+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-use warnings;
-use CGI::Carp 'fatalsToBrowser';
-use File::Copy;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %color = ();
-my %mainsettings = ();
-my %cgiparams=();
-my %checked = ();
-my $message = "";
-my $errormessage = "";
-
-$a = new CGI;
-
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-$cgiparams{'ACTION'} = '';
-$cgiparams{'FILE'} = '';
-$cgiparams{'UPLOAD'} = '';
-$cgiparams{'BACKUPLOGS'} = '';
-
-&Header::getcgihash(\%cgiparams);
-
-############################################################################################################################
-################################################ Workaround for Directories ################################################
-
-system("/usr/local/bin/backupctrl makedirs >/dev/null 2>&1 ") unless ( -e '/var/ipfire/backup/addons/backup') ;
-
-############################################################################################################################
-############################################## System calls ohne Http Header ###############################################
-
-
-if ( $cgiparams{'ACTION'} eq "download" )
-{
- open(DLFILE, "</var/ipfire/backup/$cgiparams{'FILE'}") or die "Unable to open $cgiparams{'FILE'}: $!";
- my @fileholder = <DLFILE>;
- print "Content-Type:application/x-download\n";
- print "Content-Disposition:attachment;filename=$cgiparams{'FILE'}\n\n";
- print @fileholder;
- exit (0);
-}
-if ( $cgiparams{'ACTION'} eq "downloadaddon" )
-{
- open(DLFILE, "</var/ipfire/backup/addons/backup/$cgiparams{'FILE'}") or die "Unable to open $cgiparams{'FILE'}: $!";
- my @fileholder = <DLFILE>;
- print "Content-Type:application/x-download\n";
- print "Content-Disposition:attachment;filename=$cgiparams{'FILE'}\n\n";
- print @fileholder;
- exit (0);
-}
-elsif ( $cgiparams{'ACTION'} eq "restore" )
-{
- my $upload = $a->param("UPLOAD");
- open UPLOADFILE, ">/tmp/restore.ipf";
- binmode $upload;
- while ( <$upload> ) {
- print UPLOADFILE;
- }
- close UPLOADFILE;
- system("/usr/local/bin/backupctrl restore >/dev/null 2>&1");
-}
-elsif ( $cgiparams{'ACTION'} eq "restoreaddon" )
-{
- chomp($cgiparams{'UPLOAD'});
- # we need to fix cause IE7 gives the full path and FF only the filename
- my @temp = split(/\\/,$cgiparams{'UPLOAD'});
- my $upload = $a->param("UPLOAD");
- open UPLOADFILE, ">/tmp/".$temp[$#temp];
- binmode $upload;
- while ( <$upload> ) {
- print UPLOADFILE;
- }
- close UPLOADFILE;
- system("/usr/local/bin/backupctrl restoreaddon ".$temp[$#temp]." >/dev/null 2>&1");
-}
-
-&Header::showhttpheaders();
-
-sub refreshpage{&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'pagerefresh'}</font></center>";&Header::closebox();}
-
-&Header::openpage($Lang::tr{'backup'}, 1, "");
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-############################################################################################################################
-################################################### Default System calls ###################################################
-
-if ( $cgiparams{'ACTION'} eq "backup" )
-{
- if ( $cgiparams{'BACKUPLOGS'} eq "include" ){system("/usr/local/bin/backupctrl include >/dev/null 2>&1");}
- else {system("/usr/local/bin/backupctrl exclude >/dev/null 2>&1");}
-}
-if ( $cgiparams{'ACTION'} eq "addonbackup" )
-{
- system("/usr/local/bin/backupctrl addonbackup $cgiparams{'ADDON'} >/dev/null 2>&1");
-}
-elsif ( $cgiparams{'ACTION'} eq "delete" )
-{
- system("/usr/local/bin/backupctrl $cgiparams{'FILE'} >/dev/null 2>&1");
-}
-
-############################################################################################################################
-############################################ Backups des Systems erstellen #################################################
-
-if ( $message ne "" ){
- &Header::openbox('100%','left',$Lang::tr{'error messages'});
- print "<font color='red'>$message</font>\n";
- &Header::closebox();
-}
-
-my @backups = `cd /var/ipfire/backup/ && ls *.ipf 2>/dev/null`;
-
-&Header::openbox('100%', 'center', $Lang::tr{'backup'});
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='95%' cellspacing='0'>
-<tr><td align='left' width='40%'>$Lang::tr{'logs'}</td><td align='left'>$Lang::tr{'include logfiles'}
- <input type='radio' name='BACKUPLOGS' value='include'/>/
- <input type='radio' name='BACKUPLOGS' value='exclude' checked='checked'/>$Lang::tr{'exclude logfiles'}
-</td></tr>
-<tr><td align='center' colspan='2'>
- <input type='hidden' name='ACTION' value='backup' />
- <input type='image' alt='$Lang::tr{'backup'}' title='$Lang::tr{'backup'}' src='/images/document-save.png' />
-</td></tr>
-</table>
-</form>
-END
-;
-&Header::closebox();
-
-############################################################################################################################
-############################################ Backups des Systems downloaden ################################################
-
-&Header::openbox('100%', 'center', $Lang::tr{'backups'});
-
-print <<END
-<table width='95%' cellspacing='0'>
-END
-;
-foreach (@backups){
-chomp($_);
-my $Datei = "/var/ipfire/backup/".$_;
-my @Info = stat($Datei);
-my $Size = $Info[7] / 1024;
-$Size = sprintf("%02d", $Size);
-print "<tr><td align='center'>$Lang::tr{'backup from'} $_ $Lang::tr{'size'} $Size KB</td><td width='5'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='download' /><input type='hidden' name='FILE' value='$_' /><input type='image' alt='$Lang::tr{'download'}' title='$Lang::tr{'download'}' src='/images/package-x-generic.png' /></form></td>";
-print "<td width='5'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='delete' /><input type='hidden' name='FILE' value='$_' /><input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-trash.png' /></form></td></tr>";
-}
-print <<END
-</table>
-END
-;
-&Header::closebox();
-
-############################################################################################################################
-############################################# Backups von Addons erstellen #################################################
-
-&Header::openbox('100%', 'center', 'addons');
-
-my @addonincluds = `ls /var/ipfire/backup/addons/includes/ 2>/dev/null`;
-my @addons = `ls /var/ipfire/backup/addons/backup/ 2>/dev/null`;
-my %addons;
-
-foreach (@addons){
- my $addon=substr($_,0,length($_)-5);
- $addons{$addon}='';
-}
-
-print "<table width='95%' cellspacing='0'>";
-foreach (@addonincluds){
-chomp($_);
-delete $addons{$_};
-my $Datei = "/var/ipfire/backup/addons/backup/".$_.".ipf";
-my @Info = stat($Datei);
-my $Size = $Info[7] / 1024;
-$Size = sprintf("%2d", $Size);
-if ( -e $Datei ){
-print "<tr><td align='center'>$Lang::tr{'backup from'} $_ $Lang::tr{'size'} $Size KB $Lang::tr{'date'} ".localtime($Info[9])."</td>";
-print <<END
- <td align='right' width='5'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='downloadaddon' />
- <input type='hidden' name='FILE' value='$_.ipf' />
- <input type='image' alt='$Lang::tr{'download'}' title='$Lang::tr{'download'}' src='/images/package-x-generic.png' />
- </form>
- </td>
- <td align='right' width='5'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='delete' />
- <input type='hidden' name='FILE' value='addons/backup/$_.ipf' />
- <input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-trash.png' />
- </form>
- </td>
-END
-;
-}
-else{
- print "<tr><td align='center'>$Lang::tr{'backup from'} $_ </td><td width='5' align='right'></td><td width='5' align='right'></td>";
-}
-print <<END
- <td align='right' width='5'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='addonbackup' />
- <input type='hidden' name='ADDON' value='$_' />
- <input type='image' alt='$Lang::tr{'backup'}' title='$Lang::tr{'backup'}' src='/images/document-save.png' />
- </form>
- </td></tr>
-END
-;
-}
-foreach (keys(%addons)){
-chomp($_);
-my $Datei = "/var/ipfire/backup/addons/backup/".$_.".ipf";
-my @Info = stat($Datei);
-my $Size = $Info[7] / 1024;
-$Size = sprintf("%2d", $Size);
-print "<tr><td align='center'>$Lang::tr{'backup from'} $_ $Lang::tr{'size'} $Size KB $Lang::tr{'date'} ".localtime($Info[9])."</td>";
-print <<END
- <td align='right' width='5'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='downloadaddon' />
- <input type='hidden' name='FILE' value='$_.ipf' />
- <input type='image' alt='$Lang::tr{'download'}' title='$Lang::tr{'download'}' src='/images/package-x-generic.png' />
- </form>
- </td>
- <td align='right' width='5'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='delete' />
- <input type='hidden' name='FILE' value='addons/backup/$_.ipf' />
- <input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-trash.png' />
- </form>
- </td>
- <td align='right' width='5'></td></tr>
-END
-;
-}
-
-print "</table>";
-&Header::closebox();
-
-############################################################################################################################
-####################################### Backups des Systems wiederherstellen ###############################################
-
-&Header::openbox('100%', 'center', $Lang::tr{'restore'});
-
-print <<END
-<table width='95%' cellspacing='0'>
-<tr><td align='center' colspan='2'><font color='red'><br />$Lang::tr{'backupwarning'}</font><br /><br /></td></tr>
-<tr><td align='left'>$Lang::tr{'backup'}</td><td align='left'><form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'><input type="file" size='50' name="UPLOAD" /><input type='hidden' name='ACTION' value='restore' /><input type='hidden' name='FILE' /><input type='image' alt='$Lang::tr{'restore'}' title='$Lang::tr{'restore'}' src='/images/media-floppy.png' /></form></td></tr>
-<tr><td align='left'>$Lang::tr{'backupaddon'}</td><td align='left'><form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'><input type="file" size='50' name="UPLOAD" /><input type='hidden' name='ACTION' value='restoreaddon' /><input type='hidden' name='FILE' /><input type='image' alt='$Lang::tr{'restore'}' title='$Lang::tr{'restore'}' src='/images/media-floppy.png' /></form></td></tr>
-</table>
-END
-;
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use CGI qw(param);
-
-$swroot = "/var/ipfire";
-
-my %cgiparams;
-my %mainsettings;
-my %proxysettings;
-
-$proxysettings{'NCSA_MIN_PASS_LEN'} = 6;
-
-### Initialize environment
-&readhash("${swroot}/main/settings", \%mainsettings);
-&readhash("${swroot}/proxy/advanced/settings", \%proxysettings);
-$language = $mainsettings{'LANGUAGE'};
-
-### Initialize language
-if ($language =~ /^(\w+)$/) {$language = $1;}
- #
- # Uncomment this to force a certain language:
- # $language='en';
- #
-require "${swroot}/langs/en.pl";
-require "${swroot}/langs/${language}.pl";
-
-my $userdb = "$swroot/proxy/advanced/ncsa/passwd";
-
-&readhash("$swroot/ethernet/settings", \%netsettings);
-
-my $success = 0;
-
-&getcgihash(\%cgiparams);
-
-if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'})
-{
- if ($cgiparams{'USERNAME'} eq '')
- {
- $errormessage = $tr{'advproxy errmsg no username'};
- goto ERROR;
- }
- if (($cgiparams{'OLD_PASSWORD'} eq '') || ($cgiparams{'NEW_PASSWORD_1'} eq '') || ($cgiparams{'NEW_PASSWORD_2'} eq ''))
- {
- $errormessage = $tr{'advproxy errmsg no password'};
- goto ERROR;
- }
- if (!($cgiparams{'NEW_PASSWORD_1'} eq $cgiparams{'NEW_PASSWORD_2'}))
- {
- $errormessage = $tr{'advproxy errmsg passwords different'};
- goto ERROR;
- }
- if (length($cgiparams{'NEW_PASSWORD_1'}) < $proxysettings{'NCSA_MIN_PASS_LEN'})
- {
- $errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'};
- goto ERROR;
- }
- if (! -z $userdb)
- {
- open FILE, $userdb;
- @users = <FILE>;
- close FILE;
-
- $username = '';
- $cryptpwd = '';
-
- foreach (@users)
- {
- chomp;
- @temp = split(/:/,$_);
- if ($temp[0] =~ /^$cgiparams{'USERNAME'}$/i)
- {
- $username = $temp[0];
- $cryptpwd = $temp[1];
- }
- }
- }
- if ($username eq '')
- {
- $errormessage = $tr{'advproxy errmsg invalid user'};
- goto ERROR;
- }
- if (!(crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd))
- {
- $errormessage = $tr{'advproxy errmsg password incorrect'};
- goto ERROR;
- }
- $returncode = system("/usr/bin/htpasswd -b $userdb $username $cgiparams{'NEW_PASSWORD_1'}");
- if ($returncode == 0)
- {
- $success = 1;
- undef %cgiparams;
- } else {
- $errormessage = $tr{'advproxy errmsg change fail'};
- goto ERROR;
- }
-}
-
-ERROR:
-
-print "Pragma: no-cache\n";
-print "Cache-control: no-cache\n";
-print "Connection: close\n";
-print "Content-type: text/html\n\n";
-
-print <<END
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
-<title></title>
-</head>
-
-<body bgcolor="#FFFFFF">
-
-<center>
-
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-
-<table width="80%" cellspacing="10" cellpadding="5" border="0">
-
-<tr>
- <td bgcolor="#C0C0C0">
- <font face="verdana, arial, sans serif" color="#000000" size="2">
- <b> </b>
- </font>
- </td>
-</tr>
-<tr>
- <td bgcolor="#F4F4F4" align="center">
- <table width="100%" cellspacing="10" cellpadding="10">
- <tr>
- <td nowrap bgcolor="#0050C0" align="center">
- <font face="verdana, arial, sans serif" color="#FFFFFF" size="3">
- <b>$tr{'advproxy chgwebpwd change web password'}</b>
- </font>
- </td>
- </tr>
- <tr>
- <td align="center">
- <table width="70%" cellspacing="7" cellpadding="7">
- <tr>
- <td nowrap bgcolor="#F4F4F4" align="left">
- <font face="verdana, arial, sans serif" color="#000000" size="2">
- <b>$tr{'advproxy chgwebpwd username'}:</b>
- </font>
- </td>
- <td><input type="text" name="USERNAME" value="$cgiparams{'USERNAME'}" size="15"></td>
- </tr>
- <tr>
- <td nowrap bgcolor="#F4F4F4" align="left">
- <font face="verdana, arial, sans serif" color="#000000" size="2">
- <b>$tr{'advproxy chgwebpwd old password'}:</b>
- </font>
- </td>
- <td><input type="password" name="OLD_PASSWORD" value="$cgiparams{'OLD_PASSWORD'}" size="15"></td>
- </tr>
- <tr>
- <td nowrap bgcolor="#F4F4F4" align="left">
- <font face="verdana, arial, sans serif" color="#000000" size="2">
- <b>$tr{'advproxy chgwebpwd new password'}:</b>
- </font>
- </td>
- <td><input type="password" name="NEW_PASSWORD_1" value="$cgiparams{'NEW_PASSWORD_1'}" size="15"></td>
- </tr>
- <tr>
- <td nowrap bgcolor="#F4F4F4" align="left">
- <font face="verdana, arial, sans serif" color="#000000" size="2">
- <b>$tr{'advproxy chgwebpwd new password confirm'}:</b>
- </font>
- </td>
- <td><input type="password" name="NEW_PASSWORD_2" value="$cgiparams{'NEW_PASSWORD_2'}" size="15"></td>
- </tr>
- </table>
- <table width="100%" cellspacing="7" cellpadding="7">
- <tr>
- <td align="center"><br><input type='submit' name='SUBMIT' value="$tr{'advproxy chgwebpwd change password'}"></td>
- </tr>
- </table>
- </td>
- </tr>
-END
-;
-
-if ($errormessage)
-{
- print <<END
- <tr>
- <td nowrap bgcolor="#FF0000" align="center">
- <font face="verdana, arial, sans serif" color="#FFFFFF" size="2">
- <b>$tr{'advproxy chgwebpwd ERROR'}</b> $errormessage
- </font>
- </td>
- </tr>
-END
-;
-}
-
-if ($success)
-{
- print <<END
- <tr>
- <td nowrap bgcolor="#00C000" align="center">
- <font face="verdana, arial, sans serif" color="#FFFFFF" size="2">
- <b>$tr{'advproxy chgwebpwd SUCCESS'}</b> $tr{'advproxy errmsg change success'}
- </font>
- </td>
- </tr>
-END
-;
-}
-
-
-print <<END
-
- </td>
-</tr>
-</table>
-
-<tr>
- <td bgcolor="#C0C0C0" align="right">
- <a href="http://www.advproxy.net" target="_blank"><b>
- <font face="verdana,arial,sans serif" color="#FFFFFF" size="1">Advanced Proxy</b></a> running on</font>
- <a href="http://www.ipcop.org" target="_blank"><b>
- <font face="verdana,arial,sans serif" color="#FFFFFF" size="1">IPCop</b></a></font>
- </td>
-</tr>
-
-</table>
-
-</form>
-
-</center>
-
-</body>
-
-</html>
-END
-;
-
-# -------------------------------------------------------------------
-
-sub readhash
-{
- my $filename = $_[0];
- my $hash = $_[1];
- my ($var, $val);
-
- if (-e $filename)
- {
- open(FILE, $filename) or die "Unable to read file $filename";
- while (<FILE>)
- {
- chop;
- ($var, $val) = split /=/, $_, 2;
- if ($var)
- {
- $val =~ s/^\'//g;
- $val =~ s/\'$//g;
-
- # Untaint variables read from hash
- $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
- $val =~ /([\w\W]*)/; $val = $1;
- $hash->{$var} = $val;
- }
- }
- close FILE;
- }
-}
-
-# -------------------------------------------------------------------
-
-sub getcgihash
-{
- my ($hash, $params) = @_;
- my $cgi = CGI->new ();
- return if ($ENV{'REQUEST_METHOD'} ne 'POST');
- if (!$params->{'wantfile'}) {
- $CGI::DISABLE_UPLOADS = 1;
- $CGI::POST_MAX = 512 * 1024;
- } else {
- $CGI::POST_MAX = 10 * 1024 * 1024;
- }
-
- $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/;
- my $referer = $1;
- $cgi->url() =~ m/^https?\:\/\/([^\/]+)/;
- my $servername = $1;
- return if ($referer ne $servername);
-
- ### Modified for getting multi-vars, split by |
- %temp = $cgi->Vars();
- foreach my $key (keys %temp) {
- $hash->{$key} = $temp{$key};
- $hash->{$key} =~ s/\0/|/g;
- $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/;
- }
-
- if (($params->{'wantfile'})&&($params->{'filevar'})) {
- $hash->{$params->{'filevar'}} = $cgi->upload
- ($params->{'filevar'});
- }
- return;
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-my @network=();
-my @masklen=();
-my @colour=();
-
-use Net::IPv4Addr qw( :all );
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table1colour} );
-undef (@dummy);
-
-# Read various files
-
-my %netsettings=();
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-open (ACTIVE, 'iptstate -1rbt |') or die 'Unable to open ip_conntrack';
-my @active = <ACTIVE>;
-close (ACTIVE);
-
-if (open(IP, "${General::swroot}/red/local-ipaddress")) {
- my $redip = <IP>;
- close(IP);
- chomp $redip;
- push(@network, $redip);
- push(@masklen, '255.255.255.255' );
- push(@colour, ${Header::colourfw} );
-}
-
-my @vpn = ` route -n | grep ipsec | awk '{ print \$1" "\$3}'`;
- foreach my $route (@vpn) {
- chomp($route);
- my @temp = split(/[\t ]+/, $route);
- if ( $temp[0] eq '$redip' ){next;}
- push(@network, $temp[0]);
- push(@masklen, $temp[1]);
- push(@colour, ${Header::colourvpn} );
- }
-
-my $aliasfile = "${General::swroot}/ethernet/aliases";
-open(ALIASES, $aliasfile) or die 'Unable to open aliases file.';
-my @aliases = <ALIASES>;
-close(ALIASES);
-
-# Add Green Firewall Interface
-push(@network, $netsettings{'GREEN_ADDRESS'});
-push(@masklen, "255.255.255.255" );
-push(@colour, ${Header::colourfw} );
-
-# Add Green Network to Array
-push(@network, $netsettings{'GREEN_NETADDRESS'});
-push(@masklen, $netsettings{'GREEN_NETMASK'} );
-push(@colour, ${Header::colourgreen} );
-
-# Add Green Routes to Array
-my @routes = `/sbin/route -n | /bin/grep $netsettings{'GREEN_DEV'}`;
-foreach my $route (@routes) {
- chomp($route);
- my @temp = split(/[\t ]+/, $route);
- push(@network, $temp[0]);
- push(@masklen, $temp[2]);
- push(@colour, ${Header::colourgreen} );
-}
-
-# Add Firewall Localhost 127.0.0.1
-push(@network, '127.0.0.1');
-push(@masklen, '255.255.255.255' );
-push(@colour, ${Header::colourfw} );
-
-# Add Orange Network
-if ($netsettings{'ORANGE_DEV'}) {
- push(@network, $netsettings{'ORANGE_NETADDRESS'});
- push(@masklen, $netsettings{'ORANGE_NETMASK'} );
- push(@colour, ${Header::colourorange} );
- # Add Orange Routes to Array
- @routes = `/sbin/route -n | /bin/grep $netsettings{'ORANGE_DEV'}`;
- foreach my $route (@routes) {
- chomp($route);
- my @temp = split(/[\t ]+/, $route);
- push(@network, $temp[0]);
- push(@masklen, $temp[2]);
- push(@colour, ${Header::colourorange} );
- }
-}
-
-# Add Blue Firewall Interface
-push(@network, $netsettings{'BLUE_ADDRESS'});
-push(@masklen, "255.255.255.255" );
-push(@colour, ${Header::colourfw} );
-
-# Add Blue Network
-if ($netsettings{'BLUE_DEV'}) {
- push(@network, $netsettings{'BLUE_NETADDRESS'});
- push(@masklen, $netsettings{'BLUE_NETMASK'} );
- push(@colour, ${Header::colourblue} );
- # Add Blue Routes to Array
- @routes = `/sbin/route -n | /bin/grep $netsettings{'BLUE_DEV'}`;
- foreach my $route (@routes) {
- chomp($route);
- my @temp = split(/[\t ]+/, $route);
- push(@network, $temp[0]);
- push(@masklen, $temp[2]);
- push(@colour, ${Header::colourblue} );
- }
-}
-
-# Add OpenVPN net and RED/BLUE/ORANGE entry (when appropriate)
-if (-e "${General::swroot}/ovpn/settings") {
- my %ovpnsettings = ();
- &General::readhash("${General::swroot}/ovpn/settings", \%ovpnsettings);
- my @tempovpnsubnet = split("\/",$ovpnsettings{'DOVPN_SUBNET'});
-
- # add OpenVPN net
- push(@network, $tempovpnsubnet[0]);
- push(@masklen, $tempovpnsubnet[1]);
- push(@colour, ${Header::colourovpn} );
-
-
- if ( ($ovpnsettings{'ENABLED_BLUE'} eq 'on') && $netsettings{'BLUE_DEV'} ) {
- # add BLUE:port / proto
- push(@network, $netsettings{'BLUE_ADDRESS'} );
- push(@masklen, '255.255.255.255' );
- push(@colour, ${Header::colourovpn} );
- }
- if ( ($ovpnsettings{'ENABLED_ORANGE'} eq 'on') && $netsettings{'ORANGE_DEV'} ) {
- # add ORANGE:port / proto
- push(@network, $netsettings{'ORANGE_ADDRESS'} );
- push(@masklen, '255.255.255.255' );
- push(@colour, ${Header::colourovpn} );
- }
-}
-
-# Add STATIC RED aliases
-if ($netsettings{'RED_DEV'}) {
- # We have a RED eth iface
- if ($netsettings{'RED_TYPE'} eq 'STATIC') {
- # We have a STATIC RED eth iface
- foreach my $line (@aliases)
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ( $temp[0] ) {
- push(@network, $temp[0]);
- push(@masklen, $netsettings{'RED_NETMASK'} );
- push(@colour, ${Header::colourfw} );
- }
- }
- }
-}
-
-# Add VPNs
-if ( $vpn[0] ne 'none' ) {
- foreach my $line (@vpn) {
- my @temp = split(/[\t ]+/,$line);
- my @temp1 = split(/[\/:]+/,$temp[3]);
- push(@network, $temp1[0]);
- push(@masklen, ipv4_cidr2msk($temp1[1]));
- push(@colour, ${Header::colourvpn} );
- }
-}
-
-#Establish simple filtering&sorting boxes on top of table
-
-our %cgiparams;
-&Header::getcgihash(\%cgiparams);
-
-my @list_proto = ($Lang::tr{'all'}, 'icmp', 'udp', 'tcp');
-my @list_state = ($Lang::tr{'all'}, 'SYN_SENT', 'SYN_RECV', 'ESTABLISHED', 'FIN_WAIT',
- 'CLOSE_WAIT', 'LAST_ACK', 'TIME_WAIT', 'CLOSE', 'LISTEN');
-my @list_mark = ($Lang::tr{'all'}, '[ASSURED]', '[UNREPLIED]');
-my @list_sort = ('orgsip','protocol', 'expires', 'status', 'orgdip', 'orgsp',
- 'orgdp', 'exsip', 'exdip', 'exsp', 'exdp', 'marked');
-
-# init or silently correct unknown value...
-if ( ! grep ( /^$cgiparams{'SEE_PROTO'}$/ , @list_proto )) { $cgiparams{'SEE_PROTO'} = $list_proto[0] };
-if ( ! grep ( /^$cgiparams{'SEE_STATE'}$/ , @list_state )) { $cgiparams{'SEE_STATE'} = $list_state[0] };
-if ( ($cgiparams{'SEE_MARK'} ne $Lang::tr{'all'}) && # ok the grep should work but it doesn't because of
- ($cgiparams{'SEE_MARK'} ne '[ASSURED]') && # the '[' & ']' interpreted as list separator.
- ($cgiparams{'SEE_MARK'} ne '[UNREPLIED]') # So, explicitly enumerate items.
- ) { $cgiparams{'SEE_MARK'} = $list_mark[0] };
-if ( ! grep ( /^$cgiparams{'SEE_SORT'}$/ , @list_sort )) { $cgiparams{'SEE_SORT'} = $list_sort[0] };
-# *.*.*.* or a valid IP
-if ( $cgiparams{'SEE_SRC'} !~ /^(\*\.\*\.\*\.\*\.|\d+\.\d+\.\d+\.\d+)$/) { $cgiparams{'SEE_SRC'} = '*.*.*.*' };
-if ( $cgiparams{'SEE_DEST'} !~ /^(\*\.\*\.\*\.\*\.|\d+\.\d+\.\d+\.\d+)$/) { $cgiparams{'SEE_DEST'} = '*.*.*.*' };
-
-
-our %entries = (); # will hold the lines analyzed correctly
-my $unknownlines = ''; # should be empty all the time...
-my $index = 0; # just a counter to make unique entryies in entries
-
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'connections'}, 1, '');
-&Header::openbigbox('100%', 'left');
-&Header::openbox('100%', 'left', $Lang::tr{'connection tracking'});
-
-# Build listbox objects
-my $menu_proto = &make_select ('SEE_PROTO', $cgiparams{'SEE_PROTO'}, @list_proto);
-my $menu_state = &make_select ('SEE_STATE', $cgiparams{'SEE_STATE'}, @list_state);
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr><td align='center'><b>$Lang::tr{'legend'} : </b></td>
- <td align='center' bgcolor='${Header::colourgreen}'><b><font color='#FFFFFF'>$Lang::tr{'lan'}</font></b></td>
- <td align='center' bgcolor='${Header::colourred}'><b><font color='#FFFFFF'>$Lang::tr{'internet'}</font></b></td>
- <td align='center' bgcolor='${Header::colourorange}'><b><font color='#FFFFFF'>$Lang::tr{'dmz'}</font></b></td>
- <td align='center' bgcolor='${Header::colourblue}'><b><font color='#FFFFFF'>$Lang::tr{'wireless'}</font></b></td>
- <td align='center' bgcolor='${Header::colourfw}'><b><font color='#FFFFFF'>IPFire</font></b></td>
- <td align='center' bgcolor='${Header::colourvpn}'><b><font color='#FFFFFF'>$Lang::tr{'vpn'}</font></b></td>
- <td align='center' bgcolor='${Header::colourovpn}'><b><font color='#FFFFFF'>$Lang::tr{'OpenVPN'}</font></b></td>
-</tr>
-</table>
-<br />
-<table width='100%'>
-<tr><td align='center'><font size=2>$Lang::tr{'source ip and port'}</font></td>
- <td> </td>
- <td align='center'><font size=2>$Lang::tr{'dest ip and port'}</font></td>
- <td> </td>
- <td align='center'><font size=2>$Lang::tr{'protocol'}</font></td>
- <td align='center'><font size=2>$Lang::tr{'connection'}<br></br>$Lang::tr{'status'}</font></td>
- <td align='center'><font size=2>$Lang::tr{'expires'}<br></br>($Lang::tr{'seconds'})</font></td>
-
-</tr>
-<tr><td colspan='4'> </td>
- <td align='center'>$menu_proto</td>
- <td align='center'>$menu_state</td>
- <td> </td>
-</tr>
-<tr>
- <td align='center' colspan='7'></td>
-</tr>
-<tr>
- <td align='center' colspan='7'><input type='submit' value="$Lang::tr{'update'}" /></td>
-</tr>
-
-END
-;
-
-my $i=0;
-foreach my $line (@active) {
- $i++;
- if ($i < 3) {
- next;
- }
- chomp($line);
- my @temp = split(' ',$line);
-
- my ($sip, $sport) = split(':', $temp[0]);
- my ($dip, $dport) = split(':', $temp[1]);
- my $proto = $temp[2];
- my $state; my $ttl;
- if ( $proto eq "esp" ){$state = "";$ttl = $temp[3];}
- elsif ( $proto eq "icmp" ){$state = "";$ttl = $temp[4];}
- else{$state = $temp[3];$ttl = $temp[4];}
-
- next if( !(
- (($cgiparams{'SEE_PROTO'} eq $Lang::tr{'all'}) || ($proto eq $cgiparams{'SEE_PROTO'} ))
- && (($cgiparams{'SEE_STATE'} eq $Lang::tr{'all'}) || ($state eq $cgiparams{'SEE_STATE'} ))
- && (($cgiparams{'SEE_SRC'} eq "*.*.*.*") || ($sip eq $cgiparams{'SEE_SRC'} ))
- && (($cgiparams{'SEE_DEST'} eq "*.*.*.*") || ($dip eq $cgiparams{'SEE_DEST'} ))
- ));
-
- if (($proto eq 'udp') && ($ttl eq '')) {
- $ttl = $state;
- $state = ' ';
- }
-
- my $sipcol = ipcolour($sip);
- my $dipcol = ipcolour($dip);
-
- my $sserv = '';
- if ($sport < 1024) {
- $sserv = uc(getservbyport($sport, lc($proto)));
- if ($sserv ne '') {
- $sserv = " ($sserv)";
- }
- }
-
- my $dserv = '';
- if ($dport < 1024) {
- $dserv = uc(getservbyport($dport, lc($proto)));
- if ($dserv ne '') {
- $dserv = " ($dserv)";
- }
- }
-
- print <<END
- <tr >
- <td align='center' bgcolor='$sipcol'>
- <a href='/cgi-bin/ipinfo.cgi?ip=$sip'>
- <font color='#FFFFFF'>$sip</font>
- </a>
- </td>
- <td align='center' bgcolor='$sipcol'>
- <a href='http://isc.sans.org/port_details.php?port=$sport' target='top'>
- <font color='#FFFFFF'>$sport$sserv</font>
- </a>
- </td>
- <td align='center' bgcolor='$dipcol'>
- <a href='/cgi-bin/ipinfo.cgi?ip=$dip'>
- <font color='#FFFFFF'>$dip</font>
- </a>
- </td>
- <td align='center' bgcolor='$dipcol'>
- <a href='http://isc.sans.org/port_details.php?port=$dport' target='top'>
- <font color='#FFFFFF'>$dport$dserv</font>
- </a>
- </td>
- <td align='center'>$proto</td>
- <td align='center'>$state</td>
- <td align='center'>$ttl</td>
- </tr>
-END
-;
-}
-
-print "</table></form>";
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-sub ipcolour($) {
- my $id = 0;
- my $line;
- my $colour = ${Header::colourred};
- my ($ip) = $_[0];
- my $found = 0;
- foreach $line (@network) {
- if ($network[$id] eq '') {
- $id++;
- } else {
- if (!$found && ipv4_in_network( $network[$id] , $masklen[$id], $ip) ) {
- $found = 1;
- $colour = $colour[$id];
- }
- $id++;
- }
- }
- return $colour
-}
-
-# Create a string containing a complete SELECT html object
-# param1: name
-# param2: current value selected
-# param3: field list
-sub make_select ($,$,$) {
- my $select_name = shift;
- my $selected = shift;
- my $select = "<select name='$select_name'>";
-
- foreach my $value (@_) {
- my $check = $selected eq $value ? "selected='selected'" : '';
- $select .= "<option $check value='$value'>$value</option>";
- }
- $select .= "</select>";
- return $select;
-}
-
-# Build a list of IP obtained from the %entries hash
-# param1: IP field name
-sub get_known_ips ($) {
- my $field = shift;
- my $qs = $cgiparams{'SEE_SORT'}; # switch the sort order
- $cgiparams{'SEE_SORT'} = $field;
-
- my @liste=('*.*.*.*');
- foreach my $entry ( sort sort_entries keys %entries) {
- push (@liste, $entries{$entry}->{$field}) if (! grep (/^$entries{$entry}->{$field}$/,@liste) );
- }
-
- $cgiparams{'SEE_SORT'} = $qs; #restore sort order
- return @liste;
-}
-
-# Used to sort the table containing the lines displayed.
-sub sort_entries { #Reverse is not implemented
- my $qs=$cgiparams{'SEE_SORT'};
- if ($qs =~ /orgsip|orgdip|exsip|exdip/) {
- my @a = split(/\./,$entries{$a}->{$qs});
- my @b = split(/\./,$entries{$b}->{$qs});
- ($a[0]<=>$b[0]) ||
- ($a[1]<=>$b[1]) ||
- ($a[2]<=>$b[2]) ||
- ($a[3]<=>$b[3]);
- } elsif ($qs =~ /expire|orgsp|orgdp|exsp|exdp/) {
- $entries{$a}->{$qs} <=> $entries{$b}->{$qs};
- } else {
- $entries{$a}->{$qs} cmp $entries{$b}->{$qs};
- }
-}
-
-1;
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-require '/var/ipfire/connscheduler/lib.pl';
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my $buttontext = $Lang::tr{'add'};
-my $hiddenvalue = 'add';
-my $day;
-my $hour;
-my $minute;
-my %temppppsettings=();
-my @profilenames=();
-
-
-#
-# defaults for settings
-#
-my $selected_hour = '00';
-my $selected_minute = '00';
-my $checked_connect = "checked='checked'";
-my $checked_profile = '';
-my %selected = ();
-$selected{'reconnect'} = '';
-$selected{'dial'} = '';
-$selected{'hangup'} = '';
-$selected{'reboot'} = '';
-$selected{'shutdown'} = '';
-$selected{'ipsecstart'} = '';
-$selected{'ipsecstop'} = '';
-my $selected_profile = 1;
-my $checked_days = "checked='checked'";
-my $selected_daystart = 1;
-my $selected_dayend = 31;
-my $checked_weekdays = '';
-my $checked_mon = "checked='checked'";
-my $checked_tue = "checked='checked'";
-my $checked_wed = "checked='checked'";
-my $checked_thu = "checked='checked'";
-my $checked_fri = "checked='checked'";
-my $checked_sat = "checked='checked'";
-my $checked_sun = "checked='checked'";
-my $comment = '';
-
-my %cgiparams = ();
-
-$cgiparams{'ACTION'} = ''; # add/edit/update/remove/wakeup
-$cgiparams{'ACTION_ACTION'} = ''; # CONNECT/PROFILE
-$cgiparams{'ACTION_CONNECT'} = ''; # connect/disconnect/reconnect
-$cgiparams{'ACTION_PROFILENR'} = 0;
-$cgiparams{'ACTION_HOUR'} = '';
-$cgiparams{'ACTION_MINUTE'} = '';
-$cgiparams{'ACTION_DAYSTYPE'} = '';
-$cgiparams{'ACTION_DAYSTART'} = 1;
-$cgiparams{'ACTION_DAYEND'} = 31;
-$cgiparams{'Mon'} = '';
-$cgiparams{'Tue'} = '';
-$cgiparams{'Wed'} = '';
-$cgiparams{'Thu'} = '';
-$cgiparams{'Fri'} = '';
-$cgiparams{'Sat'} = '';
-$cgiparams{'Sun'} = '';
-$cgiparams{'ACTION_COMMENT'} = '';
-
-&Header::getcgihash(\%cgiparams);
-
-
-# read the profile names
-my $i=0;
-for ($i = 1; $i <= $CONNSCHED::maxprofiles; $i++)
-{
- %temppppsettings = ();
- $temppppsettings{'PROFILENAME'} = $Lang::tr{'empty'};
- &General::readhash("${General::swroot}/ppp/settings-$i", \%temppppsettings);
- $profilenames[$i] = $temppppsettings{'PROFILENAME'};
-}
-
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'connscheduler'}, 1, '');
-&Header::openbigbox('100%', 'left', '', '');
-
-
-# Found this usefull piece of code in BlockOutTraffic AddOn 8-)
-# fwrules.cgi
-###############
-# DEBUG DEBUG
-#&Header::openbox('100%', 'left', 'DEBUG');
-#my $debugCount = 0;
-#foreach my $line (sort keys %cgiparams) {
-# print "$line = $cgiparams{$line}<br />\n";
-# $debugCount++;
-#}
-#print " Count: $debugCount\n";
-#&Header::closebox();
-# DEBUG DEBUG
-###############
-
-
-if ( $cgiparams{'ACTION'} eq 'toggle' )
-{
- if ( $CONNSCHED::config[$cgiparams{'ID'}]{'ACTIVE'} eq 'on' )
- {
- $CONNSCHED::config[$cgiparams{'ID'}]{'ACTIVE'} = 'off';
- }
- else
- {
- $CONNSCHED::config[$cgiparams{'ID'}]{'ACTIVE'} = 'on';
- }
-
- &CONNSCHED::WriteConfig;
-}
-
-if ( ($cgiparams{'ACTION'} eq 'add') || ($cgiparams{'ACTION'} eq 'update') )
-{
- my $l_action = $cgiparams{'ACTION_CONNECT'};
- my $l_profilenr = '';
- my $l_days = '';
- my $l_weekdays = '';
-
- if ( $cgiparams{'ACTION'} eq 'add' )
- {
- $i = $#CONNSCHED::config + 1;
- $CONNSCHED::config[$i]{'ACTIVE'} = 'on';
- }
- else
- {
- $i = $cgiparams{'UPDATE_ID'};
- }
-
- if ( $cgiparams{'ACTION_ACTION'} eq 'PROFILE')
- {
- $l_action = 'select profile';
- $l_profilenr = $cgiparams{'ACTION_PROFILENR'};
- }
-
- if ( $cgiparams{'ACTION_DAYSTYPE'} eq 'WEEKDAYS' )
- {
- if ( $cgiparams{'Mon'} eq 'on' ) { $l_weekdays .= 'Mon '; }
- if ( $cgiparams{'Tue'} eq 'on' ) { $l_weekdays .= 'Tue '; }
- if ( $cgiparams{'Wed'} eq 'on' ) { $l_weekdays .= 'Wed '; }
- if ( $cgiparams{'Thu'} eq 'on' ) { $l_weekdays .= 'Thu '; }
- if ( $cgiparams{'Fri'} eq 'on' ) { $l_weekdays .= 'Fri '; }
- if ( $cgiparams{'Sat'} eq 'on' ) { $l_weekdays .= 'Sat '; }
- if ( $cgiparams{'Sun'} eq 'on' ) { $l_weekdays .= 'Sun '; }
- }
- else
- {
- $l_days = "$cgiparams{'ACTION_DAYSTART'} - $cgiparams{'ACTION_DAYEND'}";
- }
-
- $CONNSCHED::config[$i]{'ACTION'} = $l_action;
- $CONNSCHED::config[$i]{'PROFILENR'} = $l_profilenr;
- $CONNSCHED::config[$i]{'TIME'} = "$cgiparams{'ACTION_HOUR'}:$cgiparams{'ACTION_MINUTE'}";
- $CONNSCHED::config[$i]{'DAYSTYPE'} = lc($cgiparams{'ACTION_DAYSTYPE'});
- $CONNSCHED::config[$i]{'DAYS'} = $l_days;
- $CONNSCHED::config[$i]{'WEEKDAYS'} = $l_weekdays;
- $CONNSCHED::config[$i]{'COMMENT'} = &Header::cleanhtml($cgiparams{'ACTION_COMMENT'});
-
- &CONNSCHED::WriteConfig;
-}
-
-if ( $cgiparams{'ACTION'} eq 'edit' )
-{
- $i = $cgiparams{'ID'};
-
- $selected_hour = substr($CONNSCHED::config[$i]{'TIME'},0,2);
- $selected_minute = substr($CONNSCHED::config[$i]{'TIME'},3,2);
-
- if ( $CONNSCHED::config[$i]{'ACTION'} eq 'select profile' )
- {
- $checked_connect = '';
- $checked_profile = "checked='checked'";
- $selected_profile = $CONNSCHED::config[$i]{'PROFILENR'};
- }
- else
- {
- $selected{"$CONNSCHED::config[$i]{'ACTION'}"} = "selected='selected'";
- }
-
- if ( $CONNSCHED::config[$i]{'DAYSTYPE'} eq 'days' )
- {
- my @temp = split(/-/,$CONNSCHED::config[$i]{'DAYS'},2);
-
- $selected_daystart = substr($temp[0], 0, -1);
- $selected_dayend = substr($temp[1], 1);
- }
- else
- {
- my $wd = $CONNSCHED::config[$i]{'WEEKDAYS'};
- $checked_mon = '' if ( index($wd, 'Mon') == -1 ) ;
- $checked_tue = '' if ( index($wd, 'Tue') == -1 ) ;
- $checked_wed = '' if ( index($wd, 'Wed') == -1 ) ;
- $checked_thu = '' if ( index($wd, 'Thu') == -1 ) ;
- $checked_fri = '' if ( index($wd, 'Fri') == -1 ) ;
- $checked_sat = '' if ( index($wd, 'Sat') == -1 ) ;
- $checked_sun = '' if ( index($wd, 'Sun') == -1 ) ;
-
- $checked_days = '';
- $checked_weekdays = "checked='checked'";
- }
-
- $comment = $CONNSCHED::config[$cgiparams{'ID'}]{'COMMENT'};
-
- $buttontext = $Lang::tr{'update'};
- $hiddenvalue = 'update';
-}
-
-if ( $cgiparams{'ACTION'} eq 'remove' )
-{
- # simply set ACTIVE to empty, WriteConfig will handle the gory details
- $CONNSCHED::config[$cgiparams{'ID'}]{'ACTIVE'} = '';
- &CONNSCHED::WriteConfig;
-}
-if ( ($cgiparams{'ACTION'} eq 'down') || ($cgiparams{'ACTION'} eq 'up') )
-{
- my $action = @CONNSCHED::config[$cgiparams{'ID'}];
- my $newpos = 0;
-
- splice(@CONNSCHED::config, $cgiparams{'ID'}, 1);
-
- if ( ($cgiparams{'ACTION'} eq 'down') )
- {
- $newpos = $cgiparams{'ID'} + 1;
- }
- else
- {
- $newpos = $cgiparams{'ID'} - 1;
- }
-
- splice(@CONNSCHED::config, $newpos, 0, $action);
-
- &CONNSCHED::WriteConfig;
-}
-
-
-#
-# Add / Edit Box
-#
-
-&Header::openbox('100%', 'left', $Lang::tr{'ConnSched add action'});
-
-print <<END
-<form method='post' name='addevent' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%' border='0' cellspacing='6' cellpadding='0'>
-<tr>
-<td width='15%' class='base'>$Lang::tr{'ConnSched time'}</td>
-<td><select name='ACTION_HOUR'>
-END
-;
-for ($hour = 0; $hour <= 23; $hour++)
-{
- my $hour00 = $hour < 10 ? "0$hour" : $hour;
- if ( $hour00 eq $selected_hour )
- {
- print "<option value='$hour00' selected='selected'>$hour00</option>";
- }
- else
- {
- print "<option value='$hour00'>$hour00</option>";
- }
-}
-print "</select> : <select name='ACTION_MINUTE'>";
-for ($minute = 0; $minute <= 55; $minute += 5)
-{
- my $minute00 = $minute < 10 ? "0$minute" : $minute;
- if ( $minute00 eq $selected_minute )
- {
- print "<option value='$minute00' selected='selected'>$minute00</option>";
- }
- else
- {
- print "<option value='$minute00'>$minute00</option>";
- }
-}
-
-print <<END
-</select></td></tr>
-<tr><td colspan='2'><hr /></td></tr>
-<tr><td width='15%' class='base'>$Lang::tr{'ConnSched action'}</td><td>
-<input type='radio' value='CONNECT' name='ACTION_ACTION' $checked_connect /> <select name='ACTION_CONNECT'>
-<option value='reconnect' $selected{'reconnect'}>$Lang::tr{'ConnSched reconnect'}</option>
-<option value='dial' $selected{'dial'}>$Lang::tr{'dial'}</option>
-<option value='hangup' $selected{'hangup'}>$Lang::tr{'hangup'}</option>
-<option value='reboot' $selected{'reboot'}>$Lang::tr{'reboot'}</option>
-<option value='shutdown' $selected{'shutdown'}>$Lang::tr{'shutdown'}</option>
-<option value='ipsecstart' $selected{'ipsecstart'}>$Lang::tr{'ConnSched ipsecstart'}</option>
-<option value='ipsecstop' $selected{'ipsecstop'}>$Lang::tr{'ConnSched ipsecstop'}</option>
-</select></td></tr>
-<tr><td width='15%' class='base'> </td>
-<td><input type='radio' value='PROFILE' name='ACTION_ACTION' $checked_profile /> $Lang::tr{'ConnSched change profile title'} <select name='ACTION_PROFILENR'>
-END
-;
-for ($i = 1; $i <= $CONNSCHED::maxprofiles; $i++)
-{
- if ( $i == $selected_profile )
- {
- print "<option value='$i' selected='selected'>$i. $profilenames[$i]</option>";
- }
- else
- {
- print "<option value='$i'>$i. $profilenames[$i]</option>";
- }
-}
-print <<END
-</select></td></tr>
-<tr><td colspan='2'><hr /></td></tr>
-<tr><td width='15%' class='base'>$Lang::tr{'ConnSched days'}</td>
-<td><input type='radio' value='DAYS' name='ACTION_DAYSTYPE' $checked_days /> <select name='ACTION_DAYSTART'>
-END
-;
-for ($day = 1; $day <= 31; $day++)
-{
- if ( $day == $selected_daystart )
- {
- print "<option value='$day' selected='selected'>$day</option>";
- }
- else
- {
- print "<option value='$day'>$day</option>";
- }
-}
-print "</select> - <select name='ACTION_DAYEND'>";
-for ($day = 1; $day <= 31; $day++)
-{
- if ( $day == $selected_dayend )
- {
- print "<option value='$day' selected='selected'>$day</option>";
- }
- else
- {
- print "<option value='$day'>$day</option>";
- }
-}
-
-print <<END
-</select></td></tr>
-<tr><td width='15%' class='base'> </td><td><input type='radio' value='WEEKDAYS' name='ACTION_DAYSTYPE' $checked_weekdays /> $Lang::tr{'ConnSched weekdays'}<br />
- <input type='checkbox' name='Mon' $checked_mon />$Lang::tr{'monday'}<br />
- <input type='checkbox' name='Tue' $checked_tue />$Lang::tr{'tuesday'}<br />
- <input type='checkbox' name='Wed' $checked_wed />$Lang::tr{'wednesday'}<br />
- <input type='checkbox' name='Thu' $checked_thu />$Lang::tr{'thursday'}<br />
- <input type='checkbox' name='Fri' $checked_fri />$Lang::tr{'friday'}<br />
- <input type='checkbox' name='Sat' $checked_sat />$Lang::tr{'saturday'}<br />
- <input type='checkbox' name='Sun' $checked_sun />$Lang::tr{'sunday'}
-</td></tr>
-<tr><td colspan='2'><hr /></td></tr>
-<tr><td width='15%' class='base'>$Lang::tr{'remark title'} <img src='/blob.gif' alt='*' /></td>
-<td><input type='text' name='ACTION_COMMENT' size='40' value='$comment' /></td></tr></table>
-<hr />
-<table width='100%'><tr>
- <td class='base' valign='top'><img src='/blob.gif' alt='*' /></td>
- <td width='55%' class='base'>$Lang::tr{'this field may be blank'}</td>
- <td width='40%' align='center'><input type='submit' name='SUBMIT' value='$buttontext' />
- <input type='hidden' name='ACTION' value='$hiddenvalue' /></td>
- <input type='hidden' name='UPDATE_ID' value='$cgiparams{'ID'}' /></td>
-</tr></table>
-</form>
-
-END
-;
-
-&Header::closebox();
-
-#
-# Box with List of events
-#
-
-&Header::openbox('100%', 'left', $Lang::tr{'ConnSched scheduled actions'});
-print <<END
-<table width='100%' border='0' cellspacing='1' cellpadding='0'>
-<tr>
-<td align='center' width='10%'><b>$Lang::tr{'time'}</b></td>
-<td width='15%'> </td>
-<td align='center' width='60%'><b>$Lang::tr{'remark'}</b></td>
-<td align='center' colspan='5' width='5%'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-
-for my $id ( 0 .. $#CONNSCHED::config )
-{
- my $trcolor;
-
- if ( ($cgiparams{'ACTION'} eq 'edit') && ($id == $cgiparams{'ID'}) )
- {
- $trcolor = "<tr bgcolor='${Header::colouryellow}'>";
- }
- elsif ( $id % 2 )
- {
- $trcolor = "<tr bgcolor='$color{'color20'}'>";
- }
- else
- {
- $trcolor = "<tr bgcolor='$color{'color22'}'>";
- }
-
-print <<END
-$trcolor
-<td align='center'>$CONNSCHED::config[$id]{'TIME'}</td>
-<td>$Lang::tr{"ConnSched $CONNSCHED::config[$id]{'ACTION'}"} $CONNSCHED::config[$id]{'PROFILENR'}</td>
-<td>$CONNSCHED::config[$id]{'COMMENT'}</td>
-<td align='center'>
- <form method='post' name='frm$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='toggle' />
- <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$CONNSCHED::config[$id]{'ACTIVE'}.gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' />
- <input type='hidden' name='ID' value='$id' />
- </form>
-</td>
-<td align='center'>
- <form method='post' name='frm$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='edit' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
- <input type='hidden' name='ID' value='$id' />
- </form>
-</td>
-<td align='center'>
- <form method='post' name='frm$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='remove' />
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
- <input type='hidden' name='ID' value='$id' />
- </form>
-</td>
-<td align='center'>
- <form method='post' name='frm$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='up' />
- <input type='image' name='$Lang::tr{'ConnSched up'}' src='/images/up.gif' alt='$Lang::tr{'ConnSched up'}' title='$Lang::tr{'ConnSched up'}' />
- <input type='hidden' name='ID' value='$id' />
- </form>
-</td>
-<td align='center'>
- <form method='post' name='frm$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='down' />
- <input type='image' name='$Lang::tr{'ConnSched down'}' src='/images/down.gif' alt='$Lang::tr{'ConnSched down'}' title='$Lang::tr{'ConnSched down'}' />
- <input type='hidden' name='ID' value='$id' />
- </form>
-</td>
-</tr>
-$trcolor
-<td> </td>
-<td colspan='7'>$CONNSCHED::config[$id]{'DAYS'}$CONNSCHED::config[$id]{'WEEKDAYS_PR'} </td>
-</tr>
-END
-;
-}
-
-print <<END
-</table>
-<br />
-<hr />
-END
-;
-
-
-&Header::closebox();
-
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-use Locale::Country;
-
-my $flagdir = '/home/httpd/html/images/flags';
-my $lines = '1';
-my $lines2 = '';
-my @flaglist=();
-my @flaglistfiles=();
-my $flag = '';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-&Header::showhttpheaders();
-
-&Header::openpage('Country Codes', 1, '');
-&Header::openbigbox('100%', 'LEFT');
-
-&Header::openbox('100%', 'LEFT', 'Flags & Country Codes:');
-print "<TABLE WIDTH='100%'>";
-print "<tr><td width='5%'><b>Flag</b></td>";
-print "<td width='5%'><b>Code</b></td>";
-print "<td width='40%'><b>Country</b></td>";
-print "<td><b> </b></td>";
-print "<td width='5%'><b>Flag</b></td>";
-print "<td width='5%'><b>Code</b></td>";
-print "<td width='40%'><b>Country</b></td></tr>";
-
-@flaglist = <$flagdir/*>;
-
-undef @flaglistfiles;
-
-foreach (@flaglist)
-{
- if (!-d) { push(@flaglistfiles,substr($_,rindex($_,"/")+1)); }
-}
-
-foreach $flag (@flaglistfiles)
-{
- $lines++;
-
- my $flagcode = uc(substr($flag, 0, 2));
- my $fcode = lc($flagcode);
- my $country = Locale::Country::code2country($fcode);
- if($fcode eq 'eu') { $country = 'Europe'; }
- if($fcode eq 'tp') { $country = 'East Timor'; }
- if($fcode eq 'yu') { $country = 'Yugoslavia'; }
- if ($lines % 2) {
- print "<td><a name='$fcode'/><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$flagcode'</td>";
- print "<td>$flagcode</td>";
- print "<td>$country</td></tr>\n";
- }
- else {
- $lines2++;
- if($lines2 % 2) {
- print "<tr bgcolor='${Header::table1colour}'>";
- } else {
- print "<tr bgcolor='${Header::table2colour}'>";
- }
- print "<td><a name='$fcode'/><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$flagcode'</td>";
- print "<td>$flagcode</td>";
- print "<td>$country</td>";
- #print "<td><img src='/blob.gif' alt='*' /></td>";
- print "<td> </td>";
- }
-}
-
-
-print "</TABLE>";
-&Header::closebox();
-
-&Header::closebigbox();
-
-print <<END
-<div align='center'>
-<table width='80%'>
-<tr>
-<td align='center'><a href='$ENV{'HTTP_REFERER'}'>$Lang::tr{'back'}</a></td>
-</tr>
-</table>
-</div>
-END
-;
-
-&Header::closepage();
-
-
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'credits'}, 1, '');
-
-&Header::openbigbox('100%', 'center');
-
-&Header::openbox('100%', 'left', 'Version');
-print "This is IPFire Build ".`cat /var/ipfire/firebuild`." and tagged as ".`cat /opt/pakfire/etc/pakfire.conf | grep "version =" | cut -d\\" -f2`;
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'credits'});
-
-print <<END
-<br /><center><b><a href='http://www.ipfire.org/'>http://www.ipfire.org/</a></b></center>
-<br />
-<p>
- <b>IPFire is based on IPCop and Smoothwall. Many thanks to its developers.</b><br />
- <b>We want to say thank you to all of the developers who ever contributed anything to IPFire.</b>
-</p>
-
-<p><b>Development:</b><br />
-
-Project Leader - Michael Tremer
-(<a href='mailto:mitch\@ipfire.org'>mitch\@ipfire.org</a>)<br />
-Vice Project Leader - Christian Schmidt
-(<a href='mailto:maniacikarus\@ipfire.org'>maniacikarus\@ipfire.org</a>)<br />
-Developer - Heiner Schmeling
-(<a href='mailto:cm\@ipfire.org'>cm\@ipfire.org</a>)<br />
-Developer - Sven Nierlein
-(<a href='mailto:affect\@ipfire.org'>affect\@versatel.de</a>)<br />
-Developer - Arne Fitzenreiter
-(<a href='mailto:arne\@ipfire.org'>arne\@ipfire.org</a>)<br />
-Sponsor - Detlef Lampart
-(<a href='mailto:delaco\@ipfire.org'>delaco\@ipfire.org</a>)<br />
-Developer & Security Manager - Rene Zingel
-(<a href='mailto:linuxadmin\@ipfire.org'>linuxadmin\@ipfire.org</a>)<br />
-Supporter - Silvio Rechenbach
-(<a href='mailto:exciter\@ipfire.org'>exciter\@ipfire.org</a>)<br />
-Sponsor - Karsten Rechenbach
-(<a href='mailto:space\@ipfire.org'>space\@ipfire.org</a>)<br />
-Tester - Ronald Wiesinger
-(<a href='mailto:rowie\@ipfire.org'>rowie\@ipfire.org</a>)<br />
-</p>
-<p>Some parts of the distribution are left ajar on third-party software, that is licensed under the GPL, too.<br />
-There are: Advanced Proxy with URL-Filter and Update-Accelerator, ZERINA, Connection Scheduler, mbmon-Graphs, Hddtemp and Wake-on-LAN.<br />
-Distributed by Marco Sondermann, Ufuk Altinkaynak, Thomas Eichstaedt and Olaf Westrik.</p>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'left', 'General Public License v3');
-print <<END;
-<pre>
- GNU GENERAL PUBLIC LICENSE
- Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
- Preamble
-
- The GNU General Public License is a free, copyleft license for
-software and other kinds of works.
-
- The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works. By contrast,
-the GNU General Public License is intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users. We, the Free Software Foundation, use the
-GNU General Public License for most of our software; it applies also to
-any other work released this way by its authors. You can apply it to
-your programs, too.
-
- When we speak of free software, we are referring to freedom, not
-price. Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
- To protect your rights, we need to prevent others from denying you
-these rights or asking you to surrender the rights. Therefore, you have
-certain responsibilities if you distribute copies of the software, or if
-you modify it: responsibilities to respect the freedom of others.
-
- For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must pass on to the recipients the same
-freedoms that you received. You must make sure that they, too, receive
-or can get the source code. And you must show them these terms so they
-know their rights.
-
- Developers that use the GNU GPL protect your rights with two steps:
-(1) assert copyright on the software, and (2) offer you this License
-giving you legal permission to copy, distribute and/or modify it.
-
- For the developers' and authors' protection, the GPL clearly explains
-that there is no warranty for this free software. For both users' and
-authors' sake, the GPL requires that modified versions be marked as
-changed, so that their problems will not be attributed erroneously to
-authors of previous versions.
-
- Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the manufacturer
-can do so. This is fundamentally incompatible with the aim of
-protecting users' freedom to change the software. The systematic
-pattern of such abuse occurs in the area of products for individuals to
-use, which is precisely where it is most unacceptable. Therefore, we
-have designed this version of the GPL to prohibit the practice for those
-products. If such problems arise substantially in other domains, we
-stand ready to extend this provision to those domains in future versions
-of the GPL, as needed to protect the freedom of users.
-
- Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish to
-avoid the special danger that patents applied to a free program could
-make it effectively proprietary. To prevent this, the GPL assures that
-patents cannot be used to render the program non-free.
-
- The precise terms and conditions for copying, distribution and
-modification follow.
-
- TERMS AND CONDITIONS
-
- 0. Definitions.
-
- "This License" refers to version 3 of the GNU General Public License.
-
- "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
- "The Program" refers to any copyrightable work licensed under this
-License. Each licensee is addressed as "you". "Licensees" and
-"recipients" may be individuals or organizations.
-
- To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy. The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
- A "covered work" means either the unmodified Program or a work based
-on the Program.
-
- To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy. Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
- To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies. Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
- An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License. If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
- 1. Source Code.
-
- The "source code" for a work means the preferred form of the work
-for making modifications to it. "Object code" means any non-source
-form of a work.
-
- A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
- The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form. A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
- The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities. However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work. For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
- The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
- The Corresponding Source for a work in source code form is that
-same work.
-
- 2. Basic Permissions.
-
- All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met. This License explicitly affirms your unlimited
-permission to run the unmodified Program. The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work. This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
- You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force. You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright. Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
- Conveying under any other circumstances is permitted solely under
-the conditions stated below. Sublicensing is not allowed; section 10
-makes it unnecessary.
-
- 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
- No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
- When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
- 4. Conveying Verbatim Copies.
-
- You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
- You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
- 5. Conveying Modified Source Versions.
-
- You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
- a) The work must carry prominent notices stating that you modified
- it, and giving a relevant date.
-
- b) The work must carry prominent notices stating that it is
- released under this License and any conditions added under section
- 7. This requirement modifies the requirement in section 4 to
- "keep intact all notices".
-
- c) You must license the entire work, as a whole, under this
- License to anyone who comes into possession of a copy. This
- License will therefore apply, along with any applicable section 7
- additional terms, to the whole of the work, and all its parts,
- regardless of how they are packaged. This License gives no
- permission to license the work in any other way, but it does not
- invalidate such permission if you have separately received it.
-
- d) If the work has interactive user interfaces, each must display
- Appropriate Legal Notices; however, if the Program has interactive
- interfaces that do not display Appropriate Legal Notices, your
- work need not make them do so.
-
- A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit. Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
- 6. Conveying Non-Source Forms.
-
- You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
- a) Convey the object code in, or embodied in, a physical product
- (including a physical distribution medium), accompanied by the
- Corresponding Source fixed on a durable physical medium
- customarily used for software interchange.
-
- b) Convey the object code in, or embodied in, a physical product
- (including a physical distribution medium), accompanied by a
- written offer, valid for at least three years and valid for as
- long as you offer spare parts or customer support for that product
- model, to give anyone who possesses the object code either (1) a
- copy of the Corresponding Source for all the software in the
- product that is covered by this License, on a durable physical
- medium customarily used for software interchange, for a price no
- more than your reasonable cost of physically performing this
- conveying of source, or (2) access to copy the
- Corresponding Source from a network server at no charge.
-
- c) Convey individual copies of the object code with a copy of the
- written offer to provide the Corresponding Source. This
- alternative is allowed only occasionally and noncommercially, and
- only if you received the object code with such an offer, in accord
- with subsection 6b.
-
- d) Convey the object code by offering access from a designated
- place (gratis or for a charge), and offer equivalent access to the
- Corresponding Source in the same way through the same place at no
- further charge. You need not require recipients to copy the
- Corresponding Source along with the object code. If the place to
- copy the object code is a network server, the Corresponding Source
- may be on a different server (operated by you or a third party)
- that supports equivalent copying facilities, provided you maintain
- clear directions next to the object code saying where to find the
- Corresponding Source. Regardless of what server hosts the
- Corresponding Source, you remain obligated to ensure that it is
- available for as long as needed to satisfy these requirements.
-
- e) Convey the object code using peer-to-peer transmission, provided
- you inform other peers where the object code and Corresponding
- Source of the work are being offered to the general public at no
- charge under subsection 6d.
-
- A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
- A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling. In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage. For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product. A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
- "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source. The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
- If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information. But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
- The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed. Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
- Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
- 7. Additional Terms.
-
- "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law. If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
- When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it. (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.) You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
- Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
- a) Disclaiming warranty or limiting liability differently from the
- terms of sections 15 and 16 of this License; or
-
- b) Requiring preservation of specified reasonable legal notices or
- author attributions in that material or in the Appropriate Legal
- Notices displayed by works containing it; or
-
- c) Prohibiting misrepresentation of the origin of that material, or
- requiring that modified versions of such material be marked in
- reasonable ways as different from the original version; or
-
- d) Limiting the use for publicity purposes of names of licensors or
- authors of the material; or
-
- e) Declining to grant rights under trademark law for use of some
- trade names, trademarks, or service marks; or
-
- f) Requiring indemnification of licensors and authors of that
- material by anyone who conveys the material (or modified versions of
- it) with contractual assumptions of liability to the recipient, for
- any liability that these contractual assumptions directly impose on
- those licensors and authors.
-
- All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10. If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term. If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
- If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
- Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
- 8. Termination.
-
- You may not propagate or modify a covered work except as expressly
-provided under this License. Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
- However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
- Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
- Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License. If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
- 9. Acceptance Not Required for Having Copies.
-
- You are not required to accept this License in order to receive or
-run a copy of the Program. Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance. However,
-nothing other than this License grants you permission to propagate or
-modify any covered work. These actions infringe copyright if you do
-not accept this License. Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
- 10. Automatic Licensing of Downstream Recipients.
-
- Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License. You are not responsible
-for enforcing compliance by third parties with this License.
-
- An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations. If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
- You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License. For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
- 11. Patents.
-
- A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based. The
-work thus licensed is called the contributor's "contributor version".
-
- A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version. For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
- Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
- In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement). To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
- If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients. "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
- If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
- A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License. You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
- Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
- 12. No Surrender of Others' Freedom.
-
- If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all. For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
- 13. Use with the GNU Affero General Public License.
-
- Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
-combined work, and to convey the resulting work. The terms of this
-License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
-section 13, concerning interaction through a network will apply to the
-combination as such.
-
- 14. Revised Versions of this License.
-
- The Free Software Foundation may publish revised and/or new versions of
-the GNU General Public License from time to time. Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
- Each version is given a distinguishing version number. If the
-Program specifies that a certain numbered version of the GNU General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation. If the Program does not specify a version number of the
-GNU General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
- If the Program specifies that a proxy can decide which future
-versions of the GNU General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
- Later license versions may give you additional or different
-permissions. However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
- 15. Disclaimer of Warranty.
-
- THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
- 16. Limitation of Liability.
-
- IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
- 17. Interpretation of Sections 15 and 16.
-
- If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
- END OF TERMS AND CONDITIONS
-
- How to Apply These Terms to Your New Programs
-
- If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
- To do so, attach the following notices to the program. It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
- <one line to give the program's name and a brief idea of what it does.>
- Copyright (C) <year> <name of author>
-
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation, either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-Also add information on how to contact you by electronic and paper mail.
-
- If the program does terminal interaction, make it output a short
-notice like this when it starts in an interactive mode:
-
- <program> Copyright (C) <year> <name of author>
- This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
- This is free software, and you are welcome to redistribute it
- under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License. Of course, your program's commands
-might be different; for a GUI interface, you would use an "about box".
-
- You should also get your employer (if you work as a programmer) or school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
-<http://www.gnu.org/licenses/>.
-
- The GNU General Public License does not permit incorporating your program
-into proprietary programs. If your program is a subroutine library, you
-may consider it more useful to permit linking proprietary applications with
-the library. If this is what you want to do, use the GNU Lesser General
-Public License instead of this License. But first, please read
-<http://www.gnu.org/philosophy/why-not-lgpl.html>.
-
-</pre>
-END
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table2colour}, ${Header::colouryellow} );
-undef (@dummy);
-
-my $ddnsprefix = $Lang::tr{'ddns noip prefix'};
-$ddnsprefix =~ s/%/$General::noipprefix/;
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-# Files used
-my $setting = "${General::swroot}/ddns/settings";
-our $datafile = "${General::swroot}/ddns/config";
-
-my %settings=();
-#Settings1
-$settings{'BEHINDROUTER'} = 'RED_IP';
-$settings{'MINIMIZEUPDATES'} = '';
-
-#Settings2 for editing the multi-line list
-#Must not be saved !
-$settings{'HOSTNAME'} = '';
-$settings{'DOMAIN'} = '';
-$settings{'LOGIN'} = '';
-$settings{'PASSWORD'} = '';
-$settings{'PASSWORD2'} = '';
-$settings{'ENABLED'} = '';
-$settings{'PROXY'} = '';
-$settings{'WILDCARDS'} = '';
-$settings{'SERVICE'} = '';
-
-my @nosaved=('HOSTNAME','DOMAIN','LOGIN','PASSWORD','PASSWORD2',
- 'ENABLED','PROXY','WILDCARDS','SERVICE'); # List here ALL setting2 fields. Mandatory
-
-$settings{'ACTION'} = ''; # add/edit/remove
-$settings{'KEY1'} = ''; # point record for ACTION
-$settings{'KEY2'} = ''; # point record for ACTION
-
-my $errormessage = '';
-my $warnmessage = '';
-
-&Header::showhttpheaders();
-
-#Get GUI values
-&Header::getcgihash(\%settings);
-
-# Load multiline data
-our @current = ();
-if (open(FILE, "$datafile")) {
- @current = <FILE>;
- close (FILE);
-}
-
-#
-# Check Settings1 first because they are needed before working on @current
-#
-if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
- # No user input to check. !
- #unless ($errormessage) { # Everything is ok, save settings
- $settings{'BEHINDROUTERWAITLOOP'} = '-1'; # init & will update on next setddns.pl call
- map (delete ($settings{$_}) ,(@nosaved,'ACTION','KEY1','KEY2'));# Must never be saved
- &General::writehash($setting, \%settings); # Save good settings
- $settings{'ACTION'} = $Lang::tr{'save'}; # Recreate 'ACTION'
- map ($settings{$_}= '',(@nosaved,'KEY1','KEY2')); # and reinit var to empty
- #}
-} else {
- &General::readhash($setting, \%settings); # Get saved settings and reset to good if needed
-}
-
-#
-# Now manipulate the multi-line list with Settings2
-#
-# Toggle enable/disable field. Field is in second position
-if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
- #move out new line
- chomp(@current[$settings{'KEY1'}]);
- my @temp = split(/\,/,@current[$settings{'KEY1'}]);
- my $K2=$settings{'KEY2'};
- $temp[ $K2 ] = ( $temp[ $K2 ] eq 'on') ? '' : 'on'; # Toggle the field
- @current[$settings{'KEY1'}] = join (',',@temp)."\n";
- $settings{'KEY1'} = ''; # End edit mode
- &General::log($Lang::tr{'ddns hostname modified'});
-
- # Write changes to config file.
- &WriteDataFile; # sort newly added/modified entry
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
- # Validate inputs
-
- unless ($settings{'LOGIN'} ne '') {
- $errormessage = $Lang::tr{'username not set'};
- }
-
- # list box returns 'service optional synonyms'
- # keep only first name
- $settings{'SERVICE'} =~ s/ .*$//;
-
- # for freedns.afraid.org, only 'connect string' is mandatory
- if ($settings{'SERVICE'} ne 'freedns.afraid.org') {
- unless ($settings{'SERVICE'} eq 'regfish.com' || $settings{'PASSWORD'} ne '') {
- $errormessage = $Lang::tr{'password not set'};
- }
- unless ($settings{'PASSWORD'} eq $settings{'PASSWORD2'}) {
- $errormessage = $Lang::tr{'passwords do not match'};
- }
-
- # Permit an empty HOSTNAME for the nsupdate, regfish, dyndns, enom, ovh, zoneedit, no-ip, easydns
- unless ($settings{'SERVICE'} eq 'zoneedit.com' || $settings{'SERVICE'} eq 'nsupdate' ||
- $settings{'SERVICE'} eq 'dyndns-custom'|| $settings{'SERVICE'} eq 'regfish.com' ||
- $settings{'SERVICE'} eq 'enom.com' || $settings{'SERVICE'} eq 'dnspark.com' ||
- $settings{'SERVICE'} eq 'ovh.com' || $settings{'HOSTNAME'} ne '' ||
- $settings{'SERVICE'} eq 'no-ip.com' || $settings{'SERVICE'} eq 'easydns.com' ) {
- $errormessage = $Lang::tr{'hostname not set'};
- }
- unless ($settings{'HOSTNAME'} eq '' || $settings{'HOSTNAME'} =~ /^[a-zA-Z_0-9-]+$/) {
- $errormessage = $Lang::tr{'invalid hostname'};
- }
- unless ($settings{'DOMAIN'} ne '') {
- $errormessage = $Lang::tr{'domain not set'};
- }
- unless ($settings{'DOMAIN'} =~ /^[a-zA-Z_0-9.-]+$/) {
- $errormessage = $Lang::tr{'invalid domain name'};
- }
- unless ($settings{'DOMAIN'} =~ /[.]/) {
- $errormessage = $Lang::tr{'invalid domain name'};
- }
- }
-
- # recheck service wich don't need too much fields
- if ($settings{'SERVICE'} eq 'cjb.net') {
- $errormessage = ''; # clear previous error
- unless ($settings{'LOGIN'} ne '') {
- $errormessage = $Lang::tr{'username not set'};
- }
- unless ($settings{'PASSWORD'} ne '') {
- $errormessage = $Lang::tr{'password not set'};
- }
- unless ($settings{'PASSWORD'} eq $settings{'PASSWORD2'}) {
- $errormessage = $Lang::tr{'passwords do not match'};
- }
- }
-
- unless ($errormessage) {
- if ($settings{'KEY1'} eq '') { #add or edit ?
- unshift (@current, "$settings{'SERVICE'},$settings{'HOSTNAME'},$settings{'DOMAIN'},$settings{'PROXY'},$settings{'WILDCARDS'},$settings{'LOGIN'},$settings{'PASSWORD'},$settings{'ENABLED'}\n");
- &General::log($Lang::tr{'ddns hostname added'});
- } else {
- @current[$settings{'KEY1'}] = "$settings{'SERVICE'},$settings{'HOSTNAME'},$settings{'DOMAIN'},$settings{'PROXY'},$settings{'WILDCARDS'},$settings{'LOGIN'},$settings{'PASSWORD'},$settings{'ENABLED'}\n";
- $settings{'KEY1'} = ''; # End edit mode
- &General::log($Lang::tr{'ddns hostname modified'});
- }
- map ($settings{$_}='' ,@nosaved); # Clear fields
- # Write changes to config file.
- &WriteDataFile; # sort newly added/modified entry
- }
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
- #move out new line
- my $line = @current[$settings{'KEY1'}]; # KEY1 is the index in current
- chomp($line);
- my @temp = split(/\,/, $line);
- $settings{'SERVICE'} = $temp[0];
- $settings{'HOSTNAME'} = $temp[1];
- $settings{'DOMAIN'} = $temp[2];
- $settings{'PROXY'} = $temp[3];
- $settings{'WILDCARDS'} = $temp[4];
- $settings{'LOGIN'} = $temp[5];
- $settings{'PASSWORD'} = $settings{'PASSWORD2'} = $temp[6];
- $settings{'ENABLED'} = $temp[7];
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'remove'}) {
- splice (@current,$settings{'KEY1'},1); # Delete line
- open(FILE, ">$datafile") or die 'ddns datafile error';
- print FILE @current;
- close(FILE);
- $settings{'KEY1'} = ''; # End remove mode
- &General::log($Lang::tr{'ddns hostname removed'});
- # Write changes to config file.
- &WriteDataFile;
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'instant update'}) {
- system('/usr/local/bin/setddns.pl', '-f');
-}
-
-
-if ($settings{'ACTION'} eq '')
-{
- $settings{'SERVICE'} = 'dyndns.org';
- $settings{'ENABLED'} = 'on';
-}
-
-&Header::openpage($Lang::tr{'dynamic dns'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-my %checked =(); # Checkbox manipulations
-$checked{'SERVICE'}{'cjb.net'} = '';
-$checked{'SERVICE'}{'dhs.org'} = '';
-$checked{'SERVICE'}{'dnspark.com'} = '';
-$checked{'SERVICE'}{'dtdns.com'} = '';
-$checked{'SERVICE'}{'dyndns.org'} = '';
-$checked{'SERVICE'}{'dyndns-custom'} = '';
-$checked{'SERVICE'}{'dyndns-static'} = '';
-$checked{'SERVICE'}{'dyns.cx'} = '';
-$checked{'SERVICE'}{'dynu.ca'} = '';
-$checked{'SERVICE'}{'easydns.com'} = '';
-$checked{'SERVICE'}{'enom.com'} = '';
-$checked{'SERVICE'}{'freedns.afraid.org'} = '';
-$checked{'SERVICE'}{'hn.org'} = '';
-$checked{'SERVICE'}{'no-ip.com'} = '';
-$checked{'SERVICE'}{'nsupdate'} = '';
-$checked{'SERVICE'}{'ovh.com'} = '';
-$checked{'SERVICE'}{'regfish.com'} = '';
-$checked{'SERVICE'}{'selfhost.de'} = '';
-$checked{'SERVICE'}{'tzo.com'} = '';
-$checked{'SERVICE'}{'zoneedit.com'} = '';
-$checked{'SERVICE'}{$settings{'SERVICE'}} = "selected='selected'";
-
-$checked{'BEHINDROUTER'}{'RED_IP'} = '';
-$checked{'BEHINDROUTER'}{'FETCH_IP'} = '';
-$checked{'BEHINDROUTER'}{$settings{'BEHINDROUTER'}} = "checked='checked'";
-$checked{'MINIMIZEUPDATES'} = ($settings{'MINIMIZEUPDATES'} eq '' ) ? '' : "checked='checked'";
-
-$checked{'PROXY'}{'on'} = ($settings{'PROXY'} eq '') ? '' : "checked='checked'";
-$checked{'WILDCARDS'}{'on'} = ($settings{'WILDCARDS'} eq '') ? '' : "checked='checked'";
-$checked{'ENABLED'}{'on'} = ($settings{'ENABLED'} eq '' ) ? '' : "checked='checked'";
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>";
- &Header::closebox();
-}
-
-if ($warnmessage) {
- $warnmessage = "<font color=${Header::colourred}><b>$Lang::tr{'capswarning'}</b></font>: $warnmessage";
-}
-&Header::openbox('100%', 'left', $Lang::tr{'settings'});
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>";
-print <<END
-<table width='100%'>
-<tr>
- <td class='base'>$Lang::tr{'dyn dns source choice'}</td>
-</tr><tr>
- <td class='base'><input type='radio' name='BEHINDROUTER' value='RED_IP' $checked{'BEHINDROUTER'}{'RED_IP'} />
- $Lang::tr{'use ipfire red ip'}</td>
-</tr><tr>
- <td class='base'><input type='radio' name='BEHINDROUTER' value='FETCH_IP' $checked{'BEHINDROUTER'}{'FETCH_IP'} />
- $Lang::tr{'fetch ip from'} <img src='/blob.gif' alt='*' /></td>
-</tr>
-<tr>
- <td class='base'><input type='checkbox' name='MINIMIZEUPDATES' $checked{'MINIMIZEUPDATES'} />
- $Lang::tr{'ddns minimize updates'}</td>
-</tr>
-</table>
-<br /><hr />
-END
-;
-
-print <<END
-<table width='100%'>
-<tr>
- <td class='base' valign='top'><img src='/blob.gif' alt='*' /></td>
- <td width='70%' class='base'>$Lang::tr{'avoid dod'}</td>
- <td width='30%' align='center' class='base'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
-</tr>
-</table>
-</form>
-END
-;
-&Header::closebox(); # end of Settings1
-
-
-my $buttontext = $Lang::tr{'add'};
-if ($settings{'KEY1'} ne '') {
- $buttontext = $Lang::tr{'update'};
- &Header::openbox('100%', 'left', $Lang::tr{'edit an existing host'});
-} else {
- &Header::openbox('100%', 'left', $Lang::tr{'add a host'});
-}
-
-#Edited line number (KEY1) passed until cleared by 'save' or 'remove'
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='KEY1' value='$settings{'KEY1'}' />
-<table width='100%'>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'service'}:</td>
- <td width='25%'><select size='1' name='SERVICE'>
- <option $checked{'SERVICE'}{'cjb.net'}>cjb.net</option>
- <option $checked{'SERVICE'}{'dhs.org'}>dhs.org</option>
- <option $checked{'SERVICE'}{'dnspark.com'}>dnspark.com</option>
- <option $checked{'SERVICE'}{'dtdns.com'}>dtdns.com</option>
- <option $checked{'SERVICE'}{'dyndns.org'}>dyndns.org</option>
- <option $checked{'SERVICE'}{'dyndns-custom'}>dyndns-custom</option>
- <option $checked{'SERVICE'}{'dyndns-static'}>dyndns-static</option>
- <option $checked{'SERVICE'}{'dyns.cx'}>dyns.cx</option>
- <option $checked{'SERVICE'}{'dynu.ca'}>dynu.ca dyn.ee dynserv.(ca|org|net|com)</option>
- <option $checked{'SERVICE'}{'easydns.com'}>easydns.com</option>
- <option $checked{'SERVICE'}{'enom.com'}>enom.com</option>
- <option $checked{'SERVICE'}{'freedns.afraid.org'}>freedns.afraid.org</option>
- <option $checked{'SERVICE'}{'hn.org'}>hn.org</option>
- <option $checked{'SERVICE'}{'no-ip.com'}>no-ip.com</option>
- <option $checked{'SERVICE'}{'nsupdate'}>nsupdate</option>
- <option $checked{'SERVICE'}{'ovh.com'}>ovh.com</option>
- <option $checked{'SERVICE'}{'regfish.com'}>regfish.com</option>
- <option $checked{'SERVICE'}{'selfhost.de'}>selfhost.de</option>
-<!-- <option $checked{'SERVICE'}{'tzo.com'}>tzo.com</option> comment this service out until a working fix is developed -->
- <option $checked{'SERVICE'}{'zoneedit.com'}>zoneedit.com</option>
- </select></td>
- <td width='20%' class='base'>$Lang::tr{'hostname'}: <img src='/blob.gif' alt='*' /></td>
- <td width='30%'><input type='text' name='HOSTNAME' value='$settings{'HOSTNAME'}' /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'behind a proxy'}</td>
- <td><input type='checkbox' name='PROXY' value='on' $checked{'PROXY'}{'on'} /></td>
- <td class='base'>$Lang::tr{'domain'}:</td>
- <td><input type='text' name='DOMAIN' value='$settings{'DOMAIN'}' /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'enable wildcards'}</td>
- <td><input type='checkbox' name='WILDCARDS' value='on' $checked{'WILDCARDS'}{'on'} /></td>
- <td class='base'>$Lang::tr{'username'}</td>
- <td><input type='text' name='LOGIN' value='$settings{'LOGIN'}' /></td>
-</tr><tr>
- <td></td>
- <td></td>
- <td class='base'>$Lang::tr{'password'}</td>
- <td><input type='password' name='PASSWORD' value='$settings{'PASSWORD'}' /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'enabled'}</td>
- <td><input type='checkbox' name='ENABLED' value='on' $checked{'ENABLED'}{'on'} /></td>
- <td class='base'>$Lang::tr{'again'}</td>
- <td><input type='password' name='PASSWORD2' value='$settings{'PASSWORD2'}' /></td>
-</tr>
-</table>
-<hr />
-<table width='100%'>
-<tr>
- <td class='base' valign='top'><img src='/blob.gif' alt='*' /></td>
- <td width='70%' class='base'>$ddnsprefix</td>
-
- <td width='30%' align='center' class='base'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'add'}' />
- <input type='submit' name='SUBMIT' value='$buttontext' /> </td>
-</tr>
-</table>
-</form>
-END
-;
-&Header::closebox();
-
-#
-# Third box shows the list, in columns
-#
-&Header::openbox('100%', 'left', $Lang::tr{'current hosts'});
-print <<END
-<table width='100%'>
-<tr>
- <td width='15%' align='center' class='boldbase'><b>$Lang::tr{'service'}</b></td>
- <td width='25%' align='center' class='boldbase'><b>$Lang::tr{'hostname'}</b></td>
- <td width='30%' align='center' class='boldbase'><b>$Lang::tr{'domain'}</b></td>
- <td width='10%' align='center' class='boldbase'><b>$Lang::tr{'proxy'}</b></td>
- <td width='10%' align='center' class='boldbase'><b>$Lang::tr{'wildcards'}</b></td>
- <td width='10%' colspan='3' class='boldbase' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-my $ip = &General::GetDyndnsRedIP;
-my $key = 0;
-foreach my $line (@current) {
- chomp($line); # remove newline
- my @temp = split(/\,/,$line);
-
- if ($temp[0] eq 'no-ip.com') {
- $temp[1] =~ s!$General::noipprefix(.*)!<b>group:</b>$1 !;
- }
-
- #Choose icon for checkbox
-
- my $gifproxy='';
- my $descproxy='';
- if ($temp[3] eq "on") {
- $gifproxy = 'on.gif';
- $descproxy = $Lang::tr{'click to disable'};
- } else {
- $gifproxy = 'off.gif';
- $descproxy = $Lang::tr{'click to enable'};
- }
-
- my $gifwildcard='';
- my $descwildcard='';
- if ($temp[4] eq "on") {
- $gifwildcard = 'on.gif';
- $descwildcard = $Lang::tr{'click to disable'};
- } else {
- $gifwildcard = 'off.gif';
- $descwildcard = $Lang::tr{'click to enable'};
- }
-
- my $sync = "<font color='blue'>";
- my $gif = '';
- my $gdesc = '';
- if ($temp[7] eq "on") {
- $gif = 'on.gif';
- $gdesc = $Lang::tr{'click to disable'};
- $sync = (&General::DyndnsServiceSync ($ip,$temp[1], $temp[2]) ? "<font color='green'>": "<font color='red'>") ;
- } else {
- $gif = 'off.gif';
- $gdesc = $Lang::tr{'click to enable'};
- }
-
- #Colorize each line
- if ($settings{'KEY1'} eq $key) {
- print "<tr bgcolor='${Header::colouryellow}'>";
- } elsif ($key % 2) {
- print "<tr bgcolor='$color{'color22'}'>";
- } else {
- print "<tr bgcolor='$color{'color20'}'>";
- }
-
- #if a field is empty, replace it with a '---' to see colorized info!
- $temp[1] = '---' if (!$temp[1]);
- $temp[2] = '---' if (!$temp[2]);
-
- print <<END
-<td align='center'><a href='http://$temp[0]'>$temp[0]</a></td>
-<td align='center'>$sync$temp[1]</td>
-<td align='center'>$sync$temp[2]</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gifproxy' alt='$descproxy' title='$descproxy' />
-<input type='hidden' name='KEY1' value='$key' />
-<input type='hidden' name='KEY2' value='3' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gifwildcard' alt='$descwildcard' title='$descwildcard' />
-<input type='hidden' name='KEY1' value='$key' />
-<input type='hidden' name='KEY2' value='4' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' />
-<input type='hidden' name='KEY1' value='$key' />
-<input type='hidden' name='KEY2' value='7' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
-<input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
-<input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-</tr>
-END
-;
- $key++;
-}
-print "</table>";
-
-# If table contains entries, print 'Key to action icons'
-if ($key) {
-print <<END
-<table width='100%'>
-<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}: </b></td>
- <td><img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> </td>
- <td><img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> </td>
- <td><img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> </td>
- <td><img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <td align='center' width='30%'><input type='submit' name='ACTION' value='$Lang::tr{'instant update'}' /></td>
- </form>
-</tr>
-</table>
-END
-;
-}
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-## Ouf it's the end !
-
-
-# write the "current" array
-sub WriteDataFile {
- #Save current
- open(FILE, ">$datafile") or die 'ddns datafile error';
- print FILE @current;
- close (FILE);
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colouryellow} );
-undef (@dummy);
-
-our %dhcpsettings=();
-our %netsettings=();
-my %mainsettings=();
-my %timesettings=();
-my $setting = "${General::swroot}/dhcp/settings";
-our $filename1 = "${General::swroot}/dhcp/advoptions"; # Field separator is TAB in this file (comma is standart)
- # because we need commas in the some data
-our $filename2 = "${General::swroot}/dhcp/fixleases";
-our $filename3 = "${General::swroot}/dhcp/advoptions-list"; # Describe the allowed syntax for dhcp options
-my $errormessage = '';
-my $warnNTPmessage = '';
-my @nosaved=();
-my %color = ();
-
-#Basic syntax allowed for new Option definition. Not implemented: RECORDS & array of RECORDS
-our $OptionTypes = 'boolean|((un)?signed )?integer (8|16|32)|ip-address|text|string|encapsulate \w+|array of ip-address';
-
-&Header::showhttpheaders();
-our @ITFs=('GREEN');
-if (&Header::blue_used()){push(@ITFs,'BLUE');}
-
-#Settings1 for the first screen box
-foreach my $itf (@ITFs) {
- $dhcpsettings{"ENABLE_${itf}"} = 'off';
- $dhcpsettings{"ENABLEBOOTP_${itf}"} = 'off';
- $dhcpsettings{"START_ADDR_${itf}"} = '';
- $dhcpsettings{"END_ADDR_${itf}"} = '';
- $dhcpsettings{"DOMAIN_NAME_${itf}"} = '';
- $dhcpsettings{"DEFAULT_LEASE_TIME_${itf}"} = '';
- $dhcpsettings{"MAX_LEASE_TIME_${itf}"} = '';
- $dhcpsettings{"WINS1_${itf}"} = '';
- $dhcpsettings{"WINS2_${itf}"} = '';
- $dhcpsettings{"DNS1_${itf}"} = '';
- $dhcpsettings{"DNS2_${itf}"} = '';
- $dhcpsettings{"NTP1_${itf}"} = '';
- $dhcpsettings{"NTP2_${itf}"} = '';
- $dhcpsettings{"NEXT_${itf}"} = '';
- $dhcpsettings{"FILE_${itf}"} = '';
-}
-
-$dhcpsettings{'SORT_FLEASELIST'} = 'FIPADDR';
-$dhcpsettings{'SORT_LEASELIST'} = 'IPADDR';
-
-#Settings2 for editing the multi-line list
-#Must not be saved with writehash !
-$dhcpsettings{'FIX_MAC'} = '';
-$dhcpsettings{'FIX_ADDR'} = '';
-$dhcpsettings{'FIX_ENABLED'} = 'off';
-$dhcpsettings{'FIX_NEXTADDR'} = '';
-$dhcpsettings{'FIX_FILENAME'} = '';
-$dhcpsettings{'FIX_ROOTPATH'} = '';
-$dhcpsettings{'FIX_REMARK'} = '';
-$dhcpsettings{'ACTION'} = '';
-$dhcpsettings{'KEY1'} = '';
-$dhcpsettings{'KEY2'} = '';
-@nosaved=('FIX_MAC','FIX_ADDR','FIX_ENABLED','FIX_NEXTADDR',
- 'FIX_FILENAME','FIX_ROOTPATH','FIX_REMARK');
-
-$dhcpsettings{'ADVOPT_ENABLED'} = '';
-$dhcpsettings{'ADVOPT_NAME'} = '';
-$dhcpsettings{'ADVOPT_DATA'} = '';
-unshift (@nosaved,'ADVOPT_ENABLED','ADVOPT_NAME','ADVOPT_DATA');
-foreach my $itf (@ITFs) {
- $dhcpsettings{"ADVOPT_SCOPE_${itf}"} = 'off';
- unshift (@nosaved, "ADVOPT_SCOPE_${itf}");
-}
-
-# Read Ipcop settings
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("${General::swroot}/time/settings", \%timesettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-#Get GUI values
-&Header::getcgihash(\%dhcpsettings);
-
-open(FILE, "$filename1") or die 'Unable to open dhcp advanced options file.';
-our @current1 = <FILE>;
-close(FILE);
-# Extract OptionDefinition
-foreach my $line (@current1) {
- #chomp($line); # remove newline #don't know why, but this remove newline in @current1 .... !
- my @temp = split(/\t/,$line);
- AddNewOptionDefinition ($temp[1] . ' ' . $temp[2]);
-}
-
-open(FILE, "$filename2") or die 'Unable to open fixed leases file.';
-our @current2 = <FILE>;
-close(FILE);
-
-# Check Settings1 first because they are needed by &buildconf
-if ($dhcpsettings{'ACTION'} eq $Lang::tr{'save'}) {
- foreach my $itf (@ITFs) {
- if ($dhcpsettings{"ENABLE_${itf}"} eq 'on' ) {
- # "Start" is defined, need "End" and vice versa
- if ($dhcpsettings{"START_ADDR_${itf}"}) {
- if (!(&General::validip($dhcpsettings{"START_ADDR_${itf}"}))) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid start address'};
- goto ERROR;
- }
- if (!$dhcpsettings{"END_ADDR_${itf}"}) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid end address'};
- goto ERROR;
- }
- if (! &General::IpInSubnet ( $dhcpsettings{"START_ADDR_${itf}"},
- $netsettings{"${itf}_NETADDRESS"},
- $netsettings{"${itf}_NETMASK"})) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid start address'};
- goto ERROR;
- }
- }
-
- if ($dhcpsettings{"END_ADDR_${itf}"}) {
- if (!(&General::validip($dhcpsettings{"END_ADDR_${itf}"}))) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid end address'};
- goto ERROR;
- }
- if (!$dhcpsettings{"START_ADDR_${itf}"}) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid start address'};
- goto ERROR;
- }
- if (! &General::IpInSubnet ( $dhcpsettings{"END_ADDR_${itf}"},
- $netsettings{"${itf}_NETADDRESS"},
- $netsettings{"${itf}_NETMASK"})) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid end address'};
- goto ERROR;
- }
- #swap if necessary! (support 255.255.0.0 range, I doubt we need more) GE
- my @startoct = split (/\./, $dhcpsettings{"START_ADDR_${itf}"});
- my @endoct = split (/\./, $dhcpsettings{"END_ADDR_${itf}"});
- if ( $endoct[2]*256+$endoct[3] < $startoct[2]*256+$startoct[3] ) {
- ($dhcpsettings{"START_ADDR_${itf}"},$dhcpsettings{"END_ADDR_${itf}"}) =
- ($dhcpsettings{"END_ADDR_${itf}"},$dhcpsettings{"START_ADDR_${itf}"});
- }
- }
-
- if (!($dhcpsettings{"DEFAULT_LEASE_TIME_${itf}"} =~ /^\d+$/)) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid default lease time'} . $dhcpsettings{'DEFAULT_LEASE_TIME_${itf}'};
- goto ERROR;
- }
-
- if (!($dhcpsettings{"MAX_LEASE_TIME_${itf}"} =~ /^\d+$/)) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid max lease time'} . $dhcpsettings{'MAX_LEASE_TIME_${itf}'};
- goto ERROR;
- }
-
- if ($dhcpsettings{"DNS1_${itf}"}) {
- if (!(&General::validip($dhcpsettings{"DNS1_${itf}"}))) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid primary dns'};
- goto ERROR;
- }
- }
- if ($dhcpsettings{"DNS2_${itf}"}) {
- if (!(&General::validip($dhcpsettings{"DNS2_${itf}"}))) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid secondary dns'};
- goto ERROR;
- }
- if (! $dhcpsettings{"DNS1_${itf}"}) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'cannot specify secondary dns without specifying primary'};
- goto ERROR;
- }
- }
-
- if ($dhcpsettings{"WINS1_${itf}"}) {
- if (!(&General::validip($dhcpsettings{"WINS1_${itf}"}))) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid wins address'};
- goto ERROR;
- }
- }
- if ($dhcpsettings{"WINS2_${itf}"}) {
- if (!(&General::validip($dhcpsettings{"WINS2_${itf}"}))) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid wins address'};
- goto ERROR;
- }
- if (! $dhcpsettings{"WINS1_${itf}"} ) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'cannot specify secondary wins without specifying primary'};
- goto ERROR;
- }
- }
- if ($dhcpsettings{"NEXT_${itf}"}) {
- if (!(&General::validip($dhcpsettings{"NEXT_${itf}"}))) {
- $errormessage = "next-server on ${itf}: " . $Lang::tr{'invalid ip'};
- goto ERROR;
- }
- }
- if ($dhcpsettings{"NTP1_${itf}"}) {
- if (!(&General::validip($dhcpsettings{"NTP1_${itf}"}))) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid primary ntp'};
- goto ERROR;
- }
- if ($dhcpsettings{"NTP1_${itf}"} eq $netsettings{"${itf}_ADDRESS"} && ($timesettings{'ENABLECLNTP'} ne 'on')) {
- $warnNTPmessage = "DHCP on ${itf}: " . $Lang::tr{'local ntp server specified but not enabled'};
- #goto ERROR;
- }
- }
- if ($dhcpsettings{"NTP2_${itf}"}) {
- if (!(&General::validip($dhcpsettings{"NTP2_${itf}"}))) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'invalid secondary ntp'};
- goto ERROR;
- }
- if ($dhcpsettings{"NTP2_${itf}"} eq $netsettings{"${itf}_ADDRESS"} && ($timesettings{'ENABLECLNTP'} ne 'on')) {
- $warnNTPmessage = "DHCP on ${itf}: " . $Lang::tr{'local ntp server specified but not enabled'};
- #goto ERROR;
- }
- if (! $dhcpsettings{"NTP1_${itf}"}) {
- $errormessage = "DHCP on ${itf}: " . $Lang::tr{'cannot specify secondary ntp without specifying primary'};
- goto ERROR;
- }
- }
- } # enabled
- }#loop interface verify
-
- map (delete ($dhcpsettings{$_}) ,@nosaved,'ACTION','KEY1','KEY2'); # Must not be saved
- &General::writehash($setting, \%dhcpsettings); # Save good settings
- $dhcpsettings{'ACTION'} = $Lang::tr{'save'}; # create an 'ACTION'
- map ($dhcpsettings{$_} = '',@nosaved,'KEY1','KEY2'); # and reinit vars to empty
- &buildconf;
- ERROR: # Leave the faulty field untouched
-} else {
- &General::readhash($setting, \%dhcpsettings); # Get saved settings and reset to good if needed
-}
-
-## Sorting of fixed leases
-if ($ENV{'QUERY_STRING'} =~ /^FETHER|^FIPADDR/ ) {
- my $newsort=$ENV{'QUERY_STRING'};
- my $act=$dhcpsettings{'SORT_FLEASELIST'};
- #Reverse actual sort ?
