@fwoutarraysorted)
3049 {
3050 $fwouttext .= "&#010- $rule";
3051 }
3052 if ($servicegrouptext) {
3053 $titletext .= "$servicegrouptext"
3054 }
3055 if ($fwfwtext) {
3056 if ($titletext) {
3057 $titletext .= "&#010 "
3058 }
3059 $titletext .= "$fwfwtext"
3060 }
3061 if ($fwintext) {
3062 if ($titletext) {
3063 $titletext .= "&#010 "
3064 }
3065 $titletext .= "$fwintext"
3066 }
3067 if ($fwouttext) {
3068 if ($titletext) {
3069 $titletext .= "&#010 "
3070 }
3071 $titletext .= "$fwouttext"
3072 }
3073 return $titletext
3074 }
3075 sub getsrvcount
3076 {
3077 my $searchstring=shift;
3078 my $srvcounter=0;
3079 #Count services used in servicegroups
3080 foreach my $key (keys %customservicegrp) {
3081 if($customservicegrp{$key}[2] eq $searchstring){
3082 $srvcounter++;
3083 }
3084 }
3085 #Count services used in firewall - config
3086 foreach my $key1 (keys %fwfwd) {
3087 if($fwfwd{$key1}[15] eq $searchstring){
3088 $srvcounter++;
3089 }
3090 }
3091 #Count services used in firewall - input
3092 foreach my $key2 (keys %fwinp) {
3093 if($fwinp{$key2}[15] eq $searchstring){
3094 $srvcounter++;
3095 }
3096 }
3097 #Count services used in firewall - outgoing
3098 foreach my $key3 (keys %fwout) {
3099 if($fwout{$key3}[15] eq $searchstring){
3100 $srvcounter++;
3101 }
3102 }
3103 return $srvcounter;
3104 }
3105 sub getsrvusedin
3106 {
3107 my $searchstring=shift;
3108 my $titletext="";
3109 #Count services used in servicegroups
3110 my $servicegrouptext="";
3111 foreach my $key (keys %customservicegrp) {
3112 if($customservicegrp{$key}[2] eq $searchstring){
3113 $servicegrouptext = "$Lang::tr{'outgoing firewall access'}:";
3114 }
3115 }
3116 foreach my $key (keys %customservicegrp) {
3117 if($customservicegrp{$key}[2] eq $searchstring){
3118 $servicegrouptext .= "&#010- $customservicegrp{$key}[0]";
3119 }
3120 }
3121 my $fwfwtext="";
3122 # first set title if found
3123 foreach my $key1 (keys %fwfwd) {
3124 if($fwfwd{$key1}[15] eq $searchstring){
3125 $fwfwtext = "$Lang::tr{'firewall rules'}:";
3126 }
3127 }
3128 # then add rule numbers
3129 my @fwfwrules = ();
3130 foreach my $key1 (keys %fwfwd) {
3131 if($fwfwd{$key1}[15] eq $searchstring){
3132 push(@fwfwrules, $key1);
3133 }
3134 }
3135 my @fwfwarraysorted = sort { $a <=> $b } @fwfwrules;
3136 foreach my $rule (@fwfwarraysorted)
3137 {
3138 $fwfwtext .= "&#010- $rule";
3139 }
3140 #Count services used in firewall - input
3141 my $fwintext="";
3142 foreach my $key2 (keys %fwinp) {
3143 if($fwinp{$key2}[15] eq $searchstring){
3144 $fwintext = "$Lang::tr{'incoming firewall access'}:";
3145 }
3146 }
3147 my @fwinrules = ();
3148 foreach my $key2 (keys %fwinp) {
3149 if($fwinp{$key2}[15] eq $searchstring){
3150 push(@fwinrules, $key2);
3151 }
3152 }
3153 my @fwinarraysorted = sort { $a <=> $b } @fwinrules;
3154 foreach my $rule (@fwinarraysorted)
3155 {
3156 $fwintext .= "&#010- $rule";
3157 }
3158 #Count services used in firewall - outgoing
3159 my $fwouttext="";
3160 foreach my $key3 (keys %fwout) {
3161 if($fwout{$key3}[15] eq $searchstring){
3162 $fwouttext = "$Lang::tr{'outgoing firewall access'}:";
3163 }
3164 }
3165 my @fwoutrules = ();
3166 foreach my $key3 (keys %fwout) {
3167 if($fwout{$key3}[15] eq $searchstring){
3168 push(@fwoutrules, $key3);
3169 }
3170 }
3171 my @fwoutarraysorted = sort { $a <=> $b } @fwoutrules;
3172 foreach my $rule (@fwoutarraysorted)
3173 {
3174 $fwouttext .= "&#010- $rule";
3175 }
