#!/usr/bin/perl
-#
-# (c) 2001 Jack Beglinger <jackb_guppy@yahoo.com>
-#
-# (c) 2003 Dave Roberts <countzerouk@hotmail.com> - colour coded netfilter/iptables rewrite for 1.3
-#
-# (c) 2006 Franck - add sorting+filtering capability
-#
-# (c) 2006 Peter Schälchli -inetwork (bug)
-#
-
-# Setup GREEN, ORANGE, IPFIRE, VPN CIDR networks, masklengths and colours only once
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
my @network=();
my @masklen=();
# enable only the following on debugging purpose
#use warnings;
-use CGI::Carp 'fatalsToBrowser';
+#use CGI::Carp 'fatalsToBrowser';
require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
my %netsettings=();
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-open (ACTIVE, 'iptstate -1rbt |') or die 'Unable to open ip_conntrack';
+open (ACTIVE, '/usr/local/bin/getiptstate |') or die 'Unable to open ip_conntrack';
my @active = <ACTIVE>;
close (ACTIVE);
-my @vpn = ` route -n | grep ipsec | awk '{ print \$1" "\$3}'`;
+if (open(IP, "${General::swroot}/red/local-ipaddress")) {
+ my $redip = <IP>;
+ close(IP);
+ chomp $redip;
+ push(@network, $redip);
+ push(@masklen, '255.255.255.255' );
+ push(@colour, ${Header::colourfw} );
+}
+
+my @vpn = `grep "rightsubnet=" /etc/ipsec.conf | cut -f2 -d"=" | sed "s|/| |g"`;
foreach my $route (@vpn) {
chomp($route);
my @temp = split(/[\t ]+/, $route);
+ if ( $temp[0] eq '$redip' ){next;}
push(@network, $temp[0]);
push(@masklen, $temp[1]);
push(@colour, ${Header::colourvpn} );
push(@colour, ${Header::colourvpn} );
}
}
-if (open(IP, "${General::swroot}/red/local-ipaddress")) {
- my $redip = <IP>;
- close(IP);
- chomp $redip;
- push(@network, $redip);
- push(@masklen, '255.255.255.255' );
- push(@colour, ${Header::colourfw} );
-}
-
#Establish simple filtering&sorting boxes on top of table