- if ($act =~ $newsort) {
- my $Rev='';
- if ($act !~ 'Rev') {
- $Rev='Rev';
- }
- $newsort.=$Rev;
- }
- $dhcpsettings{'SORT_FLEASELIST'}=$newsort;
- map (delete ($dhcpsettings{$_}) ,@nosaved,'ACTION','KEY1','KEY2'); # Must never be saved
- &General::writehash($setting, \%dhcpsettings);
- &sortcurrent2;
- $dhcpsettings{'ACTION'} = 'SORT'; # create an 'ACTION'
- map ($dhcpsettings{$_} = '',@nosaved,'KEY1','KEY2');# and reinit vars to empty
-}
-
-#Sorting of allocated leases
-&Header::CheckSortOrder;
-
-
-## Now manipulate the two multi-line list with Settings2.
-# '1' suffix is for ADVANCED OPTIONS
-# '2' suffix is for FIXED LEASES
-
-# Toggle enable/disable field on specified options.
-
-if ($dhcpsettings{'ACTION'} eq $Lang::tr{'toggle enable disable'}.'1') {
- #move out new line
- chomp(@current1[$dhcpsettings{'KEY1'}]);
- my @temp = split(/\t/,@current1[$dhcpsettings{'KEY1'}]); #use TAB separator !
- $temp[0] = $temp[0] eq 'on' ? '' : 'on'; # Toggle the field
- @current1[$dhcpsettings{'KEY1'}] = join ("\t",@temp)."\n";
- $dhcpsettings{'KEY1'} = ''; # End edit mode
- &General::log($Lang::tr{'dhcp advopt modified'});
- open(FILE, ">$filename1") or die 'Unable to open dhcp advanced options file.';
- print FILE @current1;
- close(FILE);
-
- #Write changes to dhcpd.conf.
- &buildconf;
-}
-
-
-
-if ($dhcpsettings{'ACTION'} eq $Lang::tr{'add'}.'1' &&
- $dhcpsettings{'SUBMIT'} ne $Lang::tr{'dhcp advopt help'}) {
- $dhcpsettings{'ADVOPT_NAME'} =~ s/[^ \w-]//g; # prevent execution of code by removing everything except letters/space
- $dhcpsettings{'ADVOPT_DATA'} =~ s/`//g; # back tik ` ? not allowed !
-
- if ($dhcpsettings{'ADVOPT_DATA'} eq '') {
- $errormessage=$Lang::tr{'dhcp advopt blank value'};
- }
-
- # Test for a new option definition string (join field name & data)
- if (ExistNewOptionDefinition ($dhcpsettings{'ADVOPT_NAME'} . ' ' . $dhcpsettings{'ADVOPT_DATA'})) {
- #only edit permitted if option definition exists
- $errormessage = $Lang::tr{'dhcp advopt definition exists'} if ($dhcpsettings{'KEY1'} eq '');
- $dhcpsettings{'ADVOPT_ENABLED'} = 'on'; # force active
- map ($dhcpsettings{"ADVOPT_SCOPE_$_"} = 'off', @ITFs); # force global
- } elsif (AddNewOptionDefinition ($dhcpsettings{'ADVOPT_NAME'} . ' ' . $dhcpsettings{'ADVOPT_DATA'})) {
- #was a new option definition
- $dhcpsettings{'ADVOPT_ENABLED'} = 'on'; # force active
- map ($dhcpsettings{"ADVOPT_SCOPE_$_"} = 'off', @ITFs); # force global
- } elsif (ValidNewOption ($dhcpsettings{'ADVOPT_NAME'} . ' ' . $dhcpsettings{'ADVOPT_DATA'})) {
- #was a new option
- } elsif (! `grep "\$option $dhcpsettings{'ADVOPT_NAME'} " $filename3`) {
- $errormessage=$Lang::tr{'dhcp advopt unknown'}.': '.$dhcpsettings{'ADVOPT_NAME'};
- }
-
- unless ($errormessage) {
-
- my $scope = '';
- foreach my $itf (@ITFs) { # buils "RED,GREEN,ORANGE,... based on selection
- $scope .= $dhcpsettings{"ADVOPT_SCOPE_${itf}"} eq 'on' ? "\t$itf" : "\toff" ;
- }
- if ($dhcpsettings{'KEY1'} eq '') { #add or edit ? TAB separator !
- unshift (@current1, "$dhcpsettings{'ADVOPT_ENABLED'}\t$dhcpsettings{'ADVOPT_NAME'}\t$dhcpsettings{'ADVOPT_DATA'}$scope\n");
- &General::log($Lang::tr{'dhcp advopt added'});
- } else {
- @current1[$dhcpsettings{'KEY1'}] = "$dhcpsettings{'ADVOPT_ENABLED'}\t$dhcpsettings{'ADVOPT_NAME'}\t$dhcpsettings{'ADVOPT_DATA'}$scope\n";
- $dhcpsettings{'KEY1'} = ''; # End edit mode
- &General::log($Lang::tr{'dhcp advopt modified'});
- }
-
- #Write changes to dhcpd.conf.
- &sortcurrent1; # sort newly added/modified entry
- &buildconf; # before calling buildconf which use fixed lease file !
- }
-}
-
-if ($dhcpsettings{'ACTION'} eq $Lang::tr{'edit'}.'1') {
- #move out new line
- my $line = @current1[$dhcpsettings{'KEY1'}];
- chomp($line);
- my @temp = split(/\t/, $line);
- $dhcpsettings{'ADVOPT_ENABLED'}=$temp[0];
- $dhcpsettings{'ADVOPT_NAME'}=$temp[1];
- $dhcpsettings{'ADVOPT_DATA'}=$temp[2];
-
- # read next fields which are the name (color) of an interface if this interface is scoped
- for (my $key=0; $key<@ITFs; $key++) {
- my $itf = $temp[3+$key];
- if ($itf ne 'off') # Only is an interface name is read
- {
- $dhcpsettings{"ADVOPT_SCOPE_${itf}"} = 'on';
- }
- }
-}
-
-if ($dhcpsettings{'ACTION'} eq $Lang::tr{'remove'}.'1') {
- splice (@current1,$dhcpsettings{'KEY1'},1);
- open(FILE, ">$filename1") or die 'Unable to open dhcp advanced options file.';
- print FILE @current1;
- close(FILE);
- $dhcpsettings{'KEY1'} = ''; # End remove mode
- &General::log($Lang::tr{'dhcp advopt removed'});
- #Write changes to dhcpd.conf.
- &buildconf;
-}
-#end KEY1
-
-
-# Toggle enable/disable field on specified lease.
-if ($dhcpsettings{'ACTION'} eq $Lang::tr{'toggle enable disable'}.'2') {
- #move out new line
- chomp(@current2[$dhcpsettings{'KEY2'}]);
- my @temp = split(/\,/,@current2[$dhcpsettings{'KEY2'}]);
- $temp[2] = $temp[2] eq 'on' ? '' : 'on'; # Toggle the field
- @current2[$dhcpsettings{'KEY2'}] = join (',',@temp)."\n";
- $dhcpsettings{'KEY2'} = ''; # End edit mode
- &General::log($Lang::tr{'fixed ip lease modified'});
- open(FILE, ">$filename2") or die 'Unable to open fixed leases file.';
- print FILE @current2;
- close(FILE);
-
- #Write changes to dhcpd.conf.
- &buildconf;
-}
-
-if ($dhcpsettings{'ACTION'} eq $Lang::tr{'add'}.'2') {
- $dhcpsettings{'FIX_MAC'} =~ tr/-/:/;
- unless(&General::validip($dhcpsettings{'FIX_ADDR'})) { $errormessage = $Lang::tr{'invalid fixed ip address'}; }
- unless(&General::validmac($dhcpsettings{'FIX_MAC'})) { $errormessage = $Lang::tr{'invalid fixed mac address'}; }
- if ($dhcpsettings{'FIX_NEXTADDR'}) {
- unless(&General::validip($dhcpsettings{'FIX_NEXTADDR'})) { $errormessage = $Lang::tr{'invalid fixed ip address'}; }
- }
-
- my $key = 0;
- CHECK:foreach my $line (@current2) {
- my @temp = split(/\,/,$line);
- if($dhcpsettings{'KEY2'} ne $key) {
- # same MAC is OK on different subnets. This test is not complete because
- # if ip are not inside a known subnet, I don't warn.
- # Also it may be needed to put duplicate fixed lease in their right subnet definition..
- foreach my $itf (@ITFs) {
- my $scoped = &General::IpInSubnet($dhcpsettings{'FIX_ADDR'},
- $netsettings{"${itf}_NETADDRESS"},
- $netsettings{"${itf}_NETMASK"}) &&
- $dhcpsettings{"ENABLE_${itf}"} eq 'on';
- if ( $scoped &&
- (lc($dhcpsettings{'FIX_MAC'}) eq lc($temp[0])) &&
- &General::IpInSubnet($temp[1],
- $netsettings{"${itf}_NETADDRESS"},
- $netsettings{"${itf}_NETMASK"})) {
- $errormessage = "$Lang::tr{'mac address in use'} $dhcpsettings{'FIX_MAC'}";
- last CHECK;
- }
- }
- }
- $key++;
- }
-
- unless ($errormessage) {
- $dhcpsettings{'FIX_REMARK'} = &Header::cleanhtml($dhcpsettings{'FIX_REMARK'});
- $dhcpsettings{'FIX_NEXTADDR'} = &Header::cleanhtml($dhcpsettings{'FIX_NEXTADDR'});
- $dhcpsettings{'FIX_FILENAME'} = &Header::cleanhtml($dhcpsettings{'FIX_FILENAME'});
- $dhcpsettings{'FIX_ROOTPATH'} = &Header::cleanhtml($dhcpsettings{'FIX_ROOTPATH'});
- if ($dhcpsettings{'KEY2'} eq '') { #add or edit ?
- unshift (@current2, "$dhcpsettings{'FIX_MAC'},$dhcpsettings{'FIX_ADDR'},$dhcpsettings{'FIX_ENABLED'},$dhcpsettings{'FIX_NEXTADDR'},$dhcpsettings{'FIX_FILENAME'},$dhcpsettings{'FIX_ROOTPATH'},$dhcpsettings{'FIX_REMARK'}\n");
- &General::log($Lang::tr{'fixed ip lease added'});
- } else {
- @current2[$dhcpsettings{'KEY2'}] = "$dhcpsettings{'FIX_MAC'},$dhcpsettings{'FIX_ADDR'},$dhcpsettings{'FIX_ENABLED'},$dhcpsettings{'FIX_NEXTADDR'},$dhcpsettings{'FIX_FILENAME'},$dhcpsettings{'FIX_ROOTPATH'},$dhcpsettings{'FIX_REMARK'}\n";
- $dhcpsettings{'KEY2'} = ''; # End edit mode
- &General::log($Lang::tr{'fixed ip lease modified'});
- }
-
- #Write changes to dhcpd.conf.
- &sortcurrent2; # sort newly added/modified entry
- &buildconf; # before calling buildconf which use fixed lease file !
- }
-}
-
-if ($dhcpsettings{'ACTION_ALL'} eq '+') {
- my $news = 0;
- foreach (keys %dhcpsettings) {
- if (/^(\d+\.\d+\.\d+\.\d+)-([0-9a-fA-F:]+)$/) { # checked names are index of the line
- my $ip=$1;
- my $mac=$2;
- if (!grep (/$2/,@current2)) {
- unshift (@current2, "$mac,$ip,on,,,,imported\n");
- $news++;
- }
- }
- }
- if ($news) {
- #Write changes to dhcpd.conf.
- $warnNTPmessage = $Lang::tr{'fixed ip lease added'}."($news)";
- &General::log($warnNTPmessage);
- &sortcurrent2; # sort newly added/modified entry
- &buildconf; # before calling buildconf which use fixed lease file !
- }
-}
-
-if ($dhcpsettings{'ACTION'} eq $Lang::tr{'edit'}.'2') {
- #move out new line
- my $line = @current2[$dhcpsettings{'KEY2'}];
- chomp($line);
- my @temp = split(/\,/, $line);
- $dhcpsettings{'FIX_MAC'}=$temp[0];
- $dhcpsettings{'FIX_ADDR'}=$temp[1];
- $dhcpsettings{'FIX_ENABLED'}=$temp[2];
- $dhcpsettings{'FIX_NEXTADDR'}=$temp[3];
- $dhcpsettings{'FIX_FILENAME'}=$temp[4];
- $dhcpsettings{'FIX_ROOTPATH'}=$temp[5];
- $dhcpsettings{'FIX_REMARK'}=$temp[6];
-}
-
-if ($dhcpsettings{'ACTION'} eq $Lang::tr{'remove'}.'2') {
- splice (@current2,$dhcpsettings{'KEY2'},1);
- open(FILE, ">$filename2") or die 'Unable to open fixed lease file.';
- print FILE @current2;
- close(FILE);
- $dhcpsettings{'KEY2'} = ''; # End remove mode
- &General::log($Lang::tr{'fixed ip lease removed'});
- #Write changes to dhcpd.conf.
- &buildconf;
-}
-#end KEY2 defined
-
-
-
-
-if ($dhcpsettings{'ACTION'} eq '' ) { # First launch from GUI
-
- # Set default DHCP values only if blank and disabled
- foreach my $itf (@ITFs) {
- if ($dhcpsettings{"ENABLE_${itf}"} ne 'on' ) {
- $dhcpsettings{"DNS1_${itf}"} = $netsettings{"${itf}_ADDRESS"};
- $dhcpsettings{"DEFAULT_LEASE_TIME_${itf}"} = '60';
- $dhcpsettings{"MAX_LEASE_TIME_${itf}"} = '120';
- $dhcpsettings{"DOMAIN_NAME_${itf}"} = $mainsettings{'DOMAINNAME'};
- }
- }
- $dhcpsettings{'FIX_ENABLED'} = 'on';
-}
-
-&Header::openpage($Lang::tr{'dhcp configuration'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-if ($warnNTPmessage) {
- $warnNTPmessage = "<font color=${Header::colourred}><b>$Lang::tr{'capswarning'}</b></font>: $warnNTPmessage";
-}
-
-&Header::openbox('100%', 'left', 'DHCP');
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>";
-
-foreach my $itf (@ITFs) {
- my %checked=();
- $checked{'ENABLE'}{'on'} = ( $dhcpsettings{"ENABLE_${itf}"} ne 'on') ? '' : "checked='checked'";
- $checked{'ENABLEBOOTP'}{'on'} = ( $dhcpsettings{"ENABLEBOOTP_${itf}"} ne 'on') ? '' : "checked='checked'";
-
- if ($netsettings{"${itf}_DEV"} ne '' ) { # Show only defined interface
- my $lc_itf=lc($itf);
-print <<END
-<table width='100%'>
-<tr>
- <td width='25%' class='boldbase'><b><font color='${lc_itf}'>$Lang::tr{"$lc_itf interface"}</font></b></td>
- <td class='base'>$Lang::tr{'enabled'}
- <input type='checkbox' name='ENABLE_${itf}' $checked{'ENABLE'}{'on'} /></td>
- <td width='25%' class='base'>$Lang::tr{'ip address'}<br />$Lang::tr{'netmask'}:</td><td><b>$netsettings{"${itf}_ADDRESS"}<br />$netsettings{"${itf}_NETMASK"}</b></td>
-</tr><tr>
- <td width='25%' class='base'>$Lang::tr{'start address'} <img src='/blob.gif' alt='*' /></td>
- <td width='25%'><input type='text' name='START_ADDR_${itf}' value='$dhcpsettings{"START_ADDR_${itf}"}' /></td>
- <td width='25%' class='base'>$Lang::tr{'end address'} <img src='/blob.gif' alt='*' /></td>
- <td width='25%'><input type='text' name='END_ADDR_${itf}' value='$dhcpsettings{"END_ADDR_${itf}"}' /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'default lease time'}</td>
- <td><input type='text' name='DEFAULT_LEASE_TIME_${itf}' value='$dhcpsettings{"DEFAULT_LEASE_TIME_${itf}"}' /></td>
- <td class='base'>$Lang::tr{'max lease time'}</td>
- <td><input type='text' name='MAX_LEASE_TIME_${itf}' value='$dhcpsettings{"MAX_LEASE_TIME_${itf}"}' /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'domain name suffix'} <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='DOMAIN_NAME_${itf}' value='$dhcpsettings{"DOMAIN_NAME_${itf}"}' /></td>
- <td>$Lang::tr{'dhcp allow bootp'}:</td>
- <td><input type='checkbox' name='ENABLEBOOTP_${itf}' $checked{'ENABLEBOOTP'}{'on'} /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'primary dns'}</td>
- <td><input type='text' name='DNS1_${itf}' value='$dhcpsettings{"DNS1_${itf}"}' /></td>
- <td class='base'>$Lang::tr{'secondary dns'} <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='DNS2_${itf}' value='$dhcpsettings{"DNS2_${itf}"}' /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'primary ntp server'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='NTP1_${itf}' value='$dhcpsettings{"NTP1_${itf}"}' /></td>
- <td class='base'>$Lang::tr{'secondary ntp server'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='NTP2_${itf}' value='$dhcpsettings{"NTP2_${itf}"}' /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'primary wins server address'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='WINS1_${itf}' value='$dhcpsettings{"WINS1_${itf}"}' /></td>
- <td class='base'>$Lang::tr{'secondary wins server address'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='WINS2_${itf}' value='$dhcpsettings{"WINS2_${itf}"}' /></td>
-</tr><tr>
- <td class='base'>next-server: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='NEXT_${itf}' value='$dhcpsettings{"NEXT_${itf}"}' /></td>
- <td class='base'>filename: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='FILE_${itf}' value='$dhcpsettings{"FILE_${itf}"}' /></td>
-</tr>
-</table>
-<hr />
-END
-;
- }# Show only defined interface
-}#foreach itf
-print <<END
-<table width='100%'>
-<tr>
- <td class='base' width='25%'><img src='/blob.gif' align='top' alt='*' /> $Lang::tr{'this field may be blank'}</td>
- <td class='base' width='30%'>$warnNTPmessage</td>
- <td width='40%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
- <td width='5%' align='right'> </td>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'dhcp advopt list'});
-# DHCP Advanced options settings
-my %checked=();
-$checked{'ADVOPT_ENABLED'}{'on'} = ($dhcpsettings{'ADVOPT_ENABLED'} ne 'on') ? '' : "checked='checked'";
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'><table width='100%'>";
-my $buttontext = $Lang::tr{'add'};
-if ($dhcpsettings{'KEY1'} ne '') {
- $buttontext = $Lang::tr{'update'};
- print "<tr><td class='boldbase'><b>$Lang::tr{'dhcp advopt edit'}</b></td></tr>";
-} else {
- print "<tr><td class='boldbase'><b>$Lang::tr{'dhcp advopt add'}</b></td></tr>"
-}
-
-#search if the 'option' is in the list and print the syntax model
-my $opt = `grep "\$option $dhcpsettings{'ADVOPT_NAME'} " $filename3`;
-if ($opt ne '') {
- $opt =~ s/option $dhcpsettings{'ADVOPT_NAME'}/Syntax:/; # "option xyz abc" => "syntax: abc"
- $opt =~ s/;//;
- $opt = "<tr><td></td><td></td><td colspan='2'>$opt</td></tr>";
-}
-print <<END
-<tr>
- <td class='base'>$Lang::tr{'dhcp advopt name'}:</td>
- <td><input type='text' name='ADVOPT_NAME' value='$dhcpsettings{'ADVOPT_NAME'}' size='18' /></td>
- <td class='base'>$Lang::tr{'dhcp advopt value'}:</td>
- <td><input type='text' name='ADVOPT_DATA' value='$dhcpsettings{'ADVOPT_DATA'}' size='40' /></td>
-</tr>$opt<tr>
- <td class='base'>$Lang::tr{'enabled'}</td><td><input type='checkbox' name='ADVOPT_ENABLED' $checked{'ADVOPT_ENABLED'}{'on'} /></td>
- <td class='base'>$Lang::tr{'dhcp advopt scope'}: <img src='/blob.gif' alt='*' /></td>
- <td>
-END
-;
-
-# Put a checkbox for each interface. Checkbox visible disabled if interface is disabled
-foreach my $itf (@ITFs) {
- my $lc_itf=lc($itf);
- $checked{'ADVOPT_SCOPE_${itf}'}{'on'} = $dhcpsettings{"ADVOPT_SCOPE_${itf}"} ne 'on' ? '' : "checked='checked'";
- print "$Lang::tr{\"${lc_itf}\"} <input type='checkbox' name='ADVOPT_SCOPE_${itf}' $checked{'ADVOPT_SCOPE_${itf}'}{'on'} ";
- print $dhcpsettings{"ENABLE_${itf}"} eq 'on' ? "/>" : "disabled='disabled' />";
- print " ";
-}
-
-print <<END
- </td>
-</tr>
-</table>
-<hr />
-<table width='100%'>
-<tr>
- <td class='base' width='50%'><img src='/blob.gif' align='top' alt='*' /> $Lang::tr{'dhcp advopt scope help'}</td>
- <td width='50%' align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'add'}1' />
- <input type='submit' name='SUBMIT' value='$buttontext' />
- <input type='submit' name='SUBMIT' value='$Lang::tr{'dhcp advopt help'}' />
- <input type='hidden' name='KEY1' value='$dhcpsettings{'KEY1'}' />
- </td>
-</tr>
-</table>
-</form>
-END
-;
-#Edited line number (KEY1) passed until cleared by 'save' or 'remove' or 'new sort order'
-
-# print help taken from the file describing options
-if ($dhcpsettings{'SUBMIT'} eq $Lang::tr{'dhcp advopt help'}) {
- print "<hr />";
- print "<table width='100%'>";
- print "<tr><td width='30%'><b>$Lang::tr{'dhcp advopt name'}</b></td><td width='70%'><b>$Lang::tr{'dhcp advopt value'}</b></td>";
- open(FILE, "$filename3");
- my @current3 = <FILE>;
- close(FILE);
- foreach my $line (@current3) {
- $line =~ /option ([a-z0-9-]+) (.*);/;
- print "<tr><td>$1</td><td>$2</td></tr>\n";
- }
- print "<tr><td colspan='2'><hr /></td></tr>\n";
- print '<tr><td>string type</td><td>"quoted string" or 00:01:FF...</td></tr>';
- print '<tr><td>ip-address type </td><td>10.0.0.1 | www.dot.com</td></tr>';
- print '<tr><td>int,uint types</td><td>numbers</td></tr>';
- print '<tr><td>flag type</td><td>on | off</td></tr>';
- print '</table>';
- print "<hr />";
- print "<table width='100%'>";
- print "<tr><td width='30%'><b>$Lang::tr{'dhcp advopt custom definition'}</b></td><td width='70%'><b>$Lang::tr{'dhcp advopt value'}</b></td>";
- print "<tr><td>any-name </td><td> code NNN=$OptionTypes</td></tr>";
- print '<tr><td>a-string</td><td>code 100=string</td></tr>';
- print '<tr><td>a-number</td><td>code 101=signed integer 8</td></tr>';
- print '<tr><td>wpad</td><td>code 252=text</td></tr>';
- print '<tr><td>wpad</td><td>"http://www.server.fr/path-to/proxy.pac"</td></tr>';
- print '</table>';
-
-}
-
-print <<END
-<hr />
-<table width='100%'>
-<tr>
- <td width='30%' class='boldbase' align='center'><b>$Lang::tr{'dhcp advopt name'}</b></td>
- <td width='50%' class='boldbase' align='center'><b>$Lang::tr{'dhcp advopt value'}</b></td>
- <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'dhcp advopt scope'}</b></td>
- <td colspan='3' class='boldbase' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-my $key = 0;
-foreach my $line (@current1) {
- my $gif = '';
- my $gdesc = '';
- chomp($line); # remove newline
- my @temp = split(/\t/,$line);
-
- if ($temp[0] eq "on") {
- $gif = 'on.gif';
- $gdesc = $Lang::tr{'click to disable'};
- } else {
- $gif = 'off.gif';
- $gdesc = $Lang::tr{'click to enable'};
- }
-
- if ($dhcpsettings{'KEY1'} eq $key) {
- print "<tr bgcolor='${Header::colouryellow}'>";
- } elsif ($key % 2) {
- print "<tr bgcolor='$color{'color22'}'>";
- } else {
- print "<tr bgcolor='$color{'color20'}'>";
- }
-
- print <<END
-<td align='center'>$temp[1]</td>
-<td align='center'>$temp[2]</td>
-<td align='center'>
-END
-;
- # Prepare a global flag to make easy reading
- my $global = '';
- my $disabledTogle = '';
- my $disabledEditRemove = '';
- if ( ExistNewOptionDefinition ($temp[1] . ' ' . $temp[2]) ) {
- $global = $Lang::tr{'dhcp advopt definition'};
- $disabledTogle = "disabled='disabled'";
- # Search if it is a used NewOptionDefinition to also disable edit & delete
- $disabledEditRemove = "disabled='disabled'" if (IsUsedNewOptionDefinition ($temp[1], $temp[2]));
- } else {
- $global = $Lang::tr{'dhcp advopt scope global'};
- }
-
-
- # Print each checked interface
- for (my $key=0; $key<@ITFs; $key++) {
- my $itf = $temp[3+$key];
- if ($itf ne 'off') { # Only if an interface name is read
- print "$itf";
- $global=''; # fall to local scope !
- }
- }
- print <<END
-$global</td>
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}1' />
-<input $disabledTogle type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'edit'}1' />
-<input $disabledEditRemove type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'remove'}1' />
-<input $disabledEditRemove type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-</tr>
-END
-;
- $key++;
-}
-
-print "</table>";
-
-# If there are dhcp options, print Key to action icons
-if ($key) {
-print <<END
-<table>
-<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}: </b></td>
- <td><img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> </td>
- <td><img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> </td>
- <td><img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> </td>
- <td><img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
-</tr>
-</table>
-END
-;
-}
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'current fixed leases'});
-# Fixed leases screens
-$checked{'FIX_ENABLED'}{'on'} = ($dhcpsettings{'FIX_ENABLED'} ne 'on') ? '' : "checked='checked'";
-
-$buttontext = $Lang::tr{'add'};
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'><table width='100%'>";
-
-if ($dhcpsettings{'KEY2'} ne '') {
- $buttontext = $Lang::tr{'update'};
- print "<tr><td class='boldbase' colspan='3'><b>$Lang::tr{'edit an existing lease'}</b></td></tr>";
-} else {
- print "<tr><td class='boldbase' colspan='3'><b>$Lang::tr{'add new lease'}</b></td></tr>"
-}
-print <<END
-<tr>
- <td class='base'>$Lang::tr{'mac address'}:</td>
- <td><input type='text' name='FIX_MAC' value='$dhcpsettings{'FIX_MAC'}' size='18' /></td>
- <td class='base'>$Lang::tr{'ip address'}:</td>
- <td><input type='text' name='FIX_ADDR' value='$dhcpsettings{'FIX_ADDR'}' size='18' /></td>
- <td class='base'>$Lang::tr{'remark'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='FIX_REMARK' value='$dhcpsettings{'FIX_REMARK'}' size='18' /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'enabled'}</td><td><input type='checkbox' name='FIX_ENABLED' $checked{'FIX_ENABLED'}{'on'} /></td>
-</tr><tr>
- <td colspan = '3'><b>$Lang::tr{'dhcp bootp pxe data'}</b></td>
-</tr><tr>
- <td class='base'>next-server: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='FIX_NEXTADDR' value='$dhcpsettings{'FIX_NEXTADDR'}' size='18' /></td>
- <td class='base'>filename: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='FIX_FILENAME' value='$dhcpsettings{'FIX_FILENAME'}' size='18' /></td>
- <td class='base'>root path: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='FIX_ROOTPATH' value='$dhcpsettings{'FIX_ROOTPATH'}' size='18' /></td>
-</tr>
-</table>
-<hr />
-<table width='100%'>
-<tr>
- <td class='base' width='50%'><img src='/blob.gif' align='top' alt='*' /> $Lang::tr{'this field may be blank'}</td>
- <td width='50%' align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'add'}2' />
- <input type='submit' name='SUBMIT' value='$buttontext' />
- <input type='hidden' name='KEY2' value='$dhcpsettings{'KEY2'}' /></td>
-</tr>
-</table>
-</form>
-END
-;
-#Edited line number (KEY2) passed until cleared by 'save' or 'remove' or 'new sort order'
-
-print <<END
-<hr />
-<table width='100%'>
-<tr>
- <td width='20%' align='center'><a href='$ENV{'SCRIPT_NAME'}?FETHER'><b>$Lang::tr{'mac address'}</b></a></td>
- <td width='20%' align='center'><a href='$ENV{'SCRIPT_NAME'}?FIPADDR'><b>$Lang::tr{'ip address'}</b></a></td>
- <td width='15%' align='center'><b>$Lang::tr{'remark'}</b></td>
- <td width='15%' class='boldbase' align='center'><b>next-server</b></td>
- <td width='15%' class='boldbase' align='center'><b>filename</b></td>
- <td width='15%' class='boldbase' align='center'><b>root path</b></td>
- <td colspan='3' class='boldbase' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-my $ipdup = 0;
-my %ipinuse = ();
-my %macdupl = (); # Duplicate MACs have to be on different subnets
-my %ipoutside = ();
-
-# mark duplicate ip or duplicate MAC
-foreach my $line (@current2) {
- my @temp = split(/\,/,$line);
- $macdupl{$temp[0]} += 1;
- if ($macdupl{$temp[0]} > 1) {
- $ipdup = 1; # Flag up duplicates for use later
- }
- $ipinuse{$temp[1]} += 1;
- if ($ipinuse{$temp[1]} > 1) {
- $ipdup = 1; # Flag up duplicates for use later
- }
- # Mark IP addresses outwith known subnets
- $ipoutside{$temp[1]} = 1;
- foreach my $itf (@ITFs) {
- if ( &General::IpInSubnet($temp[1],
- $netsettings{"${itf}_NETADDRESS"},
- $netsettings{"${itf}_NETMASK"})) {
- $ipoutside{$temp[1]} = 0;
- }
- }
-}
-
-$key = 0;
-foreach my $line (@current2) {
- my $gif = '';
- my $gdesc = '';
- chomp($line); # remove newline
- my @temp = split(/\,/,$line);
-
- if ($temp[2] eq "on") {
- $gif = 'on.gif';
- $gdesc = $Lang::tr{'click to disable'};
- } else {
- $gif = 'off.gif';
- $gdesc = $Lang::tr{'click to enable'};
- }
-
- if ($dhcpsettings{'KEY2'} eq $key) {
- print "<tr bgcolor='${Header::colouryellow}'>";
- } elsif ($key % 2) {
- print "<tr bgcolor='$color{'color22'}'>";
- } else {
- print "<tr bgcolor='$color{'color20'}'>";
- }
- my $TAG0 = '';
- my $TAG1 = '';
- my $TAG2 = '';
- my $TAG3 = '';
- my $TAG4 = '';
- if ($ipinuse{$temp[1]} > 1) {
- $TAG0 = '<b>';
- $TAG1 = '</b>';
- }
- if ($macdupl{$temp[0]} > 1) {
- $TAG2 = '<b>';
- $TAG3 = '</b>';
- }
- if ($ipoutside{$temp[1]} > 0) {
- $TAG4 = "bgcolor='orange'" if ($dhcpsettings{'KEY2'} ne $key);
- }
-
- print <<END
-<td align='center'>$TAG2$temp[0]$TAG3</td>
-<td align='center' $TAG4>$TAG0$temp[1]$TAG1</td>
-<td align='center'>$temp[6] </td>
-<td align='center'>$temp[3] </td>
-<td align='center'>$temp[4] </td>
-<td align='center'>$temp[5] </td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}2' />
-<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' />
-<input type='hidden' name='KEY2' value='$key' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'edit'}2' />
-<input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
-<input type='hidden' name='KEY2' value='$key' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'remove'}2' />
-<input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
-<input type='hidden' name='KEY2' value='$key' />
-</form>
-</td>
-</tr>
-END
-;
- $key++;
-}
-print "</table>";
-
-# If the fixed lease file contains entries, print Key to action icons
-if ($key) {
-my $dup = $ipdup ? "<td class='base'>$Lang::tr{'duplicate ip bold'}</td>" :'';
-print <<END
-<table>
-<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}: </b></td>
- <td><img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> </td>
- <td><img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> </td>
- <td><img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> </td>
- <td><img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
-</tr>
-<tr>
- <td> </td>
- <td bgcolor='orange'> </td>
- <td class='base'>$Lang::tr{'ip address outside subnets'}</td>
- <td> </td>
- <td> </td>
- $dup
-</tr>
-</table>
-END
-;
-}
-
-&Header::closebox();
-
-foreach my $itf (@ITFs) {
- if ($dhcpsettings{"ENABLE_${itf}"} eq 'on') {
- # display leases with a list of actions to do with the global select checkbox.
- &Header::PrintActualLeases("+"); # "+" => create fixed leases from nodeaddress
- last; #Print one time only for all interfaces
- };
-}
-
-&Header::closebigbox();
-&Header::closepage();
-
-## Ouf it's the end !
-
-sub sortcurrent1 # by now, do not sort, just write
-{
- open(FILE, ">$filename1") or die 'Unable to open dhcp advanced options file.';
- print FILE @current1;
- close(FILE);
-}
-
-
-# Sort the "current2" array according to choices
-sub sortcurrent2
-{
- our %entries = ();
-
- sub fixedleasesort {
- my $qs='';
- if (rindex ($dhcpsettings{'SORT_FLEASELIST'},'Rev') != -1) {
- $qs=substr ($dhcpsettings{'SORT_FLEASELIST'},0,length($dhcpsettings{'SORT_FLEASELIST'})-3);
- if ($qs eq 'FIPADDR') {
- my @a = split(/\./,$entries{$a}->{$qs});
- my @b = split(/\./,$entries{$b}->{$qs});
- ($b[0]<=>$a[0]) ||
- ($b[1]<=>$a[1]) ||
- ($b[2]<=>$a[2]) ||
- ($b[3]<=>$a[3]);
- } else {
- $entries{$b}->{$qs} cmp $entries{$a}->{$qs};
- }
- } else { #not reverse
- $qs=$dhcpsettings{'SORT_FLEASELIST'};
- if ($qs eq 'FIPADDR') {
- my @a = split(/\./,$entries{$a}->{$qs});
- my @b = split(/\./,$entries{$b}->{$qs});
- ($a[0]<=>$b[0]) ||
- ($a[1]<=>$b[1]) ||
- ($a[2]<=>$b[2]) ||
- ($a[3]<=>$b[3]);
- } else {
- $entries{$a}->{$qs} cmp $entries{$b}->{$qs};
- }
- }
- }
-
- #Use an associative array (%entries)
- foreach my $line (@current2) {
- chomp( $line); #remove newline because can be on field 5 or 6 (addition of REMARK)
- my @temp = split (',',$line);
- my @record = ('FETHER',$temp[0],'FIPADDR',$temp[1],'DATA',join(',',@temp[2..6]));
- my $record = {}; # create a reference to empty hash
- %{$record} = @record; # populate that hash with @record
- # use combination of ether & IP as key to allow duplicates in either but not both
- $entries{$record->{FETHER} . $record->{FIPADDR}} = $record; # add this to a hash of hashes
- }
-
- open(FILE, ">$filename2") or die 'Unable to open fixed lease file.';
- foreach my $entry ( sort fixedleasesort keys %entries) {
- print FILE "$entries{$entry}->{FETHER},$entries{$entry}->{FIPADDR},$entries{$entry}->{DATA}\n";
- }
- close(FILE);
-
- # Reload sorted @current2
- open (FILE, "$filename2");
- @current2 = <FILE>;
- close (FILE);
- undef (%entries); #This array is reused latter. Clear it.
-}
-
-# Build the configuration file mixing settings, fixed leases and advanced options
-sub buildconf {
- open(FILE, ">/${General::swroot}/dhcp/dhcpd.conf") or die "Unable to write dhcpd.conf file";
- flock(FILE, 2);
-
- # Global settings
- print FILE "ddns-update-style none;\n";
- print FILE "deny bootp; #default\n";
- print FILE "authoritative;\n";
-
- # Write first new option definition
- foreach my $line (@current1) {
- chomp($line); # remove newline
- my @temp = split(/\t/,$line);
- if (ExistNewOptionDefinition ($temp[1] . ' ' . $temp[2])) {
- print FILE "option $temp[1] $temp[2];\n";
- }
- }
- # Write other global options
- foreach my $line (@current1) {
- chomp($line); # remove newline
- my @temp = split(/\t/,$line);
-
- if ($temp[0] eq 'on' && !ExistNewOptionDefinition ($temp[1] . ' ' . $temp[2])){ # active & !definition
- my $global=1;
- for (my $key=0; $key<@ITFs; $key++) {
- my $itf = $temp[3+$key];
- if ($itf ne 'off') # Only if an interface name is read
- {
- $global=0;
- }
- }
- if ($global) {
- print FILE "option $temp[1] $temp[2];\n";
- }
- }# on
- }# foreach line
-
- #Subnet range definition
- foreach my $itf (@ITFs) {
- my $lc_itf=lc($itf);
- if ($dhcpsettings{"ENABLE_${itf}"} eq 'on' ){
- print FILE "\nsubnet " . $netsettings{"${itf}_NETADDRESS"} . " netmask ". $netsettings{"${itf}_NETMASK"} . " #$itf\n";
- print FILE "{\n";
- print FILE "\trange " . $dhcpsettings{"START_ADDR_${itf}"} . ' ' . $dhcpsettings{"END_ADDR_${itf}"}.";\n" if ($dhcpsettings{"START_ADDR_${itf}"});
- print FILE "\toption subnet-mask " . $netsettings{"${itf}_NETMASK"} . ";\n";
- print FILE "\toption domain-name \"" . $dhcpsettings{"DOMAIN_NAME_${itf}"} . "\";\n";
- print FILE "\toption routers " . $netsettings{"${itf}_ADDRESS"} . ";\n";
- print FILE "\toption domain-name-servers " . $dhcpsettings{"DNS1_${itf}"} if ($dhcpsettings{"DNS1_${itf}"});
- print FILE ", " . $dhcpsettings{"DNS2_${itf}"} if ($dhcpsettings{"DNS2_${itf}"});
- print FILE ";\n" if ($dhcpsettings{"DNS1_${itf}"});
- print FILE "\toption ntp-servers " . $dhcpsettings{"NTP1_${itf}"} if ($dhcpsettings{"NTP1_${itf}"});
- print FILE ", " . $dhcpsettings{"NTP2_${itf}"} if ($dhcpsettings{"NTP2_${itf}"});
- print FILE ";\n" if ($dhcpsettings{"NTP1_${itf}"});
- print FILE "\toption netbios-name-servers " . $dhcpsettings{"WINS1_${itf}"} if ($dhcpsettings{"WINS1_${itf}"});
- print FILE ", " . $dhcpsettings{"WINS2_${itf}"} if ($dhcpsettings{"WINS2_${itf}"});
- print FILE ";\n" if ($dhcpsettings{"WINS1_${itf}"});
- print FILE "\tnext-server " . $dhcpsettings{"NEXT_${itf}"} . ";\n" if ($dhcpsettings{"NEXT_${itf}"});
- print FILE "\tfilename \"" . $dhcpsettings{"FILE_${itf}"} . "\";\n" if ($dhcpsettings{"FILE_${itf}"});
- print FILE "\tdefault-lease-time " . ($dhcpsettings{"DEFAULT_LEASE_TIME_${itf}"} * 60). ";\n";
- print FILE "\tmax-lease-time " . ($dhcpsettings{"MAX_LEASE_TIME_${itf}"} * 60) . ";\n";
- print FILE "\tallow bootp;\n" if ($dhcpsettings{"ENABLEBOOTP_${itf}"} eq 'on');
-
-
-
- # Write scoped options
- foreach my $line (@current1) {
- chomp($line); # remove newline
- my @temp = split(/\t/,$line); # Use TAB separator !
-
- if ($temp[0] eq 'on'){
- for (my $key=0; $key<@ITFs; $key++) {
- if ($itf eq $temp[3+$key]) # Only is an interface name is read
- {
- print FILE "\toption $temp[1] $temp[2];\n";
- }
- }
- }# on
- }# foreach line
- print FILE "} #$itf\n";
-
- system ('/usr/bin/touch', "${General::swroot}/dhcp/enable_${lc_itf}");
- &General::log("DHCP on ${itf}: " . $Lang::tr{'dhcp server enabled'})
- } else {
- unlink "${General::swroot}/dhcp/enable_${lc_itf}";
- &General::log("DHCP on ${itf}: " . $Lang::tr{'dhcp server disabled'})
- }
- }
-
- #write fixed leases if any. Does not handle duplicates to write them elsewhere than the global scope.
- my $key = 0;
- foreach my $line (@current2) {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($temp[2] eq "on") {
- print FILE "\nhost fix$key # $temp[6]\n";
- print FILE "{\n";
- print FILE "\thardware ethernet $temp[0];\n";
- print FILE "\tfixed-address $temp[1];\n";
- print FILE "\tnext-server $temp[3];\n" if ($temp[3]);
- print FILE "\tfilename \"$temp[4]\";\n" if ($temp[4]);
- print FILE "\toption root-path \"$temp[5]\";\n" if ($temp[5]);
- print FILE "}\n";
- $key++;
- }
- }
- close FILE;
- if ( $dhcpsettings{"ENABLE_GREEN"} eq 'on' || $dhcpsettings{"ENABLE_BLUE"} eq 'on' ) {system '/usr/local/bin/dhcpctrl enable >/dev/null 2>&1';}
- else {system '/usr/local/bin/dhcpctrl disable >/dev/null 2>&1';}
- system '/usr/local/bin/dhcpctrl restart >/dev/null 2>&1';
-}
-
-#
-# Receive a string and if it match model for a new option,
-# add it to the list %newOptions
-#
-my %NewOptions = ();
-
-sub AddNewOptionDefinition {
- my ($line) = @_;
- if ( $line =~ /^([-\w]+)( code \d+=($OptionTypes))/ ) {
- $NewOptions{$1} = $2;
- #&General::log ("new:<$1><$2>");
- return 1;
- }
- return 0;
-}
-
-#
-# Check existence of definition for a new option
-#
-sub ExistNewOptionDefinition {
- my ($line) = @_;
-
- if ( $line =~ /^([-\w]+)( code \d+=($OptionTypes))/ ) {
- return defined $NewOptions{$1};
- }
- return 0;
-}
-
-#
-# Check if it is a new option (definition must exist)
-# "code=" test eliminate a false response when definition exists
-# but this string is a definition with bad $OptionTypes.
-sub ValidNewOption {
- my ($line) = @_;
- if ($line =~ /^([-\w]+) (.*)/ ) {
- return defined ( $NewOptions{$1} ) && $2 !~ /code=/;
- }
- return 0;
-}
-
-#
-# Check if the new option $opt is used, except the definition of itself!
-#
-sub IsUsedNewOptionDefinition {
- my ($opt,$val) = @_;
-
- foreach my $line (@current1) {
- #chomp($line); # remove newline #don't know why, but this remove newline in @current1 .... !
- my @temp = split(/\t/,$line);
- # if we find something "opt value" & value != "code nnn=" it's ok.
- return 1 if ( ($opt eq $temp[1]) && ($temp[2] !~ /code \d+=/) );
- }
- return 0;
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table2colour}, ${Header::colouryellow} );
-undef (@dummy);
-
-my %cgiparams=();
-my %checked=();
-my %selected=();
-my %netsettings=();
-my $errormessage = '';
-my $filename = "${General::swroot}/dmzholes/config";
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-&Header::showhttpheaders();
-
-$cgiparams{'ENABLED'} = 'off';
-$cgiparams{'REMARK'} = '';
-$cgiparams{'ACTION'} = '';
-$cgiparams{'SRC_IP'} = '';
-$cgiparams{'DEST_IP'} ='';
-$cgiparams{'DEST_PORT'} = '';
-&Header::getcgihash(\%cgiparams);
-
-open(FILE, $filename) or die 'Unable to open config file.';
-my @current = <FILE>;
-close(FILE);
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
-{
- unless($cgiparams{'PROTOCOL'} =~ /^(tcp|udp)$/) { $errormessage = $Lang::tr{'invalid input'}; }
- unless(&General::validipormask($cgiparams{'SRC_IP'})) { $errormessage = $Lang::tr{'source ip bad'}; }
- unless($errormessage){$errormessage = &General::validportrange($cgiparams{'DEST_PORT'},'dst');}
- unless(&General::validipormask($cgiparams{'DEST_IP'})) { $errormessage = $Lang::tr{'destination ip bad'}; }
- unless ($errormessage) {
- $errormessage = &validNet($cgiparams{'SRC_NET'},$cgiparams{'DEST_NET'}); }
- # Darren Critchley - Remove commas from remarks
- $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
-
- unless ($errormessage)
- {
- if($cgiparams{'EDITING'} eq 'no') {
- open(FILE,">>$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- print FILE "$cgiparams{'PROTOCOL'},"; # [0]
- print FILE "$cgiparams{'SRC_IP'},"; # [1]
- print FILE "$cgiparams{'DEST_IP'},"; # [2]
- print FILE "$cgiparams{'DEST_PORT'},"; # [3]
- print FILE "$cgiparams{'ENABLED'},"; # [4]
- print FILE "$cgiparams{'SRC_NET'},"; # [5]
- print FILE "$cgiparams{'DEST_NET'},"; # [6]
- print FILE "$cgiparams{'REMARK'}\n"; # [7]
- } else {
- open(FILE,">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- my $id = 0;
- foreach my $line (@current)
- {
- $id++;
- if ($cgiparams{'EDITING'} eq $id) {
- print FILE "$cgiparams{'PROTOCOL'},"; # [0]
- print FILE "$cgiparams{'SRC_IP'},"; # [1]
- print FILE "$cgiparams{'DEST_IP'},"; # [2]
- print FILE "$cgiparams{'DEST_PORT'},"; # [3]
- print FILE "$cgiparams{'ENABLED'},"; # [4]
- print FILE "$cgiparams{'SRC_NET'},"; # [5]
- print FILE "$cgiparams{'DEST_NET'},"; # [6]
- print FILE "$cgiparams{'REMARK'}\n"; # [7]
- } else { print FILE "$line"; }
- }
- }
- close(FILE);
- undef %cgiparams;
- &General::log($Lang::tr{'dmz pinhole rule added'});
- system('/usr/local/bin/setdmzholes');
- }
-}
-if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'})
-{
- my $id = 0;
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- foreach my $line (@current)
- {
- $id++;
- unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }
- }
- close(FILE);
- system('/usr/local/bin/setdmzholes');
- &General::log($Lang::tr{'dmz pinhole rule removed'});
-}
-if ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'})
-{
- my $id = 0;
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- foreach my $line (@current)
- {
- $id++;
- unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }
- else
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$cgiparams{'ENABLE'},$temp[5],$temp[6],$temp[7]\n";
- }
- }
- close(FILE);
- system('/usr/local/bin/setdmzholes');
-}
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'})
-{
- my $id = 0;
- foreach my $line (@current)
- {
- $id++;
- if ($cgiparams{'ID'} eq $id)
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- $cgiparams{'PROTOCOL'} = $temp[0];
- $cgiparams{'SRC_IP'} = $temp[1];
- $cgiparams{'DEST_IP'} = $temp[2];
- $cgiparams{'DEST_PORT'} = $temp[3];
- $cgiparams{'ENABLED'} = $temp[4];
- $cgiparams{'SRC_NET'} = $temp[5];
- $cgiparams{'DEST_NET'} = $temp[6];
- $cgiparams{'REMARK'} = $temp[7];
- }
- }
-}
-
-if ($cgiparams{'ACTION'} eq '')
-{
- $cgiparams{'PROTOCOL'} = 'tcp';
- $cgiparams{'ENABLED'} = 'on';
- $cgiparams{'SRC_NET'} = 'orange';
- $cgiparams{'DEST_NET'} = 'blue';
-}
-
-$selected{'PROTOCOL'}{'udp'} = '';
-$selected{'PROTOCOL'}{'tcp'} = '';
-$selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = "selected='selected'";
-
-$selected{'SRC_NET'}{'orange'} = '';
-$selected{'SRC_NET'}{'blue'} = '';
-$selected{'SRC_NET'}{$cgiparams{'SRC_NET'}} = "selected='selected'";
-
-$selected{'DEST_NET'}{'blue'} = '';
-$selected{'DEST_NET'}{'green'} = '';
-$selected{'DEST_NET'}{$cgiparams{'DEST_NET'}} = "selected='selected'";
-
-$checked{'ENABLED'}{'off'} = '';
-$checked{'ENABLED'}{'on'} = '';
-$checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";
-
-&Header::openpage($Lang::tr{'dmz pinhole configuration'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
-}
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-my $buttonText = $Lang::tr{'add'};
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
- &Header::openbox('100%', 'left', $Lang::tr{'edit a rule'});
- $buttonText = $Lang::tr{'update'};
-} else {
- &Header::openbox('100%', 'left', $Lang::tr{'add a new rule'});
-}
-print <<END
-<table width='100%'>
-<tr>
-<td>
- <select name='PROTOCOL'>
- <option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
- <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option>
- </select>
-</td>
-<td>
- $Lang::tr{'source net'}:</td>
-<td>
- <select name='SRC_NET'>
-END
-;
- if (&haveOrangeNet()) {
- print "<option value='orange' $selected{'SRC_NET'}{'orange'}>$Lang::tr{'orange'}</option>";
- }
- if (&haveBlueNet()) {
- print "<option value='blue' $selected{'SRC_NET'}{'blue'}>$Lang::tr{'blue'}</option>";
- }
-print <<END
- </select>
-</td>
-<td class='base'>$Lang::tr{'source ip or net'}:</td>
-<td><input type='text' name='SRC_IP' value='$cgiparams{'SRC_IP'}' size='15' /></td>
-</tr>
-<tr>
-<td>
- </td>
-<td>
- $Lang::tr{'destination net'}:</td>
-<td>
- <select name='DEST_NET'>
-END
-;
- if (&haveOrangeNet() && &haveBlueNet()) {
- print "<option value='blue' $selected{'DEST_NET'}{'blue'}>$Lang::tr{'blue'}</option>";
- }
-
-print <<END
- <option value='green' $selected{'DEST_NET'}{'green'}>$Lang::tr{'green'}</option>
- </select>
-</td>
-<td class='base'>
- $Lang::tr{'destination ip or net'}:</td>
-<td>
- <input type='text' name='DEST_IP' value='$cgiparams{'DEST_IP'}' size='15' />
-</td>
-<td class='base'>
- $Lang::tr{'destination port'}:
- <input type='text' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' />
-</td>
-</tr>
-</table>
-<table width='100%'>
- <tr>
- <td colspan='3' width='50%' class='base'>
- <font class='boldbase'>$Lang::tr{'remark title'} <img src='/blob.gif' alt='*' /></font>
- <input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' />
- </td>
- </tr>
- <tr>
- <td class='base' width='50%'>
- <img src='/blob.gif' alt ='*' align='top' />
- <font class='base'>$Lang::tr{'this field may be blank'}</font>
- </td>
- <td class='base' width='25%' align='center'>$Lang::tr{'enabled'}<input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
- <td width='25%' align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'add'}' />
- <input type='submit' name='SUBMIT' value='$buttonText' />
- </td>
- </tr>
-</table>
-END
-;
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
- print "<input type='hidden' name='EDITING' value='$cgiparams{'ID'}' />\n";
-} else {
- print "<input type='hidden' name='EDITING' value='no' />\n";
-}
-&Header::closebox();
-print "</form>\n";
-
-&Header::openbox('100%', 'left', $Lang::tr{'current rules'});
-print <<END
-<table width='100%'>
-<tr>
-<td width='7%' class='boldbase' align='center'><b>$Lang::tr{'proto'}</b></td>
-<td width='3%' class='boldbase' align='center'><b>$Lang::tr{'net'}</b></td>
-<td width='25%' class='boldbase' align='center'><b>$Lang::tr{'source'}</b></td>
-<td width='2%' class='boldbase' align='center'> </td>
-<td width='3%' class='boldbase' align='center'><b>$Lang::tr{'net'}</b></td>
-<td width='25%' class='boldbase' align='center'><b>$Lang::tr{'destination'}</b></td>
-<td width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></td>
-<td width='1%' class='boldbase' align='center'> </td>
-<td width='4%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
-END
-;
-
-# Achim Weber: if i add a new rule, this rule is not displayed?!?
-# we re-read always config.
-# If something has happeened re-read config
-#if($cgiparams{'ACTION'} ne '')
-#{
- open(FILE, $filename) or die 'Unable to open config file.';
- @current = <FILE>;
- close(FILE);
-#}
-my $id = 0;
-foreach my $line (@current)
-{
- my $protocol='';
- my $gif='';
- my $toggle='';
- my $gdesc='';
- $id++;
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($temp[0] eq 'udp') { $protocol = 'UDP'; } else { $protocol = 'TCP' }
-
- my $srcnetcolor = ($temp[5] eq 'blue')? ${Header::colourblue} : ${Header::colourorange};
- my $destnetcolor = ($temp[6] eq 'blue')? ${Header::colourblue} : ${Header::colourgreen};
-
- if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'ID'} eq $id) {
- print "<tr bgcolor='${Header::colouryellow}'>\n"; }
- elsif ($id % 2) {
- print "<tr bgcolor='${Header::table1colour}'>\n"; }
- else {
- print "<tr bgcolor='${Header::table2colour}'>\n"; }
- if ($temp[4] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
- else { $gif = 'off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; }
-
- # Darren Critchley - Get Port Service Name if we can - code borrowed from firewalllog.dat
- my $dstprt =$temp[3];
- $_=$temp[3];
- if (/^\d+$/) {
- my $servi = uc(getservbyport($temp[3], lc($temp[0])));
- if ($servi ne '' && $temp[3] < 1024) {
- $dstprt = "$dstprt($servi)"; }
- }
- # Darren Critchley - If the line is too long, wrap the port numbers
- my $dstaddr = "$temp[2] : $dstprt";
- if (length($dstaddr) > 26) {
- $dstaddr = "$temp[2] :<br /> $dstprt";
- }
-print <<END
-<td align='center'>$protocol</td>
-<td bgcolor='$srcnetcolor'></td>
-<td align='center'>$temp[1]</td>
-<td align='center'><img src='/images/forward.gif' /></td>
-<td bgcolor='$destnetcolor'></td>
-<td align='center'>$dstaddr</td>
-<td align='center'>$temp[7]</td>
-
-<td align='center'>
-<form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
-<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' />
-<input type='hidden' name='ID' value='$id' />
-<input type='hidden' name='ENABLE' value='$toggle' />
-<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
-<input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' />
-<input type='hidden' name='ID' value='$id' />
-<input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
-<input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' />
-<input type='hidden' name='ID' value='$id' />
-<input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
-</form>
-</td>
-
-</tr>
-END
- ;
-}
-print "</table>\n";
-
-# If the fixed lease file contains entries, print Key to action icons
-if ( ! -z "$filename") {
-print <<END
-<table>
-<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
-</tr>
-</table>
-END
-;
-}
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub validNet
-{
- my $srcNet = $_[0];
- my $destNet = $_[1];
-
- if ($srcNet eq $destNet) {
- return $Lang::tr{'dmzpinholes for same net not necessary'}; }
- unless ($srcNet =~ /^(blue|orange)$/) {
- return $Lang::tr{'select source net'}; }
- unless ($destNet =~ /^(blue|green)$/) {
- return $Lang::tr{'select dest net'}; }
-
- return '';
-}
-
-sub haveOrangeNet
-{
- if ($netsettings{'CONFIG_TYPE'} == 2) {return 1;}
- if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
- return 0;
-}
-
-sub haveBlueNet
-{
- if ($netsettings{'CONFIG_TYPE'} == 3) {return 1;}
- if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
- return 0;
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %extrahdsettings = ();
-my $message = "";
-my $errormessage = "";
-my $size = "";
-my $ok = "true";
-my @tmp = ();
-my @tmpline = ();
-my $tmpentry = "";
-my @devices = ();
-my @deviceline = ();
-my $deviceentry = "";
-my @scans = ();
-my @scanline = ();
-my $scanentry = "";
-my @partitions = ();
-my @partitionline = ();
-my $partitionentry = "";
-my $devicefile = "/var/ipfire/extrahd/devices";
-my $scanfile = "/var/ipfire/extrahd/scan";
-my $partitionsfile = "/var/ipfire/extrahd/partitions";
-system("/usr/local/bin/scanhd ide");
-system("/usr/local/bin/scanhd partitions");
-
-&Header::showhttpheaders();
-
-### Values that have to be initialized
-$extrahdsettings{'PATH'} = '';
-$extrahdsettings{'FS'} = '';
-$extrahdsettings{'DEVICE'} = '';
-$extrahdsettings{'ACTION'} = '';
-
-&General::readhash("${General::swroot}/extrahd/settings", \%extrahdsettings);
-&Header::getcgihash(\%extrahdsettings);
-
-&Header::openpage('ExtraHD', 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-############################################################################################################################
-############################################################################################################################
-
-if ($extrahdsettings{'ACTION'} eq $Lang::tr{'add'})
-{
- open( FILE, "< $devicefile" ) or die "Unable to read $devicefile";
- @devices = <FILE>;
- close FILE;
- foreach $deviceentry (sort @devices)
- {
- @deviceline = split( /\;/, $deviceentry );
- if ( "$extrahdsettings{'PATH'}" eq "$deviceline[2]" ) {
- $ok = "false";
- $errormessage = "You can't mount $extrahdsettings{'DEVICE'} to $extrahdsettings{'PATH'}, because there is already a device mounted.";
- }
- if ( "$extrahdsettings{'PATH'}" eq "/" ) {
- $ok = "false";
- $errormessage = "You can't mount $extrahdsettings{'DEVICE'} to root /.";
- }
- }
-
- if ( "$ok" eq "true" ) {
- open(FILE, ">> $devicefile" ) or die "Unable to write $devicefile";
- print FILE <<END
-$extrahdsettings{'DEVICE'};$extrahdsettings{'FS'};$extrahdsettings{'PATH'};
-END
-;
- system("/usr/local/bin/extrahdctrl mount $extrahdsettings{'PATH'}");
- }
-}
-elsif ($extrahdsettings{'ACTION'} eq $Lang::tr{'delete'})
-{
- if ( `/usr/local/bin/extrahdctrl umount $extrahdsettings{'PATH'}` ) {
- open( FILE, "< $devicefile" ) or die "Unable to read $devicefile";
- @tmp = <FILE>;
- close FILE;
- open( FILE, "> $devicefile" ) or die "Unable to write $devicefile";
- foreach $deviceentry (sort @tmp)
- {
- @tmpline = split( /\;/, $deviceentry );
- if ( $tmpline[2] ne $extrahdsettings{'PATH'} )
- {
- print FILE $deviceentry;
- }
- }
- close FILE;
- } else {
- $errormessage = "Can't umount $extrahdsettings{'PATH'}. Maybe the device is in use?";
- }
-}
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
-}
-
-############################################################################################################################
-############################################################################################################################
-
-&Header::openbox('100%', 'center', 'ExtraHD');
- open( FILE, "< $devicefile" ) or die "Unable to read $devicefile";
- @devices = <FILE>;
- close FILE;
- print <<END
- <table border='0' width='600' cellspacing="0">
-END
-;
- foreach $deviceentry (sort @devices)
- {
- @deviceline = split( /\;/, $deviceentry );
- my $color="$Header::colourred";
- if ( `/bin/mount | /bin/fgrep $deviceline[2] | /bin/fgrep /dev/$deviceline[0]` ) {
- $color=$Header::colourgreen;
- }
- print <<END
- <tr><td colspan="5">
- <tr><td align='center'><font color=$color><b>/dev/$deviceline[0]</b></font>
- <td align='center'>$deviceline[1]
- <td align='center'>$deviceline[2]
- <td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='DEVICE' value='$deviceline[0]' />
- <input type='hidden' name='FS' value='$deviceline[1]' />
- <input type='hidden' name='PATH' value='$deviceline[2]' />
- <input type='hidden' name='ACTION' value=$Lang::tr{'delete'} />
- <input type='image' alt=$Lang::tr{'delete'} src='/images/delete.gif' />
- </form>
-END
-;
- }
- print <<END
- </table>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'center', 'Gefundene Laufwerke');
- print <<END
- <table border='0' width='600' cellspacing="0">
-END
-;
- open( FILE, "< $scanfile" ) or die "Unable to read $scanfile";
- @scans = <FILE>;
- close FILE;
- open( FILE, "< $partitionsfile" ) or die "Unable to read $partitionsfile";
- @partitions = <FILE>;
- close FILE;
- foreach $scanentry (sort @scans)
- {
- @scanline = split( /\;/, $scanentry );
- print <<END
- <tr><td colspan="5">
- <tr><td align='center'><b>/dev/$scanline[0]</b>
- <td align='center' colspan="2">$scanline[1]
-END
-;
- foreach $partitionentry (sort @partitions)
- {
- @partitionline = split( /\;/, $partitionentry );
- if ( "$partitionline[0]" eq "$scanline[0]" ) {
- $size = int($partitionline[1] / 1024);
- print <<END
- <td align='center'>$Lang::tr{'size'} $size MB
- <td>
- <tr><td colspan="5">
-END
-;
- }
- }
-
- foreach $partitionentry (sort @partitions)
- {
- @partitionline = split( /\;/, $partitionentry );
- if (( "$partitionline[0]" =~ /^$scanline[0]/ ) && ! ( "$partitionline[0]" eq "$scanline[0]" )) {
- $size = int($partitionline[1] / 1024);
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <tr><td align="center">/dev/$partitionline[0]
- <td align="center">$Lang::tr{'size'} $size MB
- <td align='center'><select name="FS">
- <option value="auto">auto</option>
- <option value="ext3">ext3</option>
- <option value="reiserfs">reiserfs</option>
- <option value="vfat">fat</option>
- <option value="ntfs-3g">ntfs (experimental)</option>
- </select>
- <td align="center"><input type='text' name='PATH' value=/mnt/harddisk />
- <td align="center">
- <input type='hidden' name='DEVICE' value='$partitionline[0]' />
- <input type='hidden' name='ACTION' value=$Lang::tr{'add'} />
- <input type='image' alt=$Lang::tr{'add'} src='/images/add.gif' />
- </form>
-
-END
-;
- }
- }
- }
-
- print <<END
- <tr><td align="center" colspan="5">If your device isn't listed here, you need to install or load the driver.<br />If you can see your device but no partitions you have to create them first.
- </table>
-END
-;
-&Header::closebox();
-
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/graphs.pl";
-
-my %cgiparams=();
-my @cgigraphs=();
-my @graphs=();
-
-&Graphs::updatefwhitsgraph ("day");
-&Graphs::updatefwhitsgraph ("week");
-&Graphs::updatefwhitsgraph ("month");
-&Graphs::updatefwhitsgraph ("year");
-
-$ENV{'QUERY_STRING'} =~ s/&//g;
-@cgigraphs = split(/graph=/,$ENV{'QUERY_STRING'});
-$cgigraphs[1] = '' unless defined $cgigraphs[1];
-
-&Header::showhttpheaders();
-
-my $graphdir = "/home/httpd/html/graphs";
-my @LOCALCHECK=();
-my $errormessage="";
-
-&Header::openpage($Lang::tr{'firewall graphs'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
- &Header::openbox('100%', 'center', $Lang::tr{"daily firewallhits"});
-if (-e "$Header::graphdir/firewallhits-day-area.png") {
- my $ftime = localtime((stat("$Header::graphdir/firewallhits-day-area.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<img alt='' src='/graphs/firewallhits-day-area.png' border='0' />";
- print "<br />\n";
-} else {
- print $Lang::tr{'no information available'};
-}
-print "<br />\n";
- &Header::closebox();
-
- &Header::openbox('100%', 'center', $Lang::tr{"weekly firewallhits"});
-if (-e "$Header::graphdir/firewallhits-week-area.png") {
- my $ftime = localtime((stat("$Header::graphdir/firewallhits-week-area.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<img alt='' src='/graphs/firewallhits-week-area.png' border='0' />";
- print "<br />\n";
-} else {
- print $Lang::tr{'no information available'};
-}
-print "<br />\n";
- &Header::closebox();
-
- &Header::openbox('100%', 'center', $Lang::tr{"monthly firewallhits"});
-if (-e "$Header::graphdir/firewallhits-month-area.png") {
- my $ftime = localtime((stat("$Header::graphdir/firewallhits-month-area.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<img alt='' src='/graphs/firewallhits-month-area.png' border='0' />";
- print "<br />\n";
-} else {
- print $Lang::tr{'no information available'};
-}
-print "<br />\n";
- &Header::closebox();
-
- &Header::openbox('100%', 'center', $Lang::tr{"yearly firewallhits"});
-if (-e "$Header::graphdir/firewallhits-year-area.png") {
- my $ftime = localtime((stat("$Header::graphdir/firewallhits-year-area.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<img alt='' src='/graphs/firewallhits-year-area.png' border='0' />";
- print "<br />\n";
-} else {
- print $Lang::tr{'no information available'};
-}
-print "<br />\n";
- &Header::closebox();
-
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/graphs.pl";
-
-my %cgiparams=();
-my %pppsettings=();
-my %netsettings=();
-my @cgigraphs=();
-my @graphs=();
-my $iface='';
-
-&Header::showhttpheaders();
-
-my $graphdir = "/srv/web/ipfire/html/graphs";
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-$ENV{'QUERY_STRING'} =~ s/&//g;
-@cgigraphs = split(/graph=/,$ENV{'QUERY_STRING'});
-$cgigraphs[1] = '' unless defined $cgigraphs[1];
-
-if ($cgigraphs[1] =~ /(load)/) {&Graphs::updateloadgraph ("week");&Graphs::updateloadgraph ("month");&Graphs::updateloadgraph ("year");}
-if ($cgigraphs[1] =~ /(cpu)/) {&Graphs::updatecpugraph ("week");&Graphs::updatecpugraph ("month");&Graphs::updatecpugraph ("year");}
-if ($cgigraphs[1] =~ /(memory|swap)/) {&Graphs::updatememgraph ("week");&Graphs::updatememgraph ("month");&Graphs::updatememgraph ("year");}
-if ($cgigraphs[1] =~ /disk/){
- my @devices = `kudzu -qps -c HD | grep device: | cut -d" " -f2 | sort | uniq`;
-
- foreach (@devices) {
- my $device = $_;
- chomp($device);
- &Graphs::updatediskgraph ("week",$device);
- &Graphs::updatediskgraph ("month",$device);
- &Graphs::updatediskgraph ("year",$device);}}
-if ($cgigraphs[1] =~ /lq/) {&Graphs::updatelqgraph("week");&Graphs::updatelqgraph("month");&Graphs::updatelqgraph("year");}
-if ($cgigraphs[1] =~ /RED/) {&Graphs::updateifgraph("RED", "week");&Graphs::updateifgraph("RED", "month");&Graphs::updateifgraph("RED", "year");}
-if ($cgigraphs[1] =~ /GREEN/) {&Graphs::updateifgraph("GREEN", "week");&Graphs::updateifgraph("GREEN", "month");&Graphs::updateifgraph("GREEN", "year");}
-if ($cgigraphs[1] =~ /BLUE/) {&Graphs::updateifgraph("BLUE", "week");&Graphs::updateifgraph("BLUE", "month");&Graphs::updateifgraph("BLUE", "year");}
-if ($cgigraphs[1] =~ /ORANGE/) {&Graphs::updateifgraph("ORANGE", "week");&Graphs::updateifgraph("ORANGE", "month");&Graphs::updateifgraph("ORANGE", "year");}
-
-if ($cgigraphs[1] =~ /(network|GREEN|BLUE|ORANGE|RED|lq)/) {
- &Header::openpage($Lang::tr{'network traffic graphs'}, 1, '');
-} else {
- &Header::openpage($Lang::tr{'system graphs'}, 1, '');
-}
-
-&Header::openbigbox('100%', 'left');
-
-if ($cgigraphs[1] =~ /(GREEN|BLUE|ORANGE|RED|lq|cpu|memory|swap|disk|load)/) {
- my $graph = $cgigraphs[1];
- my $graphname = ucfirst(lc($cgigraphs[1]));
- &Header::openbox('100%', 'center', "$graphname $Lang::tr{'graph'}");
-
- if (-e "$graphdir/${graph}-day.png") {
- my $ftime = localtime((stat("$graphdir/${graph}-day.png"))[9]);
- print "<center>";
- print "<b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br /><hr />\n";
- print "<img alt='' src='/graphs/${graph}-day.png' border='0' /><hr />";
- print "<img alt='' src='/graphs/${graph}-week.png' border='0' /><hr />";
- print "<img alt='' src='/graphs/${graph}-month.png' border='0' /><hr />";
- print "<img alt='' src='/graphs/${graph}-year.png' border='0' />";
- } else {
- print $Lang::tr{'no information available'};
- }
- &Header::closebox();
-} elsif ($cgigraphs[1] =~ /network/) {
- push (@graphs, ('GREEN'));
- if ($netsettings{'BLUE_DEV'}) {
- push (@graphs, ('BLUE')); }
- if ($netsettings{'ORANGE_DEV'}) {
- push (@graphs, ('ORANGE')); }
- push (@graphs, ("RED"));
- push (@graphs, ('lq'));
-
- foreach my $graphname (@graphs) {
- &Header::openbox('100%', 'center', "$graphname $Lang::tr{'graph'}");
-
- if (-e "$graphdir/${graphname}-day.png") {
- my $ftime = localtime((stat("$graphdir/${graphname}-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/graphs.cgi?graph=$graphname'>";
- print "<img alt='' src='/graphs/${graphname}-day.png' border='0' />";
- print "</a>";
- } else {
- print $Lang::tr{'no information available'};
- }
- print "<br />\n";
- &Header::closebox();
- }
-}
-
-print "<div align='center'><table width='80%'><tr><td align='center'>";
-if ( $cgigraphs[1] eq "cpu" || $cgigraphs[1] eq "load" ) { print "<a href='/cgi-bin/system.cgi'>"; }
-elsif ( $cgigraphs[1] eq "memory" || $cgigraphs[1] eq "swap" ) { print "<a href='/cgi-bin/memory.cgi'>"; }
-elsif ( $cgigraphs[1] eq "memory" || $cgigraphs[1] eq "swap" ) { print "<a href='/cgi-bin/memory.cgi'>"; }
-elsif ( $cgigraphs[1] =~ /disk/ ) { print "<a href='/cgi-bin/media.cgi'>"; }
-elsif ( $cgigraphs[1] eq "RED" || $cgigraphs[1] eq "lq" ) { print "<a href='/cgi-bin/network.cgi?network=red'>"; }
-elsif ( $cgigraphs[1] eq "GREEN" || $cgigraphs[1] eq "BLUE" || $cgigraphs[1] eq "ORANGE" ) { print "<a href='/cgi-bin/network.cgi?network=other'>"; }
-print "$Lang::tr{'back'}</a></td></tr></table></div>\n";
-
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %cgiparams=();
-my %mainsettings=();
-my %checked=();
-my $errormessage='';
-
-
-$cgiparams{'FX'} = 'off';
-$cgiparams{'SPEED'} = 'off';
-$cgiparams{'WINDOWWITHHOSTNAME'} = 'off';
-$cgiparams{'REFRESHINDEX'} = 'off';
-$cgiparams{'ACTION'} = '';
-&Header::getcgihash(\%cgiparams);
-
-&Header::showhttpheaders();
-&General::readhash("${General::swroot}/main/settings",\%mainsettings);
-if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}")
-{
- open(FILE,"${General::swroot}/langs/list");
- my $found=0;
- while (<FILE>)
- {
- my $lang='';
- my $engname='';
- my $natname='';
- chomp;
- ($lang,$engname,$natname) = split (/:/, $_,3);
- if ($cgiparams{'lang'} eq $lang)
- {
- $found=1;
- }
- }
- close (FILE);
- if ( $found == 0 )
- {
- $errormessage="$errormessage<P>$Lang::tr{'invalid input'}";
- goto SAVE_ERROR;
- }
-
- # Set flag if index page is to refresh whilst ppp is up.
- # Default is NO refresh.
- if ($cgiparams{'REFRESHINDEX'} ne 'off') {
- system ('/usr/bin/touch', "${General::swroot}/main/refreshindex");
- } else {
- unlink "${General::swroot}/main/refreshindex";
- }
-
- # Beep on ip-up or ip-down. Default is ON.
- if ($cgiparams{'PPPUPDOWNBEEP'} ne 'on') {
- $cgiparams{'PPPUPDOWNBEEP'} = 'off';
- system ('/usr/bin/touch', "${General::swroot}/ppp/nobeeps");
- } else {
- unlink "${General::swroot}/ppp/nobeeps";
- }
-
- # write cgi vars to the file.
- $mainsettings{'LANGUAGE'} = $cgiparams{'lang'};
- $mainsettings{'WINDOWWITHHOSTNAME'} = $cgiparams{'WINDOWWITHHOSTNAME'};
- $mainsettings{'PPPUPDOWNBEEP'} = $cgiparams{'PPPUPDOWNBEEP'};
- $mainsettings{'FX'} = $cgiparams{'FX'};
- $mainsettings{'SPEED'} = $cgiparams{'SPEED'};
- $mainsettings{'THEME'} = $cgiparams{'theme'};
- $mainsettings{'REFRESHINDEX'} = $cgiparams{'REFRESHINDEX'};
- &General::writehash("${General::swroot}/main/settings", \%mainsettings);
- &Lang::reload($cgiparams{'lang'});
- SAVE_ERROR:
-} else {
- if ($mainsettings{'WINDOWWITHHOSTNAME'}) {
- $cgiparams{'WINDOWWITHHOSTNAME'} = $mainsettings{'WINDOWWITHHOSTNAME'};
- } else {
- $cgiparams{'WINDOWWITHHOSTNAME'} = 'off';
- }
-
- if ($mainsettings{'PPPUPDOWNBEEP'}) {
- $cgiparams{'PPPUPDOWNBEEP'} = $mainsettings{'PPPUPDOWNBEEP'};
- } else {
- $cgiparams{'PPPUPDOWNBEEP'} = 'on';
- }
-
- if ($mainsettings{'FX'}) {
- $cgiparams{'FX'} = $mainsettings{'FX'};
- } else {
- $cgiparams{'FX'} = 'on';
- }
-
- if ($mainsettings{'THEME'}) {
- $cgiparams{'THEME'} = $mainsettings{'THEME'};
- } else {
- $cgiparams{'THEME'} = 'ipfire';
- }
-
- if($mainsettings{'REFRESHINDEX'}) {
- $cgiparams{'REFRESHINDEX'} = $mainsettings{'REFRESHINDEX'};
- } else {
- $cgiparams{'REFRESHINDEX'} = 'off';
- }
- if($mainsettings{'SPEED'}) {
- $cgiparams{'SPEED'} = $mainsettings{'SPEED'};
- } else {
- $cgiparams{'SPEED'} = 'off';
- }
-}
-
-# Default settings
-if ($cgiparams{'ACTION'} eq "$Lang::tr{'restore defaults'}")
-{
- $cgiparams{'WINDOWWITHHOSTNAME'} = 'off';
- $cgiparams{'PPPUPDOWNBEEP'} = 'on';
- $cgiparams{'REFRESHINDEX'} = 'off';
- $cgiparams{'FX'} = 'on';
- $cgiparams{'SPEED'} = 'on';
- $cgiparams{'THEME'} = 'ipfire';
-}
-
-$checked{'WINDOWWITHHOSTNAME'}{'off'} = '';
-$checked{'WINDOWWITHHOSTNAME'}{'on'} = '';
-$checked{'WINDOWWITHHOSTNAME'}{$cgiparams{'WINDOWWITHHOSTNAME'}} = "checked='checked'";
-
-$checked{'PPPUPDOWNBEEP'}{'off'} = '';
-$checked{'PPPUPDOWNBEEP'}{'on'} = '';
-$checked{'PPPUPDOWNBEEP'}{$cgiparams{'PPPUPDOWNBEEP'}} = "checked='checked'";
-
-$checked{'REFRESHINDEX'}{'off'} = '';
-$checked{'REFRESHINDEX'}{'on'} = '';
-$checked{'REFRESHINDEX'}{$cgiparams{'REFRESHINDEX'}} = "checked='checked'";
-
-$checked{'FX'}{'off'} = '';
-$checked{'FX'}{'on'} = '';
-$checked{'FX'}{$cgiparams{'FX'}} = "checked='checked'";
-
-$checked{'SPEED'}{'off'} = '';
-$checked{'SPEED'}{'on'} = '';
-$checked{'SPEED'}{$cgiparams{'SPEED'}} = "checked='checked'";
-
-&Header::openpage($Lang::tr{'gui settings'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%','left',$Lang::tr{'error messages'});
- print "<font class='base'>${errormessage} </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%','left',$Lang::tr{'gui settings'});
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td colspan='2'><p><b>$Lang::tr{'display'}</b></td>
-</tr>
-<tr>
- <td><input type='checkbox' name='FX' $checked{'FX'}{'on'} /></td>
- <td>$Lang::tr{'display webinterface effects'}</td>
-</tr>
-<tr>
- <td><input type='checkbox' name='WINDOWWITHHOSTNAME' $checked{'WINDOWWITHHOSTNAME'}{'on'} /></td>
- <td>$Lang::tr{'display hostname in window title'}</td>
-</tr>
-<tr>
- <td><input type='checkbox' name='REFRESHINDEX' $checked{'REFRESHINDEX'}{'on'} /></td>
- <td>$Lang::tr{'refresh index page while connected'}</td>
-</tr>
-<tr>
- <td><input type='checkbox' name='SPEED' $checked{'SPEED'}{'on'} /></td>
- <td>$Lang::tr{'show ajax speedmeter in footer'}</td>
-</tr>
-<tr>
- <td> </td>
- <td>$Lang::tr{'languagepurpose'}</td>
-</tr>
-<tr>
- <td> </td>
- <td><select name='lang'>
-END
-;
-
-my $id=0;
-open(FILE,"${General::swroot}/langs/list");
-while (<FILE>)
-{
- my $lang='';
- my $engname='';
- my $natname='';
- $id++;
- chomp;
- ($lang,$engname,$natname) = split (/:/, $_, 3);
- print "<option value='$lang' ";
- if ($lang =~ /$mainsettings{'LANGUAGE'}/)
- {
- print " selected='selected'";
- }
- print <<END
->$engname ($natname)</option>
-END
- ;
-}
-
-print <<END
-</select></td></tr>
-<tr>
- <td colspan='2'><hr /><p><b>$Lang::tr{'theme'}</b></td>
-</tr>
-<tr>
- <td> </td>
- <td><select name='theme'>
-END
-;
-
-my $dir = "/srv/web/ipfire/html/themes";
-local *DH;
-my ($item, $file);
-my @files;
-
-opendir (DH, $dir);
-while ($file = readdir (DH)) {
- next if ( $file =~ /^\./ );
- push (@files, $file);
-}
-closedir (DH);
-
-foreach $item (sort (@files)) {
- if ( "$mainsettings{'THEME'}" eq "$item" ) {
- print "<option value='$item' selected='selected'>$item</option>\n";
- } else {
- print "<option value='$item'>$item</option>\n";
- }
-}
-
-print <<END
-</select></td></tr>
-<tr>
- <td colspan='2'><hr /><p><b>$Lang::tr{'sound'}</b></td>
-</tr>
-<tr>
- <td><input type ='checkbox' name='PPPUPDOWNBEEP' $checked{'PPPUPDOWNBEEP'}{'on'} /></td>
- <td>$Lang::tr{'beep when ppp connects or disconnects'}</td>
-</tr>
-<tr>
- <td colspan='2'><hr /></td>
-</tr>
-</table>
-<div align='center'>
-<table width='80%'>
-<tr>
- <td width='50%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'restore defaults'}' /></td>
- <td width='50%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
-</tr>
-</table>
-</div>
-</form>
-END
-;
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-
-
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-# use warnings;
-# use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/graphs.pl";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my %cgiparams=();
-my @cgigraphs=();
-
-&Header::showhttpheaders();
-
-my $graphdir = "/srv/web/ipfire/html/graphs";
-
-my @disks = `kudzu -qps -c HD | grep device: | cut -d" " -f2 | sort | uniq`;
-foreach (@disks){
- my $disk = $_;
- chomp $disk;
- my @array = split(/\//,$disk);
- &Graphs::updatehddgraph ($array[$#array],"day");&Graphs::updatehddgraph ($array[$#array],"week");&Graphs::updatehddgraph ($array[$#array],"month");&Graphs::updatehddgraph ($array[$#array],"year");
-}
-
- &Graphs::updatetempgraph ("day");
- &Graphs::updatefangraph ("day");
- &Graphs::updatevoltgraph ("day");
-
-my @graphs=();
-
-&Header::getcgihash(\%cgiparams);
-
-$ENV{'QUERY_STRING'} =~ s/&//g;
-@cgigraphs = split(/graph=/,$ENV{'QUERY_STRING'});
-$cgigraphs[1] = '' unless defined $cgigraphs[1];
-
-my %mbmon_settings = ();
-my %mbmon_values = ();
-&General::readhash("/var/log/mbmon-values", \%mbmon_values);
-my $key;
-
-if ( $cgiparams{'ACTION'} eq $Lang::tr{'save'} )
-{
- $mbmon_settings{'GRAPH_TEMP'} = ($cgiparams{'TEMP'} eq 'on');
- $mbmon_settings{'GRAPH_FAN'} = ($cgiparams{'FAN'} eq 'on');
- $mbmon_settings{'GRAPH_VOLT'} = ($cgiparams{'VOLT'} eq 'on');
- $mbmon_settings{'GRAPH_HDD'} = ($cgiparams{'HDD'} eq 'on');
-
- foreach my $line (sort keys %cgiparams)
- {
- if ( index($line, "LINE-") != -1 )
- {
- $mbmon_settings{$line} = 'on';
- }
-
- if ( index($line, "LABEL-") != -1 )
- {
- $mbmon_settings{$line} = $cgiparams{$line};
- }
- }
-
- &General::writehash("${General::swroot}/mbmon/settings", \%mbmon_settings);
-}
-else
-{
- &General::readhash("${General::swroot}/mbmon/settings", \%mbmon_settings);
-}
-
-my $selected_temp = '';
-my $selected_fan = '';
-my $selected_volt = '';
-my $selected_hdd = '';
-
-$selected_temp = "checked='checked'" if ( $mbmon_settings{'GRAPH_TEMP'} == 1 );
-$selected_fan = "checked='checked'" if ( $mbmon_settings{'GRAPH_FAN'} == 1 );
-$selected_volt = "checked='checked'" if ( $mbmon_settings{'GRAPH_VOLT'} == 1 );
-$selected_hdd = "checked='checked'" if ( $mbmon_settings{'GRAPH_HDD'} == 1 );
-
-my %mbmon_graphs = ();
-foreach $key ( sort(keys %mbmon_values) )
-{
- $mbmon_graphs{$key} = "checked='checked'" if ( $mbmon_settings{'LINE-'.$key} eq 'on' );
- if ( !defined($mbmon_settings{'LABEL-'.$key}) )
- {
- $mbmon_settings{'LABEL-'.$key} = $key;
- }
-}
-
-&Header::openpage($Lang::tr{'harddisk temperature graphs'}, 1, '');
-
-&Header::openbigbox('100%', 'left');
-
-###############
-# DEBUG DEBUG
-#&Header::openbox('100%', 'left', 'DEBUG');
-#my $debugCount = 0;
-#foreach my $line (sort keys %cgiparams) {
-# print "$line = $cgiparams{$line}<br />\n";
-# $debugCount++;
-#}
-#print " Count: $debugCount<br />\n";
-#print " CGIParams: $cgigraphs[1]\n";
-#&Header::closebox();
-# DEBUG DEBUG
-###############
-
-if ($cgigraphs[1] =~ /hddtemp/)
-{
- my $graph = $cgigraphs[1];
- my $graphname = $Lang::tr{"harddisk temperature"};
- &Header::openbox('100%', 'center', "$graphname $Lang::tr{'graph'}");
-
- if (-e "$graphdir/${graph}-day.png")
- {
- my $ftime = localtime((stat("$graphdir/${graph}-day.png"))[9]);
- print "<center>";
- print "<b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br /><hr />\n";
- print "<img src='/graphs/${graph}-day.png' border='0' /><hr />";
- print "<img src='/graphs/${graph}-week.png' border='0' /><hr />";
- print "<img src='/graphs/${graph}-month.png' border='0' /><hr />";
- print "<img src='/graphs/${graph}-year.png' border='0' />";
- if ( -e "/var/log/smartctl_out_${graph}" )
- {
- my $output = `/bin/cat /var/log/smartctl_out_${graph}`;
- $output = &Header::cleanhtml($output);
- print "<hr><table border=0><tr><td align=left><pre>$output</pre></table>\n";
- }
- }
- else
- {
- print $Lang::tr{'no information available'};
- }
- &Header::closebox();
- print "<div align='center'><table width='80%'><tr><td align='center'>";
- print "<a href='/cgi-bin/hardwaregraphs.cgi'>";
- print "$Lang::tr{'back'}</a></td></tr></table></div>\n";
-}
-elsif ($cgigraphs[1] =~ /(temp|fan|volt)/)
-{
-if ($cgigraphs[1] =~ /temp/) {&Graphs::updatetempgraph ("week");&Graphs::updatetempgraph ("month");&Graphs::updatetempgraph ("year");}
-if ($cgigraphs[1] =~ /fan/) {&Graphs::updatefangraph ("week");&Graphs::updatefangraph ("month");&Graphs::updatefangraph ("year");}
-if ($cgigraphs[1] =~ /volt/) {&Graphs::updatevoltgraph ("week");&Graphs::updatevoltgraph ("month");&Graphs::updatevoltgraph ("year");}
-
- my $graph = $cgigraphs[1];
- my $graphname = $Lang::tr{"mbmon $cgigraphs[1]"};
- &Header::openbox('100%', 'center', "$graphname $Lang::tr{'graph'}");
-
- if (-e "$graphdir/mbmon-${graph}-day.png")
- {
- my $ftime = localtime((stat("$graphdir/mbmon-${graph}-day.png"))[9]);
- print "<center>";
- print "<b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br /><hr />\n";
- print "<img src='/graphs/mbmon-${graph}-day.png' border='0' /><hr />";
- print "<img src='/graphs/mbmon-${graph}-week.png' border='0' /><hr />";
- print "<img src='/graphs/mbmon-${graph}-month.png' border='0' /><hr />";
- print "<img src='/graphs/mbmon-${graph}-year.png' border='0' />";
- }
- else
- {
- print $Lang::tr{'no information available'};
- }
- &Header::closebox();
- print "<div align='center'><table width='80%'><tr><td align='center'>";
- print "<a href='/cgi-bin/hardwaregraphs.cgi'>";
- print "$Lang::tr{'back'}</a></td></tr></table></div>\n";
-}
-else
-{
- if ( $mbmon_settings{'GRAPH_TEMP'} == 1 )
- {
- &Header::openbox('100%', 'center', "$Lang::tr{'mbmon temp'} $Lang::tr{'graph'}");
- if (-e "$graphdir/mbmon-temp-day.png")
- {
- my $ftime = localtime((stat("$graphdir/mbmon-temp-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/hardwaregraphs.cgi?graph=temp'>";
- print "<img src='/graphs/mbmon-temp-day.png' border='0' />";
- print "</a>";
- }
- else
- {
- print $Lang::tr{'no information available'};
- }
- print "<br />\n";
- &Header::closebox();
- }
-
- if ( $mbmon_settings{'GRAPH_FAN'} == 1 )
- {
- &Header::openbox('100%', 'center', "$Lang::tr{'mbmon fan'} $Lang::tr{'graph'}");
- if (-e "$graphdir/mbmon-fan-day.png")
- {
- my $ftime = localtime((stat("$graphdir/mbmon-fan-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/hardwaregraphs.cgi?graph=fan'>";
- print "<img src='/graphs/mbmon-fan-day.png' border='0' />";
- print "</a>";
- }
- else
- {
- print $Lang::tr{'no information available'};
- }
- print "<br />\n";
- &Header::closebox();
- }
-
- if ( $mbmon_settings{'GRAPH_VOLT'} == 1 )
- {
- &Header::openbox('100%', 'center', "$Lang::tr{'mbmon volt'} $Lang::tr{'graph'}");
- if (-e "$graphdir/mbmon-volt-day.png")
- {
- my $ftime = localtime((stat("$graphdir/mbmon-volt-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/hardwaregraphs.cgi?graph=volt'>";
- print "<img src='/graphs/mbmon-volt-day.png' border='0' />";
- print "</a>";
- }
- else
- {
- print $Lang::tr{'no information available'};
- }
- print "<br />\n";
- &Header::closebox();
- }
-
- if ( $mbmon_settings{'GRAPH_HDD'} == 1 )
- {
- my @devices = `kudzu -qps -c HD | grep device: | cut -d" " -f2 | sort | uniq`;
- foreach (@devices) {
- my $device = $_;
- chomp($device);
- my @array = split(/\//,$device);
- hddtempbox($array[$#array]);}
- }
-
- &Header::openbox('100%', 'center', $Lang::tr{'settings'});
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr><td colspan='2' align='left'><input type='checkbox' name='TEMP' $selected_temp /> $Lang::tr{'mbmon temp'} $Lang::tr{'graph'}</td></tr>
-<tr><td colspan='2' align='left'><input type='checkbox' name='FAN' $selected_fan /> $Lang::tr{'mbmon fan'} $Lang::tr{'graph'}</td></tr>
-<tr><td colspan='2' align='left'><input type='checkbox' name='VOLT' $selected_volt /> $Lang::tr{'mbmon volt'} $Lang::tr{'graph'}</td></tr>
-<tr><td colspan='2' align='left'><input type='checkbox' name='HDD' $selected_hdd /> $Lang::tr{'harddisk temperature'}-$Lang::tr{'graph'}</td></tr>
-</table>
-<hr />
-<table width='100%' border='0' cellspacing='1' cellpadding='0'>
-<tr><td align='center' width='10%'><b>$Lang::tr{'mbmon display'}</b></td><td align='center' width='15%'> </td><td align='center' width='15%'><b>$Lang::tr{'mbmon value'}</b></td><td align='left'><b>$Lang::tr{'mbmon label'}</b></td></tr>
-END
-;
-
-my $i = 0;
-foreach $key ( sort(keys %mbmon_values) )
-{
- if ( $i % 2 )
- {
- print("<tr bgcolor='$color{'color22'}'>");
- }
- else
- {
- print("<tr bgcolor='$color{'color20'}'>");
- }
- $mbmon_settings{'LABEL-'.$key} = &Header::cleanhtml($mbmon_settings{'LABEL-'.$key});
- print("<td align='center'><input type='checkbox' name='LINE-$key' $mbmon_graphs{$key}/></td>");
- print("<td>$key</td><td align='center'>$mbmon_values{$key}</td>\n");
- print("<td> <input type='text' name='LABEL-$key' value='$mbmon_settings{'LABEL-'.$key}' size='25' /></td></tr>\n");
- $i++;
-}
-
-print <<END
-</table>
-
-<table width='100%'>
-<tr><td class='base' valign='top'> </td><td width='40%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td></tr>
-</table>
-
-</form>
-END
-;
- &Header::closebox();
-}
-
-&Header::closebigbox();
-&Header::closepage();
-
-sub hddtempbox {
- my $disk = $_[0];
- if (-e "$graphdir/hddtemp-$disk-day.png") {
-
- &Header::openbox('100%', 'center', "Disk $disk $Lang::tr{'graph'}");
- my $ftime = localtime((stat("$graphdir/hddtemp-$disk-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/hardwaregraphs.cgi?graph=hddtemp-$disk'>";
- print "<img src='/graphs/hddtemp-$disk-day.png' border='0' />";
- print "</a>";
- print "<br />\n";
- &Header::closebox();
- }
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colouryellow} );
-undef (@dummy);
-
-# Files used
-my $setting = "${General::swroot}/main/settings";
-our $datafile = "${General::swroot}/main/hosts"; #(our: used in subroutine)
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-our %settings = ();
-#Settings1
-# removed
-
-#Settings2 for editing the multi-line list
-#Must not be saved !
