use strict;
use Socket;
use IO::Socket;
+use Net::SSLeay;
+use Net::IPv4Addr;
$|=1; # line buffering
$General::version = 'VERSION';
$General::swroot = 'CONFIG_ROOT';
$General::noipprefix = 'noipg-';
-$General::adminmanualurl = 'http://users.ipfire.eu';
+$General::adminmanualurl = 'http://wiki.ipfire.org';
+#
+# log ("message") use default 'ipcop' tag
+# log ("tag","message") use your tag
+#
sub log
{
+ my $tag='ipfire';
+ $tag = shift if (@_>1);
my $logmessage = $_[0];
$logmessage =~ /([\w\W]*)/;
$logmessage = $1;
- system('/usr/bin/logger', '-t', 'ipfire', $logmessage);
+ system('logger', '-t', $tag, $logmessage);
}
sub readhash
$val =~ s/\'$//g;
# Untaint variables read from hash
- $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
- $val =~ /([\w\W]*)/; $val = $1;
+ # trim space from begin and end
+ $var =~ s/^\s+//;
+ $var =~ s/\s+$//;
+ $var =~ /([A-Za-z0-9_-]*)/;
+ $var = $1;
+ $val =~ /([\w\W]*)/;
+ $val = $1;
$hash->{$var} = $val;
}
}
flock FILE, 2;
foreach $var (keys %$hash)
{
+ if ( $var eq "__CGI__"){next;}
$val = $hash->{$var};
# Darren Critchley Jan 17, 2003 added the following because when submitting with a graphic, the x and y
# location of the mouse are submitted as well, this was being written to the settings file causing
close FILE;
}
+sub writehashpart
+{
+ # This function replaces the given hash in the original hash by keeping the old
+ # content and just replacing the new content
+
+ my $filename = $_[0];
+ my $newhash = $_[1];
+ my %oldhash;
+ my ($var, $val);
+
+ readhash("${filename}", \%oldhash);
+
+ foreach $var (keys %$newhash){
+ $oldhash{$var}=$newhash->{$var};
+ }
+
+ # write cgi vars to the file.
+ open(FILE, ">${filename}") or die "Unable to write file $filename";
+ flock FILE, 2;
+ foreach $var (keys %oldhash)
+ {
+ if ( $var eq "__CGI__"){next;}
+ $val = $oldhash{$var};
+ # Darren Critchley Jan 17, 2003 added the following because when submitting with a graphic, the x and y
+ # location of the mouse are submitted as well, this was being written to the settings file causing
+ # some serious grief! This skips the variable.x and variable.y
+ if (!($var =~ /(.x|.y)$/)) {
+ if ($val =~ / /) {
+ $val = "\'$val\'"; }
+ if (!($var =~ /^ACTION/)) {
+ print FILE "${var}=${val}\n"; }
+ }
+ }
+ close FILE;
+}
sub age
{
return 0;
}
+sub validproxyport
+{
+ $_ = $_[0];
+
+ if (!/^\d+$/) {
+ return 0; }
+ if (/^0./) {
+ return 0; }
+ if ($_ == 53 || $_ == 222 || $_ == 444 || $_ == 81 ) {
+ return 0; }
+ elsif ($_ >= 1 && $_ <= 65535) {
+ return 1; }
+ return 0;
+}
+
sub validmac
{
my $checkmac = $_[0];
return (($ip >= $start) && ($ip <= $end));
}
+#
+# Return the following IP (IP+1) in dotted notation.
+# Call: NextIP ('1.1.1.1');
+# Return: '1.1.1.2'
+#
+sub NextIP
+{
+ return &Socket::inet_ntoa( pack("N", 1 + unpack('N', &Socket::inet_aton(shift))
+ )
+ );
+}
+
+sub ipcidr
+{
+ my ($ip,$cidr) = &Net::IPv4Addr::ipv4_parse(shift);
+ return "$ip\/$cidr";
+}
+
+sub ipcidr2msk
+{
+ my ($ip,$cidr) = &Net::IPv4Addr::ipv4_parse(shift);
+ my $netmask = &Net::IPv4Addr::ipv4_cidr2msk($cidr);
+ return "$ip\/$netmask";
+}
+
+
sub validemail {
my $mail = shift;
return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ );
return 1;
}
+#
+# Currently only vpnmain use this three procs (readhasharray, writehasharray, findhasharray)
+# The 'key' used is numeric but is perfectly unneeded! This will to be removed so don't use
+# this code. Vpnmain will be splitted in parts: x509/pki, connection ipsec, connection other,... .
+#
sub readhasharray {
my ($filename, $hash) = @_;
%$hash = ();
my ($key, $rest, @temp);
chomp;
($key, $rest) = split (/,/, $_, 2);
- if ($key =~ /^[0-9]+$/ && $rest) {
+ if ($key =~ /^[0-9]+$/) {
@temp = split (/,/, $rest);
$hash->{$key} = \@temp;
}
open(FILE, ">$filename") or die "Unable to write to file $filename";
foreach $key (keys %$hash) {
- if ( $hash->{$key} ) {
+ if ($key =~ /^[0-9]+$/) {
print FILE "$key";
foreach $i (0 .. $#{$hash->{$key}}) {
print FILE ",$hash->{$key}[$i]";
}
+ print FILE "\n";
}
- print FILE "\n";
}
close FILE;
return;
}
return $ip;
}
+
+# Translate ICMP code to text
+# ref: http://www.iana.org/assignments/icmp-parameters
+sub GetIcmpDescription ($) {
+ my $index = shift;
+ my @icmp_description = (
+ 'Echo Reply', #0
+ 'Unassigned',
+ 'Unassigned',
+ 'Destination Unreachable',
+ 'Source Quench',
+ 'Redirect',
+ 'Alternate Host Address',
+ 'Unassigned',
+ 'Echo',
+ 'Router Advertisement',
+ 'Router Solicitation', #10
+ 'Time Exceeded',
+ 'Parameter Problem',
+ 'Timestamp',
+ 'Timestamp Reply',
+ 'Information Request',
+ 'Information Reply',
+ 'Address Mask Request',
+ 'Address Mask Reply',
+ 'Reserved (for Security)',
+ 'Reserved (for Robustness Experiment)', #20
+ 'Reserved',
+ 'Reserved',
+ 'Reserved',
+ 'Reserved',
+ 'Reserved',
+ 'Reserved',
+ 'Reserved',
+ 'Reserved',
+ 'Reserved',
+ 'Traceroute', #30
+ 'Datagram Conversion Error',
+ 'Mobile Host Redirect',
+ 'IPv6 Where-Are-You',
+ 'IPv6 I-Am-Here',
+ 'Mobile Registration Request',
+ 'Mobile Registration Reply',
+ 'Domain Name Request',
+ 'Domain Name Reply',
+ 'SKIP',
+ 'Photur', #40
+ 'Experimental');
+ if ($index>41) {return 'unknown'} else {return @icmp_description[$index]};
+}
1;