]> git.ipfire.org Git - ipfire-2.x.git/blob - html/cgi-bin/iptables.cgi
Merge branch 'master' into next
[ipfire-2.x.git] / html / cgi-bin / iptables.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 IPFire Team #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 require '/var/ipfire/general-functions.pl';
23 require "${General::swroot}/lang.pl";
24 require "${General::swroot}/header.pl";
25
26 #use warnings;
27 #use CGI::Carp 'fatalsToBrowser';
28
29 my $debug = 0;
30 my @iplines;
31 my $string = "";
32 my $lines = 0;
33 my @ipmanlines;
34 my $manlines = 0;
35 my @ipnatlines;
36 my $natlines = 0;
37 my %chains;
38 my %chainsman;
39 my %chainsnat;
40 my $chainname;
41 my $selectedchain;
42 my %netsettings = ();
43 my %cgiparams=();
44
45 &Header::getcgihash(\%cgiparams);
46
47 system('/usr/local/bin/getipstat');
48
49 &Header::showhttpheaders();
50 &Header::openpage($Lang::tr{'ipts'}, 1, '');
51 &Header::openbigbox('100%', 'LEFT');
52
53 # This debug is used to see what inputs are done via the cgi and
54 # what parameters are to be executed
55
56 if ( $debug ){
57 &Header::openbox('100%', 'center', 'DEBUG');
58 my $debugCount = 0;
59 foreach my $line (sort keys %cgiparams) {
60 print "$line = '$cgiparams{$line}'<br />\n";
61 $debugCount++;
62 }
63 print "&nbsp;Count: $debugCount\n";
64 &Header::closebox();
65 }
66
67 &Header::openbox('100%', 'LEFT', $Lang::tr{'ipts'}.':');
68
69 # If the cgi is called the first time the default chain is
70 # used, otherwise if user selected a chains in the selectboxes
71 # those one are displayed, it is possible to change all 3 at
72 # the same time
73
74 if ( $cgiparams{'selectedchain'} ne "" ){
75 my @multi = split(/\|/,$cgiparams{'selectedchain'});
76 $selectedchain = $multi[0];
77 } else {
78 $selectedchain = "INPUT";
79 }
80
81 print <<END
82
83 <div align='left'>
84 END
85 ;
86
87 # We´ll open the txt files and extract each line, if the line
88 # start with an Chain the the name, start- and endline of the
89 # chain is extracted into a hash
90
91 open (FILE, '/srv/web/ipfire/html/iptables.txt');
92 while (<FILE>){
93
94 $iplines[$lines] = $_;
95
96 if ( $_ =~ /^Chain/ ){
97
98 my @chainstring = split(/ /,$_);
99
100 if ( $chainname ne "" ){
101 $chains{$chainname."end"} = $lines-2;
102 }
103
104 $chainname = $chainstring[1];
105 $chains{$chainname."start"} = $lines;
106 }
107
108 $lines++;
109
110 }
111 $chains{$chainname."end"} = $lines-1;
112 close (FILE);
113
114 # now the chain hash is extracted to get the correct name of the chain
115 # all chains are displayed as a select box and can be choosen for display
116 # after this all corresponding lines for the chain are extraced and seperated
117 # into table rows, sometimes we need to handle leading blank so the offset is
118 # needed, some lines need to chomp trailing seperators. The interfaces and
119 # network addresses should be colorized by an extra function to make a nice
120 # colored gui
121
122 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
123 foreach (sort(keys(%chains))){
124
125 if ( $_ =~ /end$/ ){
126 next;
127 } else {
128 $_ =~ s/start$//gi;
129 }
130
131 print " <option value='".$_;
132 if ( $_ eq $selectedchain ){
133 print "' selected='selected' >".$_."</option>\n";
134 } else {
135 print "'>".$_."</option>\n";
136 }
137 }
138 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
139
140 $string = $iplines[$chains{$selectedchain."start"}];
141 $string =~ s/\s$//gi;
142
143 print "<strong>".$string."</strong><br />\n\n";
144 print "<table width='100%' cellspacing='1'>\n<tr>\n";
145 foreach (split(/ +/,$iplines[$chains{$selectedchain."start"}+1])){
146 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
147 print " <th align='left'><strong>".$_."</strong></th>\n";
148 }
149
150 print "</tr>\n";
151
152 print "<tr>\n";
153 print " <td width='0'></td>\n <td width='35'></td>\n <td width='35'></td>\n";
154 print " <td width='130'></td>\n <td width='30'></td>\n";
155 print " <td width='30'></td>\n <td width='40'></td>\n";
156 print " <td width='40'></td>\n <td width='95'></td>\n";
157 print " <td width='95'></td>\n <td width='260'></td>\n";
158 print "</tr>\n";
159
160
161 for(my $i = $chains{$selectedchain."start"}+2; $i <= $chains{$selectedchain."end"}; $i++) {
162 print "<tr>\n";
163
164 my @iptablesline = split(/ +/,$iplines[$i]);
165 my $offset=0;
166
167 if ( $iptablesline[0] eq "" ){
168 $offset=1;
169 }
170
