X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=html%2Fcgi-bin%2Fnetexternal.cgi;h=299612d4c799051bd7958eae685db19230edf14d;hb=ebfb8996930ec1e3b4f7d09208d2ab60a8f30603;hp=fba57605ba169e1dfcd5f49a7da306c34ce95b59;hpb=5dcc7ad75483fec9889d05213da1eaf355f9f0ad;p=ipfire-2.x.git

diff --git a/html/cgi-bin/netexternal.cgi b/html/cgi-bin/netexternal.cgi
index fba57605ba..299612d4c7 100644
--- a/html/cgi-bin/netexternal.cgi
+++ b/html/cgi-bin/netexternal.cgi
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2008  Michael Tremer & Christian Schmidt                      #
+# Copyright (C) 2005-2010  IPFire Team                                        #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -76,6 +76,86 @@ if ( $querry[0] ne~ ""){
 		&Header::closebox();
 	}
 
+	## DNSSEC
+	my @nameservers = ();
+	foreach my $f ("${General::swroot}/red/dns1", "${General::swroot}/red/dns2") {
+		open(DNS, "<$f");
+		my $nameserver = <DNS>;
+		close(DNS);
+
+		chomp($nameserver);
+		if ($nameserver) {
+			push(@nameservers, $nameserver);
+		}
+	}
+
+	&Header::openbox('100%', 'center', $Lang::tr{'dnssec information'});
+
+	print <<END;
+		<table class="tbl" width='66%'>
+			<thead>
+				<tr>
+					<th align="center">
+						<strong>$Lang::tr{'nameserver'}</strong>
+					</th>
+					<th align="center">
+						<strong>$Lang::tr{'status'}</strong>
+					</th>
+				</tr>
+			</thead>
+			<tbody>
+END
+
+	my $id = 0;
+	for my $nameserver (@nameservers) {
+		my $status = &check_dnssec($nameserver, "ping.ipfire.org");
+
+		my $colour = "";
+		my $bgcolour = "";
+		my $message = "";
+
+		# DNSSEC Not supported
+		if ($status == 0) {
+			$message = $Lang::tr{'dnssec not supported'};
+			$colour = "white";
+			$bgcolour = ${Header::colourred};
+
+		# DNSSEC Aware
+		} elsif ($status == 1) {
+			$message = $Lang::tr{'dnssec aware'};
+			$colour = "black";
+			$bgcolour = ${Header::colouryellow};
+
+		# DNSSEC Validating
+		} elsif ($status == 2) {
+			$message = $Lang::tr{'dnssec validating'};
+			$colour = "white";
+			$bgcolour = ${Header::colourgreen};
+
+		# Error
+		} else {
+			$colour = ${Header::colourred};
+		}
+
+		my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};
+
+		print <<END;
+			<tr bgcolor="$table_colour">
+				<td>$nameserver</td>
+				<td bgcolor="$bgcolour" align="center">
+					<font color="$colour"><strong>$message</strong></font>
+				</td>
+			</tr>
+END
+	}
+
+	print <<END;
+			</tbody>
+		</table>
+END
+
+	&Header::closebox();
+
 	if ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/  && $netsettings{'RED_TYPE'} eq "DHCP"){
 
 		&Header::openbox('100%', 'left', "RED $Lang::tr{'dhcp configuration'}");
@@ -83,13 +163,13 @@ if ( $querry[0] ne~ ""){
 
 			&General::readhash("${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info", \%dhcpinfo);
 
-			my $DNS1=`echo $dhcpinfo{'DNS'} | cut -f 1 -d ,`;
-			my $DNS2=`echo $dhcpinfo{'DNS'} | cut -f 2 -d ,`;
+			my $DNS1=`echo $dhcpinfo{'domain_name_servers'} | cut -f 1 -d " "`;
+			my $DNS2=`echo $dhcpinfo{'domain_name_servers'} | cut -f 2 -d " "`;
 
 			my $lsetme=0;
 			my $leasetime="";
-			if ($dhcpinfo{'LEASETIME'} ne "") {
-				$lsetme=$dhcpinfo{'LEASETIME'};
+			if ($dhcpinfo{'dhcp_lease_time'} ne "") {
+				$lsetme=$dhcpinfo{'dhcp_lease_time'};
 				$lsetme=($lsetme/60);
 				
 				if ($lsetme > 59) {
@@ -106,8 +186,8 @@ if ( $querry[0] ne~ ""){
 			my $rentme=0;
 			my $rnwltime="";
 