-$settings{'EN'} = ''; # reuse for dummy field in position zero
-$settings{'IP'} = '';
-$settings{'HOST'} = '';
-$settings{'DOM'} = '';
-my @nosaved=('EN','IP','HOST','DOM'); # List here ALL setting2 fields. Mandatory
-
-$settings{'ACTION'} = ''; # add/edit/remove
-$settings{'KEY1'} = ''; # point record for ACTION
-
-#Define each field that can be used to sort columns
-my $sortstring='^IP|^HOST|^DOM';
-$settings{'SORT_HOSTSLIST'} = 'HOST';
-my $errormessage = '';
-my $warnmessage = '';
-
-&Header::showhttpheaders();
-
-#Get GUI values
-&Header::getcgihash(\%settings);
-
-# Load multiline data
-our @current = ();
-if (open(FILE, "$datafile")) {
- @current = <FILE>;
- close (FILE);
-}
-
-## Settings1 Box not used...
-&General::readhash("${General::swroot}/main/settings", \%settings);
-
-
-## Now manipulate the multi-line list with Settings2
-# Basic actions are:
-# toggle the check box
-# add/update a new line
-# begin editing a line
-# remove a line
-
-
-# Toggle enable/disable field. Field is in second position
-if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
- #move out new line
- chomp(@current[$settings{'KEY1'}]);
- my @temp = split(/\,/,@current[$settings{'KEY1'}]);
-
- $temp[0] = $temp[0] ne '' ? '' : 'on'; # Toggle the field
- @current[$settings{'KEY1'}] = join (',',@temp)."\n";
- $settings{'KEY1'} = ''; # End edit mode
-
- &General::log($Lang::tr{'hosts config changed'});
-
- #Save current
- open(FILE, ">$datafile") or die 'hosts datafile error';
- print FILE @current;
- close(FILE);
-
- # Rebuild configuration file
- &BuildConfiguration;
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
- # Validate inputs
- unless(&General::validip($settings{'IP'})) {
- $errormessage = $Lang::tr{'invalid fixed ip address'};
- }
-
- unless(&General::validhostname($settings{'HOST'})) {
- $errormessage = $Lang::tr{'invalid hostname'};
- }
-
- if ($settings{'DOM'} && ! &General::validdomainname($settings{'DOM'})) {
- $errormessage = $Lang::tr{'invalid domain name'};
- }
-
-
- unless ($errormessage) {
- if ($settings{'KEY1'} eq '') { #add or edit ?
- unshift (@current, "$settings{'EN'},$settings{'IP'},$settings{'HOST'},$settings{'DOM'}\n");
- &General::log($Lang::tr{'hosts config added'});
- } else {
- @current[$settings{'KEY1'}] = "$settings{'EN'},$settings{'IP'},$settings{'HOST'},$settings{'DOM'}\n";
- $settings{'KEY1'} = ''; # End edit mode
- &General::log($Lang::tr{'hosts config changed'});
- }
-
- # Write changes to config file.
- &SortDataFile; # sort newly added/modified entry
- &BuildConfiguration; # then re-build new host
-
- #map ($settings{$_}='' ,@nosaved); # Clear fields
- }
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
- #move out new line
- my $line = @current[$settings{'KEY1'}]; # KEY1 is the index in current
- chomp($line);
- my @temp = split(/\,/, $line);
- $settings{'EN'}=$temp[0]; # Prepare the screen for editing
- $settings{'IP'}=$temp[1];
- $settings{'HOST'}=$temp[2];
- $settings{'DOM'}=$temp[3];
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'remove'}) {
- splice (@current,$settings{'KEY1'},1); # Delete line
- open(FILE, ">$datafile") or die 'hosts datafile error';
- print FILE @current;
- close(FILE);
- $settings{'KEY1'} = ''; # End remove mode
- &General::log($Lang::tr{'hosts config changed'});
-
- &BuildConfiguration; # then re-build conf which use new data
-}
-
-
-
-## Check if sorting is asked
-# If same column clicked, reverse the sort.
-if ($ENV{'QUERY_STRING'} =~ /$sortstring/ ) {
- my $newsort=$ENV{'QUERY_STRING'};
- my $actual=$settings{'SORT_HOSTSLIST'};
- #Reverse actual sort ?
- if ($actual =~ $newsort) {
- my $Rev='';
- if ($actual !~ 'Rev') {
- $Rev='Rev';
- }
- $newsort.=$Rev;
- }
- $settings{'SORT_HOSTSLIST'}=$newsort;
- map (delete ($settings{$_}) ,(@nosaved,'ACTION','KEY1'));# Must never be saved
- &General::writehash($setting, \%settings);
- &SortDataFile;
- $settings{'ACTION'} = 'SORT'; # Create an 'ACTION'
- map ($settings{$_} = '' ,@nosaved,'KEY1'); # and reinit vars to empty
-}
-
-if ($settings{'ACTION'} eq '' ) { # First launch from GUI
- # Place here default value when nothing is initialized
- $settings{'EN'} = 'on';
- $settings{'DOM'} = $settings{'DOMAINNAME'};
-}
-
-&Header::openpage($Lang::tr{'hostname'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-my %checked=(); # Checkbox manipulations
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>";
- &Header::closebox();
-}
-
-#
-# Remove if no Setting1 needed
-#
-#if ($warnmessage) {
-# $warnmessage = "<font color=${Header::colourred}><b>$Lang::tr{'capswarning'}</b></font>: $warnmessage";
-#}
-#&Header::openbox('100%', 'left', $Lang::tr{'settings'});
-#print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>";
-#print <<END
-#<table width='100%'>
-#<tr>
-# <td class='base'>$Lang::tr{'domain name'} : $settings{'DOMAINNAME'}</td>
-#</table>
-#
-#END
-#;
-#
-#print <<END
-#<table width='100%'>
-#<hr />
-#<tr>
-# <td class='base' width='25%'><!--<img src='/blob.gif' align='top' alt='*' /> $Lang::tr{'this field may be blank'}</td>-->
-# <td class='base' width='25%'>$warnmessage</td>
-# <td width='50%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' disabled='disabled' /></td>
-#</tr>
-#</table>
-#</form>
-#END
-#;
-#&Header::closebox(); # end of Settings1
-
-
-#
-# Second check box is for editing the list
-#
-$checked{'EN'}{'on'} = ($settings{'EN'} eq '' ) ? '' : "checked='checked'";
-
-my $buttontext = $Lang::tr{'add'};
-if ($settings{'KEY1'} ne '') {
- $buttontext = $Lang::tr{'update'};
- &Header::openbox('100%', 'left', $Lang::tr{'edit an existing host'});
-} else {
- &Header::openbox('100%', 'left', $Lang::tr{'add a host'});
-}
-
-#Edited line number (KEY1) passed until cleared by 'save' or 'remove' or 'new sort order'
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='KEY1' value='$settings{'KEY1'}' />
-<table width='100%'>
-<tr>
- <td class='base'>$Lang::tr{'host ip'}: </td>
- <td><input type='text' name='IP' value='$settings{'IP'}' /></td>
- <td class='base'>$Lang::tr{'hostname'}:</td>
- <td><input type='text' name='HOST' value='$settings{'HOST'}' /></td>
-</tr><tr>
- <td class='base'>$Lang::tr{'domain name'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='DOM' value='$settings{'DOM'}' /></td>
- <td class='base'>$Lang::tr{'enabled'}</td>
- <td><input type='checkbox' name='EN' $checked{'EN'}{'on'} /></td>
-</tr>
-</table>
-<hr />
-<table width='100%'>
-<tr>
- <td class='base' width='50%'><img src='/blob.gif' align='top' alt='*' /> $Lang::tr{'this field may be blank'}</td>
- <td width='50%' align='center'><input type='hidden' name='ACTION' value='$Lang::tr{'add'}' /><input type='submit' name='SUBMIT' value='$buttontext' /></td>
-</tr>
-</table>
-</form>
-END
-;
-&Header::closebox();
-
-#
-# Third box shows the list, in columns
-#
-# Columns headers may content a link. In this case it must be named in $sortstring
-#
-&Header::openbox('100%', 'left', $Lang::tr{'current hosts'});
-print <<END
-<table width='100%'>
-<tr>
- <td width='20%' align='center'><a href='$ENV{'SCRIPT_NAME'}?IP'><b>$Lang::tr{'host ip'}</b></a></td>
- <td width='20%' align='center'><a href='$ENV{'SCRIPT_NAME'}?HOST'><b>$Lang::tr{'hostname'}</b></a></td>
- <td width='50%' align='center'><a href='$ENV{'SCRIPT_NAME'}?DOM'><b>$Lang::tr{'domain name'}</b></a></td>
- <td width='10%' colspan='3' class='boldbase' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-
-#
-# Print each line of @current list
-#
-
-my $key = 0;
-foreach my $line (@current) {
- chomp($line); # remove newline
- my @temp=split(/\,/,$line);
- $temp[3] ='' unless defined $temp[3]; # not always populated
-
- #Choose icon for checkbox
- my $gif = '';
- my $gdesc = '';
- if ($temp[0] ne '' ) {
- $gif = 'on.gif';
- $gdesc = $Lang::tr{'click to disable'};
- } else {
- $gif = 'off.gif';
- $gdesc = $Lang::tr{'click to enable'};
- }
-
- #Colorize each line
- if ($settings{'KEY1'} eq $key) {
- print "<tr bgcolor='${Header::colouryellow}'>";
- } elsif ($key % 2) {
- print "<tr bgcolor='$color{'color22'}'>";
- } else {
- print "<tr bgcolor='$color{'color20'}'>";
- }
- print <<END
-<td align='center'>$temp[1]</td>
-<td align='center'>$temp[2]</td>
-<td align='center'>$temp[3]</td>
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
-<input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
-<input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-</tr>
-END
-;
- $key++;
-}
-print "</table>";
-
-# If table contains entries, print 'Key to action icons'
-if ($key) {
-print <<END
-<table>
-<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}: </b></td>
- <td><img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> </td>
- <td><img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> </td>
- <td><img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> </td>
- <td><img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
-</tr>
-</table>
-END
-;
-}
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-## Ouf it's the end !
-
-# Sort the "current" array according to choices
-sub SortDataFile
-{
- our %entries = ();
-
- # Sort pair of record received in $a $b special vars.
- # When IP is specified use numeric sort else alpha.
- # If sortname ends with 'Rev', do reverse sort.
- #
- sub fixedleasesort {
- my $qs=''; # The sort field specified minus 'Rev'
- if (rindex ($settings{'SORT_HOSTSLIST'},'Rev') != -1) {
- $qs=substr ($settings{'SORT_HOSTSLIST'},0,length($settings{'SORT_HOSTSLIST'})-3);
- if ($qs eq 'IP') {
- my @a = split(/\./,$entries{$a}->{$qs});
- my @b = split(/\./,$entries{$b}->{$qs});
- ($b[0]<=>$a[0]) ||
- ($b[1]<=>$a[1]) ||
- ($b[2]<=>$a[2]) ||
- ($b[3]<=>$a[3]);
- } else {
- $entries{$b}->{$qs} cmp $entries{$a}->{$qs};
- }
- } else { #not reverse
- $qs=$settings{'SORT_HOSTSLIST'};
- if ($qs eq 'IP') {
- my @a = split(/\./,$entries{$a}->{$qs});
- my @b = split(/\./,$entries{$b}->{$qs});
- ($a[0]<=>$b[0]) ||
- ($a[1]<=>$b[1]) ||
- ($a[2]<=>$b[2]) ||
- ($a[3]<=>$b[3]);
- } else {
- $entries{$a}->{$qs} cmp $entries{$b}->{$qs};
- }
- }
- }
-
- #Use an associative array (%entries)
- my $key = 0;
- foreach my $line (@current) {
- chomp( $line); #remove newline because can be on field 5 or 6 (addition of REMARK)
- my @temp = ( '','','', '');
- @temp = split (',',$line);
-
- # Build a pair 'Field Name',value for each of the data dataline.
- # Each SORTABLE field must have is pair.
- # Other data fields (non sortable) can be grouped in one
-
- my @record = ('KEY',$key++,'EN',$temp[0],'IP',$temp[1],'HOST',$temp[2],'DOM',$temp[3]);
- my $record = {}; # create a reference to empty hash
- %{$record} = @record; # populate that hash with @record
- $entries{$record->{KEY}} = $record; # add this to a hash of hashes
- }
-
- open(FILE, ">$datafile") or die 'hosts datafile error';
-
- # Each field value is printed , with the newline ! Don't forget separator and order of them.
- foreach my $entry (sort fixedleasesort keys %entries) {
- print FILE "$entries{$entry}->{EN},$entries{$entry}->{IP},$entries{$entry}->{HOST},$entries{$entry}->{DOM}\n";
- }
-
- close(FILE);
- # Reload sorted @current
- open (FILE, "$datafile");
- @current = <FILE>;
- close (FILE);
-}
-
-#
-# Build the configuration file
-#
-sub BuildConfiguration {
- system '/usr/local/bin/rebuildhosts';
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-
-use LWP::UserAgent;
-use File::Copy;
-use File::Temp qw/ tempfile tempdir /;
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my %snortsettings=();
-my %checked=();
-my %selected=();
-my %netsettings=();
-our $errormessage = '';
-our $md5 = '0';# not '' to avoid displaying the wrong message when INSTALLMD5 not set
-our $realmd5 = '';
-our $results = '';
-our $tempdir = '';
-our $url='';
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-&Header::showhttpheaders();
-
-$snortsettings{'ENABLE_SNORT'} = 'off';
-$snortsettings{'ENABLE_SNORT_GREEN'} = 'off';
-$snortsettings{'ENABLE_SNORT_BLUE'} = 'off';
-$snortsettings{'ENABLE_SNORT_ORANGE'} = 'off';
-$snortsettings{'ENABLE_GUARDIAN'} = 'off';
-$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`;
-$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1';
-$snortsettings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log';
-$snortsettings{'GUARDIAN_ALERTFILE'} = '/var/log/snort/alert';
-$snortsettings{'GUARDIAN_IGNOREFILE'} = '/var/ipfire/guardian/guardian.ignore';
-$snortsettings{'GUARDIAN_TARGETFILE'} = '/var/ipfire/guardian/guardian.target';
-$snortsettings{'GUARDIAN_TIMELIMIT'} = '86400';
-$snortsettings{'GUARDIAN_IGNOREFILE_CONTENT'} = `cat $snortsettings{'GUARDIAN_IGNOREFILE'}`;
-$snortsettings{'ACTION'} = '';
-$snortsettings{'ACTION2'} = '';
-$snortsettings{'RULES'} = '';
-$snortsettings{'OINKCODE'} = '';
-$snortsettings{'INSTALLDATE'} = '';
-$snortsettings{'INSTALLMD5'} = '';
-
-&Header::getcgihash(\%snortsettings, {'wantfile' => 1, 'filevar' => 'FH'});
-
-####################### Added for snort rules control #################################
-my $snortrulepath; # change to "/etc/snort/rules" - maniac
-my @snortconfig;
-my $restartsnortrequired = 0;
-my %snortrules;
-my $rule = '';
-my $table1colour = '';
-my $table2colour = '';
-my $var = '';
-my $value = '';
-my $tmp = '';
-my $linkedrulefile = '';
-my $border = '';
-my $checkboxname = '';
-
-if (-e "/etc/snort/snort.conf") {
-
-
- # Open snort.conf file, read it in, close it, and re-open for writing
- open(FILE, "/etc/snort/snort.conf") or die 'Unable to read snort config file.';
- @snortconfig = <FILE>;
- close(FILE);
- open(FILE, ">/etc/snort/snort.conf") or die 'Unable to write snort config file.';
-
- my @rules = `cd /etc/snort/rules/ && ls *.rules`; # With this loop the rule might be display with correct rulepath set
- foreach (@rules) {
- chomp $_;
- my $temp = join(";",@snortconfig);
- if ( $temp =~ /$_/ ){next;}
- else { push(@snortconfig,"#include \$RULE_PATH/".$_);}
- }
-
- # Loop over each line
- foreach my $line (@snortconfig) {
- # Trim the line
- chomp $line;
-
- # Check for a line with .rules
- if ($line =~ /\.rules$/) {
- # Parse out rule file name
- $rule = $line;
- $rule =~ s/\$RULE_PATH\///i;
- $rule =~ s/ ?include ?//i;
- $rule =~ s/\#//i;
- my $snortrulepathrule = "$snortrulepath/$rule";
-
- # Open rule file and read in contents
- open(RULEFILE, "$snortrulepath/$rule") or die "Unable to read snort rule file for reading => $snortrulepath/$rule.";
- my @snortrulefile = <RULEFILE>;
- close(RULEFILE);
- open(RULEFILE, ">$snortrulepath/$rule") or die "Unable to write snort rule file for writing $snortrulepath/$rule";
-
- # Local vars
- my $dashlinecnt = 0;
- my $desclook = 1;
- my $snortruledesc = '';
- my %snortruledef = ();
- my $rulecnt = 1;
-
- # Loop over rule file contents
- foreach my $ruleline (@snortrulefile) {
- chomp $ruleline;
-
- # If still looking for a description
- if ($desclook) {
- # If line does not start with a # anymore, then done looking for a description
- if ($ruleline !~ /^\#/) {
- $desclook = 0;
- }
-
- # If see more than one dashed line, (start to) create rule file description
- if ($dashlinecnt > 1) {
- # Check for a line starting with a #
- if ($ruleline =~ /^\#/) {
- # Create tempruleline
- my $tempruleline = $ruleline;
-
- # Strip off # and clean up line
- $tempruleline =~ s/\# ?//i;
-
- # Check for part of a description
- if ($snortruledesc eq '') {
- $snortruledesc = $tempruleline;
- } else {
- $snortruledesc .= " $tempruleline";
- }
- } else {
- # Must be done
- $desclook = 0;
- }
- }
-
- # If have a dashed line, increment count
- if ($ruleline =~ /\# ?\-+/) {
- $dashlinecnt++;
- }
- } else {
- # Parse out rule file rule's message for display
- if ($ruleline =~ /(msg\:\"[^\"]+\";)/) {
- my $msg = '';
- $msg = $1;
- $msg =~ s/msg\:\"//i;
- $msg =~ s/\";//i;
- $snortruledef{$rulecnt}{'Description'} = $msg;
-
- # Check for 'Save' and rule file displayed in query string
- if (($snortsettings{'ACTION'} eq $Lang::tr{'update'}) && ($ENV{'QUERY_STRING'} =~ /$rule/i)) {
- # Check for a disable rule which is now enabled, or an enabled rule which is now disabled
- if ((($ruleline =~ /^\#/) && (exists $snortsettings{"SNORT_RULE_$rule\_$rulecnt"})) || (($ruleline !~ /^\#/) && (!exists $snortsettings{"SNORT_RULE_$rule\_$rulecnt"}))) {
- $restartsnortrequired = 1;
- }
-
- # Strip out leading # from rule line
- $ruleline =~ s/\# ?//i;
-
- # Check if it does not exists (which means it is disabled), append a #
- if (!exists $snortsettings{"SNORT_RULE_$rule\_$rulecnt"}) {
- $ruleline = "#"." $ruleline";
- }
- }
-
- # Check if ruleline does not begin with a #, so it is enabled
- if ($ruleline !~ /^\#/) {
- $snortruledef{$rulecnt++}{'State'} = 'Enabled';
- } else {
- # Otherwise it is disabled
- $snortruledef{$rulecnt++}{'State'} = 'Disabled';
- }
- }
- }
-
- # Print ruleline to RULEFILE
- print RULEFILE "$ruleline\n";
- }
-
- # Close RULEFILE
- close(RULEFILE);
-
- # Check for 'Save'
- if ($snortsettings{'ACTION'} eq $Lang::tr{'update'}) {
- # Check for a disable rule which is now enabled, or an enabled rule which is now disabled
- if ((($line =~ /^\#/) && (exists $snortsettings{"SNORT_RULE_$rule"})) || (($line !~ /^\#/) && (!exists $snortsettings{"SNORT_RULE_$rule"}))) {
- $restartsnortrequired = 1;
- }
-
- # Strip out leading # from rule line
- $line =~ s/\# ?//i;
-
- # Check if it does not exists (which means it is disabled), append a #
- if (!exists $snortsettings{"SNORT_RULE_$rule"}) {
- $line = "# $line";
- }
- }
-
- # Check for rule state
- if ($line =~ /^\#/) {
- $snortrules{$rule}{"State"} = "Disabled";
- } else {
- $snortrules{$rule}{"State"} = "Enabled";
- }
-
- # Set rule description
- $snortrules{$rule}{"Description"} = $snortruledesc;
-
- # Loop over sorted rules
- foreach my $ruledef (sort {$a <=> $b} keys(%snortruledef)) {
- $snortrules{$rule}{"Definition"}{$ruledef}{'Description'} = $snortruledef{$ruledef}{'Description'};
- $snortrules{$rule}{"Definition"}{$ruledef}{'State'} = $snortruledef{$ruledef}{'State'};
- }
-
- $snortruledesc = '';
- print FILE "$line\n";
- } elsif ($line =~ /var RULE_PATH/) {
- ($tmp, $tmp, $snortrulepath) = split(' ', $line);
- print FILE "$line\n";
- } else {
- print FILE "$line\n";
- }
- }
- close(FILE);
-
- if ($restartsnortrequired) {
- system('/usr/local/bin/snortctrl restart >/dev/null');
- }
-}
-
-####################### End added for snort rules control #################################
-
-if ($snortsettings{'RULES'} eq 'subscripted') {
- $url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-CURRENT_s.tar.gz";
-} elsif ($snortsettings{'RULES'} eq 'registered') {
- $url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-CURRENT.tar.gz";
-} else {
- $url="http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz";
-}
-
-if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" )
-{
- $errormessage = $Lang::tr{'invalid input for oink code'} unless (
- ($snortsettings{'OINKCODE'} =~ /^[a-z0-9]+$/) ||
- ($snortsettings{'RULESTYPE'} eq 'nothing' ) );
-
- &General::writehash("${General::swroot}/snort/settings", \%snortsettings);
- if ($snortsettings{'ENABLE_SNORT'} eq 'on')
- {
- system ('/usr/bin/touch', "${General::swroot}/snort/enable");
- } else {
- unlink "${General::swroot}/snort/enable";
- }
- if ($snortsettings{'ENABLE_SNORT_GREEN'} eq 'on')
- {
- system ('/usr/bin/touch', "${General::swroot}/snort/enable_green");
- } else {
- unlink "${General::swroot}/snort/enable_green";
- }
- if ($snortsettings{'ENABLE_SNORT_BLUE'} eq 'on')
- {
- system ('/usr/bin/touch', "${General::swroot}/snort/enable_blue");
- } else {
- unlink "${General::swroot}/snort/enable_blue";
- }
- if ($snortsettings{'ENABLE_SNORT_ORANGE'} eq 'on')
- {
- system ('/usr/bin/touch', "${General::swroot}/snort/enable_orange");
- } else {
- unlink "${General::swroot}/snort/enable_orange";
- }
- if ($snortsettings{'ENABLE_GUARDIAN'} eq 'on')
- {
- system ('/usr/bin/touch', "${General::swroot}/guardian/enable");
- } else {
- unlink "${General::swroot}/guardian/enable";
- }
-
- system('/usr/local/bin/snortctrl restart >/dev/null');
-
-} elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){
- open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}";
- print IGNOREFILE $snortsettings{'GUARDIAN_IGNOREFILE_CONTENT'};
- close(IGNOREFILE);
- open(GUARDIAN, ">/var/ipfire/guardian/guardian.conf") or die "Unable to write guardian conf /var/ipfire/guardian/guardian.conf";
- print GUARDIAN <<END
-Interface $snortsettings{'GUARDIAN_INTERFACE'}
-HostGatewayByte $snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'}
-LogFile $snortsettings{'GUARDIAN_LOGFILE'}
-AlertFile $snortsettings{'GUARDIAN_ALERTFILE'}
-IgnoreFile $snortsettings{'GUARDIAN_IGNOREFILE'}
-TargetFile $snortsettings{'GUARDIAN_TARGETFILE'}
-TimeLimit $snortsettings{'GUARDIAN_TIMELIMIT'}
-END
-;
- close(GUARDIAN);
- system('/usr/local/bin/snortctrl restart >/dev/null');
-}
- # INSTALLMD5 is not in the form, so not retrieved by getcgihash
- &General::readhash("${General::swroot}/snort/settings", \%snortsettings);
-
-if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'}) {
- $md5 = &getmd5;
- if (($snortsettings{'INSTALLMD5'} ne $md5) && defined $md5 ) {
- chomp($md5);
- my $filename = &downloadrulesfile();
- if (defined $filename) {
- # Check MD5sum
- $realmd5 = `/usr/bin/md5sum $filename`;
- chomp ($realmd5);
- $realmd5 =~ s/^(\w+)\s.*$/$1/;
- if ($md5 ne $realmd5) {
- $errormessage = "$Lang::tr{'invalid md5sum'}";
- } else {
- $results = "<b>$Lang::tr{'installed updates'}</b>\n<pre>";
- $results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules 2>&1`;
- $results .= "</pre>";
- }
- unlink ($filename);
- }
- }
-}
-
-$checked{'ENABLE_SNORT'}{'off'} = '';
-$checked{'ENABLE_SNORT'}{'on'} = '';
-$checked{'ENABLE_SNORT'}{$snortsettings{'ENABLE_SNORT'}} = "checked='checked'";
-$checked{'ENABLE_SNORT_GREEN'}{'off'} = '';
-$checked{'ENABLE_SNORT_GREEN'}{'on'} = '';
-$checked{'ENABLE_SNORT_GREEN'}{$snortsettings{'ENABLE_SNORT_GREEN'}} = "checked='checked'";
-$checked{'ENABLE_SNORT_BLUE'}{'off'} = '';
-$checked{'ENABLE_SNORT_BLUE'}{'on'} = '';
-$checked{'ENABLE_SNORT_BLUE'}{$snortsettings{'ENABLE_SNORT_BLUE'}} = "checked='checked'";
-$checked{'ENABLE_SNORT_ORANGE'}{'off'} = '';
-$checked{'ENABLE_SNORT_ORANGE'}{'on'} = '';
-$checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'";
-$checked{'ENABLE_GUARDIAN'}{'off'} = '';
-$checked{'ENABLE_GUARDIAN'}{'on'} = '';
-$checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'";
-$selected{'RULES'}{'nothing'} = '';
-$selected{'RULES'}{'community'} = '';
-$selected{'RULES'}{'registered'} = '';
-$selected{'RULES'}{'subscripted'} = '';
-$selected{'RULES'}{$snortsettings{'RULES'}} = "selected='selected'";
-
-&Header::openpage($Lang::tr{'intrusion detection system'}, 1, '');
-
-####################### Added for snort rules control #################################
-print "<SCRIPT LANGUAGE='JavaScript' SRC='/include/snortupdateutility.js'></SCRIPT>";
-print <<END
-<STYLE TYPE="text/css">
-<!--
-.section {
- border: groove;
-}
-.row1color {
- border: ridge;
- background-color: $color{'color22'};
-}
-.row2color {
- border: ridge;
- background-color: $color{'color20'};
-}
-.rowselected {
- border: double #FF0000;
- background-color: #DCDCDC;
-}
--->
-</STYLE>
-END
-;
-####################### End added for snort rules control #################################
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', $Lang::tr{'intrusion detection system2'});
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'><table width='100%'>
-<tr><td class='base'><input type='checkbox' name='ENABLE_SNORT_GREEN' $checked{'ENABLE_SNORT_GREEN'}{'on'} />GREEN Snort
-END
-;
-if ($netsettings{'BLUE_DEV'} ne '') {
- print " <input type='checkbox' name='ENABLE_SNORT_BLUE' $checked{'ENABLE_SNORT_BLUE'}{'on'} /> BLUE Snort";
-}
-if ($netsettings{'ORANGE_DEV'} ne '') {
- print " <input type='checkbox' name='ENABLE_SNORT_ORANGE' $checked{'ENABLE_SNORT_ORANGE'}{'on'} /> ORANGE Snort";
-}
- print " <input type='checkbox' name='ENABLE_SNORT' $checked{'ENABLE_SNORT'}{'on'} /> RED Snort";
-if ( -e "/var/ipfire/guardian/guardian.conf" ) {
- print " <input type='checkbox' name='ENABLE_GUARDIAN' $checked{'ENABLE_GUARDIAN'}{'on'} /> Guardian";
-}
-
-print <<END
-</td></tr>
-<tr>
- <td><hr /></td>
-</tr>
-<tr>
- <td><b>$Lang::tr{'ids rules update'}</b></td>
-</tr>
-<tr>
- <td><select name='RULES'>
- <option value='nothing' $selected{'RULES'}{'nothing'} >$Lang::tr{'no'}</option>
- <option value='community' $selected{'RULES'}{'community'} >$Lang::tr{'community rules'}</option>
- <option value='registered' $selected{'RULES'}{'registered'} >$Lang::tr{'registered user rules'}</option>
- <option value='subscripted' $selected{'RULES'}{'subscripted'} >$Lang::tr{'subscripted user rules'}</option>
- </select>
- </td>
-</tr>
-<tr>
- <td><br />
- $Lang::tr{'ids rules license'} <a href='http://www.snort.org/' target='_blank'>http://www.snort.org</a>.<br />
- <br />
- $Lang::tr{'ids rules license2'} <a href='http://www.snort.org/reg-bin/userprefs.cgi' target='_blank'>USER PREFERENCES</a>, $Lang::tr{'ids rules license3'}<br />
- </td>
-</tr>
-<tr>
- <td nowrap='nowrap'>Oinkcode: <input type='text' size='40' name='OINKCODE' value='$snortsettings{'OINKCODE'}' /></td>
-</tr>
-<tr>
- <td width='30%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'download new ruleset'}' />
-END
-;
-
-if ($snortsettings{'INSTALLMD5'} eq $md5) {
- print " $Lang::tr{'rules already up to date'}</td>";
-} else {
- if ( $snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'} && $md5 eq $realmd5 ) {
- $snortsettings{'INSTALLMD5'} = $realmd5;
- $snortsettings{'INSTALLDATE'} = `/bin/date +'%Y-%m-%d'`;
- &General::writehash("${General::swroot}/snort/settings", \%snortsettings);
- }
- print " $Lang::tr{'updates installed'}: $snortsettings{'INSTALLDATE'}</td>";
-}
-print <<END
-</tr>
-</table>
-<hr />
-<table width='100%'>
-<tr>
- <td align='center'><input type='hidden' name='ACTION2' value='snort' /><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
-</tr>
-</table>
-</form>
-END
-;
-
-if ($results ne '') {
- print "$results";
-}
-
-&Header::closebox();
-
-####################### Added for guardian control ####################################
-if ( -e "/var/ipfire/guardian/guardian.conf" ) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'guardian configuration'});
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'><table width='100%'>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian interface'}</td><td align='left'><input type='text' name='INTERFACE' value='$snortsettings{'GUARDIAN_INTERFACE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian timelimit'}</td><td align='left'><input type='text' name='TIMELIMIT' value='$snortsettings{'GUARDIAN_TIMELIMIT'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian logfile'}</td><td align='left'><input type='text' name='LOGFILE' value='$snortsettings{'GUARDIAN_LOGFILE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian alertfile'}</td><td align='left'><input type='text' name='ALERTFILE' value='$snortsettings{'GUARDIAN_ALERTFILE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian ignorefile'}</td><td align='left'><textarea name='IGNOREFILE_CONTENT' cols='32' rows='6' wrap='off'></textarea></td></tr>
-<tr><td align='center' colspan='2'><input type='hidden' name='ACTION2' value='guardian' /><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td></tr>
-</table>
-</form>
-END
-;
- &Header::closebox();
-}
-
-
-
-
-####################### Added for snort rules control #################################
-if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable_green" || -e "${General::swroot}/snort/enable_blue" || -e "${General::swroot}/snort/enable_orange" ) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'intrusion detection system rules'});
- # Output display table for rule files
- print "<TABLE width='100%'><TR><TD VALIGN='TOP'><TABLE>";
-
- print "<form method='post'>";
-
- # Local vars
- my $ruledisplaycnt = 1;
- my $rulecnt = keys %snortrules;
- $rulecnt++;
- $rulecnt = $rulecnt / 2;
-
- # Loop over each rule file
- foreach my $rulefile (sort keys(%snortrules)) {
- my $rulechecked = '';
-
- # Check if reached half-way through rule file rules to start new column
- if ($ruledisplaycnt > $rulecnt) {
- print "</TABLE></TD><TD VALIGN='TOP'><TABLE>";
- $ruledisplaycnt = 0;
- }
-
- # Check if rule file is enabled
- if ($snortrules{$rulefile}{"State"} eq 'Enabled') {
- $rulechecked = 'CHECKED';
- }
-
- # Create rule file link, vars array, and display flag
- my $rulefilelink = "?RULEFILE=$rulefile";
- my $rulefiletoclose = '';
- my @queryvars = ();
- my $displayrulefilerules = 0;
-
- # Check for passed in query string
- if ($ENV{'QUERY_STRING'}) {
- # Split out vars
- @queryvars = split(/\&/, $ENV{'QUERY_STRING'});
-
- # Loop over values
- foreach $value (@queryvars) {
- # Split out var pairs
- ($var, $linkedrulefile) = split(/=/, $value);
-
- # Check if var is 'RULEFILE'
- if ($var eq 'RULEFILE') {
- # Check if rulefile equals linkedrulefile
- if ($rulefile eq $linkedrulefile) {
- # Set display flag
- $displayrulefilerules = 1;
-
- # Strip out rulefile from rulefilelink
- $rulefilelink =~ s/RULEFILE=$linkedrulefile//g;
- } else {
- # Add linked rule file to rulefilelink
- $rulefilelink .= "&RULEFILE=$linkedrulefile";
- }
- }
- }
- }
-
- # Strip out extra & & ? from rulefilelink
- $rulefilelink =~ s/^\?\&/\?/i;
-
- # Check for a single '?' and replace with page for proper link display
- if ($rulefilelink eq '?') {
- $rulefilelink = "ids.cgi";
- }
-
- # Output rule file name and checkbox
- print "<TR><TD CLASS='base' VALIGN='TOP'><INPUT TYPE='checkbox' NAME='SNORT_RULE_$rulefile' $rulechecked> <A HREF='$rulefilelink'>$rulefile</A></TD></TR>";
- print "<TR><TD CLASS='base' VALIGN='TOP'>";
-
- # Check for empty 'Description'
- if ($snortrules{$rulefile}{'Description'} eq '') {
- print "<TABLE WIDTH='100%'><TR><TD CLASS='base'>No description available</TD></TR>";
- } else {
- # Output rule file 'Description'
- print "<TABLE WIDTH='100%'><TR><TD CLASS='base'>$snortrules{$rulefile}{'Description'}</TD></TR>";
- }
-
- # Check for display flag
- if ($displayrulefilerules) {
- # Rule file definition rule display
- print "<TR><TD CLASS='base' VALIGN='TOP'><TABLE border=1><TR>";
-
- # Local vars
- my $ruledefdisplaycnt = 0;
- my $ruledefcnt = keys %{$snortrules{$rulefile}{"Definition"}};
- $ruledefcnt++;
- $ruledefcnt = $ruledefcnt / 2;
-
- # Loop over rule file rules
- foreach my $ruledef (sort {$a <=> $b} keys(%{$snortrules{$rulefile}{"Definition"}})) {
- # Local vars
- my $ruledefchecked = '';
-
- # If have display 2 rules, start new row
- if (($ruledefdisplaycnt % 2) == 0) {
- print "</TR><TR>";
- $ruledefdisplaycnt = 0;
- }
-
- # Check for rules state
- if ($snortrules{$rulefile}{'Definition'}{$ruledef}{'State'} eq 'Enabled') {
- $ruledefchecked = 'CHECKED';
- }
-
- # Create rule file rule's checkbox
- $checkboxname = "SNORT_RULE_$rulefile";
- $checkboxname .= "_$ruledef";
- print "<TD CLASS='base'><INPUT TYPE='checkbox' NAME='$checkboxname' $ruledefchecked> $snortrules{$rulefile}{'Definition'}{$ruledef}{'Description'}</TD>";
-
- # Increment count
- $ruledefdisplaycnt++;
- }
-
- # If do not have second rule for row, create empty cell
- if (($ruledefdisplaycnt % 2) != 0) {
- print "<TD CLASS='base'></TD>";
- }
-
- # Close display table
- print "</TR></TABLE></TD></TR>";
- }
-
- # Close display table
- print "</TABLE>";
-
- # Increment ruledisplaycnt
- $ruledisplaycnt++;
- }
- print "</TD></TR></TABLE></TD></TR></TABLE>";
- print <<END
-<table width='100%'>
-<tr>
- <td width='33%'> </td>
- <td width='33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
- <td width='33%'>
- <!-- space for future online help link -->
- </td>
-</tr>
-</table>
-</form>
-END
-;
- &Header::closebox();
-}
-
-####################### End added for snort rules control #################################
-&Header::closebigbox();
-&Header::closepage();
-
-sub getmd5 {
- # Retrieve MD5 sum from $url.md5 file
- #
- my $md5buf = &geturl("$url.md5");
- return undef unless $md5buf;
-
- if (0) { # 1 to debug
- my $filename='';
- my $fh='';
- ($fh, $filename) = tempfile('/tmp/XXXXXXXX',SUFFIX => '.md5' );
- binmode ($fh);
- syswrite ($fh, $md5buf->content);
- close($fh);
- }
- return $md5buf->content;
-}
-sub downloadrulesfile {
- my $return = &geturl($url);
- return undef unless $return;
-
- if (index($return->content, "\037\213") == -1 ) { # \037\213 is .gz beginning
- $errormessage = $Lang::tr{'invalid loaded file'};
- return undef;
- }
-
- my $filename='';
- my $fh='';
- ($fh, $filename) = tempfile('/tmp/XXXXXXXX',SUFFIX => '.tar.gz' );#oinkmaster work only with this extension
- binmode ($fh);
- syswrite ($fh, $return->content);
- close($fh);
- return $filename;
-}
-
-sub geturl ($) {
- my $url=$_[0];
-
- unless (-e "${General::swroot}/red/active") {
- $errormessage = $Lang::tr{'could not download latest updates'};
- return undef;
- }
-
- my $downloader = LWP::UserAgent->new;
- $downloader->timeout(5);
-
- my %proxysettings=();
- &General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
-
- if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
- my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
- if ($proxysettings{'UPSTREAM_USER'}) {
- $downloader->proxy("http","http://$proxysettings{'UPSTREAM_USER'}:$proxysettings{'UPSTREAM_PASSWORD'}@"."$peer:$peerport/");
- } else {
- $downloader->proxy("http","http://$peer:$peerport/");
- }
- }
-
- my $return = $downloader->get($url,'Cache-Control','no-cache');
-
- if ($return->code == 403) {
- $errormessage = $Lang::tr{'access refused with this oinkcode'};
- return undef;
- } elsif (!$return->is_success()) {
- $errormessage = $Lang::tr{'could not download latest updates'};
- return undef;
- }
-
- return $return;
-
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %cgiparams=();
-my %pppsettings=();
-my %modemsettings=();
-my %netsettings=();
-my %ddnssettings=();
-my $warnmessage = '';
-my $refresh = "";
-my $ipaddr='';
-
-&Header::showhttpheaders();
-
-$cgiparams{'ACTION'} = '';
-&Header::getcgihash(\%cgiparams);
-$pppsettings{'VALID'} = '';
-$pppsettings{'PROFILENAME'} = 'None';
-&General::readhash("${General::swroot}/ppp/settings", \%pppsettings);
-&General::readhash("${General::swroot}/modem/settings", \%modemsettings);
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-&General::readhash("${General::swroot}/ddns/settings", \%ddnssettings);
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my $connstate = &Header::connectionstatus();
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'shutdown'} || $cgiparams{'ACTION'} eq $Lang::tr{'reboot'}) {
- $refresh = "<meta http-equiv='refresh' content='300;'>";
-} elsif ($connstate =~ /$Lang::tr{'connecting'}/ || /$Lang::tr{'connection closed'}/ ){
- $refresh = "<meta http-equiv='refresh' content='5;'>";
-} elsif ($connstate =~ /$Lang::tr{'dod waiting'}/ || -e "${General::swroot}/main/refreshindex") {
- $refresh = "<meta http-equiv='refresh' content='30;'>";
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'dial profile'})
-{
- my $profile = $cgiparams{'PROFILE'};
- my %tempcgiparams = ();
- $tempcgiparams{'PROFILE'} = '';
- &General::readhash("${General::swroot}/ppp/settings-$cgiparams{'PROFILE'}",
- \%tempcgiparams);
-
- # make a link from the selected profile to the "default" one.
- unlink("${General::swroot}/ppp/settings");
- link("${General::swroot}/ppp/settings-$cgiparams{'PROFILE'}",
- "${General::swroot}/ppp/settings");
- system ("/usr/bin/touch", "${General::swroot}/ppp/updatesettings");
-
- # read in the new params "early" so we can write secrets.
- %cgiparams = ();
- &General::readhash("${General::swroot}/ppp/settings", \%cgiparams);
- $cgiparams{'PROFILE'} = $profile;
- $cgiparams{'BACKUPPROFILE'} = $profile;
- &General::writehash("${General::swroot}/ppp/settings-$cgiparams{'PROFILE'}",
- \%cgiparams);
-
- # write secrets file.
- open(FILE, ">/${General::swroot}/ppp/secrets") or die "Unable to write secrets file.";
- flock(FILE, 2);
- my $username = $cgiparams{'USERNAME'};
- my $password = $cgiparams{'PASSWORD'};
- print FILE "'$username' * '$password'\n";
- chmod 0600, "${General::swroot}/ppp/secrets";
- close FILE;
-
- &General::log("$Lang::tr{'profile made current'} $tempcgiparams{'PROFILENAME'}");
- $cgiparams{'ACTION'} = "$Lang::tr{'dial'}";
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'dial'}) {
- system('/usr/local/bin/redctrl start > /dev/null') == 0
- or &General::log("Dial failed: $?"); sleep 1;}
-elsif ($cgiparams{'ACTION'} eq $Lang::tr{'hangup'}) {
- system('/usr/local/bin/redctrl stop > /dev/null') == 0
- or &General::log("Hangup failed: $?"); sleep 1;}
-
-my $c;
-my $maxprofiles = 5;
-my @profilenames = ();
-
-for ($c = 1; $c <= $maxprofiles; $c++)
-{
- my %temppppsettings = ();
- $temppppsettings{'PROFILENAME'} = '';
- &General::readhash("${General::swroot}/ppp/settings-$c", \%temppppsettings);
- $profilenames[$c] = $temppppsettings{'PROFILENAME'};
-}
-my %selected;
-for ($c = 1; $c <= $maxprofiles; $c++) {
- $selected{'PROFILE'}{$c} = '';
-}
-$selected{'PROFILE'}{$pppsettings{'PROFILE'}} = "selected='selected'";
-my $dialButtonDisabled = "disabled='disabled'";
-
-
-&Header::openpage($Lang::tr{'main page'}, 1, $refresh);
-&Header::openbigbox('', 'center');
-&Header::openbox('100%', 'center', &Header::cleanhtml(`/bin/uname -n`,"y"));
-
-
-
-if ( ( $pppsettings{'VALID'} eq 'yes' && $modemsettings{'VALID'} eq 'yes' ) || ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $netsettings{'RED_TYPE'} =~ /^(DHCP|STATIC)$/ )) {
- if (open(IPADDR,"${General::swroot}/ddns/ipcache")) {
- $ipaddr = <IPADDR>;
- close IPADDR;
- chomp ($ipaddr);
- }
- if (open(IPADDR,"${General::swroot}/red/local-ipaddress")) {
- $ipaddr = <IPADDR>;
- close IPADDR;
- chomp ($ipaddr);
- }
-} elsif ($modemsettings{'VALID'} eq 'no') {
- print "$Lang::tr{'modem settings have errors'}\n </b></font>\n";
-} else {
- print "$Lang::tr{'profile has errors'}\n </b></font>\n";
-}
-
-#if ( $netsettings{'RED_TYPE'} =~ /^(DHCP|STATIC)$/ ) {
-# $ipaddr = $netsettings{'RED_ADDRESS'};
-#}
-
-my $death = 0;
-my $rebirth = 0;
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'shutdown'}) {
- $death = 1;
- &General::log($Lang::tr{'shutting down ipfire'});
- system '/usr/local/bin/ipfirereboot down';
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'reboot'}) {
- $rebirth = 1;
- &General::log($Lang::tr{'rebooting ipfire'});
- system '/usr/local/bin/ipfirereboot boot';
-}
-
-if ($death == 0 && $rebirth == 0) {
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td width='33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'reboot'}' /></td>
- <td width='33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'refresh'}' /></td>
- <td width='33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'shutdown'}' /></td>
-</tr>
-</table>
-END
-;
-print <<END;
-
-<!-- Table of networks -->
-<table border='0' width=80%>
- <tr> <th bgcolor='$color{'color20'}'>$Lang::tr{'network'}
- <th bgcolor='$color{'color20'}'>IP
- <th bgcolor='$color{'color20'}'>$Lang::tr{'status'}
- <tr> <td align='center' bgcolor='$Header::colourred' width='25%'><a href="/cgi-bin/pppsetup.cgi"><font size='2' color='white'><b>$Lang::tr{'internet'}</b></font></a><br>
- <td width='30%' align='center'>$ipaddr
- <td width='45%' align='center'>$connstate
-END
-if ( $netsettings{'RED_TYPE'} ne "STATIC" && $netsettings{'RED_TYPE'} ne "DHCP" ){
-print `/usr/local/bin/dialctrl.pl show`;
-print <<END;
- <tr><td colspan='2'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'profile'}:
- <select name='PROFILE'>
-END
- for ($c = 1; $c <= $maxprofiles; $c++)
- {
- if ($profilenames[$c] ne '') {
- $dialButtonDisabled = "";
- print "\t<option value='$c' $selected{'PROFILE'}{$c}>$c. $profilenames[$c]</option>\n";
- }
- }
- $dialButtonDisabled = "disabled='disabled'" if (-e '/var/run/ppp-ipfire.pid' || -e "${General::swroot}/red/active");
- if ( ( $pppsettings{'VALID'} eq 'yes' ) || ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $netsettings{'RED_TYPE'} =~ /^(DHCP|STATIC)$/ ) ) {
- print <<END;
- </select>
- <input type='submit' name='ACTION' value='$Lang::tr{'dial profile'}' $dialButtonDisabled />
- </form>
- <td align='center'>
- <table width='100%' border='0'>
- <tr>
- <td width='50%' align='right'> <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='submit' name='ACTION' value='$Lang::tr{'dial'}'>
- </form>
- <td width='50%' align='left'> <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='submit' name='ACTION' value='$Lang::tr{'hangup'}'>
- </form>
- </table>
-END
- } else {
- print "$Lang::tr{'profile has errors'}\n </b></font>\n";
- }
-}
- my $HOSTNAME = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0];
- if ( "$HOSTNAME" ne "" ) {
- print <<END;
- <tr><td><b>Hostname:</b><td align='center'>$HOSTNAME<td>
-END
- }
-
- if ( -e "/var/ipfire/red/remote-ipaddress" ) {
- my $GATEWAY = `cat /var/ipfire/red/remote-ipaddress`;
- chomp($GATEWAY);
- print <<END;
- <tr><td><b>Gateway:</b><td align='center'>$GATEWAY<td>
-END
- }
-
- my $DNS1 = `cat /var/ipfire/red/dns1`;
- my $DNS2 = `cat /var/ipfire/red/dns2`;
- chomp($DNS1);
- chomp($DNS1);
-
- if ( $DNS1 ) { print <<END;
- <tr><td><b>DNS-Server:</b><td align='center'>$DNS1
-END
- }
- if ( $DNS2 ) { print <<END;
- <td align='center'>$DNS2
-END
- } else { print <<END;
- <td>
-END
- }
-
- if ( $netsettings{'GREEN_DEV'} ) { print <<END;
- <tr><td align='center' bgcolor='$Header::colourgreen' width='25%'><a href="/cgi-bin/dhcp.cgi"><font size='2' color='white'><b>$Lang::tr{'lan'}</b></font></a>
- <td width='30%' align='center'>$netsettings{'GREEN_ADDRESS'}
- <td width='45%' align='center'>
-END
- if ( `cat /var/ipfire/proxy/advanced/settings | grep ^ENABLE=on` ) {
- print "Proxy an";
- if ( `cat /var/ipfire/proxy/advanced/settings | grep ^TRANSPARENT=on` ) { print " (transparent)"; }
- } else { print "Proxy aus"; }
- }
- if ( $netsettings{'BLUE_DEV'} ) { print <<END;
- <tr><td align='center' bgcolor='$Header::colourblue' width='25%'><a href="/cgi-bin/wireless.cgi"><font size='2' color='white'><b>$Lang::tr{'wireless'}</b></font></a><br>
- <td width='30%' align='center'>$netsettings{'BLUE_ADDRESS'}
- <td width='45%' align='center'>
-END
- if ( `cat /var/ipfire/proxy/advanced/settings | grep ^ENABLE_BLUE=on` ) {
- print "Proxy an";
- if ( `cat /var/ipfire/proxy/advanced/settings | grep ^TRANSPARENT_BLUE=on` ) { print " (transparent)"; }
- } else { print "Proxy aus"; }
- }
- if ( $netsettings{'ORANGE_DEV'} ) { print <<END;
- <tr><td align='center' bgcolor='$Header::colourorange' width='25%'><a href="/cgi-bin/dmzholes.cgi"><font size='2' color='white'><b>$Lang::tr{'dmz'}</b></font></a><br>
- <td width='30%' align='center'>$netsettings{'ORANGE_ADDRESS'}
- <td width='45%' align='center'><font color=$Header::colourgreen>Online</font>
-END
- }
- if ( `cat /var/ipfire/vpn/settings | grep ^ENABLED=on` ||
- `cat /var/ipfire/vpn/settings | grep ^ENABLED_BLUE=on` ) {
- my $ipsecip = `cat /var/ipfire/vpn/settings | grep ^VPN_IP= | cut -c 8-`;
- my @status = `/usr/sbin/ipsec auto --status`;
- my %confighash = ();
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
- print <<END;
- <tr><td align='center' bgcolor='$Header::colourvpn' width='25%'><a href="/cgi-bin/vpnmain.cgi"><font size='2' color='white'><b>$Lang::tr{'vpn'}</b></font></a><br>
- <td width='30%' align='center'>$ipsecip
- <td width='45%' align='center'><font color=$Header::colourgreen>Online</font>
-END
- my $id = 0;
- my $gif;
- foreach my $key (keys %confighash) {
- if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
-
- if ($id % 2) {
- print "<tr><td align='center'> </td><td align='center' nowrap='nowrap' bgcolor='$color{'color20'}'>$confighash{$key}[1] / " . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";
- } else {
- print "<tr><td align='center'> </td><td align='center' nowrap='nowrap' bgcolor='$color{'color22'}'>$confighash{$key}[1] / " . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";
- }
-
- my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
- if ($confighash{$key}[0] eq 'off') {
- $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
- } else {
- foreach my $line (@status) {
- if ($line =~ /\"$confighash{$key}[1]\".*IPsec SA established/) {
- $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
- }
- }
- }
- print "<td align='center'>$active</td>";
- }
- }
- if ( `cat /var/ipfire/ovpn/settings | grep ^ENABLED=on` ||
- `cat /var/ipfire/ovpn/settings | grep ^ENABLED_BLUE=on` ||
- `cat /var/ipfire/ovpn/settings | grep ^ENABLED_ORANGE=on`) {
- my $ovpnip = `cat /var/ipfire/ovpn/settings | grep ^DOVPN_SUBNET= | cut -c 14- | sed -e 's\/\\/255.255.255.0\/\/'`;
- print <<END;
- <tr><td align='center' bgcolor='$Header::colourovpn' width='25%'><a href="/cgi-bin/ovpnmain.cgi"><font size='2' color='white'><b>OpenVPN</b></font></a><br>
- <td width='30%' align='center'>$ovpnip
- <td width='45%' align='center'><font color=$Header::colourgreen>Online</font>
-END
- }
-
-# Memory usage warning
-my @free = `/usr/bin/free`;
-$free[1] =~ m/(\d+)/;
-my $mem = $1;
-$free[2] =~ m/(\d+)/;
-my $used = $1;
-my $pct = int 100 * ($mem - $used) / $mem;
-if ($used / $mem > 90) {
- $warnmessage .= "<li> $Lang::tr{'high memory usage'}: $pct% !</li>\n";
-}
-
-# Diskspace usage warning
-my @temp=();
-my $temp2=();
-my @df = `/bin/df -B M -x rootfs`;
-foreach my $line (@df) {
- next if $line =~ m/^Filesystem/;
- if ($line =~ m/root/ ) {
- $line =~ m/^.* (\d+)M.*$/;
- @temp = split(/ +/,$line);
- if ($1<5) {
- # available:plain value in MB, and not %used as 10% is too much to waste on small disk
- # and root size should not vary during time
- $warnmessage .= "$Lang::tr{'filesystem full'}: $temp[0] <b>$Lang::tr{'free'}=$1M</b> !\n";
- }
-
- } else {
- # $line =~ m/^.* (\d+)m.*$/;
- $line =~ m/^.* (\d+)\%.*$/;
- if ($1>90) {
- @temp = split(/ /,$line);
- $temp2=int(100-$1);
- $warnmessage .= "$Lang::tr{'filesystem full'}: $temp[0] <b>$Lang::tr{'free'}=$temp2%</b> !\n";
- }
- }
-}
-
-if ($warnmessage) {
- print "<tr><td align='center' bgcolor=$Header::colourred colspan='3'><font color='white'>$warnmessage</font></table>";
-}
-print <<END;
-</table>
-
-END
-} else {
- my $message='';
- if ($death) {
- $message = $Lang::tr{'ipfire has now shutdown'};
- } else {
- $message = $Lang::tr{'ipfire has now rebooted'};
- }
- print <<END
-<div align='center'>
-<table width='100%' bgcolor='#ffffff'>
-<tr><td align='center'>
-<br /><br /><img src='/images/IPFire.png' /><br /><br /><br />
-</td></tr>
-</table>
-<br />
-<font size='6'>$message</font>
-</div>
-END
-;
-}
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use IO::Socket;
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %cgiparams=();
-
-&Header::showhttpheaders();
-
-&Header::getcgihash(\%cgiparams);
-
-$ENV{'QUERY_STRING'} =~s/&//g;
-my @addrs = split(/ip=/,$ENV{'QUERY_STRING'});
-
-my %whois_servers = ("RIPE"=>"whois.ripe.net","APNIC"=>"whois.apnic.net","LACNIC"=>"whois.lacnic.net");
-
-&Header::openpage($Lang::tr{'ip info'}, 1, '');
-
-&Header::openbigbox('100%', 'left');
-my @lines=();
-my $extraquery='';
-foreach my $addr (@addrs) {
-next if $addr eq "";
- $extraquery='';
- @lines=();
- my $whoisname = "whois.arin.net";
- my $iaddr = inet_aton($addr);
- my $hostname = gethostbyaddr($iaddr, AF_INET);
- if (!$hostname) { $hostname = $Lang::tr{'lookup failed'}; }
-
- my $sock = new IO::Socket::INET ( PeerAddr => $whoisname, PeerPort => 43, Proto => 'tcp');
- if ($sock)
- {
- print $sock "$addr\n";
- while (<$sock>) {
- $extraquery = $1 if (/NetType: Allocated to (\S+)\s+/);
- push(@lines,$_);
- }
- close($sock);
- if ($extraquery) {
- undef (@lines);
- $whoisname = $whois_servers{$extraquery};
- my $sock = new IO::Socket::INET ( PeerAddr => $whoisname, PeerPort => 43, Proto => 'tcp');
- if ($sock)
- {
- print $sock "$addr\n";
- while (<$sock>) {
- push(@lines,$_);
- }
- }
- else
- {
- @lines = ( "$Lang::tr{'unable to contact'} $whoisname" );
- }
- }
- }
- else
- {
- @lines = ( "$Lang::tr{'unable to contact'} $whoisname" );
- }
-
- &Header::openbox('100%', 'left', $addr . ' (' . $hostname . ') : '.$whoisname);
- print "<pre>\n";
- foreach my $line (@lines) {
- print &Header::cleanhtml($line,"y");
- }
- print "</pre>\n";
- &Header::closebox();
-}
-
-print <<END
-<div align='center'>
-<table width='80%'>
-<tr>
- <td align='center'><a href='$ENV{'HTTP_REFERER'}'>$Lang::tr{'back'}</a></td>
-</tr>
-</table>
-</div>
-END
-;
-
-&Header::closebigbox();
-
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my @iplines;
-my $lines = 0;
-my @ipmanlines;
-my $manlines = 0;
-my @ipnatlines;
-my $natlines = 0;
-
-system('/usr/local/bin/getipstat');
-
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'ipts'}, 1, '');
-&Header::openbigbox('100%', 'LEFT');
-&Header::openbox('100%', 'LEFT', $Lang::tr{'ipts'}.':');
-print <<END
-
- <DIV align='left'>
- <PRE>
-END
-;
- open (FILE, '/srv/web/ipfire/html/iptables.txt');
- while (<FILE>)
- {
- $iplines[$lines] = $_;
- $lines++;
- }
- close (FILE);
- foreach $_ (@iplines) {
- print "$_"; }
-
-print <<END
- </PRE>
- </DIV>
- <BR>
-
-END
-;
-&Header::closebox();
-
-## MANGLE
-&Header::openbox('100%', 'LEFT', $Lang::tr{'iptmangles'}.':');
-print <<END
-
- <DIV align='left'>
- <PRE>
-END
-;
- open (FILEMAN, '/srv/web/ipfire/html/iptablesmangle.txt');
- while (<FILEMAN>)
- {
- $ipmanlines[$manlines] = $_;
- $manlines++;
- }
- close (FILEMAN);
- foreach $_ (@ipmanlines) {
- print "$_"; }
-
-print <<END
- </PRE>
- </DIV>
- <BR>
-
-END
-;
-&Header::closebox();
-
-## NAT
-&Header::openbox('100%', 'LEFT', $Lang::tr{'iptnats'}.':');
-print <<END
-
- <DIV align='left'>
- <PRE>
-END
-;
- open (FILENAT, '/srv/web/ipfire/html/iptablesnat.txt');
- while (<FILENAT>)
- {
- $ipnatlines[$natlines] = $_;
- $natlines++;
- }
- close (FILENAT);
- foreach $_ (@ipnatlines) {
- print "$_"; }
-
-print <<END
- </PRE>
- </DIV>
- <BR>
-
-END
-;
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-system(rm -f "/srv/web/ipfire/html/iptables.txt");
-system(rm -f "/srv/web/ipfire/html/iptablesmangle.txt");
-system(rm -f "/srv/web/ipfire/html/iptablesnat.txt");
+++ /dev/null
-#!/usr/bin/perl
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) 2005,2006 marco.s
-#
-# $Id: calamaris.dat,v 2.1 2006/03/12 00:00:00 marco.s Exp $
-#
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-use Time::Local;
-use IO::Socket;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my $unique=time;
-
-my $squidlogdir = "/var/log/squid";
-my $reportdir = "${General::swroot}/proxy/calamaris/reports";
-
-unless (-e $reportdir) { mkdir($reportdir) }
-
-my %cgiparams=();
-my %reportsettings=();
-my %selected=();
-my %checked=();
-
-my $errormessage='';
-
-my $hintcolour='#FFFFCC';
-
-my $commandline='';
-
-my %monthidx = (qw(Jan 0 Feb 1 Mar 2 Apr 3 May 4 Jun 5 Jul 6 Aug 7 Sep 8 Oct 9 Nov 10 Dec 11));
-
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'},
- $Lang::tr{'august'}, $Lang::tr{'september'}, $Lang::tr{'october'},
- $Lang::tr{'november'}, $Lang::tr{'december'} );
-
-my @now = localtime(time);
-my $year = $now[5]+1900;
-
-my $day_begin=0;
-my $month_begin=0;
-my $year_begin=0;
-my $day_end=0;
-my $month_end=0;
-my $year_end=0;
-
-$reportsettings{'ACTION'} = '';
-
-$reportsettings{'DAY_BEGIN'} = $now[3];
-$reportsettings{'MONTH_BEGIN'} = $now[4];
-$reportsettings{'YEAR_BEGIN'} = $now[5]+1900;
-$reportsettings{'DAY_END'} = $now[3];
-$reportsettings{'MONTH_END'} = $now[4];
-$reportsettings{'YEAR_END'} = $now[5]+1900;
-
-$reportsettings{'ENABLE_DOMAIN'} = 'off';
-$reportsettings{'NUM_DOMAINS'} = '10';
-$reportsettings{'ENABLE_PERFORMANCE'} = 'off';
-$reportsettings{'PERF_INTERVAL'} = '60';
-$reportsettings{'ENABLE_CONTENT'} = 'off';
-$reportsettings{'NUM_CONTENT'} = '10';
-$reportsettings{'ENABLE_REQUESTER'} = 'off';
-$reportsettings{'ENABLE_USERNAME'} = 'off';
-$reportsettings{'NUM_HOSTS'} = '10';
-$reportsettings{'NUM_URLS'} = '0';
-$reportsettings{'ENABLE_HISTOGRAM'} = 'off';
-$reportsettings{'HIST_LEVEL'} = '10';
-$reportsettings{'ENABLE_VERBOSE'} = 'off';
-$reportsettings{'BYTE_UNIT'} = 'B';
-$reportsettings{'SKIP_GZLOGS'} = 'off';
-$reportsettings{'RUN_BACKGROUND'} = 'off';
-
-&Header::getcgihash(\%reportsettings);
-
-if ($reportsettings{'ACTION'} eq $Lang::tr{'calamaris create report'})
-{
- $cgiparams{'DAY_BEGIN'} = $reportsettings{'DAY_BEGIN'};
- $cgiparams{'MONTH_BEGIN'} = $reportsettings{'MONTH_BEGIN'};
- $cgiparams{'YEAR_BEGIN'} = $reportsettings{'YEAR_BEGIN'};
- $cgiparams{'DAY_END'} = $reportsettings{'DAY_END'};
- $cgiparams{'MONTH_END'} = $reportsettings{'MONTH_END'};
- $cgiparams{'YEAR_END'} = $reportsettings{'YEAR_END'};
-
- delete $reportsettings{'DAY_BEGIN'};
- delete $reportsettings{'MONTH_BEGIN'};
- delete $reportsettings{'YEAR_BEGIN'};
- delete $reportsettings{'DAY_END'};
- delete $reportsettings{'MONTH_END'};
- delete $reportsettings{'YEAR_END'};
-
- &General::writehash("${General::swroot}/proxy/calamaris/settings", \%reportsettings);
-
- $reportsettings{'DAY_BEGIN'} = $cgiparams{'DAY_BEGIN'};
- $reportsettings{'MONTH_BEGIN'} = $cgiparams{'MONTH_BEGIN'};
- $reportsettings{'YEAR_BEGIN'} = $cgiparams{'YEAR_BEGIN'};
- $reportsettings{'DAY_END'} = $cgiparams{'DAY_END'};
- $reportsettings{'MONTH_END'} = $cgiparams{'MONTH_END'};
- $reportsettings{'YEAR_END'} = $cgiparams{'YEAR_END'};
-
- $day_begin = $reportsettings{'DAY_BEGIN'};
- $month_begin = $reportsettings{'MONTH_BEGIN'};
- $year_begin = $reportsettings{'YEAR_BEGIN'};
- $day_end = $reportsettings{'DAY_END'};
- $month_end = $reportsettings{'MONTH_END'};
- $year_end = $reportsettings{'YEAR_END'};
-
- if ($reportsettings{'SKIP_GZLOGS'} eq 'on') { $commandline.='nogz '; }
-
- $commandline.="$day_begin $month_begin $year_begin $day_end $month_end $year_end";
-
- if ($reportsettings{'ENABLE_DOMAIN'} eq 'on')
- {
- $commandline.=' -d ';
- $commandline.=$reportsettings{'NUM_DOMAINS'};
- }
- if ($reportsettings{'ENABLE_PERFORMANCE'} eq 'on')
- {
- $commandline.=' -P ';
- $commandline.=$reportsettings{'PERF_INTERVAL'};
- }
- if ($reportsettings{'ENABLE_CONTENT'} eq 'on')
- {
- $commandline.=' -t ';
- $commandline.=$reportsettings{'NUM_CONTENT'};
- }
- if ($reportsettings{'ENABLE_HISTOGRAM'} eq 'on')
- {
- $commandline.=' -D ';
- $commandline.=$reportsettings{'HIST_LEVEL'};
- }
- if ($reportsettings{'ENABLE_REQUESTER'} eq 'on')
- {
- if ($reportsettings{'ENABLE_USERNAME'} eq 'on')
- {
- $commandline.=' -u';
- }
- $commandline.=' -r ';
- $commandline.=$reportsettings{'NUM_HOSTS'};
-
- unless ($reportsettings{'NUM_URLS'} eq '0')
- {
- $commandline.=' -R ';
- $commandline.=$reportsettings{'NUM_URLS'};
- }
- }
- unless ($reportsettings{'BYTE_UNIT'} eq 'B')
- {
- $commandline.=' -U ';
- $commandline.=$reportsettings{'BYTE_UNIT'};
- }
- if ($reportsettings{'ENABLE_VERBOSE'} eq 'on')
- {
- $commandline.=' -s';
- }
-
- $commandline.=' < /dev/null > /dev/null 2>&1';
-
- if ($reportsettings{'RUN_BACKGROUND'} eq 'on') { $commandline.=" &"; }
-
- system("${General::swroot}/proxy/calamaris/bin/mkreport $commandline")
-}
-
-if ($reportsettings{'ACTION'} eq $Lang::tr{'export'})
-{
- print "Content-type: application/octet-stream\n";
- print "Content-length: ";
- print (-s "$reportdir/$reportsettings{'REPORT'}");
- print "\n";
- print "Content-disposition: attachment; filename=$reportsettings{'REPORT'}\n\n";
-
- open (FILE, "$reportdir/$reportsettings{'REPORT'}");
- while (<FILE>) { print; }
- close (FILE);
-
- exit;
-}
-
-if ($reportsettings{'ACTION'} eq $Lang::tr{'delete'}) { unlink("$reportdir/$reportsettings{'REPORT'}"); }
-
-if (-e "${General::swroot}/proxy/calamaris/settings")
-{
- &General::readhash("${General::swroot}/proxy/calamaris/settings", \%reportsettings);
-}
-
-&Header::showhttpheaders();
-
-$checked{'ENABLE_DOMAIN'}{'off'} = '';
-$checked{'ENABLE_DOMAIN'}{'on'} = '';
-$checked{'ENABLE_DOMAIN'}{$reportsettings{'ENABLE_DOMAIN'}} = "checked='checked'";
-$selected{'NUM_DOMAINS'}{$reportsettings{'NUM_DOMAINS'}} = "selected='selected'";
-$checked{'ENABLE_PERFORMANCE'}{'off'} = '';
-$checked{'ENABLE_PERFORMANCE'}{'on'} = '';
-$checked{'ENABLE_PERFORMANCE'}{$reportsettings{'ENABLE_PERFORMANCE'}} = "checked='checked'";
-$selected{'PERF_INTERVAL'}{$reportsettings{'PERF_INTERVAL'}} = "selected='selected'";
-$checked{'ENABLE_CONTENT'}{'off'} = '';
-$checked{'ENABLE_CONTENT'}{'on'} = '';
-$checked{'ENABLE_CONTENT'}{$reportsettings{'ENABLE_CONTENT'}} = "checked='checked'";
-$selected{'NUM_CONTENT'}{$reportsettings{'NUM_CONTENT'}} = "selected='selected'";
-$checked{'ENABLE_REQUESTER'}{'off'} = '';
-$checked{'ENABLE_REQUESTER'}{'on'} = '';
-$checked{'ENABLE_REQUESTER'}{$reportsettings{'ENABLE_REQUESTER'}} = "checked='checked'";
-$checked{'ENABLE_USERNAME'}{'off'} = '';
-$checked{'ENABLE_USERNAME'}{'on'} = '';
-$checked{'ENABLE_USERNAME'}{$reportsettings{'ENABLE_USERNAME'}} = "checked='checked'";
-$selected{'NUM_HOSTS'}{$reportsettings{'NUM_HOSTS'}} = "selected='selected'";
-$selected{'NUM_URLS'}{$reportsettings{'NUM_URLS'}} = "selected='selected'";
-$checked{'ENABLE_HISTOGRAM'}{'off'} = '';
-$checked{'ENABLE_HISTOGRAM'}{'on'} = '';
-$checked{'ENABLE_HISTOGRAM'}{$reportsettings{'ENABLE_HISTOGRAM'}} = "checked='checked'";
-$selected{'HIST_LEVEL'}{$reportsettings{'HIST_LEVEL'}} = "selected='selected'";
-$checked{'ENABLE_VERBOSE'}{'off'} = '';
-$checked{'ENABLE_VERBOSE'}{'on'} = '';
-$checked{'ENABLE_VERBOSE'}{$reportsettings{'ENABLE_VERBOSE'}} = "checked='checked'";
-$selected{'BYTE_UNIT'}{$reportsettings{'BYTE_UNIT'}} = "selected='selected'";
-$checked{'SKIP_GZLOGS'}{'off'} = '';
-$checked{'SKIP_GZLOGS'}{'on'} = '';
-$checked{'SKIP_GZLOGS'}{$reportsettings{'SKIP_GZLOGS'}} = "checked='checked'";
-$checked{'RUN_BACKGROUND'}{'off'} = '';
-$checked{'RUN_BACKGROUND'}{'on'} = '';
-$checked{'RUN_BACKGROUND'}{$reportsettings{'RUN_BACKGROUND'}} = "checked='checked'";
-
-&Header::openpage($Lang::tr{'calamaris proxy reports'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%' border='0'>
-<tr>
- <td colspan='8' class='base'><b>$Lang::tr{'calamaris report period'}</b></td>
-</tr>
-<tr>
- <td width='9%' class='base'>$Lang::tr{'from'}:</td>
- <td width='15%'>
- <select name='MONTH_BEGIN'>
-END
-;
-for ($month_begin = 0; $month_begin < 12; $month_begin++)
-{
- print "\t<option ";
- if ($month_begin == $reportsettings{'MONTH_BEGIN'}) {
- print 'selected="selected" '; }
- print "value='$month_begin'>$longmonths[$month_begin]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='9%'>
- <select name='DAY_BEGIN'>
-END
-;
-for ($day_begin = 1; $day_begin <= 31; $day_begin++)
-{
- print "\t<option ";
- if ($day_begin == $reportsettings{'DAY_BEGIN'}) {
- print 'selected="selected" '; }
- print "value='$day_begin'>$day_begin</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='12%'>
- <select name='YEAR_BEGIN'>
-END
-;
-for ($year_begin = $year-2; $year_begin <= $year+1; $year_begin++)
-{
- print "\t<option ";
- if ($year_begin == $reportsettings{'YEAR_BEGIN'}) {
- print 'selected="selected" '; }
- print "value='$year_begin'>$year_begin</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='9%' class='base'>$Lang::tr{'to'}:</td>
- <td width='15%'>
- <select name='MONTH_END'>
-END
-;
-for ($month_end = 0; $month_end < 12; $month_end++)
-{
- print "\t<option ";
- if ($month_end == $reportsettings{'MONTH_END'}) {
- print 'selected="selected" '; }
- print "value='$month_end'>$longmonths[$month_end]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='9%'>
- <select name='DAY_END'>
-END
-;
-for ($day_end = 1; $day_end <= 31; $day_end++)
-{
- print "\t<option ";
- if ($day_end == $reportsettings{'DAY_END'}) {
- print 'selected="selected" '; }
- print "value='$day_end'>$day_end</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='22%'>
- <select name='YEAR_END'>
-END
-;
-for ($year_end = $year-2; $year_end <= $year+1; $year_end++)
-{
- print "\t<option ";
- if ($year_end == $reportsettings{'YEAR_END'}) {
- print 'selected="selected" '; }
- print "value='$year_end'>$year_end</option>\n";
-}
-print <<END
- </select>
- </td>
-</tr>
-</table>
-
-<hr size='1'>
-
-<table width='100%' border='0'>
-<tr>
- <td colspan='4' class='base'><b>$Lang::tr{'calamaris report options'}</b></td>
-</tr>
-<tr>
- <td width='30%' class='base'>$Lang::tr{'calamaris enable domain report'}:</td>
- <td width='15%'><input type='checkbox' name='ENABLE_DOMAIN' $checked{'ENABLE_DOMAIN'}{'on'} /> [-d]</td>
- <td width='30%' class='base'>$Lang::tr{'calamaris number of domains'}:</td>
- <td width='25%'><select name='NUM_DOMAINS'>
- <option value='10' $selected{'NUM_DOMAINS'}{'10'}>10</option>
- <option value='25' $selected{'NUM_DOMAINS'}{'25'}>25</option>
- <option value='100' $selected{'NUM_DOMAINS'}{'100'}>100</option>
- <option value='-1' $selected{'NUM_DOMAINS'}{'-1'}>$Lang::tr{'calamaris unlimited'}</option>
- </select></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'calamaris enable performance report'}:</td>
- <td><input type='checkbox' name='ENABLE_PERFORMANCE' $checked{'ENABLE_PERFORMANCE'}{'on'} /> [-P]</td>
- <td class='base'>$Lang::tr{'calamaris report interval (in minutes)'}:</td>
- <td><select name='PERF_INTERVAL'>
- <option value='30' $selected{'PERF_INTERVAL'}{'30'}>30</option>
- <option value='60' $selected{'PERF_INTERVAL'}{'60'}>60</option>
- <option value='120' $selected{'PERF_INTERVAL'}{'120'}>120</option>
- <option value='240' $selected{'PERF_INTERVAL'}{'240'}>240</option>
- <option value='480' $selected{'PERF_INTERVAL'}{'480'}>480</option>
- <option value='720' $selected{'PERF_INTERVAL'}{'720'}>720</option>
- <option value='1440' $selected{'PERF_INTERVAL'}{'1440'}>1440</option>
- </select></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'calamaris enable content report'}:</td>
- <td><input type='checkbox' name='ENABLE_CONTENT' $checked{'ENABLE_CONTENT'}{'on'} /> [-t]</td>
- <td class='base'>$Lang::tr{'calamaris number of content types'}:</td>
- <td><select name='NUM_CONTENT'>
- <option value='10' $selected{'NUM_CONTENT'}{'10'}>10</option>
- <option value='25' $selected{'NUM_CONTENT'}{'25'}>25</option>
- <option value='100' $selected{'NUM_CONTENT'}{'100'}>100</option>
- <option value='-1' $selected{'NUM_CONTENT'}{'-1'}>$Lang::tr{'calamaris unlimited'}</option>
- </select></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'calamaris enable requester report'}:</td>
- <td><input type='checkbox' name='ENABLE_REQUESTER' $checked{'ENABLE_REQUESTER'}{'on'} /> [-r/-R]</td>
- <td class='base'>$Lang::tr{'calamaris number of requesting hosts'}:</td>
- <td><select name='NUM_HOSTS'>
- <option value='10' $selected{'NUM_HOSTS'}{'10'}>10</option>
- <option value='25' $selected{'NUM_HOSTS'}{'25'}>25</option>
- <option value='100' $selected{'NUM_HOSTS'}{'100'}>100</option>
- <option value='-1' $selected{'NUM_HOSTS'}{'-1'}>$Lang::tr{'calamaris unlimited'}</option>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'calamaris show usernames'}:</td>
- <td><input type='checkbox' name='ENABLE_USERNAME' $checked{'ENABLE_USERNAME'}{'on'} /> [-u]</td>
- <td class='base'>$Lang::tr{'calamaris number of requested urls'}:</td>
- <td><select name='NUM_URLS'>
- <option value='0' $selected{'NUM_URLS'}{'0'}>$Lang::tr{'calamaris none'}</option>
- <option value='10' $selected{'NUM_URLS'}{'10'}>10</option>
- <option value='25' $selected{'NUM_URLS'}{'25'}>25</option>
- <option value='100' $selected{'NUM_URLS'}{'100'}>100</option>
- <option value='-1' $selected{'NUM_URLS'}{'-1'}>$Lang::tr{'calamaris unlimited'}</option>
- </select></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'calamaris enable distribution histogram'}:</td>
- <td><input type='checkbox' name='ENABLE_HISTOGRAM' $checked{'ENABLE_HISTOGRAM'}{'on'} /> [-D]</td>
- <td class='base'>$Lang::tr{'calamaris histogram resolution'}:</td>
- <td><select name='HIST_LEVEL'>
- <option value='1000' $selected{'HIST_LEVEL'}{'1000'}>$Lang::tr{'calamaris low'}</option>
- <option value='10' $selected{'HIST_LEVEL'}{'10'}>$Lang::tr{'calamaris medium'}</option>
- <option value='2' $selected{'HIST_LEVEL'}{'2'}>$Lang::tr{'calamaris high'}</option>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'calamaris enable verbose reporting'}:</td>
- <td><input type='checkbox' name='ENABLE_VERBOSE' $checked{'ENABLE_VERBOSE'}{'on'} /> [-s]</td>
- <td class='base'>$Lang::tr{'calamaris byte unit'}:</td>
- <td><select name='BYTE_UNIT'>
- <option value='B' $selected{'BYTE_UNIT'}{'B'}>Byte</option>
- <option value='K' $selected{'BYTE_UNIT'}{'K'}>KByte</option>
- <option value='M' $selected{'BYTE_UNIT'}{'M'}>MByte</option>
- <option value='G' $selected{'BYTE_UNIT'}{'G'}>GByte</option>
-</tr>
-</table>
-
-<hr size='1'>
-
-<table width='100%' border='0'>
-<tr>
- <td colspan='4' class='base'><b>$Lang::tr{'calamaris performance options'}</b></td>
-</tr>
-<tr>
- <td width='30%' class='base'>$Lang::tr{'calamaris skip archived logfiles'}:</td>
- <td width='15%'><input type='checkbox' name='SKIP_GZLOGS' $checked{'SKIP_GZLOGS'}{'on'} /></td>
- <td width='30%'class='base'>$Lang::tr{'calamaris run as background task'}:</td>
- <td width='25%'><input type='checkbox' name='RUN_BACKGROUND' $checked{'RUN_BACKGROUND'}{'on'} /></td>
-</tr>
-</table>
-
-<hr size='1'>
-
-<table width='100%' border='0'>
-<tr>
-<td align='left'> </td>
-<td width='33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'calamaris create report'}' /></td>
-<td width='33%' align='right'> </td>
-</tr>
-
-</table>
-
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', "$Lang::tr{'calamaris available reports'}:");
-
-my @content=();
-my @reports=();
-my @reportdata=();
-my $description;
-
-undef @reports;
-
-foreach (<$reportdir/*>)
-{
- open (FILE, "$_");
- @content=<FILE>;
- if ($content[3] =~ /^Report\speriod/)
- {
- $description = timelocal(
- substr($content[4],31,2),
- substr($content[4],28,2),
- substr($content[4],25,2),
- substr($content[4],15,2),
- $monthidx{substr($content[4],18,3)},
- "20".substr($content[4],22,2));
- push(@reports,join("#",$description,substr($_,rindex($_,"/")+1),$content[3],$content[4]));
- }
- close FILE;
-}
-
-@reports=reverse(sort(@reports));
-
-
-print <<END
-
-<table width='100%' border='0'>
-<tr>
-END
-;
-
-if (@reports)
-{
- print "<td><select name='REPORT' size='5'>\n";
- my $n=0;
- foreach (@reports)
- {
- @reportdata=split(/#/);
- print "\t<option ";
- if ($n eq '0') { print "selected "; $reportsettings{'REPORT'}=$reportdata[1]; $n++}
- print "value='$reportdata[1]'>$reportdata[2] - $reportdata[3]</option>\n";
- }
- print "</select></td>\n";
-} else { print "<td><i>$Lang::tr{'calamaris no reports available'}</i></td>\n"; }
-
-print <<END
-</tr>
-</table>
-<hr size='1'>
-<table width='100%' cellpadding='5' border='0'>
-<tr>
-<td><input type='submit' name='ACTION' value='$Lang::tr{'calamaris refresh list'}' /></td>
-END
-;
-
-if (@reports)
-{
-print <<END
-<td> </td>
-<td> </td>
-<td><input type='submit' name='ACTION' value='$Lang::tr{'calamaris view'}' /></td>
-<td><input type='submit' name='ACTION' value='$Lang::tr{'export'}' /></td>
-<td><input type='submit' name='ACTION' value='$Lang::tr{'delete'}' /></td>
-<td width='95%'></td>
-END
-;
-}
-
-print <<END
-</tr>
-</table>
-</form>
-END
-;
-
-if (($reportsettings{'ACTION'} eq $Lang::tr{'calamaris view'}) && (!($reportsettings{'REPORT'} eq '')))
-{
- &Header::closebox();
- &Header::openbox('100%', 'left', "$Lang::tr{'calamaris view report'}:");
- print "<pre>\n";
- open (FILE, "$reportdir/$reportsettings{'REPORT'}");
- @content=<FILE>;
- close FILE;
- foreach (@content)
- {
- s/</\</;
- s/>/\>/;
- print;
- }
- print "</pre>\n";
-}
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-#
-# IPFire CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The IPFire Team
-#
-# $Id: config.dat,v 1.2.2.10 2005/06/14 12:32:07 eoberlander Exp $
-#
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %logsettings=();
-my %checked=();
-my %selected=();
-my $errormessage='';
-
-&Header::showhttpheaders();
-
-$logsettings{'LOGVIEW_REVERSE'} = 'off';
-$logsettings{'LOGVIEW_VIEWSIZE'} = '150';
-$logsettings{'LOGWATCH_LEVEL'} = 'Low';
-$logsettings{'LOGWATCH_KEEP'} = '56';
-my @VS = ('15','50','100','150','250','500');
-$logsettings{'ENABLE_REMOTELOG'} = 'off';
-$logsettings{'REMOTELOG_ADDR'} = '';
-$logsettings{'VARMESSAGES'} = 'cron.none;daemon.*;local0.*;local2.*;*.info;mail.none;authpriv.*';
-$logsettings{'ACTION'} = '';
-&Header::getcgihash(\%logsettings);
-
-if ($logsettings{'ACTION'} eq $Lang::tr{'save'})
-{
- if ($logsettings{'ENABLE_REMOTELOG'} eq 'on')
- {
- unless ( &General::validfqdn($logsettings{'REMOTELOG_ADDR'}) ||
- &General::validip ($logsettings{'REMOTELOG_ADDR'}))
- {
- $errormessage = $Lang::tr{'invalid logserver address'};
- }
- }
- unless ($logsettings{'LOGWATCH_KEEP'} =~ /^\d+$/)
- {
- $errormessage = $Lang::tr{'invalid keep time'};
- }
- unless ($logsettings{'LOGWATCH_LEVEL'} =~ /^Low|Med|High$/)
- {
- $errormessage = $Lang::tr{'invalid input'};
- }
- unless ($errormessage)
- {
- &General::writehash("${General::swroot}/logging/settings", \%logsettings);
- system('/usr/local/bin/syslogdctrl') == 0
- or $errormessage = "$Lang::tr{'bad return code'} " . $?/256;
- }
-
-}
-
-&General::readhash("${General::swroot}/logging/settings", \%logsettings);
-
-$checked{'ENABLE_REMOTELOG'}{'off'} = '';
-$checked{'ENABLE_REMOTELOG'}{'on'} = '';
-$checked{'ENABLE_REMOTELOG'}{$logsettings{'ENABLE_REMOTELOG'}} = "checked='checked'";
-
-$checked{'LOGVIEW_REVERSE'}{'off'} = '';
-$checked{'LOGVIEW_REVERSE'}{'on'} = '';
-$checked{'LOGVIEW_REVERSE'}{$logsettings{'LOGVIEW_REVERSE'}} = "checked='checked'";
-
-$selected{'LOGWATCH_LEVEL'}{'Low'} = '';
-$selected{'LOGWATCH_LEVEL'}{'Med'} = '';
-$selected{'LOGWATCH_LEVEL'}{'High'} = '';
-$selected{'LOGWATCH_LEVEL'}{$logsettings{'LOGWATCH_LEVEL'}} = "selected='selected'";
-
-map ($selected{'LOGVIEW_VIEWSIZE'}{$_} = '', @VS);
-$selected{'LOGVIEW_VIEWSIZE'}{$logsettings{'LOGVIEW_VIEWSIZE'}} = "selected='selected'";
-
-&Header::openpage($Lang::tr{'log settings'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-&Header::openbox('100%', 'left', $Lang::tr{'log viewing options'});
-print <<END
-<table width='100%'>
-<tr>
- <td><input type='checkbox' name='LOGVIEW_REVERSE' $checked{'LOGVIEW_REVERSE'}{'on'} /></td>
- <td class='base' width='50%'>$Lang::tr{'reverse sort'}</td>
- <td class='base' width='25%' align='right'>$Lang::tr{'log lines per page'}: </td>
- <td width='25%'><select name='LOGVIEW_VIEWSIZE'>
-END
-;
-foreach my $vs (@VS) {
- print "\t<option value='$vs' $selected{'LOGVIEW_VIEWSIZE'}{$vs}>$vs</option>\n";
-}
-print <<END
- </select></td>
-</tr>
-</table>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'log summaries'});
-print <<END
-<table width='100%'>
-<tr>
- <td class='base' width='50%'>$Lang::tr{'summaries kept'}
- <input type='text' name='LOGWATCH_KEEP'
- value='$logsettings{'LOGWATCH_KEEP'}' size='4' /> $Lang::tr{'days'}</td>
- <td>$Lang::tr{'detail level'}:</td><td>
- <select name='LOGWATCH_LEVEL'>
- <option value='Low' $selected{'LOGWATCH_LEVEL'}{'Low'}>$Lang::tr{'low'}</option>
- <option value='Med' $selected{'LOGWATCH_LEVEL'}{'Med'}>$Lang::tr{'medium'}</option>
- <option value='High' $selected{'LOGWATCH_LEVEL'}{'High'}>$Lang::tr{'high'}</option>
- </select></td>
-</tr>
-</table>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'remote logging'});
-print <<END
-<table width='100%'>
-<tr>
- <td class='base'>$Lang::tr{'enabled'}</td><td><input type='checkbox' name='ENABLE_REMOTELOG' $checked{'ENABLE_REMOTELOG'}{'on'} /></td>
- <td>$Lang::tr{'log server address'}</td><td><input type='text' name='REMOTELOG_ADDR' value='$logsettings{'REMOTELOG_ADDR'}' /></td>
-</tr>
-</table>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'messages logging'});
-print <<END
-<table width='100%'>
-<tr>
- <td>$Lang::tr{'log var messages'}</td><td><input type='text' name='VARMESSAGES' size='50' value='$logsettings{'VARMESSAGES'}' /></td>
-</tr>
-</table>
-END
-;
-&Header::closebox();
-
-print <<END
-<div align='center'>
-<table width='60%'>
-<tr>
- <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
-</tr>
-</table>
-</div>
-END
-;
-
-print "</form>\n";
-
-&Header::closebigbox();
-
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-#
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The SmoothWall Team
-#
-# $Id: firewalllog.dat,v 1.4.2.18 2005/08/23 12:01:50 eoberlander Exp $
-#
-# July 28, 2003 - Darren Critchley - darren@kdi.ca
-# - added source mac adapter to layout
-#
-use strict;
-
-use Geo::IP::PurePerl;
-use Getopt::Std;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-use POSIX();
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table2colour} );
-undef (@dummy);
-
-my %cgiparams=();
-my %logsettings=();
-my $errormessage = '';
-
-my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
- 'Sep', 'Oct', 'Nov', 'Dec' );
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime();
-my $dow = $now[6];
-my $doy = $now[7];
-my $tdoy = $now[7];
-my $year = $now[5]+1900;
-
-$cgiparams{'DAY'} = $now[3];
-$cgiparams{'MONTH'} = $now[4];
-$cgiparams{'ACTION'} = '';
-
-&Header::getcgihash(\%cgiparams);
-$logsettings{'LOGVIEW_REVERSE'} = 'off';
-&General::readhash("${General::swroot}/logging/settings", \%logsettings);
-${Header::viewsize} = defined ($logsettings{'LOGVIEW_VIEWSIZE'}) ? $logsettings{'LOGVIEW_VIEWSIZE'} : 150;
-
-my $start = ($logsettings{'LOGVIEW_REVERSE'} eq 'on') ? 0x7FFFF000 : 0; #index of firts line number to display
-
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
-{
- my @temp = split(',',$ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
-{
- $cgiparams{'DAY'} = $now[3];
- $cgiparams{'MONTH'} = $now[4];
-}
-elsif($cgiparams{'ACTION'} eq '>>')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- if ($cgiparams{'DAY'}) {
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day +
- ## 86400 seconds in a day
- } else {
- $temp_now[3] = 1;
- $temp_now[4] = ($temp_now[4]+1) %12;
- @temp_then = localtime(POSIX::mktime(@temp_now) );
- $temp_then[3] = 0;
- }
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- if ($cgiparams{'DAY'}) {
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the next day -
- ## 86400 seconds in a day
- } else {
- $temp_now[3] = 1;
- $temp_now[4] = ($temp_now[4]-1) %12;
- @temp_then = localtime(POSIX::mktime(@temp_now) );
- $temp_then[3] = 0;
- }
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-# Find in which file.gz is the log. Can be calculated because WEEKLY ROTATING of access.log
-my $gzindex;
-my $date = $cgiparams{'DAY'} == 0 ? '' : $cgiparams{'DAY'} <= 9 ? "0$cgiparams{'DAY'}" : "$cgiparams{'DAY'}";
-
-{
- my $xday;
-
- # Calculate time. If future date, calculate for past year !!!
- if (( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- $xday = POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 );
- $date = "$longmonths[$cgiparams{'MONTH'}] $date, ". int($year-1);
- } else {
- $xday = POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 );
- $date = "$longmonths[$cgiparams{'MONTH'}] $date, $year";
- }
-
- # calculate end of active week (saturday 23H59)
- my @then = ();
- @then = localtime(time());
- my $sunday = POSIX::mktime( 0, 0, 0, @then[3], @then[4], @then[5]);
- $sunday += (6-$then[6]) * 86400;
-
- # Convert delta in second to full weeks
- $gzindex = int (($sunday-$xday)/604800 );
-}
-
-my $monthstr = $shortmonths[$cgiparams{'MONTH'}];
-my $daystr = $cgiparams{'DAY'} == 0 ? '..' : $cgiparams{'DAY'} <= 9 ? " $cgiparams{'DAY'}" : "$cgiparams{'DAY'}";
-
-my $lines = 0;
-my @log=();
-
-my $loop = 1;
-my $filestr = 0;
-my $lastdatetime; # for debug
-my $search_for_end = 0;
-
-while ($gzindex >=0 && $loop) {
- # calculate file name
- if ($gzindex == 0) {
- $filestr = "/var/log/messages";
- } else {
- $filestr = "/var/log/messages.$gzindex";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
- }
- # now read file if existing
- if (open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr))) {
- #&General::log("reading $filestr");
- READ:while (<FILE>) {
- my $line = $_;
- if ($line =~ /^${monthstr} ${daystr} ..:..:.. [\w\-]+ kernel:.*IN=.*$/) {
- # when standart viewing, just keep in memory the correct slice
- # it starts a '$start' and size is $viewport
- # If export, then keep all lines...
- if ($cgiparams{'ACTION'} eq $Lang::tr{'export'}){
- $log[$lines++] = "$line";
- } else {
- if ($lines++ < ($start + $Header::viewsize)) {
- push(@log,"$line");
- if (@log > $Header::viewsize) {
- shift (@log);
- }
- #} else { dont do this optimisation, need to count lines !
