]>
git.ipfire.org Git - people/teissler/ipfire-2.x.git/blob - html/cgi-bin/xtaccess.cgi
2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007 Michael Tremer & Christian Schmidt #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
24 # enable only the following on debugging purpose
26 #use CGI::Carp 'fatalsToBrowser';
28 require '/var/ipfire/general-functions.pl';
29 require "${General::swroot}/lang.pl";
30 require "${General::swroot}/header.pl";
32 #workaround to suppress a warning when a variable is used only once
33 my @dummy = ( ${Header
::colouryellow
} );
39 my $errormessage = '';
40 my $filename = "${General::swroot}/xtaccess/config";
41 my $aliasfile = "${General::swroot}/ethernet/aliases";
45 my %mainsettings = ();
46 &General
::readhash
("${General::swroot}/main/settings", \
%mainsettings);
47 &General
::readhash
("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \
%color);
49 &Header
::showhttpheaders
();
51 $cgiparams{'ENABLED'} = 'off';
52 $cgiparams{'ACTION'} = '';
53 $cgiparams{'SRC'} = '';
54 $cgiparams{'DEST_PORT'} = '';
55 $cgiparams{'REMARK'} ='';
56 &Header
::getcgihash
(\
%cgiparams);
57 open(FILE
, $filename) or die 'Unable to open config file.';
61 if ($cgiparams{'ACTION'} eq $Lang::tr
{'add'})
63 unless($cgiparams{'PROTOCOL'} =~ /^(tcp|udp)$/) { $errormessage = $Lang::tr
{'invalid input'}; }
64 unless(&General
::validipormask
($cgiparams{'SRC'}))
66 if ($cgiparams{'SRC'} ne '') {
67 $errormessage = $Lang::tr
{'source ip bad'}; }
69 $cgiparams{'SRC'} = '0.0.0.0/0'; }
71 unless($errormessage){ $errormessage = &General
::validportrange
($cgiparams{'DEST_PORT'},'dst'); }
74 $cgiparams{'REMARK'} = &Header
::cleanhtml
($cgiparams{'REMARK'});
76 if($cgiparams{'EDITING'} eq 'no') {
77 open(FILE
,">>$filename") or die 'Unable to open config file.';
79 print FILE
"$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";
81 open(FILE
, ">$filename") or die 'Unable to open config file.';
84 foreach my $line (@current)
87 if ($cgiparams{'EDITING'} eq $id) {
88 print FILE
"$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";
89 } else { print FILE
"$line"; }
95 &General
::log($Lang::tr
{'external access rule added'});
96 system('/usr/local/bin/setxtaccess');
98 # stay on edit mode if an error occur
99 if ($cgiparams{'EDITING'} ne 'no')
101 $cgiparams{'ACTION'} = $Lang::tr
{'edit'};
102 $cgiparams{'ID'} = $cgiparams{'EDITING'};
106 if ($cgiparams{'ACTION'} eq $Lang::tr
{'remove'})
109 open(FILE
, ">$filename") or die 'Unable to open config file.';
111 foreach my $line (@current)
114 unless ($cgiparams{'ID'} eq $id) { print FILE
"$line"; }
117 system('/usr/local/bin/setxtaccess');
118 &General
::log($Lang::tr
{'external access rule removed'});
120 if ($cgiparams{'ACTION'} eq $Lang::tr
{'toggle enable disable'})
122 open(FILE
, ">$filename") or die 'Unable to open config file.';
125 foreach my $line (@current)
128 unless ($cgiparams{'ID'} eq $id) { print FILE
"$line"; }
132 my @temp = split(/\,/,$line);
133 print FILE
"$temp[0],$temp[1],$temp[2],$cgiparams{'ENABLE'},$temp[4],$temp[5]\n";
137 system('/usr/local/bin/setxtaccess');
139 if ($cgiparams{'ACTION'} eq $Lang::tr
{'edit'})
142 foreach my $line (@current)
145 if ($cgiparams{'ID'} eq $id)
148 my @temp = split(/\,/,$line);
149 $cgiparams{'PROTOCOL'} = $temp[0];
150 $cgiparams{'SRC'} = $temp[1];
151 $cgiparams{'DEST_PORT'} = $temp[2];
152 $cgiparams{'ENABLED'} = $temp[3];
153 $cgiparams{'DEST'} = $temp[4];
154 $cgiparams{'REMARK'} = $temp[5];
159 if ($cgiparams{'ACTION'} eq '')
161 $cgiparams{'PROTOCOL'} = 'tcp';
162 $cgiparams{'DEST'} = '0.0.0.0';
163 $cgiparams{'ENABLED'} = 'on';
166 $selected{'PROTOCOL'}{'udp'} = '';
167 $selected{'PROTOCOL'}{'tcp'} = '';
168 $selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = "selected='selected'";
170 $selected{'DEST'}{$cgiparams{'DEST'}} = "selected='selected'";
172 $checked{'ENABLED'}{'off'} = '';
173 $checked{'ENABLED'}{'on'} = '';
174 $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";
176 &Header
::openpage
($Lang::tr
{'external access configuration'}, 1, '');
178 &Header
::openbigbox
('100%', 'left', '', $errormessage);
181 &Header
::openbox
('100%', 'left', $Lang::tr
{'error messages'});
182 print "<class name='base'>$errormessage\n";
183 print " </class>\n";
187 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
189 my $buttontext = $Lang::tr
{'add'};
190 if ($cgiparams{'ACTION'} eq $Lang::tr
{'edit'}) {
191 &Header
::openbox
('100%', 'left', $Lang::tr
{'edit a rule'});
192 $buttontext = $Lang::tr
{'update'};
194 &Header
::openbox
('100%', 'left', $Lang::tr
{'add a new rule'});
200 <select name='PROTOCOL'>
201 <option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