-			if ($dhcpinfo{'RENEWALTIME'} ne "") {
-				$rentme=$dhcpinfo{'RENEWALTIME'};
+			if ($dhcpinfo{'dhcp_renewal_time'} ne "") {
+				$rentme=$dhcpinfo{'dhcp_renewal_time'};
 				$rentme=($rentme/60);
 				
 				if ($rentme > 59){
@@ -124,8 +204,8 @@ if ( $querry[0] ne~ ""){
 			my $maxtme=0;
 			my $maxtime="";
 
-			if ($dhcpinfo{'REBINDTIME'} ne "") {
-				$maxtme=$dhcpinfo{'REBINDTIME'};
+			if ($dhcpinfo{'dhcp_rebinding_time'} ne "") {
+				$maxtme=$dhcpinfo{'dhcp_rebinding_time'};
 				$maxtme=($maxtme/60);
 
 				if ($maxtme > 59){
@@ -139,19 +219,14 @@ if ( $querry[0] ne~ ""){
 				}
 			}
 
-			print "<table width='100%'>";
-
-			if ($dhcpinfo{'HOSTNAME'}) {
-				print "<tr><td width='30%'>$Lang::tr{'hostname'}</td><td>$dhcpinfo{'HOSTNAME'}.$dhcpinfo{'DOMAIN'}</td></tr>\n";
-			} else {
-				print "<tr><td width='30%'>$Lang::tr{'domain'}</td><td>$dhcpinfo{'DOMAIN'}</td></tr>\n";
-			}
 
 			print <<END
-<tr><td>$Lang::tr{'gateway'}</td><td>$dhcpinfo{'GATEWAY'}</td></tr>
+<table width='100%'>
+<tr><td width='30%'>$Lang::tr{'domain'}</td><td>$dhcpinfo{'domain_name'}</td></tr>
+<tr><td>$Lang::tr{'gateway'}</td><td>$dhcpinfo{'routers'}</td></tr>
 <tr><td>$Lang::tr{'primary dns'}</td><td>$DNS1</td></tr>
 <tr><td>$Lang::tr{'secondary dns'}</td><td>$DNS2</td></tr>
-<tr><td>$Lang::tr{'dhcp server'}</td><td>$dhcpinfo{'DHCPSIADDR'}</td></tr>
+<tr><td>$Lang::tr{'dhcp server'}</td><td>$dhcpinfo{'dhcp_server_identifier'}</td></tr>
 <tr><td>$Lang::tr{'def lease time'}</td><td>$leasetime</td></tr>
 <tr><td>$Lang::tr{'default renewal time'}</td><td>$rnwltime</td></tr>
 <tr><td>$Lang::tr{'max renewal time'}</td><td>$maxtime</td></tr>
@@ -166,4 +241,33 @@ END
 
 	&Header::closebigbox();
 	&Header::closepage();
-}	
+}
+
+sub check_dnssec($$) {
+	my $nameserver = shift;
+	my $record = shift;
+
+	my @command = ("dig", "+dnssec", $record, "\@$nameserver");
+
+	my @output = qx(@command);
+	my $output = join("", @output);
+
+	my $status = 0;
+	if ($output =~ m/status: (\w+)/) {
+		$status = ($1 eq "NOERROR");
+
+		if (!$status) {
+			return -1;
+		}
+	}
+
+	my @flags = ();
+	if ($output =~ m/flags: (.*);/) {
+		@flags = split(/ /, $1);
+	}
+
+	my $aware = ($output =~ m/RRSIG/);
+	my $validating = ("ad" ~~ @flags);
+
+	return $aware + $validating;
+}