- # $datetime = $maxtime; # we have read viewsize lines, stop main loop
- # last READ; # exit read file
- }
- }
- $search_for_end = 1; # we find the start of slice, can look for end now
- } else {
- if ($search_for_end == 1) {
- #finish read files when date is over (test month equality only)
- $line =~ /^(...) (..) ..:..:..*$/;
- $loop = 0 if ( ($1 ne $monthstr) || ( ($daystr ne '..') && ($daystr ne $2) ) );
- }
- }
- }
- close (FILE);
- }
- $gzindex--; # will try next gz file eg 40,39,38,.... because it may have holes when ipcop stopped
- # for a long time
-}# while
-
-# $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'export'})
-{
- print "Content-type: text/plain\n\n";
- print "IPFire firewall log\r\n";
- print "$Lang::{'date'}: $date\r\n\r\n";
-
- if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @log = reverse @log; }
-
- foreach $_ (@log)
- {
- /^... (..) (..:..:..) [\w\-]+ kernel:.*(IN=.*)$/;
- my $day = $1;
- $day =~ tr / /0/;
- my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
- print "$time $3\r\n";
-
- }
- exit 0;
-}
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'firewall log'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td width='10%' class='base'>$Lang::tr{'month'}: </td>
- <td width='10%'>
- <select name='MONTH'>
-END
-;
-for (my $month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print "selected='selected' "; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base' align='right'> $Lang::tr{'day'}: </td>
- <td width='40%'>
- <select name='DAY'>
-END
-;
-print "<option value='0'>$Lang::tr{'all'}</option>\n";
-for (my $day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print "selected='selected' "; }
- print "value='$day'>$day</option>\n";
-}
-print <<END
-</select>
-</td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
-<td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
-<td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'export'}' /></td>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'log'});
-print "<p><b>$Lang::tr{'firewall hits'} $date: $lines</b></p>";
-
-$start = $lines - ${Header::viewsize} if ($start >= $lines - ${Header::viewsize});
-$start = 0 if ($start < 0);
-
-my $prev;
- if ($start == 0) {
- $prev = -1;
- } else {
- $prev = $start - ${Header::viewsize};
- $prev = 0 if ( $prev < 0);
- }
-
-my $next;
- if ($start == $lines - ${Header::viewsize}) {
- $next = -1;
- } else {
- $next = $start + ${Header::viewsize};
- $next = $lines - ${Header::viewsize} if ($next >= $lines - ${Header::viewsize});
- }
-
-if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @log = reverse @log; }
-if ($lines != 0) { &oldernewer(); }
-
-print <<END
-<table width='100%'>
-<tr>
- <td align='center' class='boldbase'><b>$Lang::tr{'time'}</b></td>
- <td align='center' class='boldbase'><b>$Lang::tr{'chain'}</b></td>
- <td align='center' class='boldbase'><b>$Lang::tr{'iface'}</b></td>
- <td align='center' class='boldbase'><b>$Lang::tr{'proto'}</b></td>
- <td align='center' class='boldbase'><b>$Lang::tr{'source'}<br/>$Lang::tr{'destination'}</b></td>
- <td align='center' class='boldbase'><b>$Lang::tr{'src port'}<br />$Lang::tr{'dst port'}</b></td>
- <td align='center' class='boldbase'><b>Flag</b></td>
- <td align='center' class='boldbase'><b>$Lang::tr{'mac address'}</b></td>
-</tr>
-END
-;
-
-
-$lines = 0;
-foreach $_ (@log)
-{
- /^... (..) (..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
- my $day = $1;
- $day =~ tr / /0/;
- my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
- my $comment = $3;
- my $packet = $4;
-
- $packet =~ /IN=(\w+)/; my $iface=$1;
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
- $packet =~ /DST=([\d\.]+)/; my $dstaddr=$1;
- $packet =~ /MAC=([\w+\:]+)/; my $macaddr=$1;
- $packet =~ /PROTO=(\w+)/; my $proto=$1;
- $packet =~ /SPT=(\d+)/; my $srcport=$1;
- $packet =~ /DPT=(\d+)/; my $dstport=$1;
-
- my $gi = Geo::IP::PurePerl->new();
- my $ccode = $gi->country_code_by_name($srcaddr);
- my $fcode = lc($ccode);
-
- my $servi = uc(getservbyport($srcport, lc($proto)));
- if ($servi ne '' && $srcport < 1024) {
- $srcport = "$srcport($servi)"; }
- $servi = uc(getservbyport($dstport, lc($proto)));
- if ($servi ne '' && $dstport < 1024) {
- $dstport = "$dstport($servi)";}
- my @mactemp = split(/:/,$macaddr);
- $macaddr = "$mactemp[6]:$mactemp[7]:$mactemp[8]:$mactemp[9]:$mactemp[10]:$mactemp[11]";
- if ($lines % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n"; }
- else {
- print "<tr bgcolor='$color{'color22'}'>\n"; }
- print <<END
-
- <td align='center'>$time</td>
- <td align='center'>$comment</td>
- <td align='center'>$iface</td>
- <td align='center'>$proto</td>
- <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$srcaddr'>$srcaddr</a><br /><a href='/cgi-bin/ipinfo.cgi?ip=$dstaddr'>$dstaddr</a></td>
- <td align='center'>$srcport<br/>$dstport</td>
-END
-;
- if ( $fcode ne "" ){
- print "<td align='center'><a href='../country.cgi#$fcode'><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$ccode'></a></td>";}
- else {
- print "<td align='center'></td>";}
- print <<END
- <td align='center'>$macaddr</td>
-</tr>
-END
- ;
- $lines++;
-}
-
-print "</table>";
-
-&oldernewer();
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub oldernewer
-{
-print <<END
-<table width='100%'>
-<tr>
-END
-;
-
-print "<td align='center' width='50%'>";
-if ($prev != -1) {
- print "<a href='/cgi-bin/logs.cgi/firewalllog.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'}'>$Lang::tr{'older'}</a>"; }
-else {
- print "$Lang::tr{'older'}"; }
-print "</td>\n";
-
-print "<td align='center' width='50%'>";
-if ($next >= 0) {
- print "<a href='/cgi-bin/logs.cgi/firewalllog.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'}'>$Lang::tr{'newer'}</a>"; }
-else {
- print "$Lang::tr{'newer'}"; }
-print "</td>\n";
-
-print <<END
-</tr>
-</table>
-END
-;
-}
-
+++ /dev/null
-#!/usr/bin/perl
-#
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# JC HERITIER
-# page inspired from the initial firewalllog.dat
-#
-# Modified for IPFire by Christian Schmidt
-# and Michael Tremer (www.ipfire.org)
-
-use strict;
-use Geo::IP::PurePerl;
-use Getopt::Std;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-use POSIX();
-
-my %cgiparams=();
-my %settings=();
-my $pienumber;
-my $otherspie;
-my $showpie;
-my $sortcolumn;
-my $errormessage = '';
-
-$cgiparams{'pienumber'} = 10;
-$cgiparams{'otherspie'} = 1;
-$cgiparams{'showpie'} = 1;
-$cgiparams{'sortcolumn'} = 1;
-
-my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
- 'Sep', 'Oct', 'Nov', 'Dec' );
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime();
-my $dow = $now[6];
-my $doy = $now[7];
-my $tdoy = $now[7];
-my $year = $now[5]+1900;
-
-$cgiparams{'DAY'} = $now[3];
-$cgiparams{'MONTH'} = $now[4];
-$cgiparams{'ACTION'} = '';
-
-&General::readhash("${General::swroot}/fwlogs/ipsettings", \%settings);
-if ($settings{'pienumber'} != 0) { $cgiparams{'pienumber'} = $settings{'pienumber'} };
-if ($settings{'otherspie'} != 0) { $cgiparams{'otherspie'} = $settings{'otherspie'} };
-if ($settings{'showpie'} != 0) { $cgiparams{'showpie'} = $settings{'showpie'} };
-if ($settings{'sortcolumn'} != 0) { $cgiparams{'sortcolumn'} = $settings{'sortcolumn'} };
-
-&Header::getcgihash(\%cgiparams);
-if ($cgiparams{'pienumber'} != 0) { $settings{'pienumber'} = $cgiparams{'pienumber'} };
-if ($cgiparams{'otherspie'} != 0) { $settings{'otherspie'} = $cgiparams{'otherspie'} };
-if ($cgiparams{'showpie'} != 0) { $settings{'showpie'} = $cgiparams{'showpie'} };
-if ($cgiparams{'sortcolumn'} != 0) { $settings{'sortcolumn'} = $cgiparams{'sortcolumn'} };
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'save'})
-{
- &General::writehash("${General::swroot}/fwlogs/ipsettings", \%settings);
-}
-
-my $start = -1;
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
-{
- my @temp = split(',',$ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
-{
- $cgiparams{'DAY'} = $now[3];
- $cgiparams{'MONTH'} = $now[4];
-}
-elsif($cgiparams{'ACTION'} eq '>>')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the previous day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4]))
-{
- my @then = ();
- if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
- } else {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
- }
- $tdoy = $then[7];
- my $lastleap=($year-1)%4;
- if ($tdoy>$doy) {
- if ($lastleap == 0 && $tdoy < 60) {
- $doy=$tdoy+366;
- } else {
- $doy=$doy+365;
- }
- }
-}
-
-my $datediff=0;
-my $dowd=0;
-my $multifile=0;
-if ($tdoy ne $doy) {
- $datediff=int(($doy-$tdoy)/7);
- $dowd=($doy-$tdoy)%7;
- if (($dow-$dowd)<1) {
- $datediff=$datediff+1;
- }
- if (($dow-$dowd)==0) {
- $multifile=1;
- }
-}
-
-my $monthstr = $shortmonths[$cgiparams{'MONTH'}];
-my $longmonthstr = $longmonths[$cgiparams{'MONTH'}];
-my $day = $cgiparams{'DAY'};
-my $daystr='';
-if ($day <= 9) {
- $daystr = " $day"; }
-else {
- $daystr = $day;
-}
-
-my $skip=0;
-my $filestr='';
-if ($datediff==0) {
- $filestr="/var/log/messages";
-} else {
- $filestr="/var/log/messages.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
-}
-
-if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- # Note: This is in case the log does not exist for that date
-}
-my $lines = 0;
-my @log=();
-
-if (!$skip)
-{
- while (<FILE>)
- {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- $log[$lines] = $_;
- $lines++;
- }
- }
- close (FILE);
-}
-
-$skip=0;
-if ($multifile) {
- $datediff=$datediff-1;
- if ($datediff==0) {
- $filestr="/var/log/messages";
- } else {
- $filestr="/var/log/messages.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
- }
- if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- }
- if (!$skip) {
- while (<FILE>) {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- $log[$lines] = $_;
- $lines++;
- }
- }
- close (FILE);
- }
-}
-
-my $MODNAME="fwlogs";
-
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'firewall log'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td width='10%' class='base'>$Lang::tr{'month'}: </td>
- <td width='10%'>
- <select name='MONTH'>
-END
-;
-my $month;
-for ($month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print "selected='selected' "; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base' align='right'> $Lang::tr{'day'}: </td>
- <td width='40%'>
- <select name='DAY'>
-END
-;
-for ($day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print "selected='selected' "; }
- print "value='$day'>$day</option>\n";
-}
-
-if( $cgiparams{'pienumber'} != 0){$pienumber=$cgiparams{'pienumber'};}
-if( $cgiparams{'otherspie'} != 0){$otherspie=$cgiparams{'otherspie'};}
-if( $cgiparams{'showpie'} != 0){$showpie=$cgiparams{'showpie'};}
-if( $cgiparams{'sortcolumn'} != 0){$sortcolumn=$cgiparams{'sortcolumn'};}
-
-print <<END
-</select>
-</td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
-<td width='20%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
-</tr>
-</table>
-<table width='100%'>
-<tr><td width='20%' align='right' valign="center">$Lang::tr{'Number of IPs for the pie chart'}:</td>
- <td width='10%' align='left' valign="center"><input type='text' name='pienumber' value='$pienumber' size='4'></td>
- <td width='20%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td></tr>
- </table>
- </form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', 'Firewall Logs');
-print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
-
-my $linesjc = 0;
-my %tabjc;
-
-if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; };
-$lines = 0;
-foreach $_ (@log)
-{
- if($_ =~ /SRC\=([\d\.]+)/){
- $tabjc{$1} = $tabjc{$1} + 1 ;
- if(($tabjc{$1} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
- $linesjc++;
- }
-}
-
-$pienumber = $lines;
-
-my @keytabjc = keys %tabjc;
-
-my @slice;
-my $go;
-my $nblinejc;
-
-if( $cgiparams{'linejc'} eq 'all' ){ $nblinejc = $linesjc; $go=1; }
-if( ($cgiparams{'linejc'} != 0) && ($cgiparams{'linejc'} ne 'all') ){ $nblinejc = $cgiparams{'linejc'}; $go=1;}
-if( $go != 1){ $nblinejc = 1000; }
-
-my @key;
-my @value;
-my $indice=0;
-my @tabjc2;
-
-if ($sortcolumn == 1)
-{
- @tabjc2 = sort { $b <=> $a } values (%tabjc);
-}
-else
-{
- @tabjc2 = sort { $a <=> $b } keys (%tabjc);
-}
-
-my $colour=1;
-
-##############################################
-#pie chart generation
-use GD::Graph::pie;
-use GD::Graph::colour;
-#ips sort by hits number
-my $v;
-
-if ($sortcolumn == 1)
-{
- for ($v=0;$v<$pienumber;$v++){
- findkey($tabjc2[$v]);
- }
-}
-else
-{
- foreach $v (@tabjc2) {
- $key[$indice] = $v;
- $value[$indice] = $tabjc{$v};
- $indice++;
- }
-}
-
-my @ips;
-my @numb;
-
-@ips = @key;
-@numb = @value;
-
-my $o;
-
-if($cgiparams{'otherspie'} == 2 ){}
-else{
- my $numothers;
- for($o=0;$o<$pienumber;$o++){
- $numothers = $numothers + $numb[$o];
- }
- $numothers = $linesjc - $numothers;
- if ($numothers > 0) {
- $ips[$pienumber]="$Lang::tr{'otherip'}";
- $numb[$pienumber] = $numothers;
- }
-}
-
-my @data = (\@ips,\@numb);
-use GD::Graph::colour qw( :files );
-
-my $color=0;
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-if ($showpie != 2 && $pienumber <= 50 && $pienumber != 0) {
- my $mygraph = GD::Graph::pie->new(500, 350);
- $mygraph->set(
- 'title' => '',
- 'pie_height' => 50,
- 'start_angle' => 89
- ) or warn $mygraph->error;
-
- $mygraph->set_value_font(GD::gdMediumBoldFont);
- $mygraph->set( dclrs => [ "$color{'color1'}" , "$color{'color2'}" , "$color{'color3'}" , "$color{'color4'}" , "$color{'color5'}" , "$color{'color6'}" , "$color{'color7'}" , "$color{'color8'}" , "$color{'color9'}" , "$color{'color10'}" ] );
- my $myimage = $mygraph->plot(\@data) or die $mygraph->error;
-
- my @filenames = glob("/srv/web/ipfire/html/graphs/fwlog-ip*.png");
- unlink(@filenames);
- my $imagerandom = rand(1000000);
- my $imagename = "/srv/web/ipfire/html/graphs/fwlog-ip$imagerandom.png";
- open(FILE,">$imagename");
- print FILE $myimage->png;
- close(FILE);
- #####################################################
- print "<table align='center'><tr><td>";
- print "<img src='/graphs/fwlog-ip$imagerandom.png'>";
- print "</td></tr></table>";
-}
-
-print <<END
-<TABLE WIDTH='100%'>
-<TR>
-<TD WIDTH='10%' ALIGN='CENTER' CLASS='boldbase'></TD>
-<TD WIDTH='30%' ALIGN='CENTER' CLASS='boldbase'><B>IP</B></TD>
-<TD WIDTH='10%' ALIGN='CENTER' CLASS='boldbase'><B>Flag</B></TD>
-<TD WIDTH='10%' ALIGN='CENTER' CLASS='boldbase'><B>Count</B></TD>
-<TD WIDTH='30%' ALIGN='CENTER' CLASS='boldbase'><B>Percent</B></TD>
-</TR>
-END
-;
-
-my $total=0;
-my $show=0;
-
-my $s;
-my $percent;
-
-for($s=0;$s<$lines;$s++)
-{
- $show++;
- $percent = $value[$s] * 100 / $linesjc;
- $percent = sprintf("%.f", $percent);
- $total = $total + $value[$s];
- if ( ($color % 10) == 1 ){print "<TR BGCOLOR='$color{'color1'}'>\n";}
- if ( ($color % 10) == 2 ){print "<TR BGCOLOR='$color{'color2'}'>\n";}
- if ( ($color % 10) == 3 ){print "<TR BGCOLOR='$color{'color3'}'>\n";}
- if ( ($color % 10) == 4 ){print "<TR BGCOLOR='$color{'color4'}'>\n";}
- if ( ($color % 10) == 5 ){print "<TR BGCOLOR='$color{'color5'}'>\n";}
- if ( ($color % 10) == 6 ){print "<TR BGCOLOR='$color{'color6'}'>\n";}
- if ( ($color % 10) == 7 ){print "<TR BGCOLOR='$color{'color7'}'>\n";}
- if ( ($color % 10) == 8 ){print "<TR BGCOLOR='$color{'color8'}'>\n";}
- if ( ($color % 10) == 9 ){print "<TR BGCOLOR='$color{'color9'}'>\n";}
- if ( ($color % 10) == 0 ){print "<TR BGCOLOR='$color{'color10'}'>\n";}
-
- my $gi = Geo::IP::PurePerl->new();
- my $ccode = $gi->country_code_by_name($key[$s]);
- my $fcode = lc($ccode);
-
- $color++;
- print "<TD ALIGN='CENTER'><form method='post' action='showrequestfromip.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='ip' value='$key[$s]'> <input type='submit' value='details'></form></TD>";
- print "<TD ALIGN='CENTER'><a href='/cgi-bin/ipinfo.cgi?ip=$key[$s]'>$key[$s]</a></TD>";
- if ( $fcode ne "" ){
- print "<TD ALIGN='CENTER'><a href='/cgi-bin/country.cgi#$fcode'><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$ccode'></a></TD>";}
- else {
- print "<TD ALIGN='CENTER'></TD>";}
- print "<TD ALIGN='CENTER'>$value[$s]</TD>";
- print "<TD ALIGN='CENTER'>$percent</TD>";
- print "</TR>";
-}
-
-if($cgiparams{'otherspie'} == 2 ){}
-else{
-if ( ($color % 10) == 1 ){print "<TR BGCOLOR='$color{'color1'}'>\n";}
-if ( ($color % 10) == 2 ){print "<TR BGCOLOR='$color{'color2'}'>\n";}
-if ( ($color % 10) == 3 ){print "<TR BGCOLOR='$color{'color3'}'>\n";}
-if ( ($color % 10) == 4 ){print "<TR BGCOLOR='$color{'color4'}'>\n";}
-if ( ($color % 10) == 5 ){print "<TR BGCOLOR='$color{'color5'}'>\n";}
-if ( ($color % 10) == 6 ){print "<TR BGCOLOR='$color{'color6'}'>\n";}
-if ( ($color % 10) == 7 ){print "<TR BGCOLOR='$color{'color7'}'>\n";}
-if ( ($color % 10) == 8 ){print "<TR BGCOLOR='$color{'color8'}'>\n";}
-if ( ($color % 10) == 9 ){print "<TR BGCOLOR='$color{'color9'}'>\n";}
-if ( ($color % 10) == 0 ){print "<TR BGCOLOR='$color{'color10'}'>\n";}
-
-if ( $linesjc ne "0")
-{
-my $dif;
-$dif = $linesjc - $total;
-$percent = $dif * 100 / $linesjc;
-$percent = sprintf("%.f", $percent);
-print <<END
-<TD ALIGN='CENTER'></TD>
-<TD ALIGN='CENTER'>$Lang::tr{'otherip'}</TD>
-<TD ALIGN='CENTER'></TD>
-<TD ALIGN='CENTER'>$dif</TD>
-<TD ALIGN='CENTER'>$percent</TD>
-</TR>
-END
-;
-}
-}
-print <<END
-</TABLE>
-END
-;
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-sub findkey {
- my $v;
- foreach $v (@keytabjc) {
- if ($tabjc{$v} eq $_[0]) {
- delete $tabjc{$v};
- $key[$indice] = "$v";
- $value[$indice] = $_[0];
- $indice++;
- last;
- }
- }
-}sub checkversion {
- #Automatic Updates is disabled
- return "0","0";
- }
+++ /dev/null
-#!/usr/bin/perl
-#
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# JC HERITIER
-# page inspired from the initial firewalllog.dat
-#
-# Modified for IPFire by Christian Schmidt
-# and Michael Tremer (www.ipfire.org)
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-use POSIX();
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table2colour} );
-undef (@dummy);
-
-my %cgiparams=();
-my %settings=();
-my $pienumber;
-my $otherspie;
-my $showpie;
-my $sortcolumn;
-my $errormessage = '';
-
-$cgiparams{'pienumber'} = 10;
-$cgiparams{'otherspie'} = 1;
-$cgiparams{'showpie'} = 1;
-$cgiparams{'sortcolumn'} = 1;
-
-my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
- 'Sep', 'Oct', 'Nov', 'Dec' );
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime();
-my $dow = $now[6];
-my $doy = $now[7];
-my $tdoy = $now[7];
-my $year = $now[5]+1900;
-
-$cgiparams{'DAY'} = $now[3];
-$cgiparams{'MONTH'} = $now[4];
-$cgiparams{'ACTION'} = '';
-
-&General::readhash("${General::swroot}/fwlogs/portsettings", \%settings);
-if ($settings{'pienumber'} != 0) { $cgiparams{'pienumber'} = $settings{'pienumber'} };
-if ($settings{'otherspie'} != 0) { $cgiparams{'otherspie'} = $settings{'otherspie'} };
-if ($settings{'showpie'} != 0) { $cgiparams{'showpie'} = $settings{'showpie'} };
-if ($settings{'sortcolumn'} != 0) { $cgiparams{'sortcolumn'} = $settings{'sortcolumn'} };
-
-&Header::getcgihash(\%cgiparams);
-if ($cgiparams{'pienumber'} != 0) { $settings{'pienumber'} = $cgiparams{'pienumber'} };
-if ($cgiparams{'otherspie'} != 0) { $settings{'otherspie'} = $cgiparams{'otherspie'} };
-if ($cgiparams{'showpie'} != 0) { $settings{'showpie'} = $cgiparams{'showpie'} };
-if ($cgiparams{'sortcolumn'} != 0) { $settings{'sortcolumn'} = $cgiparams{'sortcolumn'} };
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'save'})
-{
- &General::writehash("${General::swroot}/fwlogs/portsettings", \%settings);
-}
-
-my $start = -1;
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
-{
- my @temp = split(',',$ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
-{
- $cgiparams{'DAY'} = $now[3];
- $cgiparams{'MONTH'} = $now[4];
-}
-elsif($cgiparams{'ACTION'} eq '>>')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the previous day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4]))
-{
- my @then = ();
- if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
- } else {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
- }
- $tdoy = $then[7];
- my $lastleap=($year-1)%4;
- if ($tdoy>$doy) {
- if ($lastleap == 0 && $tdoy < 60) {
- $doy=$tdoy+366;
- } else {
- $doy=$doy+365;
- }
- }
-}
-
-my $datediff=0;
-my $dowd=0;
-my $multifile=0;
-if ($tdoy ne $doy) {
- $datediff=int(($doy-$tdoy)/7);
- $dowd=($doy-$tdoy)%7;
- if (($dow-$dowd)<1) {
- $datediff=$datediff+1;
- }
- if (($dow-$dowd)==0) {
- $multifile=1;
- }
-}
-
-my $monthstr = $shortmonths[$cgiparams{'MONTH'}];
-my $longmonthstr = $longmonths[$cgiparams{'MONTH'}];
-my $day = $cgiparams{'DAY'};
-my $daystr='';
-if ($day <= 9) {
- $daystr = " $day"; }
-else {
- $daystr = $day;
-}
-
-my $skip=0;
-my $filestr='';
-if ($datediff==0) {
- $filestr="/var/log/messages";
-} else {
- $filestr="/var/log/messages.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
-}
-
-if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- # Note: This is in case the log does not exist for that date
-}
-my $lines = 0;
-my @log=();
-
-if (!$skip)
-{
- while (<FILE>)
- {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- $log[$lines] = $_;
- $lines++;
- }
- }
- close (FILE);
-}
-
-$skip=0;
-if ($multifile) {
- $datediff=$datediff-1;
- if ($datediff==0) {
- $filestr="/var/log/messages";
- } else {
- $filestr="/var/log/messages.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
- }
- if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- }
- if (!$skip) {
- while (<FILE>) {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- $log[$lines] = $_;
- $lines++;
- }
- }
- close (FILE);
- }
-}
-
-my $MODNAME="fwlogs";
-
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'firewall log'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td width='10%' class='base'>$Lang::tr{'month'}: </td>
- <td width='10%'>
- <select name='MONTH'>
-END
-;
-my $month;
-for ($month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print "selected='selected' "; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base' align='right'> $Lang::tr{'day'}: </td>
- <td width='40%'>
- <select name='DAY'>
-END
-;
-for ($day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print "selected='selected' "; }
- print "value='$day'>$day</option>\n";
-}
-
-if( $cgiparams{'pienumber'} != 0){$pienumber=$cgiparams{'pienumber'};}
-if( $cgiparams{'otherspie'} != 0){$otherspie=$cgiparams{'otherspie'};}
-if( $cgiparams{'showpie'} != 0){$showpie=$cgiparams{'showpie'};}
-if( $cgiparams{'sortcolumn'} != 0){$sortcolumn=$cgiparams{'sortcolumn'};}
-
-print <<END
-</select>
-</td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
-<td width='20%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
-</tr>
-</table>
-<table width='100%'>
-<tr><td width='20%' align='right' valign="center">$Lang::tr{'Number of Ports for the pie chart'}:</td>
- <td width='10%' align='left' valign="center"><input type='text' name='pienumber' value='$pienumber' size='4'></td>
- <td width='20%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td></tr>
- </table>
- </form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', 'Firewall Logs');
-print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
-
-my $linesjc = 0;
-my %tabjc;
-
-if ($pienumber == -1 || $pienumber > $lines || $sortcolumn == 2) { $pienumber = $lines; };
-$lines = 0;
-foreach $_ (@log)
-{
- if($_ =~ /DPT\=([\d\.]+)/){
- $tabjc{$1} = $tabjc{$1} + 1 ;
- if(($tabjc{$1} == 1) && ($lines < $pienumber)) { $lines = $lines + 1; }
- $linesjc++;
- }
-}
-
-$pienumber = $lines;
-
-my @keytabjc = keys %tabjc;
-
-my @slice;
-my $go;
-my $nblinejc;
-
-if( $cgiparams{'linejc'} eq 'all' ){ $nblinejc = $linesjc; $go=1; }
-if( ($cgiparams{'linejc'} != 0) && ($cgiparams{'linejc'} ne 'all') ){ $nblinejc = $cgiparams{'linejc'}; $go=1;}
-if( $go != 1){ $nblinejc = 1000; }
-
-my @key;
-my @value;
-my $indice=0;
-my @tabjc2;
-
-if ($sortcolumn == 1)
-{
- @tabjc2 = sort { $b <=> $a } values (%tabjc);
-}
-else
-{
- @tabjc2 = sort { $a <=> $b } keys (%tabjc);
-}
-
-my $color=10;
-
-
-
-##############################################
-#pie chart generation
-use GD::Graph::pie;
-use GD::Graph::colour;
-#ports sort by hits number
-#(port - number_of_hit) sorted by number_of_hit
-my $v;
-
-if ($sortcolumn == 1)
-{
- for ($v=0;$v<$pienumber;$v++){
- findkey($tabjc2[$v]);
- }
-}
-else
-{
- foreach $v (@tabjc2) {
- $key[$indice] = $v;
- $value[$indice] = $tabjc{$v};
- $indice++;
- }
-}
-
-my @ports;
-my @numb;
-
-@ports = @key;
-@numb = @value;
-
-my $o;
-
-if($cgiparams{'otherspie'} == 2 ){}
-else{
- my $numothers;
- for($o=0;$o<$pienumber;$o++){
- $numothers = $numothers + $numb[$o];
- }
- $numothers = $linesjc - $numothers;
- if ($numothers > 0) {
- $ports[$pienumber]="$Lang::tr{'otherport'}";
- $numb[$pienumber] = $numothers;
- }
-}
-
-my @data = (\@ports,\@numb);
-use GD::Graph::colour qw( :files );
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-if ($showpie != 2 && $pienumber <= 50 && $pienumber != 0) {
- my $mygraph = GD::Graph::pie->new(500, 350);
- $mygraph->set(
- 'title' => '',
- 'pie_height' => 50,
- 'start_angle' => 89
- ) or warn $mygraph->error;
-
- $mygraph->set_value_font(GD::gdMediumBoldFont);
- $mygraph->set( dclrs => [ "$color{'color1'}" , "$color{'color2'}" , "$color{'color3'}" , "$color{'color4'}" , "$color{'color5'}" , "$color{'color6'}" , "$color{'color7'}" , "$color{'color8'}" , "$color{'color9'}" , "$color{'color10'}" ] );
- my $myimage = $mygraph->plot(\@data) or die $mygraph->error;
-
- my @filenames = glob("/srv/web/ipfire/html/graphs/fwlog-port*.png");
- unlink(@filenames);
- my $imagerandom = rand(1000000);
- my $imagename = "/srv/web/ipfire/html/graphs/fwlog-port$imagerandom.png";
- open(FILE,">$imagename");
- print FILE $myimage->png;
- close(FILE);
- #####################################################
- print "<table align='center'><tr><td>";
- print "<img src='/graphs/fwlog-port$imagerandom.png'>";
- print "</td></tr></table>";
-}
-
-print <<END
-<TABLE WIDTH='100%'>
-<TR>
-<TD WIDTH='10%' ALIGN='CENTER' CLASS='boldbase'></TD>
-<TD WIDTH='33%' ALIGN='CENTER' CLASS='boldbase'><B>Port</B></TD>
-<TD WIDTH='33%' ALIGN='CENTER' CLASS='boldbase'><B>Count</B></TD>
-<TD WIDTH='33%' ALIGN='CENTER' CLASS='boldbase'><B>Percent</B></TD>
-</TR>
-END
-;
-
-my $total=0;
-my $show=0;
-
-my $s;
-my $percent;
-for($s=0;$s<$lines;$s++)
-{
- $show++;
- $percent = $value[$s] * 100 / $linesjc;
- $percent = sprintf("%.f", $percent);
- $total = $total + $value[$s];
- if ( ($color % 10) == 1 ){print "<TR BGCOLOR='$color{'color1'}'>\n";}
- if ( ($color % 10) == 2 ){print "<TR BGCOLOR='$color{'color2'}'>\n";}
- if ( ($color % 10) == 3 ){print "<TR BGCOLOR='$color{'color3'}'>\n";}
- if ( ($color % 10) == 4 ){print "<TR BGCOLOR='$color{'color4'}'>\n";}
- if ( ($color % 10) == 5 ){print "<TR BGCOLOR='$color{'color5'}'>\n";}
- if ( ($color % 10) == 6 ){print "<TR BGCOLOR='$color{'color6'}'>\n";}
- if ( ($color % 10) == 7 ){print "<TR BGCOLOR='$color{'color7'}'>\n";}
- if ( ($color % 10) == 8 ){print "<TR BGCOLOR='$color{'color8'}'>\n";}
- if ( ($color % 10) == 9 ){print "<TR BGCOLOR='$color{'color9'}'>\n";}
- if ( ($color % 10) == 0 ){print "<TR BGCOLOR='$color{'color10'}'>\n";}
-
- $color++;
- print "<TD ALIGN='CENTER'><form method='post' action='showrequestfromport.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='port' value='$key[$s]'> <input type='submit' value='details'></form></TD>";
- print "<TD ALIGN='CENTER'>$key[$s]</TD>";
- print "<TD ALIGN='CENTER'>$value[$s]</TD>";
- print "<TD ALIGN='CENTER'>$percent</TD>";
- print "</TR>";
-}
-
-if($cgiparams{'otherspie'} == 2 ){}
-else{
-if ( ($color % 10) == 1 ){print "<TR BGCOLOR='$color{'color1'}'>\n";}
-if ( ($color % 10) == 2 ){print "<TR BGCOLOR='$color{'color2'}'>\n";}
-if ( ($color % 10) == 3 ){print "<TR BGCOLOR='$color{'color3'}'>\n";}
-if ( ($color % 10) == 4 ){print "<TR BGCOLOR='$color{'color4'}'>\n";}
-if ( ($color % 10) == 5 ){print "<TR BGCOLOR='$color{'color5'}'>\n";}
-if ( ($color % 10) == 6 ){print "<TR BGCOLOR='$color{'color6'}'>\n";}
-if ( ($color % 10) == 7 ){print "<TR BGCOLOR='$color{'color7'}'>\n";}
-if ( ($color % 10) == 8 ){print "<TR BGCOLOR='$color{'color8'}'>\n";}
-if ( ($color % 10) == 9 ){print "<TR BGCOLOR='$color{'color9'}'>\n";}
-if ( ($color % 10) == 0 ){print "<TR BGCOLOR='$color{'color10'}'>\n";}
-
-if ( $linesjc ne "0")
-{
-my $dif;
-$dif = $linesjc - $total;
-$percent = $dif * 100 / $linesjc;
-$percent = sprintf("%.f", $percent);
-print <<END
-<TD ALIGN='CENTER'></TD>
-<TD ALIGN='CENTER'>$Lang::tr{'otherport'}</TD>
-<TD ALIGN='CENTER'>$dif</TD>
-<TD ALIGN='CENTER'>$percent</TD>
-</TR>
-END
-;
-}
-}
-print <<END
-</TABLE>
-END
-;
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-sub findkey {
- foreach $v (@keytabjc) {
- if ($tabjc{$v} eq $_[0]) {
- delete $tabjc{$v};
- $key[$indice] = "$v";
- $value[$indice] = $_[0];
- $indice++;
- last;
- }
- }
-}
-sub checkversion {
- #Automatic Updates is disabled
- return "0","0";
- }
+++ /dev/null
-#!/usr/bin/perl
-#
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The SmoothWall Team
-#
-# Copyright (C) 18-03-2002 Mark Wormgoor <mark@wormgoor.com>
-# - Added links to Snort database and ipinfo.cgi
-#
-# $Id: ids.dat,v 1.6.2.16 2005/06/14 08:25:30 eoberlander Exp $
-#
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-use POSIX();
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table1colour}, ${Header::table2colour} );
-undef (@dummy);
-
-my %cgiparams=();
-my %logsettings=();
-my @log=();
-my $errormessage = '';
-
-my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
- 'Sep', 'Oct', 'Nov', 'Dec' );
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime(time);
-my $dow = $now[6];
-my $doy = $now[7];
-my $tdoy = $now[7];
-my $year = $now[5]+1900;
-
-$cgiparams{'DAY'} = $now[3];
-$cgiparams{'MONTH'} = $now[4];
-$cgiparams{'ACTION'} = '';
-
-&Header::getcgihash(\%cgiparams);
-$logsettings{'LOGVIEW_REVERSE'} = 'off';
-&General::readhash("${General::swroot}/logging/settings", \%logsettings);
-${Header::viewsize} = defined ($logsettings{'LOGVIEW_VIEWSIZE'}) ? $logsettings{'LOGVIEW_VIEWSIZE'} : 150;
-$Header::viewsize /= 5; # each ids is displayed on 5 lines
-
-$now[4] = $cgiparams{'MONTH'}+1;
-if($now[4] < 10) {
- $now[4] = "0$now[4]"; }
-
-my $start = -1;
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
-{
- my @temp = split(',',$ ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
-{
- $cgiparams{'DAY'} = $now[3];
- $cgiparams{'MONTH'} = $now[4];
-}
-elsif($cgiparams{'ACTION'} eq '>>')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day +
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the previous day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-
-if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4]))
-{
- my @then = ();
- if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
- } else {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
- }
- $tdoy = $then[7];
- my $lastleap=($year-1)%4;
- if ($tdoy>$doy) {
- if ($lastleap == 0 && $tdoy < 60) {
- $doy=$doy+366;
- } else {
- $doy=$doy+365;
- }
- }
-}
-my $datediff=0;
-my $dowd=0;
-my $multifile=0;
-if ($tdoy ne $doy) {
- $datediff=int(($doy-$tdoy)/7);
- $dowd=($doy-$tdoy)%7;
- if (($dow-$dowd)<1) {
- $datediff=$datediff+1;
- }
- if (($dow-$dowd)==0) {
- $multifile=1;
- }
-}
-
-my $longmonthstr = $longmonths[$cgiparams{'MONTH'}];
-my $monthnum = $cgiparams{'MONTH'} + 1;
-my $monthstr = $monthnum <= 9 ? "0$monthnum" : "$monthnum";
-my $daystr = $cgiparams{'DAY'} <= 9 ? "0$cgiparams{'DAY'}" : "$cgiparams{'DAY'}";
-
-my $lines = 0;
-my ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid, @refs);
-
-&processevent;
-
-if ($multifile) {
- $datediff=$datediff-1;
- &processevent;
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'export'})
-{
- print "Content-type: text/plain\n\n";
- print "IPFire IDS snort log\r\n";
- print "Date: $cgiparams{'DAY'} $longmonths[$cgiparams{'MONTH'}]\r\n";
- print "\r\n";
-
- if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @log = reverse @log; }
-
- foreach $_ (@log)
- {
- my ($datetime,$title,$priority,$classification,$srcip,$srcport,$destip,$destport,$sid,$refs) = split(/\|/);
- $refs =~ s/,$//;
- print "Date: $datetime\n";
- print "Name: $title\n";
- print "Priority: $priority\n";
- print "Type: $classification\n";
- print "IP Info: ";
- print "$srcip";
- if ($srcport != "n/a") {
- print ":$srcport";
- }
- print " -> ";
- print "$destip";
- if ($destport != "n/a") {
- print ":$destport";
- }
- print "\n";
- print "SID: $sid\n";
- print "Refs: $refs\n\n";
- }
-
- exit;
-}
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'ids log viewer'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action="$ENV{'SCRIPT_NAME'}">
-<table width='100%'>
-<tr>
- <td width='10%' class='base'>$Lang::tr{'month'}: </td>
- <td width='10%'>
- <select name='MONTH'>
-END
-;
-for (my $month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print 'selected="selected" '; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base' align='right'> $Lang::tr{'day'}: </td>
- <td width='40%'>
- <select name='DAY'>
-END
-;
-for (my $day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print 'selected="selected" '; }
- print "value='$day'>$day</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
- <td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
- <td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
- <td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'export'}' /></td>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'log'});
-print "<p><b>$Lang::tr{'snort hits'} $longmonthstr $daystr: $lines</b></p>";
-
-if ($start == -1) {
- $start = $lines - ${Header::viewsize}; }
-if ($start >= $lines - ${Header::viewsize}) { $start = $lines - ${Header::viewsize}; };
-if ($start < 0) { $start = 0; }
-
-my $prev = $start - ${Header::viewsize};
-my $next = $start + ${Header::viewsize};
-
-if ($prev < 0) { $prev = 0; }
-if ($next >= $lines) { $next = -1 }
-if ($start == 0) { $prev = -1; }
-my @slice = splice(@log, $start, ${Header::viewsize});
-
-if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @slice = reverse @slice; }
-
-if ($lines != 0) {
-
-&oldernewer();
-
-$lines = 0;
-
-print <<END
-<table width='100%'>
-END
-;
-
-foreach $_ (@slice)
-{
- if ($lines % 2) {
- print "<tr bgcolor='$color{'color20'}'><td>\n"; }
- else {
- print "<tr bgcolor='$color{'color22'}'><td>\n"; }
- my ($datetime,$title,$priority,$classification,$srcip,$srcport,$destip,$destport,$sid,$refs) = split(/\|/);
- print <<END
-<table width='100%'>
-<tr>
-<td width='15%'><b>$Lang::tr{'date'}:</b></td><td width='25%'>$datetime</td>
-<td width='10%'><b>$Lang::tr{'name'}:</b></td><td width='50%'>$title</td>
-</tr>
-<tr><td><b>$Lang::tr{'priority'}:</b></td><td>$priority</td>
-<td><b>$Lang::tr{'type'}:</b></td><td>$classification</td>
-</tr>
-<tr><td><b>$Lang::tr{'ipinfo'}:</b></td>
-<td colspan='3'>
-END
- ;
- if ($srcip ne "n/a") {
- print "<a href='/cgi-bin/ipinfo.cgi?ip=$srcip'>$srcip</a>";
- } else {
- print "$srcip";
- }
- print ":$srcport -> ";
- if ($destip ne "n/a") {
- print "<a href='/cgi-bin/ipinfo.cgi?ip=$destip'>$destip</a>";
- } else {
- print "$destip";
- }
- print ":$destport";
-print <<END
-</td>
-</tr>
-<tr><td valign='top'><b>$Lang::tr{'references'}:</b></td><td valign='top'>
-END
-;
- foreach my $ref (split(/,/,$refs)) {
- if ($ref =~ m/url (.*)/) {
- print "<a href='http://$1'>$1</a><br />";
- } elsif ($ref =~ m/cve (.*)/) {
- print "<a href='http://cve.mitre.org/cgi-bin/cvename.cgi?name=$1'>$1</a><br />";
- } elsif ($ref =~ m/nessus (.*)/) {
- print "<a href='http://cgi.nessus.org/plugins/dump.php3?id=$1'>Nessus $1</a><br />";
- } elsif ($ref =~ m/bugtraq (.*)/) {
- print "<a href='http://www.securityfocus.com/bid/$1'>Bugtraq $1</a><br />";
- } else {
- print "$ref<br />";
- }
- }
- print $Lang::tr{'none found'} unless $refs =~ /,/;
-print <<END
-<td valign='top'><b>SID:</b></td>
-<td valign='top'>
-END
- ;
- if ($sid ne "n/a") {
- print "<a href='http://www.snort.org/pub-bin/sigs.cgi?sid=$sid' ";
- print "target='_blank'>$sid</a></td>\n";
- } else {
- print $sid;
- }
-print <<END
-</tr>
-</table>
-</td></tr>
-END
- ;
- $lines++;
-}
-
-print "</table>";
-
-}
-
-&oldernewer();
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub processevent
-{
- our ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid, @refs);
-
- my $filestr='';
- if ($datediff==0) {
- $filestr="/var/log/snort/alert";
- } else {
- $filestr="/var/log/snort/alert.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
- }
- if (!(open (LOG,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage="$errormessage$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- } else {
- my $line = 0;
-
- while(<LOG>) {
- $line++;
- if ($_ =~ m/\[\*\*\]/) {
- unless ($line == 1 || $date ne "$monthstr/$daystr") {
- &append;
- $line = 1;
- }
- ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid) = ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a");
- @refs = ();
- $_ =~ m/:([0-9]{1,4})\] (.*) \[\*\*\]/;
- $title = &Header::cleanhtml($2,"y");
- }
- if ($_ =~ m/Classification: (.*)\] \[Priority: (\d)\]/) {
- $classification = &Header::cleanhtml($1,"y");
- $priority = $2;
- }
- if ($_ =~ m/([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3}) \-\> ([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})/) {
- $srcip = $1 . "." . $2 . "." . $3 . "." . $4;
- $destip = $5 . "." . $6 . "." . $7 . "." . $8;
- }
- if ($_ =~ m/([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\:([0-9]{1,6}) \-\> ([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\:([0-9]{1,6})/) {
- $srcip = $1 . "." . $2 . "." . $3 . "." . $4;
- $srcport = $5;
- $destip = $6 . "." . $7 . "." . $8 . "." . $9;
- $destport = $10;
- }
-
- if ($_ =~ m/^([0-9\/]{3,5})\-([0-9\:]{5,8})\.([0-9]{1,14})/) {
- ($date,$time) = ($1,$2);
- }
- if ($_ =~ m/\[Xref \=\>.*\]/) {
- $_ =~ s/\]\[Xref \=\> /, /g;
- $_ =~ m/\[Xref \=\> (.*)\]/;
- push(@refs, $1);
- }
- if ($_ =~ m/\[1:([0-9]+):[0-9]+\]/) {
- $sid = $1;
- }
- }
- $line++;
- unless ($line == 1 || $date ne "$monthstr/$daystr") { &append; }
- close(LOG);
- }
-}
-
-sub append
-{
- our ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid, @refs);
-
- $log[$lines] = "$date $time|$title|$priority|$classification|$srcip|$srcport|$destip|$destport|$sid|";
- foreach $_ (@refs) {
- $log[$lines] = "$log[$lines]$_,"; }
- $lines++;
-}
-
-sub oldernewer
-{
-print <<END
-<table width='100%'>
-<tr>
-END
-;
-
-print "<td align='center' width='50%'>";
-if ($prev != -1) {
- print "<a href='/cgi-bin/logs.cgi/ids.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'}'>$Lang::tr{'older'}</a>"; }
-else {
- print "$Lang::tr{'older'}"; }
-print "</td>\n";
-
-print "<td align='center' width='50%'>";
-if ($next != -1) {
- print "<a href='/cgi-bin/logs.cgi/ids.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'}'>$Lang::tr{'newer'}</a>"; }
-else {
- print "$Lang::tr{'newer'}"; }
-print "</td>\n";
-
-print <<END
-</tr>
-</table>
-END
-;
-}
+++ /dev/null
-#!/usr/bin/perl
-#
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The SmoothWall Team
-#
-# $Id: log.dat,v 1.6.2.22 2006/01/03 12:47:17 franck78 Exp $
-#
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-use POSIX();
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table2colour} );
-undef (@dummy);
-
-my %cgiparams=();
-my %logsettings=();
-my $errormessage = '';
-
-my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
- 'Sep', 'Oct', 'Nov', 'Dec' );
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime();
-my $dow = $now[6];
-my $doy = $now[7];
-my $tdoy = $now[7];
-my $year = $now[5]+1900;
-
-$cgiparams{'DAY'} = $now[3];
-$cgiparams{'MONTH'} = $now[4];
-$cgiparams{'ACTION'} = '';
-$cgiparams{'SECTION'} = 'ipfire';
-
-my %sections = (
- 'ipfire' => '(ipfire)',
- 'red' => '(red.*|kernel: usb.*|pppd\[.*\]|chat\[.*\]|pppoe\[.*\]|pptp\[.*\]|pppoa\[.*\]|pppoa3\[.*\]|pppoeci\[.*\]|ipppd|ipppd\[.*\]|kernel: ippp\d|kernel: isdn.*|ibod\[.*\]|kernel: eth.*|dhcpcd\[.*\]|modem_run\[.*\])',
- 'dns' => '(dnsmasq\[.*\])',
- 'dhcp' => '(dhcpd)',
- 'cron' => '(fcron\[.*\])',
- 'ntp' => '(ntpd(?:ate)?\[.*\])',
- 'ssh' => '(sshd(?:\(.*\))?\[.*\])',
- 'auth' => '(\w+\(pam_unix\)\[.*\])',
- 'kernel' => '(kernel)',
- 'ipsec' => '(ipsec_[\w_]+|pluto\[.*\]|vpnwatch)',
- 'snort' => '(snort)',
- 'openvpn' => '(openvpnserver)\[.*\]'
- );
-
-# Translations for the %sections array.
-my %trsections = (
- 'ipfire' => 'IPFire',
- 'red' => 'RED',
- 'dns' => 'DNS',
- 'dhcp' => "$Lang::tr{'dhcp server'}",
- 'cron' => 'Cron',
- 'ntp' => 'NTP',
- 'ssh' => 'SSH',
- 'auth' => "$Lang::tr{'loginlogout'}",
- 'kernel' => "$Lang::tr{'kernel'}",
- 'ipsec' => 'IPSec',
- 'openvpn' => 'OpenVPN',
- 'snort' => 'Snort'
- );
-
-
-&Header::getcgihash(\%cgiparams);
-$logsettings{'LOGVIEW_REVERSE'} = 'off';
-&General::readhash("${General::swroot}/logging/settings", \%logsettings);
-${Header::viewsize} = defined ($logsettings{'LOGVIEW_VIEWSIZE'}) ? $logsettings{'LOGVIEW_VIEWSIZE'} : 150;
-
-my $start = ($logsettings{'LOGVIEW_REVERSE'} eq 'on') ? 0x7FFFF000 : 0; #index of firts line number to display
-
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
-{
- my @temp = split(',',$ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
- $cgiparams{'SECTION'} = $temp[3];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
-{
- $cgiparams{'DAY'} = $now[3];
- $cgiparams{'MONTH'} = $now[4];
-}
-elsif($cgiparams{'ACTION'} eq '>>')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- if ($cgiparams{'DAY'}) {
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day +
- ## 86400 seconds in a day
- } else {
- $temp_now[3] = 1;
- $temp_now[4] = ($temp_now[4]+1) %12;
- @temp_then = localtime(POSIX::mktime(@temp_now) );
- $temp_then[3] = 0;
- }
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- if ($cgiparams{'DAY'}) {
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the next day -
- ## 86400 seconds in a day
- } else {
- $temp_now[3] = 1;
- $temp_now[4] = ($temp_now[4]-1) %12;
- @temp_then = localtime(POSIX::mktime(@temp_now) );
- $temp_then[3] = 0;
- }
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-# Find in which file.gz is the log. Can be calculated because WEEKLY ROTATING of access.log
-my $gzindex;
-my $date = $cgiparams{'DAY'} == 0 ? '' : $cgiparams{'DAY'} <= 9 ? "0$cgiparams{'DAY'}" : "$cgiparams{'DAY'}";
-
-{
- my $xday;
-
- # Calculate time. If future date, calculate for past year !!!
- if (( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- $xday = POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 );
- $date = "$longmonths[$cgiparams{'MONTH'}] $date, ". int($year-1);
- } else {
- $xday = POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 );
- $date = "$longmonths[$cgiparams{'MONTH'}] $date, $year";
- }
-
- # calculate end of active week (saturday 23H59)
- my @then = ();
- @then = localtime(time());
- my $sunday = POSIX::mktime( 0, 0, 0, @then[3], @then[4], @then[5]);
- $sunday += (6-$then[6]) * 86400;
-
- # Convert delta in second to full weeks
- $gzindex = int (($sunday-$xday)/604800 );
-}
-
-my $monthstr = $shortmonths[$cgiparams{'MONTH'}];
-my $daystr = $cgiparams{'DAY'} == 0 ? '..' : $cgiparams{'DAY'} <= 9 ? " $cgiparams{'DAY'}" : "$cgiparams{'DAY'}";
-my $section = $sections{$cgiparams{'SECTION'}};
-
-my $lines = 0;
-my @log=();
-
-my $loop = 1;
-my $filestr = 0;
-my $lastdatetime; # for debug
-my $search_for_end = 0;
-
-while ($gzindex >=0 && $loop) {
- # calculate file name
- if ($gzindex == 0) {
- $filestr = "/var/log/messages";
- } else {
- $filestr = "/var/log/messages.$gzindex";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
- }
- # now read file if existing
- if (open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr))) {
- #&General::log("reading $filestr");
- READ:while (<FILE>) {
- my $line = $_;
- if ($line =~ /^${monthstr} ${daystr} ..:..:.. [\w\-]+ ${section}: (.*)/) {
- # when standart viewing, just keep in memory the correct slice
- # it starts a '$start' and size is $viewport
- # If export, then keep all lines...
- if ($cgiparams{'ACTION'} eq $Lang::tr{'export'}){
- $log[$lines++] = "$line";
- } else {
- if ($lines++ < ($start + $Header::viewsize)) {
- push(@log,"$line");
- if (@log > $Header::viewsize) {
- shift (@log);
- }
- #} else { dont do this optimisation, need to count lines !
- # $datetime = $maxtime; # we have read viewsize lines, stop main loop
- # last READ; # exit read file
- }
- }
- $search_for_end = 1; # we find the start of slice, can look for end now
- } else {
- if ($search_for_end == 1) {
- #finish read files when date is over (test month equality only)
- $line =~ /^(...) (..) ..:..:..*$/;
- $loop = 0 if ( ($1 ne $monthstr) || ( ($daystr ne '..') && ($daystr ne $2) ) );
- }
- }
- }
- close (FILE);
- }
- $gzindex--; # will try next gz file eg 40,39,38,.... because it may have holes when ipcop stopped
- # for a long time
-}# while
-
-# $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'export'})
-{
- print "Content-type: text/plain\n\n";
- print "IPFire diagnostics\r\n";
- print "$Lang::tr{'section'}: $cgiparams{'SECTION'}\n";
- print "$Lang::tr{'date'}: $date\r\n\r\n";
-
- if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @log = reverse @log; }
-
- foreach $_ (@log)
- {
- /^... (..) (..:..:..) [\w\-]+ ${section}: (.*)$/;
- my $day = $1;
- $day =~ tr / /0/;
- my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
- print "$time $3 $4\r\n";
- }
- exit 0;
-}
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'system logs'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td width='10%' class='base'>$Lang::tr{'section'}: </td>
- <td width='20%'>
- <select name='SECTION'>
-END
-;
-foreach $section (keys %sections) {
- print "\t<option ";
- if ($section eq $cgiparams{'SECTION'}) {
- print "selected='selected' "; }
- print "value='$section'>$trsections{$section}</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base' align='right'>$Lang::tr{'month'}: </td>
- <td width='10%'>
- <select name='MONTH'>
-END
-;
-for (my $month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print "selected='selected' "; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base' align='right'> $Lang::tr{'day'}: </td>
- <td width='40%'>
- <select name='DAY'>
-END
-;
-print "<option value='0'>$Lang::tr{'all'}</option>\n";
-for (my $day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print "selected='selected' "; }
- print "value='$day'>$day</option>\n";
-}
-print <<END
-</select>
-</td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
-<td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
-<td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'export'}' /></td>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'log'});
-print "<p><b>$Lang::tr{'total hits for log section'} $cgiparams{'SECTION'} $date: $lines</b></p>";
-
-$start = $lines - ${Header::viewsize} if ($start >= $lines - ${Header::viewsize});
-$start = 0 if ($start < 0);
-
-my $prev;
- if ($start == 0) {
- $prev = -1;
- } else {
- $prev = $start - ${Header::viewsize};
- $prev = 0 if ( $prev < 0);
- }
-
-my $next;
- if ($start == $lines - ${Header::viewsize}) {
- $next = -1;
- } else {
- $next = $start + ${Header::viewsize};
- $next = $lines - ${Header::viewsize} if ($next >= $lines - ${Header::viewsize});
- }
-
-if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @log = reverse @log; }
-if ($lines != 0) { &oldernewer(); }
-
-print <<END
-<table width='100%'>
-<tr>
- <td width='10%' align='center' class='boldbase'><b>$Lang::tr{'time'}</b></td>
- <td width='10%' align='center' class='boldbase'><b>$Lang::tr{'section'}</b></td>
- <td width='80%'> </td>
-</tr>
-END
-;
-
-$lines = 0;
-#print '<tt>';
-foreach $_ (@log)
-{
- /^... (..) (..:..:..) [\w\-]+ ${section}: (.*)$/;
- my $day = $1;
- $day =~ tr / /0/;
- my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
- my $sec = $3;
- my $data = $4;
- # correct the cut position, just when section=RED
- if (($cgiparams{'SECTION'} eq 'red' ) && ($sec =~ /(kernel:)(.*)/)) {
- $sec = 'kernel';
- $data = $2.': '.$data;
- }
- my $d = substr ($data,0,80);
- while (length($data)>80){ #very basic breaking of lines...
- $data = substr ($data,80); #permit correct display in table cell
- $d .= ' ' . substr ($data,0,80);
- }
-
-
- if ($lines % 2) {
- print "<tr bgcolor='$color{'color20'}'>"; }
- else {
- print "<tr bgcolor='$color{'color22'}'>"; }
- print "<td>$time<td>$sec<td>" .&Header::cleanhtml ("$d", 'y') . "</td></tr>\n";
- $lines++;
-}
-#print '</tt>';
-print "</table>";
-
-&oldernewer();
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub oldernewer
-{
-print <<END
-<table width='100%'>
-<tr>
-END
-;
-
-print "<td align='center' width='50%'>";
-if ($prev != -1) {
- print "<a href='/cgi-bin/logs.cgi/log.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'SECTION'}'>$Lang::tr{'older'}</a>"; }
-else {
- print "$Lang::tr{'older'}"; }
-print "</td>\n";
-
-print "<td align='center' width='50%'>";
-if ($next >= 0) {
- print "<a href='/cgi-bin/logs.cgi/log.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'SECTION'}'>$Lang::tr{'newer'}</a>"; }
-else {
- print "$Lang::tr{'newer'}"; }
-print "</td>\n";
-
-print <<END
-</tr>
-</table>
-END
-;
-}
+++ /dev/null
-#!/usr/bin/perl
-#
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The SmoothWall Team
-#
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-use POSIX();
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table2colour} );
-undef (@dummy);
-
-my %cgiparams=();
-my %logsettings=();
-my %ips=();
-my %users=();
-my %selected=();
-my %checked=();
-my @log=();
-my $errormessage = '';
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
- 'Sep', 'Oct', 'Nov', 'Dec' );
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime();
-my $dow = $now[6]; # day of week
-my $doy = $now[7]; # day of year (0..364)
-my $tdoy = $now[7];
-my $year = $now[5]+1900;
-
-$cgiparams{'DAY'} = $now[3];
-$cgiparams{'MONTH'} = $now[4];
-$cgiparams{'SOURCE_IP'} = 'ALL';
-$cgiparams{'FILTER'} = "[.](gif|jpeg|jpg|png|css|js)\$";
-$cgiparams{'ENABLE_FILTER'} = 'off';
-$cgiparams{'ACTION'} = '';
-
-&Header::getcgihash(\%cgiparams);
-$logsettings{'LOGVIEW_REVERSE'} = 'off';
-&General::readhash("${General::swroot}/logging/settings", \%logsettings);
-${Header::viewsize} = defined ($logsettings{'LOGVIEW_VIEWSIZE'}) ? $logsettings{'LOGVIEW_VIEWSIZE'} : 150;
-
-if ($cgiparams{'ACTION'} eq '')
-{
- $cgiparams{'ENABLE_FILTER'} = 'on';
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'restore defaults'})
-{
- $cgiparams{'FILTER'} = "[.](gif|jpeg|jpg|png|css|js)\$";
- $cgiparams{'ENABLE_FILTER'} = 'off';
-}
-
-{
- my %save=();
- $save{'FILTER'} = $cgiparams{'FILTER'};
- $save{'ENABLE_FILTER'} = $cgiparams{'ENABLE_FILTER'};
- &General::writehash("${General::swroot}/proxy/viewersettings", \%save);
- &General::readhash("${General::swroot}/proxy/viewersettings", \%save);
-}
-
-my $start = ($logsettings{'LOGVIEW_REVERSE'} eq 'on') ? 0x7FFFF000 : 0; #index of first line number to display
-
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
-{
- my @temp = split(',',$ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
- $cgiparams{'SOURCE_IP'} = $temp[3];
- $cgiparams{'USERNAME'} = $temp[4];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
-{
- $cgiparams{'DAY'} = $now[3];
- $cgiparams{'MONTH'} = $now[4];
-}
-elsif($cgiparams{'ACTION'} eq '>>')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- if ($cgiparams{'DAY'}) {
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day +
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
- } else {
- $temp_now[3] = 1;
- $temp_now[4] = ($temp_now[4]+1) %12;
- @temp_then = localtime(POSIX::mktime(@temp_now) );
- @temp_then[3] = 0;
- }
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- if ($cgiparams{'DAY'}) {
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the next day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
- } else {
- $temp_now[3] = 1;
- $temp_now[4] = ($temp_now[4]-1) %12;
- @temp_then = localtime(POSIX::mktime(@temp_now) );
- @temp_then[3] = 0;
- }
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-# Find in which file.gz is the log. Can be calculated because WEEKLY ROTATING of *.log
-my $gzindex;
-my $daystr = $cgiparams{'DAY'} == 0 ? '' :$cgiparams{'DAY'} <= 9 ? "0$cgiparams{'DAY'}" : "$cgiparams{'DAY'}";
-
-{
- my $xday;
-
- # Calculate time. If future date, calculate for past year !!!
- if (( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- $xday = POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 );
- $daystr = "$longmonths[$cgiparams{'MONTH'}] $daystr, ". int($year-1);
- } else {
- $xday = POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 );
- $daystr = "$longmonths[$cgiparams{'MONTH'}] $daystr, $year";
- }
-
- # calculate end of active week (saturday 23H59)
- my @then = ();
- @then = localtime(time());
- my $sunday = POSIX::mktime( 0, 0, 0, @then[3], @then[4], @then[5]);
- $sunday += (6-$then[6]) * 86400;
-
- # Convert delta in second to full weeks
- $gzindex = int (($sunday-$xday)/604800 );
-}
-
-
-my $filter = $cgiparams{'ENABLE_FILTER'} eq 'on' ? $cgiparams{'FILTER'} : '';
-my $sourceip = $cgiparams{'SOURCE_IP'};
-my $sourceall = $cgiparams{'SOURCE_IP'} eq 'ALL' ? 1 : 0;
-my $username = $cgiparams{'USERNAME'};
-my $usersall = $cgiparams{'USERNAME'} eq 'ALL' ? 1 : 0;
-
-my $lines = 0;
-my $temp = ();
-my $thiscode = '$temp =~ /$filter/;';
-eval($thiscode);
-if ($@ ne '')
-{
- $errormessage = "$Lang::tr{'bad ignore filter'}.$@<P>";
- $filter = '';
-} else {
- my $loop = 1;
- my $filestr = 0;
- my $lastdatetime; # for debug
-
- while ($gzindex >=0 && $loop) {
- # calculate file name
- if ($gzindex == 0) {
- $filestr = "/var/log/squid/access.log";
- } else {
- $filestr = "/var/log/squid/access.log.$gzindex";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
- }
- # now read file if existing
- if (open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr))) {
- #&General::log("reading $filestr");
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- $temp_now[5]--; # past year
- }
-
- $temp_now[2] = $temp_now[1] = $temp_now[0] = 0; # start at 00:00:00
- $temp_now[3] = 1 if ($cgiparams{'DAY'}==0); # All days selected, start at '1'
- my $mintime = POSIX::mktime(@temp_now);
- my $maxtime;
- if ($cgiparams{'DAY'}==0) { # full month
- if ($temp_now[4]++ == 12){
- $temp_now[4] = 0;
- $temp_now[5]++;
- };
- $maxtime = POSIX::mktime(@temp_now);
- } else {
- $maxtime = $mintime + 86400; # full day
- }
- READ:while (<FILE>) {
- my ($datetime,$do,$ip,$ray,$me,$far,$url,$so) = split;
- $ips{$ip}++;
- $users{$so}++;
- # for debug
- #$lastdatetime = $datetime;
-
- # collect lines between date && filter
- if (( ($datetime>$mintime)&&($datetime<$maxtime)) && !($url =~ /$filter/) &&
- ((($ip eq $sourceip) || $sourceall)) &&
- ((($so eq $username) || $usersall)))
- {
- # when standart viewing, just keep in memory the correct slices
- # it starts a '$start' and size is $viewport
- # If export, then keep all lines...
- if ($cgiparams{'ACTION'} eq $Lang::tr{'export'}){
- $log[$lines++] = "$datetime $ip $so $url";
- } else {
- if ($lines++ < ($start + $Header::viewsize)) {
- push(@log,"$datetime $ip $so $url");
- if (@log > $Header::viewsize) {
- shift (@log);
- }
- #} else { dont do this optimisation, need to count lines !
- # $datetime = $maxtime; # we have read viewsize lines, stop main loop
- # last READ; # exit read file
- }
- }
- }
-
- # finish loop when date of lines are past maxtime
- $loop = ($datetime < $maxtime);
- }
- close (FILE);
- }
- $gzindex--; # will try next gz file eg 40,39,38,.... because it may have holes when ipfire stopped
- # for a long time
-
- }
-
- #$errormessage="$errormessage$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- if (0) { # print last date record read
- my ($SECdt, $MINdt, $HOURdt, $DAYdt, $MONTHdt, $YEARdt) = localtime($lastdatetime);
- $SECdt = sprintf ("%.02d",$SECdt);
- $MINdt = sprintf ("%.02d",$MINdt);
- $HOURdt = sprintf ("%.02d",$HOURdt);
- $DAYdt = sprintf ("%.02d",$DAYdt);
- $MONTHdt = sprintf ("%.02d",$MONTHdt+1);
- $YEARdt = sprintf ("%.04d",$YEARdt+1900);
- &General::log ("$HOURdt:$MINdt:$SECdt, $DAYdt/$MONTHdt/$YEARdt--");
- }
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'export'})
-{
- print "Content-type: text/plain\n\n";
- print "IPFire proxy log\r\n";
- print "$Lang::tr{'date'}: $daystr\r\n";
- print "Source IP: $cgiparams{'SOURCE_IP'}\r\n";
- print "Username: $cgiparams{'USERNAME'}\r\n";
- if ($cgiparams{'ENABLE_FILTER'} eq 'on') {
- print "Ignore filter: $cgiparams{'FILTER'}\r\n"; }
- print "\r\n";
-
- if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @log = reverse @log; }
-
- foreach $_ (@log) {
- my ($datetime,$ip,$so,$url) = split;
- my ($SECdt, $MINdt, $HOURdt, $DAYdt, $MONTHdt, $YEARdt) = localtime($datetime);
- $SECdt = sprintf ("%.02d",$SECdt);
- $MINdt = sprintf ("%.02d",$MINdt);
- $HOURdt = sprintf ("%.02d",$HOURdt);
- if ($cgiparams{'DAY'}==0) { # full month
- $DAYdt = sprintf ("%.02d",$DAYdt);
- print "$DAYdt/$HOURdt:$MINdt:$SECdt $ip $so $url\n";
- } else {
- print "$HOURdt:$MINdt:$SECdt $ip $so $url\n";
- }
- }
- exit;
-}
-
-$selected{'SOURCE_IP'}{$cgiparams{'SOURCE_IP'}} = "selected='selected'";
-$selected{'USERNAME'}{$cgiparams{'USERNAME'}} = "selected='selected'";
-
-$checked{'ENABLE_FILTER'}{'off'} = '';
-$checked{'ENABLE_FILTER'}{'on'} = '';
-$checked{'ENABLE_FILTER'}{$cgiparams{'ENABLE_FILTER'}} = "checked='checked'";
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'proxy log viewer'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td width='10%' class='base'>$Lang::tr{'month'}:</td>
- <td width='20%'>
- <select name='MONTH'>
-END
-;
-
-for (my $month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print "selected='selected' "; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base' align='right'>$Lang::tr{'day'}: </td>
- <td width='10%'>
- <select name='DAY'>
-END
-;
-print "<option value='0'>$Lang::tr{'all'}</option>";
-for (my $day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print "selected='selected' "; }
- print "value='$day'>$day</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
- <td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
- <td width='25%' class='base'>$Lang::tr{'source ip'}:</td>
- <td width='15%'>
- <select name='SOURCE_IP'>
- <option value='ALL' $selected{'SOURCE_IP'}{'ALL'}>$Lang::tr{'caps all'}</option>
-END
-;
-foreach my $ip (sort keys %ips) {
- print "<option value='$ip' $selected{'SOURCE_IP'}{$ip}>$ip</option>\n"; }
-print <<END
- </select>
- </td>
-</tr>
-<tr>
- <td width='60%' colspan='6'> </td>
- <td width='25%' class='base'>$Lang::tr{'advproxy NCSA username'}:</td>
- <td width='15%'>
- <select name='USERNAME'>
- <option value='ALL' $selected{'USERNAME'}{'ALL'}>$Lang::tr{'caps all'}</option>
-END
-;
-foreach my $so (sort keys %users) {
- print "<option value='$so' $selected{'USERNAME'}{$so}>$so</option>\n"; }
-print <<END
- </select>
- </td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'ignore filter'}:</td>
- <td colspan='5'><input type='text' name='FILTER' value='$cgiparams{'FILTER'}' size='40' /></td>
- <td class='base'>$Lang::tr{'enable ignore filter'}:</td>
- <td><input type='checkbox' name='ENABLE_FILTER' value='on' $checked{'ENABLE_FILTER'}{'on'} /></td>
-</tr>
-</table>
-<div align='center'>
-<table width='50%'>
-<tr>
- <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'restore defaults'}' /></td>
- <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
- <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'export'}' /></td>
-</tr>
-</table>
-</div>
-</form>
-END
-;
-
-&Header::closebox();
-&Header::openbox('100%', 'left', $Lang::tr{'log'});
-
-
-$start = $lines - ${Header::viewsize} if ($start >= $lines - ${Header::viewsize});
-$start = 0 if ($start < 0);
-
-my $prev;
- if ($start == 0) {
- $prev = -1;
- } else {
- $prev = $start - ${Header::viewsize};
- $prev = 0 if ( $prev < 0);
- }
-
-my $next;
- if ($start == $lines - ${Header::viewsize}) {
- $next = -1;
- } else {
- $next = $start + ${Header::viewsize};
- $next = $lines - ${Header::viewsize} if ($next >= $lines - ${Header::viewsize});
- }
-
-if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @log = reverse @log; }
-
-print "<p><b>$Lang::tr{'web hits'} $daystr: $lines</b></p>";
-if ($lines != 0) { &oldernewer(); }
-print <<END
-<table width='100%'>
-<tr>
-<td width='10%' align='center' class='boldbase'><b>$Lang::tr{'time'}</b></td>
-<td width='15%' align='center' class='boldbase'><b>$Lang::tr{'source ip'}</b></td>
-<td width='12%' align='center' class='boldbase'><b>$Lang::tr{'advproxy NCSA username'}</b></td>
-<td width='63%' align='center' class='boldbase'><b>$Lang::tr{'website'}</b></td>
-</tr>
-END
-;
-my $ll = 0;
-foreach $_ (@log)
-{
- if ($ll % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n"; }
- else {
- print "<tr bgcolor='$color{'color20'}'>\n"; }
- my ($datetime,$ip,$so,$url) = split;
- my ($SECdt, $MINdt, $HOURdt, $DAYdt, $MONTHdt, $YEARdt) = localtime($datetime);
- $SECdt = sprintf ("%.02d",$SECdt);
- $MINdt = sprintf ("%.02d",$MINdt);
- $HOURdt = sprintf ("%.02d",$HOURdt);
-
- $url =~ /(^.{0,60})/;
- my $part = $1;
- unless (length($part) < 60) { $part = "${part}..."; }
- $url = &Header::cleanhtml($url,"y");
- $part = &Header::cleanhtml($part,"y");
- if ($cgiparams{'DAY'}==0) { # full month
- $DAYdt = sprintf ("%.02d/",$DAYdt);
- } else {
- $DAYdt='';
- }
- print <<END
- <td align='center'>$DAYdt$HOURdt:$MINdt:$SECdt</td>
- <td align='center'>$ip</td>
- <td align='center'>$so</td>
- <td align='left'><a href='$url' title='$url' target='_new'>$part</a></td>
-</tr>
-END
- ;
- $ll++;
-}
-
-print "</table>";
-
-&oldernewer();
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-
-sub oldernewer
-{
-print <<END
-<table width='100%'>
-<tr>
-END
-;
-
-print "<td align='center' width='50%'>";
-if ($prev != -1) {
- print "<a href='/cgi-bin/logs.cgi/proxylog.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'SOURCE_IP'},$cgiparams{'USERNAME'}'>$Lang::tr{'older'}</a>"; }
-else {
- print "$Lang::tr{'older'}"; }
-print "</td>\n";
-
-print "<td align='center' width='50%'>";
-if ($next >= 0 ) {
- print "<a href='/cgi-bin/logs.cgi/proxylog.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'SOURCE_IP'},$cgiparams{'USERNAME'}'>$Lang::tr{'newer'}</a>"; }
-else {
- print "$Lang::tr{'newer'}"; }
-print "</td>\n";
-
-print <<END
-</tr>
-</table>
-END
-;
-}
-
+++ /dev/null
-#!/usr/bin/perl
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# JC HERITIER
-# page inspired from the initial firewalllog.dat
-#
-# Modified for IPFire by Christian Schmidt (www.ipfire.org)
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-use POSIX();
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table2colour} );
-undef (@dummy);
-
-my %cgiparams=();
-my %logsettings=();
-my $errormessage = '';
-
-my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
- 'Sep', 'Oct', 'Nov', 'Dec' );
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime();
-my $dow = $now[6];
-my $doy = $now[7];
-my $tdoy = $now[7];
-my $year = $now[5]+1900;
-
-$cgiparams{'DAY'} = $now[3];
-$cgiparams{'MONTH'} = $now[4];
-$cgiparams{'ACTION'} = '';
-
-&Header::getcgihash(\%cgiparams);
-
-$logsettings{'LOGVIEW_REVERSE'} = 'off';
-&General::readhash("${General::swroot}/logging/settings", \%logsettings);
-
-my $start = -1;
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
-{
- my @temp = split(',',$ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
- $cgiparams{ip} = $temp[3];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
-{
- $cgiparams{'DAY'} = $now[3];
- $cgiparams{'MONTH'} = $now[4];
-}
-elsif($cgiparams{'ACTION'} eq '>>')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the previous day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4]))
-{
- my @then = ();
- if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
- } else {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
- }
- $tdoy = $then[7];
- my $lastleap=($year-1)%4;
- if ($tdoy>$doy) {
- if ($lastleap == 0 && $tdoy < 60) {
- $doy=$tdoy+366;
- } else {
- $doy=$doy+365;
- }
- }
-}
-my $datediff=0;
-my $dowd=0;
-my $multifile=0;
-if ($tdoy ne $doy) {
- $datediff=int(($doy-$tdoy)/7);
- $dowd=($doy-$tdoy)%7;
- if (($dow-$dowd)<1) {
- $datediff=$datediff+1;
- }
- if (($dow-$dowd)==0) {
- $multifile=1;
- }
-}
-
-my $monthstr = $shortmonths[$cgiparams{'MONTH'}];
-my $longmonthstr = $longmonths[$cgiparams{'MONTH'}];
-my $day = $cgiparams{'DAY'};
-my $daystr='';
-if ($day <= 9) {
- $daystr = " $day"; }
-else {
- $daystr = $day;
-}
-
-my $skip=0;
-my $filestr='';
-if ($datediff==0) {
- $filestr="/var/log/messages";
-} else {
- $filestr="/var/log/messages.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
-}
-
-if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- # Note: This is in case the log does not exist for that date
-}
-my $lines = 0;
-my @log=();
-my $ip = $cgiparams{ip};
-
-if (!$skip)
-{
- while (<FILE>)
- {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /SRC\=([\d\.]+)/){
- if($1 eq $ip){
- $log[$lines] = $_;
- $lines++;
- }
- }
- }
- }
- close (FILE);
-}
-
-$skip=0;
-if ($multifile) {
- $datediff=$datediff-1;
- if ($datediff==0) {
- $filestr="/var/log/messages";
- } else {
- $filestr="/var/log/messages.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
- }
- if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- }
- if (!$skip) {
- while (<FILE>) {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /SRC\=([\d\.]+)/){
- if($1 eq $ip){
- $log[$lines] = $_;
- $lines++;
- }
- }
- }
- }
- close (FILE);
- }
-}
-
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'firewall log'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td width='10%' class='base'>$Lang::tr{'month'}: </td>
- <td width='10%'>
- <select name='MONTH'>
-END
-;
-my $month;
-for ($month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print "selected='selected' "; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base' align='right'> $Lang::tr{'day'}: </td>
- <td width='40%'>
- <select name='DAY'>
-END
-;
-for ($day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print "selected='selected' "; }
- print "value='$day'>$day</option>\n";
-}
-print <<END
-</select>
-</td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
-<td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
-<tr><td width='15%'>$Lang::tr{'source ip'}</td><td><input type='text' name='ip' value='$cgiparams{ip}'size='15'></td></tr>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'firewall log'});
-print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
-
-if ($start == -1) {
- $start = $lines - ${Header::viewsize}; }
-if ($start >= $lines - ${Header::viewsize}) { $start = $lines - ${Header::viewsize}; };
-if ($start < 0) { $start = 0; }
-
-my $prev = $start - ${Header::viewsize};
-my $next = $start + ${Header::viewsize};
-
-if ($prev < 0) { $prev = 0; }
-if ($next >= $lines) { $next = -1 }
-if ($start == 0) { $prev = -1; }
-
-if ($lines != 0) { &oldernewer(); }
-
-print <<END
-<TABLE WIDTH='100%'>
-<TR>
-<TD WIDTH='10%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'time'}</B></TD>
-<TD WIDTH='13%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'chain'}</B></TD>
-<TD WIDTH='5%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'iface'}</B></TD>
-<TD WIDTH='5%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'proto'}</B></TD>
-<TD WIDTH='16%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'source'}</B></TD>
-<TD WIDTH='10%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'src port'}</B></TD>
-<TD WIDTH='16%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'destination'}</B></TD>
-<TD WIDTH='16%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'dst port'}</B></TD>
-</TR>
-END
-;
-
-my @slice = splice(@log, $start, ${Header::viewsize});
-
-if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @slice = reverse @slice; }
-
-$lines = 0;
-foreach $_ (@slice)
-{
- $a = $_;
- if($_ =~ /SRC\=([\d\.]+)/){
- if($1 eq $ip){
- my $chain = '';
- my $in = '-'; my $out = '-';
- my $srcaddr = ''; my $dstaddr = '';
- my $protostr = '';
- my $srcport = ''; my $dstport = '';
-
- $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
- my $timestamp = $1; my $chain = $2; my $packet = $3;
- $timestamp =~ /(...) (..) (..:..:..)/;
- my $month = $1; my $day = $2; my $time = $3;
-
- if ($a =~ /IN\=(\w+)/) { $in = $1; }
- if ($a =~ /OUT\=(\w+)/) { $out = $1; }
- if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
- if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
- if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
- my $protostrlc = lc($protostr);
- if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
- if ($a =~ /DPT\=([\d\.]+)/){ $dstport = $1; }
- $a =~ /IN=(\w+)/; my $iface=$1;
-
- if ($lines % 2) {
- print "<tr bgcolor='${Header::table1colour}'>\n"; }
- else {
- print "<tr bgcolor='${Header::table2colour}'>\n"; }
- print <<END
- <TD ALIGN='CENTER'>$time</TD>
- <TD ALIGN='CENTER'>$chain</TD>
- <TD ALIGN='CENTER'>$iface</TD>
- <TD ALIGN='CENTER'>$protostr</TD>
- <td align='center'>
- <table width='100%' cellpadding='0' cellspacing='0'><tr>
- <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$srcaddr'>$srcaddr</a></td>
- </tr></table>
- </td>
- <TD ALIGN='CENTER'>$srcport</TD>
- <td align='center'>
- <table width='100%' cellpadding='0' cellspacing='0'><tr>
- <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$dstaddr'>$dstaddr</a></td>
- </tr></table>
- </td>
- <TD ALIGN='CENTER'>$dstport</TD>
-</TR>
-END
- ;
- $lines++;
- }
- }
-}
-
-print <<END
-</TABLE>
-END
-;
-
-&oldernewer();
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub oldernewer
-{
-print <<END
-<table width='100%'>
-<tr>
-END
-;
-
-print "<td align='center' width='50%'>";
-if ($prev != -1) {
- print "<a href='/cgi-bin/logs.cgi/showrequestfromip.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{ip}'>$Lang::tr{'older'}</a>"; }
-else {
- print "$Lang::tr{'older'}"; }
-print "</td>\n";
-
-print "<td align='center' width='50%'>";
-if ($next != -1) {
- print "<a href='/cgi-bin/logs.cgi/showrequestfromip.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{ip}'>$Lang::tr{'newer'}</a>"; }
-else {
- print "$Lang::tr{'newer'}"; }
-print "</td>\n";
-
-print <<END
-</tr>
-</table>
-END
-;
-}
+++ /dev/null
-#!/usr/bin/perl
-#
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# JC HERITIER
-# page inspired from the initial firewalllog.dat
-#
-# Modified for IPFire by Christian Schmidt (www.ipfire.org)
-
-#Aug 28 14:54:30 shite kernel: IN=ppp0 OUT= MAC= SRC=213.48.150.1
-#DST=213.208.115.234 LEN=110 TOS=0x00 PREC=0x00 TTL=60 ID=30699 DF PROTO=TCP
-#SPT=6667 DPT=62593 WINDOW=2505 RES=0x00 ACK PSH URGP=0
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-use POSIX();
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::table2colour} );
-undef (@dummy);
-
-my %cgiparams=();
-my %logsettings=();
-my $errormessage = '';
-
-my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
- 'Sep', 'Oct', 'Nov', 'Dec' );
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime();
-my $dow = $now[6];
-my $doy = $now[7];
-my $tdoy = $now[7];
-my $year = $now[5]+1900;
-
-$cgiparams{'DAY'} = $now[3];
-$cgiparams{'MONTH'} = $now[4];
-$cgiparams{'ACTION'} = '';
-
-&Header::getcgihash(\%cgiparams);
-
-$logsettings{'LOGVIEW_REVERSE'} = 'off';
-&General::readhash("${General::swroot}/logging/settings", \%logsettings);
-
-my $start = -1;
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
-{
- my @temp = split(',',$ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
- $cgiparams{port} = $temp[3];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
-{
- $cgiparams{'DAY'} = $now[3];
- $cgiparams{'MONTH'} = $now[4];
-}
-elsif($cgiparams{'ACTION'} eq '>>')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<')
-{
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the previous day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4]))
-{
- my @then = ();
- if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
- } else {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
- }
- $tdoy = $then[7];
- my $lastleap=($year-1)%4;
- if ($tdoy>$doy) {
- if ($lastleap == 0 && $tdoy < 60) {
- $doy=$tdoy+366;
- } else {
- $doy=$doy+365;
- }
- }
-}
-my $datediff=0;
-my $dowd=0;
-my $multifile=0;
-if ($tdoy ne $doy) {
- $datediff=int(($doy-$tdoy)/7);
- $dowd=($doy-$tdoy)%7;
- if (($dow-$dowd)<1) {
- $datediff=$datediff+1;
- }
- if (($dow-$dowd)==0) {
- $multifile=1;
- }
-}
-
-my $monthstr = $shortmonths[$cgiparams{'MONTH'}];
-my $longmonthstr = $longmonths[$cgiparams{'MONTH'}];
-my $day = $cgiparams{'DAY'};
-my $daystr='';
-if ($day <= 9) {
- $daystr = " $day"; }
-else {
- $daystr = $day;
-}
-
-my $skip=0;
-my $filestr='';
-if ($datediff==0) {
- $filestr="/var/log/messages";
-} else {
- $filestr="/var/log/messages.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
-}
-
-if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- # Note: This is in case the log does not exist for that date
-}
-my $lines = 0;
-my @log=();
-my $port = $cgiparams{port};
-
-if (!$skip)
-{
- while (<FILE>)
- {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /DPT\=([\d\.]+)/){
- if($1 eq $port){
- $log[$lines] = $_;
- $lines++;
- }
- }
- }
- }
- close (FILE);
-}
-
-$skip=0;
-if ($multifile) {
- $datediff=$datediff-1;
- if ($datediff==0) {
- $filestr="/var/log/messages";
- } else {
- $filestr="/var/log/messages.$datediff";
- $filestr = "$filestr.gz" if -f "$filestr.gz";
- }
- if (!(open (FILE,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
- $errormessage="$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- }
- if (!$skip) {
- while (<FILE>) {
- if (/(^${monthstr} ${daystr} ..:..:..) [\w\-]+ kernel:.*(IN=.*)$/) {
- if($_ =~ /DPT\=([\d\.]+)/){
- if($1 eq $port){
- $log[$lines] = $_;
- $lines++;
- }
- }
- }
- }
- close (FILE);
- }
-}
-
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'firewall log'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td width='10%' class='base'>$Lang::tr{'month'}: </td>
- <td width='10%'>
- <select name='MONTH'>
-END
-;
-my $month;
-for ($month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print "selected='selected' "; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base' align='right'> $Lang::tr{'day'}: </td>
- <td width='40%'>
- <select name='DAY'>
-END
-;
-for ($day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print "selected='selected' "; }
- print "value='$day'>$day</option>\n";
-}
-print <<END
-</select>
-</td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
-<td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
-<tr><td width='15%'>$Lang::tr{'destination port'}</td><td><input type='text' name='port' value='$cgiparams{port}'size='15'></td></tr>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'firewall log'});
-print "<p><b>$Lang::tr{'firewall hits'} $longmonthstr $daystr: $lines</b></p>";
-
-if ($start == -1) {
- $start = $lines - ${Header::viewsize}; }
-if ($start >= $lines - ${Header::viewsize}) { $start = $lines - ${Header::viewsize}; };
-if ($start < 0) { $start = 0; }
-
-my $prev = $start - ${Header::viewsize};
-my $next = $start + ${Header::viewsize};
-
-if ($prev < 0) { $prev = 0; }
-if ($next >= $lines) { $next = -1 }
-if ($start == 0) { $prev = -1; }
-
-if ($lines != 0) { &oldernewer(); }
-
-print <<END
-<TABLE WIDTH='100%'>
-<TR>
-<TD WIDTH='10%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'time'}</B></TD>
-<TD WIDTH='5%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'chain'}</B></TD>
-<TD WIDTH='5%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'iface'}</B></TD>
-<TD WIDTH='5%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'proto'}</B></TD>
-<TD WIDTH='20%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'source'}</B></TD>
-<TD WIDTH='10%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'src port'}</B></TD>
-<TD WIDTH='20%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'destination'}</B></TD>
-<TD WIDTH='10%' ALIGN='CENTER' CLASS='boldbase'><B>$Lang::tr{'dst port'}</B></TD>
-</TR>
-END
-;
-my @slice = splice(@log, $start, ${Header::viewsize});
-
-if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @slice = reverse @slice; }
-
-$lines = 0;
-foreach $_ (@slice)
-{
- $a = $_;
- if($_ =~ /DPT\=([\d\.]+)/){
- if($1 eq $port){
- my $chain = '';
- my $in = '-'; my $out = '-';
- my $srcaddr = ''; my $dstaddr = '';
- my $protostr = '';
- my $srcport = ''; my $dstport = '';
-
- $_ =~ /(^.* ..:..:..) [\w\-]+ kernel:(.*)(IN=.*)$/;
- my $timestamp = $1; my $chain = $2; my $packet = $3;
- $timestamp =~ /(...) (..) (..:..:..)/;
- my $month = $1; my $day = $2; my $time = $3;
-
- if ($a =~ /IN\=(\w+)/) { $in = $1; }
- if ($a =~ /OUT\=(\w+)/) { $out = $1; }
- if ($a =~ /SRC\=([\d\.]+)/) { $srcaddr = $1; }
- if ($a =~ /DST\=([\d\.]+)/) { $dstaddr = $1; }
- if ($a =~ /PROTO\=(\w+)/) { $protostr = $1; }
- my $protostrlc = lc($protostr);
- if ($a =~ /SPT\=([\d\.]+)/){ $srcport = $1; }
- if ($a =~ /DPT\=([\d\.]+)/){ $dstport = $1; }
- $a =~ /IN=(\w+)/; my $iface=$1;
-
- if ($lines % 2) {
- print "<tr bgcolor='${Header::table1colour}'>\n"; }
- else {
- print "<tr bgcolor='${Header::table2colour}'>\n"; }
- print <<END
- <TD ALIGN='CENTER'>$time</TD>
- <TD ALIGN='CENTER'>$chain</TD>
- <TD ALIGN='CENTER'>$iface</TD>
- <TD ALIGN='CENTER'>$protostr</TD>
- <td align='center'>
- <table width='100%' cellpadding='0' cellspacing='0'><tr>
- <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$srcaddr'>$srcaddr</a></td>
- </tr></table>
- </td>
- <TD ALIGN='CENTER'>$srcport</TD>
- <td align='center'>
- <table width='100%' cellpadding='0' cellspacing='0'><tr>
- <td align='center'><a href='/cgi-bin/ipinfo.cgi?ip=$dstaddr'>$dstaddr</a></td>
- </tr></table>
- </td>
- <TD ALIGN='CENTER'>$dstport</TD>
-</TR>
-END
- ;
- $lines++;
- }
- }
-}
-
-print <<END
-</TABLE>
-END
-;
-
-&oldernewer();
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub oldernewer
-{
-print <<END
-<table width='100%'>
-<tr>
-END
-;
-
-print "<td align='center' width='50%'>";
-if ($prev != -1) {
- print "<a href='/cgi-bin/logs.cgi/showrequestfromport.dat?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{port}'>$Lang::tr{'older'}</a>"; }
-else {
- print "$Lang::tr{'older'}"; }
-print "</td>\n";
-
-print "<td align='center' width='50%'>";
-if ($next != -1) {
- print "<a href='/cgi-bin/logs.cgi/showrequestfromport.dat?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{port}'>$Lang::tr{'newer'}</a>"; }
-else {
- print "$Lang::tr{'newer'}"; }
-print "</td>\n";
-
-print <<END
-</tr>
-</table>
-END
-;
-}
-
+++ /dev/null
-#!/usr/bin/perl
-#
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The SmoothWall Team
-#
-# $Id: summary.dat,v 1.3.2.14 2005/07/10 00:48:42 franck78 Exp $
-#
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-use POSIX();
-
-my %cgiparams=();
-my $errormessage = '';
-
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime();
-my $year = $now[5]+1900;
-
-$cgiparams{'MONTH'} = '';
-$cgiparams{'DAY'} = '';
-$cgiparams{'ACTION'} = '';
-
-&Header::getcgihash(\%cgiparams);
-
-my $start = -1;
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'}) {
- my @temp = split(',',$ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/)) {
- # Reports are generated at the end of the day, so if nothing is selected
- # we need to display yesterdays (todays won't have been generated yet)
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $now[4];
- $temp_now[3] = $now[3];
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the previous day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '>>') {
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day +
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<') {
- my @temp_then=();
- my @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the previous day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4])) {
- if ( ($cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ($cgiparams{'MONTH'} > $now[4]) ) {
- $year = $year - 1;
- }
-}
-
-my $monthnum = $cgiparams{'MONTH'} + 1;
-my $monthstr = $monthnum <= 9 ? "0$monthnum" : "$monthnum";
-my $longmonthstr = $longmonths[$cgiparams{'MONTH'}];
-my $daystr = $cgiparams{'DAY'} <= 9 ? "0$cgiparams{'DAY'}" : "$cgiparams{'DAY'}";
-
-my $skip=0;
-my $filestr="/var/log/logwatch/$year-$monthstr-$daystr";
-
-if (!(open (FILE,$filestr))) {
- $errormessage = "$Lang::tr{'date not in logs'}: $filestr $Lang::tr{'could not be opened'}";
- $skip=1;
- # Note: This is in case the log does not exist for that date
-}
-
-if (! $skip && $cgiparams{'ACTION'} eq $Lang::tr{'export'}) {
- print "Content-type: text/plain\n\n";
-
- while (<FILE>) {
- print "$_\r\n";
- }
- close (FILE);
- exit 0;
-}
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'log summary'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td width='10%' class='base'>$Lang::tr{'month'}:</td>
- <td width='25%'>
- <select name='MONTH'>
-END
-;
-for (my $month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print "selected='selected' "; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='10%' class='base'>$Lang::tr{'day'}:</td>
- <td width='25%'>
- <select name='DAY'>
-END
-;
-for (my $day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print "selected='selected' "; }
- print "value='$day'>$day</option>\n";
-}
-print <<END
-</select>
-</td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
-<td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
-<td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
-<td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'export'}' /></td>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-my $header = 0;
-my @content=();
-
-if(!$skip)
-{
- while (<FILE>) {
- if (/^\s*--+ ([^-]+) Begin --+\s*$/) {
- # New Section. open box
- @content = ();
- &Header::openbox('100%', 'left', $Lang::tr{"ls_\L$1"} ? $Lang::tr{"ls_\L$1"} : $1);
- print "<pre>";
- } elsif (/^\s*--+ ([^-]+) End --+\s*$/) {
- # End of Section, kill leading and trailing blanks, print info, close
- # box
- while ( $content[0] =~ /^\s*$/ ) { shift @content; }
- while ( $content[$#content] =~ /^\s*$/ ) { pop @content; }
- foreach $_ (@content) { $_ =~ s/\s*$//; print &Header::cleanhtml($_,"y")."\n"; }
- print "\n</pre>";
- &Header::closebox();
- } elsif (/^\s*#+ LogWatch [^#]+[)] #+\s*$/) {
- # Start of logwatch header, skip it
- $header = 1;
- } elsif (/^\s*#+\s*$/) {
- # End of logwatch header
- $header = 0;
- } elsif (/^\s*#+ LogWatch End #+\s*$/) {
- # End of report
- } elsif ($header eq 0) {
- push(@content,$_);
- }
- }
- close (FILE);
-}
-
-&Header::closebigbox();
-
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-#
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The SmoothWall Team
-#
-# $Id: urlfilter.dat,v 1.4 2005/05/15 00:00:00 marco Exp $
-#
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-use POSIX();
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my $dbdir = "${General::swroot}/urlfilter/blacklists";
-my $logdir = "/var/log/squidGuard";
-
-my %cgiparams=();
-my %logsettings=();
-my %filtersettings=();
-my %selected=();
-
-my $errormessage='';
-
-my @log=();
-my $logarch='';
-my $date='';
-my $time='';
-my $pid='';
-my @loginfo=();
-my @ip=();
-my @category=();
-my $dsturl='';
-my $site='';
-my $attr1='';
-my $attr2='';
-
-my $start=0;
-my $prev=0;
-my $next=0;
-my $lines=0;
-my @slice=();
-
-my @then=();
-my @temp=();
-my @temp_then=();
-my @temp_now=();
-my $lastleap='';
-
-my $day='';
-my $daystr='';
-my $month='';