3176 if ($servicegrouptext ne '') {
3177 $titletext .= "$servicegrouptext";
3178 }
3179 if ($fwfwtext ne '') {
3180 if ($titletext) {
3181 $titletext .= "&#010 ";
3182 }
3183 $titletext .= "$fwfwtext";
3184 }
3185 if ($fwintext ne '') {
3186 if ($titletext) {
3187 $titletext .= "&#010 ";
3188 }
3189 $titletext .= "$fwintext";
3190 }
3191 if ($fwouttext) {
3192 if ($titletext ne '') {
3193 $titletext .= "&#010 ";
3194 }
3195 $titletext .= "$fwouttext";
3196 }
3197 return $titletext
3198 }
3199 sub deletefromgrp
3200 {
3201 my $target=shift;
3202 my $config=shift;
3203 my %hash=();
3204 &General::readhasharray("$config",\%hash);
3205 foreach my $key (keys %hash) {
3206 if($hash{$key}[2] eq $target){
3207 delete $hash{$key};
3208 }
3209 }
3210 &General::writehasharray("$config",\%hash);
3211
3212 }
3213 sub plausicheck
3214 {
3215 my $edit=shift;
3216 #check hostname
3217 if (!&validhostname($fwhostsettings{'HOSTNAME'}))
3218 {
3219 $errormessage=$errormessage.$Lang::tr{'fwhost err name'};
3220 $fwhostsettings{'BLK_IP'}='readonly';
3221 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
3222 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3223 }
3224 #check if name collides with CCD Netname
3225 &General::readhasharray("$configccdnet", \%ccdnet);
3226 foreach my $key (keys %ccdnet) {
3227 if($ccdnet{$key}[0] eq $fwhostsettings{'HOSTNAME'}){
3228 $errormessage=$errormessage.$Lang::tr{'fwhost err isccdnet'};;
3229 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
3230 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3231 last;
3232 }
3233 }
3234 #check if IP collides with CCD NetIP
3235 if ($fwhostsettings{'type'} ne 'mac'){
3236 &General::readhasharray("$configccdnet", \%ccdnet);
3237 foreach my $key (keys %ccdnet) {
3238 my $test=(&General::getnetworkip($fwhostsettings{'IP'},&General::iporsubtocidr($fwhostsettings{'SUBNET'})))."/".$fwhostsettings{'SUBNET'};
3239 if($ccdnet{$key}[1] eq $test){
3240 $errormessage=$errormessage.$Lang::tr{'fwhost err isccdipnet'};
3241 $fwhostsettings{'IP'} = $fwhostsettings{'orgip'};
3242 $fwhostsettings{'SUBNET'} = $fwhostsettings{'orgsubnet'};
3243 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3244 last;
3245 }
3246 }
3247 }
3248 #check if name collides with CCD Hostname
3249 &General::readhasharray("$configccdhost", \%ccdhost);
3250 foreach my $key (keys %ccdhost) {
3251 my ($ip,$sub)=split(/\//,$ccdhost{$key}[33]);
3252 if($ip eq $fwhostsettings{'IP'}){
3253 $errormessage=$Lang::tr{'fwhost err isccdiphost'};
3254 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3255 last;
3256 }
3257 }
3258 #check if IP collides with CCD HostIP (only hosts)
3259 if ($edit eq 'edithost')
3260 {
3261 foreach my $key (keys %ccdhost) {
3262 if($ccdhost{$key}[1] eq $fwhostsettings{'HOSTNAME'}){
3263 $errormessage=$Lang::tr{'fwhost err isccdhost'};
3264 $fwhostsettings{'IP'} = $fwhostsettings{'orgname'};
3265 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3266 last;
3267 }
3268 }
3269 }
3270 #check if network with this name already exists
3271 &General::readhasharray("$confignet", \%customnetwork);
3272 if (!&checkname(\%customnetwork))
3273 {
3274 $errormessage=$errormessage."<br>".$Lang::tr{'fwhost err netexist'};
3275 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
3276 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3277 }
3278 #check if network ip already exists
3279 if (!&checkip(\%customnetwork,1))
3280 {
