my %aliases=();
require '/var/ipfire/general-functions.pl';
+require '/var/ipfire/geoip-functions.pl';
my $confignet = "${General::swroot}/fwhosts/customnetworks";
my $confighost = "${General::swroot}/fwhosts/customhosts";
my $val=shift;
my $field=shift;
foreach my $key (sort {$a <=> $b} keys %ipsecconf){
+ #adapt $val to reflect real name without subnet (if rule with only one ipsec subnet is created)
+ my @tmpval = split (/\|/, $val);
+ $val = $tmpval[0];
if($ipsecconf{$key}[1] eq $val){
return $ipsecconf{$key}[$field];
}
}
}
}
+sub get_ipsec_id {
+ my $val = shift;
+
+ foreach my $key (keys %ipsecconf) {
+ if ($ipsecconf{$key}[1] eq $val) {
+ return $key;
+ }
+ }
+}
sub get_ovpn_n2n_ip
{
my $val=shift;
# IPsec networks.
} elsif ($key ~~ ["ipsec_net_src", "ipsec_net_tgt", "IpSec Network"]) {
- my $network_address = &get_ipsec_net_ip($value, 11);
- my @nets = split(/\|/, $network_address);
- foreach my $net (@nets) {
- push(@ret, [$net, ""]);
+ #Check if we have multiple subnets and only want one of them
+ if ( $value =~ /\|/ ){
+ my @parts = split(/\|/, $value);
+ push(@ret, [$parts[1], ""]);
+ }else{
+ my $interface_mode = &get_ipsec_net_ip($value, 36);
+ if ($interface_mode ~~ ["gre", "vti"]) {
+ my $id = &get_ipsec_id($value);
+ push(@ret, ["0.0.0.0/0", "${interface_mode}${id}"]);
+ } else {
+ my $network_address = &get_ipsec_net_ip($value, 11);
+ my @nets = split(/\|/, $network_address);
+ foreach my $net (@nets) {
+ push(@ret, [$net, ""]);
+ }
+ }
}
# The firewall's own IP addresses.
}
sub get_geoip_locations() {
- # Path to the directory which contains the binary geoip
- # databases.
- my $directory="/usr/share/xt_geoip/LE";
-
- # Array to store the final country list.
- my @country_codes = ();
-
- # Open location and do a directory listing.
- opendir(DIR, "$directory");
- my @locations = readdir(DIR);
- closedir(DIR);
-
- # Loop through the directory listing, and cut of the file extensions.
- foreach my $location (sort @locations) {
- # skip . and ..
- next if($location =~ /^\.$/);
- next if($location =~ /^\.\.$/);
-
- # Remove whitespaces.
- chomp($location);
-
- # Cut-off file extension.
- my ($country_code, $extension) = split(/\./, $location);
-
- # Add country code to array.
- push(@country_codes, $country_code);
- }
-
- # Return final array.
- return @country_codes;
+ return &GeoIP::get_geoip_locations();
}
return 1;