#!/usr/bin/perl
-#
-# (c) 2001 Jack Beglinger <jackb_guppy@yahoo.com>
-#
-# (c) 2003 Dave Roberts <countzerouk@hotmail.com> - colour coded netfilter/iptables rewrite for 1.3
-#
-# (c) 2006 Franck - add sorting+filtering capability
-#
-# (c) 2006 Peter Schälchli -inetwork (bug)
-#
-
-# Setup GREEN, ORANGE, IPFIRE, VPN CIDR networks, masklengths and colours only once
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
my @network=();
my @masklen=();
# enable only the following on debugging purpose
#use warnings;
-use CGI::Carp 'fatalsToBrowser';
+#use CGI::Carp 'fatalsToBrowser';
require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
my %netsettings=();
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-open (ACTIVE, 'iptstate -1rbt |') or die 'Unable to open ip_conntrack';
+open (ACTIVE, '/usr/local/bin/getiptstate |') or die 'Unable to open ip_conntrack';
my @active = <ACTIVE>;
close (ACTIVE);
-my @vpn = ('none');
-#open (ACTIVE, "/proc/net/ipsec_eroute") and @vpn = <ACTIVE>;
-#close (ACTIVE);
+if (open(IP, "${General::swroot}/red/local-ipaddress")) {
+ my $redip = <IP>;
+ close(IP);
+ chomp $redip;
+ push(@network, $redip);
+ push(@masklen, '255.255.255.255' );
+ push(@colour, ${Header::colourfw} );
+}
+
+my @vpn = `grep "rightsubnet=" /etc/ipsec.conf | cut -f2 -d"=" | sed "s|/| |g"`;
+ foreach my $route (@vpn) {
+ chomp($route);
+ my @temp = split(/[\t ]+/, $route);
+ if ( $temp[0] eq '$redip' ){next;}
+ push(@network, $temp[0]);
+ push(@masklen, $temp[1]);
+ push(@colour, ${Header::colourvpn} );
+ }
my $aliasfile = "${General::swroot}/ethernet/aliases";
open(ALIASES, $aliasfile) or die 'Unable to open aliases file.';
push(@masklen, $tempovpnsubnet[1]);
push(@colour, ${Header::colourovpn} );
- if ( ($ovpnsettings{'ENABLED'} eq 'on') && open(IP, "${General::swroot}/red/local-ipaddress") ) {
- # add RED:port / proto
- my $redip = <IP>;
- close(IP);
- chomp $redip;
- push(@network, $redip );
- push(@masklen, '255.255.255.255' );
- push(@colour, ${Header::colourovpn} );
- }
+
if ( ($ovpnsettings{'ENABLED_BLUE'} eq 'on') && $netsettings{'BLUE_DEV'} ) {
# add BLUE:port / proto
push(@network, $netsettings{'BLUE_ADDRESS'} );
push(@colour, ${Header::colourvpn} );
}
}
-if (open(IP, "${General::swroot}/red/local-ipaddress")) {
- my $redip = <IP>;
- close(IP);
- chomp $redip;
- push(@network, $redip);
- push(@masklen, '255.255.255.255' );
- push(@colour, ${Header::colourfw} );
-}
-
#Establish simple filtering&sorting boxes on top of table
my ($sip, $sport) = split(':', $temp[0]);
my ($dip, $dport) = split(':', $temp[1]);
my $proto = $temp[2];
- my $state = $temp[3];
- my $ttl = $temp[4];
+ my $state; my $ttl;
+ if ( $proto eq "esp" ){$state = "";$ttl = $temp[3];}
+ elsif ( $proto eq "icmp" ){$state = "";$ttl = $temp[4];}
+ else{$state = $temp[3];$ttl = $temp[4];}
next if( !(
(($cgiparams{'SEE_PROTO'} eq $Lang::tr{'all'}) || ($proto eq $cgiparams{'SEE_PROTO'} ))
</a>
</td>
<td align='center'>$proto</td>
- <td align='center' bgcolor="${Header::table1colour}">$state</td>
+ <td align='center'>$state</td>
<td align='center'>$ttl</td>
</tr>
END