-my $monthstr='';
-my $longmonthstr='';
-my $year='';
-
-my $logday='';
-my $logmonth='';
-my $logyear='';
-
-my @shortmonths = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug',
- 'Sep', 'Oct', 'Nov', 'Dec' );
-my @longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-my @now = localtime(time);
-my $doy = $now[7];
-my $tdoy = $now[7];
-my $year = $now[5]+1900;
-
-$cgiparams{'DAY'} = $now[3];
-$cgiparams{'MONTH'} = $now[4];
-$cgiparams{'LOGTYPE'} = 'urlfilter';
-
-&Header::getcgihash(\%cgiparams);
-$logsettings{'LOGVIEW_REVERSE'} = 'off';
-&General::readhash("${General::swroot}/logging/settings", \%logsettings);
-if (-e "${General::swroot}/urlfilter/settings")
-{
- &General::readhash("${General::swroot}/urlfilter/settings", \%filtersettings);
-}
-
-$now[4] = $cgiparams{'MONTH'}+1;
-if($now[4] < 10) {
- $now[4] = "0$now[4]"; }
-
-$start = -1;
-
-if ($ENV{'QUERY_STRING'} && $cgiparams{'ACTION'} ne $Lang::tr{'update'})
-{
- @temp = split(',',$ ENV{'QUERY_STRING'});
- $start = $temp[0];
- $cgiparams{'MONTH'} = $temp[1];
- $cgiparams{'DAY'} = $temp[2];
- $cgiparams{'LOGTYPE'} = $temp[3];
-}
-
-if (!($cgiparams{'MONTH'} =~ /^(0|1|2|3|4|5|6|7|8|9|10|11)$/) ||
- !($cgiparams{'DAY'} =~ /^(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31)$/))
-{
- $cgiparams{'DAY'} = $now[3];
- $cgiparams{'MONTH'} = $now[4];
-}
-elsif($cgiparams{'ACTION'} eq '>>')
-{
- @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) + 86400);
- ## Retrieve the same time on the next day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-elsif($cgiparams{'ACTION'} eq '<<')
-{
- @temp_now = localtime(time);
- $temp_now[4] = $cgiparams{'MONTH'};
- $temp_now[3] = $cgiparams{'DAY'};
- @temp_then = localtime(POSIX::mktime(@temp_now) - 86400);
- ## Retrieve the same time on the previous day -
- ## 86400 seconds in a day
- $cgiparams{'MONTH'} = $temp_then[4];
- $cgiparams{'DAY'} = $temp_then[3];
-}
-
-$monthstr = $shortmonths[$cgiparams{'MONTH'}];
-$longmonthstr = $longmonths[$cgiparams{'MONTH'}];
-
-if (($cgiparams{'DAY'} ne $now[3]) || ($cgiparams{'MONTH'} ne $now[4]))
-{
- @then = ();
- if ( ( $cgiparams{'MONTH'} eq $now[4]) && ($cgiparams{'DAY'} > $now[3]) ||
- ( $cgiparams{'MONTH'} > $now[4] ) ) {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1901 ));
- } else {
- @then = localtime(POSIX::mktime( 0, 0, 0, $cgiparams{'DAY'}, $cgiparams{'MONTH'}, $year - 1900 ));
- }
- $tdoy = $then[7];
- $lastleap=($year-1)%4;
- if ($tdoy>$doy) {
- if ($lastleap == 0 && $tdoy < 60) {
- $doy=$tdoy+366;
- } else {
- $doy=$doy+365;
- }
- }
-}
-
-$day = $cgiparams{'DAY'};
-if ($day <= 9) {
- $daystr = " $day";
-} else {
- $daystr = $day;
-}
-if ($day < 10) {
- $day = "0$day";
-}
-
-&processevent;
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'export'})
-{
- print "Content-type: text/plain\n\n";
- print "IPCop URL filter log\r\n";
- print "Section: $cgiparams{'LOGTYPE'}\r\n";
- print "Date: $daystr $longmonthstr\r\n";
- print "\r\n";
-
- if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @log = reverse @log; }
-
- foreach (@log)
- {
- ($date,$time,$pid,@loginfo) = split(/ /);
- @ip = split(/\//,$loginfo[2]);
- @category = split(/\//,$loginfo[0]);
- $dsturl = $loginfo[1];
- $loginfo[3] =~ s/\%5c/\\/;
- print "$date ";
- print "$time ";
- if ($cgiparams{'LOGTYPE'} eq 'squidGuard')
- {
- print "$pid ";
- print "@loginfo";
- } else {
- print "$category[1] ";
- print "$ip[0] ";
- if ($filtersettings{'ENABLE_USERNAME_LOG'} eq 'on') { print "$loginfo[3] "; }
- print "$dsturl";
- print "\n";
- }
- }
-
- exit;
-}
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'urlfilter log viewer'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'left', "$Lang::tr{'settings'}:");
-
-$selected{'LOGTYPE'}{$cgiparams{'LOGTYPE'}} = "selected='selected'";
-
-print <<END
-<form method='post' action="$ENV{'SCRIPT_NAME'}">
-<table width='100%'>
-<tr>
- <td width='8%' class='base'>$Lang::tr{'section'}</td>
- <td width='15%' class='base'>
- <select name='LOGTYPE' size='1'>
- <option value='urlfilter' $selected{'LOGTYPE'}{'urlfilter'} = "selected='selected'">$Lang::tr{'urlfilter url filter'}</option>
- <option value='squidGuard' $selected{'LOGTYPE'}{'squidGuard'} = "selected='selected'">squidGuard</option>
- </select>
- </td>
-
- <td width='8%' class='base'>$Lang::tr{'month'}:</td>
- <td width='15%'>
- <select name='MONTH'>
-END
-;
-for ($month = 0; $month < 12; $month++)
-{
- print "\t<option ";
- if ($month == $cgiparams{'MONTH'}) {
- print 'selected="selected" '; }
- print "value='$month'>$longmonths[$month]</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='8%' class='base'>$Lang::tr{'day'}:</td>
- <td width='15%'>
- <select name='DAY'>
-END
-;
-for ($day = 1; $day <= 31; $day++)
-{
- print "\t<option ";
- if ($day == $cgiparams{'DAY'}) {
- print 'selected="selected" '; }
- print "value='$day'>$day</option>\n";
-}
-print <<END
- </select>
- </td>
- <td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day before'}' value='<<' /></td>
- <td width='5%' align='center'><input type='submit' name='ACTION' title='$Lang::tr{'day after'}' value='>>' /></td>
- <td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
- <td width='10%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'export'}' /></td>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'log'});
-
-$lines = @log;
-
-if ($start == -1) { $start = $lines - $Header::viewsize; }
-if ($start >= $lines - $Header::viewsize) { $start = $lines - $Header::viewsize; };
-if ($start < 0) { $start = 0; }
-
-$prev = $start - $Header::viewsize;
-$next = $start + $Header::viewsize;
-
-if ($prev < 0) { $prev = 0; }
-if ($next >= $lines) { $next = -1 }
-if ($start == 0) { $prev = -1; }
-
-if ($cgiparams{'LOGTYPE'} eq 'urlfilter')
-{
- print "<b>$Lang::tr{'urlfilter log summary'} $longmonthstr $daystr: $lines</b><p>\n";
-}
-
-@slice = splice(@log, $start, $Header::viewsize);
-
-if ($logsettings{'LOGVIEW_REVERSE'} eq 'on') { @slice = reverse @slice; }
-
-if ($lines)
-{
-
- $lines = 0;
-
- print "<table width='100%'>\n";
- unless ($cgiparams{'LOGTYPE'} eq 'squidGuard')
- {
- print "<tr>\n";
- print "<td align='center'><b>$Lang::tr{'urlfilter time'}</b></td>\n";
- print "<td align='center'><b>$Lang::tr{'urlfilter category'}</b></td>\n";
- print "<td align='center'><b>$Lang::tr{'urlfilter client'}</b></td>\n";
- if ($filtersettings{'ENABLE_USERNAME_LOG'} eq 'on') { print "<td align='center'><b>$Lang::tr{'urlfilter username'}</b></td>\n"; }
- print "<td align='center'><b>$Lang::tr{'urlfilter dst'}</b></td>\n";
- print "</tr>\n";
- }
-
- foreach (@slice)
- {
- undef $attr1; undef $attr2;
- $lines++;
- ($date,$time,$pid,@loginfo) = split(/ /);
- @ip = split(/\//,$loginfo[2]);
- @category = split(/\//,$loginfo[0]);
- $dsturl = $loginfo[1];
- $loginfo[3] =~ s/\%5c/\\/;
- if ($cgiparams{'LOGTYPE'} eq 'squidGuard') {
- if (@loginfo[0] =~ /squidGuard/) { $attr1 .= "<b>"; $attr2 .= "</b>"; }
- if (@loginfo[1] =~ /ready/) { $attr1 .= "<b><font color='$Header::colourgreen'>"; $attr2 .= "</font></b>"; }
- if (@loginfo[2] =~ /emergency/) { $attr1 .= "<b><font color='$Header::colourerr'>"; $attr2 .= "</font></b>"; }
- print "<tr>\n";
- } else {
- if ($lines % 2) { print "<tr bgcolor='$color{'color20'}'>\n"; } else { print "<tr bgcolor='$color{'color22'}'>\n"; }
- }
- if ($cgiparams{'LOGTYPE'} eq 'squidGuard') {
- print "<td nowrap>$time $pid $attr1@loginfo$attr2</td>\n";
- } else {
- print "<td width='10%' align='center' nowrap>$time</td>\n";
- print "<td width='11%' align='center' nowrap>$category[1]</td>\n";
- print "<td width='15%' align='center' nowrap>$ip[0]</td>\n";
- if ($filtersettings{'ENABLE_USERNAME_LOG'} eq 'on')
- {
- print "<td width='12%' align='center' nowrap>$loginfo[3]</td>\n";
- $site = substr($dsturl,0,55);
- if (length($dsturl) > 55) { $site .= "..."; }
- } else {
- $site = substr($dsturl,0,69);
- if (length($dsturl) > 69) { $site .= "..."; }
- }
- #print "<td>$site</td>\n";
- print "<td><a href='$dsturl' title='$dsturl' target='_blank'>$site</a></td>\n";
- }
- print "</tr>\n";
- }
-
- print "</table><br>\n";
-
-}
-
-&oldernewer();
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-# -------------------------------------------------------------------
-
-sub processevent
-{
- my $filestr='';
-
- undef @log;
- if ($cgiparams{'LOGTYPE'} eq 'squidGuard')
- {
- $filestr = "$logdir/squidGuard.log";
- foreach $logarch (<$filestr.*.gz>)
- {
- open (LOG,"gzip -dc $logarch |");
- foreach (<LOG>) {
- ($date,$time,$pid,@loginfo) = split(/ /);
- ($logyear,$logmonth,$logday) = split(/-/,$date);
- if (($logyear == $year) && ($logmonth == $cgiparams{'MONTH'}+1) && ($logday == $day)) { push(@log,$_) }
- }
- close(LOG);
- }
- open (LOG,$filestr);
- foreach (<LOG>) {
- ($date,$time,$pid,@loginfo) = split(/ /);
- ($logyear,$logmonth,$logday) = split(/-/,$date);
- if (($logyear == $year) && ($logmonth == $cgiparams{'MONTH'}+1) && ($logday == $day)) { push(@log,$_) }
- }
- close(LOG);
- } else {
- foreach $logarch (<$logdir/*.gz>)
- {
- if ($logarch !~ /squidGuard\.log/) {
- open (LOG,"gzip -dc $logarch |");
- foreach (<LOG>) {
- ($date,$time,$pid,@loginfo) = split(/ /);
- ($logyear,$logmonth,$logday) = split(/-/,$date);
- if (($logyear == $year) && ($logmonth == $cgiparams{'MONTH'}+1) && ($logday == $day)) { push(@log,$_) }
- }
- close(LOG);
- }
- }
- foreach $filestr (<$logdir/*.log>)
- {
- if ($filestr !~ /squidGuard\.log/) {
- open (LOG,$filestr);
- foreach (<LOG>) {
- ($date,$time,$pid,@loginfo) = split(/ /);
- ($logyear,$logmonth,$logday) = split(/-/,$date);
- if (($logyear == $year) && ($logmonth == $cgiparams{'MONTH'}+1) && ($logday == $day)) { push(@log,$_) }
- }
- close(LOG);
- }
- }
- @log = sort { substr($a,11,8) cmp substr($b,11,8) } @log;
-
- }
-}
-
-# -------------------------------------------------------------------
-
-sub oldernewer
-{
- print "<table width='100%'>";
- print "<tr>";
-
- print "<td align='center' width='50%'>";
- if ($prev != -1) {
- print "<a href='$ENV{'SCRIPT_NAME'}?$prev,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'LOGTYPE'}'>$Lang::tr{'older'}</a>"; }
- else {
- print "$Lang::tr{'older'}"; }
- print "</td>\n";
-
- print "<td align='center' width='50%'>";
- if ($next != -1) {
- print "<a href='$ENV{'SCRIPT_NAME'}?$next,$cgiparams{'MONTH'},$cgiparams{'DAY'},$cgiparams{'LOGTYPE'}'>$Lang::tr{'newer'}</a>"; }
- else {
- print "$Lang::tr{'newer'}"; }
- print "</td>\n";
-
- print "</tr>";
- print "</table>";
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/graphs.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colourred} );
-undef (@dummy);
-
-my %cgiparams=();
-
-&Header::showhttpheaders();
-
-&Header::getcgihash(\%cgiparams);
-
-&Header::openpage($Lang::tr{'media information'}, 1, '');
-
-&Header::openbigbox('100%', 'left');
-
-my @devices = `kudzu -qps -c HD | grep device: | cut -d" " -f2 | sort | uniq`;
-
-foreach (@devices) {
- my $device = $_;
- chomp($device);
- my @array = split(/\//,$device);
- &Graphs::updatediskgraph ("day",$array[$#array]);
- diskbox($array[$#array]);
-}
-
-&Header::openbox('100%', 'center', $Lang::tr{'disk usage'});
-print "<table width='95%' cellspacing='5'>\n";
-open(DF,'/bin/df -B M -x rootfs|');
-while(<DF>)
-{
- if ($_ =~ m/^Filesystem/ )
- {
- print <<END
-<tr>
-<td align='center' class='boldbase'><b>$Lang::tr{'device'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'mounted on'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'size'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'used'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'free'}</b></td>
-<td align='left' class='boldbase' colspan='2'><b>$Lang::tr{'percentage'}</b></td>
-</tr>
-END
-;
- }
- else
- {
- my ($device,$size,$used,$free,$percent,$mount) = split;
- print <<END
-<tr>
-<td align='center'>$device</td>
-<td align='center'>$mount</td>
-<td align='center'>$size</td>
-<td align='center'>$used</td>
-<td align='center'>$free</td>
-<td align='left'>
-END
-;
- &percentbar($percent);
- print <<END
-</td>
-<td align='left'>$percent</td>
-</tr>
-END
-;
- }
-}
-close DF;
-print "<tr><td colspan='7'> \n<tr><td colspan='7'><h3>Inodes</h3>\n";
-
-open(DF,'/bin/df -i -x rootfs|');
-while(<DF>)
-{
- if ($_ =~ m/^Filesystem/ )
- {
- print <<END
-<tr>
-<td align='center' class='boldbase'><b>$Lang::tr{'device'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'mounted on'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'size'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'used'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'free'}</b></td>
-<td align='left' class='boldbase' colspan='2'><b>$Lang::tr{'percentage'}</b></td>
-</tr>
-END
-;
- }
- else
- {
- my ($device,$size,$used,$free,$percent,$mount) = split;
- print <<END
-<tr>
-<td align='center'>$device</td>
-<td align='center'>$mount</td>
-<td align='center'>$size</td>
-<td align='center'>$used</td>
-<td align='center'>$free</td>
-<td>
-END
-;
- &percentbar($percent);
- print <<END
-</td>
-<td align='left'>$percent</td>
-</tr>
-END
-;
- }
-}
-close DF;
-my @iostat1 = qx(/usr/bin/iostat -dm -p | grep -v "Linux" | awk '{print \$1}');
-my @iostat2 = qx(/usr/bin/iostat -dm -p | grep -v "Linux" | awk '{print \$5}');
-my @iostat3 = qx(/usr/bin/iostat -dm -p | grep -v "Linux" | awk '{print \$6}');
-print "<tr><td colspan='3'> \n<tr><td colspan='3'><h3>transfers</h3></td></tr>";
-my $i=0;
-
-for(my $i = 1; $i <= $#iostat1; $i++)
-{
-if ( $i eq '1' ){print "<tr><td align='center' class='boldbase'><b>Device</b></td><td align='center' class='boldbase'><b>MB read</b></td><td align='center' class='boldbase'><b>MB writen</b></td></tr>";}
-else {print "<tr><td align='center'>$iostat1[$i]</td><td align='center'>$iostat2[$i]</td><td align='center'>$iostat3[$i]</td></tr>";}
-}
-print "</table>\n";
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub percentbar
-{
- my $percent = $_[0];
- my $fg = '#a0a0a0';
- my $bg = '#e2e2e2';
-
- if ($percent =~ m/^(\d+)%$/ )
- {
- print <<END
-<table width='100' border='1' cellspacing='0' cellpadding='0' style='border-width:1px;border-style:solid;border-color:$fg;width:100px;height:10px;'>
-<tr>
-END
-;
- if ($percent eq "100%") {
- print "<td width='100%' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'>"
- } elsif ($percent eq "0%") {
- print "<td width='100%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- } else {
- print "<td width='$percent' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'></td><td width='" . (100-$1) . "%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- }
- print <<END
-<img src='/images/null.gif' width='1' height='1' alt='' /></td></tr></table>
-END
-;
- }
-}
-
-sub diskbox {
- my $disk = $_[0];
- chomp $disk;
- my @status;
- if (-e "$Header::graphdir/disk-$disk-day.png") {
- &Header::openbox('100%', 'center', "Disk $disk $Lang::tr{'graph'}");
- my $ftime = localtime((stat("$Header::graphdir/disk-$disk-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/graphs.cgi?graph=disk-$disk'>";
- print "<img alt='' src='/graphs/disk-$disk-day.png' border='0' />";
- print "</a>";
- print "<br />\n";
-
- if (-e "/tmp/hddstatus") {
- open(DATEI, "</tmp/hddstatus") || die "Datei nicht gefunden";
- my @diskstate = <DATEI>;
- close(DATEI);
-
- foreach (@diskstate){
- if ( $_ =~/$disk/ ){@status = split(/-/,$_);}
- }
-
- if ( $status[1]=~/standby/){
- my $ftime = localtime((stat("/tmp/hddshutdown-$disk"))[9]);
- print"<B>Disk $disk status:<font color=#FF0000>".$status[1]."</font></B> (since $ftime)";
- }
- else{
- print"<B>Disk $disk status:<font color=#00FF00>".$status[1]."</font></B>";
- }
- }
- my $smart = `/usr/local/bin/smartctrl $disk`;
- $smart = &Header::cleanhtml($smart);
- print <<END
- <br /><input type="button" onClick="swapVisibility('smart_$disk')" value="$Lang::tr{'smart information'}" />
- <div id='smart_$disk' style='display: none'>
- <hr /><table border=0><tr><td align=left><pre>$smart</pre></table>
- </div>
-END
-;
- &Header::closebox();
- }
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/graphs.pl";
-
-my %cgiparams=();
-
-&Graphs::updatememgraph ("day");
-
-&Header::showhttpheaders();
-&Header::getcgihash(\%cgiparams);
-&Header::openpage($Lang::tr{'memory information'}, 1, '');
-&Header::openbigbox('100%', 'left');
-
-&Header::openbox('100%', 'center', "Memory $Lang::tr{'graph'}");
-if (-e "$Header::graphdir/memory-day.png") {
- my $ftime = localtime((stat("$Header::graphdir/memory-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/graphs.cgi?graph=memory'>";
- print "<img alt='' src='/graphs/memory-day.png' border='0' />";
- print "</a>";
-} else {
- print $Lang::tr{'no information available'};
-}
-print "<br />\n";
-&Header::closebox();
-
-&Header::openbox('100%', 'center', "Swap $Lang::tr{'graph'}");
-if (-e "$Header::graphdir/swap-day.png") {
- my $ftime = localtime((stat("$Header::graphdir/swap-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/graphs.cgi?graph=swap'>";
- print "<img alt='' src='/graphs/swap-day.png' border='0' />";
- print "</a>";
-} else {
- print $Lang::tr{'no information available'};
-}
-print "<br />\n";
-&Header::closebox();
-
-&Header::openbox('100%', 'center', $Lang::tr{'memory'});
-print "<table width='95%' cellspacing='5'>";
-my $ram=0;
-my $size=0;
-my $used=0;
-my $free=0;
-my $percent=0;
-my $shared=0;
-my $buffers=0;
-my $cached=0;
-open(FREE,'/usr/bin/free |');
-while(<FREE>)
-{
- if ($_ =~ m/^\s+total\s+used\s+free\s+shared\s+buffers\s+cached$/ )
- {
- print <<END
-<tr>
-<td align='center'> </td>
-<td align='center' class='boldbase'><b>$Lang::tr{'size'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'used'}</b></td>
-<td align='center' class='boldbase'><b>$Lang::tr{'free'}</b></td>
-<td align='left' class='boldbase' colspan='2'><b>$Lang::tr{'percentage'}</b></td>
-</tr>
-END
-;
- } else {
- if ($_ =~ m/^Mem:\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)$/) {
- ($ram,$size,$used,$free,$shared,$buffers,$cached) = ($1,$1,$2,$3,$4,$5,$6);
- ($percent = ($used/$size)*100) =~ s/^(\d+)(\.\d+)?$/$1%/;
- print <<END
-<tr>
-<td class='boldbase'><b>$Lang::tr{'ram'}</b></td>
-<td align='center'>$size KB</td>
-END
-;
- } elsif ($_ =~ m/^Swap:\s+(\d+)\s+(\d+)\s+(\d+)$/) {
- ($size,$used,$free) = ($1,$2,$3);
- if ($size != 0)
- {
- ($percent = ($used/$size)*100) =~ s/^(\d+)(\.\d+)?$/$1%/;
- } else {
- ($percent = '');
- }
- print <<END
-<tr>
-<td class='boldbase'><b>$Lang::tr{'swap'}</b></td>
-<td align='center'>$size KB</td>
-END
-;
- } elsif ($ram and $_ =~ m/^-\/\+ buffers\/cache:\s+(\d+)\s+(\d+)$/ ) {
- ($used,$free) = ($1,$2);
- ($percent = ($used/$ram)*100) =~ s/^(\d+)(\.\d+)?$/$1%/;
- print "<tr><td colspan='2' class='boldbase'><b>$Lang::tr{'excluding buffers and cache'}</b></td>"
- }
- print <<END
-<td align='center'>$used KB</td>
-<td align='center'>$free KB</td>
-<td>
-END
-;
- &percentbar($percent);
- print <<END
-</td>
-<td align='left'>$percent</td>
-</tr>
-END
-;
- }
-}
-close FREE;
-print <<END
-<tr><td class='boldbase' colspan='2'><br /></td></tr>
-<tr><td class='boldbase'><b>$Lang::tr{'shared'}</b></td><td align='center'>$shared KB</td></tr>
-<tr><td class='boldbase'><b>$Lang::tr{'buffers'}</b></td><td align='center'>$buffers KB</td></tr>
-<tr><td class='boldbase'><b>$Lang::tr{'cached'}</b></td><td align='center'>$cached KB</td></tr>
-</table>
-END
-;
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub percentbar
-{
- my $percent = $_[0];
- my $fg = '#a0a0a0';
- my $bg = '#e2e2e2';
-
- if ($percent =~ m/^(\d+)%$/ )
- {
- print <<END
-<table width='100' border='1' cellspacing='0' cellpadding='0' style='border-width:1px;border-style:solid;border-color:$fg;width:100px;height:10px;'>
-<tr>
-END
-;
- if ($percent eq "100%") {
- print "<td width='100%' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'>"
- } elsif ($percent eq "0%") {
- print "<td width='100%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- } else {
- print "<td width='$percent' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'></td><td width='" . (100-$1) . "%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- }
- print <<END
-<img src='/images/null.gif' width='1' height='1' alt='' /></td></tr></table>
-END
-;
- }
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %modemsettings=();
-my $errormessage = '';
-
-&Header::showhttpheaders();
-
-$modemsettings{'ACTION'} = '';
-$modemsettings{'VALID'} = '';
-
-&Header::getcgihash(\%modemsettings);
-
-if ($modemsettings{'ACTION'} eq $Lang::tr{'save'})
-{
- if (!($modemsettings{'TIMEOUT'} =~ /^\d+$/))
- {
- $errormessage = $Lang::tr{'timeout must be a number'};
- goto ERROR;
- }
-ERROR:
- if ($errormessage) {
- $modemsettings{'VALID'} = 'no'; }
- else {
- $modemsettings{'VALID'} = 'yes'; }
-
- &General::writehash("${General::swroot}/modem/settings", \%modemsettings);
-}
-
-if ($modemsettings{'ACTION'} eq $Lang::tr{'restore defaults'})
-{
- system('/bin/cp', "${General::swroot}/modem/defaults", "${General::swroot}/modem/settings", '-f');
-}
-
-&General::readhash("${General::swroot}/modem/settings", \%modemsettings);
-
-&Header::openpage($Lang::tr{'modem configuration'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-&Header::openbox('100%', 'left', "$Lang::tr{'modem configuration'}:");
-print <<END
-<table width='100%'>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'init string'} <img src='/blob.gif' alt='*' /></td>
- <td width='25%'><input type='text' name='INIT' value='$modemsettings{'INIT'}' /></td>
- <td width='25%' class='base'>$Lang::tr{'hangup string'} <img src='/blob.gif' alt='*' /></td>
- <td width='25%'><input type='text' name='HANGUP' value='$modemsettings{'HANGUP'}' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'speaker on'} <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='SPEAKER_ON' value='$modemsettings{'SPEAKER_ON'}' /></td>
- <td class='base'>$Lang::tr{'speaker off'} <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='SPEAKER_OFF' value='$modemsettings{'SPEAKER_OFF'}' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'tone dial'} <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='TONE_DIAL' value='$modemsettings{'TONE_DIAL'}' /></td>
- <td class='base'>$Lang::tr{'pulse dial'} <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='PULSE_DIAL' value='$modemsettings{'PULSE_DIAL'}' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'connect timeout'}</td>
- <td><input type='text' name='TIMEOUT' value='$modemsettings{'TIMEOUT'}' /></td>
- <td class='base'> </td>
- <td> </td>
-</tr>
-
-</table>
-<table width='100%'>
-<hr />
-<tr>
- <td width='33%'>
- <img src='/blob.gif' align='top' alt='*' />
- <font class='base'>$Lang::tr{'this field may be blank'}</font>
- </td>
- <td width='33%' align='center'>
- <input type='submit' name='ACTION' value='$Lang::tr{'restore defaults'}' />
- </td>
- <td width='33%' align='center'>
- <input type='submit' name='ACTION' value='$Lang::tr{'save'}' />
- </td>
-</tr>
-</table>
-</div>
-END
-;
-&Header::closebox();
-
-print "</form>\n";
-
-&Header::closebigbox();
-
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %color = ();
-my %mainsettings = ();
-my %mpfiresettings = ();
-my %checked = ();
-my $message = '0';
-my $errormessage = "";
-
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-if ( $ENV{'QUERY_STRING'} =~ /title/){
-my $song = `/usr/local/bin/mpfirectrl song 2>/dev/null`;
-if ( $song eq "" ){$song = "None";}
-&Header::showhttpheaders();
-print <<END
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<meta http-equiv='refresh' content='5'>
-<head><title>Song</title></head>
-<body>
-<table width='95%' cellspacing='0' align='center'>
-<tr bgcolor='$color{'color20'}'><td align='center'><font color='red' face='Verdana' size='2'>-= $song =-</font></td></tr>
-</table>
-</body>
-END
-;
-}
-else{
-&Header::showhttpheaders();
-
-sub refreshpage{&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;' />" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'pagerefresh'}</font></center>";&Header::closebox();}
-
-$mpfiresettings{'PAGE'} = "1";
-
-open(DATEI, "<${General::swroot}/mpfire/db/mpd.db") || die "No Database found";
-my @songdb = <DATEI>;
-close(DATEI);
-
-my @artist; my @album; my @genre; my @year; my $linecount = 0; my %songs;
-my $key;my $file;my $Time;my $Artist;my $Title;my $Album;my $Track;my $Date;my $Genre;
-foreach (@songdb){
- if ( $_ =~ /mtime: / ){
- $songs{$key}="$file|$Time|$Artist|$Title|$Album|$Track|$Date|$Genre";
- push(@artist,$Artist);push(@album,$Album);push(@year,$Date);push(@genre,$Genre);
- $key="";$file="";$Time="";$Artist="";$Title="";$Album="";$Track="";$Date="";$Genre="";
- }
- elsif ( $_ =~ /key: / ){my @temp = split(/: /,$_);$key=$temp[1];}
- elsif ( $_ =~ /file: / ){my @temp = split(/: /,$_);$file=$temp[1];}
- elsif ( $_ =~ /Time: / ){my @temp = split(/: /,$_);$Time=$temp[1];}
- elsif ( $_ =~ /Artist: / ){my @temp = split(/: /,$_);$Artist=$temp[1];}
- elsif ( $_ =~ /Title: / ){my @temp = split(/: /,$_);$Title=$temp[1];}
- elsif ( $_ =~ /Album: / ){my @temp = split(/: /,$_);$Album=$temp[1];}
- elsif ( $_ =~ /Track: / ){my @temp = split(/: /,$_);$Track=$temp[1];}
- elsif ( $_ =~ /Date: / ){my @temp = split(/: /,$_);$Date=$temp[1];}
- elsif ( $_ =~ /Genre: / ){my @temp = split(/: /,$_);$Genre=$temp[1];}
- else {next;}
- }
-
- my %hash = map{ $_, 1 }@artist;
- @artist = sort keys %hash;
- my %hash = map{ $_, 1 }@album;
- @album = sort keys %hash;
- my %hash = map{ $_, 1 }@year;
- @year = sort keys %hash;
- my %hash = map{ $_, 1 }@genre;
- @genre = sort keys %hash;
-
- my $artistcount = $#artist+1;
- my $albumcount = $#album+1;
- my $yearcount = $#year+1;
- my $genrecount = $#genre+1;
-
-&Header::getcgihash(\%mpfiresettings);
-&Header::openpage($Lang::tr{'mpfire'}, 1,);
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-############################################################################################################################
-######################################## Scanne Verzeichnisse nach Mp3 Dateien #############################################
-
-if ( $mpfiresettings{'ACTION'} eq "scan" )
-{
-delete $mpfiresettings{'__CGI__'};delete $mpfiresettings{'x'};delete $mpfiresettings{'y'};delete $mpfiresettings{'PAGE'};
-&General::writehash("${General::swroot}/mpfire/settings", \%mpfiresettings);
-open(DATEI, "<${General::swroot}/mpfire/mpd.conf") || die "Datei nicht gefunden";
-my @Zeilen = <DATEI>;
-close(DATEI);
-open(DATEI, ">${General::swroot}/mpfire/mpd.conf") || die "Datei nicht gefunden";
-foreach (@Zeilen){
-if ( $_ =~ /music_directory/){print DATEI "music_directory \"".$mpfiresettings{'MUSICDIR'}."\"\n";}
-else {print DATEI $_;}
-}
-close(DATEI);
-
-$message=system("/usr/local/bin/mpfirectrl scan 2>/dev/null");
-refreshpage();
-}
-elsif ( $mpfiresettings{'ACTION'} eq ">" ){$message=system("/usr/local/bin/mpfirectrl","play","\"$mpfiresettings{'FILE'}\"","2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "x" ){$message=system("/usr/local/bin/mpfirectrl stop 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "|>" ){$message=system("/usr/local/bin/mpfirectrl toggle 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "<<" ){$message=system("/usr/local/bin/mpfirectrl prev 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq ">>" ){$message=system("/usr/local/bin/mpfirectrl next 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "+" ){$message=system("/usr/local/bin/mpfirectrl volup 5 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "-" ){$message=system("/usr/local/bin/mpfirectrl voldown 5 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "++" ){$message=system("/usr/local/bin/mpfirectrl volup 10 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "--" ){$message=system("/usr/local/bin/mpfirectrl voldown 10 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "playweb" ){$message=system("/usr/local/bin/mpfirectrl","playweb","\"$mpfiresettings{'FILE'}\"","2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "playlist" ){$message=system("/usr/local/bin/mpfirectrl playlist 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "emptyplaylist" ){$message=system("/usr/local/bin/mpfirectrl clearplaylist 2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "addtoplaylist" ){$message=system("/usr/local/bin/mpfirectrl","playadd","\"$mpfiresettings{'FILE'}\"","2>/dev/null");}
-elsif ( $mpfiresettings{'ACTION'} eq "playall" ){
-my @temp = ""; my @song = "";
-
-foreach (keys(%songs)){
- @song = split(/\|/,$songs{$_});push(@temp,$song[0])
- }
-open(DATEI, ">${General::swroot}/mpfire/playlist.m3u") || die "Could not add playlist";
-print DATEI @temp;
-close(DATEI);
-
-$message=system("/usr/local/bin/mpfirectrl playlist 2>/dev/null");
-}
-elsif ( $mpfiresettings{'ACTION'} eq "playalbum" )
-{
-my @temp = ""; my @song = ""; my @select = split(/\|/,$mpfiresettings{'album'});
-
-foreach (keys(%songs)){
- @song = split(/\|/,$songs{$_});$song[4] =~ s/\W/ /g;
-
- foreach (@select){
- $_ =~ s/\W/ /g;
- if ( $song[4] =~ /$_/ ){push(@temp,$song[0]);}
- }
-}
-
-open(DATEI, ">${General::swroot}/mpfire/playlist.m3u") || die "Could not add playlist";
-print DATEI @temp;
-close(DATEI);
-$message=system("/usr/local/bin/mpfirectrl playlist 2>/dev/null");
-}
-elsif ( $mpfiresettings{'ACTION'} eq "playartist" )
-{
-my @temp = ""; my @song = ""; my @select = split(/\|/,$mpfiresettings{'artist'});
-
-foreach (keys(%songs)){
- @song = split(/\|/,$songs{$_});$song[2] =~ s/\W/ /g;
-
- foreach (@select){
- $_ =~ s/\W/ /g;
- if ( $song[2] =~ /$_/ ){push(@temp,$song[0]);}
- }
-}
-
-open(DATEI, ">${General::swroot}/mpfire/playlist.m3u") || die "Could not add playlist";
-print DATEI @temp;
-close(DATEI);
-$message=system("/usr/local/bin/mpfirectrl playlist 2>/dev/null");
-}
-elsif ( $mpfiresettings{'ACTION'} eq "playyear" )
-{
-my @temp = ""; my @song = ""; my @select = split(/\|/,$mpfiresettings{'year'});
-
-foreach (keys(%songs)){
- @song = split(/\|/,$songs{$_});$song[6] =~ s/\W/ /g;
-
- foreach (@select){
- $_ =~ s/\W/ /g;
- if ( $song[6] =~ /$_/ ){push(@temp,$song[0]);}
- }
-}
-
-open(DATEI, ">${General::swroot}/mpfire/playlist.m3u") || die "Could not add playlist";
-print DATEI @temp;
-close(DATEI);
-$message=system("/usr/local/bin/mpfirectrl playlist 2>/dev/null");
-}
-elsif ( $mpfiresettings{'ACTION'} eq "playgenre" )
-{
-my @temp = ""; my @song = ""; my @select = split(/\|/,$mpfiresettings{'genre'});
-
-foreach (keys(%songs)){
- @song = split(/\|/,$songs{$_});$song[7] =~ s/\W/ /g;
-
- foreach (@select){
- $_ =~ s/\W/ /g;
- if ( $song[7] =~ /$_/ ){push(@temp,$song[0]);}
- }
-}
-
-open(DATEI, ">${General::swroot}/mpfire/playlist.m3u") || die "Could not add playlist";
-print DATEI @temp;
-close(DATEI);
-$message=system("/usr/local/bin/mpfirectrl playlist 2>/dev/null");
-}
-elsif ( $mpfiresettings{'SHOWLIST'} ){delete $mpfiresettings{'__CGI__'};delete $mpfiresettings{'x'};delete $mpfiresettings{'y'};delete $mpfiresettings{'PAGE'};&General::writehash("${General::swroot}/mpfire/settings", \%mpfiresettings);refreshpage();}
-
-############################################################################################################################
-################################### Aufbau der HTML Seite fr globale Sambaeinstellungen ####################################
-
-$mpfiresettings{'MUSICDIR'} = "/";
-
-&General::readhash("${General::swroot}/mpfire/settings", \%mpfiresettings);
-
-############################################################################################################################
-########################################### rekursiv nach neuen Mp3s Scannen ##############################################ä
-
-if ( $message ne '0' ) { print "<font color='red'>An Error occured while launching the command</font>"; }
-elsif ( $message ne "" && $message ne '0' ) { print "<font color='red'>$message</font>"; }
-
-&Header::openbox('100%', 'center', $Lang::tr{'mpfire scanning'});
-
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='95%' cellspacing='0'>
-<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'Scan for Files'}</b></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'Scan from Directory'}</td><td align='left'><input type='text' name='MUSICDIR' value='$mpfiresettings{'MUSICDIR'}' size="50" /></td></tr>
-<tr><td align='center' colspan='2'><input type='hidden' name='ACTION' value='scan' />
- <input type='image' alt='$Lang::tr{'Scan for Files'}' title='$Lang::tr{'Scan for Files'}' src='/images/edit-find.png' /></td></tr>
-</table>
-</form>
-END
-;
-&Header::closebox();
-
-my $Volume = `/usr/local/bin/mpfirectrl volume 2>/dev/null`;
-$Volume=~s/<break>/<br \/>/g;
-my $stats = `mpc stats | tail -4 2>/dev/null`;
-$stats=~s/\\/<br \/>/g
-
-&Header::openbox('100%', 'center', $Lang::tr{'mpfire controls'});
-print <<END
- <iframe height='35' width='100%' src='/cgi-bin/mpfire.cgi?title' scrolling='no' frameborder='no' marginheight='0'></iframe>
- <table width='95%' cellspacing='0'>
-END
-;
-my $countsongs=`/usr/local/bin/mpfirectrl stats 2>/dev/null`;
-print "<tr><td colspan='5' align='center'><b>".$countsongs."</b></td></tr>";
-print <<END
- <tr>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='x' /><input type='image' alt='$Lang::tr{'stop'}' title='$Lang::tr{'stop'}' src='/images/media-playback-stop.png' /></form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='<<' /><input type='image' alt='$Lang::tr{'prev'}' title='$Lang::tr{'prev'}' src='/images/media-skip-backward.png' /></form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='|>' /><input type='image' alt='$Lang::tr{'toggle'}' title='$Lang::tr{'toggle'}' src='/images/media-resume.png' /></form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='playall' /><input type='image' alt='$Lang::tr{'play'}' title='$Lang::tr{'play'}' src='/images/media-playback-start.png' /></form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='>>' /><input type='image' alt='$Lang::tr{'next'}' title='$Lang::tr{'next'}' src='/images/media-skip-forward.png' /></form></td>
- </tr>
-END
-;
-if ( $mpfiresettings{'SHOWLIST'} eq "on" ){print"<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='SHOWLIST' value='off' /><input type='image' alt='$Lang::tr{'off'}' title='$Lang::tr{'off'}' src='/images/audio-x-generic.png' /></form></td>";}
-else { print"<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='SHOWLIST' value='on' /><input type='image' alt='$Lang::tr{'on'}' title='$Lang::tr{'on'}' src='/images/audio-x-generic-red.png' /></form></td>";}
-print <<END
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='--' /><input type='image' alt='$Lang::tr{'voldown10'}' title='$Lang::tr{'voldown10'}' src='/images/audio-volume-low-red.png' /></form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='-' /><input type='image' alt='$Lang::tr{'voldown5'}' title='$Lang::tr{'voldown5'}' src='/images/audio-volume-low.png' /></form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='+' /><input type='image' alt='$Lang::tr{'volup5'}' title='$Lang::tr{'volup5'}' src='/images/audio-volume-high.png' /></form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='++' /><input type='image' alt='$Lang::tr{'volup10'}' title='$Lang::tr{'volup10'}' src='/images/audio-volume-high-red.png' /></form></td>
- </tr>
-<tr><td colspan='5' align='center'>$Volume</td></tr>
-<tr><td colspan='5' align='center'><br />$stats</td></tr>
-</table>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'center', $Lang::tr{'quick playlist'});
-
-print "<table width='95%' cellspacing='0'>";
-if ( $#songdb eq '-1' ) {print "<tr><td align='center' bgcolor='$color{'color20'}'><b>$Lang::tr{'artist'}</b></td><td align='center' bgcolor='$color{'color20'}'><b>$Lang::tr{'album'}</b></td></tr>";}
-else {print "<tr><td align='center' bgcolor='$color{'color20'}'><b>$Lang::tr{'artist'} - ".$artistcount."</b></td><td align='center' bgcolor='$color{'color20'}'><b>$Lang::tr{'album'} - ".$albumcount."</b></td></tr>";}
-print <<END
- <tr><td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <select name='artist' size='8' multiple='multiple' style='width:300px;'>
-END
-;
-foreach (@artist){if ( $_ ne '' ){print "<option>$_</option>";}}
-print <<END
- </select><br/>
- <input type='hidden' name='ACTION' value='playartist' />
- <input type='image' alt='$Lang::tr{'play'}' title='$Lang::tr{'play'}' src='/images/media-playback-start.png' />
- </form></td>
- <td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <select name='album' size='8' multiple='multiple' style='width:300px;'>
-END
-;
- foreach (@album){if ( $_ ne '' ){print "<option>$_</option>";}}
-print <<END
- </select><br/>
- <input type='hidden' name='ACTION' value='playalbum' />
- <input type='image' alt='$Lang::tr{'play'}' title='$Lang::tr{'play'}' src='/images/media-playback-start.png' />
- </form></td>
- </tr>
-END
-;
-if ( $#songdb eq '-1' ) {print "<tr><td align='center' bgcolor='$color{'color20'}'><b>$Lang::tr{'year'}</b></td><td align='center' bgcolor='$color{'color20'}'><b>$Lang::tr{'genre'}</b></td></tr>";}
-else {print "<tr><td align='center' bgcolor='$color{'color20'}'><b>$Lang::tr{'year'} - ".$yearcount."</b></td><td align='center' bgcolor='$color{'color20'}'><b>$Lang::tr{'genre'} - ".$genrecount."</b></td></tr>";}
-print <<END
- <tr><td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <select name='year' size='8' multiple='multiple' style='width:300px;'>
-END
-;
- foreach (@year){if ( $_ ne '' ){print "<option>$_</option>";}}
-print <<END
- </select><br/>
- <input type='hidden' name='ACTION' value='playyear' />
- <input type='image' alt='$Lang::tr{'play'}' title='$Lang::tr{'play'}' src='/images/media-playback-start.png' />
- </form></td>
- <td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <select name='genre' size='8' multiple='multiple' style='width:300px;'>
-END
-;
- foreach (@genre){if ( $_ ne '' ){print "<option>$_</option>";}}
-print <<END
- </select><br/>
- <input type='hidden' name='ACTION' value='playgenre' />
- <input type='image' alt='$Lang::tr{'play'}' title='$Lang::tr{'play'}' src='/images/media-playback-start.png' />
- </form></td>
- </tr></table>
-END
-;
-&Header::closebox();
-
-if ( $mpfiresettings{'SHOWLIST'} eq "on" ){
-
-&Header::openbox('100%', 'center', $Lang::tr{'mpfire songs'});
-print <<END
-<a name="$Lang::tr{'mpfire songs'}"</a>
-<table width='95%' cellspacing='5'>
-<tr bgcolor='$color{'color20'}'><td colspan='9' align='left'><b>$Lang::tr{'Existing Files'}</b></td></tr>
-<tr><td align='center' colspan='9'><br/>$Lang::tr{'Pages'}<br/><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='submit' name='PAGE' value='all' /><br/>
-END
-;
-my $pages =(int(keys(%songs)/100)+1);
-for(my $i = 1; $i <= $pages; $i++) {
-print "<input type='submit' name='PAGE' value='$i' />";
-if (!($i % 205)){print"<br/>";}
-}
-print <<END
-</form></td></tr>
-<tr><td align='center'></td>
- <td align='center'><b>$Lang::tr{'artist'}<br/>$Lang::tr{'title'}</b></td>
- <td align='center'><b>$Lang::tr{'number'}</b></td>
- <td align='center'><b>$Lang::tr{'album'}</b></td>
- <td align='center'><b>$Lang::tr{'year'}</b></td>
- <td align='center'><b>$Lang::tr{'genre'}</b></td>
- <td align='center'><b>$Lang::tr{'length'}</b></td></tr>
-END
-;
-my $lines=0;my $i=0;my $begin;my $end;
-if ( $mpfiresettings{'PAGE'} eq 'all' ){
- $begin=0;
- $end=keys(%songs);
-}
-else{
- $begin=(($mpfiresettings{'PAGE'}-1) * 100);
- $end=(($mpfiresettings{'PAGE'} * 100)-1);
-}
-foreach (keys(%songs)){
- if (!($i >= $begin && $i <= $end)){
-# print $begin."->".$i."<-".$end."\n";
- $i++;next;}
- my @song = split(/\|/,$songs{$_});
- my $minutes = sprintf ("%.0f", $song[1] / 60 );
- my $seconds = $song[1] % 60;
-
- if ($lines % 2) {print "<tr bgcolor='$color{'color20'}'>";} else {print "<tr bgcolor='$color{'color22'}'>";}
- print <<END
- <td align='center' style="white-space:nowrap;"><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'mpfire songs'}'><input type='hidden' name='ACTION' value='addtoplaylist' /><input type='hidden' name='FILE' value="$song[0]" /><input type='image' alt='$Lang::tr{'add'}' title='$Lang::tr{'add'}' src='/images/list-add.png' /></form><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='>' /><input type='hidden' name='FILE' value="$song[0]" /><input type='image' alt='$Lang::tr{'play'}' title='$Lang::tr{'play'}' src='/images/media-playback-start.png' /></form></td>
- <td align='center'>$song[2]<br/>$song[3]</td>
- <td align='center'>$song[5]</td>
- <td align='center'>$song[4]</td>
- <td align='center'>$song[6]</td>
- <td align='center'>$song[7]</td>
- <td align='center'>$minutes:$seconds</td></tr>
-END
-;
- $lines++;
- $i++;
- }
-print "</table>";
-&Header::closebox();
-}
-
-&Header::openbox('100%', 'center', $Lang::tr{'mpfire playlist'});
-
-my @playlist = `mpc playlist 2>/dev/null`;
-
-print <<END
-<table width='95%' cellspacing='0'>
-<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'current playlist'}</b></td></tr>
-<tr><td align='center' colspan='2' ><textarea cols='100' rows='10' name='playlist' style='font-size:11px;width:650px;' readonly='readonly'>
-END
-;
-foreach (@playlist){$_=~s/&/&\;/g;;print $_;}
-print <<END
-</textarea></td></tr><tr>
-<td align='right'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='emptyplaylist' />
- <input type='image' alt='$Lang::tr{'clear playlist'}' title='$Lang::tr{'clear playlist'}' src='/images/user-trash.png' />
- </form>
-</td>
-<td align='left'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='playlist' />
- <input type='image' alt='$Lang::tr{'play'}' title='$Lang::tr{'play'}' src='/images/media-playback-start.png' />
- </form>
-</td></tr>
-</table>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'center', $Lang::tr{'mpfire webradio'});
-
-open(DATEI, "<${General::swroot}/mpfire/webradio") || die "Could not open playlist";
-my @webradio = <DATEI>;
-close(DATEI);
-
-print <<END
-<table width='95%' cellspacing='0'>
-<tr bgcolor='$color{'color20'}'><td colspan='9' align='left'><b>$Lang::tr{'webradio playlist'}</b></td></tr>
-<tr><td align='left'>Stream</td><td colspan='2'></td></tr>
-END
-;
-my $lines=0;
-foreach (@webradio){
- my @stream = split(/\|/,$_);
- $lines++;
- chomp($stream[2]);
- if ($lines % 2) {print "<tr bgcolor='$color{'color22'}'>";} else {print "<tr>";}
-print <<END
- <td align='left'><a href="$stream[2]" target="_blank">$stream[1]</a></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='FILE' value='$stream[0]' /><input type='hidden' name='ACTION' value='playweb' /><input type='image' alt='$Lang::tr{'play'}' title='$Lang::tr{'play'}' src='/images/media-playback-start.png' align='middle' /></form></td>
-</tr>
-END
-;
- }
- $lines++;
- if ($lines % 2) {print "<tr bgcolor='$color{'color22'}'>";} else {print "<tr>";}
-print <<END
- <td align='center' colspan='2'><form method='post' action='$ENV{'SCRIPT_NAME'}'><br />http://<input type=text name='FILE' value='www.meineradiourl:1234' size='75' />
- <input type='hidden' name='ACTION' value='playweb' /><input type='image' alt='$Lang::tr{'play'}' title='$Lang::tr{'play'}' src='/images/media-playback-start.png' align='top' /></form></td>
-</tr>
-END
-;
-print "</table>";
-&Header::closebox();
-
-&Header::closebigbox();
-&Header::closepage();
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/graphs.pl";
-
-my %cgiparams=();
-my %pppsettings=();
-my %netsettings=();
-my @cgiparams=();
-my @graphs=();
-my $iface='';
-my %dhcpsettings=();
-my %dhcpinfo=();
-my $output='';
-
-&Header::showhttpheaders();
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-$ENV{'QUERY_STRING'} =~ s/&//g;
-@cgiparams = split(/network=/,$ENV{'QUERY_STRING'});
-$cgiparams[1] = '' unless defined $cgiparams[1];
-
-if ($cgiparams[1] =~ /red/) {
- &Header::openpage($Lang::tr{'network traffic graphs external'}, 1, '');
- push (@graphs, ("RED"));
- push (@graphs, ('lq'));
-} else {
- &Header::openpage($Lang::tr{'network traffic graphs internal'}, 1, '');
- push (@graphs, ('GREEN'));
- if ($netsettings{'BLUE_DEV'}) {
- push (@graphs, ('BLUE')); }
- if ($netsettings{'ORANGE_DEV'}) {
- push (@graphs, ('ORANGE')); }
-}
-
-&Header::openbigbox('100%', 'left');
-
-foreach my $graphname (@graphs) {
-
- if ($graphname eq "lq" )
- { &Graphs::updatelqgraph("day"); }
- else
- { &Graphs::updateifgraph($graphname, "day"); }
-
- &Header::openbox('100%', 'center', "$graphname $Lang::tr{'graph'}");
- if (-e "$Header::graphdir/${graphname}-day.png") {
- my $ftime = localtime((stat("$Header::graphdir/${graphname}-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/graphs.cgi?graph=$graphname'>";
- print "<img alt='' src='/graphs/${graphname}-day.png' border='0' />";
- print "</a>";
- } else {
- print $Lang::tr{'no information available'};
- }
- print "<br />\n";
- &Header::closebox();
-}
-
-if ($cgiparams[1] =~ /red/) {
-
- if ( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $netsettings{'RED_TYPE'} eq "DHCP") {
-
- &Header::openbox('100%', 'left', "RED $Lang::tr{'dhcp configuration'}");
- if (-s "${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info") {
-
- &General::readhash("${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info", \%dhcpinfo);
-
- my $DNS1=`echo $dhcpinfo{'DNS'} | cut -f 1 -d ,`;
- my $DNS2=`echo $dhcpinfo{'DNS'} | cut -f 2 -d ,`;
-
- my $lsetme=0;
- my $leasetime="";
- if ($dhcpinfo{'LEASETIME'} ne "") {
- $lsetme=$dhcpinfo{'LEASETIME'};
- $lsetme=($lsetme/60);
- if ($lsetme > 59) {
- $lsetme=($lsetme/60); $leasetime=$lsetme." Hour";
- } else {
- $leasetime=$lsetme." Minute";
- }
- if ($lsetme > 1) {
- $leasetime=$leasetime."s";
- }
- }
- my $rentme=0;
- my $rnwltime="";
- if ($dhcpinfo{'RENEWALTIME'} ne "") {
- $rentme=$dhcpinfo{'RENEWALTIME'};
- $rentme=($rentme/60);
- if ($rentme > 59){
- $rentme=($rentme/60); $rnwltime=$rentme." Hour";
- } else {
- $rnwltime=$rentme." Minute";
- }
- if ($rentme > 1){
- $rnwltime=$rnwltime."s";
- }
- }
- my $maxtme=0;
- my $maxtime="";
- if ($dhcpinfo{'REBINDTIME'} ne "") {
- $maxtme=$dhcpinfo{'REBINDTIME'};
- $maxtme=($maxtme/60);
- if ($maxtme > 59){
- $maxtme=($maxtme/60); $maxtime=$maxtme." Hour";
- } else {
- $maxtime=$maxtme." Minute";
- }
- if ($maxtme > 1) {
- $maxtime=$maxtime."s";
- }
- }
-
- print "<table width='100%'>";
- if ($dhcpinfo{'HOSTNAME'}) {
- print "<tr><td width='30%'>$Lang::tr{'hostname'}</td><td>$dhcpinfo{'HOSTNAME'}.$dhcpinfo{'DOMAIN'}</td></tr>\n";
- } else {
- print "<tr><td width='30%'>$Lang::tr{'domain'}</td><td>$dhcpinfo{'DOMAIN'}</td></tr>\n";
- }
- print <<END
- <tr><td>$Lang::tr{'gateway'}</td><td>$dhcpinfo{'GATEWAY'}</td></tr>
- <tr><td>$Lang::tr{'primary dns'}</td><td>$DNS1</td></tr>
- <tr><td>$Lang::tr{'secondary dns'}</td><td>$DNS2</td></tr>
- <tr><td>$Lang::tr{'dhcp server'}</td><td>$dhcpinfo{'DHCPSIADDR'}</td></tr>
- <tr><td>$Lang::tr{'def lease time'}</td><td>$leasetime</td></tr>
- <tr><td>$Lang::tr{'default renewal time'}</td><td>$rnwltime</td></tr>
- <tr><td>$Lang::tr{'max renewal time'}</td><td>$maxtime</td></tr>
- </table>
-END
- ;
- }
- else
- {
- print "$Lang::tr{'no dhcp lease'}";
- }
- &Header::closebox();
- }
-
- if ($dhcpsettings{'ENABLE_GREEN'} eq 'on' || $dhcpsettings{'ENABLE_BLUE'} eq 'on') {
- &Header::CheckSortOrder;
- &Header::PrintActualLeases;
- }
-
-} else {
-
- &Header::openbox('100%', 'left', $Lang::tr{'routing table entries'});
- $output = `/sbin/ip route show`;
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
-
- &Header::openbox('100%', 'left', $Lang::tr{'arp table entries'});
- $output = `/sbin/ip neigh show`;
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
-
-}
-
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-
-use strict;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %netsettings=();
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-my @networks=();
-my $filename = "${General::swroot}/firewall/customnetworks";
-&setup_default_networks();
-
-&Header::getcgihash(\%cgiparams);
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'add'}){
-
- &validateparams();
- unless($errormessage){
- $key++; # Add one to last sequence number
- open(FILE,">>$filename") or die 'Unable to open custom networks file.';
- flock FILE, 2;
- print FILE "$key,$cgiparams{'NAME'},$cgiparams{'IPADDRESS'},$cgiparams{'NETMASK'}\n";
- close(FILE);
- &General::log("$Lang::tr{'network added'}: $cgiparams{'NAME'}");
- undef %cgiparams;
- }
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'update'})
-{
- &validateparams();
- # Darren Critchley - If there is an error don't waste any more processing time
- if ($errormessage) { $cgiparams{'ACTION'} = $Lang::tr{'edit'}; goto UPD_ERROR; }
-
- unless($errormessage){
- open(FILE, $filename) or die 'Unable to open custom networks file.';
- my @current = <FILE>;
- close(FILE);
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- foreach my $line (@current) {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY'} eq $temp[0]) {
- print FILE "$cgiparams{'KEY'},$cgiparams{'NAME'},$cgiparams{'IPADDRESS'},$cgiparams{'NETMASK'}\n";
- } else {
- print FILE "$line\n";
- }
- }
- close(FILE);
- &General::log("$Lang::tr{'network updated'}: $cgiparams{'NAME'}");
- undef %cgiparams;
- }
-UPD_ERROR:
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'})
-{
- open(FILE, "$filename") or die 'Unable to open custom networks file.';
- my @current = <FILE>;
- close(FILE);
-
- unless ($errormessage)
- {
- foreach my $line (@current)
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY'} eq $temp[0]) {
- $cgiparams{'NAME'} = $temp[1];
- $cgiparams{'IPADDRESS'} = $temp[2];
- $cgiparams{'NETMASK'} = $temp[3];
- }
-
- }
- }
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'})
-{
- open(FILE, $filename) or die 'Unable to open custom networks file.';
- my @current = <FILE>;
- close(FILE);
-
- open(FILE, ">$filename") or die 'Unable to open custom networks file.';
- flock FILE, 2;
- foreach my $line (@current)
- {
- chomp($line);
- if ($line ne '') {
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY'} eq $temp[0]) {
- &General::log("$Lang::tr{'network removed'}: $temp[1]");
- } else {
- print FILE "$temp[0],$temp[1],$temp[2],$temp[3]\n";
- }
- }
- }
- close(FILE);
- undef %cgiparams;
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'reset'})
-{
- undef %cgiparams;
-}
-
-if ($cgiparams{'ACTION'} eq '')
-{
- $cgiparams{'KEY'} = '';
- $cgiparams{'IPADDRESS'} = '';
- $cgiparams{'NETMASK'} = '';
- $cgiparams{'NAME'} = '';
-}
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'networks settings'}, 1, '');
-
-&Header::openbigbox('100%', 'LEFT', '', $errormessage);
-
-# DEBUG DEBUG
-#&Header::openbox('100%', 'LEFT', 'DEBUG');
-#foreach $line (keys %cgiparams) {
-# print "<CLASS NAME='base'>$line = $cgiparams{$line}<BR>";
-#}
-#print "$ENV{'QUERY_STRING'}\n";
-#print " </CLASS>\n";
-#&Header::closebox();
-
-if ($errormessage) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
- print "<CLASS NAME='base'><FONT COLOR='${Header::colourred}'>$errormessage\n</FONT>";
- print " </CLASS>\n";
- &Header::closebox();
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}){
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'edit network'}:");
-} else {
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'add network'}:");
-}
-print <<END
-<FORM METHOD='POST'>
-<DIV ALIGN='CENTER'>
-<TABLE WIDTH='100%'>
-<TR align="center">
- <TD><strong>$Lang::tr{'name'}</strong></TD>
- <TD><strong>$Lang::tr{'ip address'}</strong></TD>
- <TD><strong>$Lang::tr{'netmask'}</strong></TD>
- <TD> </TD>
- <TD> </TD>
- <TD> </TD>
-</TR>
-<TR align="center">
- <TD>
- <INPUT TYPE='TEXT' NAME='NAME' VALUE='$cgiparams{'NAME'}' SIZE='20' MAXLENGTH='20'>
- </TD>
- <TD>
- <INPUT TYPE='TEXT' NAME='IPADDRESS' VALUE='$cgiparams{'IPADDRESS'}' SIZE='15' MAXLENGTH='15'>
- </TD>
- <TD>
- <INPUT TYPE='TEXT' NAME='NETMASK' VALUE='$cgiparams{'NETMASK'}' SIZE='15' MAXLENGTH='15'>
- </TD>
-END
-;
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}){
-# Darren Critchley - put in next release - author has authorized GPL inclusion
-# print "<TD ALIGN='CENTER'><a href='ipcalc.cgi' target='_blank'>IP Calculator</a></TD>\n";
- print "<TD ALIGN='CENTER'><INPUT TYPE='SUBMIT' NAME='ACTION' VALUE='$Lang::tr{'update'}'></TD>\n";
- print "<INPUT TYPE='HIDDEN' NAME='KEY' VALUE='$cgiparams{'KEY'}'>\n";
- print "<TD ALIGN='CENTER'><INPUT TYPE='SUBMIT' NAME='ACTION' VALUE='$Lang::tr{'reset'}'></TD>\n";
-} else {
-# Darren Critchley - put in next release - author has authorized GPL inclusion
-# print "<TD ALIGN='CENTER'><a href='ipcalc.cgi' target='_blank'>IP Calculator</a></TD>\n";
- print "<TD ALIGN='CENTER'><INPUT TYPE='SUBMIT' NAME='ACTION' VALUE='$Lang::tr{'add'}'></TD>\n";
- print "<TD ALIGN='CENTER'><INPUT TYPE='SUBMIT' NAME='ACTION' VALUE='$Lang::tr{'reset'}'></TD>\n";
-}
-print <<END
-</TR>
-</TABLE>
-</DIV>
-</FORM>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'LEFT', "$Lang::tr{'custom networks'}:");
-print <<END
-<DIV ALIGN='CENTER'>
-<TABLE WIDTH='100%' ALIGN='CENTER'>
-<TR align="center">
- <TD><strong>$Lang::tr{'name'}</strong></TD>
- <TD><strong>$Lang::tr{'ip address'}</strong></TD>
- <TD><strong>$Lang::tr{'netmask'}</strong></TD>
-</TR>
-END
-;
-&display_custom_networks();
-print <<END
-</TABLE>
-</DIV>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'LEFT', "$Lang::tr{'default networks'}:");
-print <<END
-<DIV ALIGN='CENTER'>
-<TABLE WIDTH='100%' ALIGN='CENTER'>
-<TR align="center">
- <TD><strong>$Lang::tr{'name'}</strong></TD>
- <TD><strong>$Lang::tr{'ip address'}</strong></TD>
- <TD><strong>$Lang::tr{'netmask'}</strong></TD>
-</TR>
-END
-;
-&display_default_networks();
-print <<END
-</TABLE>
-</DIV>
-END
-;
-&Header::closebox();
-
- print "$Lang::tr{'this feature has been sponsored by'} : ";
- print "<A HREF='http://www.kdi.ca/' TARGET='_blank'>Kobelt Development Inc.</A>.\n";
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub display_custom_networks
-{
- open(FILE, "$filename") or die 'Unable to open networks file.';
- my @current = <FILE>;
- close(FILE);
-
- my $id = 0;
- foreach $line (@current)
- {
- chomp($line);
- if ($line ne ''){
- my @temp = split(/\,/,$line);
- # Darren Critchley highlight the row we are editing
- if ( $cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'KEY'} eq $temp[0] ) {
- print "<TR BGCOLOR='${Header::colouryellow}'>\n";
- } else {
- if ($id % 2) {
- print "<TR BGCOLOR='${Header::table1colour}'>\n";
- } else {
- print "<TR BGCOLOR='${Header::table2colour}'>\n";
- }
- }
- print "<TD>$temp[1]</TD>\n";
- print "<TD ALIGN='CENTER'>$temp[2]</TD>\n";
- print "<TD ALIGN='CENTER'>$temp[3]</TD>\n";
- print <<END
-<FORM METHOD='POST' NAME='frm$temp[0]'>
-<TD ALIGN='CENTER'>
- <INPUT TYPE='hidden' NAME='ACTION' VALUE='$Lang::tr{'edit'}'>
- <INPUT TYPE='image' NAME='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' width='20' height='20' border='0'>
- <INPUT TYPE='hidden' NAME='KEY' VALUE='$temp[0]'>
-</TD>
-</FORM>
-<FORM METHOD='POST' NAME='frm$temp[0]b'>
-<TD ALIGN='CENTER'>
- <INPUT TYPE='hidden' NAME='ACTION' VALUE='$Lang::tr{'remove'}'>
- <INPUT TYPE='image' NAME='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' width='20' height='20' border='0'>
- <INPUT TYPE='hidden' NAME='KEY' VALUE='$temp[0]'>
-</TD>
-</FORM>
-END
-;
- print "</TR>\n";
- $id++;
- }
- }
-}
-
-sub display_default_networks
-{
- foreach $line (sort @networks)
- {
- my @temp = split(/\,/,$line);
- if ($id % 2) {
- print "<TR BGCOLOR='${Header::table1colour}'>\n";
- } else {
- print "<TR BGCOLOR='${Header::table2colour}'>\n";
- }
- print "<TD>$temp[0]</TD>\n";
- print "<TD ALIGN='CENTER'>$temp[1]</TD>\n";
- print "<TD ALIGN='CENTER'>$temp[2]</TD>\n";
- print "</TR>\n";
- $id++;
- }
-}
-
-sub setup_default_networks
-{
- # Get current defined networks (Red, Green, Blue, Orange)
- my $line = "Any,0.0.0.0,0.0.0.0";
- push (@networks, $line);
- $line = "localhost,127.0.0.1,255.255.255.255";
- push (@networks, $line);
- $line = "localnet,127.0.0.0,255.0.0.0";
- push (@networks, $line);
- $line = "Private Network 10.0.0.0,10.0.0.0,255.0.0.0";
- push (@networks, $line);
- $line = "Private Network 172.16.0.0,172.16.0.0,255.240.0.0";
- push (@networks, $line);
- $line = "Private Network 192.168.0.0,192.168.0.0,255.255.0.0";
- push (@networks, $line);
-
- my $red_address=`cat ${General::swroot}/red/local-ipaddress`;
- $line = "Red Address,$red_address,";
- push (@networks, $line);
-
- $line = "Green Address,$netsettings{'GREEN_ADDRESS'},255.255.255.255";
- push (@networks, $line);
- $line = "Green Network,$netsettings{'GREEN_NETADDRESS'},$netsettings{'GREEN_NETMASK'}";
- push (@networks, $line);
-
- if ($netsettings{'ORANGE_DEV'}ne ''){
- $line = "Orange Address,$netsettings{'ORANGE_ADDRESS'},255.255.255.255";
- push (@networks, $line);
- $line = "Orange Network,$netsettings{'ORANGE_NETADDRESS'},$netsettings{'ORANGE_NETMASK'}";
- push (@networks, $line);
- }
-
- if ($netsettings{'BLUE_DEV'}ne ''){
- $line = "Blue Address,$netsettings{'BLUE_ADDRESS'},255.255.255.255";
- push (@networks, $line);
- $line = "Blue Network,$netsettings{'BLUE_NETADDRESS'},$netsettings{'BLUE_NETMASK'}";
- push (@networks, $line);
- }
- open(FILE, "${General::swroot}/ethernet/aliases") or die 'Unable to open aliases file.';
- my @current = <FILE>;
- close(FILE);
- my $ctr = 0;
- foreach my $lne (@current)
- {
- if ($lne ne ''){
- chomp($lne);
- my @temp = split(/\,/,$lne);
- if ($temp[2] eq '') {
- $temp[2] = "Alias $ctr : $temp[0]";
- }
- $line = "$temp[2],$temp[0],";
- push (@networks, $line);
- $ctr++;
- }
- }
-}
-
-# Validate Field Entries
-sub validateparams
-{
- if ($cgiparams{'NAME'} eq '') {
- $errormessage = $Lang::tr{'nonetworkname'};
- return;
- }
- $cgiparams{'NAME'}=&Header::cleanhtml($cgiparams{'NAME'});
- unless(&General::validip($cgiparams{'IPADDRESS'})){$errormessage = $Lang::tr{'invalid ip'}; }
- unless($errormessage){
- my @tmp = split(/\./,$cgiparams{'IPADDRESS'});
- if ($cgiparams{'NETMASK'} eq '' && $tmp[3] ne '255' && $tmp[3] ne '0'){
- $cgiparams{'NETMASK'} = "255.255.255.255";
- }
- }
- unless(&General::validmask($cgiparams{'NETMASK'})){$errormessage = $Lang::tr{'subnet is invalid'}; }
-
- open(FILE, $filename) or die 'Unable to open custom network file.';
- my @current = <FILE>;
- close(FILE);
- foreach my $line (@current)
- {
- chomp($line);
- if ($line ne '') {
- my @temp = split(/\,/,$line);
- if ($cgiparams{'NAME'} eq $temp[1] && $cgiparams{'KEY'} ne $temp[0]) {
- $errormessage=$Lang::tr{'duplicate name'};
- return;
- }
- $key=$temp[0];
- }
- }
- foreach $line (@networks)
- {
- my @temp = split(/\,/,$line);
- if ($cgiparams{'NAME'} eq $temp[0]) {
- $errormessage=$Lang::tr{'duplicate name'};
- return;
- }
- }
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %outfwsettings = ();
-my %checked = ();
-my %selected= () ;
-my %netsettings = ();
-my $errormessage = "";
-my $configentry = "";
-my @configs = ();
-my @configline = ();
-my $p2pentry = "";
-my @p2ps = ();
-my @p2pline = ();
-
-my $configfile = "/var/ipfire/outgoing/rules";
-my $p2pfile = "/var/ipfire/outgoing/p2protocols";
-my $servicefile = "/var/ipfire/outgoing/defaultservices";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-&Header::showhttpheaders();
-
-### Values that have to be initialized
-$outfwsettings{'ACTION'} = '';
-$outfwsettings{'VALID'} = 'yes';
-$outfwsettings{'EDIT'} = 'no';
-$outfwsettings{'NAME'} = '';
-$outfwsettings{'SNET'} = '';
-$outfwsettings{'SIP'} = '';
-$outfwsettings{'SPORT'} = '';
-$outfwsettings{'SMAC'} = '';
-$outfwsettings{'DIP'} = '';
-$outfwsettings{'DPORT'} = '';
-$outfwsettings{'PROT'} = '';
-$outfwsettings{'STATE'} = '';
-$outfwsettings{'DISPLAY_DIP'} = '';
-$outfwsettings{'DISPLAY_DPORT'} = '';
-$outfwsettings{'DISPLAY_SMAC'} = '';
-$outfwsettings{'DISPLAY_SIP'} = '';
-$outfwsettings{'POLICY'} = 'MODE0';
-
-&General::readhash("${General::swroot}/outgoing/settings", \%outfwsettings);
-&Header::getcgihash(\%outfwsettings);
-
-if ($outfwsettings{'POLICY'} eq 'MODE0'){ $selected{'POLICY'}{'MODE0'} = 'selected'; } else { $selected{'POLICY'}{'MODE0'} = ''; }
-if ($outfwsettings{'POLICY'} eq 'MODE1'){ $selected{'POLICY'}{'MODE1'} = 'selected'; } else { $selected{'POLICY'}{'MODE1'} = ''; }
-if ($outfwsettings{'POLICY'} eq 'MODE2'){ $selected{'POLICY'}{'MODE2'} = 'selected'; } else { $selected{'POLICY'}{'MODE2'} = ''; }
-
-&Header::openpage('Ausgehende Firewall', 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-############################################################################################################################
-############################################################################################################################
-
-if ($outfwsettings{'ACTION'} eq $Lang::tr{'reset'})
-{
- $outfwsettings{'POLICY'}='MODE0';
- unlink $configfile;
- system("/usr/bin/touch $configfile");
- my $MODE = $outfwsettings{'POLICY'};
- %outfwsettings = ();
- $outfwsettings{'POLICY'} = "$MODE";
- &General::writehash("${General::swroot}/outgoing/settings", \%outfwsettings);
-}
-if ($outfwsettings{'ACTION'} eq $Lang::tr{'save'})
-{
- my $MODE = $outfwsettings{'POLICY'};
- %outfwsettings = ();
- $outfwsettings{'POLICY'} = "$MODE";
- &General::writehash("${General::swroot}/outgoing/settings", \%outfwsettings);
- system("/usr/local/bin/outgoingfwctrl");
-}
-if ($outfwsettings{'ACTION'} eq 'enable')
-{
- open( FILE, "< $p2pfile" ) or die "Unable to read $p2pfile";
- @p2ps = <FILE>;
- close FILE;
- open( FILE, "> $p2pfile" ) or die "Unable to write $p2pfile";
- foreach $p2pentry (sort @p2ps)
- {
- @p2pline = split( /\;/, $p2pentry );
- if ($p2pline[1] eq $outfwsettings{'P2PROT'}) {
- print FILE "$p2pline[0];$p2pline[1];on;\n";
- } else {
- print FILE "$p2pline[0];$p2pline[1];$p2pline[2];\n";
- }
- }
- close FILE;
- system("/usr/local/bin/outgoingfwctrl");
-}
-if ($outfwsettings{'ACTION'} eq 'disable')
-{
- open( FILE, "< $p2pfile" ) or die "Unable to read $p2pfile";
- @p2ps = <FILE>;
- close FILE;
- open( FILE, "> $p2pfile" ) or die "Unable to write $p2pfile";
- foreach $p2pentry (sort @p2ps)
- {
- @p2pline = split( /\;/, $p2pentry );
- if ($p2pline[1] eq $outfwsettings{'P2PROT'}) {
- print FILE "$p2pline[0];$p2pline[1];off;\n";
- } else {
- print FILE "$p2pline[0];$p2pline[1];$p2pline[2];\n";
- }
- }
- close FILE;
- system("/usr/local/bin/outgoingfwctrl");
-}
-if ($outfwsettings{'ACTION'} eq $Lang::tr{'edit'})
-{
- open( FILE, "< $configfile" ) or die "Unable to read $configfile";
- @configs = <FILE>;
- close FILE;
- open( FILE, "> $configfile" ) or die "Unable to write $configfile";
- foreach $configentry (sort @configs)
- {
- @configline = split( /\;/, $configentry );
- unless (($configline[0] eq $outfwsettings{'STATE'}) &&
- ($configline[1] eq $outfwsettings{'ENABLED'}) &&
- ($configline[2] eq $outfwsettings{'SNET'}) &&
- ($configline[3] eq $outfwsettings{'PROT'}) &&
- ($configline[4] eq $outfwsettings{'NAME'}) &&
- ($configline[5] eq $outfwsettings{'SIP'}) &&
- ($configline[6] eq $outfwsettings{'SMAC'}) &&
- ($configline[7] eq $outfwsettings{'DIP'}) &&
- ($configline[9] eq $outfwsettings{'LOG'}) &&
- ($configline[8] eq $outfwsettings{'DPORT'}))
- {
- print FILE $configentry;
- }
- }
- close FILE;
- $selected{'SNET'}{"$outfwsettings{'SNET'}"} = 'selected';
- $selected{'PROT'}{"$outfwsettings{'PROT'}"} = 'selected';
- $selected{'LOG'}{"$outfwsettings{'LOG'}"} = 'selected';
- &addrule();
- &Header::closebigbox();
- &Header::closepage();
- exit
- system("/usr/local/bin/outgoingfwctrl");
-}
-if ($outfwsettings{'ACTION'} eq $Lang::tr{'delete'})
-{
- open( FILE, "< $configfile" ) or die "Unable to read $configfile";
- @configs = <FILE>;
- close FILE;
- open( FILE, "> $configfile" ) or die "Unable to write $configfile";
- foreach $configentry (sort @configs)
- {
- @configline = split( /\;/, $configentry );
- unless (($configline[0] eq $outfwsettings{'STATE'}) &&
- ($configline[1] eq $outfwsettings{'ENABLED'}) &&
- ($configline[2] eq $outfwsettings{'SNET'}) &&
- ($configline[3] eq $outfwsettings{'PROT'}) &&
- ($configline[4] eq $outfwsettings{'NAME'}) &&
- ($configline[5] eq $outfwsettings{'SIP'}) &&
- ($configline[6] eq $outfwsettings{'SMAC'}) &&
- ($configline[7] eq $outfwsettings{'DIP'}) &&
- ($configline[9] eq $outfwsettings{'LOG'}) &&
- ($configline[8] eq $outfwsettings{'DPORT'}))
- {
- print FILE $configentry;
- }
- }
- close FILE;
- system("/usr/local/bin/outgoingfwctrl");
-}
-if ($outfwsettings{'ACTION'} eq $Lang::tr{'add'})
-{
- if ( $outfwsettings{'VALID'} eq 'yes' ) {
- open( FILE, ">> $configfile" ) or die "Unable to write $configfile";
- print FILE <<END
-$outfwsettings{'STATE'};$outfwsettings{'ENABLED'};$outfwsettings{'SNET'};$outfwsettings{'PROT'};$outfwsettings{'NAME'};$outfwsettings{'SIP'};$outfwsettings{'SMAC'};$outfwsettings{'DIP'};$outfwsettings{'DPORT'};$outfwsettings{'LOG'};
-END
-;
- close FILE;
- system("/usr/local/bin/outgoingfwctrl");
- } else {
- $outfwsettings{'ACTION'} = 'Add rule';
- }
-}
-if ($outfwsettings{'ACTION'} eq 'Add rule')
-{
- &addrule();
- exit
-}
-
-&General::readhash("${General::swroot}/outgoing/settings", \%outfwsettings);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
-}
-
-############################################################################################################################
-############################################################################################################################
-
-if ($outfwsettings{'POLICY'} ne 'MODE0'){
- &Header::openbox('100%', 'center', 'Rules');
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='submit' name='ACTION' value='Add rule' />
- </form>
-END
-;
- open( FILE, "< $configfile" ) or die "Unable to read $configfile";
- @configs = <FILE>;
- close FILE;
- if (@configs) {
- print <<END
- <hr />
- <table border='0' width='100%' cellspacing='0'>
- <tr bgcolor='$color{'color22'}'>
- <td width='14%' align='center'><b>Protokoll</b>
- <td width='14%' align='center'><b>Netzwerk</b>
- <td width='14%' align='center'><b>Ziel</b>
- <td width='14%' align='center'><b>Anmerkung</b>
- <td width='14%' align='center'><b>Politik</b>
- <td width='16%' align='center'><b>Logging</b>
- <td width='14%' align='center'><b>Aktionen</b>
-END
-;
- foreach $configentry (sort @configs)
- {
- @configline = split( /\;/, $configentry );
- $outfwsettings{'STATE'} = $configline[0];
- $outfwsettings{'ENABLED'} = $configline[1];
- $outfwsettings{'SNET'} = $configline[2];
- $outfwsettings{'PROT'} = $configline[3];
- $outfwsettings{'NAME'} = $configline[4];
- $outfwsettings{'SIP'} = $configline[5];
- $outfwsettings{'SMAC'} = $configline[6];
- $outfwsettings{'DIP'} = $configline[7];
- $outfwsettings{'DPORT'} = $configline[8];
- $outfwsettings{'LOG'} = $configline[9];
- if ($outfwsettings{'DIP'} eq ''){ $outfwsettings{'DISPLAY_DIP'} = 'ALL'; } else { $outfwsettings{'DISPLAY_DIP'} = $outfwsettings{'DIP'}; }
- if ($outfwsettings{'DPORT'} eq ''){ $outfwsettings{'DISPLAY_DPORT'} = 'ALL'; } else { $outfwsettings{'DISPLAY_DPORT'} = $outfwsettings{'DPORT'}; }
- if ($outfwsettings{'STATE'} eq 'DENY'){ $outfwsettings{'DISPLAY_STATE'} = "<img src='/images/stock_stop.png' alt='DENY' />"; }
- if ($outfwsettings{'STATE'} eq 'ALLOW'){ $outfwsettings{'DISPLAY_STATE'} = "<img src='/images/stock_ok.png' alt='ALLOW' />"; }
- if ((($outfwsettings{'POLICY'} eq 'MODE1') && ($outfwsettings{'STATE'} eq 'ALLOW')) || (($outfwsettings{'POLICY'} eq 'MODE2') && ($outfwsettings{'STATE'} eq 'DENY'))){
- print <<END
- <tr bgcolor='$color{'color20'}'>
- <td align='center'>$outfwsettings{'PROT'}
- <td align='center'>$outfwsettings{'SNET'}
- <td align='center'>$outfwsettings{'DISPLAY_DIP'}:$outfwsettings{'DISPLAY_DPORT'}
- <td align='center'>$outfwsettings{'NAME'}
- <td align='center'>$outfwsettings{'DISPLAY_STATE'}
- <td align='center'>$outfwsettings{'LOG'}
- <td align='center'>
- <table border='0' cellpadding='0' cellspacing='0'><tr>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='PROT' value='$outfwsettings{'PROT'}' />
- <input type='hidden' name='STATE' value='$outfwsettings{'STATE'}' />
- <input type='hidden' name='SNET' value='$outfwsettings{'SNET'}' />
- <input type='hidden' name='DPORT' value='$outfwsettings{'DPORT'}' />
- <input type='hidden' name='DIP' value='$outfwsettings{'DIP'}' />
- <input type='hidden' name='SIP' value='$outfwsettings{'SIP'}' />
- <input type='hidden' name='NAME' value='$outfwsettings{'NAME'}' />
- <input type='hidden' name='SMAC' value='$outfwsettings{'SMAC'}' />
- <input type='hidden' name='ENABLED' value='$outfwsettings{'ENABLED'}' />
- <input type='hidden' name='LOG' value='$outfwsettings{'LOG'}' />
- <input type='hidden' name='ACTION' value=$Lang::tr{'edit'} />
- <input type='image' src='/images/edit.gif' width="20" height="20" alt=$Lang::tr{'edit'} />
- </form>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='PROT' value='$outfwsettings{'PROT'}' />
- <input type='hidden' name='STATE' value='$outfwsettings{'STATE'}' />
- <input type='hidden' name='SNET' value='$outfwsettings{'SNET'}' />
- <input type='hidden' name='DPORT' value='$outfwsettings{'DPORT'}' />
- <input type='hidden' name='DIP' value='$outfwsettings{'DIP'}' />
- <input type='hidden' name='SIP' value='$outfwsettings{'SIP'}' />
- <input type='hidden' name='NAME' value='$outfwsettings{'NAME'}' />
- <input type='hidden' name='SMAC' value='$outfwsettings{'SMAC'}' />
- <input type='hidden' name='ENABLED' value='$outfwsettings{'ENABLED'}' />
- <input type='hidden' name='LOG' value='$outfwsettings{'LOG'}' />
- <input type='hidden' name='ACTION' value=$Lang::tr{'delete'} />
- <input type='image' src='/images/delete.gif' width="20" height="20" alt=$Lang::tr{'delete'} />
- </form></table>
-END
-;
- if (($outfwsettings{'SIP'}) || ($outfwsettings{'SMAC'})) {
- unless ($outfwsettings{'SIP'}) { $outfwsettings{'DISPLAY_SIP'} = 'ALL'; } else { $outfwsettings{'DISPLAY_SIP'} = $outfwsettings{'SIP'}; }
- unless ($outfwsettings{'SMAC'}) { $outfwsettings{'DISPLAY_SMAC'} = 'ALL'; } else { $outfwsettings{'DISPLAY_SMAC'} = $outfwsettings{'SMAC'}; }
- print <<END
- <tr><td width='14%' align='right'>Quell-IP-Adresse:
- <td width='14%' align='left'>$outfwsettings{'DISPLAY_SIP'}
- <td width='14%' align='right'>Quell-MAC-Adresse:
- <td width='14%' align='left'>$outfwsettings{'DISPLAY_SMAC'}
- <td width='44%' colspan='2' align='center'>
-END
-;
- }
- print <<END
- </form>
-END
-;
- }
- }
- print <<END
- </table>
-END
-;
-
- }
- &Header::closebox();
-}
-
-if ($outfwsettings{'POLICY'} ne 'MODE0'){
- open( FILE, "< $p2pfile" ) or die "Unable to read $p2pfile";
- @p2ps = <FILE>;
- close FILE;
- &Header::openbox('100%', 'center', 'P2P-Block');
- print <<END
- <table width='40%'>
- <tr bgcolor='$color{'color22'}'><td width='66%' align=center><b>Protokoll</b>
- <td width='33%' align=center><b>Status</b>
-END
-;
- my $id = 1;
- foreach $p2pentry (sort @p2ps)
- {
- @p2pline = split( /\;/, $p2pentry );
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
-END
-;
- print "\t\t\t<tr bgcolor='$color{'color20'}'>\n";
- print <<END
- <td width='66%' align='center'>$p2pline[0]:
- <td width='33%' align='center'><input type='hidden' name='P2PROT' value='$p2pline[1]' />
-END
-;
- if ($p2pline[2] eq 'on') {
- print <<END
- <input type='hidden' name='ACTION' value='disable' />
- <input type='image' name='submit' src='/images/stock_ok.png' alt='' />
-END
-;
- } else {
- print <<END
- <input type='hidden' name='ACTION' value='enable' />
- <input type='image' name='submit' src='/images/stock_stop.png' alt='' />
-END
-;
- }
- print <<END
- </form>
-END
-;
- }
- print <<END
- </table>
- <br />Klicken Sie auf die Symbole um das entsprechende iptables P2P-Blockmodul zu (de-)aktivieren.
-END
-;
- &Header::closebox();
-}
-
-&Header::openbox('100%', 'center', 'Policy');
-print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='100%'>
- <tr><td width='10%' align='left'><b>Modus 0:</b><td width='90%' align='left' colspan='2'>In diesem Modus ist es allen Rechnern im Netzwerk uneingeschraenkt moeglich Verbindungen ins Internet aufzubauen.</td></tr>
- <tr><td width='10%' align='left'><b>Modus 1:</b><td width='90%' align='left' colspan='2'>In diesem Modus werden nur Verbindungen nach den oben definierten Regeln zugelassen.</td></tr>
- <tr><td width='10%' align='left'><b>Modus 2:</b><td width='90%' align='left' colspan='2'>In diesem Modus werden saemtliche Verbindungen erlaubt, bis auf die oben definierten Block-Regeln.</td></tr>
- <tr><td colspan='3'><hr /></td></tr>
- <tr><td width='10%' align='left'> <select name='POLICY' style="width: 85px"><option value='MODE0' $selected{'POLICY'}{'MODE0'}>Modus 0</option><option value='MODE1' $selected{'POLICY'}{'MODE1'}>Modus 1</option><option value='MODE2' $selected{'POLICY'}{'MODE2'}>Modus 2</option></select>
- <td width='45%' align='left'><input type='submit' name='ACTION' value=$Lang::tr{'save'} />
- <td width='45%' align='left'>
-END
-;
- if ($outfwsettings{'POLICY'} ne 'MODE0') {
- print <<END
- Alle Regeln loeschen: <input type='submit' name='ACTION' value=$Lang::tr{'reset'} />
-END
-;
- }
-print <<END
- </table>
- </form>
-END
-;
-&Header::closebox();
-
-&Header::closebigbox();
-&Header::closepage();
-
-############################################################################################################################
-############################################################################################################################
-
-sub addrule
-{
- &Header::openbox('100%', 'center', 'Rules hinzufuegen');
- if ($outfwsettings{'EDIT'} eq 'no') { $selected{'ENABLED'} = 'checked'; }
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='80%'>
- <tr><td width='20%' align='right'>Anmerkung: <img src='/blob.gif' />
- <td width='30%' align='left'><input type='text' name='NAME' maxlength='30' value='$outfwsettings{'NAME'}' />
- <td width='20%' align='right'>Aktiviert:
- <td width='30%' align='left'><input type='checkbox' name='ENABLED' $selected{'ENABLED'} />
- <tr><td width='20%' align='right'>Protokoll:
- <td width='30%' align='left'><select name='PROT'><option value='tcp' $selected{'PROT'}{'tcp'}>TCP</option><option value='tcp&udp' $selected{'PROT'}{'tcp&udp'}>TCP & UDP</option><option value='udp' $selected{'PROT'}{'udp'}>UDP</option></select>
- <td width='20%' align='right'>Sicherheitspolitik:
- <td width='30%' align='left'>
-END
-;
- if ($outfwsettings{'POLICY'} eq 'MODE1'){
- print "\t\t\tALLOW<input type='hidden' name='STATE' value='ALLOW' />\n";
- } elsif ($outfwsettings{'POLICY'} eq 'MODE2'){
- print "\t\t\tDENY<input type='hidden' name='STATE' value='DENY' />\n";
- }
- print <<END
- <tr><td width='20%' align='right'>Quellnetz:
- <td width='30%' align='left'><select name='SNET'>
- <option value='all' $selected{'SNET'}{'ALL'}>alle</option>
- <option value='ip' $selected{'SNET'}{'ip'}>Quell-IP/MAC benutzen</option>
- <option value='green' $selected{'SNET'}{'green'}>$Lang::tr{'green'}</option>
-END
-;
- if (&Header::blue_used()){
- print "\t\t\t<option value='blue' $selected{'SNET'}{'blue'}>$Lang::tr{'wireless'}</option>\n";
- }
- if (&Header::orange_used()){
- print "\t\t\t<option value='orange' $selected{'SNET'}{'orange'}>$Lang::tr{'dmz'}</option>\n";
- }
- print <<END
- </select>
- <td width='20%' align='right'>Quell-IP-Adresse: <img src='/blob.gif' />
- <td width='30%' align='left'><input type='text' name='SIP' maxlength='15' value='$outfwsettings{'SIP'}' />
- <tr><td width='20%' align='right'>Logging:
- <td width='30%' align='left'><select name='LOG'><option value='$Lang::tr{'active'}' $selected{'LOG'}{$Lang::tr{'active'}}>$Lang::tr{'active'}</option><option value='$Lang::tr{'inactive'}' $selected{'LOG'}{$Lang::tr{'inactive'}}>$Lang::tr{'inactive'}</option></select></td>
- <td width='20%' align='right'>Quell-MAC-Adresse: <img src='/blob.gif' />
- <td width='30%' align='left'><input type='text' name='SMAC' maxlength='23' value='$outfwsettings{'SMAC'}' />
- <tr><td width='20%' align='right'>Ziel-IP-Adresse: <img src='/blob.gif' />
- <td width='30%' align='left'><input type='text' name='DIP' maxlength='15' value='$outfwsettings{'DIP'}' />
- <td width='20%' align='right'>Ziel-Port: <img src='/blob.gif' />
- <td width='30%' align='left'><input type='text' name='DPORT' maxlength='11' value='$outfwsettings{'DPORT'}' />
- <tr><td colspan='4'>
- <tr><td width='40%' align='right' colspan='2'><img src='/blob.gif' />$Lang::tr{'this field may be blank'}
- <td width='60%' align='left' colspan='2'><input type='submit' name='ACTION' value=$Lang::tr{'add'} />
- </table></form>
-END
-;
- &Header::closebox();
-
-if ($outfwsettings{'POLICY'} eq 'MODE1' || $outfwsettings{'POLICY'} eq 'MODE2')
-{
-&Header::openbox('100%', 'center', 'Quick Add');
-
- open( FILE, "< /var/ipfire/outgoing/defaultservices" ) or die "Unable to read default services";
- my @defservices = <FILE>;
- close FILE;
-
-print "<table width='100%'><tr bgcolor='$color{'color20'}'><td><b>$Lang::tr{'service'}</b></td><td><b>$Lang::tr{'description'}</b></td><td><b>$Lang::tr{'port'}</b></td><td><b>$Lang::tr{'protocol'}</b></td><td><b>$Lang::tr{'source net'}</b></td><td><b>$Lang::tr{'logging'}</b></td><td></td></tr>";
-foreach my $serviceline(@defservices)
- {
- my @service = split(/,/,$serviceline);
- print <<END
- <tr><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <td>$service[0]<input type='hidden' name='NAME' value='@service[0]' /></td>
- <td>$service[3]</td>
- <td><a href='http://isc.sans.org/port_details.php?port=$service[1]' target='top'>$service[1]</a><input type='hidden' name='DPORT' value='@service[1]' /></td>
- <td>$service[2]<input type='hidden' name='PROT' value='@service[2]' /></td>
- <td><select name='SNET'><option value='all' $selected{'SNET'}{'ALL'}>$Lang::tr{'all'}</option><option value='green' $selected{'SNET'}{'green'}>$Lang::tr{'green'}</option>
-END
-;
- if (&Header::blue_used()){
- print "<option value='blue' $selected{'SNET'}{'blue'}>$Lang::tr{'wireless'}</option>";
- }
- if (&Header::orange_used()){
- print "<option value='orange' $selected{'SNET'}{'orange'}>$Lang::tr{'dmz'}</option>";
- }
- print <<END
- </select></td>
- <td><select name='LOG'><option value='$Lang::tr{'active'}'>$Lang::tr{'active'}</option><option value='$Lang::tr{'inactive'}' 'selected'>$Lang::tr{'inactive'}</option></select></td><td>
- <input type='hidden' name='ACTION' value=$Lang::tr{'add'} />
- <input type='image' alt='$Lang::tr{'add'}' src='/images/add.gif' />
- <input type='hidden' name='ENABLED' value='on' />
-END
-;
- if ($outfwsettings{'POLICY'} eq 'MODE1'){ print "<input type='hidden' name='STATE' value='ALLOW' /></form></td></tr>";}
- elsif ($outfwsettings{'POLICY'} eq 'MODE2'){print "<input type='hidden' name='STATE' value='DENY' /></form></td></tr>";}
- }
- print "</table>";
- &Header::closebox();
- }
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use CGI;
-use CGI qw/:standard/;
-use Net::DNS;
-use File::Copy;
-use File::Temp qw/ tempfile tempdir /;
-use strict;
-use Archive::Zip qw(:ERROR_CODES :CONSTANTS);
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/countries.pl";
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colourgreen} );
-undef (@dummy);
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-###
-### Initialize variables
-###
-my %netsettings=();
-my %cgiparams=();
-my %vpnsettings=();
-my %checked=();
-my %confighash=();
-my %cahash=();
-my %selected=();
-my $warnmessage = '';
-my $errormessage = '';
-my %settings=();
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-$cgiparams{'ENABLED'} = 'off';
-$cgiparams{'ENABLED_BLUE'} = 'off';
-$cgiparams{'ENABLED_ORANGE'} = 'off';
-$cgiparams{'EDIT_ADVANCED'} = 'off';
-$cgiparams{'NAT'} = 'off';
-$cgiparams{'COMPRESSION'} = 'off';
-$cgiparams{'ONLY_PROPOSED'} = 'off';
-$cgiparams{'ACTION'} = '';
-$cgiparams{'CA_NAME'} = '';
-$cgiparams{'DHCP_DOMAIN'} = '';
-$cgiparams{'DHCP_DNS'} = '';
-$cgiparams{'DHCP_WINS'} = '';
-$cgiparams{'DCOMPLZO'} = 'off';
-&Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
-
-# prepare openvpn config file
-###
-### Useful functions
-###
-sub haveOrangeNet
-{
- if ($netsettings{'CONFIG_TYPE'} == 2) {return 1;}
- if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
- return 0;
-}
-
-sub haveBlueNet
-{
- if ($netsettings{'CONFIG_TYPE'} == 3) {return 1;}
- if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
- return 0;
-}
-
-sub sizeformat{
- my $bytesize = shift;
- my $i = 0;
-
- while(abs($bytesize) >= 1024){
- $bytesize=$bytesize/1024;
- $i++;
- last if($i==6);
- }
-
- my @units = ("Bytes","KB","MB","GB","TB","PB","EB");
- my $newsize=(int($bytesize*100 +0.5))/100;
- return("$newsize $units[$i]");
-}
-
-sub valid_dns_host {
- my $hostname = $_[0];
- unless ($hostname) { return "No hostname"};
- my $res = new Net::DNS::Resolver;
- my $query = $res->search("$hostname");
- if ($query) {
- foreach my $rr ($query->answer) {
- ## Potential bug - we are only looking at A records:
- return 0 if $rr->type eq "A";
- }
- } else {
- return $res->errorstring;
- }
-}
-
-sub cleanssldatabase
-{
- if (open(FILE, ">${General::swroot}/ovpn/certs/serial")) {
- print FILE "01";
- close FILE;
- }
- if (open(FILE, ">${General::swroot}/ovpn/certs/index.txt")) {
- print FILE "";
- close FILE;
- }
- unlink ("${General::swroot}/ovpn/certs/index.txt.old");
- unlink ("${General::swroot}/ovpn/certs/serial.old");
- unlink ("${General::swroot}/ovpn/certs/01.pem");
-}
-
-sub newcleanssldatabase
-{
- if (! -s "${General::swroot}/ovpn/certs/serial" ) {
- open(FILE, ">${General::swroot}(ovpn/certs/serial");
- print FILE "01";
- close FILE;
- }
- if (! -s ">${General::swroot}/ovpn/certs/index.txt") {
- system ("touch ${General::swroot}/ovpn/certs/index.txt");
- }
- unlink ("${General::swroot}/ovpn/certs/index.txt.old");
- unlink ("${General::swroot}/ovpn/certs/serial.old");
-}
-
-sub deletebackupcert
-{
- if (open(FILE, "${General::swroot}/ovpn/certs/serial.old")) {
- my $hexvalue = <FILE>;
- chomp $hexvalue;
- close FILE;
- unlink ("${General::swroot}/ovpn/certs/$hexvalue.pem");
- }
-}
-
-sub checkportfw {
- my $KEY2 = $_[0]; # key2
- my $SRC_PORT = $_[1]; # src_port
- my $PROTOCOL = $_[2]; # protocol
- my $SRC_IP = $_[3]; # sourceip
-
- my $pfwfilename = "${General::swroot}/portfw/config";
- open(FILE, $pfwfilename) or die 'Unable to open config file.';
- my @pfwcurrent = <FILE>;
- close(FILE);
- my $pfwkey1 = 0; # used for finding last sequence number used
- foreach my $pfwline (@pfwcurrent)
- {
- my @pfwtemp = split(/\,/,$pfwline);
-
- chomp ($pfwtemp[8]);
- if ($KEY2 eq "0"){ # if key2 is 0 then it is a portfw addition
- if ( $SRC_PORT eq $pfwtemp[3] &&
- $PROTOCOL eq $pfwtemp[2] &&
- $SRC_IP eq $pfwtemp[7])
- {
- $errormessage = "$Lang::tr{'source port in use'} $SRC_PORT";
- }
- # Check if key2 = 0, if it is then it is a port forward entry and we want the sequence number
- if ( $pfwtemp[1] eq "0") {
- $pfwkey1=$pfwtemp[0];
- }
- # Darren Critchley - Duplicate or overlapping Port range check
- if ($pfwtemp[1] eq "0" &&
- $PROTOCOL eq $pfwtemp[2] &&
- $SRC_IP eq $pfwtemp[7] &&
- $errormessage eq '')
- {
- &portchecks($SRC_PORT, $pfwtemp[5]);
-# &portchecks($pfwtemp[3], $pfwtemp[5]);
-# &portchecks($pfwtemp[3], $SRC_IP);
- }
- }
- }
-# $errormessage="$KEY2 $SRC_PORT $PROTOCOL $SRC_IP";
-
- return;
-}
-
-sub checkportoverlap
-{
- my $portrange1 = $_[0]; # New port range
- my $portrange2 = $_[1]; # existing port range
- my @tempr1 = split(/\:/,$portrange1);
- my @tempr2 = split(/\:/,$portrange2);
-
- unless (&checkportinc($tempr1[0], $portrange2)){ return 0;}
- unless (&checkportinc($tempr1[1], $portrange2)){ return 0;}
-
- unless (&checkportinc($tempr2[0], $portrange1)){ return 0;}
- unless (&checkportinc($tempr2[1], $portrange1)){ return 0;}
-
- return 1; # Everything checks out!
