my ($key1,$flag1,$prot1,$ipfireport1,$target1,$targetport1,$active1,$alias1,$source1,$remark1);
my $count=0;
my $jump;
+
+if (! -e "$portfwconfig") {
+ print "Config file for portforward not found. Exiting!\n";
+ exit(1);
+}
+
+if (! -s "$portfwconfig") {
+ print "Empty portforward configuration file. Nothing to do. Exiting...\n";
+ exit(0);
+}
+
if(! -d "/var/log/converters"){ mkdir("/var/log/converters");}
open(FILE, $portfwconfig) or die 'Unable to open config file.';
my @current = <FILE>;
&write_rules;
sub get_config
{
+ my $baseipfireport;
+ my $basesource;
print LOG "STEP 1: Get config from old portforward\n#########################################\n";
foreach my $line (@current){
- if($jump eq '1'){
- $jump='';
- $count++;
- next;
- }
my $u=$count+1;
($key,$flag,$prot,$ipfireport,$target,$targetport,$active,$alias,$source,$remark) = split(",",$line);
($key1,$flag1,$prot1,$ipfireport1,$target1,$targetport1,$active1,$alias1,$source1,$remark1) = split(",",$current[$u]);
- if ($flag1 eq '1'){
- $source=$source1;
- $jump='1';
+ if ($key == $key1 && $flag == '0'){
+ $baseipfireport = $ipfireport;
+ }
+ if ($key == $key1 && $flag1 == '1'){
+ $count++;
+ next;
}
my $now=localtime;
chomp($remark);
- print LOG "$now processing-> KEY: $key FLAG: $flag PROT: $prot FIREPORT: $ipfireport TARGET: $target TGTPORT: $targetport ACTIVE: $active ALIAS: $alias SOURCE: $source REM: $remark Doublerule: $jump\n";
- push (@values,$prot.",".$ipfireport.",".$target.",".$targetport.",".$active.",".$alias.",".$source.",".$remark);
+ print LOG "$now processing-> KEY: $key FLAG: $flag PROT: $prot FIREPORT: $baseipfireport TARGET: $target TGTPORT: $targetport ACTIVE: $active ALIAS: $alias SOURCE: $source REM: $remark Doublerule: $jump\n";
+ push (@values,$prot.",".$baseipfireport.",".$target.",".$targetport.",".$active.",".$alias.",".$source.",".$remark);
$count++;
}
}
}else{
$src = 'src_addr';
my ($a,$b) = split("/",$source);
- $src1 = $a."/32";
+ if ($b != ''){
+ $b = &General::iporsubtocidr($b);
+ }else{
+ $b = "32";
+ }
+ $src1 = $a."/".$b;
}
#get ipfire ip
- if($alias eq '0.0.0.0'){
- $alias='ALL';
+ if($alias eq '0.0.0.0' || $alias eq '0'){
+ $alias='Default IP';
}else{
foreach my $ali (@alias){
my ($alias_ip,$alias_active,$alias_name) = split (",",$ali);
$active = uc $active;
$prot = uc $prot;
chomp($remark);
- push (@built_rules,"ACCEPT,FORWARDFW,$active,$src,$src1,tgt_addr,$target/32,ON,$prot,,TGT_PORT,$targetport,$remark,00:00,00:00,ON,$alias,$ipfireport,dnat");
+ push (@built_rules,"ACCEPT,FORWARDFW,$active,$src,$src1,tgt_addr,$target/32,,$prot,,TGT_PORT,$targetport,$remark,00:00,00:00,ON,$alias,$ipfireport,dnat");
