my $fwdfwconfig = "${General::swroot}/firewall/config";
my $outfwconfig = "${General::swroot}/firewall/outgoing";
my $fwdfwsettings = "${General::swroot}/firewall/settings";
-my @ipgroups = qx(ls $ipgrouppath);
-my @macgroups = qx(ls $macgrouppath);
+my @ipgroups = qx(ls $ipgrouppath 2>/dev/null);
+my @macgroups = qx(ls $macgrouppath 2>/dev/null);
my @hostarray=();
my %outsettings=();
my %hosts=();
my %ovpnSettings = ();
my @active= ('Aktiv', 'aktiv', 'Active', 'Activo', 'Actif', 'Actief', 'Aktywne', 'Активен', 'Aktif');
&General::readhash("${General::swroot}/ovpn/settings", \%ovpnSettings);
-&General::readhash($outfwsettings,\%outsettings);
&General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
+if (-e "$outfwsettings") {
+ &General::readhash($outfwsettings,\%outsettings);
+}
+else
+{
+ print "Config file for outgoing-firewall not found. Exiting!\n";
+ exit(1);
+}
+
+if (! -s "$outfwsettings") {
+ print "Empty DMZ configuration file. Nothing to do. Exiting...\n";
+ #Fill the firewall settings file
+ open (SETTINGS, ">/var/ipfire/firewall/settings");
+ print SETTINGS "POLICY=MODE2\n";
+ print SETTINGS "POLICY1=MODE2\n";
+ close (SETTINGS);
+ exit(0);
+}
+
#ONLY RUN if /var/ipfire/outgoing exists
if ( -d "/var/ipfire/outgoing"){
&process_groups;
&process_rules;
&process_p2p;
}
+else
+{
+ print "/var/ipfire/outgoing not found. Exiting!\n";
+ exit 1
+}
+
system("/usr/local/bin/firewallctrl");
+
sub process_groups
{
if(! -d "/var/log/converters"){ mkdir("/var/log/converters");}
foreach my $group (@macgroups){
chomp $group;
print LOG "\nProcessing MAC-GROUP: $group...\n";
- open (DATEI, "<$macgrouppath/$group");
+ open (DATEI, "<$macgrouppath/$group") or die 'Unable to open config file.';
my @zeilen = <DATEI>;
foreach my $mac (@zeilen){
chomp($mac);
sub process_p2p
{
copy("/var/ipfire/outgoing/p2protocols","/var/ipfire/firewall/p2protocols");
- chmod oct('0777'), '/var/ipfire/firewall/p2protocols';
+ chown 99, 99, '/var/ipfire/firewall/p2protocols';
}