-}
-
-# Darren Critchley - we want to make sure that a port entry is not within an already existing range
-sub checkportinc
-{
- my $port1 = $_[0]; # Port
- my $portrange2 = $_[1]; # Port range
- my @tempr1 = split(/\:/,$portrange2);
-
- if ($port1 < $tempr1[0] || $port1 > $tempr1[1]) {
- return 1;
- } else {
- return 0;
- }
-}
-# Darren Critchley - Duplicate or overlapping Port range check
-sub portchecks
-{
- my $p1 = $_[0]; # New port range
- my $p2 = $_[1]; # existing port range
-# $_ = $_[0];
- our ($prtrange1, $prtrange2);
- $prtrange1 = 0;
-# if (m/:/ && $prtrange1 == 1) { # comparing two port ranges
-# unless (&checkportoverlap($p1,$p2)) {
-# $errormessage = "$Lang::tr{'source port overlaps'} $p1";
-# }
-# }
- if (m/:/ && $prtrange1 == 0 && $errormessage eq '') { # compare one port to a range
- unless (&checkportinc($p2,$p1)) {
- $errormessage = "$Lang::tr{'srcprt within existing'} $p1";
- }
- }
- $prtrange1 = 1;
- if (! m/:/ && $prtrange1 == 1 && $errormessage eq '') { # compare one port to a range
- unless (&checkportinc($p1,$p2)) {
- $errormessage = "$Lang::tr{'srcprt range overlaps'} $p2";
- }
- }
- return;
-}
-
-# Darren Critchley - certain ports are reserved for IPFire
-# TCP 67,68,81,222,445
-# UDP 67,68
-# Params passed in -> port, rangeyn, protocol
-sub disallowreserved
-{
- # port 67 and 68 same for tcp and udp, don't bother putting in an array
- my $msg = "";
- my @tcp_reserved = (81,222,445);
- my $prt = $_[0]; # the port or range
- my $ryn = $_[1]; # tells us whether or not it is a port range
- my $prot = $_[2]; # protocol
- my $srcdst = $_[3]; # source or destination
- if ($ryn) { # disect port range
- if ($srcdst eq "src") {
- $msg = "$Lang::tr{'rsvd src port overlap'}";
- } else {
- $msg = "$Lang::tr{'rsvd dst port overlap'}";
- }
- my @tmprng = split(/\:/,$prt);
- unless (67 < $tmprng[0] || 67 > $tmprng[1]) { $errormessage="$msg 67"; return; }
- unless (68 < $tmprng[0] || 68 > $tmprng[1]) { $errormessage="$msg 68"; return; }
- if ($prot eq "tcp") {
- foreach my $prange (@tcp_reserved) {
- unless ($prange < $tmprng[0] || $prange > $tmprng[1]) { $errormessage="$msg $prange"; return; }
- }
- }
- } else {
- if ($srcdst eq "src") {
- $msg = "$Lang::tr{'reserved src port'}";
- } else {
- $msg = "$Lang::tr{'reserved dst port'}";
- }
- if ($prt == 67) { $errormessage="$msg 67"; return; }
- if ($prt == 68) { $errormessage="$msg 68"; return; }
- if ($prot eq "tcp") {
- foreach my $prange (@tcp_reserved) {
- if ($prange == $prt) { $errormessage="$msg $prange"; return; }
- }
- }
- }
- return;
-}
-
-sub writeserverconf {
- my %sovpnsettings = ();
- &General::readhash("${General::swroot}/ovpn/settings", \%sovpnsettings);
-
- open(CONF, ">${General::swroot}/ovpn/server.conf") or die "Unable to open ${General::swroot}/ovpn/server.conf: $!";
- flock CONF, 2;
- print CONF "#OpenVPN Server conf\n";
- print CONF "\n";
- print CONF "daemon openvpnserver\n";
- print CONF "writepid /var/run/openvpn.pid\n";
- print CONF "#DAN prepare OpenVPN for listening on blue and orange\n";
- print CONF ";local $sovpnsettings{'VPN_IP'}\n";
- print CONF "dev $sovpnsettings{'DDEVICE'}\n";
- print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n";
- print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
- print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
- print CONF "tls-server\n";
- print CONF "ca /var/ipfire/ovpn/ca/cacert.pem\n";
- print CONF "cert /var/ipfire/ovpn/certs/servercert.pem\n";
- print CONF "key /var/ipfire/ovpn/certs/serverkey.pem\n";
- print CONF "dh /var/ipfire/ovpn/ca/dh1024.pem\n";
- my @tempovpnsubnet = split("\/",$sovpnsettings{'DOVPN_SUBNET'});
- print CONF "server $tempovpnsubnet[0] $tempovpnsubnet[1]\n";
- print CONF "push \"route $netsettings{'GREEN_NETADDRESS'} $netsettings{'GREEN_NETMASK'}\"\n";
- if ($sovpnsettings{CLIENT2CLIENT} eq 'on') {
- print CONF "client-to-client\n";
- }
- if ($sovpnsettings{KEEPALIVE_1} > 0 && $sovpnsettings{KEEPALIVE_2} > 0) {
- print CONF "keepalive $sovpnsettings{'KEEPALIVE_1'} $sovpnsettings{'KEEPALIVE_2'}\n";
- }
- print CONF "status-version 1\n";
- print CONF "status /var/log/ovpnserver.log 30\n";
- print CONF "cipher $sovpnsettings{DCIPHER}\n";
- if ($sovpnsettings{DCOMPLZO} eq 'on') {
- print CONF "comp-lzo\n";
- }
- if ($sovpnsettings{REDIRECT_GW_DEF1} eq 'on') {
- print CONF "push \"redirect-gateway def1\"\n";
- }
- if ($sovpnsettings{DHCP_DOMAIN} ne '') {
- print CONF "push \"dhcp-option DOMAIN $sovpnsettings{DHCP_DOMAIN}\"\n";
- }
-
- if ($sovpnsettings{DHCP_DNS} ne '') {
- print CONF "push \"dhcp-option DNS $sovpnsettings{DHCP_DNS}\"\n";
- }
-
- if ($sovpnsettings{DHCP_WINS} ne '') {
- print CONF "push \"dhcp-option WINS $sovpnsettings{DHCP_WINS}\"\n";
- }
-
- if ($sovpnsettings{DHCP_WINS} eq '') {
- print CONF "max-clients 100\n";
- }
-
- if ($sovpnsettings{DHCP_WINS} ne '') {
- print CONF "max-clients $sovpnsettings{MAX_CLIENTS}\n";
- }
- print CONF "tls-verify /var/ipfire/ovpn/verify\n";
- print CONF "crl-verify /var/ipfire/ovpn/crls/cacrl.pem\n";
- print CONF "user nobody\n";
- print CONF "group nobody\n";
- print CONF "persist-key\n";
- print CONF "persist-tun\n";
- if ($sovpnsettings{LOG_VERB} ne '') {
- print CONF "verb $sovpnsettings{LOG_VERB}\n";
- } else {
- print CONF "verb 3\n";
- }
- print CONF "\n";
-
- close(CONF);
-}
-#
-sub emptyserverlog{
- if (open(FILE, ">/var/log/ovpnserver.log")) {
- flock FILE, 2;
- print FILE "";
- close FILE;
- }
-
-}
-
-#hier die refresh page
-if ( -e "${General::swroot}/ovpn/gencanow") {
- my $refresh = '';
- $refresh = "<meta http-equiv='refresh' content='15;' />";
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'OVPN'}, 1, $refresh);
- &Header::openbigbox('100%', 'center');
- &Header::openbox('100%', 'left', "$Lang::tr{'generate root/host certificates'}:");
- print "<tr>\n<td align='center'><img src='/images/clock.gif' alt='' /></td>\n";
- print "<td colspan='2'><font color='red'>Please be patient this realy can take some time on older hardware...</font></td></tr>\n";
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit (0);
-}
-##hier die refresh page
-
-
-###
-### OpenVPN Server Control
-###
-if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'} ||
- $cgiparams{'ACTION'} eq $Lang::tr{'stop ovpn server'} ||
- $cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}) {
- #start openvpn server
- if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'}){
- &emptyserverlog();
- system('/usr/local/bin/openvpnctrl', '-s');
- }
- #stop openvpn server
- if ($cgiparams{'ACTION'} eq $Lang::tr{'stop ovpn server'}){
- system('/usr/local/bin/openvpnctrl', '-k');
- &emptyserverlog();
- }
-# #restart openvpn server
- if ($cgiparams{'ACTION'} eq $Lang::tr{'restart ovpn server'}){
-#workarund, till SIGHUP also works when running as nobody
- system('/usr/local/bin/openvpnctrl', '-r');
- &emptyserverlog();
- }
-}
-
-###
-### Save Advanced options
-###
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- #DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
- #DAN this value has to leave.
-#new settings for daemon
- $vpnsettings{'LOG_VERB'} = $cgiparams{'LOG_VERB'};
- $vpnsettings{'KEEPALIVE_1'} = $cgiparams{'KEEPALIVE_1'};
- $vpnsettings{'KEEPALIVE_2'} = $cgiparams{'KEEPALIVE_2'};
- $vpnsettings{'MAX_CLIENTS'} = $cgiparams{'MAX_CLIENTS'};
- $vpnsettings{'REDIRECT_GW_DEF1'} = $cgiparams{'REDIRECT_GW_DEF1'};
- $vpnsettings{'CLIENT2CLIENT'} = $cgiparams{'CLIENT2CLIENT'};
- $vpnsettings{'DHCP_DOMAIN'} = $cgiparams{'DHCP_DOMAIN'};
- $vpnsettings{'DHCP_DNS'} = $cgiparams{'DHCP_DNS'};
- $vpnsettings{'DHCP_WINS'} = $cgiparams{'DHCP_WINS'};
-
- if ($cgiparams{'DHCP_DOMAIN'} ne ''){
- unless (&General::validfqdn($cgiparams{'DHCP_DOMAIN'}) || &General::validip($cgiparams{'DHCP_DOMAIN'})) {
- $errormessage = $Lang::tr{'invalid input for dhcp domain'};
- goto ADV_ERROR;
- }
- }
- if ($cgiparams{'DHCP_DNS'} ne ''){
- unless (&General::validfqdn($cgiparams{'DHCP_DNS'}) || &General::validip($cgiparams{'DHCP_DNS'})) {
- $errormessage = $Lang::tr{'invalid input for dhcp dns'};
- goto ADV_ERROR;
- }
- }
- if ($cgiparams{'DHCP_WINS'} ne ''){
- unless (&General::validfqdn($cgiparams{'DHCP_WINS'}) || &General::validip($cgiparams{'DHCP_WINS'})) {
- $errormessage = $Lang::tr{'invalid input for dhcp wins'};
- goto ADV_ERROR;
- }
- }
- if ((length($cgiparams{'MAX_CLIENTS'}) == 0) || (($cgiparams{'MAX_CLIENTS'}) < 1 ) || (($cgiparams{'MAX_CLIENTS'}) > 255 )) {
- $errormessage = $Lang::tr{'invalid input for max clients'};
- goto ADV_ERROR;
- }
- if ($cgiparams{'KEEPALIVE_1'} ne '') {
- if ($cgiparams{'KEEPALIVE_1'} !~ /^[0-9]+$/) {
- $errormessage = $Lang::tr{'invalid input for keepalive 1'};
- goto ADV_ERROR;
- }
- }
- if ($cgiparams{'KEEPALIVE_2'} ne ''){
- if ($cgiparams{'KEEPALIVE_2'} !~ /^[0-9]+$/) {
- $errormessage = $Lang::tr{'invalid input for keepalive 2'};
- goto ADV_ERROR;
- }
- }
- if ($cgiparams{'KEEPALIVE_2'} < ($cgiparams{'KEEPALIVE_1'} * 2)){
- $errormessage = $Lang::tr{'invalid input for keepalive 1:2'};
- goto ADV_ERROR;
- }
-
- &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &writeserverconf();#hier ok
-}
-
-
-
-
-###
-### Save main settings
-###
-if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') {
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- #DAN do we really need (to to check) this value? Besides if we listen on blue and orange too,
- #DAN this value has to leave.
- if ($cgiparams{'ENABLED'} eq 'on'){
- unless (&General::validfqdn($cgiparams{'VPN_IP'}) || &General::validip($cgiparams{'VPN_IP'})) {
- $errormessage = $Lang::tr{'invalid input for hostname'};
- goto SETTINGS_ERROR;
- }
- }
- if ($cgiparams{'ENABLED'} eq 'on'){
- &disallowreserved($cgiparams{'DDEST_PORT'},0,$cgiparams{'DPROTOCOL'},"dest");
- }
- if ($errormessage) { goto SETTINGS_ERROR; }
-
-
- if ($cgiparams{'ENABLED'} eq 'on'){
- &checkportfw(0,$cgiparams{'DDEST_PORT'},$cgiparams{'DPROTOCOL'},'0.0.0.0');
- }
-
- if ($errormessage) { goto SETTINGS_ERROR; }
-
- if (! &General::validipandmask($cgiparams{'DOVPN_SUBNET'})) {
- $errormessage = $Lang::tr{'ovpn subnet is invalid'};
- goto SETTINGS_ERROR;
- }
- my @tmpovpnsubnet = split("\/",$cgiparams{'DOVPN_SUBNET'});
-
- if (&General::IpInSubnet ( $netsettings{'RED_ADDRESS'},
- $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
- $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire RED Network $netsettings{'RED_ADDRESS'}";
- goto SETTINGS_ERROR;
- }
-
- if (&General::IpInSubnet ( $netsettings{'GREEN_ADDRESS'},
- $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
- $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Green Network $netsettings{'GREEN_ADDRESS'}";
- goto SETTINGS_ERROR;
- }
-
- if (&General::IpInSubnet ( $netsettings{'BLUE_ADDRESS'},
- $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
- $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Blue Network $netsettings{'BLUE_ADDRESS'}";
- goto SETTINGS_ERROR;
- }
-
- if (&General::IpInSubnet ( $netsettings{'ORANGE_ADDRESS'},
- $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
- $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire Orange Network $netsettings{'ORANGE_ADDRESS'}";
- goto SETTINGS_ERROR;
- }
- open(ALIASES, "${General::swroot}/ethernet/aliases") or die 'Unable to open aliases file.';
- while (<ALIASES>)
- {
- chomp($_);
- my @tempalias = split(/\,/,$_);
- if ($tempalias[1] eq 'on') {
- if (&General::IpInSubnet ($tempalias[0] ,
- $tmpovpnsubnet[0], $tmpovpnsubnet[1])) {
- $errormessage = "$Lang::tr{'ovpn subnet overlap'} IPFire alias entry $tempalias[0]";
- }
- }
- }
- close(ALIASES);
- if ($errormessage ne ''){
- goto SETTINGS_ERROR;
- }
- if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto SETTINGS_ERROR;
- }
- if ((length($cgiparams{'DMTU'})==0) || (($cgiparams{'DMTU'}) < 1000 )) {
- $errormessage = $Lang::tr{'invalid mtu input'};
- goto SETTINGS_ERROR;
- }
-
- unless (&General::validport($cgiparams{'DDEST_PORT'})) {
- $errormessage = $Lang::tr{'invalid port'};
- goto SETTINGS_ERROR;
- }
- $vpnsettings{'ENABLED_BLUE'} = $cgiparams{'ENABLED_BLUE'};
- $vpnsettings{'ENABLED_ORANGE'} =$cgiparams{'ENABLED_ORANGE'};
- $vpnsettings{'ENABLED'} = $cgiparams{'ENABLED'};
- $vpnsettings{'VPN_IP'} = $cgiparams{'VPN_IP'};
-#new settings for daemon
- $vpnsettings{'DOVPN_SUBNET'} = $cgiparams{'DOVPN_SUBNET'};
- $vpnsettings{'DDEVICE'} = $cgiparams{'DDEVICE'};
- $vpnsettings{'DPROTOCOL'} = $cgiparams{'DPROTOCOL'};
- $vpnsettings{'DDEST_PORT'} = $cgiparams{'DDEST_PORT'};
- $vpnsettings{'DMTU'} = $cgiparams{'DMTU'};
- $vpnsettings{'DCOMPLZO'} = $cgiparams{'DCOMPLZO'};
- $vpnsettings{'DCIPHER'} = $cgiparams{'DCIPHER'};
-#wrtie enable
-
- if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' ) {system("touch ${General::swroot}/ovpn/enable_blue 2>/dev/null");}else{system("unlink ${General::swroot}/ovpn/enable_blue 2>/dev/null");}
- if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' ) {system("touch ${General::swroot}/ovpn/enable_orange 2>/dev/null");}else{system("unlink ${General::swroot}/ovpn/enable_orange 2>/dev/null");}
- if ( $vpnsettings{'ENABLED'} eq 'on' ) {system("touch ${General::swroot}/ovpn/enable 2>/dev/null");}else{system("unlink ${General::swroot}/ovpn/enable 2>/dev/null");}
-#new settings for daemon
- &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &writeserverconf();#hier ok
-SETTINGS_ERROR:
-###
-### Reset all step 2
-###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'reset'} && $cgiparams{'AREUSURE'} eq 'yes') {
- my $file = '';
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- foreach my $key (keys %confighash) {
- if ($confighash{$key}[4] eq 'cert') {
- delete $confighash{$cgiparams{'$key'}};
- }
- }
- while ($file = glob("${General::swroot}/ovpn/ca/*")) {
- unlink $file
- }
- while ($file = glob("${General::swroot}/ovpn/certs/*")) {
- unlink $file
- }
- while ($file = glob("${General::swroot}/ovpn/crls/*")) {
- unlink $file
- }
- &cleanssldatabase();
- if (open(FILE, ">${General::swroot}/ovpn/caconfig")) {
- print FILE "";
- close FILE;
- }
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
-###
-### Reset all step 1
-###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'reset'}) {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- &Header::openbox('100%', 'LEFT', $Lang::tr{'are you sure'});
- print <<END
- <table><form method='post'><input type='hidden' name='AREUSURE' value='yes' />
- <tr><td align='center'>
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
- $Lang::tr{'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections'}
- <tr><td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></td></tr>
- </form></table>
-END
- ;
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit (0);
-
-###
-### Upload CA Certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'upload ca certificate'}) {
- &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-
- if ($cgiparams{'CA_NAME'} !~ /^[a-zA-Z0-9]+$/) {
- $errormessage = $Lang::tr{'name must only contain characters'};
- goto UPLOADCA_ERROR;
- }
-
- if (length($cgiparams{'CA_NAME'}) >60) {
- $errormessage = $Lang::tr{'name too long'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'CA_NAME'} eq 'ca') {
- $errormessage = $Lang::tr{'name is invalid'};
- goto UPLOAD_CA_ERROR;
- }
-
- # Check if there is no other entry with this name
- foreach my $key (keys %cahash) {
- if ($cahash{$key}[0] eq $cgiparams{'CA_NAME'}) {
- $errormessage = $Lang::tr{'a ca certificate with this name already exists'};
- goto UPLOADCA_ERROR;
- }
- }
-
- if (ref ($cgiparams{'FH'}) ne 'Fh') {
- $errormessage = $Lang::tr{'there was no file upload'};
- goto UPLOADCA_ERROR;
- }
- # Move uploaded ca to a temporary file
- (my $fh, my $filename) = tempfile( );
- if (copy ($cgiparams{'FH'}, $fh) != 1) {
- $errormessage = $!;
- goto UPLOADCA_ERROR;
- }
- my $temp = `/usr/bin/openssl x509 -text -in $filename`;
- if ($temp !~ /CA:TRUE/i) {
- $errormessage = $Lang::tr{'not a valid ca certificate'};
- unlink ($filename);
- goto UPLOADCA_ERROR;
- } else {
- move($filename, "${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem");
- if ($? ne 0) {
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
- unlink ($filename);
- goto UPLOADCA_ERROR;
- }
- }
-
- my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem`;
- $casubject =~ /Subject: (.*)[\n]/;
- $casubject = $1;
- $casubject =~ s+/Email+, E+;
- $casubject =~ s/ ST=/ S=/;
- $casubject = &Header::cleanhtml($casubject);
-
- my $key = &General::findhasharraykey (\%cahash);
- $cahash{$key}[0] = $cgiparams{'CA_NAME'};
- $cahash{$key}[1] = $casubject;
- &General::writehasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-# system('/usr/local/bin/ipsecctrl', 'R');
-
- UPLOADCA_ERROR:
-
-###
-### Display ca certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show ca certificate'}) {
- &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-
- if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem") {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', $errormessage);
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'ca certificate'}:");
- my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
- print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Download ca certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download ca certificate'}) {
- &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-
- if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
- print "Content-Type: application/octet-stream\r\n";
- print "Content-Disposition: filename=$cahash{$cgiparams{'KEY'}}[0]cert.pem\r\n\r\n";
- print `/usr/bin/openssl x509 -in ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
- exit(0);
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Remove ca certificate (step 2)
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove ca certificate'} && $cgiparams{'AREUSURE'} eq 'yes') {
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-
- if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
- foreach my $key (keys %confighash) {
- my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
- if ($test =~ /: OK/) {
- # Delete connection
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'D', $key);
-# }
- unlink ("${General::swroot}/ovpn//certs/$confighash{$key}[1]cert.pem");
- unlink ("${General::swroot}/ovpn/certs/$confighash{$key}[1].p12");
- delete $confighash{$key};
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-# &writeipsecfiles();
- }
- }
- unlink ("${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
- delete $cahash{$cgiparams{'KEY'}};
- &General::writehasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-# system('/usr/local/bin/ipsecctrl', 'R');
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-###
-### Remove ca certificate (step 1)
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove ca certificate'}) {
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-
- my $assignedcerts = 0;
- if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
- foreach my $key (keys %confighash) {
- my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
- if ($test =~ /: OK/) {
- $assignedcerts++;
- }
- }
- if ($assignedcerts) {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', $errormessage);
- &Header::openbox('100%', 'LEFT', $Lang::tr{'are you sure'});
- print <<END
- <table><form method='post'><input type='hidden' name='AREUSURE' value='yes' />
- <input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />
- <tr><td align='center'>
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>: $assignedcerts
- $Lang::tr{'connections are associated with this ca. deleting the ca will delete these connections as well.'}
- <tr><td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></td></tr>
- </form></table>
-END
- ;
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit (0);
- } else {
- unlink ("${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
- delete $cahash{$cgiparams{'KEY'}};
- &General::writehasharray("${General::swroot}/ovpn/caconfig", \%cahash);
-# system('/usr/local/bin/ipsecctrl', 'R');
- }
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Display root certificate
-###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'} ||
- $cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
- my $output;
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- if ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'}) {
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'root certificate'}:");
- $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
- } else {
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'host certificate'}:");
- $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
- }
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
- print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
-
-###
-### Download root certificate
-###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download root certificate'}) {
- if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
- print "Content-Type: application/octet-stream\r\n";
- print "Content-Disposition: filename=cacert.pem\r\n\r\n";
- print `/usr/bin/openssl x509 -in ${General::swroot}/ovpn/ca/cacert.pem`;
- exit(0);
- }
-
-###
-### Download host certificate
-###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download host certificate'}) {
- if ( -f "${General::swroot}/ovpn/certs/servercert.pem" ) {
- print "Content-Type: application/octet-stream\r\n";
- print "Content-Disposition: filename=servercert.pem\r\n\r\n";
- print `/usr/bin/openssl x509 -in ${General::swroot}/ovpn/certs/servercert.pem`;
- exit(0);
- }
-###
-### Form for generating a root certificate
-###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'generate root/host certificates'} ||
- $cgiparams{'ACTION'} eq $Lang::tr{'upload p12 file'}) {
-
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
- $errormessage = $Lang::tr{'valid root certificate already exists'};
- $cgiparams{'ACTION'} = '';
- goto ROOTCERT_ERROR;
- }
-
- if (($cgiparams{'ROOTCERT_HOSTNAME'} eq '') && -e "${General::swroot}/red/active") {
- if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) {
- my $ipaddr = <IPADDR>;
- close IPADDR;
- chomp ($ipaddr);
- $cgiparams{'ROOTCERT_HOSTNAME'} = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0];
- if ($cgiparams{'ROOTCERT_HOSTNAME'} eq '') {
- $cgiparams{'ROOTCERT_HOSTNAME'} = $ipaddr;
- }
- }
- } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'upload p12 file'}) {
-
- if (ref ($cgiparams{'FH'}) ne 'Fh') {
- $errormessage = $Lang::tr{'there was no file upload'};
- goto ROOTCERT_ERROR;
- }
-
- # Move uploaded certificate request to a temporary file
- (my $fh, my $filename) = tempfile( );
- if (copy ($cgiparams{'FH'}, $fh) != 1) {
- $errormessage = $!;
- goto ROOTCERT_ERROR;
- }
-
- # Create a temporary dirctory
- my $tempdir = tempdir( CLEANUP => 1 );
-
- # Extract the CA certificate from the file
- my $pid = open(OPENSSL, "|-");
- $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto ROOTCERT_ERROR;};
- if ($pid) { # parent
- if ($cgiparams{'P12_PASS'} ne '') {
- print OPENSSL "$cgiparams{'P12_PASS'}\n";
- }
- close (OPENSSL);
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ($filename);
- goto ROOTCERT_ERROR;
- }
- } else { # child
- unless (exec ('/usr/bin/openssl', 'pkcs12', '-cacerts', '-nokeys',
- '-in', $filename,
- '-out', "$tempdir/cacert.pem")) {
- $errormessage = "$Lang::tr{'cant start openssl'}: $!";
- unlink ($filename);
- goto ROOTCERT_ERROR;
- }
- }
-
- # Extract the Host certificate from the file
- $pid = open(OPENSSL, "|-");
- $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto ROOTCERT_ERROR;};
- if ($pid) { # parent
- if ($cgiparams{'P12_PASS'} ne '') {
- print OPENSSL "$cgiparams{'P12_PASS'}\n";
- }
- close (OPENSSL);
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ($filename);
- goto ROOTCERT_ERROR;
- }
- } else { # child
- unless (exec ('/usr/bin/openssl', 'pkcs12', '-clcerts', '-nokeys',
- '-in', $filename,
- '-out', "$tempdir/hostcert.pem")) {
- $errormessage = "$Lang::tr{'cant start openssl'}: $!";
- unlink ($filename);
- goto ROOTCERT_ERROR;
- }
- }
-
- # Extract the Host key from the file
- $pid = open(OPENSSL, "|-");
- $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto ROOTCERT_ERROR;};
- if ($pid) { # parent
- if ($cgiparams{'P12_PASS'} ne '') {
- print OPENSSL "$cgiparams{'P12_PASS'}\n";
- }
- close (OPENSSL);
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ($filename);
- goto ROOTCERT_ERROR;
- }
- } else { # child
- unless (exec ('/usr/bin/openssl', 'pkcs12', '-nocerts',
- '-nodes',
- '-in', $filename,
- '-out', "$tempdir/serverkey.pem")) {
- $errormessage = "$Lang::tr{'cant start openssl'}: $!";
- unlink ($filename);
- goto ROOTCERT_ERROR;
- }
- }
-
- move("$tempdir/cacert.pem", "${General::swroot}/ovpn/ca/cacert.pem");
- if ($? ne 0) {
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
- unlink ($filename);
- unlink ("${General::swroot}/ovpn/ca/cacert.pem");
- unlink ("${General::swroot}/ovpn/certs/servercert.pem");
- unlink ("${General::swroot}/ovpn/certs/serverkey.pem");
- goto ROOTCERT_ERROR;
- }
-
- move("$tempdir/hostcert.pem", "${General::swroot}/ovpn/certs/servercert.pem");
- if ($? ne 0) {
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
- unlink ($filename);
- unlink ("${General::swroot}/ovpn/ca/cacert.pem");
- unlink ("${General::swroot}/ovpn/certs/servercert.pem");
- unlink ("${General::swroot}/ovpn/certs/serverkey.pem");
- goto ROOTCERT_ERROR;
- }
-
- move("$tempdir/serverkey.pem", "${General::swroot}/ovpn/certs/serverkey.pem");
- if ($? ne 0) {
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
- unlink ($filename);
- unlink ("${General::swroot}/ovpn/ca/cacert.pem");
- unlink ("${General::swroot}/ovpn/certs/servercert.pem");
- unlink ("${General::swroot}/ovpn/certs/serverkey.pem");
- goto ROOTCERT_ERROR;
- }
-
- goto ROOTCERT_SUCCESS;
-
- } elsif ($cgiparams{'ROOTCERT_COUNTRY'} ne '') {
-
- # Validate input since the form was submitted
- if ($cgiparams{'ROOTCERT_ORGANIZATION'} eq ''){
- $errormessage = $Lang::tr{'organization cant be empty'};
- goto ROOTCERT_ERROR;
- }
- if (length($cgiparams{'ROOTCERT_ORGANIZATION'}) >60) {
- $errormessage = $Lang::tr{'organization too long'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_ORGANIZATION'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for organization'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_HOSTNAME'} eq ''){
- $errormessage = $Lang::tr{'hostname cant be empty'};
- goto ROOTCERT_ERROR;
- }
- unless (&General::validfqdn($cgiparams{'ROOTCERT_HOSTNAME'}) || &General::validip($cgiparams{'ROOTCERT_HOSTNAME'})) {
- $errormessage = $Lang::tr{'invalid input for hostname'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'ROOTCERT_EMAIL'}))) {
- $errormessage = $Lang::tr{'invalid input for e-mail address'};
- goto ROOTCERT_ERROR;
- }
- if (length($cgiparams{'ROOTCERT_EMAIL'}) > 40) {
- $errormessage = $Lang::tr{'e-mail address too long'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_OU'} ne '' && $cgiparams{'ROOTCERT_OU'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for department'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_CITY'} ne '' && $cgiparams{'ROOTCERT_CITY'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for city'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_STATE'} ne '' && $cgiparams{'ROOTCERT_STATE'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for state or province'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_COUNTRY'} !~ /^[A-Z]*$/) {
- $errormessage = $Lang::tr{'invalid input for country'};
- goto ROOTCERT_ERROR;
- }
-
- # Copy the cgisettings to vpnsettings and save the configfile
- $vpnsettings{'ROOTCERT_ORGANIZATION'} = $cgiparams{'ROOTCERT_ORGANIZATION'};
- $vpnsettings{'ROOTCERT_HOSTNAME'} = $cgiparams{'ROOTCERT_HOSTNAME'};
- $vpnsettings{'ROOTCERT_EMAIL'} = $cgiparams{'ROOTCERT_EMAIL'};
- $vpnsettings{'ROOTCERT_OU'} = $cgiparams{'ROOTCERT_OU'};
- $vpnsettings{'ROOTCERT_CITY'} = $cgiparams{'ROOTCERT_CITY'};
- $vpnsettings{'ROOTCERT_STATE'} = $cgiparams{'ROOTCERT_STATE'};
- $vpnsettings{'ROOTCERT_COUNTRY'} = $cgiparams{'ROOTCERT_COUNTRY'};
- &General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
-
- # Replace empty strings with a .
- (my $ou = $cgiparams{'ROOTCERT_OU'}) =~ s/^\s*$/\./;
- (my $city = $cgiparams{'ROOTCERT_CITY'}) =~ s/^\s*$/\./;
- (my $state = $cgiparams{'ROOTCERT_STATE'}) =~ s/^\s*$/\./;
-
- # refresh
- #system ('/bin/touch', "${General::swroot}/ovpn/gencanow");
-
- # Create the CA certificate
- my $pid = open(OPENSSL, "|-");
- $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto ROOTCERT_ERROR;};
- if ($pid) { # parent
- print OPENSSL "$cgiparams{'ROOTCERT_COUNTRY'}\n";
- print OPENSSL "$state\n";
- print OPENSSL "$city\n";
- print OPENSSL "$cgiparams{'ROOTCERT_ORGANIZATION'}\n";
- print OPENSSL "$ou\n";
- print OPENSSL "$cgiparams{'ROOTCERT_ORGANIZATION'} CA\n";
- print OPENSSL "$cgiparams{'ROOTCERT_EMAIL'}\n";
- close (OPENSSL);
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ("${General::swroot}/ovpn/ca/cakey.pem");
- unlink ("${General::swroot}/ovpn/ca/cacert.pem");
- goto ROOTCERT_ERROR;
- }
- } else { # child
- unless (exec ('/usr/bin/openssl', 'req', '-x509', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-days', '999999', '-newkey', 'rsa:2048',
- '-keyout', "${General::swroot}/ovpn/ca/cakey.pem",
- '-out', "${General::swroot}/ovpn/ca/cacert.pem",
- '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
- $errormessage = "$Lang::tr{'cant start openssl'}: $!";
- goto ROOTCERT_ERROR;
- }
- }
-
- # Create the Host certificate request
- $pid = open(OPENSSL, "|-");
- $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto ROOTCERT_ERROR;};
- if ($pid) { # parent
- print OPENSSL "$cgiparams{'ROOTCERT_COUNTRY'}\n";
- print OPENSSL "$state\n";
- print OPENSSL "$city\n";
- print OPENSSL "$cgiparams{'ROOTCERT_ORGANIZATION'}\n";
- print OPENSSL "$ou\n";
- print OPENSSL "$cgiparams{'ROOTCERT_HOSTNAME'}\n";
- print OPENSSL "$cgiparams{'ROOTCERT_EMAIL'}\n";
- print OPENSSL ".\n";
- print OPENSSL ".\n";
- close (OPENSSL);
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ("${General::swroot}/ovpn/certs/serverkey.pem");
- unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
- goto ROOTCERT_ERROR;
- }
- } else { # child
- unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-newkey', 'rsa:1024',
- '-keyout', "${General::swroot}/ovpn/certs/serverkey.pem",
- '-out', "${General::swroot}/ovpn/certs/serverreq.pem",
- '-extensions', 'server',
- '-config', "${General::swroot}/ovpn/openssl/ovpn.cnf" )) {
- $errormessage = "$Lang::tr{'cant start openssl'}: $!";
- unlink ("${General::swroot}/ovpn/certs/serverkey.pem");
- unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
- unlink ("${General::swroot}/ovpn/ca/cakey.pem");
- unlink ("${General::swroot}/ovpn/ca/cacert.pem");
- goto ROOTCERT_ERROR;
- }
- }
-
- # Sign the host certificate request
- system('/usr/bin/openssl', 'ca', '-days', '999999',
- '-batch', '-notext',
- '-in', "${General::swroot}/ovpn/certs/serverreq.pem",
- '-out', "${General::swroot}/ovpn/certs/servercert.pem",
- '-extensions', 'server',
- '-config', "${General::swroot}/ovpn/openssl/ovpn.cnf");
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ("${General::swroot}/ovpn/ca/cakey.pem");
- unlink ("${General::swroot}/ovpn/ca/cacert.pem");
- unlink ("${General::swroot}/ovpn/serverkey.pem");
- unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
- unlink ("${General::swroot}/ovpn/certs/servercert.pem");
- &newcleanssldatabase();
- goto ROOTCERT_ERROR;
- } else {
- unlink ("${General::swroot}/ovpn/certs/serverreq.pem");
- &deletebackupcert();
- }
-
- # Create an empty CRL
- system('/usr/bin/openssl', 'ca', '-gencrl',
- '-out', "${General::swroot}/ovpn/crls/cacrl.pem",
- '-config', "${General::swroot}/ovpn/openssl/ovpn.cnf" );
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ("${General::swroot}/ovpn/certs/serverkey.pem");
- unlink ("${General::swroot}/ovpn/certs/servercert.pem");
- unlink ("${General::swroot}/ovpn/ca/cacert.pem");
- unlink ("${General::swroot}/ovpn/crls/cacrl.pem");
- &cleanssldatabase();
- goto ROOTCERT_ERROR;
-# } else {
-# &cleanssldatabase();
- }
- # Create Diffie Hellmann Parameter
- system('/usr/bin/openssl', 'dhparam', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-out', "${General::swroot}/ovpn/ca/dh1024.pem",
- '1024' );
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ("${General::swroot}/ovpn/certs/serverkey.pem");
- unlink ("${General::swroot}/ovpn/certs/servercert.pem");
- unlink ("${General::swroot}/ovpn/ca/cacert.pem");
- unlink ("${General::swroot}/ovpn/crls/cacrl.pem");
- unlink ("${General::swroot}/ovpn/ca/dh1024.pem");
- &cleanssldatabase();
- goto ROOTCERT_ERROR;
-# } else {
-# &cleanssldatabase();
- }
- goto ROOTCERT_SUCCESS;
- }
- ROOTCERT_ERROR:
- if ($cgiparams{'ACTION'} ne '') {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- if ($errormessage) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage";
- print " </class>";
- &Header::closebox();
- }
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'generate root/host certificates'}:");
- print <<END
- <form method='post' enctype='multipart/form-data'>
- <table width='100%' border='0' cellspacing='1' cellpadding='0'>
- <tr><td width='30%' class='base'>$Lang::tr{'organization name'}:</td>
- <td width='35%' class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_ORGANIZATION' value='$cgiparams{'ROOTCERT_ORGANIZATION'}' size='32' /></td>
- <td width='35%' colspan='2'> </td></tr>
- <tr><td class='base'>$Lang::tr{'ipfires hostname'}:</td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_HOSTNAME' value='$cgiparams{'ROOTCERT_HOSTNAME'}' size='32' /></td>
- <td colspan='2'> </td></tr>
- <tr><td class='base'>$Lang::tr{'your e-mail'}: <img src='/blob.gif' alt'*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_EMAIL' value='$cgiparams{'ROOTCERT_EMAIL'}' size='32' /></td>
- <td colspan='2'> </td></tr>
- <tr><td class='base'>$Lang::tr{'your department'}: <img src='/blob.gif' alt'*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_OU' value='$cgiparams{'ROOTCERT_OU'}' size='32' /></td>
- <td colspan='2'> </td></tr>
- <tr><td class='base'>$Lang::tr{'city'}: <img src='/blob.gif' alt'*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_CITY' value='$cgiparams{'ROOTCERT_CITY'}' size='32' /></td>
- <td colspan='2'> </td></tr>
- <tr><td class='base'>$Lang::tr{'state or province'}: <img src='/blob.gif' alt'*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_STATE' value='$cgiparams{'ROOTCERT_STATE'}' size='32' /></td>
- <td colspan='2'> </td></tr>
- <tr><td class='base'>$Lang::tr{'country'}:</td>
- <td class='base'><select name='ROOTCERT_COUNTRY'>
-
-END
- ;
- foreach my $country (sort keys %{Countries::countries}) {
- print "<option value='$Countries::countries{$country}'";
- if ( $Countries::countries{$country} eq $cgiparams{'ROOTCERT_COUNTRY'} ) {
- print " selected='selected'";
- }
- print ">$country</option>";
- }
- print <<END
- </select></td>
- <td colspan='2'> </td></tr>
- <tr><td> </td>
- <td><input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' /></td>
- <td> </td><td> </td></tr>
- <tr><td class='base' colspan='4' align='left'>
- <img src='/blob.gif' valign='top' alt='*' /> $Lang::tr{'this field may be blank'}</td></tr>
- <tr><td class='base' colspan='4' align='left'>
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
- $Lang::tr{'generating the root and host certificates may take a long time. it can take up to several minutes on older hardware. please be patient'}
- </td></tr>
- <tr><td colspan='4' bgcolor='#000000'><img src='/images/null.gif' width='1' height='1' border='0' /></td></tr>
- <tr><td class='base' nowrap='nowrap'>$Lang::tr{'upload p12 file'}:</td>
- <td nowrap='nowrap'><input type='file' name='FH' size='32'></td>
- <td colspan='2'> </td></tr>
- <tr><td class='base'>$Lang::tr{'pkcs12 file password'}: <img src='/blob.gif' alt='*' ></td>
- <td class='base' nowrap='nowrap'><input type='password' name='P12_PASS' value='$cgiparams{'P12_PASS'}' size='32' /></td>
- <td colspan='2'> </td></tr>
- <tr><td> </td>
- <td><input type='submit' name='ACTION' value='$Lang::tr{'upload p12 file'}' /></td>
- <td colspan='2'> </td></tr>
- <tr><td class='base' colspan='4' align='left'>
- <img src='/blob.gif' valign='top' al='*' > $Lang::tr{'this field may be blank'}</td></tr>
- </form></table>
-END
- ;
- &Header::closebox();
-
- &Header::closebigbox();
- &Header::closepage();
- exit(0)
- }
-
- ROOTCERT_SUCCESS:
- system ("chmod 600 ${General::swroot}/ovpn/certs/serverkey.pem");
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLE_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'S');
-# }
-
-###
-### Enable/Disable connection
-###
-}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
-
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ($confighash{$cgiparams{'KEY'}}) {
- if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
- $confighash{$cgiparams{'KEY'}}[0] = 'on';
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
-# }
- } else {
- $confighash{$cgiparams{'KEY'}}[0] = 'off';
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
-# }
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
- }
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Download OpenVPN client package
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'dl client arch'}) {
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- my $file = '';
- my $clientovpn = '';
- my @fileholder;
- my $tempdir = tempdir( CLEANUP => 1 );
- my $zippath = "$tempdir/";
- my $zipname = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.zip";
- my $zippathname = "$zippath$zipname";
- $clientovpn = "$confighash{$cgiparams{'KEY'}}[1]-TO-IPFire.ovpn";
- open(CLIENTCONF, ">$tempdir/$clientovpn") or die "Unable to open tempfile: $!";
- flock CLIENTCONF, 2;
-
- my $zip = Archive::Zip->new();
-
- print CLIENTCONF "#OpenVPN Server conf\r\n";
- print CLIENTCONF "tls-client\r\n";
- print CLIENTCONF "client\r\n";
- print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n";
- print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n";
- print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n";
- if ( $vpnsettings{'ENABLED'} eq 'on'){
- print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n";
- if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){
- print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Blue interface\r\n";
- print CLIENTCONF ";remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
- }
- if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
- print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";
- print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
- }
- } elsif ( $vpnsettings{'ENABLED_BLUE'} eq 'on' && (&haveBlueNet())){
- print CLIENTCONF "remote $netsettings{'BLUE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
- if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
- print CLIENTCONF "#Coment the above line and uncoment the next line, if you want to connect on the Orange interface\r\n";
- print CLIENTCONF ";remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
- }
- } elsif ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' && (&haveOrangeNet())){
- print CLIENTCONF "remote $netsettings{'ORANGE_ADDRESS'} $vpnsettings{'DDEST_PORT'}\r\n";
- }
-
- if ($confighash{$cgiparams{'KEY'}}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12") {
- print CLIENTCONF "pkcs12 $confighash{$cgiparams{'KEY'}}[1].p12\r\n";
- $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12", "$confighash{$cgiparams{'KEY'}}[1].p12") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1].p12\n";
- } else {
- print CLIENTCONF "ca cacert.pem\r\n";
- print CLIENTCONF "cert $confighash{$cgiparams{'KEY'}}[1]cert.pem\r\n";
- print CLIENTCONF "key $confighash{$cgiparams{'KEY'}}[1].key\r\n";
- $zip->addFile( "${General::swroot}/ovpn/ca/cacert.pem", "cacert.pem") or die "Can't add file cacert.pem\n";
- $zip->addFile( "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "$confighash{$cgiparams{'KEY'}}[1]cert.pem") or die "Can't add file $confighash{$cgiparams{'KEY'}}[1]cert.pem\n";
- }
- print CLIENTCONF "cipher $vpnsettings{DCIPHER}\r\n";
- if ($vpnsettings{DCOMPLZO} eq 'on') {
- print CLIENTCONF "comp-lzo\r\n";
- }
- print CLIENTCONF "verb 3\r\n";
- print CLIENTCONF "ns-cert-type server\r\n";
- close(CLIENTCONF);
- $zip->addFile( "$tempdir/$clientovpn", $clientovpn) or die "Can't add file $clientovpn\n";
- my $status = $zip->writeToFileNamed($zippathname);
-
- open(DLFILE, "<$zippathname") or die "Unable to open $zippathname: $!";
- @fileholder = <DLFILE>;
- print "Content-Type:application/x-download\n";
- print "Content-Disposition:attachment;filename=$zipname\n\n";
- print @fileholder;
- exit (0);
-
-###
-### Remove connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ($confighash{$cgiparams{'KEY'}}) {
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
-# }
-#
- my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
- unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
- unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
- delete $confighash{$cgiparams{'KEY'}};
- my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-###
-### Download PKCS12 file
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download pkcs12 file'}) {
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- print "Content-Disposition: filename=" . $confighash{$cgiparams{'KEY'}}[1] . ".p12\r\n";
- print "Content-Type: application/octet-stream\r\n\r\n";
- print `/bin/cat ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12`;
- exit (0);
-
-###
-### Display certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show certificate'}) {
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate'}:");
- my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
- print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
- }
-###
-### Display Certificate Revoke List
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show crl'}) {
-# &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ( -f "${General::swroot}/ovpn/crls/cacrl.pem") {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
- my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`;
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
- print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
- }
-
-###
-### Advanced Server Settings
-###
-
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'advanced server'}) {
- %cgiparams = ();
- %cahash = ();
- %confighash = ();
- &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
-
-# if ($cgiparams{'CLIENT2CLIENT'} eq '') {
-# $cgiparams{'CLIENT2CLIENT'} = 'on';
-# }
-ADV_ERROR:
- if ($cgiparams{'MAX_CLIENTS'} eq '') {
- $cgiparams{'MAX_CLIENTS'} = '100';
- }
-
- if ($cgiparams{'KEEPALIVE_1'} eq '') {
- $cgiparams{'KEEPALIVE_1'} = '10';
- }
- if ($cgiparams{'KEEPALIVE_2'} eq '') {
- $cgiparams{'KEEPALIVE_2'} = '60';
- }
- if ($cgiparams{'LOG_VERB'} eq '') {
- $cgiparams{'LOG_VERB'} = '3';
- }
- $checked{'CLIENT2CLIENT'}{'off'} = '';
- $checked{'CLIENT2CLIENT'}{'on'} = '';
- $checked{'CLIENT2CLIENT'}{$cgiparams{'CLIENT2CLIENT'}} = 'CHECKED';
- $checked{'REDIRECT_GW_DEF1'}{'off'} = '';
- $checked{'REDIRECT_GW_DEF1'}{'on'} = '';
- $checked{'REDIRECT_GW_DEF1'}{$cgiparams{'REDIRECT_GW_DEF1'}} = 'CHECKED';
- $selected{'LOG_VERB'}{'1'} = '';
- $selected{'LOG_VERB'}{'2'} = '';
- $selected{'LOG_VERB'}{'3'} = '';
- $selected{'LOG_VERB'}{'4'} = '';
- $selected{'LOG_VERB'}{'5'} = '';
- $selected{'LOG_VERB'}{'6'} = '';
- $selected{'LOG_VERB'}{'7'} = '';
- $selected{'LOG_VERB'}{'8'} = '';
- $selected{'LOG_VERB'}{'9'} = '';
- $selected{'LOG_VERB'}{'10'} = '';
- $selected{'LOG_VERB'}{'11'} = '';
- $selected{'LOG_VERB'}{'0'} = '';
- $selected{'LOG_VERB'}{$cgiparams{'LOG_VERB'}} = 'SELECTED';
-
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'status ovpn'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', $errormessage);
- if ($errormessage) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
- }
- &Header::openbox('100%', 'LEFT', $Lang::tr{'advanced server'});
- print <<END
- <form method='post' enctype='multipart/form-data'>
- <table width='100%'>
- <tr>
- <td colspan='4'><b>$Lang::tr{'dhcp-options'}</b></td>
- </tr>
- <tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
- </tr>
- <tr>
- <td class='base'>Domain</td>
- <td><input type='TEXT' name='DHCP_DOMAIN' value='$cgiparams{'DHCP_DOMAIN'}' size='30' /></td>
- </tr>
- <tr>
- <td class='base'>DNS</td>
- <td><input type='TEXT' name='DHCP_DNS' value='$cgiparams{'DHCP_DNS'}' size='30' /></td>
- </tr>
- <tr>
- <td class='base'>WINS</td>
- <td><input type='TEXT' name='DHCP_WINS' value='$cgiparams{'DHCP_WINS'}' size='30' /></td>
- </tr>
-</table>
-<hr size='1'>
- <table width='100%'>
- <tr>
- <td class'base'><b>$Lang::tr{'misc-options'}</b></td>
- </tr>
- <tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
- </tr>
- <tr>
- <td class='base'>Client-To-Client</td>
- <td><input type='checkbox' name='CLIENT2CLIENT' $checked{'CLIENT2CLIENT'}{'on'} /></td>
- </tr>
- <tr>
- <td class='base'>Redirect-Gateway def1</td>
- <td><input type='checkbox' name='REDIRECT_GW_DEF1' $checked{'REDIRECT_GW_DEF1'}{'on'} /></td>
- </tr>
- <tr>
- <td class='base'>Max-Clients</td>
- <td><input type='text' name='MAX_CLIENTS' value='$cgiparams{'MAX_CLIENTS'}' size='30' /></td>
- </tr>
- <td class='base'>Keppalive (ping/ping-restart)</td>
- <td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='30' /></td>
- <td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='30' /></td>
- </tr>
-</table>
-<hr size='1'>
- <table width='100%'>
- <tr>
- <td class'base'><b>$Lang::tr{'log-options'}</b></td>
- </tr>
- <tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
- </tr>
-
- <tr><td class='base'>VERB</td>
- <td><select name='LOG_VERB'><option value='1' $selected{'LOG_VERB'}{'1'}>1</option>
- <option value='2' $selected{'LOG_VERB'}{'2'}>2</option>
- <option value='3' $selected{'LOG_VERB'}{'3'}>3</option>
- <option value='4' $selected{'LOG_VERB'}{'4'}>4</option>
- <option value='5' $selected{'LOG_VERB'}{'5'}>5</option>
- <option value='6' $selected{'LOG_VERB'}{'6'}>6</option>
- <option value='7' $selected{'LOG_VERB'}{'7'}>7</option>
- <option value='8' $selected{'LOG_VERB'}{'8'}>8</option>
- <option value='9' $selected{'LOG_VERB'}{'9'}>9</option>
- <option value='10' $selected{'LOG_VERB'}{'10'}>10</option>
- <option value='11' $selected{'LOG_VERB'}{'11'}>11</option>
- <option value='0' $selected{'LOG_VERB'}{'0'}>0</option></select></td>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td> </td>
- <td allign='center'><input type='submit' name='ACTION' value='$Lang::tr{'save-adv-options'}' /></td>
- <td allign='center'><input type='submit' name='ACTION' value='$Lang::tr{'cancel-adv-options'}' /></td>
- <td> </td>
-</tr>
-</table>
-</form>
-END
-;
-
- &Header::closebox();
-# print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
-
-###
-### Openvpn Connections Statistics
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'ovpn con stat'}) {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'ovpn con stat'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- &Header::openbox('100%', 'LEFT', $Lang::tr{'ovpn con stat'});
-
-#
-# <td><b>$Lang::tr{'protocol'}</b></td>
-# protocol temp removed
- print <<END
- <table width='100%' border='0' cellpadding='2' cellspacing='0'>
- <tr>
- <td><b>$Lang::tr{'common name'}</b></td>
- <td><b>$Lang::tr{'real address'}</b></td>
- <td><b>$Lang::tr{'virtual address'}</b></td>
- <td><b>$Lang::tr{'loged in at'}</b></td>
- <td><b>$Lang::tr{'bytes sent'}</b></td>
- <td><b>$Lang::tr{'bytes received'}</b></td>
- <td><b>$Lang::tr{'last activity'}</b></td>
- </tr>
-END
-;
- my $filename = "/var/log/ovpnserver.log";
- open(FILE, $filename) or die 'Unable to open config file.';
- my @current = <FILE>;
- close(FILE);
- my @users =();
- my $status;
- my $uid = 0;
- my $cn;
- my @match = ();
- my $proto = "udp";
- my $address;
- my %userlookup = ();
- foreach my $line (@current)
- {
- chomp($line);
- if ( $line =~ /^Updated,(.+)/){
- @match = split( /^Updated,(.+)/, $line);
- $status = $match[1];
- }
-#gian
- if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
- @match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
- if ($match[1] ne "Common Name") {
- $cn = $match[1];
- $userlookup{$match[2]} = $uid;
- $users[$uid]{'CommonName'} = $match[1];
- $users[$uid]{'RealAddress'} = $match[2];
- $users[$uid]{'BytesReceived'} = &sizeformat($match[3]);
- $users[$uid]{'BytesSent'} = &sizeformat($match[4]);
- $users[$uid]{'Since'} = $match[5];
- $users[$uid]{'Proto'} = $proto;
- $uid++;
- }
- }
- if ( $line =~ /^(\d+\.\d+\.\d+\.\d+),(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(.+)/) {
- @match = split(m/^(\d+\.\d+\.\d+\.\d+),(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(.+)/, $line);
- if ($match[1] ne "Virtual Address") {
- $address = $match[3];
- #find the uid in the lookup table
- $uid = $userlookup{$address};
- $users[$uid]{'VirtualAddress'} = $match[1];
- $users[$uid]{'LastRef'} = $match[4];
- }
- }
- }
- my $user2 = @users;
- if ($user2 >= 1){
- for (my $idx = 1; $idx <= $user2; $idx++){
- if ($idx % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n";
- } else {
- print "<tr bgcolor='$color{'color22'}'>\n";
- }
- print "<td align='left'>$users[$idx-1]{'CommonName'}</td>";
- print "<td align='left'>$users[$idx-1]{'RealAddress'}</td>";
- print "<td align='left'>$users[$idx-1]{'VirtualAddress'}</td>";
- print "<td align='left'>$users[$idx-1]{'Since'}</td>";
- print "<td align='left'>$users[$idx-1]{'BytesSent'}</td>";
- print "<td align='left'>$users[$idx-1]{'BytesReceived'}</td>";
- print "<td align='left'>$users[$idx-1]{'LastRef'}</td>";
-# print "<td align='left'>$users[$idx-1]{'Proto'}</td>";
- }
- }
-
- print "</table>";
- print <<END
- <table width='100%' border='0' cellpadding='2' cellspacing='0'>
- <tr><td></td></tr>
- <tr><td></td></tr>
- <tr><td></td></tr>
- <tr><td></td></tr>
- <tr><td align='center' >$Lang::tr{'the statistics were last updated at'} <b>$status</b></td></tr>
- </table>
-END
-;
- &Header::closebox();
- print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
-
-###
-### Download Certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download certificate'}) {
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
- print "Content-Disposition: filename=" . $confighash{$cgiparams{'KEY'}}[1] . "cert.pem\r\n";
- print "Content-Type: application/octet-stream\r\n\r\n";
- print `/bin/cat ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
- exit (0);
- }
-
-###
-### Enable/Disable connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
-
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ($confighash{$cgiparams{'KEY'}}) {
- if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
- $confighash{$cgiparams{'KEY'}}[0] = 'on';
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
-# }
- } else {
- $confighash{$cgiparams{'KEY'}}[0] = 'off';
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
-# }
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
- }
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Restart connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'restart'}) {
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ($confighash{$cgiparams{'KEY'}}) {
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
-# }
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Remove connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ($confighash{$cgiparams{'KEY'}}) {
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
-# }
- unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
- unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
- delete $confighash{$cgiparams{'KEY'}};
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-#test33
-
-###
-### Choose between adding a host-net or net-net connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', '');
- &Header::openbox('100%', 'LEFT', $Lang::tr{'connection type'});
- print <<END
- <b>$Lang::tr{'connection type'}:</b><br />
- <table><form method='post'>
- <tr><td><input type='radio' name='TYPE' value='host' checked /></td>
- <td class='base'>$Lang::tr{'host to net vpn'}</td></tr>
- <tr><td><input type='radio' name='TYPE' value='net' disabled='disabled' /></td>
- <td class='base'>$Lang::tr{'net to net vpn'}</td></tr>
- <tr><td align='center' colspan='2'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td></tr>
- </form></table>
-END
- ;
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit (0);
-###
-### Adding a new connection
-###
-} elsif (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) ||
- ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) ||
- ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'ADVANCED'} eq '')) {
-
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
- if (! $confighash{$cgiparams{'KEY'}}[0]) {
- $errormessage = $Lang::tr{'invalid key'};
- goto VPNCONF_END;
- }
- $cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
- $cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
- $cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
- $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
- $cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
- $cgiparams{'SIDE'} = $confighash{$cgiparams{'KEY'}}[6];
- $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
- $cgiparams{'REMOTE'} = $confighash{$cgiparams{'KEY'}}[10];
- $cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
- $cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25];
- $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
-#new fields
- $cgiparams{'OVPN_SUBNET'} = $confighash{$cgiparams{'KEY'}}[27];
- $cgiparams{'PROTOCOL'} = $confighash{$cgiparams{'KEY'}}[28];
- $cgiparams{'DEST_PORT'} = $confighash{$cgiparams{'KEY'}}[29];
- $cgiparams{'COMPLZO'} = $confighash{$cgiparams{'KEY'}}[30];
- $cgiparams{'MTU'} = $confighash{$cgiparams{'KEY'}}[31];
-#new fields
-#ab hiere error uebernehmen
- } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
- $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
- if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
- $errormessage = $Lang::tr{'connection type is invalid'};
- goto VPNCONF_ERROR;
- }
-
-
- if ($cgiparams{'NAME'} !~ /^[a-zA-Z0-9]+$/) {
- $errormessage = $Lang::tr{'name must only contain characters'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'NAME'} =~ /^(host|01|block|private|clear|packetdefault)$/) {
- $errormessage = $Lang::tr{'name is invalid'};
- goto VPNCONF_ERROR;
- }
-
- if (length($cgiparams{'NAME'}) >60) {
- $errormessage = $Lang::tr{'name too long'};
- goto VPNCONF_ERROR;
- }
-
-# if (($cgiparams{'TYPE'} eq 'net') && ($cgiparams{'SIDE'} !~ /^(left|right)$/)) {
-# $errormessage = $Lang::tr{'ipfire side is invalid'};
-# goto VPNCONF_ERROR;
-# }
-
- # Check if there is no other entry with this name
- if (! $cgiparams{'KEY'}) {
- foreach my $key (keys %confighash) {
- if ($confighash{$key}[1] eq $cgiparams{'NAME'}) {
- $errormessage = $Lang::tr{'a connection with this name already exists'};
- goto VPNCONF_ERROR;
- }
- }
- }
-
- if (($cgiparams{'TYPE'} eq 'net') && (! $cgiparams{'REMOTE'})) {
- $errormessage = $Lang::tr{'invalid input for remote host/ip'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'REMOTE'}) {
- if (! &General::validip($cgiparams{'REMOTE'})) {
- if (! &General::validfqdn ($cgiparams{'REMOTE'})) {
- $errormessage = $Lang::tr{'invalid input for remote host/ip'};
- goto VPNCONF_ERROR;
- } else {
- if (&valid_dns_host($cgiparams{'REMOTE'})) {
- $warnmessage = "$Lang::tr{'check vpn lr'} $cgiparams{'REMOTE'}. $Lang::tr{'dns check failed'}";
- }
- }
- }
- }
- if ($cgiparams{'TYPE'} ne 'host') {
- unless (&General::validipandmask($cgiparams{'LOCAL_SUBNET'})) {
- $errormessage = $Lang::tr{'local subnet is invalid'};
- goto VPNCONF_ERROR;}
- }
- # Check if there is no other entry without IP-address and PSK
- if ($cgiparams{'REMOTE'} eq '') {
- foreach my $key (keys %confighash) {
- if(($cgiparams{'KEY'} ne $key) &&
- ($confighash{$key}[4] eq 'psk' || $cgiparams{'AUTH'} eq 'psk') &&
- $confighash{$key}[10] eq '') {
- $errormessage = $Lang::tr{'you can only define one roadwarrior connection when using pre-shared key authentication'};
- goto VPNCONF_ERROR;
- }
- }
- }
- if (($cgiparams{'TYPE'} eq 'net') && (! &General::validipandmask($cgiparams{'REMOTE_SUBNET'}))) {
- $errormessage = $Lang::tr{'remote subnet is invalid'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'EDIT_ADVANCED'} !~ /^(on|off)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto VPNCONF_ERROR;
- }
-
-#fixplausi
- if ($cgiparams{'AUTH'} eq 'psk') {
-# if (! length($cgiparams{'PSK'}) ) {
-# $errormessage = $Lang::tr{'pre-shared key is too short'};
-# goto VPNCONF_ERROR;
-# }
-# if ($cgiparams{'PSK'} =~ /['",&]/) {
-# $errormessage = $Lang::tr{'invalid characters found in pre-shared key'};
-# goto VPNCONF_ERROR;
-# }
- } elsif ($cgiparams{'AUTH'} eq 'certreq') {
- if ($cgiparams{'KEY'}) {
- $errormessage = $Lang::tr{'cant change certificates'};
- goto VPNCONF_ERROR;
- }
- if (ref ($cgiparams{'FH'}) ne 'Fh') {
- $errormessage = $Lang::tr{'there was no file upload'};
- goto VPNCONF_ERROR;
- }
-
- # Move uploaded certificate request to a temporary file
- (my $fh, my $filename) = tempfile( );
- if (copy ($cgiparams{'FH'}, $fh) != 1) {
- $errormessage = $!;
- goto VPNCONF_ERROR;
- }
-
- # Sign the certificate request and move it
- # Sign the host certificate request
- system('/usr/bin/openssl', 'ca', '-days', '999999',
- '-batch', '-notext',
- '-in', $filename,
- '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
- '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ($filename);
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
- &newcleanssldatabase();
- goto VPNCONF_ERROR;
- } else {
- unlink ($filename);
- &deletebackupcert();
- }
-
- my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
- $temp =~ /Subject:.*CN=(.*)[\n]/;
- $temp = $1;
- $temp =~ s+/Email+, E+;
- $temp =~ s/ ST=/ S=/;
- $cgiparams{'CERT_NAME'} = $temp;
- $cgiparams{'CERT_NAME'} =~ s/,//g;
- $cgiparams{'CERT_NAME'} =~ s/\'//g;
- if ($cgiparams{'CERT_NAME'} eq '') {
- $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
- goto VPNCONF_ERROR;
- }
- } elsif ($cgiparams{'AUTH'} eq 'certfile') {
- if ($cgiparams{'KEY'}) {
- $errormessage = $Lang::tr{'cant change certificates'};
- goto VPNCONF_ERROR;
- }
- if (ref ($cgiparams{'FH'}) ne 'Fh') {
- $errormessage = $Lang::tr{'there was no file upload'};
- goto VPNCONF_ERROR;
- }
- # Move uploaded certificate to a temporary file
- (my $fh, my $filename) = tempfile( );
- if (copy ($cgiparams{'FH'}, $fh) != 1) {
- $errormessage = $!;
- goto VPNCONF_ERROR;
- }
-
- # Verify the certificate has a valid CA and move it
- my $validca = 0;
- my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/cacert.pem $filename`;
- if ($test =~ /: OK/) {
- $validca = 1;
- } else {
- foreach my $key (keys %cahash) {
- $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem $filename`;
- if ($test =~ /: OK/) {
- $validca = 1;
- }
- }
- }
- if (! $validca) {
- $errormessage = $Lang::tr{'certificate does not have a valid ca associated with it'};
- unlink ($filename);
- goto VPNCONF_ERROR;
- } else {
- move($filename, "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
- if ($? ne 0) {
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
- unlink ($filename);
- goto VPNCONF_ERROR;
- }
- }
-
- my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
- $temp =~ /Subject:.*CN=(.*)[\n]/;
- $temp = $1;
- $temp =~ s+/Email+, E+;
- $temp =~ s/ ST=/ S=/;
- $cgiparams{'CERT_NAME'} = $temp;
- $cgiparams{'CERT_NAME'} =~ s/,//g;
- $cgiparams{'CERT_NAME'} =~ s/\'//g;
- if ($cgiparams{'CERT_NAME'} eq '') {
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
- $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
- goto VPNCONF_ERROR;
- }
- } elsif ($cgiparams{'AUTH'} eq 'certgen') {
- if ($cgiparams{'KEY'}) {
- $errormessage = $Lang::tr{'cant change certificates'};
- goto VPNCONF_ERROR;
- }
- # Validate input since the form was submitted
- if (length($cgiparams{'CERT_NAME'}) >60) {
- $errormessage = $Lang::tr{'name too long'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
- $errormessage = $Lang::tr{'invalid input for name'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'CERT_EMAIL'}))) {
- $errormessage = $Lang::tr{'invalid input for e-mail address'};
- goto VPNCONF_ERROR;
- }
- if (length($cgiparams{'CERT_EMAIL'}) > 40) {
- $errormessage = $Lang::tr{'e-mail address too long'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_OU'} ne '' && $cgiparams{'CERT_OU'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for department'};
- goto VPNCONF_ERROR;
- }
- if (length($cgiparams{'CERT_ORGANIZATION'}) >60) {
- $errormessage = $Lang::tr{'organization too long'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_ORGANIZATION'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
- $errormessage = $Lang::tr{'invalid input for organization'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_CITY'} ne '' && $cgiparams{'CERT_CITY'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for city'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_STATE'} ne '' && $cgiparams{'CERT_STATE'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for state or province'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_COUNTRY'} !~ /^[A-Z]*$/) {
- $errormessage = $Lang::tr{'invalid input for country'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_PASS1'} ne '' && $cgiparams{'CERT_PASS2'} ne ''){
- if (length($cgiparams{'CERT_PASS1'}) < 5) {
- $errormessage = $Lang::tr{'password too short'};
- goto VPNCONF_ERROR;
- }
- }
- if ($cgiparams{'CERT_PASS1'} ne $cgiparams{'CERT_PASS2'}) {
- $errormessage = $Lang::tr{'passwords do not match'};
- goto VPNCONF_ERROR;
- }
-
- # Replace empty strings with a .
- (my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/\./;
- (my $city = $cgiparams{'CERT_CITY'}) =~ s/^\s*$/\./;
- (my $state = $cgiparams{'CERT_STATE'}) =~ s/^\s*$/\./;
-
- # Create the Host certificate request client
- my $pid = open(OPENSSL, "|-");
- $SIG{ALRM} = sub { $errormessage = $Lang::tr{'broken pipe'}; goto VPNCONF_ERROR;};
- if ($pid) { # parent
- print OPENSSL "$cgiparams{'CERT_COUNTRY'}\n";
- print OPENSSL "$state\n";
- print OPENSSL "$city\n";
- print OPENSSL "$cgiparams{'CERT_ORGANIZATION'}\n";
- print OPENSSL "$ou\n";
- print OPENSSL "$cgiparams{'CERT_NAME'}\n";
- print OPENSSL "$cgiparams{'CERT_EMAIL'}\n";
- print OPENSSL ".\n";
- print OPENSSL ".\n";
- close (OPENSSL);
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}key.pem");
- unlink ("${General::swroot}ovpn/certs/$cgiparams{'NAME'}req.pem");
- goto VPNCONF_ERROR;
- }
- } else { # child
- unless (exec ('/usr/bin/openssl', 'req', '-nodes', '-rand', '/proc/interrupts:/proc/net/rt_cache',
- '-newkey', 'rsa:1024',
- '-keyout', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
- '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
- '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf")) {
- $errormessage = "$Lang::tr{'cant start openssl'}: $!";
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
- goto VPNCONF_ERROR;
- }
- }
-
- # Sign the host certificate request
- system('/usr/bin/openssl', 'ca', '-days', '999999',
- '-batch', '-notext',
- '-in', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
- '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
- '-config',"${General::swroot}/ovpn/openssl/ovpn.cnf");
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
- &newcleanssldatabase();
- goto VPNCONF_ERROR;
- } else {
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem");
- &deletebackupcert();
- }
-
- # Create the pkcs12 file
- system('/usr/bin/openssl', 'pkcs12', '-export',
- '-inkey', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
- '-in', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
- '-name', $cgiparams{'NAME'},
- '-passout', "pass:$cgiparams{'CERT_PASS1'}",
- '-certfile', "${General::swroot}/ovpn/ca/cacert.pem",
- '-caname', "$vpnsettings{'ROOTCERT_ORGANIZATION'} CA",
- '-out', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
- if ($?) {
- $errormessage = "$Lang::tr{'openssl produced an error'}: $?";
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}.p12");
- goto VPNCONF_ERROR;
- } else {
- unlink ("${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem");
- }
- } elsif ($cgiparams{'AUTH'} eq 'cert') {
- ;# Nothing, just editing
- } else {
- $errormessage = $Lang::tr{'invalid input for authentication method'};
- goto VPNCONF_ERROR;
- }
-
- # Check if there is no other entry with this common name
- if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk')) {
- foreach my $key (keys %confighash) {
- if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) {
- $errormessage = $Lang::tr{'a connection with this common name already exists'};
- goto VPNCONF_ERROR;
- }
- }
- }
-
- # Save the config
- my $key = $cgiparams{'KEY'};
- if (! $key) {
- $key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";}
- }
- $confighash{$key}[0] = $cgiparams{'ENABLED'};
- $confighash{$key}[1] = $cgiparams{'NAME'};
- if ((! $cgiparams{'KEY'}) && $cgiparams{'AUTH'} ne 'psk') {
- $confighash{$key}[2] = $cgiparams{'CERT_NAME'};
- }
- $confighash{$key}[3] = $cgiparams{'TYPE'};
- if ($cgiparams{'AUTH'} eq 'psk') {
- $confighash{$key}[4] = 'psk';
- $confighash{$key}[5] = $cgiparams{'PSK'};
- } else {
- $confighash{$key}[4] = 'cert';
- }
- if ($cgiparams{'TYPE'} eq 'net') {
- $confighash{$key}[6] = $cgiparams{'SIDE'};
- $confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
- }
- $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
- $confighash{$key}[10] = $cgiparams{'REMOTE'};
- $confighash{$key}[25] = $cgiparams{'REMARK'};
- $confighash{$key}[26] = $cgiparams{'INTERFACE'};
-# new fields
- $confighash{$key}[27] = $cgiparams{'OVPN_SUBNET'};
- $confighash{$key}[28] = $cgiparams{'PROTOCOL'};
- $confighash{$key}[29] = $cgiparams{'DEST_PORT'};
- $confighash{$key}[30] = $cgiparams{'COMPLZO'};
- $confighash{$key}[31] = $cgiparams{'MTU'};
-# new fileds
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- if ($cgiparams{'EDIT_ADVANCED'} eq 'on') {
- $cgiparams{'KEY'} = $key;
- $cgiparams{'ACTION'} = $Lang::tr{'advanced'};
- }
- goto VPNCONF_END;
- } else {
- $cgiparams{'ENABLED'} = 'on';
- $cgiparams{'SIDE'} = 'left';
- if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) {
- $cgiparams{'AUTH'} = 'psk';
- } elsif ( ! -f "${General::swroot}/ovpn/ca/cacert.pem") {
- $cgiparams{'AUTH'} = 'certfile';
- } else {
- $cgiparams{'AUTH'} = 'certgen';
- }
- $cgiparams{'LOCAL_SUBNET'} ="$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
- $cgiparams{'CERT_ORGANIZATION'} = $vpnsettings{'ROOTCERT_ORGANIZATION'};
- $cgiparams{'CERT_CITY'} = $vpnsettings{'ROOTCERT_CITY'};
- $cgiparams{'CERT_STATE'} = $vpnsettings{'ROOTCERT_STATE'};
- $cgiparams{'CERT_COUNTRY'} = $vpnsettings{'ROOTCERT_COUNTRY'};
- }
-
- VPNCONF_ERROR:
- $checked{'ENABLED'}{'off'} = '';
- $checked{'ENABLED'}{'on'} = '';
- $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
- $checked{'ENABLED_BLUE'}{'off'} = '';
- $checked{'ENABLED_BLUE'}{'on'} = '';
- $checked{'ENABLED_BLUE'}{$cgiparams{'ENABLED_BLUE'}} = 'CHECKED';
- $checked{'ENABLED_ORANGE'}{'off'} = '';
- $checked{'ENABLED_ORANGE'}{'on'} = '';
- $checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
-
-
- $checked{'EDIT_ADVANCED'}{'off'} = '';
- $checked{'EDIT_ADVANCED'}{'on'} = '';
- $checked{'EDIT_ADVANCED'}{$cgiparams{'EDIT_ADVANCED'}} = 'CHECKED';
-
- $selected{'SIDE'}{'server'} = '';
- $selected{'SIDE'}{'client'} = '';
- $selected{'SIDE'}{$cgiparams{'SIDE'}} = 'SELECTED';
-
- $checked{'AUTH'}{'psk'} = '';
- $checked{'AUTH'}{'certreq'} = '';
- $checked{'AUTH'}{'certgen'} = '';
- $checked{'AUTH'}{'certfile'} = '';
- $checked{'AUTH'}{$cgiparams{'AUTH'}} = 'CHECKED';
-
- $selected{'INTERFACE'}{$cgiparams{'INTERFACE'}} = 'SELECTED';
-
- $checked{'COMPLZO'}{'off'} = '';
- $checked{'COMPLZO'}{'on'} = '';
- $checked{'COMPLZO'}{$cgiparams{'COMPLZO'}} = 'CHECKED';
-
-
- if (1) {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', $errormessage);
- if ($errormessage) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage";
- print " </class>";
- &Header::closebox();
- }
-
- if ($warnmessage) {
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'warning messages'}:");
- print "<class name='base'>$warnmessage";
- print " </class>";
- &Header::closebox();
- }
-
- print "<form method='post' enctype='multipart/form-data'>";
- print "<input type='hidden' name='TYPE' value='$cgiparams{'TYPE'}' />";
-
- if ($cgiparams{'KEY'}) {
- print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";
- print "<input type='hidden' name='AUTH' value='$cgiparams{'AUTH'}' />";
- }
-
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:");
- print "<table width='100%'>\n";
- print "<tr><td width='25%' class='boldbase'>$Lang::tr{'name'}:</td>";
- if ($cgiparams{'TYPE'} eq 'host') {
- if ($cgiparams{'KEY'}) {
- print "<td width='35%' class='base'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>\n";
- } else {
- print "<td width='35%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' size='30' /></td>";
- }
-# print "<tr><td>$Lang::tr{'interface'}</td>";
-# print "<td><select name='INTERFACE'>";
-# print "<option value='RED' $selected{'INTERFACE'}{'RED'}>RED</option>";
-# if ($netsettings{'BLUE_DEV'} ne '') {
-# print "<option value='BLUE' $selected{'INTERFACE'}{'BLUE'}>BLUE</option>";
-# }
-# print "<option value='GREEN' $selected{'INTERFACE'}{'GREEN'}>GREEN</option>";
-# print "<option value='ORANGE' $selected{'INTERFACE'}{'ORANGE'}>ORANGE</option>";
-# print "</select></td></tr>";
-# print <<END
- } else {
- print "<input type='hidden' name='INTERFACE' value='red' />";
- if ($cgiparams{'KEY'}) {
- print "<td width='25%' class='base' nowrap='nowrap'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' />$cgiparams{'NAME'}</td>";
- } else {
- print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' maxlength='20' /></td>";
- }
- print <<END
- <td width='25%'> </td>
- <td width='25%'> </td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'Act as'}</td>
- <td><select name='SIDE'><option value='server' $selected{'SIDE'}{'server'}>OpenVPN Server</option>
- <option value='client' $selected{'SIDE'}{'client'}>OpenVPN Client</option></select></td>
- <td class='boldbase'>$Lang::tr{'remote host/ip'}:</td>
- <td><input type='TEXT' name='REMOTE' value='$cgiparams{'REMOTE'}' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
- <td><input type='TEXT' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' /></td>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
- <td><input type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' /></td></tr>
-ttt
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn subnet'}</td>
- <td><input type='TEXT' name='OVPN_SUBNET' value='$cgiparams{'OVPN_SUBNET'}' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
- <td><select name='PROTOCOL'><option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
- <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option></select></td>
- <td class='boldbase'>$Lang::tr{'destination port'}:</td>
- <td><input type='TEXT' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
- <td><input type='checkbox' name='COMPLZO' $checked{'COMPLZO'}{'on'} /></td>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'} <img src='/blob.gif' /></td>
- <td> <input type='TEXT' name='MTU' VALUE='$cgiparams{'MTU'}'size='5' /></TD>
-
-
-END
- ;
- }
- print "<tr><td class='boldbase'>$Lang::tr{'remark title'} <img src='/blob.gif' /></td>";
- print "<td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td></tr>";
-
-# if ($cgiparams{'TYPE'} eq 'net') {
- print "<tr><td>$Lang::tr{'enabled'} <input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>\n";
-
-# if ($cgiparams{'KEY'}) {
-# print "<td colspan='3'> </td></tr></table>";
-# } else {
-# print "<td colspan='3'><input type='checkbox' name='EDIT_ADVANCED' $checked{'EDIT_ADVANCED'}{'on'} /> $Lang::tr{'edit advanced settings when done'}</tr></table>";
-# }
-# }else{
- print "<td colspan='3'> </td></tr></table>";
-# }
-
-
-
- &Header::closebox();
-
- if ($cgiparams{'KEY'} && $cgiparams{'AUTH'} eq 'psk') {
- # &Header::openbox('100%', 'LEFT', $Lang::tr{'authentication'});
- # print <<END
- # <table width='100%' cellpadding='0' cellspacing='5' border='0'>
- # <tr><td class='base' width='50%'>$Lang::tr{'use a pre-shared key'}</td>
- # <td class='base' width='50%'><input type='text' name='PSK' size='30' value='$cgiparams{'PSK'}' /></td></tr>
- # </table>
-END
- # ;
- # &Header::closebox();
- } elsif (! $cgiparams{'KEY'}) {
- my $disabled='';
- my $cakeydisabled='';
- my $cacrtdisabled='';
- if ( ! -f "${General::swroot}/ovpn/ca/cakey.pem" ) { $cakeydisabled = "disabled='disabled'" } else { $cakeydisabled = "" };
- if ( ! -f "${General::swroot}/ovpn/ca/cacert.pem" ) { $cacrtdisabled = "disabled='disabled'" } else { $cacrtdisabled = "" };
- &Header::openbox('100%', 'LEFT', $Lang::tr{'authentication'});
- print <<END
- <table width='100%' cellpadding='0' cellspacing='5' border='0'>
- <tr><td colspan='3' bgcolor='#000000'><img src='/images/null.gif' width='1' height='1' border='0' /></td></tr>
- <tr><td><input type='radio' name='AUTH' value='certreq' $checked{'AUTH'}{'certreq'} $cakeydisabled /></td>
- <td class='base'>$Lang::tr{'upload a certificate request'}</td>
- <td class='base' rowspan='2'><input type='file' name='FH' size='30' $cacrtdisabled></td></tr>
- <tr><td><input type='radio' name='AUTH' value='certfile' $checked{'AUTH'}{'certfile'} $cacrtdisabled /></td>
- <td class='base'>$Lang::tr{'upload a certificate'}</td></tr>
- <tr><td colspan='3' bgcolor='#000000'><img src='/images/null.gif' width='1' height='1' BORDER='0' /></td></tr>
- <tr><td><input type='radio' name='AUTH' value='certgen' $checked{'AUTH'}{'certgen'} $cakeydisabled /></td>
- <td class='base'>$Lang::tr{'generate a certificate'}</td><td> </td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'users fullname or system hostname'}:</td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_NAME' value='$cgiparams{'CERT_NAME'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'users email'}: <img src='/blob.gif' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_EMAIL' value='$cgiparams{'CERT_EMAIL'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'users department'}: <img src='/blob.gif' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_OU' value='$cgiparams{'CERT_OU'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'organization name'}: <img src='/blob.gif' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_ORGANIZATION' value='$cgiparams{'CERT_ORGANIZATION'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'city'}: <img src='/blob.gif'></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_CITY' value='$cgiparams{'CERT_CITY'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'state or province'}: <img src='/blob.gif' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_STATE' value='$cgiparams{'CERT_STATE'}' SIZE='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'country'}:</td>
- <td class='base'><select name='CERT_COUNTRY' $cakeydisabled>
-END
-
- ;
- foreach my $country (sort keys %{Countries::countries}) {
- print "<option value='$Countries::countries{$country}'";
- if ( $Countries::countries{$country} eq $cgiparams{'CERT_COUNTRY'} ) {
- print " selected='selected'";
- }
- print ">$country</option>";
- }
- print <<END
- </select></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'pkcs12 file password'}:</td>
- <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS1' value='$cgiparams{'CERT_PASS1'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td><td class='base'>$Lang::tr{'pkcs12 file password'}:<BR>($Lang::tr{'confirmation'})</td>
- <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS2' value='$cgiparams{'CERT_PASS2'}' size='32' $cakeydisabled /></td></tr>
- </table>
-END
- ;
- &Header::closebox();
- }
-
- print "<div align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
- if ($cgiparams{'KEY'}) {
-# print "<input type='submit' name='ACTION' value='$Lang::tr{'advanced'}' />";
- }
- print "<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></div></form>";
- &Header::closebigbox();
- &Header::closepage();
- exit (0);
- }
- VPNCONF_END:
-}
-
-# SETTINGS_ERROR:
-###
-### Default status page
-###
- %cgiparams = ();
- %cahash = ();
- %confighash = ();
- &General::readhash("${General::swroot}/ovpn/settings", \%cgiparams);
- &General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- my @status = `/bin/cat /var/log/ovpnserver.log`;
-
- if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") {
- if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) {
- my $ipaddr = <IPADDR>;
- close IPADDR;
- chomp ($ipaddr);
- $cgiparams{'VPN_IP'} = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0];
- if ($cgiparams{'VPN_IP'} eq '') {
- $cgiparams{'VPN_IP'} = $ipaddr;
- }
- }
- }
-
-#default setzen
- if ($cgiparams{'DCIPHER'} eq '') {
- $cgiparams{'DCIPHER'} = 'BF-CBC';
- }
-# if ($cgiparams{'DCOMPLZO'} eq '') {
-# $cgiparams{'DCOMPLZO'} = 'on';
-# }
- if ($cgiparams{'DDEST_PORT'} eq '') {
- $cgiparams{'DDEST_PORT'} = '1194';
- }
- if ($cgiparams{'DMTU'} eq '') {
- $cgiparams{'DMTU'} = '1400';
- }
- if ($cgiparams{'DOVPN_SUBNET'} eq '') {
- $cgiparams{'DOVPN_SUBNET'} = '10.' . int(rand(256)) . '.' . int(rand(256)) . '.0/255.255.255.0';
- }
-
- $checked{'ENABLED'}{'off'} = '';
- $checked{'ENABLED'}{'on'} = '';
- $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = 'CHECKED';
- $checked{'ENABLED_BLUE'}{'off'} = '';
- $checked{'ENABLED_BLUE'}{'on'} = '';
- $checked{'ENABLED_BLUE'}{$cgiparams{'ENABLED_BLUE'}} = 'CHECKED';
- $checked{'ENABLED_ORANGE'}{'off'} = '';
- $checked{'ENABLED_ORANGE'}{'on'} = '';
- $checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
-
-
-#new settings
- $selected{'DDEVICE'}{'tun'} = '';
- $selected{'DDEVICE'}{'tap'} = '';
- $selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
-
- $selected{'DPROTOCOL'}{'udp'} = '';
- $selected{'DPROTOCOL'}{'tcp'} = '';
- $selected{'DPROTOCOL'}{$cgiparams{'DPROTOCOL'}} = 'SELECTED';
-
- $selected{'DCIPHER'}{'DES-CBC'} = '';
- $selected{'DCIPHER'}{'DES-EDE-CBC'} = '';
- $selected{'DCIPHER'}{'DES-EDE3-CBC'} = '';
- $selected{'DCIPHER'}{'DESX-CBC'} = '';
- $selected{'DCIPHER'}{'RC2-CBC'} = '';
- $selected{'DCIPHER'}{'RC2-40-CBC'} = '';
- $selected{'DCIPHER'}{'RC2-64-CBC'} = '';
- $selected{'DCIPHER'}{'BF-CBC'} = '';
- $selected{'DCIPHER'}{'CAST5-CBC'} = '';
- $selected{'DCIPHER'}{'AES-128-CBC'} = '';
- $selected{'DCIPHER'}{'AES-192-CBC'} = '';
- $selected{'DCIPHER'}{'AES-256-CBC'} = '';
- $selected{'DCIPHER'}{$cgiparams{'DCIPHER'}} = 'SELECTED';
- $checked{'DCOMPLZO'}{'off'} = '';
- $checked{'DCOMPLZO'}{'on'} = '';
- $checked{'DCOMPLZO'}{$cgiparams{'DCOMPLZO'}} = 'CHECKED';
-
-#new settings
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'status ovpn'}, 1, '');
- &Header::openbigbox('100%', 'LEFT', '', $errormessage);
-
- if ($errormessage) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
- }
-
- my $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'stopped'}</font></b></td></tr></table>";
- my $srunning = "no";
- my $activeonrun = "";
- if ( -e "/var/run/openvpn.pid"){
- $sactive = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='50%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'running'}</font></b></td></tr></table>";
- $srunning ="yes";
- $activeonrun = "";
- } else {
- $activeonrun = "disabled='disabled'";
- }
- &Header::openbox('100%', 'LEFT', $Lang::tr{'global settings'});
- print <<END
- <table width='100%'>
- <form method='post'>
- <td width='25%'> </td>
- <td width='25%'> </td>
- <td width='25%'> </td></tr>
- <tr><td class='boldbase'>$Lang::tr{'ovpn server status'}</td>
- <td align='left'>$sactive</td>
- <tr><td class='boldbase'>$Lang::tr{'ovpn on red'}</td>
- <td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
-END
-;
- if (&haveBlueNet()) {
- print "<tr><td class='boldbase'>$Lang::tr{'ovpn on blue'}</td>";
- print "<td><input type='checkbox' name='ENABLED_BLUE' $checked{'ENABLED_BLUE'}{'on'} /></td>";
- }
- if (&haveOrangeNet()) {
- print "<tr><td class='boldbase'>$Lang::tr{'ovpn on orange'}</td>";
- print "<td><input type='checkbox' name='ENABLED_ORANGE' $checked{'ENABLED_ORANGE'}{'on'} /></td>";
- }
- print <<END
- <tr><td class='base' nowrap='nowrap' colspan='2'>$Lang::tr{'local vpn hostname/ip'}:<br /><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
- <td class='boldbase' nowrap='nowrap' colspan='2'>$Lang::tr{'ovpn subnet'}<br /><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
- <td><select name='DDEVICE' ><option value='tun' $selected{'DDEVICE'}{'tun'}>TUN</option>
- <option value='tap' $selected{'DDEVICE'}{'tap'}>TAP</option></select></td>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
- <td><select name='DPROTOCOL'><option value='udp' $selected{'DPROTOCOL'}{'udp'}>UDP</option>
- <option value='tcp' $selected{'DPROTOCOL'}{'tcp'}>TCP</option></select></td>
- <td class='boldbase'>$Lang::tr{'destination port'}:</td>
- <td><input type='TEXT' name='DDEST_PORT' value='$cgiparams{'DDEST_PORT'}' size='5' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'MTU'} </td>
- <td> <input type='TEXT' name='DMTU' VALUE='$cgiparams{'DMTU'}'size='5' /></TD>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'comp-lzo'}</td>
- <td><input type='checkbox' name='DCOMPLZO' $checked{'DCOMPLZO'}{'on'} /></td>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'cipher'}</td>
- <td><select name='DCIPHER'><option value='DES-CBC' $selected{'DCIPHER'}{'DES-CBC'}>DES-CBC</option>
- <option value='DES-EDE-CBC' $selected{'DCIPHER'}{'DES-EDE-CBC'}>DES-EDE-CBC</option>
- <option value='DES-EDE3-CBC' $selected{'DCIPHER'}{'DES-EDE3-CBC'}>DES-EDE3-CBC</option>
- <option value='DESX-CBC' $selected{'DCIPHER'}{'DESX-CBC'}>DESX-CBC</option>
- <option value='RC2-CBC' $selected{'DCIPHER'}{'RC2-CBC'}>RC2-CBC</option>
- <option value='RC2-40-CBC' $selected{'DCIPHER'}{'RC2-40-CBC'}>RC2-40-CBC</option>
- <option value='RC2-64-CBC' $selected{'DCIPHER'}{'RC2-64-CBC'}>RC2-64-CBC</option>
- <option value='BF-CBC' $selected{'DCIPHER'}{'BF-CBC'}>BF-CBC</option>
- <option value='CAST5-CBC' $selected{'DCIPHER'}{'CAST5-CBC'}>CAST5-CBC</option>
- <option value='AES-128-CBC' $selected{'DCIPHER'}{'AES-128-CBC'}>AES-128-CBC</option>
- <option value='AES-192-CBC' $selected{'DCIPHER'}{'AES-192-CBC'}>AES-192-CBC</option>
- <option value='AES-256-CBC' $selected{'DCIPHER'}{'AES-256-CBC'}>AES-256-CBC</option></select></td>
-END
-;
-
- if ( $srunning eq "yes" ) {
- print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' disabled='disabled' /></td>";
- print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' disabled='disabled'/></td>";
- print "<td><input type='submit' name='ACTION' value='$Lang::tr{'stop ovpn server'}' /></td>";
- print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";
- } else{
- print "<tr><td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>";
- print "<td><input type='submit' name='ACTION' value='$Lang::tr{'advanced server'}' /></td>";
- if (( -e "${General::swroot}/ovpn/ca/cacert.pem" &&
- -e "${General::swroot}/ovpn/ca/dh1024.pem" &&
- -e "${General::swroot}/ovpn/certs/servercert.pem" &&
- -e "${General::swroot}/ovpn/certs/serverkey.pem") &&
- (( $cgiparams{'ENABLED'} eq 'on') ||
- ( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
- ( $cgiparams{'ENABLED_ORANGE'} eq 'on'))){
- print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' /></td>";
- print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' /></td></tr>";
- } else {
- print "<td><input type='submit' name='ACTION' value='$Lang::tr{'start ovpn server'}' disabled='disabled' /></td>";
- print "<td><input type='submit' name='ACTION' value='$Lang::tr{'restart ovpn server'}' disabled='disabled' /></td></tr>";
- }
- }
- print "</form></table>";
- &Header::closebox();
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate authorities'}:");
- print <<EOF#'
- <table width='100%' border='0' cellspacing='1' cellpadding='0'>
- <tr>
- <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
- <td width='65%' class='boldbase' align='center'><b>$Lang::tr{'subject'}</b></td>
- <td width='10%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
- </tr>
-EOF
- ;
- if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
- my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
- $casubject =~ /Subject: (.*)[\n]/;
- $casubject = $1;
- $casubject =~ s+/Email+, E+;
- $casubject =~ s/ ST=/ S=/;
-
- print <<END
- <tr bgcolor='$color{'color22'}'>
- <td class='base'>$Lang::tr{'root certificate'}</td>
- <td class='base'>$casubject</td>
- <form method='post' name='frmrootcrta'><td width='3%' align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' width='20' height='20' border='0' />
- </td></form>
- <form method='post' name='frmrootcrtb'><td width='3%' align='center'>
- <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
- </td></form>
- <td width='4%'> </td></tr>
-END
- ;
- } else {
- # display rootcert generation buttons
- print <<END
- <tr bgcolor='$color{'color22'}'>
- <td class='base'>$Lang::tr{'root certificate'}:</td>
- <td class='base'>$Lang::tr{'not present'}</td>
- <td colspan='3'> </td></tr>
-END
- ;
- }
-
- if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
- my $hostsubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
- $hostsubject =~ /Subject: (.*)[\n]/;
- $hostsubject = $1;
- $hostsubject =~ s+/Email+, E+;
- $hostsubject =~ s/ ST=/ S=/;
-
- print <<END
- <tr bgcolor='$color{'color20'}'>
- <td class='base'>$Lang::tr{'host certificate'}</td>
- <td class='base'>$hostsubject</td>
- <form method='post' name='frmhostcrta'><td width='3%' align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
- <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' width='20' height='20' border='0' />
- </td></form>
- <form method='post' name='frmhostcrtb'><td width='3%' align='center'>
- <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
- </td></form>
- <td width='4%'> </td></tr>
-END
- ;
- } else {
- # Nothing
- print <<END
- <tr bgcolor='$color{'color20'}'>
- <td width='25%' class='base'>$Lang::tr{'host certificate'}:</td>
- <td class='base'>$Lang::tr{'not present'}</td>
- </td><td colspan='3'> </td></tr>
-END
- ;
- }
-
- if (! -f "${General::swroot}/ovpn/ca/cacert.pem") {
- print "<tr><td colspan='5' align='center'><form method='post'>";
- print "<input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' />";
- print "</form></td></tr>\n";
- }
-
- if (keys %cahash > 0) {
- foreach my $key (keys %cahash) {
- if (($key + 1) % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n";
- } else {
- print "<tr bgcolor='$color{'color22'}'>\n";
- }
- print "<td class='base'>$cahash{$key}[0]</td>\n";
- print "<td class='base'>$cahash{$key}[1]</td>\n";
- print <<END
- <form method='post' name='cafrm${key}a'><td align='center'>
- <input type='image' name='$Lang::tr{'show ca certificate'}' src='/images/info.gif' alt='$Lang::tr{'show ca certificate'}' title='$Lang::tr{'show ca certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'show ca certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
- <form method='post' name='cafrm${key}b'><td align='center'>
- <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
- <form method='post' name='cafrm${key}c'><td align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
- <input type='image' name='$Lang::tr{'remove ca certificate'}' src='/images/delete.gif' alt='$Lang::tr{'remove ca certificate'}' title='$Lang::tr{'remove ca certificate'}' width='20' height='20' border='0' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form></tr>
-END
- ;
- }
- }
-
- print "</table>";
-
- # If the file contains entries, print Key to action icons
- if ( -f "${General::swroot}/ovpn/ca/cacert.pem") {
- print <<END
- <table>
- <tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
- <td class='base'>$Lang::tr{'show certificate'}</td>
- <td> <img src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' /></td>
- <td class='base'>$Lang::tr{'download certificate'}</td>
- </tr>
- </table>
-END
- ;
- }
- print <<END
- <form method='post' enctype='multipart/form-data'>
- <table width='100%' border='0' cellspacing='1' cellpadding='0'>
- <tr><td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
- <td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' />
- <td nowrap='nowrap'><input type='file' name='FH' size='30' /></td>
- <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /><br /><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>
- </tr></table></form>
-END
- ;
-
- &Header::closebox();
- if ( $srunning eq "yes" ) {
- print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' disabled='disabled' /></div></form>\n";
- }else{
- print "<div align='center'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></div></form>\n";
- }
- if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'Client status and controlc' });
- print <<END
- <table width='100%' border='0' cellspacing='1' cellpadding='0'>
-<tr>
- <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
- <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></td>
- <td width='18%' class='boldbase' align='center'><b>$Lang::tr{'common name'}</b></td>
- <td width='17%' class='boldbase' align='center'><b>$Lang::tr{'valid till'}</b></td>
- <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b><br /><img src='/images/null.gif' width='125' height='1' border='0' alt='L2089' /></td>
- <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></td>
- <td width='5%' class='boldbase' colspan='6' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
- ;
- my $id = 0;
- my $gif;
- foreach my $key (keys %confighash) {
- if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
-
- if ($id % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n";
- } else {
- print "<tr bgcolor='$color{'color22'}'>\n";
- }
- print "<td align='center' nowrap='nowrap'>$confighash{$key}[1]</td>";
- print "<td align='center' nowrap='nowrap'>" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";
- if ($confighash{$key}[4] eq 'cert') {
- print "<td align='left' nowrap='nowrap'>$confighash{$key}[2]</td>";
- } else {
- print "<td align='left'> </td>";
- }
- my $cavalid = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
- $cavalid =~ /Not After : (.*)[\n]/;
- $cavalid = $1;
- print "<td align='center'>$cavalid</td>";
- print "<td align='center'>$confighash{$key}[25]</td>";
- my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
- if ($confighash{$key}[0] eq 'off') {
- $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
- } else {
- my $cn;
- my @match = ();
- foreach my $line (@status) {
- chomp($line);
- if ( $line =~ /^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/) {
- @match = split(m/^(.+),(\d+\.\d+\.\d+\.\d+\:\d+),(\d+),(\d+),(.+)/, $line);
- if ($match[1] ne "Common Name") {
- $cn = $match[1];
- }
- $cn =~ s/[_]/ /g;
- if ($cn eq "$confighash{$key}[2]") {
- $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
- }
- }
- }
- }
- my $disable_clientdl = "disabled='disabled'";
- if (( $cgiparams{'ENABLED'} eq 'on') ||
- ( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
- ( $cgiparams{'ENABLED_ORANGE'} eq 'on')){
- $disable_clientdl = "";
- }
- print <<END
- <td align='center'>$active</td>
-
- <form method='post' name='frm${key}a'><td align='center'>
- <input type='image' name='$Lang::tr{'dl client arch'}' $disable_clientdl src='/images/openvpn.png' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' $disable_clientdl />
- <input type='hidden' name='KEY' value='$key' $disable_clientdl />
- </td></form>
-END
- ;
- if ($confighash{$key}[4] eq 'cert') {
- print <<END
- <form method='post' name='frm${key}b'><td align='center'>
- <input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
-END
- ; } else {
- print "<td> </td>";
- }
- if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/ovpn/certs/$confighash{$key}[1].p12") {
- print <<END
- <form method='post' name='frm${key}c'><td align='center'>
- <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/floppy.gif' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
-END
- ; } elsif ($confighash{$key}[4] eq 'cert') {
- print <<END
- <form method='post' name='frm${key}c'><td align='center'>
- <input type='image' name='$Lang::tr{'download certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
-END
- ; } else {
- print "<td> </td>";
- }
- print <<END
- <form method='post' name='frm${key}d'><td align='center'>
- <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' border='0' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
-
- <form method='post' name='frm${key}e'><td align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' width='20' height='20' border='0'/>
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
- <form method='post' name='frm${key}f'><td align='center'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' width='20' height='20' border='0' />
- <input type='hidden' name='KEY' value='$key' />
- </td></form>
- </tr>
-END
- ;
- $id++;
- }
- ;
-
- # If the config file contains entries, print Key to action icons
- if ( $id ) {
- print <<END
- <table>
- <tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
- <td class='base'>$Lang::tr{'show certificate'}</td>
- <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
- </tr>
- <tr>
- <td> </td>
- <td> <img src='/images/off.gif' alt='?OFF' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> <img src='/images/floppy.gif' alt='?FLOPPY' /></td>
- <td class='base'>$Lang::tr{'download certificate'}</td>
- <td> <img src='/images/openvpn.png' alt='?RELOAD'/></td>
- <td class='base'>$Lang::tr{'dl client arch'}</td>
- </tr>
- </table>
-END
- ;
- }
-
- print <<END
- <table width='100%'>
- <form method='post'>
- <tr><td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td>
- <td width='50%' ><input type='submit' name='ACTION' value='$Lang::tr{'ovpn con stat'}' $activeonrun /></td></tr>
- </form>
- </table>
-END
- ;
- &Header::closebox();
-}
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "/opt/pakfire/lib/functions.pl";
-
-my %pakfiresettings=();
-my $errormessage = '';
-my %color = ();
-my %mainsettings = ();
-
-&Header::showhttpheaders();
-
-$pakfiresettings{'ACTION'} = '';
-$pakfiresettings{'VALID'} = '';
-
-$pakfiresettings{'INSPAKS'} = '';
-$pakfiresettings{'DELPAKS'} = '';
-$pakfiresettings{'AUTOUPDATE'} = 'off';
-$pakfiresettings{'AUTOUPGRADE'} = 'off';
-$pakfiresettings{'UUID'} = 'on';
-
-&Header::getcgihash(\%pakfiresettings);
-
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-&Header::openpage($Lang::tr{'pakfire configuration'}, 1);
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($pakfiresettings{'ACTION'} eq 'install'){
- $pakfiresettings{'INSPAKS'} =~ s/\|/\ /g;
- if ("$pakfiresettings{'FORCE'}" eq "on") {
- my $command = "/usr/local/bin/pakfire install --non-interactive --no-colors $pakfiresettings{'INSPAKS'} &>/dev/null &";
- system("$command");
- sleep(2);
- } else {
- &Header::openbox("100%", "center", "Abfrage");
- my @output = `/usr/local/bin/pakfire resolvedeps --no-colors $pakfiresettings{'INSPAKS'}`;
- print <<END;
- <table><tr><td colspan='2'>$Lang::tr{'pakfire install package'}.$pakfiresettings{'INSPAKS'}.$Lang::tr{'pakfire possible dependency'}
- <pre>
-END
- foreach (@output) {
- print "$_\n";
- }
- print <<END;
- </pre>
- <tr><td colspan='2'>$Lang::tr{'pakfire accept all'}
- <tr><td colspan='2'>
- <tr><td align='right'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='INSPAKS' value='$pakfiresettings{'INSPAKS'}' />
- <input type='hidden' name='FORCE' value='on' />
- <input type='hidden' name='ACTION' value='install' />
- <input type='image' alt='$Lang::tr{'install'}' src='/images/go-next.png' />
- </form>
- <td align='left'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='' />
- <input type='image' alt='$Lang::tr{'abort'}' src='/images/dialog-error.png' />
- </form>
- </table>
-END
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit;
- }
-} elsif ($pakfiresettings{'ACTION'} eq 'remove') {
-
- $pakfiresettings{'DELPAKS'} =~ s/\|/\ /g;
- if ("$pakfiresettings{'FORCE'}" eq "on") {
- my $command = "/usr/local/bin/pakfire remove --non-interactive --no-colors $pakfiresettings{'DELPAKS'} &>/dev/null &";
- system("$command");
- sleep(2);
- } else {
- &Header::openbox("100%", "center", "Abfrage");
- my @output = `/usr/local/bin/pakfire resolvedeps --no-colors $pakfiresettings{'DELPAKS'}`;
- print <<END;
- <table><tr><td colspan='2'>$Lang::tr{'pakfire uninstall package'}.$pakfiresettings{'DELPAKS'}.$Lang::tr{'pakfire possible dependency'}
- <pre>
-END
- foreach (@output) {
- print "$_\n";
- }
- print <<END;
- </pre>
- <tr><td colspan='2'>$Lang::tr{'pakfire accept all'}
- <tr><td colspan='2'>
- <tr><td align='right'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='DELPAKS' value='$pakfiresettings{'DELPAKS'}' />
- <input type='hidden' name='FORCE' value='on' />
- <input type='hidden' name='ACTION' value='remove' />
- <input type='image' alt='$Lang::tr{'uninstall'}' src='/images/go-next.png' />
- </form>
- <td align='left'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='' />
- <input type='image' alt='$Lang::tr{'abort'}' src='/images/dialog-error.png' />
- </form>
- </table>
-END
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit;
- }
-
-} elsif ($pakfiresettings{'ACTION'} eq 'update') {
-
- system("/usr/local/bin/pakfire update --force --no-colors &>/dev/null");
-
-} elsif ($pakfiresettings{'ACTION'} eq 'upgrade') {
-
- system("/usr/local/bin/pakfire upgrade -y --no-colors &>/dev/null");
-
-} elsif ($pakfiresettings{'ACTION'} eq "$Lang::tr{'save'}") {
-
- if ($pakfiresettings{'AUTOUPDATE'} == "on") {
- system("/usr/local/bin/pakfire enable updates >/dev/null 2>&1");
- } else {
- system("/usr/local/bin/pakfire disable updates >/dev/null 2>&1");
- }
-
- if ($pakfiresettings{'AUTOUPGRADE'} == "on") {
- system("/usr/local/bin/pakfire enable upgrades >/dev/null 2>&1");
- } else {
- system("/usr/local/bin/pakfire disable upgrades >/dev/null 2>&1");
- }
-
- &General::writehash("${General::swroot}/pakfire/settings", \%pakfiresettings);
-}
-
-&General::readhash("${General::swroot}/pakfire/settings", \%pakfiresettings);
-
-my %selected=();
-my %checked=();
-
-$checked{'AUTOUPDATE'}{'off'} = '';
-$checked{'AUTOUPDATE'}{'on'} = '';
-$checked{'AUTOUPDATE'}{$pakfiresettings{'AUTOUPDATE'}} = "checked='checked'";
-$checked{'AUTOUPGRADE'}{'off'} = '';
-$checked{'AUTOUPGRADE'}{'on'} = '';
-$checked{'AUTOUPGRADE'}{$pakfiresettings{'AUTOUPGRADE'}} = "checked='checked'";
-$checked{'UUID'}{'off'} = '';
-$checked{'UUID'}{'on'} = '';
-$checked{'UUID'}{$pakfiresettings{'UUID'}} = "checked='checked'";
-
-# DPC move error message to top so it is seen!
