X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=html%2Fcgi-bin%2Fnetexternal.cgi;h=4393393e081f07326de37e0b7648c2c2d59683c4;hb=38f6bdb74081bd68493d6636a20cda9b884d6bff;hp=fba57605ba169e1dfcd5f49a7da306c34ce95b59;hpb=824a0f689e6269c178e54feeaba878078bb6a49b;p=ipfire-2.x.git

diff --git a/html/cgi-bin/netexternal.cgi b/html/cgi-bin/netexternal.cgi
old mode 100755
new mode 100644
index fba57605ba..4393393e08
--- a/html/cgi-bin/netexternal.cgi
+++ b/html/cgi-bin/netexternal.cgi
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2008  Michael Tremer & Christian Schmidt                      #
+# Copyright (C) 2005-2010  IPFire Team                                        #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -25,9 +25,12 @@ use strict;
 #use warnings;
 #use CGI::Carp 'fatalsToBrowser';
 
+use IO::Socket;
+
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
+require "${General::swroot}/geoip-functions.pl";
 require "${General::swroot}/graphs.pl";
 
 my %color = ();
@@ -76,6 +79,108 @@ if ( $querry[0] ne~ ""){
 		&Header::closebox();
 	}
 
+	## DNSSEC
+	my @nameservers = ();
+	foreach my $f ("${General::swroot}/red/dns1", "${General::swroot}/red/dns2") {
+		open(DNS, "<$f");
+		my $nameserver = <DNS>;
+		close(DNS);
+
+		chomp($nameserver);
+		if ($nameserver) {
+			push(@nameservers, $nameserver);
+		}
+	}
+
+	&Header::openbox('100%', 'center', $Lang::tr{'dnssec information'});
+
+	print <<END;
+		<table class="tbl" width='66%'>
+			<thead>
+				<tr>
+					<th align="center">
+						<strong>$Lang::tr{'nameserver'}</strong>
+					</th>
+					<th align="center">
+						<strong>$Lang::tr{'country'}</strong>
+					</th>
+					<th align="center">
+						<strong>$Lang::tr{'rdns'}</strong>
+					</th>
+					<th align="center">
+						<strong>$Lang::tr{'status'}</strong>
+					</th>
+				</tr>
+			</thead>
+			<tbody>
+END
+
+	my $id = 0;
+	for my $nameserver (@nameservers) {
+		my $status = &check_dnssec($nameserver, "ping.ipfire.org");
+
+		my $colour = "";
+		my $bgcolour = "";
+		my $message = "";
+
+		# DNSSEC Not supported
+		if ($status == 0) {
+			$message = $Lang::tr{'dnssec not supported'};
+			$colour = "white";
+			$bgcolour = ${Header::colourred};
+
+		# DNSSEC Aware
+		} elsif ($status == 1) {
+			$message = $Lang::tr{'dnssec aware'};
+			$colour = "black";
+			$bgcolour = ${Header::colouryellow};
+
+		# DNSSEC Validating
+		} elsif ($status == 2) {
+			$message = $Lang::tr{'dnssec validating'};
+			$colour = "white";
+			$bgcolour = ${Header::colourgreen};
+
+		# Error
+		} else {
+			$colour = ${Header::colourred};
+		}
+
+		my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};
+
+		# collect more information about name server (rDNS, GeoIP country code)
+		my $ccode = &GeoIP::lookup($nameserver);
+		my $flag_icon = &GeoIP::get_flag_icon($ccode);
+
+		my $iaddr = inet_aton($nameserver);
+		my $rdns = gethostbyaddr($iaddr, AF_INET);
+		if (!$rdns) { $rdns = $Lang::tr{'lookup failed'}; }
+
+		print <<END;
+			<tr bgcolor="$table_colour">
+				<td>
+					$nameserver
+				</td>
+				<td align="center">
+					<a href='country.cgi#$ccode'><img src="$flag_icon" border="0" alt="$ccode" title="$ccode" /></a>
+				</td>
+				<td align="center">
+					$rdns
+				</td>
+				<td bgcolor="$bgcolour" align="center">
+					<font color="$colour"><strong>$message</strong></font>
+				</td>
+			</tr>
+END
+	}
+
+	print <<END;
+			</tbody>
+		</table>
+END
+
+	&Header::closebox();
+
 	if ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/  && $netsettings{'RED_TYPE'} eq "DHCP"){
 
 		&Header::openbox('100%', 'left', "RED $Lang::tr{'dhcp configuration'}");
@@ -83,13 +188,13 @@ if ( $querry[0] ne~ ""){
 
 			&General::readhash("${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info", \%dhcpinfo);
 