3281 $errormessage=$errormessage."<br>".$Lang::tr{'fwhost err net'};
3282 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3283 }
3284 #check if host with this name already exists
3285 &General::readhasharray("$confighost", \%customhost);
3286 if (!&checkname(\%customhost))
3287 {
3288 $errormessage.="<br>".$Lang::tr{'fwhost err hostexist'};
3289 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
3290 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
3291 }
3292 #check if host with this ip already exists
3293 if (!&checkip(\%customhost,2))
3294 {
3295 $errormessage=$errormessage."<br>".$Lang::tr{'fwhost err ipcheck'};
3296 }
3297 return;
3298 }
3299 sub getipforgroup
3300 {
3301 my $name=$_[0],
3302 my $type=$_[1];
3303 my $value;
3304
3305 #get address from IPSEC NETWORK
3306 if ($type eq 'IpSec Network'){
3307 foreach my $key (keys %ipsecconf) {
3308 if ($ipsecconf{$key}[1] eq $name){
3309 if ($ipsecconf{$key}[11] =~ /\|/) {
3310 my $string;
3311 my @parts = split /\|/ , $ipsecconf{$key}[11];
3312 foreach my $key1 (@parts){
3313 my ($val1,$val2) = split (/\//, $key1);
3314 my $val3 = &Network::convert_netmask2prefix($val2) || $val2;
3315 $string .= "$val1/$val3<br>";
3316 }
3317 return $string;
3318 }else{
3319 return $ipsecconf{$key}[11];
3320 }
3321 }else{
3322 if ($name =~ /\|/) {
3323 my ($a,$b) = split /\|/, $name;
3324 return $b;
3325 }
3326 }
3327 }
3328 &deletefromgrp($name,$configgrp);
3329 }
3330
3331 #get address from IPSEC HOST
3332 if ($type eq 'IpSec Host'){
3333 foreach my $key (keys %ipsecconf) {
3334 if ($ipsecconf{$key}[1] eq $name){
3335 return $ipsecconf{$key}[10];
3336 }
3337 }
3338 &deletefromgrp($name,$configgrp);
3339 }
3340
3341 # WireGuard Peers
3342 if ($type eq "wg_peer") {
3343 my $peer = &Wireguard::get_peer_by_name($name);
3344
3345 if (defined $peer) {
3346 my @addresses = ();
3347
3348 if ($peer->{"TYPE"} eq "host") {
3349 push(@addresses, @{ $peer->{"CLIENT_ADDRESS"} });
3350 } elsif ($peer->{"TYPE"} eq "net") {
3351 push(@addresses, @{ $peer->{"REMOTE_SUBNETS"} });
3352 }
3353
3354 return join(", ", @addresses);
3355 }
3356 }
3357
3358 #get address from ovpn ccd Net-2-Net
3359 if ($type eq 'OpenVPN N-2-N'){
3360 foreach my $key (keys %ccdhost) {
3361 if($ccdhost{$key}[1] eq $name){
3362 my ($a,$b) = split ("/",$ccdhost{$key}[11]);
3363 $b=&Network::convert_netmask2prefix($b) || ($b);
3364 return "$a/$b";
3365 }
3366 }
3367 &deletefromgrp($name,$configgrp);
3368 }
3369
3370 #get address from ovpn ccd static host
3371 if ($type eq 'OpenVPN static host'){
3372 foreach my $key (keys %ccdhost) {
3373 if($ccdhost{$key}[1] eq $name){
3374 my ($a,$b) = split (/\//,$ccdhost{$key}[33]);
3375 $b=&Network::convert_netmask2prefix($b) || ($b) ;
3376 return "$a/$b";
3377 }
3378 }
3379 &deletefromgrp($name,$configgrp);
3380 }
3381
3382 #get address from ovpn ccd static net
3383 if ($type eq 'OpenVPN static network'){
3384 foreach my $key (keys %ccdnet) {
3385 if ($ccdnet{$key}[0] eq $name){
3386 my ($a,$b) = split (/\//,$ccdnet{$key}[1]);
3387 $b=&Network::convert_netmask2prefix($b) || ($b);
3388 return "$a/$b";
3389 }
3390 }
3391 }
3392
3393 #check custom addresses
3394 if ($type eq 'Custom Host'){
3395 foreach my $key (keys %customhost) {
3396 if ($customhost{$key}[0] eq $name){
3397 my ($ip,$sub) = split("/",$customhost{$key}[2]);
3398 return $ip;
3399 }
3400 }
3401 }
3402
3403 ##check custom networks
3404 if ($type eq 'Custom Network'){