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-my $return = `pidof pakfire`;
-chomp($return);
-if ($return) {
- &Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='10;'>" );
- print <<END;
- <table>
- <tr><td>
- <img src='/images/indicator.gif' alt='$Lang::tr{'aktiv'}' />
- <td>
- $Lang::tr{'pakfire working'}
- <tr><td colspan='2' align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'reload'}' src='/images/view-refresh.png' />
- </form>
- <tr><td colspan='2' align='left'><pre>
-END
- my @output = `tail -20 /var/log/pakfire.log`;
- foreach (@output) {
- print "$_";
- }
- print <<END;
- </pre>
- </table>
-END
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit;
-}
-
-my $core_release = `cat /opt/pakfire/db/core/mine 2>/dev/null`;
-chomp($core_release);
-my $core_update_age = &General::age("/opt/pakfire/db/core/mine");
-my $corelist_update_age = &General::age("/opt/pakfire/db/lists/core-list.db");
-my $server_update_age = &General::age("/opt/pakfire/db/lists/server-list.db");
-my $packages_update_age = &General::age("/opt/pakfire/db/lists/packages_list.db");
-
-&Header::openbox("100%", "center", "Pakfire");
-
-print <<END;
- <table width='95%' cellpadding='5' >
- <tr><td width="50%" bgcolor='$color{'color20'}' align="center"><b>$Lang::tr{'pakfire system state'}:</b>
- <td width="50%">
- <tr><td align="center">$Lang::tr{'pakfire core update level'}: $core_release<hr />
- $Lang::tr{'pakfire last update'} $core_update_age ago<br />
- $Lang::tr{'pakfire last serverlist update'} $server_update_age ago<br />
- $Lang::tr{'pakfire last core list update'} $corelist_update_age ago<br />
- $Lang::tr{'pakfire last package update'} $packages_update_age ago
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='update' />
- <input type='submit' value='Liste aktualisieren' /><br />
- </form>
- <td align="center">
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <select name="UPDPAKS" size="5" disabled>
-END
- &Pakfire::dblist("upgrade", "forweb");
- print <<END;
- </select>
- <br />
- <input type='hidden' name='ACTION' value='upgrade' />
- <input type='image' alt='$Lang::tr{'upgrade'}' src='/images/document-save.png' />
- </form>
-
- <tr><td colspan="2"><!-- Just an empty line -->
- <tr><td bgcolor='$color{'color20'}' align="center"><b>$Lang::tr{'pakfire available addons'}</b>
- <td bgcolor='$color{'color20'}' align="center"><b>$Lang::tr{'pakfire installed addons'}</b>
- <tr><td align="center">
- <p>$Lang::tr{'pakfire install description'}</p>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <select name="INSPAKS" size="10" multiple>
-END
- &Pakfire::dblist("notinstalled", "forweb");
-
-print <<END;
- </select>
- <br />
- <input type='hidden' name='ACTION' value='install' />
- <input type='image' alt='$Lang::tr{'install'}' src='/images/list-add.png' />
- </form>
-
- <td align="center">
- <p>$Lang::tr{'pakfire uninstall description'}</p>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <select name="DELPAKS" size="10" multiple>
-END
-
- &Pakfire::dblist("installed", "forweb");
-
-print <<END;
- </select>
- <br />
- <input type='hidden' name='ACTION' value='remove' />
- <input type='image' alt='$Lang::tr{'remove'}' src='/images/list-remove.png' />
- </form>
- </table>
-END
-
-&Header::closebox();
-&Header::openbox("100%", "center", "$Lang::tr{'settings'}");
-
-print <<END;
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='95%'>
- <tr><td colspan='2' bgcolor='$color{'color20'}'><b>$Lang::tr{'basic options'}</b></td></tr>
- <tr><td align='left' width='40%'>$Lang::tr{'pakfire update daily'}</td><td align="left">
- on <input type='radio' name='AUTOUPDATE' value='on' $checked{'AUTOUPDATE'}{'on'} />/
- <input type='radio' name='AUTOUPDATE' value='off' $checked{'AUTOUPDATE'}{'off'} /> off </td></tr>
- <tr><td align='left' width='40%'>$Lang::tr{'pakfire core update auto'}</td><td align="left">
- on <input type='radio' name='AUTOUPGRADE' value='on' $checked{'AUTOUPGRADE'}{'on'} />/
- <input type='radio' name='AUTOUPGRADE' value='off' $checked{'AUTOUPGRADE'}{'off'} /> off </td></tr>
- <tr><td align='left' width='40%'>$Lang::tr{'pakfire register'}</td><td align="left">
- on <input type='radio' name='UUID' value='on' $checked{'UUID'}{'on'} />/
- <input type='radio' name='UUID' value='off' $checked{'UUID'}{'off'} /> off </td></tr>
- <tr><td width='100%' colspan="2" align="center"><input type="submit" name="ACTION" value="$Lang::tr{'save'}" /></td></tr>
- </table>
- </form>
-END
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colouryellow} );
-undef (@dummy);
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my %cgiparams=();
-my %selected=();
-my %checked=();
-my $prtrange1=0;
-my $prtrange2=0;
-my $errormessage = '';
-my $filename = "${General::swroot}/portfw/config";
-my $aliasfile = "${General::swroot}/ethernet/aliases";
-
-&Header::showhttpheaders();
-
-$cgiparams{'ENABLED'} = 'off';
-$cgiparams{'KEY1'} = '0';
-$cgiparams{'KEY2'} = '0';
-$cgiparams{'PROTOCOL'} = '';
-$cgiparams{'SRC_PORT'} = '';
-$cgiparams{'DEST_IP'} = '';
-$cgiparams{'DEST_PORT'} = '';
-$cgiparams{'SRC_IP'} = '';
-$cgiparams{'ORIG_IP'} = '';
-$cgiparams{'REMARK'} = '';
-$cgiparams{'OVERRIDE'} = 'off';
-$cgiparams{'ACTION'} = '';
-
-&Header::getcgihash(\%cgiparams);
-
-my $disable_all = "0";
-my $enable_all = "0";
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
-{
- &valaddupdate();
-
- # Darren Critchley - if there is an error, don't waste any more time processing
- if ($errormessage) { goto ERROR; }
-
- open(FILE, $filename) or die 'Unable to open config file.';
- my @current = <FILE>;
- close(FILE);
- my $key1 = 0; # used for finding last sequence number used
- foreach my $line (@current)
- {
- my @temp = split(/\,/,$line);
-
- chomp ($temp[8]);
- if ($cgiparams{'KEY2'} eq "0"){ # if key2 is 0 then it is a portfw addition
- if ( $cgiparams{'SRC_PORT'} eq $temp[3] &&
- $cgiparams{'PROTOCOL'} eq $temp[2] &&
- $cgiparams{'SRC_IP'} eq $temp[7])
- {
- $errormessage =
- "$Lang::tr{'source port in use'} $cgiparams{'SRC_PORT'}";
- }
- # Check if key2 = 0, if it is then it is a port forward entry and we want the sequence number
- if ( $temp[1] eq "0") {
- $key1=$temp[0];
- }
- # Darren Critchley - Duplicate or overlapping Port range check
- if ($temp[1] eq "0" &&
- $cgiparams{'PROTOCOL'} eq $temp[2] &&
- $cgiparams{'SRC_IP'} eq $temp[7] &&
- $errormessage eq '')
- {
- &portchecks($temp[3], $temp[5]);
- }
- } else {
- if ( $cgiparams{'KEY1'} eq $temp[0] &&
- $cgiparams{'ORIG_IP'} eq $temp[8])
- {
- $errormessage =
- "$Lang::tr{'source ip in use'} $cgiparams{'ORIG_IP'}";
- }
- }
- }
-
-ERROR:
- unless ($errormessage)
- {
- # Darren Critchley - we only want to store ranges with Colons
- $cgiparams{'SRC_PORT'} =~ tr/-/:/;
- $cgiparams{'DEST_PORT'} =~ tr/-/:/;
-
- if ($cgiparams{'KEY1'} eq "0") { # 0 in KEY1 indicates it is a portfw add
- $key1++; # Add one to last sequence number
- open(FILE,">>$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- if ($cgiparams{'ORIG_IP'} eq '0.0.0.0/0') {
- # if the default/all is taken, then write it to the rule
- print FILE "$key1,0,$cgiparams{'PROTOCOL'},$cgiparams{'SRC_PORT'},$cgiparams{'DEST_IP'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'SRC_IP'},$cgiparams{'ORIG_IP'},$cgiparams{'REMARK'}\n";
- } else { # else create an extra record so it shows up
- print FILE "$key1,0,$cgiparams{'PROTOCOL'},$cgiparams{'SRC_PORT'},$cgiparams{'DEST_IP'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'SRC_IP'},0,$cgiparams{'REMARK'}\n";
- print FILE "$key1,1,$cgiparams{'PROTOCOL'},0,$cgiparams{'DEST_IP'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},0,$cgiparams{'ORIG_IP'},$cgiparams{'REMARK'}\n";
- }
- close(FILE);
- undef %cgiparams;
- &General::log($Lang::tr{'forwarding rule added'});
- system('/usr/local/bin/setportfw');
- } else { # else key1 eq 0
- my $insertpoint = ($cgiparams{'KEY2'} - 1);
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- foreach my $line (@current) {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY1'} eq $temp[0] && $insertpoint eq $temp[1]) {
- if ($temp[1] eq "0") { # this is the first xtaccess rule, therefore modify the portfw rule
- $temp[8] = '0';
- }
- print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$temp[7],$temp[8],$temp[9]\n";
- print FILE "$cgiparams{'KEY1'},$cgiparams{'KEY2'},$cgiparams{'PROTOCOL'},0,$cgiparams{'DEST_IP'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},0,$cgiparams{'ORIG_IP'},$cgiparams{'REMARK'}\n";
- } else {
- print FILE "$line\n";
- }
- }
- close(FILE);
- undef %cgiparams;
- &General::log($Lang::tr{'external access rule added'});
- system('/usr/local/bin/setportfw');
- } # end if if KEY1 eq 0
- } # end unless($errormessage)
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'update'})
-{
- &valaddupdate();
-
- # Darren Critchley - If there is an error don't waste any more processing time
- if ($errormessage) { $cgiparams{'ACTION'} = $Lang::tr{'edit'}; goto UPD_ERROR; }
-
- open(FILE, $filename) or die 'Unable to open config file.';
- my @current = <FILE>;
- close(FILE);
- my $disabledpfw = '0';
- my $lastpfw = '';
- my $xtaccessdel = '0';
-
- foreach my $line (@current)
- {
- my @temp = split(/\,/,$line);
- if ( $temp[1] eq "0" ) { # keep track of the last portfw and if it is enabled
- $disabledpfw = $temp[6];
- $lastpfw = $temp[0];
- }
- chomp ($temp[8]);
- if ( $cgiparams{'SRC_PORT'} eq $temp[3] &&
- $cgiparams{'PROTOCOL'} eq $temp[2] &&
- $cgiparams{'SRC_IP'} eq $temp[7])
- {
- if ($cgiparams{'KEY1'} ne $temp[0] && $cgiparams{'KEY2'} eq "0")
- {
- $errormessage =
- "$Lang::tr{'source port in use'} $cgiparams{'SRC_PORT'}";
- }
- }
- if ($cgiparams{'ORIG_IP'} eq $temp[8])
- {
- if ($cgiparams{'KEY1'} eq $temp[0] && $cgiparams{'KEY2'} ne $temp[1])
- # If we have the same source ip within a portfw group, then we have a problem!
- {
- $errormessage = "$Lang::tr{'source ip in use'} $cgiparams{'ORIG_IP'}";
- $cgiparams{'ACTION'} = $Lang::tr{'edit'};
- }
- }
-
- # Darren Critchley - Flag when a user disables an xtaccess
- if ($cgiparams{'KEY1'} eq $temp[0] &&
- $cgiparams{'KEY2'} eq $temp[1] &&
- $cgiparams{'KEY2'} ne "0" && # if KEY2 is 0 then it is a portfw
- $cgiparams{'ENABLED'} eq "off" &&
- $temp[6] eq "on") { # we have determined that someone has turned an xtaccess off
- $xtaccessdel = "1";
- }
-
- # Darren Critchley - Portfw enabled, then enable xtaccess for all associated xtaccess records
- if ($cgiparams{'ENABLED'} eq "on" && $cgiparams{'KEY2'} eq "0" && $cgiparams{'ENABLED'} ne $temp[6])
- {
- $enable_all = "1";
- } else {
- $enable_all = "0";
- }
- # Darren Critchley - Portfw disabled, then disable xtaccess for all associated xtaccess records
- if ($cgiparams{'ENABLED'} eq "off" && $cgiparams{'KEY2'} eq "0")
- {
- $disable_all = "1";
- } else {
- $disable_all = "0";
- }
-
- # Darren Critchley - if we are enabling an xtaccess, only allow if the associated Portfw is enabled
- if ($cgiparams{'KEY1'} eq $lastpfw && $cgiparams{'KEY2'} ne "0") { # identifies an xtaccess record in the group
- if ($cgiparams{'ENABLED'} eq "on" && $cgiparams{'ENABLED'} ne $temp[6] ){ # a change has been made
- if ($disabledpfw eq "off")
- {
- $errormessage = "$Lang::tr{'cant enable xtaccess'}";
- $cgiparams{'ACTION'} = $Lang::tr{'edit'};
- }
- }
- }
-
- # Darren Critchley - rule to stop someone from entering ALL into a external access rule,
- # the portfw is the only place that ALL can be specified
- if ($cgiparams{'KEY2'} ne "0" && $cgiparams{'ORIG_IP'} eq "0.0.0.0/0") {
- $errormessage = "$Lang::tr{'xtaccess all error'}";
- $cgiparams{'ACTION'} = $Lang::tr{'edit'};
- }
-
- # Darren Critchley - Duplicate or overlapping Port range check
- if ($temp[1] eq "0" &&
- $cgiparams{'KEY1'} ne $temp[0] &&
- $cgiparams{'PROTOCOL'} eq $temp[2] &&
- $cgiparams{'SRC_IP'} eq $temp[7] &&
- $errormessage eq '')
- {
- &portchecks($temp[3], $temp[5]);
- } # end port testing
-
- }
-
- # Darren Critchley - if an xtaccess was disabled, now we need to check to see if it was the only xtaccess
- if($xtaccessdel eq "1") {
- my $xctr = 0;
- foreach my $line (@current)
- {
- my @temp = split(/\,/,$line);
- if($temp[0] eq $cgiparams{'KEY1'} &&
- $temp[6] eq "on") { # we only want to count the enabled xtaccess's
- $xctr++;
- }
- }
- if ($xctr == 2){
- $disable_all = "1";
- }
- }
-
-UPD_ERROR:
- unless ($errormessage)
- {
- # Darren Critchley - we only want to store ranges with Colons
- $cgiparams{'SRC_PORT'} =~ tr/-/:/;
- $cgiparams{'DEST_PORT'} =~ tr/-/:/;
-
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- foreach my $line (@current) {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY1'} eq $temp[0] && $cgiparams{'KEY2'} eq $temp[1]) {
- print FILE "$cgiparams{'KEY1'},$cgiparams{'KEY2'},$cgiparams{'PROTOCOL'},$cgiparams{'SRC_PORT'},$cgiparams{'DEST_IP'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'SRC_IP'},$cgiparams{'ORIG_IP'},$cgiparams{'REMARK'}\n";
- } else {
- # Darren Critchley - If it is a port forward record, then chances are good that a change was made to
- # Destination Ip or Port, and we need to update all the associated external access records
- if ($cgiparams{'KEY2'} eq "0" && $cgiparams{'KEY1'} eq $temp[0]) {
- $temp[4] = $cgiparams{'DEST_IP'};
- $temp[5] = $cgiparams{'DEST_PORT'};
- $temp[2] = $cgiparams{'PROTOCOL'};
- }
-
- # Darren Critchley - If a Portfw has been disabled, then set all associated xtaccess as disabled
- if ( $disable_all eq "1" && $cgiparams{'KEY1'} eq $temp[0] ) {
- $temp[6] = 'off';
- }
- if ( $enable_all eq "1" && $cgiparams{'KEY1'} eq $temp[0] ) {
- $temp[6] = 'on';
- }
- # Darren Critchley - Deal with the override to allow ALL
- if ( $cgiparams{'OVERRIDE'} eq "on" && $temp[1] ne "0" && $cgiparams{'KEY1'} eq $temp[0] ) {
- $temp[6] = 'off';
- }
- print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$temp[7],$temp[8],$temp[9]\n";
- }
- }
- close(FILE);
- undef %cgiparams;
- &General::log($Lang::tr{'forwarding rule updated'});
- system('/usr/local/bin/setportfw');
- }
- if ($errormessage) {
- $cgiparams{'ACTION'} = $Lang::tr{'edit'};
- }
-}
-
-# Darren Critchley - Allows rules to be enabled and disabled
-if ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'})
-{
- open(FILE, $filename) or die 'Unable to open config file.';
- my @current = <FILE>;
- close(FILE);
- my $disabledpfw = '0';
- my $lastpfw = '';
- my $xtaccessdel = '0';
-
- foreach my $line (@current)
- {
- my @temp = split(/\,/,$line);
- if ( $temp[1] eq "0" ) { # keep track of the last portfw and if it is enabled
- $disabledpfw = $temp[6];
- $lastpfw = $temp[0];
- }
- # Darren Critchley - Flag when a user disables an xtaccess
- if ($cgiparams{'KEY1'} eq $temp[0] &&
- $cgiparams{'KEY2'} eq $temp[1] &&
- $cgiparams{'KEY2'} ne "0" && # if KEY2 is 0 then it is a portfw
- $cgiparams{'ENABLED'} eq "off" &&
- $temp[6] eq "on") { # we have determined that someone has turned an xtaccess off
- $xtaccessdel = "1";
- }
-
- # Darren Critchley - Portfw enabled, then enable xtaccess for all associated xtaccess records
- if ($cgiparams{'ENABLED'} eq "on" && $cgiparams{'KEY2'} eq "0" && $cgiparams{'ENABLED'} ne $temp[6])
- {
- $enable_all = "1";
- } else {
- $enable_all = "0";
- }
- # Darren Critchley - Portfw disabled, then disable xtaccess for all associated xtaccess records
- if ($cgiparams{'ENABLED'} eq "off" && $cgiparams{'KEY2'} eq "0")
- {
- $disable_all = "1";
- } else {
- $disable_all = "0";
- }
-
- # Darren Critchley - if we are enabling an xtaccess, only allow if the associated Portfw is enabled
- if ($cgiparams{'KEY1'} eq $lastpfw && $cgiparams{'KEY2'} ne "0") { # identifies an xtaccess record in the group
- if ($cgiparams{'ENABLED'} eq "on" && $cgiparams{'ENABLED'} ne $temp[6] ){ # a change has been made
- if ($disabledpfw eq "off")
- {
- $errormessage = "$Lang::tr{'cant enable xtaccess'}";
- goto TOGGLEEXIT;
- }
- }
- }
- }
-
- # Darren Critchley - if an xtaccess was disabled, now we need to check to see if it was the only xtaccess
- if($xtaccessdel eq "1") {
- my $xctr = 0;
- foreach my $line (@current)
- {
- my @temp = split(/\,/,$line);
- if($temp[0] eq $cgiparams{'KEY1'} &&
- $temp[6] eq "on") { # we only want to count the enabled xtaccess's
- $xctr++;
- }
- }
- if ($xctr == 2){
- $disable_all = "1";
- }
- }
-
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- foreach my $line (@current) {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY1'} eq $temp[0] && $cgiparams{'KEY2'} eq $temp[1]) {
- print FILE "$cgiparams{'KEY1'},$cgiparams{'KEY2'},$temp[2],$temp[3],$temp[4],$temp[5],$cgiparams{'ENABLED'},$temp[7],$temp[8],$temp[9]\n";
- } else {
- # Darren Critchley - If a Portfw has been disabled, then set all associated xtaccess as disabled
- if ( $disable_all eq "1" && $cgiparams{'KEY1'} eq $temp[0] ) {
- $temp[6] = 'off';
- }
- if ( $enable_all eq "1" && $cgiparams{'KEY1'} eq $temp[0] ) {
- $temp[6] = 'on';
- }
- print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$temp[7],$temp[8],$temp[9]\n";
- }
- }
- close(FILE);
- &General::log($Lang::tr{'forwarding rule updated'});
- system('/usr/local/bin/setportfw');
-TOGGLEEXIT:
- undef %cgiparams;
-}
-
-
-# Darren Critchley - broke out Edit routine from the delete routine - Edit routine now just puts values in fields
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'})
-{
- open(FILE, "$filename") or die 'Unable to open config file.';
- my @current = <FILE>;
- close(FILE);
-
- unless ($errormessage)
- {
- foreach my $line (@current)
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY1'} eq $temp[0] && $cgiparams{'KEY2'} eq $temp[1] ) {
- $cgiparams{'PROTOCOL'} = $temp[2];
- $cgiparams{'SRC_PORT'} = $temp[3];
- $cgiparams{'DEST_IP'} = $temp[4];
- $cgiparams{'DEST_PORT'} = $temp[5];
- $cgiparams{'ENABLED'} = $temp[6];
- $cgiparams{'SRC_IP'} = $temp[7];
- $cgiparams{'ORIG_IP'} = $temp[8];
- $cgiparams{'REMARK'} = $temp[9];
- }
-
- }
- }
-}
-
-# Darren Critchley - broke out Remove routine as the logic is getting too complex to be combined with the Edit
-if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'})
-{
- open(FILE, "$filename") or die 'Unable to open config file.';
- my @current = <FILE>;
- close(FILE);
-
- # If the record being deleted is an xtaccess record, and it is the only one for a portfw record
- # then we need to adjust the portfw record to be open to ALL ip addressess or an error will occur
- # in setportfw.c
- my $fixportfw = '0';
- if ($cgiparams{'KEY2'} ne "0") {
- my $counter = 0;
- foreach my $line (@current)
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($temp[0] eq $cgiparams{'KEY1'}) {
- $counter++;
- }
- }
- if ($counter eq 2) {
- $fixportfw = '1';
- }
- }
-
- unless ($errormessage)
- {
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- my $linedeleted = 0;
- foreach my $line (@current)
- {
- chomp($line);
- my @temp = split(/\,/,$line);
-
- if ($cgiparams{'KEY1'} eq $temp[0] && $cgiparams{'KEY2'} eq $temp[1] ||
- $cgiparams{'KEY1'} eq $temp[0] && $cgiparams{'KEY2'} eq "0" )
- {
- $linedeleted = 1;
- } else {
- if ($temp[0] eq $cgiparams{'KEY1'} && $temp[1] eq "0" && $fixportfw eq "1") {
- $temp[8] = '0.0.0.0/0';
- }
- print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$temp[7],$temp[8],$temp[9]\n";
-# print FILE "$line\n";
- }
- }
- close(FILE);
- if ($linedeleted == 1) {
- &General::log($Lang::tr{'forwarding rule removed'});
- undef %cgiparams;
- }
- system('/usr/local/bin/setportfw');
- }
-}
-
-# Darren Critchley - Added routine to allow external access rules to be added
-if ($cgiparams{'ACTION'} eq $Lang::tr{'add xtaccess'})
-{
- open(FILE, $filename) or die 'Unable to open config file.';
- my @current = <FILE>;
- close(FILE);
- my $key = 0; # used for finding last sequence number used
- foreach my $line (@current)
- {
- my @temp = split(/\,/,$line);
- if ($temp[0] eq $cgiparams{'KEY1'}) {
- $key = $temp[1]
- }
- if ($cgiparams{'KEY1'} eq $temp[0] && $cgiparams{'KEY2'} eq $temp[1] ) {
- $cgiparams{'PROTOCOL'} = $temp[2];
- $cgiparams{'SRC_PORT'} = $temp[3];
- $cgiparams{'DEST_IP'} = $temp[4];
- $cgiparams{'DEST_PORT'} = $temp[5];
- $cgiparams{'ENABLED'} = $temp[6];
- $cgiparams{'SRC_IP'} = $temp[7];
- $cgiparams{'ORIG_IP'} = '';
- $cgiparams{'REMARK'} = $temp[9];
- }
- }
- $key++;
- $cgiparams{'KEY2'} = $key;
- # Until the ADD button is hit, there needs to be no change to portfw rules
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'reset'})
-{
- undef %cgiparams;
-}
-
-if ($cgiparams{'ACTION'} eq '')
-{
- $cgiparams{'PROTOCOL'} = 'tcp';
- $cgiparams{'ENABLED'} = 'on';
- $cgiparams{'SRC_IP'} = '0.0.0.0';
-}
-
-$selected{'PROTOCOL'}{'udp'} = '';
-$selected{'PROTOCOL'}{'tcp'} = '';
-$selected{'PROTOCOL'}{'gre'} = '';
-$selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = "selected='selected'";
-
-$selected{'SRC_IP'}{$cgiparams{'SRC_IP'}} = "selected='selected'";
-
-$checked{'ENABLED'}{'off'} = '';
-$checked{'ENABLED'}{'on'} = '';
-$checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";
-
-&Header::openpage($Lang::tr{'port forwarding configuration'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'><font color='${Header::colourred}'>$errormessage\n</font>";
- print " </class>\n";
- &Header::closebox();
-}
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}){
- &Header::openbox('100%', 'left', $Lang::tr{'edit a rule'});
-} else {
- &Header::openbox('100%', 'left', $Lang::tr{'add a new rule'});
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'KEY2'} ne "0" || $cgiparams{'ACTION'} eq $Lang::tr{'add xtaccess'}){
-# if it is not a port forward record, don't validate as the fields are disabled
- my $PROT = "\U$cgiparams{'PROTOCOL'}\E";
- # Darren Critchley - Format the source and destination ports
- my $dstprt = $cgiparams{'DEST_PORT'};
- $dstprt =~ s/-/ - /;
- $dstprt =~ s/:/ - /;
-
-print <<END
-<table>
- <tr>
- <td class='base'>$Lang::tr{'protocol'}: <b>$PROT</b></td>
- <td width='20'> </td>
- <td class='base' align='right'>$Lang::tr{'destination ip'}: </td>
- <td><b>$cgiparams{'DEST_IP'}</b></td>
- <td width='20'> </td>
- <td class='base' align='right'>$Lang::tr{'destination port'}: </td>
- <td><b>$dstprt</b></td>
- </tr>
-</table>
-
-<input type='hidden' name='PROTOCOL' value='$cgiparams{'PROTOCOL'}' />
-<input type='hidden' name='SRC_IP' value='$cgiparams{'SRC_IP'}' />
-<input type='hidden' name='SRC_PORT' value='$cgiparams{'SRC_PORT'}' />
-<input type='hidden' name='DEST_IP' value='$cgiparams{'DEST_IP'}' />
-<input type='hidden' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' />
-END
-;
-} else {
-print <<END
-<table width='100%'>
- <tr>
- <td width='10%'>$Lang::tr{'protocol'}: </td>
- <td width='15%'>
- <select name='PROTOCOL'>
- <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option>
- <option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
- <option value='gre' $selected{'PROTOCOL'}{'gre'}>GRE</option>
- </select>
- </td>
- <td class='base' width='20%'><font color='${Header::colourred}'>$Lang::tr{'alias ip'}:</font></td>
- <td>
- <select name='SRC_IP'>
- <option value='0.0.0.0' $selected{'SRC_IP'}{'0.0.0.0'}>DEFAULT IP</option>
-END
-;
-open(ALIASES, "$aliasfile") or die 'Unable to open aliases file.';
-while (<ALIASES>)
-{
- chomp($_);
- my @temp = split(/\,/,$_);
- if ($temp[1] eq 'on') {
- print "<option value='$temp[0]' $selected{'SRC_IP'}{$temp[0]}>$temp[0]";
- if (defined $temp[2] and ($temp[2] ne '')) { print " ($temp[2])"; }
- print "</option>\n";
- }
-}
-close(ALIASES);
-print <<END
- </select>
- </td>
- <td class='base' width='20%'><font color='${Header::colourred}'>$Lang::tr{'source port'}:</font></td>
- <td width='10%'><input type='text' name='SRC_PORT' value='$cgiparams{'SRC_PORT'}' size='8' /></td>
- </tr>
- <tr>
- <td class='base'> </td>
- <td> </td>
- <td class='base'>$Lang::tr{'destination ip'}:</td>
- <td><input type='text' name='DEST_IP' value='$cgiparams{'DEST_IP'}' size='15' /></td>
- <td class='base'>$Lang::tr{'destination port'}:</td>
- <td><input type='text' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='8' /></td>
- </tr>
-</table>
-END
-;
-}
-
-print <<END
-<table>
- <tr>
- <td class='base'>$Lang::tr{'remark title'} <img src='/blob.gif' alt='*' /> </td>
- <td><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td>
-END
-;
-unless ($cgiparams{'ACTION'} eq $Lang::tr{'add xtaccess'} && $cgiparams{'ENABLED'} eq "off") {
- print "<td width='20'> </td>";
- print "<td>$Lang::tr{'enabled'} </td><td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>\n";
-}
-print <<END
- </tr>
-</table>
-END
-;
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'KEY2'} eq "0" && ($cgiparams{'ORIG_IP'} eq "0" || $cgiparams{'ORIG_IP'} eq "0.0.0.0/0")){
-# if it is a port forward rule with a 0 in the orig_port field, this means there are xtaccess records, and we
-# don't want to allow a person to change the orig_ip field as it will mess other logic up
- print "<input type='hidden' name='ORIG_IP' value='$cgiparams{'ORIG_IP'}' />\n";
-} else {
-print <<END
-<table>
- <tr>
- <td class='base'><font class='boldbase' color='${Header::colourred}'>$Lang::tr{'source network'}</font> <img src='/blob.gif' alt='*' /> </td>
- <td><input type='text' name='ORIG_IP' value='$cgiparams{'ORIG_IP'}' size='15' /></td>
- </tr>
-</table>
-END
-;
-}
-
-print <<END
-<table width='100%'>
- <hr />
- <tr>
- <td class='base' width='25%'><img src='/blob.gif' alt ='*' align='top' /> <font class='base'>$Lang::tr{'this field may be blank'}</font></td>
-END
-;
-
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}){
- if($cgiparams{'KEY2'} eq "0"){
- print "<td width='35%' align='right'>$Lang::tr{'open to all'}: </td><td width='5%'><input type='checkbox' name='OVERRIDE' $checked{'OVERRIDE'}{'on'} /></td>\n";
- } else {
- print "<td width='40%'> </td>\n";
- }
- print "<td align='center' width='15%'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' />";
- print "<input type='hidden' name='KEY1' value='$cgiparams{'KEY1'}' />";
- print "<input type='hidden' name='KEY2' value='$cgiparams{'KEY2'}' /></TD>";
- print "<td align='center' width='15%'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></td>";
- # on an edit and an xtaccess add, for some reason the "Reset" button stops working, so I make it a submit button
-} else {
- print "<td width='30%'> </td>\n";
- print "<td align='center' width='15%'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td>";
- if ($cgiparams{'ACTION'} eq $Lang::tr{'add xtaccess'}) {
- print "<td align='center' width='15%'><input type='hidden' name='KEY1' value='$cgiparams{'KEY1'}' />";
- print "<input type='hidden' name='KEY2' value='$cgiparams{'KEY2'}' />";
- print "<input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></td>";
- } elsif ($errormessage ne '') {
- print "<td align='center' width='15%'><input type='submit' name='ACTION' value='$Lang::tr{'reset'}' /></td>";
- } else {
- print "<td align='center' width='15%'><input type='reset' name='ACTION' value='$Lang::tr{'reset'}' /></td>";
- }
-}
-print <<END
- <td width='5%' align='right'> </td>
- </tr>
-</table>
-END
-;
-&Header::closebox();
-
-print "</form>\n";
-
-&Header::openbox('100%', 'left', $Lang::tr{'current rules'});
-print <<END
-<table width='100%'>
-<tr>
-<td width='7%' class='boldbase' align='center'><b>$Lang::tr{'proto'}</b></td>
-<td width='31%' class='boldbase' align='center'><b>$Lang::tr{'source'}</b></td>
-<td width='2%' class='boldbase' align='center'> </td>
-<td width='31%' class='boldbase' align='center'><b>$Lang::tr{'destination'}</b></td>
-<td width='24%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></td>
-<td width='4%' class='boldbase' colspan='4' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-
-my $id = 0;
-my $xtaccesscolor = '#F6F4F4';
-open(RULES, "$filename") or die 'Unable to open config file.';
-while (<RULES>)
-{
- my $protocol = '';
- my $gif = '';
- my $gdesc = '';
- my $toggle = '';
- chomp($_);
- my @temp = split(/\,/,$_);
- $temp[9] ='' unless defined $temp[9];# Glles ESpinasse : suppress warning on page init
- if ($temp[2] eq 'udp') {
- $protocol = 'UDP'; }
- elsif ($temp[2] eq 'gre') {
- $protocol = 'GRE' }
- else {
- $protocol = 'TCP' }
- # Change bgcolor when a new portfw rule is added
- if ($temp[1] eq "0"){
- $id++;
- }
- # Darren Critchley highlight the row we are editing
- if ( $cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'KEY1'} eq $temp[0] && $cgiparams{'KEY2'} eq $temp[1] ) {
- print "<tr bgcolor='${Header::colouryellow}'>\n";
- } else {
- if ($id % 2) {
- print "<tr bgcolor='$color{'color22'}'>\n";
- }
- else {
- print "<tr bgcolor='$color{'color20'}'>\n";
- }
- }
-
- if ($temp[6] eq 'on') { $gif = 'on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
- else { $gif = 'off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; }
-
- # Darren Critchley - this code no longer works - should we remove?
- # catch for 'old-style' rules file - assume default ip if
- # none exists
- if (!&General::validip($temp[7]) || $temp[7] eq '0.0.0.0') {
- $temp[7] = 'DEFAULT IP'; }
- if ($temp[1] eq '0') { # Port forwarding entry
-
- # Darren Critchley - Format the source and destintation ports
- my $srcprt = $temp[3];
- $srcprt =~ s/-/ - /;
- $srcprt =~ s/:/ - /;
- my $dstprt = $temp[5];
- $dstprt =~ s/-/ - /;
- $dstprt =~ s/:/ - /;
-
- # Darren Critchley - Get Port Service Name if we can - code borrowed from firewalllog.dat
- $_=$temp[3];
- if (/^\d+$/) {
- my $servi = uc(getservbyport($temp[3], lc($temp[2])));
- if ($servi ne '' && $temp[3] < 1024) {
- $srcprt = "$srcprt($servi)"; }
- }
- $_=$temp[5];
- if (/^\d+$/) {
- my $servi = uc(getservbyport($temp[5], lc($temp[2])));
- if ($servi ne '' && $temp[5] < 1024) {
- $dstprt = "$dstprt($servi)"; }
- }
-
- # Darren Critchley - If the line is too long, wrap the port numbers
- my $srcaddr = "$temp[7] : $srcprt";
- if (length($srcaddr) > 22) {
- $srcaddr = "$temp[7] :<br /> $srcprt";
- }
- my $dstaddr = "$temp[4] : $dstprt";
- if (length($dstaddr) > 26) {
- $dstaddr = "$temp[4] :<br /> $dstprt";
- }
-print <<END
-<td align='center'>$protocol</td>
-<td align='center'>$srcaddr</td>
-<td align='center'><img src='/images/forward.gif' alt='=>' /></td>
-<td align='center'>$dstaddr</td>
-<td align='left'> $temp[9]</td>
-<td align='center'>
- <form method='post' name='frm$temp[0]c' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
- <input type='hidden' name='KEY1' value='$temp[0]' />
- <input type='hidden' name='KEY2' value='$temp[1]' />
- <input type='hidden' name='ENABLED' value='$toggle' />
- </form>
-</td>
-
-<td align='center'>
- <form method='post' name='frm$temp[0]' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'add xtaccess'}' />
- <input type='image' name='$Lang::tr{'add xtaccess'}' src='/images/add.gif' alt='$Lang::tr{'add xtaccess'}' title='$Lang::tr{'add xtaccess'}' />
- <input type='hidden' name='KEY1' value='$temp[0]' />
- <input type='hidden' name='KEY2' value='$temp[1]' />
- </form>
-</td>
-
-<td align='center'>
- <form method='post' name='frm$temp[0]' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
- <input type='hidden' name='KEY1' value='$temp[0]' />
- <input type='hidden' name='KEY2' value='$temp[1]' />
- </form>
-</td>
-
-<td align='center'>
- <form method='post' name='frm$temp[0]b' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
- <input type='hidden' name='KEY1' value='$temp[0]' />
- <input type='hidden' name='KEY2' value='$temp[1]' />
- </form>
-</td>
-
-</tr>
-END
- ;
- } else { # external access entry
-print <<END
-<td align='center'> </td>
-
-<td align='left' colspan='4'> <font color='${Header::colourred}'>$Lang::tr{'access allowed'}</font> $temp[8] ($temp[9])</td>
-
-<td align='center'>
- <form method='post' name='frm$temp[0]$temp[1]t' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
- <input type='hidden' name='KEY1' value='$temp[0]' />
- <input type='hidden' name='KEY2' value='$temp[1]' />
- <input type='hidden' name='ENABLED' value='$toggle' />
- </form>
-</td>
-
-<td align='center'> </td>
-
-<td align='center'>
- <form method='post' name='frm$temp[0]$temp[1]' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
- <input type='hidden' name='KEY1' value='$temp[0]' />
- <input type='hidden' name='KEY2' value='$temp[1]' />
- </form>
-</td>
-
-<td align='center'>
- <form method='post' name='frm$temp[0]b$temp[1]b' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
- <input type='hidden' name='KEY1' value='$temp[0]' />
- <input type='hidden' name='KEY2' value='$temp[1]' />
- </form>
-</td>
-
-</tr>
-END
- ;
- }
-}
-
-close(RULES);
-
-print "</table>";
-
-# If the fixed lease file contains entries, print Key to action icons
-if ( ! -z "$filename") {
-print <<END
-<table>
-<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}: </b></td>
- <td><img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> </td>
- <td><img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> </td>
- <td><img src='/images/add.gif' alt='$Lang::tr{'add xtaccess'}' /></td>
- <td class='base'>$Lang::tr{'add xtaccess'}</td>
- <td> </td>
- <td><img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> </td>
- <td><img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
-</tr>
-</table>
-END
-;
-}
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-# Validate Field Entries
-sub validateparams
-{
- # Darren Critchley - Get rid of dashes in port ranges
- $cgiparams{'DEST_PORT'}=~ tr/-/:/;
- $cgiparams{'SRC_PORT'}=~ tr/-/:/;
-
- # Darren Critchley - code to substitue wildcards
- if ($cgiparams{'SRC_PORT'} eq "*") {
- $cgiparams{'SRC_PORT'} = "1:65535";
- }
- if ($cgiparams{'SRC_PORT'} =~ /^(\D)\:(\d+)$/) {
- $cgiparams{'SRC_PORT'} = "1:$2";
- }
- if ($cgiparams{'SRC_PORT'} =~ /^(\d+)\:(\D)$/) {
- $cgiparams{'SRC_PORT'} = "$1:65535";
- }
- if ($cgiparams{'DEST_PORT'} eq "*") {
- $cgiparams{'DEST_PORT'} = "1:65535";
- }
- if ($cgiparams{'DEST_PORT'} =~ /^(\D)\:(\d+)$/) {
- $cgiparams{'DEST_PORT'} = "1:$2";
- }
- if ($cgiparams{'DEST_PORT'} =~ /^(\d+)\:(\D)$/) {
- $cgiparams{'DEST_PORT'} = "$1:65535";
- }
-
- # Darren Critchley - Add code for GRE protocol - we want to ignore ports, but we need a place holder
- if ($cgiparams{'PROTOCOL'} eq 'gre') {
- $cgiparams{'SRC_PORT'} = "GRE";
- $cgiparams{'DEST_PORT'} = "GRE";
- }
-
- unless($cgiparams{'PROTOCOL'} =~ /^(tcp|udp|gre)$/) { $errormessage = $Lang::tr{'invalid input'}; }
- # Darren Critchley - Changed how the error routine works a bit - for the validportrange check, we need to
- # pass in src or dest to determine which side we are working with.
- # the routine returns the complete error or ''
- if ($cgiparams{'PROTOCOL'} ne 'gre') {
- $errormessage = &General::validportrange($cgiparams{'SRC_PORT'}, 'src');
- }
- if( ($cgiparams{'ORIG_IP'} ne "0" && $cgiparams{'KEY2'} ne "0") || $cgiparams{'ACTION'} eq $Lang::tr{'add'}) {
- # if it is a port forward record with 0 in orig_ip then ignore checking this field
- unless(&General::validipormask($cgiparams{'ORIG_IP'}))
- {
- if ($cgiparams{'ORIG_IP'} ne '') {
- $errormessage = $Lang::tr{'source ip bad'}; }
- else {
- $cgiparams{'ORIG_IP'} = '0.0.0.0/0'; }
- }
- }
- # Darren Critchey - New rule that sets destination same as source if dest_port is blank.
- if ($cgiparams{'DEST_PORT'} eq ''){
- $cgiparams{'DEST_PORT'} = $cgiparams{'SRC_PORT'};
- }
- # Darren Critchey - Just in case error message is already set, this routine would wipe it out if
- # we don't do a test here
- if ($cgiparams{'PROTOCOL'} ne 'gre') {
- unless($errormessage) {$errormessage = &General::validportrange($cgiparams{'DEST_PORT'}, 'dest');}
- }
- unless(&General::validip($cgiparams{'DEST_IP'})) { $errormessage = $Lang::tr{'destination ip bad'}; }
- return;
-}
-
-# Darren Critchley - we want to make sure that a port range does not overlap another port range
-sub checkportoverlap
-{
- my $portrange1 = $_[0]; # New port range
- my $portrange2 = $_[1]; # existing port range
- my @tempr1 = split(/\:/,$portrange1);
- my @tempr2 = split(/\:/,$portrange2);
-
- unless (&checkportinc($tempr1[0], $portrange2)){ return 0;}
- unless (&checkportinc($tempr1[1], $portrange2)){ return 0;}
-
- unless (&checkportinc($tempr2[0], $portrange1)){ return 0;}
- unless (&checkportinc($tempr2[1], $portrange1)){ return 0;}
-
- return 1; # Everything checks out!
-}
-
-# Darren Critchley - we want to make sure that a port entry is not within an already existing range
-sub checkportinc
-{
- my $port1 = $_[0]; # Port
- my $portrange2 = $_[1]; # Port range
- my @tempr1 = split(/\:/,$portrange2);
-
- if ($port1 < $tempr1[0] || $port1 > $tempr1[1]) {
- return 1;
- } else {
- return 0;
- }
-}
-
-# Darren Critchley - certain ports are reserved for Ipcop
-# TCP 67,68,81,222,445
-# UDP 67,68
-# Params passed in -> port, rangeyn, protocol
-sub disallowreserved
-{
- # port 67 and 68 same for tcp and udp, don't bother putting in an array
- my $msg = "";
- my @tcp_reserved = (81,222,444);
- my $prt = $_[0]; # the port or range
- my $ryn = $_[1]; # tells us whether or not it is a port range
- my $prot = $_[2]; # protocol
- my $srcdst = $_[3]; # source or destination
-
- if ($ryn) { # disect port range
- if ($srcdst eq "src") {
- $msg = "$Lang::tr{'rsvd src port overlap'}";
- } else {
- $msg = "$Lang::tr{'rsvd dst port overlap'}";
- }
- my @tmprng = split(/\:/,$prt);
- unless (67 < $tmprng[0] || 67 > $tmprng[1]) { $errormessage="$msg 67"; return; }
- unless (68 < $tmprng[0] || 68 > $tmprng[1]) { $errormessage="$msg 68"; return; }
- if ($prot eq "tcp") {
- foreach my $prange (@tcp_reserved) {
- unless ($prange < $tmprng[0] || $prange > $tmprng[1]) { $errormessage="$msg $prange"; return; }
- }
- }
- } else {
- if ($srcdst eq "src") {
- $msg = "$Lang::tr{'reserved src port'}";
- } else {
- $msg = "$Lang::tr{'reserved dst port'}";
- }
- if ($prt == 67) { $errormessage="$msg 67"; return; }
- if ($prt == 68) { $errormessage="$msg 68"; return; }
- if ($prot eq "tcp") {
- foreach my $prange (@tcp_reserved) {
- if ($prange == $prt) { $errormessage="$msg $prange"; return; }
- }
- }
- }
- return;
-}
-
-# Darren Critchley - Attempt to combine Add/Update validation as they are almost the same
-sub valaddupdate
-{
- if ($cgiparams{'KEY2'} eq "0"){ # if it is a port forward rule, then validate properly
- &validateparams();
- } else { # it is an xtaccess rule, just check for a valid ip
- unless(&General::validipormask($cgiparams{'ORIG_IP'}))
- {
- if ($cgiparams{'ORIG_IP'} ne '') {
- $errormessage = $Lang::tr{'source ip bad'}; }
- else { # this rule stops someone from adding an ALL xtaccess record
- $errormessage = $Lang::tr{'xtaccess all error'};
- $cgiparams{'ACTION'} = $Lang::tr{'add xtaccess'};
- }
- }
- # Darren Critchley - check for 0.0.0.0/0 - not allowed for xtaccess
- if ($cgiparams{'ORIG_IP'} eq "0.0.0.0/0" || $cgiparams{'ORIG_IP'} eq "0.0.0.0") {
- $errormessage = $Lang::tr{'xtaccess all error'};
- $cgiparams{'ACTION'} = $Lang::tr{'add xtaccess'};
- }
- }
- # Darren Critchley - Remove commas from remarks
- $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
-
- # Darren Critchley - Check to see if we are working with port ranges
- our ($prtrange1, $prtrange2);
- $_ = $cgiparams{'SRC_PORT'};
- if ($cgiparams{'KEY2'} eq "0" && m/:/){
- $prtrange1 = 1;
- }
- if ($cgiparams{'SRC_IP'} eq '0.0.0.0') { # Dave Roberts - only check if using DEFAULT IP
- if ($prtrange1 == 1){ # check for source ports reserved for Ipcop
- &disallowreserved($cgiparams{'SRC_PORT'},1,$cgiparams{'PROTOCOL'},"src");
- if ($errormessage) { goto EXITSUB; }
- } else { # check for source port reserved for Ipcop
- &disallowreserved($cgiparams{'SRC_PORT'},0,$cgiparams{'PROTOCOL'},"src");
- if ($errormessage) { goto EXITSUB; }
- }
- }
-
- $_ = $cgiparams{'DEST_PORT'};
- if ($cgiparams{'KEY2'} eq "0" && m/:/){
- $prtrange2 = 1;
- }
- if ($cgiparams{'SRC_IP'} eq '0.0.0.0') { # Dave Roberts - only check if using DEFAULT IP
- if ($prtrange2 == 1){ # check for destination ports reserved for IPFire
- &disallowreserved($cgiparams{'DEST_PORT'},1,$cgiparams{'PROTOCOL'},"dst");
- if ($errormessage) { goto EXITSUB; }
- } else { # check for destination port reserved for IPFire
- &disallowreserved($cgiparams{'DEST_PORT'},0,$cgiparams{'PROTOCOL'},"dst");
- if ($errormessage) { goto EXITSUB; }
- }
- }
-
-
-EXITSUB:
- return;
-}
-
-# Darren Critchley - Duplicate or overlapping Port range check
-sub portchecks
-{
- $_ = $_[0];
- our ($prtrange1, $prtrange2);
- if (m/:/ && $prtrange1 == 1) { # comparing two port ranges
- unless (&checkportoverlap($cgiparams{'SRC_PORT'},$_[0])) {
- $errormessage = "$Lang::tr{'source port overlaps'} $_[0]";
- }
- }
- if (m/:/ && $prtrange1 == 0 && $errormessage eq '') { # compare one port to a range
- unless (&checkportinc($cgiparams{'SRC_PORT'}, $_[0])) {
- $errormessage = "$Lang::tr{'srcprt within existing'} $_[0]";
- }
- }
- if (! m/:/ && $prtrange1 == 1 && $errormessage eq '') { # compare one port to a range
- unless (&checkportinc($_[0], $cgiparams{'SRC_PORT'})) {
- $errormessage = "$Lang::tr{'srcprt range overlaps'} $_[0]";
- }
- }
-
- if ($errormessage eq ''){
- $_ = $_[1];
- if (m/:/ && $prtrange2 == 1) { # if true then there is a port range
- unless (&checkportoverlap($cgiparams{'DEST_PORT'},$_[1])) {
- $errormessage = "$Lang::tr{'destination port overlaps'} $_[1]";
- }
- }
- if (m/:/ && $prtrange2 == 0 && $errormessage eq '') { # compare one port to a range
- unless (&checkportinc($cgiparams{'DEST_PORT'}, $_[1])) {
- $errormessage = "$Lang::tr{'dstprt within existing'} $_[1]";
- }
- }
- if (! m/:/ && $prtrange2 == 1 && $errormessage eq '') { # compare one port to a range
- unless (&checkportinc($_[1], $cgiparams{'DEST_PORT'})) {
- $errormessage = "$Lang::tr{'dstprt range overlaps'} $_[1]";
- }
- }
- }
- return;
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-our %pppsettings=();
-my %temppppsettings=();
-our %modemsettings=();
-our %isdnsettings=();
-our %netsettings=();
-my %selected=();
-my %checked=();
-my @profilenames=();
-my $errormessage = '';
-my $maxprofiles = 5;
-my $kernel=`/bin/uname -r | /usr/bin/tr -d '\012'`;
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-&Header::showhttpheaders();
-
-$pppsettings{'ACTION'} = '';
-&initprofile();
-&Header::getcgihash(\%pppsettings);
-
-if ($pppsettings{'ACTION'} ne '' &&
- (-e '/var/run/ppp-ipcop.pid' || -e "${General::swroot}/red/active"))
-{
- $errormessage = $Lang::tr{'unable to alter profiles while red is active'};
- # read in the current vars
- %pppsettings = ();
- $pppsettings{'VALID'} = '';
- &General::readhash("${General::swroot}/ppp/settings", \%pppsettings);
-}
-elsif ($pppsettings{'ACTION'} eq $Lang::tr{'refresh'})
-{
- unless ($pppsettings{'TYPE'} =~ /^(modem|serial|isdn|pppoe|pptp|pppoeatm)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ERROR; }
- my $type = $pppsettings{'TYPE'};
- &General::readhash("${General::swroot}/ppp/settings", \%pppsettings);
- $pppsettings{'TYPE'} = $type;
-}
-elsif ($pppsettings{'ACTION'} eq $Lang::tr{'save'})
-{
- if ($pppsettings{'TYPE'} =~ /^(modem|serial|isdn)$/ && $pppsettings{'COMPORT'} !~ /^(ttyS0|ttyS1|ttyS2|ttyS3|ttyS4|ttyACM0|ttyACM1|ttyACM2|ttyACM3|isdn1|isdn2)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ERROR; }
- if ($pppsettings{'TYPE'} =~ /^(modem|serial)$/ && $pppsettings{'DTERATE'} !~ /^(9600|19200|38400|57600|115200|230400|460800|921600)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ERROR; }
- if ($pppsettings{'TYPE'} eq 'modem' && $pppsettings{'DIALMODE'} !~ /^(T|P)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ERROR; }
- if ($pppsettings{'AUTH'} !~ /^(pap-or-chap|pap|chap|standard-login-script|demon-login-script|other-login-script)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ERROR;
- }
-
- if ($pppsettings{'PROFILENAME'} eq '') {
- $errormessage = $Lang::tr{'profile name not given'};
- $pppsettings{'PROFILENAME'} = '';
- goto ERROR; }
- if ($pppsettings{'TYPE'} =~ /^(modem|isdn)$/) {
- if ($pppsettings{'TELEPHONE'} eq '') {
- $errormessage = $Lang::tr{'telephone not set'};
- goto ERROR; }
- if (!($pppsettings{'TELEPHONE'} =~ /^[\d\*\#\,]+$/)) {
- $errormessage = $Lang::tr{'bad characters in the telephone number field'};
- goto ERROR; }
- }
- unless (($pppsettings{'PROTOCOL'} eq 'RFC1483' && $pppsettings{'METHOD'} =~ /^(STATIC|DHCP)$/)) {
- if ($pppsettings{'USERNAME'} eq '') {
- $errormessage = $Lang::tr{'username not set'};
- goto ERROR; }
- if ($pppsettings{'PASSWORD'} eq '') {
- $errormessage = $Lang::tr{'password not set'};
- goto ERROR; }
- }
-
- if ($pppsettings{'TIMEOUT'} eq '') {
- $errormessage = $Lang::tr{'idle timeout not set'};
- goto ERROR; }
- if (!($pppsettings{'TIMEOUT'} =~ /^\d+$/)) {
- $errormessage = $Lang::tr{'only digits allowed in the idle timeout'};
- goto ERROR; }
-
- if ($pppsettings{'LOGINSCRIPT'} =~ /[.\/ ]/ ) {
- $errormessage = $Lang::tr{'bad characters in script field'};
- goto ERROR; }
-
- if ($pppsettings{'DNS1'})
- {
- if (!(&General::validip($pppsettings{'DNS1'}))) {
- $errormessage = $Lang::tr{'invalid primary dns'};
- goto ERROR; }
- }
- if ($pppsettings{'DNS2'})
- {
- if (!(&General::validip($pppsettings{'DNS2'}))) {
- $errormessage = $Lang::tr{'invalid secondary dns'};
- goto ERROR; }
- }
-
- if ($pppsettings{'MAXRETRIES'} eq '') {
- $errormessage = $Lang::tr{'max retries not set'};
- goto ERROR; }
- if (!($pppsettings{'MAXRETRIES'} =~ /^\d+$/)) {
- $errormessage = $Lang::tr{'only digits allowed in max retries field'};
- goto ERROR; }
-
- if (!($pppsettings{'HOLDOFF'} =~ /^\d+$/)) {
- $errormessage = $Lang::tr{'only digits allowed in holdoff field'};
- goto ERROR; }
-
- if ($pppsettings{'TYPE'} eq 'pptp') {
- $errormessage = '';
- if ($pppsettings{'METHOD'} eq 'STATIC') {
- if (! &General::validip($pppsettings{'ROUTERIP'})) {
- $errormessage = $Lang::tr{'router ip'}.' '.$Lang::tr{'invalid ip'};
- }
- } else {
- if (($pppsettings{'DHCP_HOSTNAME'} ne '') && (! &General::validfqdn($pppsettings{'DHCP_HOSTNAME'})) ) {
- $errormessage = $errormessage.' '.$Lang::tr{'hostname'}.' '.$Lang::tr{'invalid hostname'};
- }
- }
- if ($errormessage ne '') {goto ERROR; }
- }
- if ($pppsettings{'TYPE'} =~ /^(pppoeatm)$/) {
- if ( ($pppsettings{'VPI'} eq '') || ($pppsettings{'VCI'} eq '') ) {
- $errormessage = $Lang::tr{'invalid vpi vpci'};
- goto ERROR; }
- if ( (!($pppsettings{'VPI'} =~ /^\d+$/)) || (!($pppsettings{'VCI'} =~ /^\d+$/)) ) {
- $errormessage = $Lang::tr{'invalid vpi vpci'};
- goto ERROR; }
- if (($pppsettings{'VPI'} eq '0') && ($pppsettings{'VCI'} eq '0')) {
- $errormessage = $Lang::tr{'invalid vpi vpci'};
- goto ERROR; }
- if ( $pppsettings{'PROTOCOL'} eq '' ) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ERROR; }
- }
-
- if ( ($pppsettings{'PROTOCOL'} eq 'RFC1483') && ($pppsettings{'METHOD'} eq '') && \
- ($pppsettings{'TYPE'} !~ /^(alcatelusb|fritzdsl)$/)) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ERROR; }
-
- if (($pppsettings{'PROTOCOL'} eq 'RFC1483' && $pppsettings{'METHOD'} eq 'DHCP')) {
- if ($pppsettings{'DHCP_HOSTNAME'} ne '') {
- if (! &General::validfqdn($pppsettings{'DHCP_HOSTNAME'})) {
- $errormessage = $errormessage.' '.$Lang::tr{'hostname'}.': '.$Lang::tr{'invalid hostname'}; }
- }
- }
-
- if (($pppsettings{'PROTOCOL'} eq 'RFC1483' && $pppsettings{'METHOD'} eq 'STATIC')) {
- $errormessage = '';
- if (! &General::validip($pppsettings{'IP'})) {
- $errormessage = $Lang::tr{'static ip'}.' '.$Lang::tr{'invalid ip'}; }
- if (! &General::validip($pppsettings{'GATEWAY'})) {
- $errormessage = $errormessage.' '.$Lang::tr{'gateway ip'}.' '.$Lang::tr{'invalid ip'}; }
- if (! &General::validmask($pppsettings{'NETMASK'})) {
- $errormessage = $errormessage.' '.$Lang::tr{'netmask'}.' '.$Lang::tr{'invalid netmask'}; }
- if ($pppsettings{'BROADCAST'} ne '') {
- if (! &General::validip($pppsettings{'BROADCAST'})) {
- $errormessage = $errormessage.' '.$Lang::tr{'broadcast'}.' '.$Lang::tr{'invalid broadcast ip'}; }
- }
- if( $pppsettings{'DNS'} eq 'Automatic') {
- $errormessage = $Lang::tr{'invalid input'}; }
- if ($errormessage ne '') {goto ERROR; }
- }
-
- if( $pppsettings{'PROTOCOL'} eq 'RFC1483' && $pppsettings{'METHOD'} ne 'PPPOE' && \
- $pppsettings{'RECONNECTION'} eq 'dialondemand' ) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ERROR; }
-
- if( $pppsettings{'RECONNECTION'} eq 'dialondemand' && `/bin/cat ${General::swroot}/ddns/config` =~ /,on$/m ) {
- $errormessage = $Lang::tr{'dod not compatible with ddns'};
- goto ERROR; }
-
-# if( $pppsettings{'PROTOCOL'} eq 'RFC1483') {
-# $pppsettings{'ENCAP'} = $pppsettings{'ENCAP_RFC1483'}; }
-# if( $pppsettings{'PROTOCOL'} eq 'RFC2364') {
-# $pppsettings{'ENCAP'} = $pppsettings{'ENCAP_RFC2364'}; }
- delete $pppsettings{'ENCAP_RFC1483'};
- delete $pppsettings{'ENCAP_RFC2364'};
-
-ERROR:
- if ($errormessage) {
- $pppsettings{'VALID'} = 'no'; }
- else {
- $pppsettings{'VALID'} = 'yes'; }
-
- # write cgi vars to the file.
- &General::writehash("${General::swroot}/ppp/settings-$pppsettings{'PROFILE'}",
- \%pppsettings);
-
- # make link and write secret file.
- &updatesettings();
- &writesecrets();
-
- &General::log("$Lang::tr{'profile saved'} $pppsettings{'PROFILENAME'}");
-}
-if ($pppsettings{'ACTION'} eq $Lang::tr{'select'})
-{
- my $profile = $pppsettings{'PROFILE'};
- %temppppsettings = ();
- $temppppsettings{'PROFILE'} = '';
- &General::readhash("${General::swroot}/ppp/settings-$pppsettings{'PROFILE'}",
- \%temppppsettings);
-
- # make link.
- &updatesettings();
-
- # read in the new params "early" so we can write secrets.
- %pppsettings = ();
- &General::readhash("${General::swroot}/ppp/settings", \%pppsettings);
- $pppsettings{'PROFILE'} = $profile;
- &General::writehash("${General::swroot}/ppp/settings-$pppsettings{'PROFILE'}",
- \%pppsettings);
-
- &writesecrets();
-
- &General::log("$Lang::tr{'profile made current'} $pppsettings{'PROFILENAME'}");
-}
-elsif ($pppsettings{'ACTION'} eq $Lang::tr{'delete'})
-{
- &General::log("$Lang::tr{'profile deleted'} $pppsettings{'PROFILENAME'}");
-
- my $profile = $pppsettings{'PROFILE'};
- truncate ("${General::swroot}/ppp/settings-$pppsettings{'PROFILE'}", 0);
-
- %temppppsettings = ();
- $temppppsettings{'PROFILE'} = '';
- &General::readhash("${General::swroot}/ppp/settings-$pppsettings{'PROFILE'}",
- \%temppppsettings);
-
- # make link.
- &updatesettings();
-
- # read in the new params "early" so we can write secrets.
- %pppsettings = ();
- &General::readhash("${General::swroot}/ppp/settings", \%pppsettings);
- $pppsettings{'PROFILE'} = $profile;
- &initprofile;
- &General::writehash("${General::swroot}/ppp/settings-$pppsettings{'PROFILE'}",
- \%pppsettings);
-}
-elsif ($pppsettings{'ACTION'} eq $Lang::tr{'refresh'})
-{
-}
-else
-{
- # read in the current vars
- %pppsettings = ();
- $pppsettings{'VALID'} = '';
- &General::readhash("${General::swroot}/ppp/settings", \%pppsettings);
-}
-
-# read in the profile names into @profilenames.
-my $c=0;
-for ($c = 1; $c <= $maxprofiles; $c++)
-{
- %temppppsettings = ();
- $temppppsettings{'PROFILENAME'} = $Lang::tr{'empty profile'};
- &General::readhash("${General::swroot}/ppp/settings-$c", \%temppppsettings);
- $profilenames[$c] = $temppppsettings{'PROFILENAME'};
-}
-
-if ($pppsettings{'VALID'} eq '')
-{
- if ($pppsettings{'PROFILE'} eq '') {
- $pppsettings{'PROFILE'} = '1';
- &initprofile();
- }
-}
-for ($c = 1; $c <= $maxprofiles; $c++) {
- $selected{'PROFILE'}{$c} = ''; }
-$selected{'PROFILE'}{$pppsettings{'PROFILE'}} = "selected='selected'";
-for ($c = 1; $c <= $maxprofiles; $c++) {
- $selected{'BACKUPPROFILE'}{$c} = ''; }
-$selected{'BACKUPPROFILE'}{$pppsettings{'BACKUPPROFILE'}} = "selected='selected'";
-
-$selected{'TYPE'}{'modem'} = '';
-$selected{'TYPE'}{'serial'} = '';
-$selected{'TYPE'}{'pppoe'} = '';
-$selected{'TYPE'}{'pptp'} = '';
-$selected{'TYPE'}{$pppsettings{'TYPE'}} = "selected='selected'";
-$checked{'DEBUG'}{'off'} = '';
-$checked{'DEBUG'}{'on'} = '';
-$checked{'DEBUG'}{$pppsettings{'DEBUG'}} = "checked='checked'";
-
-$selected{'COMPORT'}{'ttyS0'} = '';
-$selected{'COMPORT'}{'ttyS1'} = '';
-$selected{'COMPORT'}{'ttyS2'} = '';
-$selected{'COMPORT'}{'ttyS3'} = '';
-$selected{'COMPORT'}{'ttyS4'} = '';
-if ( $pppsettings{'TYPE'} ne '' ){
-$selected{'COMPORT'}{'ttyACM0'} = '';
-$selected{'COMPORT'}{'ttyACM1'} = '';
-$selected{'COMPORT'}{'ttyACM2'} = '';
-$selected{'COMPORT'}{'ttyACM3'} = '';}
-$selected{'COMPORT'}{$pppsettings{'COMPORT'}} = "selected='selected'";
-
-$selected{'DTERATE'}{'9600'} = '';
-$selected{'DTERATE'}{'19200'} = '';
-$selected{'DTERATE'}{'38400'} = '';
-$selected{'DTERATE'}{'57600'} = '';
-$selected{'DTERATE'}{'115200'} = '';
-$selected{'DTERATE'}{'230400'} = '';
-$selected{'DTERATE'}{'460800'} = '';
-$selected{'DTERATE'}{'921600'} = '';
-$selected{'DTERATE'}{$pppsettings{'DTERATE'}} = "selected='selected'";
-
-$checked{'SPEAKER'}{'off'} = '';
-$checked{'SPEAKER'}{'on'} = '';
-$checked{'SPEAKER'}{$pppsettings{'SPEAKER'}} = "checked='checked'";
-
-$selected{'DIALMODE'}{'T'} = '';
-$selected{'DIALMODE'}{'P'} = '';
-$selected{'DIALMODE'}{$pppsettings{'DIALMODE'}} = "selected='selected'";
-
-$checked{'RECONNECTION'}{'persistent'} = '';
-$checked{'RECONNECTION'}{'dialondemand'} = '';
-$checked{'RECONNECTION'}{$pppsettings{'RECONNECTION'}} = "checked='checked'";
-
-$checked{'DIALONDEMANDDNS'}{'off'} = '';
-$checked{'DIALONDEMANDDNS'}{'on'} = '';
-$checked{'DIALONDEMANDDNS'}{$pppsettings{'DIALONDEMANDDNS'}} = "checked='checked'";
-
-$checked{'AUTOCONNECT'}{'off'} = '';
-$checked{'AUTOCONNECT'}{'on'} = '';
-$checked{'AUTOCONNECT'}{$pppsettings{'AUTOCONNECT'}} = "checked='checked'";
-
-$checked{'SENDCR'}{'off'} = '';
-$checked{'SENDCR'}{'on'} = '';
-$checked{'SENDCR'}{$pppsettings{'SENDCR'}} = "checked='checked'";
-$checked{'USEDOV'}{'off'} = '';
-$checked{'USEDOV'}{'on'} = '';
-$checked{'USEDOV'}{$pppsettings{'USEDOV'}} = "checked='checked'";
-
-$checked{'MODEM'}{'PCIST'} = '';
-$checked{'MODEM'}{'USB'} = '';
-$checked{'MODEM'}{$pppsettings{'MODEM'}} = "checked='checked'";
-
-$selected{'LINE'}{'WO'} = '';
-$selected{'LINE'}{'ES'} = '';
-$selected{'LINE'}{'ES03'} = '';
-$selected{'LINE'}{'FR'} = '';
-$selected{'LINE'}{'FR04'} = '';
-$selected{'LINE'}{'FR10'} = '';
-$selected{'LINE'}{'IT'} = '';
-$selected{'LINE'}{$pppsettings{'LINE'}} = "selected='selected'";
-
-$checked{'MODULATION'}{'GDMT'} = '';
-$checked{'MODULATION'}{'ANSI'} = '';
-$checked{'MODULATION'}{'GLITE'} = '';
-$checked{'MODULATION'}{'AUTO'} = '';
-$checked{'MODULATION'}{$pppsettings{'MODULATION'}} = "checked='checked'";
-
-$checked{'PROTOCOL'}{'RFC1483'} = '';
-$checked{'PROTOCOL'}{'RFC2364'} = '';
-$checked{'PROTOCOL'}{$pppsettings{'PROTOCOL'}} = "checked='checked'";
-
-$selected{'ENCAP'}{'0'} = '';
-$selected{'ENCAP'}{'1'} = '';
-#$selected{'ENCAP'}{'2'} = '';
-#$selected{'ENCAP'}{'3'} = '';
-#$selected{'ENCAP'}{'4'} = '';
-$selected{'ENCAP'}{$pppsettings{'ENCAP'}} = "selected='selected'";
-
-$checked{'METHOD'}{'STATIC'} = '';
-$checked{'METHOD'}{'PPPOE'} = '';
-$checked{'METHOD'}{'PPPOE_PLUGIN'} = '';
-$checked{'METHOD'}{'DHCP'} = '';
-$checked{'METHOD'}{$pppsettings{'METHOD'}} = "checked='checked'";
-
-$selected{'AUTH'}{'pap-or-chap'} = '';
-$selected{'AUTH'}{'pap'} = '';
-$selected{'AUTH'}{'chap'} = '';
-$selected{'AUTH'}{'standard-login-script'} = '';
-$selected{'AUTH'}{'demon-login-script'} = '';
-$selected{'AUTH'}{'other-login-script'} = '';
-$selected{'AUTH'}{$pppsettings{'AUTH'}} = "selected='selected'";
-
-$checked{'DNS'}{'Automatic'} = '';
-$checked{'DNS'}{'Manual'} = '';
-$checked{'DNS'}{$pppsettings{'DNS'}} = "checked='checked'";
-
-&Header::openpage($Lang::tr{'ppp setup'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($netsettings{'RED_TYPE'} ne 'PPPOE') {
- $errormessage = $Lang::tr{'dialup red not ppp'};
- &Header::openbox('100%', 'center', $Lang::tr{'error messages'});
- print "<CLASS name='base'>$errormessage\n";
- print " </CLASS>\n";
- &Header::closebox();
- &Header::closebigbox();
-
- &Header::closepage();
- exit(1);
-}
-
-if ($errormessage) {
- &Header::openbox('100%', 'center', $Lang::tr{'error messages'});
- print "<CLASS name='base'>$errormessage\n";
- print " </CLASS>\n";
- &Header::closebox();
-}
-
-
-###
-### Box for selecting profile
-###
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-&Header::openbox('100%', 'center', $Lang::tr{'profile'});
-print <<END
-<table width='95%' cellspacing='0'>
-<tr>
- <td align='left'>$Lang::tr{'profile'}</td>
- <td align='left'>
- <select name='PROFILE' style="width: 165px">
-END
-;
-for ($c = 1; $c <= $maxprofiles; $c++)
-{
- print "\t<option value='$c' $selected{'PROFILE'}{$c}>$c. $profilenames[$c]</option>\n";
-}
-print <<END
- </select></td>
- <td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'select'}' /></td>
- <td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'delete'}' /></td>
- <td align='left'><input type='submit' name='ACTION' value='$Lang::tr{'restore'}' /></td>
-</tr>
-</table>
-<br></br>
-<hr></hr>
-END
-;
-
-&Header::closebox();
-&Header::openbox('100%', 'center', $Lang::tr{'connection'});
-
-print <<END
-<table width='95%' cellspacing='0'>
-<tr>
- <td width='25%'>$Lang::tr{'interface'}:</td>
- <td width='25%'>
- <select name='TYPE' style="width: 165px">
-END
-;
-if ($netsettings{'RED_TYPE'} eq 'PPPOE') {
-print <<END
- <option value='modem' $selected{'TYPE'}{'modem'}>$Lang::tr{'modem'}</option>
- <option value='serial' $selected{'TYPE'}{'serial'}>$Lang::tr{'serial'}</option>
- <option value='pppoe' $selected{'TYPE'}{'pppoe'}>PPPoE</option>
-END
-;
-
-my $atmdev=`cat /proc/net/atm/devices | grep 0`;
-chomp ($atmdev);
-if ($atmdev ne '') {
- print <<END
- <option value='pppoeatm' $selected{'TYPE'}{'pppoeatm'}>PPPoE over ATM-BRIDGE</option>
-END
-;
-}
-}
-#if ($netsettings{'RED_TYPE'} eq 'PPTP') {#
-# print "\t<option value='pptp' $selected{'TYPE'}{'pptp'}>PPTP</option>\n";
-#}
-#
-#if (0) {
-# print <<END
-# <option value='eciadsl' $selected{'TYPE'}{'eciadsl'}>ECI USB ADSL</option>
-# <option value='eagleusbadsl' $selected{'TYPE'}{'eagleusbadsl'}>Eagle USB ADSL (Acer Allied-Telesyn Comtrend D-Link Sagem USR)</option>
-# <option value='conexantusbadsl' $selected{'TYPE'}{'conexantusbadsl'}>Conexant USB(Aetra Amigo Draytek Etec Mac Olitec Vitelcom Zoom)</option>
-# <option value='amedynusbadsl' $selected{'TYPE'}{'amedynusbadsl'}>Zyxel 630-11 / Asus AAM6000UG USB ADSL</option>
-# <option value='3cp4218usbadsl' $selected{'TYPE'}{'3cp4218usbadsl'}>3Com USB AccessRunner</option>
-# <option value='alcatelusb' $selected{'TYPE'}{'alcatelusb'}>Speedtouch USB ADSL user mode driver</option>
-# <option value='alcatelusbk' $selected{'TYPE'}{'alcatelusbk'}>Speedtouch USB ADSL kernel mode driver</option>
-#END
-#;
-#}
-# print "<option value='fritzdsl' $selected{'TYPE'}{'fritzdsl'}>Fritz!DSL</option>";
-
- print <<END
- </select></td>
- <td colspan='1' width='25%'><input type='submit' name='ACTION' value='$Lang::tr{'refresh'}'></td>
-END
-;
- if ($pppsettings{'TYPE'} =~ /^(modem)$/) {
- print <<END
- <td colspan='1' width='25%'><A HREF=modem.cgi>$Lang::tr{'modem configuration'}</A></td>
-END
-;
-}
-
- print "</tr>";
-
-#if (-f "/proc/bus/usb/devices") {
-# <td colspan='2' width='50%'>USB:</td>
-# my $usb=`lsmod | cut -d ' ' -f1 | grep -E "hci"`;
-# if ($usb eq '') {
-# print "\t<td colspan='2' width='50%'>$Lang::tr{'not running'}</td></tr>\n";
-# } else {
-# print "\t<td colspan='2' width='50%'>$usb</td></tr>\n";
-# }
-#}
-
-if ($pppsettings{'TYPE'}) {
- print "<tr><td colspan='4' width='100%'><br></br></td></tr>";
-
- if ($pppsettings{'TYPE'} =~ /^(modem|serial)$/) {
- print <<END
-
-<tr>
- <td colspan='3' width='75%'>$Lang::tr{'interface'}:</td>
- <td width='25%'><select name='COMPORT' style="width: 165px">
-END
-;
- if ($pppsettings{'TYPE'} =~ /^(modem|serial)$/ ) {
- print <<END
- <option value='ttyS0' $selected{'COMPORT'}{'ttyS0'}>COM1</option>
- <option value='ttyS1' $selected{'COMPORT'}{'ttyS1'}>COM2</option>
- <option value='ttyS2' $selected{'COMPORT'}{'ttyS2'}>COM3</option>
- <option value='ttyS3' $selected{'COMPORT'}{'ttyS3'}>COM4</option>
- <option value='ttyS4' $selected{'COMPORT'}{'ttyS4'}>COM5</option>
-END
-;
- if ($pppsettings{'TYPE'} ne 'serial' ) {
- print <<END
- <option value='ttyACM0' $selected{'COMPORT'}{'ttyACM0'}>$Lang::tr{'usb modem on acm0'}</option>
- <option value='ttyACM1' $selected{'COMPORT'}{'ttyACM1'}>$Lang::tr{'usb modem on acm1'}</option>
- <option value='ttyACM2' $selected{'COMPORT'}{'ttyACM2'}>$Lang::tr{'usb modem on acm2'}</option>
- <option value='ttyACM3' $selected{'COMPORT'}{'ttyACM3'}>$Lang::tr{'usb modem on acm3'}</option>
-END
-;
- }
- print "</select></td> "}
- if ($pppsettings{'TYPE'} =~ /^(modem|serial)$/ ) {
- print <<END
- <tr>
- <td colspan='3' width='75%'>$Lang::tr{'computer to modem rate'}</td>
- <td width='25%'><select name='DTERATE' style="width: 165px">
- <option value='9600' $selected{'DTERATE'}{'9600'}>9600</option>
- <option value='19200' $selected{'DTERATE'}{'19200'}>19200</option>
- <option value='38400' $selected{'DTERATE'}{'38400'}>38400</option>
- <option value='57600' $selected{'DTERATE'}{'57600'}>57600</option>
- <option value='115200' $selected{'DTERATE'}{'115200'}>115200</option>
- <option value='230400' $selected{'DTERATE'}{'230400'}>230400</option>
- <option value='460800' $selected{'DTERATE'}{'460800'}>460800</option>
- <option value='921600' $selected{'DTERATE'}{'921600'}>921600</option>
- </select></td>
-</tr>
-END
-;
- }
- if ($pppsettings{'TYPE'} =~ /^(modem)$/ ) {
- print "<tr><td colspan='3' width='75%'>$Lang::tr{'number'}</td>\n";
- print "<td width='25%'><input type='text' name='TELEPHONE' value='$pppsettings{'TELEPHONE'}'></td><tr>\n";
- if ($pppsettings{'TYPE'} eq 'modem' ) {
- print "<tr><td colspan='3' width='75%'>$Lang::tr{'modem speaker on'}</td>\n";
- print "<td width='25%'><input type='checkbox' name='SPEAKER' $checked{'SPEAKER'}{'on'} /></td></tr>\n";
- }
- }
- }
- if ($pppsettings{'TYPE'} eq 'modem') {
- print <<END
-<tr>
- <td colspan='3' width='75%'>$Lang::tr{'dialing mode'}</td>
- <td width='25%'><select name='DIALMODE' style="width: 165px">
- <option value='T' $selected{'DIALMODE'}{'T'}>$Lang::tr{'tone'}</option>
- <option value='P' $selected{'DIALMODE'}{'P'}>$Lang::tr{'pulse'}</option>
- </select></td>
-</tr>
-<tr>
- <td colspan='3' width='75%'>$Lang::tr{'send cr'}</td>
- <td width='50%'><input type='checkbox' name='SENDCR' $checked{'SENDCR'}{'on'} /></td>
-</tr>
-END
-;
-}
-
-print <<END
-<tr>
- <td colspan='3' width='75%'>$Lang::tr{'idle timeout'}</td>
- <td width='25%'><input type='text' name='TIMEOUT' value='$pppsettings{'TIMEOUT'}' /></td>
-</tr>
- <tr>
- <td colspan='3' width='75%'>$Lang::tr{'connection debugging'}:</td>
- <td width='25%'><input type='checkbox' name='DEBUG' $checked{'DEBUG'}{'on'} /></td>
- </tr>
- <tr>
- <td colspan='4' width='100%'><br></br></td></tr>
-<tr>
- <td colspan='4' width='100%' bgcolor='$color{'color20'}'><b>$Lang::tr{'reconnection'}:</b></td>
-</tr>
-<tr>
- <td colspan='4' width='100%'><input type='radio' name='RECONNECTION' value='dialondemand' $checked{'RECONNECTION'}{'dialondemand'}>$Lang::tr{'dod'}</td>
- </tr>
-END
-;
-if ($pppsettings{'TYPE'} ne 'isdn') {
-print <<END
- <tr>
- <td colspan='4' width='100%'><input type='radio' name='RECONNECTION' value='persistent' $checked{'RECONNECTION'}{'persistent'}>$Lang::tr{'persistent'}</td>
- </tr>
- <tr>
- <td colspan='3' width='75%'>$Lang::tr{'backupprofile'}:</td>
- <td width='25%'><select name='BACKUPPROFILE' style="width: 165px">
-END
-;
- for ($c = 1; $c <= $maxprofiles; $c++) {
- print "\t<option value='$c' $selected{'BACKUPPROFILE'}{$c}>$c. $profilenames[$c]</option>\n";
- }
- print <<END
- </select></td>
-</tr>
-END
-;
-}
-print <<END
- <tr>
- <td colspan='3' width='75%'>$Lang::tr{'dod for dns'}</td>
- <td width='25%'><input type='checkbox' name='DIALONDEMANDDNS' $checked{'DIALONDEMANDDNS'}{'on'} /></td>
-</tr>
-<tr>
- <td colspan='3' width='75%'>$Lang::tr{'holdoff'}:</td>
- <td width='25%'><input type='text' name='HOLDOFF' value='$pppsettings{'HOLDOFF'}' /></td>
-</tr>
-<tr>
- <td colspan='3' width='75%'>$Lang::tr{'maximum retries'}</td>
- <td width='25%'><input type='text' name='MAXRETRIES' value='$pppsettings{'MAXRETRIES'}' /></td>
-</tr>
-END
-;
-
-if ($pppsettings{'TYPE'} eq 'pptp')
-{
-print <<END
-<tr><td colspan='4' width='100%'><br></br></td></tr>
-<tr>
- <td colspan='4' width='100%' bgcolor='$color{'color20'}'><b>$Lang::tr{'pptp settings'}</b></td>
-</tr>
-<tr>
- <td width='25%'>$Lang::tr{'phonebook entry'}</td>
- <td colspan='2' width='50%'></td>
- <td width='25%'><input type='text' name='PHONEBOOK' value='$pppsettings{'PHONEBOOK'}' /></td>
-</tr>
-<tr>
- <td width='25%'><input type='radio' name='METHOD' value='STATIC' $checked{'METHOD'}{'STATIC'} />$Lang::tr{'static ip'}</td>
- <td colspan='2' width='50%'>$Lang::tr{'router ip'}</td>
- <td width='25%'><input type='text' name='ROUTERIP' value='$pppsettings{'ROUTERIP'}' /></td>
-</tr>
-<tr>
- <td width='25%'><input type='radio' name='METHOD' value='DHCP' $checked{'METHOD'}{'DHCP'} />$Lang::tr{'dhcp mode'}</td>
- <td colspan='2' width='50%'>$Lang::tr{'hostname'}: <img src='/blob.gif' alt='*' /></td>
- <td width='25%'><input type='text' name='DHCP_HOSTNAME' value='$pppsettings{'DHCP_HOSTNAME'}' /></td>
-</tr>
-END
-;
-}
-if ($pppsettings{'TYPE'} =~ /^(pppoeatm)$/)
-{
-
-print <<END
-<tr>
- <td colspan='4' width='100%' bgcolor='$color{'color20'}'><b>$Lang::tr{'adsl settings'}:</b></td>
-<tr>
-
- <td> $Lang::tr{'encapsulation'}:</td>
- <td colspan='2' width='30%'>
- <select name='ENCAP'>
- <option value='0' $selected{'ENCAP'}{'0'}>LLC</option>
- <option value='1' $selected{'ENCAP'}{'1'}>VCmux</option>
- </select>
- </td>
-</tr>
-<tr>
-
- <td nowrap='nowrap'>$Lang::tr{'vpi number'}</td>
- <td><input type='text' size='5' name='VPI' value='$pppsettings{'VPI'}' /></td>
- <td align='right'>$Lang::tr{'vci number'}</td>
- <td colspan='2'><input type='text' size='5' name='VCI' value='$pppsettings{'VCI'}' /></td>
-</tr>
-END
-;
-}
-
-
-if ($pppsettings{'TYPE'} eq 'pppoe' || $pppsettings{'TYPE'} eq 'pppoeatm')
-{
-print <<END
-<tr><td colspan='4' width='100%'><br></br></td></tr>
-<tr>
- <td colspan='4' width='100%' bgcolor='$color{'color20'}'><b>$Lang::tr{'pppoe settings'}</b></td>
-</tr>
-<tr>
- <td width='25%'><input type='radio' name='METHOD' value='PPPOE_PLUGIN' $checked{'METHOD'}{'PPPOE_PLUGIN'} />PPPoE plugin</td>
- <td colspan='2' width='50%'>$Lang::tr{'service name'} <img src='/blob.gif' alt='*' /></td>
- <td width='25%'><input type='text' name='SERVICENAME' value='$pppsettings{'SERVICENAME'}' /></td>
-</tr>
-<tr>
- <td width='25%'><input type='radio' name='METHOD' value='PPPOE' $checked{'METHOD'}{'PPPOE'} />$Lang::tr{'pppoe'}</td>
- <td colspan='2' width='50%'>$Lang::tr{'concentrator name'} <img src='/blob.gif' alt='*' /></td>
- <td width='25%'><input type='text' name='CONCENTRATORNAME' value='$pppsettings{'CONCENTRATORNAME'}' /></td>
-</tr>
-<tr>
- <td width='25%'>MTU</td>
- <td colspan='2' width='50%'></td>
- <td width='25%'><input type='text' name='MTU' value='$pppsettings{'MTU'}' /></td>
-</tr>
-END
-;
-}
-
-print <<END
-<tr><td colspan='4' width='100%'><br></br></td></tr>
-<tr>
- <td bgcolor='$color{'color20'}' colspan='4' width='100%'><b>$Lang::tr{'authentication'}</b></td>
-</tr>
-<tr>
- <td width='25%'>$Lang::tr{'username'}</td>
- <td width='25%'><input type='text' name='USERNAME' value='$pppsettings{'USERNAME'}' /></td>
- <td width='25%'>$Lang::tr{'password'}</td>
- <td width='25%'><input type='password' name='PASSWORD' value='$pppsettings{'PASSWORD'}' /></td>
-</tr>
-<tr>
- <td width='25%'>$Lang::tr{'method'}</td>
- <td width='25%'><select name='AUTH' style="width: 165px">
- <option value='pap-or-chap' $selected{'AUTH'}{'pap-or-chap'}>$Lang::tr{'pap or chap'}</option>
- <option value='pap' $selected{'AUTH'}{'pap'}>PAP</option>
- <option value='chap' $selected{'AUTH'}{'chap'}>CHAP</option>
-END
-;
-if ($pppsettings{'TYPE'} eq 'modem') {
-print <<END
- <option value='standard-login-script' $selected{'AUTH'}{'standard-login-script'}>$Lang::tr{'standard login script'}</option>
- <option value='demon-login-script' $selected{'AUTH'}{'demon-login-script'}>$Lang::tr{'demon login script'}</option>
- <option value='other-login-script' $selected{'AUTH'}{'other-login-script'}>$Lang::tr{'other login script'}</option>
-END
-;
-}
-print <<END
- </select></td>
- <td width='25%'>$Lang::tr{'script name'} <img src='/blob.gif' alt='*' /></td>
- <td width='25%'><input type='text' name='LOGINSCRIPT' value='$pppsettings{'LOGINSCRIPT'}' /></td>
-</tr>
-<tr><td colspan='4' width='100%'><br></br></td></tr>
-<tr>
- <td bgcolor='$color{'color20'}' colspan='4' width='100%'><b>DNS:</b></td>
-</tr>
-<tr>
- <td colspan='4' width='100%'><input type='radio' name='DNS' value='Automatic' $checked{'DNS'}{'Automatic'} />$Lang::tr{'automatic'}</td>
-</tr>
-<tr>
- <td colspan='4' width='100%'><input type='radio' name='DNS' value='Manual' $checked{'DNS'}{'Manual'} />$Lang::tr{'manual'}</td>
-</tr>
-<tr>
- <td width='25%'>$Lang::tr{'primary dns'}</td>
- <td width='25%'><input type='text' name='DNS1' value='$pppsettings{'DNS1'}'></td>
- <td width='25%'>$Lang::tr{'secondary dns'}</td>
- <td width='25%'><input type='text' name='DNS2' value='$pppsettings{'DNS2'}'></td>
-</tr>
-<tr><td colspan='4' width='100%'><br></br><hr></hr><br></br></td></tr>
-<tr>
- <td width='25%'>$Lang::tr{'profile name'}</td>
- <td width='25%'><input type='text' name='PROFILENAME' value='$pppsettings{'PROFILENAME'}'>
- <td colspan='2' width='50%'></td>
-</tr>
-<tr>
- <td align='center' colspan='4' width='100%'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
-</tr>
-<tr>
- <td colspan='2' width='50%'>$Lang::tr{'legend'}:</td>
- <td colspan='2' width='50%'><img src='/blob.gif' alt='*' /> $Lang::tr{'this field may be blank'}</td>
-</tr>
-</table>
-END
-;
-&Header::closebox();
-}
-
-print "</form>\n";
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub updatesettings
-{
- # make a link from the selected profile to the "default" one.