-			my $DNS1=`echo $dhcpinfo{'DNS'} | cut -f 1 -d ,`;
-			my $DNS2=`echo $dhcpinfo{'DNS'} | cut -f 2 -d ,`;
+			my $DNS1=`echo $dhcpinfo{'domain_name_servers'} | cut -f 1 -d " "`;
+			my $DNS2=`echo $dhcpinfo{'domain_name_servers'} | cut -f 2 -d " "`;
 
 			my $lsetme=0;
 			my $leasetime="";
-			if ($dhcpinfo{'LEASETIME'} ne "") {
-				$lsetme=$dhcpinfo{'LEASETIME'};
+			if ($dhcpinfo{'dhcp_lease_time'} ne "") {
+				$lsetme=$dhcpinfo{'dhcp_lease_time'};
 				$lsetme=($lsetme/60);
 				
 				if ($lsetme > 59) {
@@ -106,8 +211,8 @@ if ( $querry[0] ne~ ""){
 			my $rentme=0;
 			my $rnwltime="";
 
-			if ($dhcpinfo{'RENEWALTIME'} ne "") {
-				$rentme=$dhcpinfo{'RENEWALTIME'};
+			if ($dhcpinfo{'dhcp_renewal_time'} ne "") {
+				$rentme=$dhcpinfo{'dhcp_renewal_time'};
 				$rentme=($rentme/60);
 				
 				if ($rentme > 59){
@@ -124,8 +229,8 @@ if ( $querry[0] ne~ ""){
 			my $maxtme=0;
 			my $maxtime="";
 
-			if ($dhcpinfo{'REBINDTIME'} ne "") {
-				$maxtme=$dhcpinfo{'REBINDTIME'};
+			if ($dhcpinfo{'dhcp_rebinding_time'} ne "") {
+				$maxtme=$dhcpinfo{'dhcp_rebinding_time'};
 				$maxtme=($maxtme/60);
 
 				if ($maxtme > 59){
@@ -139,19 +244,14 @@ if ( $querry[0] ne~ ""){
 				}
 			}
 
-			print "<table width='100%'>";
-
-			if ($dhcpinfo{'HOSTNAME'}) {
-				print "<tr><td width='30%'>$Lang::tr{'hostname'}</td><td>$dhcpinfo{'HOSTNAME'}.$dhcpinfo{'DOMAIN'}</td></tr>\n";
-			} else {
-				print "<tr><td width='30%'>$Lang::tr{'domain'}</td><td>$dhcpinfo{'DOMAIN'}</td></tr>\n";
-			}
 
 			print <<END
-<tr><td>$Lang::tr{'gateway'}</td><td>$dhcpinfo{'GATEWAY'}</td></tr>
+<table width='100%'>
+<tr><td width='30%'>$Lang::tr{'domain'}</td><td>$dhcpinfo{'domain_name'}</td></tr>
+<tr><td>$Lang::tr{'gateway'}</td><td>$dhcpinfo{'routers'}</td></tr>
 <tr><td>$Lang::tr{'primary dns'}</td><td>$DNS1</td></tr>
 <tr><td>$Lang::tr{'secondary dns'}</td><td>$DNS2</td></tr>
-<tr><td>$Lang::tr{'dhcp server'}</td><td>$dhcpinfo{'DHCPSIADDR'}</td></tr>
+<tr><td>$Lang::tr{'dhcp server'}</td><td>$dhcpinfo{'dhcp_server_identifier'}</td></tr>
 <tr><td>$Lang::tr{'def lease time'}</td><td>$leasetime</td></tr>
 <tr><td>$Lang::tr{'default renewal time'}</td><td>$rnwltime</td></tr>
 <tr><td>$Lang::tr{'max renewal time'}</td><td>$maxtime</td></tr>
@@ -166,4 +266,33 @@ END
 
 	&Header::closebigbox();
 	&Header::closepage();
-}	
+}
+
+sub check_dnssec($$) {
+	my $nameserver = shift;
+	my $record = shift;
+
+	my @command = ("dig", "+dnssec", $record, "\@$nameserver");
+
+	my @output = qx(@command);
+	my $output = join("", @output);
+
+	my $status = 0;
+	if ($output =~ m/status: (\w+)/) {
+		$status = ($1 eq "NOERROR");
+
+		if (!$status) {
+			return -1;
+		}
+	}
+
+	my @flags = ();
+	if ($output =~ m/flags: (.*);/) {
+		@flags = split(/ /, $1);
+	}
+
+	my $aware = ($output =~ m/RRSIG/);
+	my $validating = ("ad" ~~ @flags);
+
+	return $aware + $validating;
+}

$Lang::tr{'hostname'}	$dhcpinfo{'HOSTNAME'}.$dhcpinfo{'DOMAIN'}
$Lang::tr{'domain'}	$dhcpinfo{'DOMAIN'}
$Lang::tr{'gateway'}	$dhcpinfo{'GATEWAY'}
$Lang::tr{'domain'}	$dhcpinfo{'domain_name'}
$Lang::tr{'gateway'}	$dhcpinfo{'routers'}
$Lang::tr{'primary dns'}	$DNS1
$Lang::tr{'secondary dns'}	$DNS2
$Lang::tr{'dhcp server'}	$dhcpinfo{'DHCPSIADDR'}
$Lang::tr{'dhcp server'}	$dhcpinfo{'dhcp_server_identifier'}
$Lang::tr{'def lease time'}	$leasetime
$Lang::tr{'default renewal time'}	$rnwltime
$Lang::tr{'max renewal time'}	$maxtime