3405 foreach my $key (keys %customnetwork) {
3406 if($customnetwork{$key}[0] eq $name){
3407 return $customnetwork{$key}[1]."/".&Network::convert_netmask2prefix($customnetwork{$key}[2]) || $customnetwork{$key}[2];
3408 }
3409 }
3410 }
3411
3412 #check standard networks
3413 if ($type eq 'Standard Network'){
3414 if ($name =~ /OpenVPN/i){
3415 my %ovpn=();
3416 &General::readhash("${General::swroot}/ovpn/settings",\%ovpn);
3417 return $ovpn{'DOVPN_SUBNET'};
3418 }
3419 if ($name eq 'GREEN'){
3420 my %hash=();
3421 &General::readhash("${General::swroot}/ethernet/settings",\%hash);
3422 return $hash{'GREEN_NETADDRESS'}."/".&Network::convert_netmask2prefix($hash{'GREEN_NETMASK'}) || $hash{'GREEN_NETMASK'};
3423 }
3424 if ($name eq 'BLUE'){
3425 my %hash=();
3426 &General::readhash("${General::swroot}/ethernet/settings",\%hash);
3427 return $hash{'BLUE_NETADDRESS'}."/".&Network::convert_netmask2prefix($hash{'BLUE_NETMASK'}) || $hash{'BLUE_NETMASK'};
3428 }
3429 if ($name eq 'ORANGE'){
3430 my %hash=();
3431 &General::readhash("${General::swroot}/ethernet/settings",\%hash);
3432 return $hash{'ORANGE_NETADDRESS'}."/".&Network::convert_netmask2prefix($hash{'ORANGE_NETMASK'}) || $hash{'ORANGE_NETMASK'};
3433 }
3434 if ($name eq "WGRW") {
3435 return $Wireguard::settings{'CLIENT_POOL'};
3436 }
3437 if ($name eq 'ALL'){
3438 return "0.0.0.0/0";
3439 }
3440 if ($name =~ /IPsec/i){
3441 my %hash=();
3442 &General::readhash("${General::swroot}/vpn/settings",\%hash);
3443 return $hash{'RW_NET'};
3444 }
3445 if ($name eq 'RED'){
3446 return "0.0.0.0/0";
3447 }
3448 }
3449 }
3450 sub decrease
3451 {
3452 my $grp=$_[0];
3453 &General::readhasharray("$confignet", \%customnetwork);
3454 &General::readhasharray("$confighost", \%customhost);
3455 foreach my $key (sort keys %customgrp ){
3456 if ( ($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Network')){
3457 foreach my $key1 (sort keys %customnetwork){
3458 if ($customnetwork{$key1}[0] eq $customgrp{$key}[2]){
3459 $customnetwork{$key1}[4]=$customnetwork{$key1}[4]-1;
3460 last;
3461 }
3462 }
3463 }
3464
3465 if (($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Host')){
3466 foreach my $key2 (sort keys %customhost){
3467 if ($customhost{$key2}[0] eq $customgrp{$key}[2]){
3468 $customhost{$key2}[4]=$customhost{$key2}[4]-1;
3469 last;
3470 }
3471 }
3472
3473 }
3474 }
3475 &General::writehasharray("$confignet", \%customnetwork);
3476 &General::writehasharray("$confighost", \%customhost);
3477 }
3478 sub decreaseservice
3479 {
3480 my $grp=$_[0];
3481 &General::readhasharray("$configsrv", \%customservice);
3482 &General::readhasharray("$configsrvgrp", \%customservicegrp);
3483
3484 foreach my $key (sort keys %customservicegrp){
3485 if ($customservicegrp{$key}[0] eq $grp ){
3486 foreach my $key2 (sort keys %customservice){
3487 if ($customservice{$key2}[0] eq $customservicegrp{$key}[2]){
3488 $customservice{$key2}[4]--;
3489 }
3490 }
3491 }
3492 }
3493 &General::writehasharray("$configsrv", \%customservice);
3494
3495 }
3496 sub changenameinfw
3497 {
3498 my $old=shift;
3499 my $new=shift;
3500 my $fld=shift;
3501 my $type=shift;
3502
3503 if ($type eq 'location'){
3504 $old="group:$old";
3505 $new="group:$new";
3506 }
3507 &General::readhasharray("$fwconfigfwd", \%fwfwd);
3508 &General::readhasharray("$fwconfiginp", \%fwinp);
3509 &General::readhasharray("$fwconfigout", \%fwout);
3510 #Rename group in Firewall-CONFIG