202 <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option>
205 <td class='base'><font color='${Header::colourred}'>$Lang::tr{'source network'}</font></td>
206 <td><input type='text' name='SRC' value='$cgiparams{'SRC'}' size='32' /></td>
207 <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination port'}:</font></td>
208 <td><input type='text' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td>
213 <td width='10%' class='base'>$Lang::tr{'enabled'}<input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
214 <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination ip'}: </font>
216 <option value='0.0.0.0' $selected{'DEST'}{'0.0.0.0'}>DEFAULT IP</option>
220 open(ALIASES
, "$aliasfile") or die 'Unable to open aliases file.';
224 my @temp = split(/\,/,$_);
225 if ($temp[1] eq 'on') {
226 print "<option value='$temp[0]' $selected{'DEST'}{$temp[0]}>$temp[0]";
227 if (defined $temp[2] and ($temp[2] ne '')) { print " ($temp[2])"; }
239 <td width ='10%' class='base'>
240 <font class='boldbase'>$Lang::tr{'remark'}:</font> <img src='/blob.gif' alt='*' />
243 <input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' />
245 <td width='25%' align='center'>
246 <input type='hidden' name='ACTION' value='$Lang::tr{'add'}' />
247 <input type='submit' name='SUBMIT' value='$buttontext' />
253 <td class='base' width='30%'><img src='/blob.gif' alt ='*' align='top' /> <font class='base'>$Lang::tr{'this field may be blank'}</font>
259 if ($cgiparams{'ACTION'} eq $Lang::tr
{'edit'}) {
260 print "<input type='hidden' name='EDITING' value='$cgiparams{'ID'}' />\n";
262 print "<input type='hidden' name='EDITING' value='no' />\n";
268 &Header
::openbox
('100%', 'left', $Lang::tr
{'current rules'});
272 <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'proto'}</b></td>
273 <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'source ip'}</b></td>
274 <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'destination ip'}</b></td>
275 <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'destination port'}</b></td>
276 <td width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></td>
277 <td width='5%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
282 # If something has happened re-read config
283 if($cgiparams{'ACTION'} ne '' or $changed ne 'no')
285 open(FILE
, $filename) or die 'Unable to open config file.';
290 foreach my $line (@current)
294 my @temp = split(/\,/,$line);
299 if ($temp[0] eq 'udp') {
303 if($cgiparams{'ACTION'} eq $Lang::tr
{'edit'} && $cgiparams{'ID'} eq $id) {
304 print "<tr bgcolor='${Header::colouryellow}'>\n"; }
306 print "<tr bgcolor='$color{'color22'}'>\n"; }
308 print "<tr bgcolor='$color{'color20'}'>\n"; }
309 if ($temp[3] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr
{'click to disable'};}
310 else { $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr
{'click to enable'}; }
311 if ($temp[1] eq '0.0.0.0/0') {
312 $temp[1] = $Lang::tr
{'caps all'}; }
313 # catch for 'old-style' rules file - assume default ip if
315 if (!&General
::validip
($temp[4]) || $temp[4] eq '0.0.0.0') {
316 $temp[4] = 'DEFAULT IP'; }
317 $temp[5] = '' unless defined $temp[5];
319 <td align='center'>$protocol</td>
320 <td align='center'>$temp[1]</td>
321 <td align='center'>$temp[4]</td>
322 <td align='center'>$temp[2]</td>
323 <td align='left'> $temp[5]</td>
325 <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
326 <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' />
327 <input type='hidden' name='ID' value='$id' />
328 <input type='hidden' name='ENABLE' value='$toggle' />
329 <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
333 <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
334 <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' />
335 <input type='hidden' name='ID' value='$id' />
336 <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
340 <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
341 <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
342 <input type='hidden' name='ID' value='$id' />
343 <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
353 # If the xt access file contains entries, print Key to action icons
354 if ( ! -z
"$filename") {
358 <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
359 <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
360 <td class='base'>$Lang::tr{'click to disable'}</td>
361 <td> <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
362 <td class='base'>$Lang::tr{'click to enable'}</td>
363 <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
364 <td class='base'>$Lang::tr{'edit'}</td>
365 <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
366 <td class='base'>$Lang::tr{'remove'}</td>
375 &Header
::closebigbox
();
377 &Header
::closepage
();