171 print " <td></td>\n <td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
172 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
173 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header::colorize($iptablesline[5+$offset])."</td>\n";
174 print " <td>".&Header::colorize($iptablesline[6+$offset])."</td>\n";
175 print " <td>".&Header::colorize($iptablesline[7+$offset])."</td>\n";
176 print " <td>".&Header::colorize($iptablesline[8+$offset])."</td>\n <td>";
177
178 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
179 $string = $iptablesline[$i];
180 $string =~ s/\s$//gi;
181 print " ".$string;
182 }
183 print "</td>\n</tr>\n";
184 }
185 print "</table></div><br />";
186 &Header::closebox();
187
188 ## MANGLE
189 &Header::openbox('100%', 'LEFT', $Lang::tr{'iptmangles'}.':');
190
191 # If the cgi is called the first time the default chain is
192 # used, otherwise if user selected a chains in the selectboxes
193 # those one are displayed, it is possible to change all 3 at
194 # the same time
195
196 if ( $cgiparams{'selectedchain'} ne "" ){
197 my @multi = split(/\|/,$cgiparams{'selectedchain'});
198 $selectedchain = $multi[1];
199 } else {
200 $selectedchain = "PREROUTING";
201 }
202
203 print <<END
204
205 <div align='left'>
206 END
207 ;
208
209 # We´ll open the txt files and extract each line, if the line
210 # start with an Chain the the name, start- and endline of the
211 # chain is extracted into a hash
212
213 open (FILE, '/srv/web/ipfire/html/iptablesmangle.txt');
214 while (<FILE>){
215
216 $ipmlines[$manlines] = $_;
217
218 if ( $_ =~ /^Chain/ ){
219
220 my @chainstring = split(/ /,$_);
221
222 if ( $chainname ne "" ){
223 $chainsman{$chainname."end"} = $manlines-2;
224 }
225
226 $chainname = $chainstring[1];
227 $chainsman{$chainname."start"} = $manlines;
228 }
229
230 $manlines++;
231
232 }
233 $chainsman{$chainname."end"} = $manlines-1;
234 close (FILE);
235
236 # now the chain hash is extracted to get the correct name of the chain
237 # all chains are displayed as a select box and can be choosen for display
238 # after this all corresponding lines for the chain are extraced and seperated
239 # into table rows, sometimes we need to handle leading blank so the offset is
240 # needed, some lines need to chomp trailing seperators. The interfaces and
241 # network addresses should be colorized by an extra function to make a nice
242 # colored gui
243
244 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
245 foreach (sort(keys(%chainsman))){
246
247 if ( $_ =~ /end$/ ){
248 next;
249 } else {
250 $_ =~ s/start$//gi;
251 }
252
253 print " <option value='".$_;
254 if ( $_ eq $selectedchain ){
255 print "' selected='selected' >".$_."</option>\n";
256 } else {
257 print "'>".$_."</option>\n";
258 }
259 }
260 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
261
262 $string = $ipmanlines[$chainsman{$selectedchain."start"}];
263 $string =~ s/\s$//gi;
264
265 print "<strong>".$string."</strong><br />\n\n";
266 print "<table width='100%' cellspacing='1'>\n<tr>\n";
267 foreach (split(/ +/,$ipmlines[$chainsman{$selectedchain."start"}+1])){
268 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
269 print " <th align='left'><strong>".$_."</strong></th>\n";
270 }
271
272 print "</tr>\n";
273
274 print "<tr>\n";
275 print " <td width='0'></td>\n <td width='35'></td>\n <td width='35'></td>\n";
276 print " <td width='130'></td>\n <td width='30'></td>\n";
277 print " <td width='30'></td>\n <td width='40'></td>\n";
278 print " <td width='40'></td>\n <td width='95'></td>\n";
279 print " <td width='95'></td>\n <td width='260'></td>\n";
280 print "</tr>\n";
281
282 for(my $i = $chainsman{$selectedchain."start"}+2; $i <= $chainsman{$selectedchain."end"}; $i++) {
283 print "<tr>\n";
284 my @iptablesline = split(/ +/,$ipmlines[$i]);
285 my $offset=0;
286
287 if ( $iptablesline[0] eq "" ){
288 $offset=1;
289 }
290
291 print " <td></td>\n <td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
292 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
293 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header::colorize($iptablesline[5+$offset])."</td>\n";
294 print " <td>".&Header::colorize($iptablesline[6+$offset])."</td>\n";
295 print " <td>".&Header::colorize($iptablesline[7+$offset])."</td>\n";
296 print " <td>".&Header::colorize($iptablesline[8+$offset])."</td>\n <td>";
297
298 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
299 $string = $iptablesline[$i];