3511 foreach my $key1 (keys %fwfwd) {
3512 if($fwfwd{$key1}[$fld] eq $old){
3513 $fwfwd{$key1}[$fld]=$new;
3514 }
3515 }
3516 &General::writehasharray("$fwconfigfwd", \%fwfwd );
3517 #Rename group in Firewall-INPUT
3518 foreach my $key2 (keys %fwinp) {
3519 if($fwinp{$key2}[$fld] eq $old){
3520 $fwinp{$key2}[$fld]=$new;
3521 }
3522 }
3523 &General::writehasharray("$fwconfiginp", \%fwinp );
3524 #Rename group in Firewall-OUTGOING
3525 foreach my $key3 (keys %fwout) {
3526 if($fwout{$key3}[$fld] eq $old){
3527 $fwout{$key3}[$fld]=$new;
3528 }
3529 }
3530 &General::writehasharray("$fwconfigout", \%fwout );
3531 }
3532 sub checkports
3533 {
3534
3535 my %hash=%{(shift)};
3536 #check empty fields
3537 if ($fwhostsettings{'SRV_NAME'} eq '' ){
3538 $errormessage=$Lang::tr{'fwhost err name1'};
3539 }
3540 if ($fwhostsettings{'SRV_PORT'} eq '' && $fwhostsettings{'PROT'} ne 'ICMP'){
3541 $errormessage=$Lang::tr{'fwhost err port'};
3542 }
3543 #check valid name
3544 if (! &validhostname($fwhostsettings{'SRV_NAME'})){
3545 $errormessage="<br>".$Lang::tr{'fwhost err name'};
3546 }
3547 #change dashes with :
3548 $fwhostsettings{'SRV_PORT'}=~ tr/-/:/;
3549
3550 if ($fwhostsettings{'SRV_PORT'} eq "*") {
3551 $fwhostsettings{'SRV_PORT'} = "1:65535";
3552 }
3553 if ($fwhostsettings{'SRV_PORT'} =~ /^(\D)\:(\d+)$/) {
3554 $fwhostsettings{'SRV_PORT'} = "1:$2";
3555 }
3556 if ($fwhostsettings{'SRV_PORT'} =~ /^(\d+)\:(\D)$/) {
3557 $fwhostsettings{'SRV_PORT'} = "$1:65535";
3558 }
3559 if($fwhostsettings{'PROT'} ne 'ICMP'){
3560 $errormessage = $errormessage.&General::validportrange($fwhostsettings{'SRV_PORT'}, 'src');
3561 }
3562 # a new service has to have a different name
3563 foreach my $key (keys %hash){
3564 if ($hash{$key}[0] eq $fwhostsettings{'SRV_NAME'}){
3565 $errormessage = "<br>".$Lang::tr{'fwhost err srv exists'};
3566 last;
3567 }
3568 }
3569 return $errormessage;
3570 }
3571 sub validhostname
3572 {
3573 # Checks a hostname against RFC1035
3574 my $hostname = $_[0];
3575
3576 # Each part should be at least two characters in length
3577 # but no more than 63 characters
3578 if (length ($hostname) < 1 || length ($hostname) > 63) {
3579 return 0;}
3580 # Only valid characters are a-z, A-Z, 0-9 and -
3581 if ($hostname !~ /^[a-zA-ZäöüÖÄÜ0-9-_.;()\/\s]*$/) {
3582 return 0;}
3583 # First character can only be a letter or a digit
3584 if (substr ($hostname, 0, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/) {
3585 return 0;}
3586 # Last character can only be a letter or a digit
3587 if (substr ($hostname, -1, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9()]*$/) {
3588 return 0;}
3589 return 1;
3590 }
3591 sub validremark
3592 {
3593 # Checks a hostname against RFC1035
3594 my $remark = $_[0];
3595 # Each part should be at least two characters in length
3596 # but no more than 63 characters
3597 if (length ($remark) < 1 || length ($remark) > 255) {
3598 return 0;}
3599 # Only valid characters are a-z, A-Z, 0-9 and -
3600 if ($remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:;\|_()\/\s]*$/) {
3601 return 0;}
3602 # First character can only be a letter or a digit
3603 if (substr ($remark, 0, 1) !~ /^[a-zäöüA-ZÖÄÜ0-9]*$/) {
3604 return 0;}
3605 # Last character can only be a letter or a digit
3606 if (substr ($remark, -1, 1) !~ /^[a-zöäüA-ZÖÄÜ0-9.:;_)]*$/) {
3607 return 0;}
3608 return 1;
3609 }
3610 &Header::closebigbox();
3611 &Header::closepage();
IPFire 2.x development tree