my $now=localtime;
- print LOG "$now Converted-> KEY: $count ACCEPT,FORWARDFW,$active,$src,$src1,tgt_addr,$target/32,ON,$prot,,TGT_PORT,$targetport,$remark,00:00,00:00,ON,$alias,$ipfireport,dnat\n";
+ print LOG "$now Converted-> KEY: $count ACCEPT,FORWARDFW,$active,$src,$src1,tgt_addr,$target/32,*,$prot,,TGT_PORT,$targetport,$remark,00:00,00:00,ON,$alias,$ipfireport,dnat\n";
}
}
sub write_rules
&General::readhasharray($confignat,\%nat);
foreach my $line (@built_rules){
$skip='';
- my ($action,$chain,$active,$src,$src1,$tgt,$tgt1,$use_prot,$prot,$dummy,$tgt_port,$tgt_port1,$remark,$from,$to,$use_port,$alias,$ipfireport,$dnat) = split (",",$line);
+ my ($action,$chain,$active,$src,$src1,$tgt,$tgt1,$dummy,$prot,$dummy,$tgt_port,$tgt_port1,$remark,$from,$to,$use_port,$alias,$ipfireport,$dnat) = split (",",$line);
foreach my $key (sort keys %nat){
- if ($line eq "$nat{$key}[0],$nat{$key}[1],$nat{$key}[2],$nat{$key}[3],$nat{$key}[4],$nat{$key}[5],$nat{$key}[6],$nat{$key}[11],$nat{$key}[12],$nat{$key}[13],$nat{$key}[14],$nat{$key}[15],$nat{$key}[16],$nat{$key}[26],$nat{$key}[27],$nat{$key}[28],$nat{$key}[29],$nat{$key}[30],$nat{$key}[31]"){
+ if ($line eq "$nat{$key}[0],$nat{$key}[1],$nat{$key}[2],$nat{$key}[3],$nat{$key}[4],$nat{$key}[5],$nat{$key}[6],$nat{$key}[7],$nat{$key}[8],$nat{$key}[11],$nat{$key}[14],$nat{$key}[15],$nat{$key}[16],$nat{$key}[26],$nat{$key}[27],$nat{$key}[28],$nat{$key}[29],$nat{$key}[30],$nat{$key}[31]"){
my $now=localtime;
- print LOG "$now SKIP-> Rule $nat{$key}[0],$nat{$key}[1],$nat{$key}[2],$nat{$key}[3],$nat{$key}[4],$nat{$key}[5],$nat{$key}[6],$nat{$key}[11],$nat{$key}[12],$nat{$key}[13],$nat{$key}[14],$nat{$key}[15],$nat{$key}[16],$nat{$key}[26],$nat{$key}[27],$nat{$key}[28],$nat{$key}[29],$nat{$key}[30],$nat{$key}[31] ->EXISTS\n";
+ print LOG "$now SKIP-> Rule $nat{$key}[0],$nat{$key}[1],$nat{$key}[2],$nat{$key}[3],$nat{$key}[4],$nat{$key}[5],$nat{$key}[6],$nat{$key}[7],$nat{$key}[8],$nat{$key}[11],$nat{$key}[14],$nat{$key}[15],$nat{$key}[16],$nat{$key}[26],$nat{$key}[27],$nat{$key}[28],$nat{$key}[29],$nat{$key}[30],$nat{$key}[31] ->EXISTS\n";
$skip='1';
}
}
if ($skip ne '1'){
+ if ( $prot eq 'GRE'){
+ $tgt_port='';
+ $tgt_port1='';
+ $use_port='';
+ $ipfireport='';
+ $use_prot='';
+ }
$id = &General::findhasharraykey(\%nat);
$nat{$id}[0] = $action;
$nat{$id}[1] = $chain;
$nat{$id}[4] = $src1;
$nat{$id}[5] = $tgt;
$nat{$id}[6] = $tgt1;
- $nat{$id}[11] = $use_prot;
- $nat{$id}[12] = $prot;
- $nat{$id}[13] = $dummy;
+ $nat{$id}[7] = $dummy;
+ $nat{$id}[8] = $prot;
+ $nat{$id}[11] = $use_port;
$nat{$id}[14] = $tgt_port;
$nat{$id}[15] = $tgt_port1;
$nat{$id}[16] = $remark;