300 $string =~ s/\s$//gi;
301
302 # mangles with marks need to be converted from hex to number to show the correct qos class
303
304 if ( $string =~ /^0x/){
305 $string = hex($string);
306 }
307
308 print " ".$string;
309 }
310 print "</td>\n</tr>\n";
311 }
312 print "</table></div><br />";
313 &Header::closebox();
314
315 ## NAT
316 &Header::openbox('100%', 'LEFT', $Lang::tr{'iptnats'}.':');
317
318 # If the cgi is called the first time the default chain is
319 # used, otherwise if user selected a chains in the selectboxes
320 # those one are displayed, it is possible to change all 3 at
321 # the same time
322
323 if ( $cgiparams{'selectedchain'} ne "" ){
324 my @multi = split(/\|/,$cgiparams{'selectedchain'});
325 $selectedchain = $multi[2];
326 } else {
327 $selectedchain = "PREROUTING";
328 }
329
330 print <<END
331
332 <div align='left'>
333 END
334 ;
335
336 # We´ll open the txt files and extract each line, if the line
337 # start with an Chain the the name, start- and endline of the
338 # chain is extracted into a hash
339
340 open (FILE, '/srv/web/ipfire/html/iptablesnat.txt');
341 while (<FILE>){
342
343 $ipnatlines[$natlines] = $_;
344
345 if ( $_ =~ /^Chain/ ){
346
347 my @chainstring = split(/ /,$_);
348
349 if ( $chainname ne "" ){
350 $chainsnat{$chainname."end"} = $natlines-2;
351 }
352
353 $chainname = $chainstring[1];
354 $chainsnat{$chainname."start"} = $natlines;
355 }
356
357 $natlines++;
358
359 }
360 $chainsnat{$chainname."end"} = $natlines-1;
361 close (FILE);
362
363 # now the chain hash is extracted to get the correct name of the chain
364 # all chains are displayed as a select box and can be choosen for display
365 # after this all corresponding lines for the chain are extraced and seperated
366 # into table rows, sometimes we need to handle leading blank so the offset is
367 # needed, some lines need to chomp trailing seperators. The interfaces and
368 # network addresses should be colorized by an extra function to make a nice
369 # colored gui
370
371 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
372 foreach (sort(keys(%chainsnat))){
373
374 if ( $_ =~ /end$/ ){
375 next;
376 } else {
377 $_ =~ s/start$//gi;
378 }
379
380 print " <option value='".$_;
381 if ( $_ eq $selectedchain ){
382 print "' selected='selected' >".$_."</option>\n";
383 } else {
384 print "'>".$_."</option>\n";
385 }
386 }
387 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
388
389 $string = $ipnatlines[$chainsnat{$selectedchain."start"}];
390 $string =~ s/\s$//gi;
391
392 print "<strong>".$string."</strong><br />\n\n";
393 print "<table width='100%' cellspacing='1'>\n<tr>\n";
394 foreach (split(/ +/,$ipnatlines[$chainsnat{$selectedchain."start"}+1])){
395 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
396 print "<th align='left'><strong>".$_."</strong></th>\n";
397 }
398
399 print "</tr>\n";
400
401 print "<tr>\n";
402 print " <td width='0'></td>\n <td width='35'></td>\n <td width='35'></td>\n";
403 print " <td width='130'></td>\n <td width='30'></td>\n";
404 print " <td width='30'></td>\n <td width='40'></td>\n";
405 print " <td width='40'></td>\n <td width='95'></td>\n";
406 print " <td width='95'></td>\n <td width='260'></td>\n";
407 print "</tr>\n";
408
409 for(my $i = $chainsnat{$selectedchain."start"}+2; $i <= $chainsnat{$selectedchain."end"}; $i++) {
410 print "<tr>\n";
411 my @iptablesline = split(/ +/,$ipnatlines[$i]);
412 my $offset=0;
413
414 if ( $iptablesline[0] eq "" ){
415 $offset=1;
416 }
417
418 print " <td></td>\n<td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
419 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
420 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header::colorize($iptablesline[5+$offset])."</td>\n";
421 print " <td>".&Header::colorize($iptablesline[6+$offset])."</td>\n";
422 print " <td>".&Header::colorize($iptablesline[7+$offset])."</td>\n";
423 print " <td>".&Header::colorize($iptablesline[8+$offset])."</td>\n <td>";
424
425 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
426 $string = $iptablesline[$i];
427 $string =~ s/\s$//gi;
428 print " ".$string;
429 }
430 print "</td>\n</tr>\n";
431 }
432 print "</table></div><br />";
433 &Header::closebox();
434 &Header::closebigbox();
435 &Header::closepage();
436
437 system(rm -f "/srv/web/ipfire/html/iptables.txt");
438 system(rm -f "/srv/web/ipfire/html/iptablesmangle.txt");
439 system(rm -f "/srv/web/ipfire/html/iptablesnat.txt");