- unlink("${General::swroot}/ppp/settings");
- link("${General::swroot}/ppp/settings-$pppsettings{'PROFILE'}",
- "${General::swroot}/ppp/settings");
- system ("/usr/bin/touch", "${General::swroot}/ppp/updatesettings");
-}
-
-sub writesecrets
-{
- # write secrets file.
- open(FILE, ">/${General::swroot}/ppp/secrets") or die "Unable to write secrets file.";
- flock(FILE, 2);
- my $username = $pppsettings{'USERNAME'};
- my $password = $pppsettings{'PASSWORD'};
- print FILE "'$username' * '$password'\n";
- chmod 0600, "${General::swroot}/ppp/secrets";
- close FILE;
-}
-
-sub initprofile
-{
- $pppsettings{'PROFILENAME'} = $Lang::tr{'unnamed'};
- $pppsettings{'COMPORT'} = 'ttyS0';
- $pppsettings{'DTERATE'} = 115200;
- $pppsettings{'SPEAKER'} = 'off';
- $pppsettings{'RECONNECTION'} = 'persistent';
- $pppsettings{'DIALONDEMANDDNS'} = 'off';
- $pppsettings{'AUTOCONNECT'} = 'on';
- $pppsettings{'SENDCR'} = 'off';
- $pppsettings{'USEIBOD'} = 'off';
- $pppsettings{'USEDOV'} = 'off';
- $pppsettings{'MODEM'} = 'PCIST';
- $pppsettings{'LINE'} = 'WO';
- $pppsettings{'ENCAP'} = '0';
- $pppsettings{'VPI'} = '1';
- $pppsettings{'VCI'} = '32';
- $pppsettings{'PHONEBOOK'} = 'RELAY_PPP1';
- $pppsettings{'PROTOCOL'} = 'RFC2364';
- $pppsettings{'METHOD'} = 'PPPOE_PLUGIN';
- if ( $pppsettings{'METHOD'} eq 'PPPOE_PLUGIN' ) {
- $pppsettings{'MTU'} = '1492';
- $pppsettings{'MRU'} = '1492';
- } else {
- $pppsettings{'MTU'} = '1452';
- $pppsettings{'MRU'} = '1452';
- }
- $pppsettings{'DIALMODE'} = 'T';
- $pppsettings{'MAXRETRIES'} = 5;
- $pppsettings{'HOLDOFF'} = 30;
- $pppsettings{'TIMEOUT'} = 15;
- $pppsettings{'MODULATION'} = 'AUTO';
- $pppsettings{'AUTH'} = 'pap-or-chap';
- $pppsettings{'DNS'} = 'Automatic';
- $pppsettings{'DEBUG'} = 'off';
- $pppsettings{'BACKUPPROFILE'} = $pppsettings{'PROFILE'};
-
- # Get PPPoE settings so we can see if PPPoE is enabled or not.
- &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
- # empty profile partial pre-initialization
- if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/) {
- $pppsettings{'TYPE'}=lc($netsettings{'RED_TYPE'});
- } else {
- $pppsettings{'TYPE'}='modem';
- }
-}
-
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my @squidversion = `/usr/sbin/squid -v`;
-my $http_port='81';
-my $https_port='444';
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my %proxysettings=();
-my %netsettings=();
-my %filtersettings=();
-my %xlratorsettings=();
-my %stdproxysettings=();
-my %mainsettings=();
-
-my %checked=();
-my %selected=();
-
-my @throttle_limits=(64,128,256,384,512,1024,2048,3072,5120);
-my $throttle_binary="bin|cab|exe|gz|rar|sea|tar|tgz|zip";
-my $throttle_dskimg="b5t|bin|bwt|ccd|cdi|cue|gho|img|iso|mds|nrg|pqi";
-my $throttle_mmedia="aiff?|asf|avi|divx|mov|mp3|mpe?g|qt|ra?m";
-
-my $def_ports_safe="80 # http\n21 # ftp\n443 # https\n563 # snews\n70 # gopher\n210 # wais\n1025-65535 # unregistered ports\n280 # http-mgmt\n488 # gss-http\n591 # filemaker\n777 # multiling http\n800 # Squids port (for icons)\n";
-my $def_ports_ssl="443 # https\n563 # snews\n";
-
-my @useragent=();
-my @useragentlist=();
-
-my $hintcolour='#FFFFCC';
-my $ncsa_buttontext='';
-my $language='';
-my $i=0;
-my $n=0;
-my $id=0;
-my $line='';
-my $user='';
-my @userlist=();
-my @grouplist=();
-my @temp=();
-my @templist=();
-
-my $cachemem=0;
-my $proxy1='';
-my $proxy2='';
-my $replybodymaxsize=0;
-my $browser_regexp='';
-my $needhup = 0;
-my $errormessage='';
-
-my $acldir = "${General::swroot}/proxy/advanced/acls";
-my $ncsadir = "${General::swroot}/proxy/advanced/ncsa";
-my $ntlmdir = "${General::swroot}/proxy/advanced/ntlm";
-my $raddir = "${General::swroot}/proxy/advanced/radius";
-my $identdir = "${General::swroot}/proxy/advanced/ident";
-my $credir = "${General::swroot}/proxy/advanced/cre";
-
-my $userdb = "$ncsadir/passwd";
-my $stdgrp = "$ncsadir/standard.grp";
-my $extgrp = "$ncsadir/extended.grp";
-my $disgrp = "$ncsadir/disabled.grp";
-
-my $browserdb = "${General::swroot}/proxy/advanced/useragents";
-my $mimetypes = "${General::swroot}/proxy/advanced/mimetypes";
-my $throttled_urls = "${General::swroot}/proxy/advanced/throttle";
-
-my $cre_enabled = "${General::swroot}/proxy/advanced/cre/enable";
-my $cre_groups = "${General::swroot}/proxy/advanced/cre/classrooms";
-my $cre_svhosts = "${General::swroot}/proxy/advanced/cre/supervisors";
-
-my $identhosts = "$identdir/hosts";
-
-my $authdir = "/usr/lib/squid/auth";
-my $errordir = "/usr/lib/squid/errors";
-
-my $acl_src_subnets = "$acldir/src_subnets.acl";
-my $acl_src_banned_ip = "$acldir/src_banned_ip.acl";
-my $acl_src_banned_mac = "$acldir/src_banned_mac.acl";
-my $acl_src_unrestricted_ip = "$acldir/src_unrestricted_ip.acl";
-my $acl_src_unrestricted_mac = "$acldir/src_unrestricted_mac.acl";
-my $acl_src_noaccess_ip = "$acldir/src_noaccess_ip.acl";
-my $acl_src_noaccess_mac = "$acldir/src_noaccess_mac.acl";
-my $acl_dst_nocache = "$acldir/dst_nocache.acl";
-my $acl_dst_noauth = "$acldir/dst_noauth.acl";
-my $acl_dst_throttle = "$acldir/dst_throttle.acl";
-my $acl_ports_safe = "$acldir/ports_safe.acl";
-my $acl_ports_ssl = "$acldir/ports_ssl.acl";
-my $acl_include = "$acldir/include.acl";
-
-my $updaccelversion = 'n/a';
-my $urlfilterversion = 'n/a';
-
-unless (-d "$acldir") { mkdir("$acldir"); }
-unless (-d "$ncsadir") { mkdir("$ncsadir"); }
-unless (-d "$ntlmdir") { mkdir("$ntlmdir"); }
-unless (-d "$raddir") { mkdir("$raddir"); }
-unless (-d "$identdir") { mkdir("$identdir"); }
-unless (-d "$credir") { mkdir("$credir"); }
-
-unless (-e $cre_groups) { system("touch $cre_groups"); }
-unless (-e $cre_svhosts) { system("touch $cre_svhosts"); }
-
-unless (-e $userdb) { system("touch $userdb"); }
-unless (-e $stdgrp) { system("touch $stdgrp"); }
-unless (-e $extgrp) { system("touch $extgrp"); }
-unless (-e $disgrp) { system("touch $disgrp"); }
-
-unless (-e $acl_src_subnets) { system("touch $acl_src_subnets"); }
-unless (-e $acl_src_banned_ip) { system("touch $acl_src_banned_ip"); }
-unless (-e $acl_src_banned_mac) { system("touch $acl_src_banned_mac"); }
-unless (-e $acl_src_unrestricted_ip) { system("touch $acl_src_unrestricted_ip"); }
-unless (-e $acl_src_unrestricted_mac) { system("touch $acl_src_unrestricted_mac"); }
-unless (-e $acl_src_noaccess_ip) { system("touch $acl_src_noaccess_ip"); }
-unless (-e $acl_src_noaccess_mac) { system("touch $acl_src_noaccess_mac"); }
-unless (-e $acl_dst_nocache) { system("touch $acl_dst_nocache"); }
-unless (-e $acl_dst_noauth) { system("touch $acl_dst_noauth"); }
-unless (-e $acl_dst_throttle) { system("touch $acl_dst_throttle"); }
-unless (-e $acl_ports_safe) { system("touch $acl_ports_safe"); }
-unless (-e $acl_ports_ssl) { system("touch $acl_ports_ssl"); }
-unless (-e $acl_include) { system("touch $acl_include"); }
-
-unless (-e $browserdb) { system("touch $browserdb"); }
-unless (-e $mimetypes) { system("touch $mimetypes"); }
-
-open FILE, $browserdb;
-@useragentlist = sort { reverse(substr(reverse(substr($a,index($a,',')+1)),index(reverse(substr($a,index($a,','))),',')+1)) cmp reverse(substr(reverse(substr($b,index($b,',')+1)),index(reverse(substr($b,index($b,','))),',')+1))} grep !/(^$)|(^\s*#)/,<FILE>;
-close(FILE);
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-
-$filtersettings{'CHILDREN'} = '5';
-if (-e "${General::swroot}/urlfilter/settings") {
- &General::readhash("${General::swroot}/urlfilter/settings", \%filtersettings);
-}
-
-$xlratorsettings{'CHILDREN'} = '5';
-if (-e "${General::swroot}/updatexlrator/settings") {
- &General::readhash("${General::swroot}/updatexlrator/settings", \%xlratorsettings);
-}
-
-&Header::showhttpheaders();
-
-$proxysettings{'ACTION'} = '';
-$proxysettings{'VALID'} = '';
-
-$proxysettings{'ENABLE'} = 'off';
-$proxysettings{'ENABLE_BLUE'} = 'off';
-$proxysettings{'TRANSPARENT'} = 'off';
-$proxysettings{'TRANSPARENT_BLUE'} = 'off';
-$proxysettings{'PROXY_PORT'} = '800';
-$proxysettings{'VISIBLE_HOSTNAME'} = '';
-$proxysettings{'ADMIN_MAIL_ADDRESS'} = '';
-$proxysettings{'ERR_LANGUAGE'} = 'German';
-$proxysettings{'ERR_DESIGN'} = 'ipfire';
-$proxysettings{'SUPPRESS_VERSION'} = 'off';
-$proxysettings{'FORWARD_VIA'} = 'off';
-$proxysettings{'FORWARD_IPADDRESS'} = 'off';
-$proxysettings{'FORWARD_USERNAME'} = 'off';
-$proxysettings{'NO_CONNECTION_AUTH'} = 'off';
-$proxysettings{'UPSTREAM_PROXY'} = '';
-$proxysettings{'UPSTREAM_USER'} = '';
-$proxysettings{'UPSTREAM_PASSWORD'} = '';
-$proxysettings{'LOGGING'} = 'off';
-$proxysettings{'LOGQUERY'} = 'off';
-$proxysettings{'LOGUSERAGENT'} = 'off';
-$proxysettings{'CACHE_MEM'} = '2';
-$proxysettings{'CACHE_SIZE'} = '50';
-$proxysettings{'MAX_SIZE'} = '4096';
-$proxysettings{'MIN_SIZE'} = '0';
-$proxysettings{'MEM_POLICY'} = 'LRU';
-$proxysettings{'CACHE_POLICY'} = 'LRU';
-$proxysettings{'L1_DIRS'} = '16';
-$proxysettings{'OFFLINE_MODE'} = 'off';
-$proxysettings{'CLASSROOM_EXT'} = 'off';
-$proxysettings{'SUPERVISOR_PASSWORD'} = '';
-$proxysettings{'NO_PROXY_LOCAL'} = 'off';
-$proxysettings{'NO_PROXY_LOCAL_BLUE'} = 'off';
-$proxysettings{'TIME_ACCESS_MODE'} = 'allow';
-$proxysettings{'TIME_FROM_HOUR'} = '00';
-$proxysettings{'TIME_FROM_MINUTE'} = '00';
-$proxysettings{'TIME_TO_HOUR'} = '24';
-$proxysettings{'TIME_TO_MINUTE'} = '00';
-$proxysettings{'MAX_OUTGOING_SIZE'} = '0';
-$proxysettings{'MAX_INCOMING_SIZE'} = '0';
-$proxysettings{'THROTTLING_GREEN_TOTAL'} = 'unlimited';
-$proxysettings{'THROTTLING_GREEN_HOST'} = 'unlimited';
-$proxysettings{'THROTTLING_BLUE_TOTAL'} = 'unlimited';
-$proxysettings{'THROTTLING_BLUE_HOST'} = 'unlimited';
-$proxysettings{'THROTTLE_BINARY'} = 'off';
-$proxysettings{'THROTTLE_DSKIMG'} = 'off';
-$proxysettings{'THROTTLE_MMEDIA'} = 'off';
-$proxysettings{'ENABLE_MIME_FILTER'} = 'off';
-$proxysettings{'ENABLE_BROWSER_CHECK'} = 'off';
-$proxysettings{'FAKE_USERAGENT'} = '';
-$proxysettings{'FAKE_REFERER'} = '';
-$proxysettings{'AUTH_METHOD'} = 'none';
-$proxysettings{'AUTH_REALM'} = '';
-$proxysettings{'AUTH_MAX_USERIP'} = '';
-$proxysettings{'AUTH_CACHE_TTL'} = '60';
-$proxysettings{'AUTH_IPCACHE_TTL'} = '0';
-$proxysettings{'AUTH_CHILDREN'} = '5';
-$proxysettings{'NCSA_MIN_PASS_LEN'} = '6';
-$proxysettings{'NCSA_BYPASS_REDIR'} = 'off';
-$proxysettings{'NCSA_USERNAME'} = '';
-$proxysettings{'NCSA_GROUP'} = '';
-$proxysettings{'NCSA_PASS'} = '';
-$proxysettings{'NCSA_PASS_CONFIRM'} = '';
-$proxysettings{'LDAP_BASEDN'} = '';
-$proxysettings{'LDAP_TYPE'} = 'ADS';
-$proxysettings{'LDAP_SERVER'} = '';
-$proxysettings{'LDAP_PORT'} = '389';
-$proxysettings{'LDAP_BINDDN_USER'} = '';
-$proxysettings{'LDAP_BINDDN_PASS'} = '';
-$proxysettings{'LDAP_GROUP'} = '';
-$proxysettings{'NTLM_DOMAIN'} = '';
-$proxysettings{'NTLM_PDC'} = '';
-$proxysettings{'NTLM_BDC'} = '';
-$proxysettings{'NTLM_ENABLE_ACL'} = 'off';
-$proxysettings{'NTLM_USER_ACL'} = 'positive';
-$proxysettings{'RADIUS_SERVER'} = '';
-$proxysettings{'RADIUS_PORT'} = '1812';
-$proxysettings{'RADIUS_IDENTIFIER'} = '';
-$proxysettings{'RADIUS_SECRET'} = '';
-$proxysettings{'RADIUS_ENABLE_ACL'} = 'off';
-$proxysettings{'RADIUS_USER_ACL'} = 'positive';
-$proxysettings{'IDENT_REQUIRED'} = 'off';
-$proxysettings{'IDENT_TIMEOUT'} = '10';
-$proxysettings{'IDENT_ENABLE_ACL'} = 'off';
-$proxysettings{'IDENT_USER_ACL'} = 'positive';
-$proxysettings{'ENABLE_FILTER'} = 'off';
-$proxysettings{'ENABLE_UPDXLRATOR'} = 'off';
-
-$ncsa_buttontext = $Lang::tr{'advproxy NCSA create user'};
-
-&Header::getcgihash(\%proxysettings);
-
-if ($proxysettings{'THROTTLING_GREEN_TOTAL'} eq 0) {$proxysettings{'THROTTLING_GREEN_TOTAL'} = 'unlimited';}
-if ($proxysettings{'THROTTLING_GREEN_HOST'} eq 0) {$proxysettings{'THROTTLING_GREEN_HOST'} = 'unlimited';}
-if ($proxysettings{'THROTTLING_BLUE_TOTAL'} eq 0) {$proxysettings{'THROTTLING_BLUE_TOTAL'} = 'unlimited';}
-if ($proxysettings{'THROTTLING_BLUE_HOST'} eq 0) {$proxysettings{'THROTTLING_BLUE_HOST'} = 'unlimited';}
-
-if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy NCSA user management'})
-{
- $proxysettings{'NCSA_EDIT_MODE'} = 'yes';
-}
-
-if ($proxysettings{'ACTION'} eq $Lang::tr{'add'})
-{
- $proxysettings{'NCSA_EDIT_MODE'} = 'yes';
- if (length($proxysettings{'NCSA_PASS'}) < $proxysettings{'NCSA_MIN_PASS_LEN'}) {
- $errormessage = $Lang::tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$Lang::tr{'advproxy errmsg password length 2'};
- }
- if (!($proxysettings{'NCSA_PASS'} eq $proxysettings{'NCSA_PASS_CONFIRM'})) {
- $errormessage = $Lang::tr{'advproxy errmsg passwords different'};
- }
- if ($proxysettings{'NCSA_USERNAME'} eq '') {
- $errormessage = $Lang::tr{'advproxy errmsg no username'};
- }
- if (!$errormessage) {
- $proxysettings{'NCSA_USERNAME'} =~ tr/A-Z/a-z/;
- &adduser($proxysettings{'NCSA_USERNAME'}, $proxysettings{'NCSA_PASS'}, $proxysettings{'NCSA_GROUP'});
- }
- $proxysettings{'NCSA_USERNAME'} = '';
- $proxysettings{'NCSA_GROUP'} = '';
- $proxysettings{'NCSA_PASS'} = '';
- $proxysettings{'NCSA_PASS_CONFIRM'} = '';
-}
-
-if ($proxysettings{'ACTION'} eq $Lang::tr{'remove'})
-{
- $proxysettings{'NCSA_EDIT_MODE'} = 'yes';
- &deluser($proxysettings{'ID'});
-}
-
-$checked{'ENABLE_UPDXLRATOR'}{'off'} = '';
-$checked{'ENABLE_UPDXLRATOR'}{'on'} = '';
-$checked{'ENABLE_UPDXLRATOR'}{$proxysettings{'ENABLE_UPDXLRATOR'}} = "checked='checked'";
-
-if ($proxysettings{'ACTION'} eq $Lang::tr{'edit'})
-{
- $proxysettings{'NCSA_EDIT_MODE'} = 'yes';
- $ncsa_buttontext = $Lang::tr{'advproxy NCSA update user'};
- @temp = split(/:/,$proxysettings{'ID'});
- $proxysettings{'NCSA_USERNAME'} = $temp[0];
- $proxysettings{'NCSA_GROUP'} = $temp[1];
- $proxysettings{'NCSA_PASS'} = "lEaVeAlOnE";
- $proxysettings{'NCSA_PASS_CONFIRM'} = $proxysettings{'NCSA_PASS'};
-}
-
-if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy save and restart'}))
-{
- if ($proxysettings{'ENABLE'} !~ /^(on|off)$/ ||
- $proxysettings{'TRANSPARENT'} !~ /^(on|off)$/ ||
- $proxysettings{'ENABLE_BLUE'} !~ /^(on|off)$/ ||
- $proxysettings{'TRANSPARENT_BLUE'} !~ /^(on|off)$/ ) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ERROR;
- }
- if (!(&General::validport($proxysettings{'PROXY_PORT'})))
- {
- $errormessage = $Lang::tr{'advproxy errmsg invalid proxy port'};
- goto ERROR;
- }
- if (!($proxysettings{'CACHE_SIZE'} =~ /^\d+/) ||
- ($proxysettings{'CACHE_SIZE'} < 10))
- {
- $errormessage = $Lang::tr{'advproxy errmsg hdd cache size'};
- goto ERROR;
- }
- if (!($proxysettings{'CACHE_MEM'} =~ /^\d+/) ||
- ($proxysettings{'CACHE_MEM'} < 1))
- {
- $errormessage = $Lang::tr{'advproxy errmsg mem cache size'};
- goto ERROR;
- }
- my @free = `/usr/bin/free`;
- $free[1] =~ m/(\d+)/;
- $cachemem = int $1 / 2048;
- if ($proxysettings{'CACHE_MEM'} > $cachemem) {
- $proxysettings{'CACHE_MEM'} = $cachemem;
- }
- if (!($proxysettings{'MAX_SIZE'} =~ /^\d+/))
- {
- $errormessage = $Lang::tr{'invalid maximum object size'};
- goto ERROR;
- }
- if (!($proxysettings{'MIN_SIZE'} =~ /^\d+/))
- {
- $errormessage = $Lang::tr{'invalid minimum object size'};
- goto ERROR;
- }
- if (!($proxysettings{'MAX_OUTGOING_SIZE'} =~ /^\d+/))
- {
- $errormessage = $Lang::tr{'invalid maximum outgoing size'};
- goto ERROR;
- }
- if (!($proxysettings{'TIME_TO_HOUR'}.$proxysettings{'TIME_TO_MINUTE'} gt $proxysettings{'TIME_FROM_HOUR'}.$proxysettings{'TIME_FROM_MINUTE'}))
- {
- $errormessage = $Lang::tr{'advproxy errmsg time restriction'};
- goto ERROR;
- }
- if (!($proxysettings{'MAX_INCOMING_SIZE'} =~ /^\d+/))
- {
- $errormessage = $Lang::tr{'invalid maximum incoming size'};
- goto ERROR;
- }
- if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on')
- {
- $browser_regexp = '';
- foreach (@useragentlist)
- {
- chomp;
- @useragent = split(/,/);
- if ($proxysettings{'UA_'.$useragent[0]} eq 'on') { $browser_regexp .= "$useragent[2]|"; }
- }
- chop($browser_regexp);
- if (!$browser_regexp)
- {
- $errormessage = $Lang::tr{'advproxy errmsg no browser'};
- goto ERROR;
- }
- }
- if (!($proxysettings{'AUTH_METHOD'} eq 'none'))
- {
- unless (($proxysettings{'AUTH_METHOD'} eq 'ident') &&
- ($proxysettings{'IDENT_REQUIRED'} eq 'off') &&
- ($proxysettings{'IDENT_ENABLE_ACL'} eq 'off'))
- {
- if ($netsettings{'BLUE_DEV'})
- {
- if ((($proxysettings{'ENABLE'} eq 'off') || ($proxysettings{'TRANSPARENT'} eq 'on')) &&
- (($proxysettings{'ENABLE_BLUE'} eq 'off') || ($proxysettings{'TRANSPARENT_BLUE'} eq 'on')))
- {
- $errormessage = $Lang::tr{'advproxy errmsg non-transparent proxy required'};
- goto ERROR;
- }
- } else {
- if (($proxysettings{'ENABLE'} eq 'off') || ($proxysettings{'TRANSPARENT'} eq 'on'))
- {
- $errormessage = $Lang::tr{'advproxy errmsg non-transparent proxy required'};
- goto ERROR;
- }
- }
- }
- if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) &&
- ((!($proxysettings{'AUTH_MAX_USERIP'} =~ /^\d+/)) || ($proxysettings{'AUTH_MAX_USERIP'} < 1) || ($proxysettings{'AUTH_MAX_USERIP'} > 255)))
- {
- $errormessage = $Lang::tr{'advproxy errmsg max userip'};
- goto ERROR;
- }
- if (!($proxysettings{'AUTH_CACHE_TTL'} =~ /^\d+/))
- {
- $errormessage = $Lang::tr{'advproxy errmsg auth cache ttl'};
- goto ERROR;
- }
- if (!($proxysettings{'AUTH_IPCACHE_TTL'} =~ /^\d+/))
- {
- $errormessage = $Lang::tr{'advproxy errmsg auth ipcache ttl'};
- goto ERROR;
- }
- if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && ($proxysettings{'AUTH_IPCACHE_TTL'} eq '0'))
- {
- $errormessage = $Lang::tr{'advproxy errmsg auth ipcache may not be null'};
- goto ERROR;
- }
- if ((!($proxysettings{'AUTH_CHILDREN'} =~ /^\d+/)) || ($proxysettings{'AUTH_CHILDREN'} < 1) || ($proxysettings{'AUTH_CHILDREN'} > 255))
- {
- $errormessage = $Lang::tr{'advproxy errmsg auth children'};
- goto ERROR;
- }
- }
- if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
- {
- if ((!($proxysettings{'NCSA_MIN_PASS_LEN'} =~ /^\d+/)) || ($proxysettings{'NCSA_MIN_PASS_LEN'} < 1) || ($proxysettings{'NCSA_MIN_PASS_LEN'} > 255))
- {
- $errormessage = $Lang::tr{'advproxy errmsg password length'};
- goto ERROR;
- }
- }
- if ($proxysettings{'AUTH_METHOD'} eq 'ident')
- {
- if ((!($proxysettings{'IDENT_TIMEOUT'} =~ /^\d+/)) || ($proxysettings{'IDENT_TIMEOUT'} < 1))
- {
- $errormessage = $Lang::tr{'advproxy errmsg ident timeout'};
- goto ERROR;
- }
- }
- if ($proxysettings{'AUTH_METHOD'} eq 'ldap')
- {
- if ($proxysettings{'LDAP_BASEDN'} eq '')
- {
- $errormessage = $Lang::tr{'advproxy errmsg ldap base dn'};
- goto ERROR;
- }
- if (!&General::validip($proxysettings{'LDAP_SERVER'}))
- {
- $errormessage = $Lang::tr{'advproxy errmsg ldap server'};
- goto ERROR;
- }
- if (!&General::validport($proxysettings{'LDAP_PORT'}))
- {
- $errormessage = $Lang::tr{'advproxy errmsg ldap port'};
- goto ERROR;
- }
- if (($proxysettings{'LDAP_TYPE'} eq 'ADS') || ($proxysettings{'LDAP_TYPE'} eq 'NDS'))
- {
- if (($proxysettings{'LDAP_BINDDN_USER'} eq '') || ($proxysettings{'LDAP_BINDDN_PASS'} eq ''))
- {
- $errormessage = $Lang::tr{'advproxy errmsg ldap bind dn'};
- goto ERROR;
- }
- }
- }
- if ($proxysettings{'AUTH_METHOD'} eq 'ntlm')
- {
- if ($proxysettings{'NTLM_DOMAIN'} eq '')
- {
- $errormessage = $Lang::tr{'advproxy errmsg ntlm domain'};
- goto ERROR;
- }
- if ($proxysettings{'NTLM_PDC'} eq '')
- {
- $errormessage = $Lang::tr{'advproxy errmsg ntlm pdc'};
- goto ERROR;
- }
- if (!&General::validhostname($proxysettings{'NTLM_PDC'}))
- {
- $errormessage = $Lang::tr{'advproxy errmsg invalid pdc'};
- goto ERROR;
- }
- if ((!($proxysettings{'NTLM_BDC'} eq '')) && (!&General::validhostname($proxysettings{'NTLM_BDC'})))
- {
- $errormessage = $Lang::tr{'advproxy errmsg invalid bdc'};
- goto ERROR;
- }
- }
- if ($proxysettings{'AUTH_METHOD'} eq 'radius')
- {
- if (!&General::validip($proxysettings{'RADIUS_SERVER'}))
- {
- $errormessage = $Lang::tr{'advproxy errmsg radius server'};
- goto ERROR;
- }
- if (!&General::validport($proxysettings{'RADIUS_PORT'}))
- {
- $errormessage = $Lang::tr{'advproxy errmsg radius port'};
- goto ERROR;
- }
- if ($proxysettings{'RADIUS_SECRET'} eq '')
- {
- $errormessage = $Lang::tr{'advproxy errmsg radius secret'};
- goto ERROR;
- }
- }
-
- # Quick parent proxy error checking of username and password info. If username password don't both exist give an error.
- $proxy1 = 'YES';
- $proxy2 = 'YES';
- if (($proxysettings{'UPSTREAM_USER'} eq '')) {$proxy1 = '';}
- if (($proxysettings{'UPSTREAM_PASSWORD'} eq '')) {$proxy2 = '';}
- if ($proxysettings{'UPSTREAM_USER'} eq 'PASS') {$proxy1=$proxy2='PASS'; $proxysettings{'UPSTREAM_PASSWORD'} = '';}
- if (($proxy1 ne $proxy2))
- {
- $errormessage = $Lang::tr{'advproxy errmsg invalid upstream proxy username or password setting'};
- goto ERROR;
- }
-
-ERROR:
- &check_acls;
-
- if ($errormessage) {
- $proxysettings{'VALID'} = 'no'; }
- else {
- $proxysettings{'VALID'} = 'yes'; }
-
- if ($proxysettings{'VALID'} eq 'yes')
- {
- &write_acls;
-
- delete $proxysettings{'SRC_SUBNETS'};
- delete $proxysettings{'SRC_BANNED_IP'};
- delete $proxysettings{'SRC_BANNED_MAC'};
- delete $proxysettings{'SRC_UNRESTRICTED_IP'};
- delete $proxysettings{'SRC_UNRESTRICTED_MAC'};
- delete $proxysettings{'DST_NOCACHE'};
- delete $proxysettings{'DST_NOAUTH'};
- delete $proxysettings{'PORTS_SAFE'};
- delete $proxysettings{'PORTS_SSL'};
- delete $proxysettings{'MIME_TYPES'};
- delete $proxysettings{'NTLM_ALLOW_USERS'};
- delete $proxysettings{'NTLM_DENY_USERS'};
- delete $proxysettings{'RADIUS_ALLOW_USERS'};
- delete $proxysettings{'RADIUS_DENY_USERS'};
- delete $proxysettings{'IDENT_HOSTS'};
- delete $proxysettings{'IDENT_ALLOW_USERS'};
- delete $proxysettings{'IDENT_DENY_USERS'};
-
- delete $proxysettings{'CRE_GROUPS'};
- delete $proxysettings{'CRE_SVHOSTS'};
-
- delete $proxysettings{'NCSA_USERNAME'};
- delete $proxysettings{'NCSA_GROUP'};
- delete $proxysettings{'NCSA_PASS'};
- delete $proxysettings{'NCSA_PASS_CONFIRM'};
-
- $proxysettings{'TIME_MON'} = 'off' unless exists $proxysettings{'TIME_MON'};
- $proxysettings{'TIME_TUE'} = 'off' unless exists $proxysettings{'TIME_TUE'};
- $proxysettings{'TIME_WED'} = 'off' unless exists $proxysettings{'TIME_WED'};
- $proxysettings{'TIME_THU'} = 'off' unless exists $proxysettings{'TIME_THU'};
- $proxysettings{'TIME_FRI'} = 'off' unless exists $proxysettings{'TIME_FRI'};
- $proxysettings{'TIME_SAT'} = 'off' unless exists $proxysettings{'TIME_SAT'};
- $proxysettings{'TIME_SUN'} = 'off' unless exists $proxysettings{'TIME_SUN'};
-
- $proxysettings{'AUTH_ALWAYS_REQUIRED'} = 'off' unless exists $proxysettings{'AUTH_ALWAYS_REQUIRED'};
- $proxysettings{'NTLM_ENABLE_INT_AUTH'} = 'off' unless exists $proxysettings{'NTLM_ENABLE_INT_AUTH'};
-
- &General::writehash("${General::swroot}/proxy/advanced/settings", \%proxysettings);
-
- if (-e "${General::swroot}/proxy/settings") { &General::readhash("${General::swroot}/proxy/settings", \%stdproxysettings); }
- $stdproxysettings{'PROXY_PORT'} = $proxysettings{'PROXY_PORT'};
- $stdproxysettings{'ENABLE_FILTER'} = $proxysettings{'ENABLE_FILTER'};
- $stdproxysettings{'ENABLE_UPDXLRATOR'} = $proxysettings{'ENABLE_UPDXLRATOR'};
- &General::writehash("${General::swroot}/proxy/settings", \%stdproxysettings);
-
- &writeconfig;
- &writepacfile;
-
- system ('/usr/local/bin/squidctrl', 'disable');
- unlink "${General::swroot}/proxy/enable";
- unlink "${General::swroot}/proxy/transparent";
- unlink "${General::swroot}/proxy/enable_blue";
- unlink "${General::swroot}/proxy/transparent_blue";
-
- if ($proxysettings{'ENABLE'} eq 'on') {
- system ('/usr/bin/touch', "${General::swroot}/proxy/enable");
- system ('/usr/local/bin/squidctrl', 'enable'); }
- if ($proxysettings{'TRANSPARENT'} eq 'on') {
- system ('/usr/bin/touch', "${General::swroot}/proxy/transparent"); }
- if ($proxysettings{'ENABLE_BLUE'} eq 'on') {
- system ('/usr/bin/touch', "${General::swroot}/proxy/enable_blue");
- system ('/usr/local/bin/squidctrl', 'enable'); }
- if ($proxysettings{'TRANSPARENT_BLUE'} eq 'on') {
- system ('/usr/bin/touch', "${General::swroot}/proxy/transparent_blue"); }
-
- if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy save and restart'}) { system('/usr/local/bin/squidctrl restart >/dev/null 2>&1'); }
- }
-}
-
-if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy clear cache'})
-{
- system('/usr/local/bin/squidctrl flush >/dev/null 2>&1');
-}
-
-if (!$errormessage)
-{
- if (-e "${General::swroot}/proxy/advanced/settings") {
- &General::readhash("${General::swroot}/proxy/advanced/settings", \%proxysettings);
- } elsif (-e "${General::swroot}/proxy/settings") {
- &General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
- }
- &read_acls;
-}
-
-$checked{'ENABLE'}{'off'} = '';
-$checked{'ENABLE'}{'on'} = '';
-$checked{'ENABLE'}{$proxysettings{'ENABLE'}} = "checked='checked'";
-
-$checked{'TRANSPARENT'}{'off'} = '';
-$checked{'TRANSPARENT'}{'on'} = '';
-$checked{'TRANSPARENT'}{$proxysettings{'TRANSPARENT'}} = "checked='checked'";
-
-$checked{'ENABLE_BLUE'}{'off'} = '';
-$checked{'ENABLE_BLUE'}{'on'} = '';
-$checked{'ENABLE_BLUE'}{$proxysettings{'ENABLE_BLUE'}} = "checked='checked'";
-
-$checked{'TRANSPARENT_BLUE'}{'off'} = '';
-$checked{'TRANSPARENT_BLUE'}{'on'} = '';
-$checked{'TRANSPARENT_BLUE'}{$proxysettings{'TRANSPARENT_BLUE'}} = "checked='checked'";
-
-$checked{'SUPPRESS_VERSION'}{'off'} = '';
-$checked{'SUPPRESS_VERSION'}{'on'} = '';
-$checked{'SUPPRESS_VERSION'}{$proxysettings{'SUPPRESS_VERSION'}} = "checked='checked'";
-
-$checked{'FORWARD_IPADDRESS'}{'off'} = '';
-$checked{'FORWARD_IPADDRESS'}{'on'} = '';
-$checked{'FORWARD_IPADDRESS'}{$proxysettings{'FORWARD_IPADDRESS'}} = "checked='checked'";
-$checked{'FORWARD_USERNAME'}{'off'} = '';
-$checked{'FORWARD_USERNAME'}{'on'} = '';
-$checked{'FORWARD_USERNAME'}{$proxysettings{'FORWARD_USERNAME'}} = "checked='checked'";
-$checked{'FORWARD_VIA'}{'off'} = '';
-$checked{'FORWARD_VIA'}{'on'} = '';
-$checked{'FORWARD_VIA'}{$proxysettings{'FORWARD_VIA'}} = "checked='checked'";
-$checked{'NO_CONNECTION_AUTH'}{'off'} = '';
-$checked{'NO_CONNECTION_AUTH'}{'on'} = '';
-$checked{'NO_CONNECTION_AUTH'}{$proxysettings{'NO_CONNECTION_AUTH'}} = "checked='checked'";
-
-$selected{'MEM_POLICY'}{$proxysettings{'MEM_POLICY'}} = "selected='selected'";
-$selected{'CACHE_POLICY'}{$proxysettings{'CACHE_POLICY'}} = "selected='selected'";
-$selected{'L1_DIRS'}{$proxysettings{'L1_DIRS'}} = "selected='selected'";
-$checked{'OFFLINE_MODE'}{'off'} = '';
-$checked{'OFFLINE_MODE'}{'on'} = '';
-$checked{'OFFLINE_MODE'}{$proxysettings{'OFFLINE_MODE'}} = "checked='checked'";
-
-$checked{'LOGGING'}{'off'} = '';
-$checked{'LOGGING'}{'on'} = '';
-$checked{'LOGGING'}{$proxysettings{'LOGGING'}} = "checked='checked'";
-$checked{'LOGQUERY'}{'off'} = '';
-$checked{'LOGQUERY'}{'on'} = '';
-$checked{'LOGQUERY'}{$proxysettings{'LOGQUERY'}} = "checked='checked'";
-$checked{'LOGUSERAGENT'}{'off'} = '';
-$checked{'LOGUSERAGENT'}{'on'} = '';
-$checked{'LOGUSERAGENT'}{$proxysettings{'LOGUSERAGENT'}} = "checked='checked'";
-
-$selected{'ERR_LANGUAGE'}{$proxysettings{'ERR_LANGUAGE'}} = "selected='selected'";
-$selected{'ERR_DESIGN'}{$proxysettings{'ERR_DESIGN'}} = "selected='selected'";
-
-$checked{'NO_PROXY_LOCAL'}{'off'} = '';
-$checked{'NO_PROXY_LOCAL'}{'on'} = '';
-$checked{'NO_PROXY_LOCAL'}{$proxysettings{'NO_PROXY_LOCAL'}} = "checked='checked'";
-$checked{'NO_PROXY_LOCAL_BLUE'}{'off'} = '';
-$checked{'NO_PROXY_LOCAL_BLUE'}{'on'} = '';
-$checked{'NO_PROXY_LOCAL_BLUE'}{$proxysettings{'NO_PROXY_LOCAL_BLUE'}} = "checked='checked'";
-
-$checked{'CLASSROOM_EXT'}{'off'} = '';
-$checked{'CLASSROOM_EXT'}{'on'} = '';
-$checked{'CLASSROOM_EXT'}{$proxysettings{'CLASSROOM_EXT'}} = "checked='checked'";
-
-$selected{'TIME_ACCESS_MODE'}{$proxysettings{'TIME_ACCESS_MODE'}} = "selected='selected'";
-$selected{'TIME_FROM_HOUR'}{$proxysettings{'TIME_FROM_HOUR'}} = "selected='selected'";
-$selected{'TIME_FROM_MINUTE'}{$proxysettings{'TIME_FROM_MINUTE'}} = "selected='selected'";
-$selected{'TIME_TO_HOUR'}{$proxysettings{'TIME_TO_HOUR'}} = "selected='selected'";
-$selected{'TIME_TO_MINUTE'}{$proxysettings{'TIME_TO_MINUTE'}} = "selected='selected'";
-
-$proxysettings{'TIME_MON'} = 'on' unless exists $proxysettings{'TIME_MON'};
-$proxysettings{'TIME_TUE'} = 'on' unless exists $proxysettings{'TIME_TUE'};
-$proxysettings{'TIME_WED'} = 'on' unless exists $proxysettings{'TIME_WED'};
-$proxysettings{'TIME_THU'} = 'on' unless exists $proxysettings{'TIME_THU'};
-$proxysettings{'TIME_FRI'} = 'on' unless exists $proxysettings{'TIME_FRI'};
-$proxysettings{'TIME_SAT'} = 'on' unless exists $proxysettings{'TIME_SAT'};
-$proxysettings{'TIME_SUN'} = 'on' unless exists $proxysettings{'TIME_SUN'};
-
-$checked{'TIME_MON'}{'off'} = '';
-$checked{'TIME_MON'}{'on'} = '';
-$checked{'TIME_MON'}{$proxysettings{'TIME_MON'}} = "checked='checked'";
-$checked{'TIME_TUE'}{'off'} = '';
-$checked{'TIME_TUE'}{'on'} = '';
-$checked{'TIME_TUE'}{$proxysettings{'TIME_TUE'}} = "checked='checked'";
-$checked{'TIME_WED'}{'off'} = '';
-$checked{'TIME_WED'}{'on'} = '';
-$checked{'TIME_WED'}{$proxysettings{'TIME_WED'}} = "checked='checked'";
-$checked{'TIME_THU'}{'off'} = '';
-$checked{'TIME_THU'}{'on'} = '';
-$checked{'TIME_THU'}{$proxysettings{'TIME_THU'}} = "checked='checked'";
-$checked{'TIME_FRI'}{'off'} = '';
-$checked{'TIME_FRI'}{'on'} = '';
-$checked{'TIME_FRI'}{$proxysettings{'TIME_FRI'}} = "checked='checked'";
-$checked{'TIME_SAT'}{'off'} = '';
-$checked{'TIME_SAT'}{'on'} = '';
-$checked{'TIME_SAT'}{$proxysettings{'TIME_SAT'}} = "checked='checked'";
-$checked{'TIME_SUN'}{'off'} = '';
-$checked{'TIME_SUN'}{'on'} = '';
-$checked{'TIME_SUN'}{$proxysettings{'TIME_SUN'}} = "checked='checked'";
-
-$selected{'THROTTLING_GREEN_TOTAL'}{$proxysettings{'THROTTLING_GREEN_TOTAL'}} = "selected='selected'";
-$selected{'THROTTLING_GREEN_HOST'}{$proxysettings{'THROTTLING_GREEN_HOST'}} = "selected='selected'";
-$selected{'THROTTLING_BLUE_TOTAL'}{$proxysettings{'THROTTLING_BLUE_TOTAL'}} = "selected='selected'";
-$selected{'THROTTLING_BLUE_HOST'}{$proxysettings{'THROTTLING_BLUE_HOST'}} = "selected='selected'";
-
-$checked{'THROTTLE_BINARY'}{'off'} = '';
-$checked{'THROTTLE_BINARY'}{'on'} = '';
-$checked{'THROTTLE_BINARY'}{$proxysettings{'THROTTLE_BINARY'}} = "checked='checked'";
-$checked{'THROTTLE_DSKIMG'}{'off'} = '';
-$checked{'THROTTLE_DSKIMG'}{'on'} = '';
-$checked{'THROTTLE_DSKIMG'}{$proxysettings{'THROTTLE_DSKIMG'}} = "checked='checked'";
-$checked{'THROTTLE_MMEDIA'}{'off'} = '';
-$checked{'THROTTLE_MMEDIA'}{'on'} = '';
-$checked{'THROTTLE_MMEDIA'}{$proxysettings{'THROTTLE_MMEDIA'}} = "checked='checked'";
-
-$checked{'ENABLE_MIME_FILTER'}{'off'} = '';
-$checked{'ENABLE_MIME_FILTER'}{'on'} = '';
-$checked{'ENABLE_MIME_FILTER'}{$proxysettings{'ENABLE_MIME_FILTER'}} = "checked='checked'";
-
-$checked{'ENABLE_BROWSER_CHECK'}{'off'} = '';
-$checked{'ENABLE_BROWSER_CHECK'}{'on'} = '';
-$checked{'ENABLE_BROWSER_CHECK'}{$proxysettings{'ENABLE_BROWSER_CHECK'}} = "checked='checked'";
-
-foreach (@useragentlist) {
- @useragent = split(/,/);
- $checked{'UA_'.$useragent[0]}{'off'} = '';
- $checked{'UA_'.$useragent[0]}{'on'} = '';
- $checked{'UA_'.$useragent[0]}{$proxysettings{'UA_'.$useragent[0]}} = "checked='checked'";
-}
-
-$checked{'AUTH_METHOD'}{'none'} = '';
-$checked{'AUTH_METHOD'}{'ncsa'} = '';
-$checked{'AUTH_METHOD'}{'ident'} = '';
-$checked{'AUTH_METHOD'}{'ldap'} = '';
-$checked{'AUTH_METHOD'}{'ntlm'} = '';
-$checked{'AUTH_METHOD'}{'radius'} = '';
-$checked{'AUTH_METHOD'}{$proxysettings{'AUTH_METHOD'}} = "checked='checked'";
-
-$proxysettings{'AUTH_ALWAYS_REQUIRED'} = 'on' unless exists $proxysettings{'AUTH_ALWAYS_REQUIRED'};
-
-$checked{'AUTH_ALWAYS_REQUIRED'}{'off'} = '';
-$checked{'AUTH_ALWAYS_REQUIRED'}{'on'} = '';
-$checked{'AUTH_ALWAYS_REQUIRED'}{$proxysettings{'AUTH_ALWAYS_REQUIRED'}} = "checked='checked'";
-
-$checked{'NCSA_BYPASS_REDIR'}{'off'} = '';
-$checked{'NCSA_BYPASS_REDIR'}{'on'} = '';
-$checked{'NCSA_BYPASS_REDIR'}{$proxysettings{'NCSA_BYPASS_REDIR'}} = "checked='checked'";
-
-$selected{'NCSA_GROUP'}{$proxysettings{'NCSA_GROUP'}} = "selected='selected'";
-
-$selected{'LDAP_TYPE'}{$proxysettings{'LDAP_TYPE'}} = "selected='selected'";
-
-$proxysettings{'NTLM_ENABLE_INT_AUTH'} = 'on' unless exists $proxysettings{'NTLM_ENABLE_INT_AUTH'};
-
-$checked{'NTLM_ENABLE_INT_AUTH'}{'off'} = '';
-$checked{'NTLM_ENABLE_INT_AUTH'}{'on'} = '';
-$checked{'NTLM_ENABLE_INT_AUTH'}{$proxysettings{'NTLM_ENABLE_INT_AUTH'}} = "checked='checked'";
-
-$checked{'NTLM_ENABLE_ACL'}{'off'} = '';
-$checked{'NTLM_ENABLE_ACL'}{'on'} = '';
-$checked{'NTLM_ENABLE_ACL'}{$proxysettings{'NTLM_ENABLE_ACL'}} = "checked='checked'";
-
-$checked{'NTLM_USER_ACL'}{'positive'} = '';
-$checked{'NTLM_USER_ACL'}{'negative'} = '';
-$checked{'NTLM_USER_ACL'}{$proxysettings{'NTLM_USER_ACL'}} = "checked='checked'";
-
-$checked{'RADIUS_ENABLE_ACL'}{'off'} = '';
-$checked{'RADIUS_ENABLE_ACL'}{'on'} = '';
-$checked{'RADIUS_ENABLE_ACL'}{$proxysettings{'RADIUS_ENABLE_ACL'}} = "checked='checked'";
-
-$checked{'RADIUS_USER_ACL'}{'positive'} = '';
-$checked{'RADIUS_USER_ACL'}{'negative'} = '';
-$checked{'RADIUS_USER_ACL'}{$proxysettings{'RADIUS_USER_ACL'}} = "checked='checked'";
-
-$checked{'IDENT_REQUIRED'}{'off'} = '';
-$checked{'IDENT_REQUIRED'}{'on'} = '';
-$checked{'IDENT_REQUIRED'}{$proxysettings{'IDENT_REQUIRED'}} = "checked='checked'";
-
-$checked{'IDENT_ENABLE_ACL'}{'off'} = '';
-$checked{'IDENT_ENABLE_ACL'}{'on'} = '';
-$checked{'IDENT_ENABLE_ACL'}{$proxysettings{'IDENT_ENABLE_ACL'}} = "checked='checked'";
-
-$checked{'IDENT_USER_ACL'}{'positive'} = '';
-$checked{'IDENT_USER_ACL'}{'negative'} = '';
-$checked{'IDENT_USER_ACL'}{$proxysettings{'IDENT_USER_ACL'}} = "checked='checked'";
-
-$checked{'ENABLE_FILTER'}{'off'} = '';
-$checked{'ENABLE_FILTER'}{'on'} = '';
-$checked{'ENABLE_FILTER'}{$proxysettings{'ENABLE_FILTER'}} = "checked='checked'";
-
-$checked{'ENABLE_UPDXLRATOR'}{'off'} = '';
-$checked{'ENABLE_UPDXLRATOR'}{'on'} = '';
-$checked{'ENABLE_UPDXLRATOR'}{$proxysettings{'ENABLE_UPDXLRATOR'}} = "checked='checked'";
-
-&Header::openpage($Lang::tr{'advproxy advanced web proxy configuration'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-if ($squidversion[0] =~ /^Squid\sCache:\sVersion\s/i)
-{
- $squidversion[0] =~ s/^Squid\sCache:\sVersion//i;
- $squidversion[0] =~ s/^\s+//g;
- $squidversion[0] =~ s/\s+$//g;
-} else {
- $squidversion[0] = $Lang::tr{'advproxy unknown'};
-}
-
-# ===================================================================
-# Main settings
-# ===================================================================
-
-unless ($proxysettings{'NCSA_EDIT_MODE'} eq 'yes') {
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-&Header::openbox('100%', 'left', "$Lang::tr{'advproxy advanced web proxy'}");
-
-print <<END
-<table width='100%'>
-<tr>
- <td colspan='4' class='base'><b>$Lang::tr{'advproxy common settings'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy enabled on'} <font color="$Header::colourgreen">Green</font>:</td>
- <td width='20%'><input type='checkbox' name='ENABLE' $checked{'ENABLE'}{'on'} /></td>
- <td width='25%' class='base'>$Lang::tr{'advproxy proxy port'}:</td>
- <td width='30%'><input type='text' name='PROXY_PORT' value='$proxysettings{'PROXY_PORT'}' size='5' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy transparent on'} <font color="$Header::colourgreen">Green</font>:</td>
- <td><input type='checkbox' name='TRANSPARENT' $checked{'TRANSPARENT'}{'on'} /></td>
- <td class='base'>$Lang::tr{'advproxy visible hostname'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='VISIBLE_HOSTNAME' value='$proxysettings{'VISIBLE_HOSTNAME'}' /></td>
-</tr>
-<tr>
-END
-;
-if ($netsettings{'BLUE_DEV'}) {
- print "<td class='base'>$Lang::tr{'advproxy enabled on'} <font color='$Header::colourblue'>Blue</font>:</td>";
- print "<td><input type='checkbox' name='ENABLE_BLUE' $checked{'ENABLE_BLUE'}{'on'} /></td>";
-} else {
- print "<td colspan='2'> </td>";
-}
-print <<END
- <td class='base'>$Lang::tr{'advproxy admin mail'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='ADMIN_MAIL_ADDRESS' value='$proxysettings{'ADMIN_MAIL_ADDRESS'}' /></td>
-</tr>
-<tr>
-END
-;
-if ($netsettings{'BLUE_DEV'}) {
- print "<td class='base'>$Lang::tr{'advproxy transparent on'} <font color='$Header::colourblue'>Blue</font>:</td>";
- print "<td><input type='checkbox' name='TRANSPARENT_BLUE' $checked{'TRANSPARENT_BLUE'}{'on'} /></td>";
-} else {
- print "<td colspan='2'> </td>";
-}
-print <<END
- <td class='base'>$Lang::tr{'advproxy error language'}:</td>
- <td class='base'>
- <select name='ERR_LANGUAGE'>
-END
-;
- foreach (<$errordir/*>) {
- if (-d) {
- $language = substr($_,rindex($_,"/")+1);
- print "<option value='$language' $selected{'ERR_LANGUAGE'}{$language}>$language</option>\n";
- }
- }
-print <<END
- </select>
- </td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy suppress version'}:</td>
- <td><input type='checkbox' name='SUPPRESS_VERSION' $checked{'SUPPRESS_VERSION'}{'on'} /></td>
- <td class='base'>$Lang::tr{'advproxy error design'}:</td>
- <td class='base'><select name='ERR_DESIGN'>
- <option value='ipfire' $selected{'ERR_DESIGN'}{'ipfire'}>IPFire</option>
- <option value='squid' $selected{'ERR_DESIGN'}{'squid'}>$Lang::tr{'advproxy standard'}</option>
- </select></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy squid version'}:</td>
- <td class='base'> [<font color='$Header::colourred'> $squidversion[0] </font>]</td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td class='base' width='50%'><b>$Lang::tr{'advproxy url filter'}</b> $Lang::tr{'advproxy enabled'}<input type='checkbox' name='ENABLE_FILTER' $checked{'ENABLE_FILTER'}{'on'} /></td>
- <td class='base' width='50%'><b>$Lang::tr{'advproxy update accelerator'}</b> $Lang::tr{'advproxy enabled'}<input type='checkbox' name='ENABLE_UPDXLRATOR' $checked{'ENABLE_UPDXLRATOR'}{'on'} /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4' class='base'><b>$Lang::tr{'advproxy upstream proxy'}</b></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy via forwarding'}:</td><td><input type='checkbox' name='FORWARD_VIA' $checked{'FORWARD_VIA'}{'on'} /></td>
- <td class='base'>$Lang::tr{'advproxy upstream proxy host:port'}<img src='/blob.gif' alt='*' /></td><td><input type='text' name='UPSTREAM_PROXY' value='$proxysettings{'UPSTREAM_PROXY'}' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy client IP forwarding'}:</td><td><input type='checkbox' name='FORWARD_IPADDRESS' $checked{'FORWARD_IPADDRESS'}{'on'} /></td>
- <td class='base'>$Lang::tr{'advproxy upstream username'}<img src='/blob.gif' alt='*' /></td><td><input type='text' name='UPSTREAM_USER' value='$proxysettings{'UPSTREAM_USER'}' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy username forwarding'}:</td><td><input type='checkbox' name='FORWARD_USERNAME' $checked{'FORWARD_USERNAME'}{'on'} />
- <td class='base'>$Lang::tr{'advproxy upstream password'}:<img src='/blob.gif' alt='*' /></td><td><input type='password' name='UPSTREAM_PASSWORD' value='$proxysettings{'UPSTREAM_PASSWORD'}' /></td>
-</tr>
-<tr>
- <td class='base' colspan='4'>$Lang::tr{'advproxy no connection auth'}:<input type='checkbox' name='NO_CONNECTION_AUTH' $checked{'NO_CONNECTION_AUTH'}{'on'} /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4' class='base'><b>$Lang::tr{'advproxy log settings'}</b></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy log enabled'}:<input type='checkbox' name='LOGGING' $checked{'LOGGING'}{'on'} /></td>
- <td class='base'>$Lang::tr{'advproxy log query'}:<input type='checkbox' name='LOGQUERY' $checked{'LOGQUERY'}{'on'} /></td>
- <td class='base'>$Lang::tr{'advproxy log useragent'}:<input type='checkbox' name='LOGUSERAGENT' $checked{'LOGUSERAGENT'}{'on'} /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy cache management'}</b></td>
-</tr>
-<tr>
- <td width='35%'></td><td width='15%'></td><td width='35%'></td><td width='15%'></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy ram cache size'}:</td>
- <td><input type='text' name='CACHE_MEM' value='$proxysettings{'CACHE_MEM'}' size='5' /></td>
- <td class='base'>$Lang::tr{'advproxy hdd cache size'}:</td>
- <td><input type='text' name='CACHE_SIZE' value='$proxysettings{'CACHE_SIZE'}' size='5' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy min size'}:</td>
- <td><input type='text' name='MIN_SIZE' value='$proxysettings{'MIN_SIZE'}' size='5' /></td>
- <td class='base'>$Lang::tr{'advproxy max size'}:</td>
- <td><input type='text' name='MAX_SIZE' value='$proxysettings{'MAX_SIZE'}' size='5' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy number of L1 dirs'}:</td>
- <td class='base'><select name='L1_DIRS'>
- <option value='16' $selected{'L1_DIRS'}{'16'}>16</option>
- <option value='32' $selected{'L1_DIRS'}{'32'}>32</option>
- <option value='64' $selected{'L1_DIRS'}{'64'}>64</option>
- <option value='128' $selected{'L1_DIRS'}{'128'}>128</option>
- <option value='256' $selected{'L1_DIRS'}{'256'}>256</option>
- </select></td>
- <td colspan='2' rowspan= '5' valign='top' class='base'>
- <table cellspacing='0' cellpadding='0'>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <td>$Lang::tr{'advproxy no cache sites'}: <img src='/blob.gif' alt='*' /></td>
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <td align=center><textarea name='DST_NOCACHE' cols='32' rows='6' wrap='off'>
-END
-;
-
-print $proxysettings{'DST_NOCACHE'};
-
-print <<END
-</textarea></td>
- </tr>
- </table>
- </td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy memory replacement policy'}:</td>
- <td class='base'><select name='MEM_POLICY'>
- <option value='LRU' $selected{'MEM_POLICY'}{'LRU'}>LRU</option>
- <option value='heap LFUDA' $selected{'MEM_POLICY'}{'heap LFUDA'}>heap LFUDA</option>
- <option value='heap GDSF' $selected{'MEM_POLICY'}{'heap GDSF'}>heap GDSF</option>
- <option value='heap LRU' $selected{'MEM_POLICY'}{'heap LRU'}>heap LRU</option>
- </select></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy cache replacement policy'}:</td>
- <td class='base'><select name='CACHE_POLICY'>
- <option value='LRU' $selected{'CACHE_POLICY'}{'LRU'}>LRU</option>
- <option value='heap LFUDA' $selected{'CACHE_POLICY'}{'heap LFUDA'}>heap LFUDA</option>
- <option value='heap GDSF' $selected{'CACHE_POLICY'}{'heap GDSF'}>heap GDSF</option>
- <option value='heap LRU' $selected{'CACHE_POLICY'}{'heap LRU'}>heap LRU</option>
- </select></td>
-</tr>
-<tr>
- <td colspan='2'> </td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy offline mode'}:</td>
- <td><input type='checkbox' name='OFFLINE_MODE' $checked{'OFFLINE_MODE'}{'on'} /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy destination ports'}</b></td>
-</tr>
-<tr>
- <td width='25%' align=center></td> <td width='20%' align=center></td><td width='25%' align=center></td><td width='30%' align=center></td>
-</tr>
-<tr>
- <td colspan='2' class='base'>$Lang::tr{'advproxy standard ports'}:</td>
- <td colspan='2' class='base'>$Lang::tr{'advproxy ssl ports'}:</td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='PORTS_SAFE' cols='32' rows='6' wrap='off'>
-END
-;
- if (!$proxysettings{'PORTS_SAFE'}) { print $def_ports_safe; } else { print $proxysettings{'PORTS_SAFE'}; }
-
-print <<END
-</textarea></td>
- <td colspan='2'><textarea name='PORTS_SSL' cols='32' rows='6' wrap='off'>
-END
-;
- if (!$proxysettings{'PORTS_SSL'}) { print $def_ports_ssl; } else { print $proxysettings{'PORTS_SSL'}; }
-
-print <<END
-</textarea></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy network based access'}</b></td>
-</tr>
-<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-</tr>
-<tr>
- <td colspan='4' class='base'>$Lang::tr{'advproxy allowed subnets'}:</td>
-</tr>
-<tr>
- <td colspan='2' rowspan='4'><textarea name='SRC_SUBNETS' cols='32' rows='3' wrap='off'>
-END
-;
-
-if (!$proxysettings{'SRC_SUBNETS'})
-{
- print "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}\n";
- if ($netsettings{'BLUE_DEV'})
- {
- print "$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}\n";
- }
-} else { print $proxysettings{'SRC_SUBNETS'}; }
-
-print <<END
-</textarea></td>
-END
-;
-
-$line = $Lang::tr{'advproxy no internal proxy on green'};
-$line =~ s/Green/<font color="$Header::colourgreen">Green<\/font>/i;
-print "<td class='base'>$line:</td>\n";
-print <<END
- <td><input type='checkbox' name='NO_PROXY_LOCAL' $checked{'NO_PROXY_LOCAL'}{'on'} /></td>
-</tr>
-END
-;
-if ($netsettings{'BLUE_DEV'}) {
- $line = $Lang::tr{'advproxy no internal proxy on blue'};
- $line =~ s/Blue/<font color="$Header::colourblue">Blue<\/font>/i;
- print "<tr>\n";
- print "<td class='base'>$line:</td>\n";
- print <<END
- <td><input type='checkbox' name='NO_PROXY_LOCAL_BLUE' $checked{'NO_PROXY_LOCAL_BLUE'}{'on'} /></td>
-</tr>
-END
-;
-}
-print <<END
-<tr>
- <td colspan='2'> </td>
-</tr>
-<tr>
- <td colspan='2'> </td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-</tr>
-<tr>
- <td colspan='2' class='base'>$Lang::tr{'advproxy unrestricted ip clients'}: <img src='/blob.gif' alt='*' /></td>
- <td colspan='2' class='base'>$Lang::tr{'advproxy unrestricted mac clients'}: <img src='/blob.gif' alt='*' /></td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='SRC_UNRESTRICTED_IP' cols='32' rows='3' wrap='off'>
-END
-;
-
- print $proxysettings{'SRC_UNRESTRICTED_IP'};
-
-print <<END
-</textarea></td>
- <td colspan='2'><textarea name='SRC_UNRESTRICTED_MAC' cols='32' rows='3' wrap='off'>
-END
-;
-
-print $proxysettings{'SRC_UNRESTRICTED_MAC'};
-
-print <<END
-</textarea></td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-</tr>
-<tr>
- <td colspan='2' class='base'>$Lang::tr{'advproxy banned ip clients'}: <img src='/blob.gif' alt='*' /></td>
- <td colspan='2' class='base'>$Lang::tr{'advproxy banned mac clients'}: <img src='/blob.gif' alt='*' /></td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='SRC_BANNED_IP' cols='32' rows='3' wrap='off'>
-END
-;
-
- print $proxysettings{'SRC_BANNED_IP'};
-
-print <<END
-</textarea></td>
- <td colspan='2'><textarea name='SRC_BANNED_MAC' cols='32' rows='3' wrap='off'>
-END
-;
-
-print $proxysettings{'SRC_BANNED_MAC'};
-
-print <<END
-</textarea></td>
-</tr>
-</table>
-
-<hr size='1'>
-
-END
-;
-# -------------------------------------------------------------------
-# CRE GUI - optional
-# -------------------------------------------------------------------
-
-if (-e $cre_enabled) { print <<END
-<table width='100%'>
-
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy classroom extensions'}</b> $Lang::tr{'advproxy enabled'}:<input type='checkbox' name='CLASSROOM_EXT' $checked{'CLASSROOM_EXT'}{'on'} /></td>
-</tr>
-<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-</tr>
-<tr>
-
-END
-;
-if ($proxysettings{'CLASSROOM_EXT'} eq 'on'){
-print <<END
- <td class='base'>$Lang::tr{'advproxy supervisor password'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='password' name='SUPERVISOR_PASSWORD' value='$proxysettings{'SUPERVISOR_PASSWORD'}' size='12' /></td>
-</tr>
-<tr>
- <td colspan='2' class='base'>$Lang::tr{'advproxy cre group definitions'}:</td>
- <td colspan='2' class='base'>$Lang::tr{'advproxy cre supervisors'}: <img src='/blob.gif' alt='*' /></td>
-END
-;
-}
-print "</tr>";
-if ($proxysettings{'CLASSROOM_EXT'} eq 'on'){
-print <<END
-<tr>
- <td colspan='2'><textarea name='CRE_GROUPS' cols='32' rows='6' wrap='off'>
-END
-;
-
- print $proxysettings{'CRE_GROUPS'};
-
-print <<END
-</textarea></td>
- <td colspan='2'><textarea name='CRE_SVHOSTS' cols='32' rows='6' wrap='off'>
-END
-;
- print $proxysettings{'CRE_SVHOSTS'};
-
-print <<END
-</textarea></td>
-</tr>
-END
-;
-}
-print "</table><hr size='1'>";
-
-} else {
- print <<END
- <input type='hidden' name='SUPERVISOR_PASSWORD' value='$proxysettings{'SUPERVISOR_PASSWORD'}' />
- <input type='hidden' name='CRE_GROUPS' value='$proxysettings{'CRE_GROUPS'}' />
- <input type='hidden' name='CRE_SVHOSTS' value='$proxysettings{'CRE_SVHOSTS'}' />
-END
-;
-}
-
-# -------------------------------------------------------------------
-
-print <<END
-
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy time restrictions'}</b></td>
-</tr>
-<table width='100%'>
-<tr>
- <td width='2%'>$Lang::tr{'advproxy access'}</td>
- <td width='1%'> </td>
- <td width='2%' align='center'>$Lang::tr{'advproxy monday'}</td>
- <td width='2%' align='center'>$Lang::tr{'advproxy tuesday'}</td>
- <td width='2%' align='center'>$Lang::tr{'advproxy wednesday'}</td>
- <td width='2%' align='center'>$Lang::tr{'advproxy thursday'}</td>
- <td width='2%' align='center'>$Lang::tr{'advproxy friday'}</td>
- <td width='2%' align='center'>$Lang::tr{'advproxy saturday'}</td>
- <td width='2%' align='center'>$Lang::tr{'advproxy sunday'}</td>
- <td width='1%'> </td>
- <td width='7%' colspan=3>$Lang::tr{'advproxy from'}</td>
- <td width='1%'> </td>
- <td width='7%' colspan=3>$Lang::tr{'advproxy to'}</td>
- <td> </td>
-</tr>
-<tr>
- <td class='base'>
- <select name='TIME_ACCESS_MODE'>
- <option value='allow' $selected{'TIME_ACCESS_MODE'}{'allow'}>$Lang::tr{'advproxy mode allow'}</option>
- <option value='deny' $selected{'TIME_ACCESS_MODE'}{'deny'}>$Lang::tr{'advproxy mode deny'}</option>
- </select>
- </td>
- <td> </td>
- <td class='base'><input type='checkbox' name='TIME_MON' $checked{'TIME_MON'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='TIME_TUE' $checked{'TIME_TUE'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='TIME_WED' $checked{'TIME_WED'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='TIME_THU' $checked{'TIME_THU'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='TIME_FRI' $checked{'TIME_FRI'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='TIME_SAT' $checked{'TIME_SAT'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='TIME_SUN' $checked{'TIME_SUN'}{'on'} /></td>
- <td> </td>
- <td class='base'>
- <select name='TIME_FROM_HOUR'>
-END
-;
-for ($i=0;$i<=24;$i++) {
- $_ = sprintf("%02s",$i);
- print "<option $selected{'TIME_FROM_HOUR'}{$_}>$_</option>\n";
-}
-print <<END
- </select>
- </td>
- <td>:</td>
- <td class='base'>
- <select name='TIME_FROM_MINUTE'>
-END
-;
-for ($i=0;$i<=45;$i+=15) {
- $_ = sprintf("%02s",$i);
- print "<option $selected{'TIME_FROM_MINUTE'}{$_}>$_</option>\n";
-}
-print <<END
- </select>
- <td> - </td>
- </td>
- <td class='base'>
- <select name='TIME_TO_HOUR'>
-END
-;
-for ($i=0;$i<=24;$i++) {
- $_ = sprintf("%02s",$i);
- print "<option $selected{'TIME_TO_HOUR'}{$_}>$_</option>\n";
-}
-print <<END
- </select>
- </td>
- <td>:</td>
- <td class='base'>
- <select name='TIME_TO_MINUTE'>
-END
-;
-for ($i=0;$i<=45;$i+=15) {
- $_ = sprintf("%02s",$i);
- print "<option $selected{'TIME_TO_MINUTE'}{$_}>$_</option>\n";
-}
-print <<END
- </select>
- </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy transfer limits'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy max download size'}:</td>
- <td width='20%'><input type='text' name='MAX_INCOMING_SIZE' value='$proxysettings{'MAX_INCOMING_SIZE'}' size='5' /></td>
- <td width='25%' class='base'>$Lang::tr{'advproxy max upload size'}:</td>
- <td width='30%'><input type='text' name='MAX_OUTGOING_SIZE' value='$proxysettings{'MAX_OUTGOING_SIZE'}' size='5' /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy download throttling'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy throttling total on'} <font color="$Header::colourgreen">Green</font>:</td>
- <td width='20%' class='base'>
- <select name='THROTTLING_GREEN_TOTAL'>
-END
-;
-
-foreach (@throttle_limits) {
- print "\t<option value='$_' $selected{'THROTTLING_GREEN_TOTAL'}{$_}>$_ kBit/s</option>\n";
-}
-
-print <<END
- <option value='0' $selected{'THROTTLING_GREEN_TOTAL'}{'unlimited'}>$Lang::tr{'advproxy throttling unlimited'}</option>\n";
- </select>
- </td>
- <td width='25%' class='base'>$Lang::tr{'advproxy throttling per host on'} <font color="$Header::colourgreen">Green</font>:</td>
- <td width='30%' class='base'>
- <select name='THROTTLING_GREEN_HOST'>
-END
-;
-
-foreach (@throttle_limits) {
- print "\t<option value='$_' $selected{'THROTTLING_GREEN_HOST'}{$_}>$_ kBit/s</option>\n";
-}
-
-print <<END
- <option value='0' $selected{'THROTTLING_GREEN_HOST'}{'unlimited'}>$Lang::tr{'advproxy throttling unlimited'}</option>\n";
- </select>
- </td>
-</tr>
-END
-;
-
-if ($netsettings{'BLUE_DEV'}) {
- print <<END
-<tr>
- <td class='base'>$Lang::tr{'advproxy throttling total on'} <font color="$Header::colourblue">Blue</font>:</td>
- <td class='base'>
- <select name='THROTTLING_BLUE_TOTAL'>
-END
-;
-
-foreach (@throttle_limits) {
- print "\t<option value='$_' $selected{'THROTTLING_BLUE_TOTAL'}{$_}>$_ kBit/s</option>\n";
-}
-
-print <<END
- <option value='0' $selected{'THROTTLING_BLUE_TOTAL'}{'unlimited'}>$Lang::tr{'advproxy throttling unlimited'}</option>\n";
- </select>
- </td>
- <td class='base'>$Lang::tr{'advproxy throttling per host on'} <font color="$Header::colourblue">Blue</font>:</td>
- <td class='base'>
- <select name='THROTTLING_BLUE_HOST'>
-END
-;
-
-foreach (@throttle_limits) {
- print "\t<option value='$_' $selected{'THROTTLING_BLUE_HOST'}{$_}>$_ kBit/s</option>\n";
-}
-
-print <<END
- <option value='0' $selected{'THROTTLING_BLUE_HOST'}{'unlimited'}>$Lang::tr{'advproxy throttling unlimited'}</option>\n";
- </select>
- </td>
-</tr>
-END
-;
-}
-
-print <<END
-</table>
-<table width='100%'>
-<tr>
- <td colspan='4'><i>$Lang::tr{'advproxy content based throttling'}:</i></td>
-</tr>
-<tr>
- <td width='15%' class='base'>$Lang::tr{'advproxy throttle binary'}:</td>
- <td width='10%'><input type='checkbox' name='THROTTLE_BINARY' $checked{'THROTTLE_BINARY'}{'on'} /></td>
- <td width='15%' class='base'>$Lang::tr{'advproxy throttle dskimg'}:</td>
- <td width='10%'><input type='checkbox' name='THROTTLE_DSKIMG' $checked{'THROTTLE_DSKIMG'}{'on'} /></td>
- <td width='15%' class='base'>$Lang::tr{'advproxy throttle mmedia'}:</td>
- <td width='10%'><input type='checkbox' name='THROTTLE_MMEDIA' $checked{'THROTTLE_MMEDIA'}{'on'} /></td>
- <td width='15%'> </td>
- <td width='10%'> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy MIME filter'}</b> $Lang::tr{'advproxy enabled'}:<input type='checkbox' name='ENABLE_MIME_FILTER' $checked{'ENABLE_MIME_FILTER'}{'on'} /></td>
-</tr>
-END
-;
-if ( $proxysettings{'ENABLE_MIME_FILTER'} eq 'on' ){
-print <<END
-<tr>
- <td colspan='2' class='base'>$Lang::tr{'advproxy MIME block types'}: <img src='/blob.gif' alt='*' /></td>
- <td> </td>
- <td> </td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='MIME_TYPES' cols='32' rows='6' wrap='off'>
-END
-;
-
-print $proxysettings{'MIME_TYPES'};
-
-print <<END
-</textarea></td>
- <td> </td>
- <td> </td>
-</tr>
-END
-;
-}
-print <<END
-</table>
-
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy web browser'}</b> $Lang::tr{'advproxy UA enable filter'}:<input type='checkbox' name='ENABLE_BROWSER_CHECK' $checked{'ENABLE_BROWSER_CHECK'}{'on'} /></td>
-</tr>
-END
-;
-if ( $proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on' ){
-print <<END
-<tr>
- <td colspan='4'><i>
-END
-;
-if (@useragentlist) { print "$Lang::tr{'advproxy allowed web browsers'}:"; } else { print "$Lang::tr{'advproxy no clients defined'}"; }
-print <<END
-</i></td>
-</tr>
-</table>
-<table width='100%'>
-END
-;
-
-for ($n=0; $n<=@useragentlist; $n = $n + $i) {
- for ($i=0; $i<=3; $i++) {
- if ($i eq 0) { print "<tr>\n"; }
- if (($n+$i) < @useragentlist) {
- @useragent = split(/,/,@useragentlist[$n+$i]);
- print "<td width='15%'>$useragent[1]:<\/td>\n";
- print "<td width='10%'><input type='checkbox' name='UA_$useragent[0]' $checked{'UA_'.$useragent[0]}{'on'} /></td>\n";
- }
- if ($i eq 3) { print "<\/tr>\n"; }
- }
-}
-}
-print <<END
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td><b>$Lang::tr{'advproxy privacy'}</b></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy fake useragent'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base'>$Lang::tr{'advproxy fake referer'}: <img src='/blob.gif' alt='*' /></td>
-</tr>
-<tr>
- <td><input type='text' name='FAKE_USERAGENT' value='$proxysettings{'FAKE_USERAGENT'}' size='56' /></td>
- <td><input type='text' name='FAKE_REFERER' value='$proxysettings{'FAKE_REFERER'}' size='56' /></td>
-</tr>
-</table>
-<hr size='1'>
-END
-;
-
-print <<END
-<table width='100%'>
-<tr>
- <td colspan='5'><b>$Lang::tr{'advproxy AUTH method'}</b></td>
-</tr>
-<tr>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='none' $checked{'AUTH_METHOD'}{'none'} />$Lang::tr{'advproxy AUTH method none'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='ncsa' $checked{'AUTH_METHOD'}{'ncsa'} />$Lang::tr{'advproxy AUTH method ncsa'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='ident' $checked{'AUTH_METHOD'}{'ident'} />$Lang::tr{'advproxy AUTH method ident'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='ldap' $checked{'AUTH_METHOD'}{'ldap'} />$Lang::tr{'advproxy AUTH method ldap'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='ntlm' $checked{'AUTH_METHOD'}{'ntlm'} />$Lang::tr{'advproxy AUTH method ntlm'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='radius' $checked{'AUTH_METHOD'}{'radius'} />$Lang::tr{'advproxy AUTH method radius'}</td>
-</tr>
-</table>
-END
-;
-
-if (!($proxysettings{'AUTH_METHOD'} eq 'none')) { if (!($proxysettings{'AUTH_METHOD'} eq 'ident')) { print <<END
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy AUTH global settings'}</b></td>
-</tr>
-<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy AUTH number of auth processes'}:</td>
- <td><input type='text' name='AUTH_CHILDREN' value='$proxysettings{'AUTH_CHILDREN'}' size='5' /></td>
- <td colspan='2' rowspan= '6' valign='top' class='base'>
- <table cellpadding='0' cellspacing='0'>
- <tr>
- <td class='base'>$Lang::tr{'advproxy AUTH realm'}: <img src='/blob.gif' alt='*' /></td>
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <td><input type='text' name='AUTH_REALM' value='$proxysettings{'AUTH_REALM'}' size='40' /></td>
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <td>$Lang::tr{'advproxy AUTH no auth'}: <img src='/blob.gif' alt='*' /></td>
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <td><textarea name='DST_NOAUTH' cols='32' rows='6' wrap='off'>
-END
-;
-
-print $proxysettings{'DST_NOAUTH'};
-
-print <<END
-</textarea></td>
- </tr>
- </table>
- </td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy AUTH auth cache TTL'}:</td>
- <td><input type='text' name='AUTH_CACHE_TTL' value='$proxysettings{'AUTH_CACHE_TTL'}' size='5' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy AUTH limit of IP addresses'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='AUTH_MAX_USERIP' value='$proxysettings{'AUTH_MAX_USERIP'}' size='5' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy AUTH user IP cache TTL'}:</td>
- <td><input type='text' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy AUTH always required'}:</td>
- <td><input type='checkbox' name='AUTH_ALWAYS_REQUIRED' $checked{'AUTH_ALWAYS_REQUIRED'}{'on'} /></td>
-</tr>
-<tr>
- <td colspan='2'> </td>
-</tr>
-</table>
-END
-;
-}
-
-# ===================================================================
-# NCSA auth settings
-# ===================================================================
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ncsa') {
-print <<END
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy NCSA auth'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy NCSA min password length'}:</td>
- <td width='20%'><input type='text' name='NCSA_MIN_PASS_LEN' value='$proxysettings{'NCSA_MIN_PASS_LEN'}' size='5' /></td>
- <td width='25%' class='base'>$Lang::tr{'advproxy NCSA redirector bypass'} \'$Lang::tr{'advproxy NCSA grp extended'}\':</td>
- <td width='20%'><input type='checkbox' name='NCSA_BYPASS_REDIR' $checked{'NCSA_BYPASS_REDIR'}{'on'} /></td>
-</tr>
-<tr>
- <td colspan='2'><br> <input type='submit' name='ACTION' value='$Lang::tr{'advproxy NCSA user management'}'></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-END
-; }
-
-# ===================================================================
-# IDENTD auth settings
-# ===================================================================
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ident') {
-print <<END
-<hr size ='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy IDENT identd settings'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy IDENT required'}:</td>
- <td width='20%'><input type='checkbox' name='IDENT_REQUIRED' $checked{'IDENT_REQUIRED'}{'on'} /></td>
- <td width='25%' class='base'>$Lang::tr{'advproxy AUTH always required'}:</td>
- <td width='30%'><input type='checkbox' name='AUTH_ALWAYS_REQUIRED' $checked{'AUTH_ALWAYS_REQUIRED'}{'on'} /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy IDENT timeout'}:</td>
- <td><input type='text' name='IDENT_TIMEOUT' value='$proxysettings{'IDENT_TIMEOUT'}' size='5' /></td>
- <td> </td>
- <td> </td>
-</tr>
-<tr>
- <td colspan='2' class='base'>$Lang::tr{'advproxy IDENT aware hosts'}:</td>
- <td colspan='2' class='base'>$Lang::tr{'advproxy AUTH no auth'}: <img src='/blob.gif' alt='*' /></td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='IDENT_HOSTS' cols='32' rows='6' wrap='off'>
-END
-;
-if (!$proxysettings{'IDENT_HOSTS'}) {
- print "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}\n";
- if ($netsettings{'BLUE_DEV'}) {
- print "$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}\n";
- }
-} else {
- print $proxysettings{'IDENT_HOSTS'};
-}
-
-print <<END
-</textarea></td>
- <td colspan='2'><textarea name='DST_NOAUTH' cols='32' rows='6' wrap='off'>
-END
-;
-
-print $proxysettings{'DST_NOAUTH'};
-
-print <<END
-</textarea></td>
-</tr>
-</table>
-<hr size ='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy IDENT user based access restrictions'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy enabled'}:</td>
- <td width='20%'><input type='checkbox' name='IDENT_ENABLE_ACL' $checked{'IDENT_ENABLE_ACL'}{'on'} /></td>
- <td width='25%'> </td>
- <td width='30%'> </td>
-</tr>
-<tr>
- <td colspan='2'><input type='radio' name='IDENT_USER_ACL' value='positive' $checked{'IDENT_USER_ACL'}{'positive'} />
- $Lang::tr{'advproxy IDENT use positive access list'}:</td>
- <td colspan='2'><input type='radio' name='IDENT_USER_ACL' value='negative' $checked{'IDENT_USER_ACL'}{'negative'} />
- $Lang::tr{'advproxy IDENT use negative access list'}:</td>
-</tr>
-<tr>
- <td colspan='2'>$Lang::tr{'advproxy IDENT authorized users'}</td>
- <td colspan='2'>$Lang::tr{'advproxy IDENT unauthorized users'}</td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='IDENT_ALLOW_USERS' cols='32' rows='6' wrap='off'>
-END
-; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ident') { print $proxysettings{'IDENT_ALLOW_USERS'}; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ident') { print <<END
-</textarea></td>
- <td colspan='2'><textarea name='IDENT_DENY_USERS' cols='32' rows='6' wrap='off'>
-END
-; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ident') { print $proxysettings{'IDENT_DENY_USERS'}; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ident') { print <<END
-</textarea></td>
-</tr>
-</table>
-END
-; }
-
-# ===================================================================
-# NTLM auth settings
-# ===================================================================
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') {
-print <<END
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='6'><b>$Lang::tr{'advproxy NTLM domain settings'}</b></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy NTLM domain'}:</td>
- <td><input type='text' name='NTLM_DOMAIN' value='$proxysettings{'NTLM_DOMAIN'}' size='15' /></td>
- <td class='base'>$Lang::tr{'advproxy NTLM PDC hostname'}:</td>
- <td><input type='text' name='NTLM_PDC' value='$proxysettings{'NTLM_PDC'}' size='14' /></td>
- <td class='base'>$Lang::tr{'advproxy NTLM BDC hostname'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='NTLM_BDC' value='$proxysettings{'NTLM_BDC'}' size='14' /></td>
-</tr>
-</table>
-<hr size ='1'>
-<table width='100%'>
-<tr>
- <td colspan='3'><b>$Lang::tr{'advproxy NTLM auth mode'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base' width='25%'>$Lang::tr{'advproxy NTLM use integrated auth'}:</td>
- <td width='20%'><input type='checkbox' name='NTLM_ENABLE_INT_AUTH' $checked{'NTLM_ENABLE_INT_AUTH'}{'on'} /></td>
- <td> </td>
-</tr>
-</table>
-<hr size ='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy NTLM user based access restrictions'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy enabled'}:</td>
- <td width='20%'><input type='checkbox' name='NTLM_ENABLE_ACL' $checked{'NTLM_ENABLE_ACL'}{'on'} /></td>
- <td width='25%'> </td>
- <td width='30%'> </td>
-</tr>
-<tr>
- <td colspan='2'><input type='radio' name='NTLM_USER_ACL' value='positive' $checked{'NTLM_USER_ACL'}{'positive'} />
- $Lang::tr{'advproxy NTLM use positive access list'}:</td>
- <td colspan='2'><input type='radio' name='NTLM_USER_ACL' value='negative' $checked{'NTLM_USER_ACL'}{'negative'} />
- $Lang::tr{'advproxy NTLM use negative access list'}:</td>
-</tr>
-<tr>
- <td colspan='2'>$Lang::tr{'advproxy NTLM authorized users'}</td>
- <td colspan='2'>$Lang::tr{'advproxy NTLM unauthorized users'}</td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='NTLM_ALLOW_USERS' cols='32' rows='6' wrap='off'>
-END
-; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print $proxysettings{'NTLM_ALLOW_USERS'}; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print <<END
-</textarea></td>
- <td colspan='2'><textarea name='NTLM_DENY_USERS' cols='32' rows='6' wrap='off'>
-END
-; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print $proxysettings{'NTLM_DENY_USERS'}; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') { print <<END
-</textarea></td>
-</tr>
-</table>
-END
-; }
-
-# ===================================================================
-# LDAP auth settings
-# ===================================================================
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ldap') {
-print <<END
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy LDAP common settings'}</b></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy LDAP basedn'}:</td>
- <td><input type='text' name='LDAP_BASEDN' value='$proxysettings{'LDAP_BASEDN'}' size='37' /></td>
- <td class='base'>$Lang::tr{'advproxy LDAP type'}:</td>
- <td class='base'><select name='LDAP_TYPE'>
- <option value='ADS' $selected{'LDAP_TYPE'}{'ADS'}>$Lang::tr{'advproxy LDAP ADS'}</option>
- <option value='NDS' $selected{'LDAP_TYPE'}{'NDS'}>$Lang::tr{'advproxy LDAP NDS'}</option>
- <option value='V2' $selected{'LDAP_TYPE'}{'V2'}>$Lang::tr{'advproxy LDAP V2'}</option>
- <option value='V3' $selected{'LDAP_TYPE'}{'V3'}>$Lang::tr{'advproxy LDAP V3'}</option>
- </select></td>
-</tr>
-<tr>
- <td width='20%' class='base'>$Lang::tr{'advproxy LDAP server'}:</td>
- <td width='40%'><input type='text' name='LDAP_SERVER' value='$proxysettings{'LDAP_SERVER'}' size='14' /></td>
- <td width='20%' class='base'>$Lang::tr{'advproxy LDAP port'}:</td>
- <td><input type='text' name='LDAP_PORT' value='$proxysettings{'LDAP_PORT'}' size='3' /></td>
-</tr>
-</table>
-<hr size ='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy LDAP binddn settings'}</b></td>
-</tr>
-<tr>
- <td width='20%' class='base'>$Lang::tr{'advproxy LDAP binddn username'}:</td>
- <td width='40%'><input type='text' name='LDAP_BINDDN_USER' value='$proxysettings{'LDAP_BINDDN_USER'}' size='37' /></td>
- <td width='20%' class='base'>$Lang::tr{'advproxy LDAP binddn password'}:</td>
- <td><input type='password' name='LDAP_BINDDN_PASS' value='$proxysettings{'LDAP_BINDDN_PASS'}' size='14' /></td>
-</tr>
-</table>
-<hr size ='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy LDAP group access control'}</b></td>
-</tr>
-<tr>
- <td width='20%' class='base'>$Lang::tr{'advproxy LDAP group required'}: <img src='/blob.gif' alt='*' /></td>
- <td width='40%'><input type='text' name='LDAP_GROUP' value='$proxysettings{'LDAP_GROUP'}' size='37' /></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-END
-; }
-
-# ===================================================================
-# RADIUS auth settings
-# ===================================================================
-
-if ($proxysettings{'AUTH_METHOD'} eq 'radius') {
-print <<END
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy RADIUS radius settings'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy RADIUS server'}:</td>
- <td width='20%'><input type='text' name='RADIUS_SERVER' value='$proxysettings{'RADIUS_SERVER'}' size='14' /></td>
- <td width='25%' class='base'>$Lang::tr{'advproxy RADIUS port'}:</td>
- <td width='30%'><input type='text' name='RADIUS_PORT' value='$proxysettings{'RADIUS_PORT'}' size='3' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy RADIUS identifier'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='RADIUS_IDENTIFIER' value='$proxysettings{'RADIUS_IDENTIFIER'}' size='14' /></td>
- <td class='base'>$Lang::tr{'advproxy RADIUS secret'}:</td>
- <td><input type='password' name='RADIUS_SECRET' value='$proxysettings{'RADIUS_SECRET'}' size='14' /></td>
-</tr>
-</table>
-<hr size ='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy RADIUS user based access restrictions'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy enabled'}:</td>
- <td width='20%'><input type='checkbox' name='RADIUS_ENABLE_ACL' $checked{'RADIUS_ENABLE_ACL'}{'on'} /></td>
- <td width='25%'> </td>
- <td width='30%'> </td>
-</tr>
-<tr>
- <td colspan='2'><input type='radio' name='RADIUS_USER_ACL' value='positive' $checked{'RADIUS_USER_ACL'}{'positive'} />
- $Lang::tr{'advproxy RADIUS use positive access list'}:</td>
- <td colspan='2'><input type='radio' name='RADIUS_USER_ACL' value='negative' $checked{'RADIUS_USER_ACL'}{'negative'} />
- $Lang::tr{'advproxy RADIUS use negative access list'}:</td>
-</tr>
-<tr>
- <td colspan='2'>$Lang::tr{'advproxy RADIUS authorized users'}</td>
- <td colspan='2'>$Lang::tr{'advproxy RADIUS unauthorized users'}</td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='RADIUS_ALLOW_USERS' cols='32' rows='6' wrap='off'>
-END
-; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'radius') { print $proxysettings{'RADIUS_ALLOW_USERS'}; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'radius') { print <<END
-</textarea></td>
- <td colspan='2'><textarea name='RADIUS_DENY_USERS' cols='32' rows='6' wrap='off'>
-END
-; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'radius') { print $proxysettings{'RADIUS_DENY_USERS'}; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'radius') { print <<END
-</textarea></td>
-</tr>
-</table>
-END
-; }
-
-# ===================================================================
-
-}
-
-print "<table>\n";
-
-if ($proxysettings{'AUTH_METHOD'} eq 'none') {
-print <<END
-<td><input type='hidden' name='AUTH_CHILDREN' value='$proxysettings{'AUTH_CHILDREN'}'></td>
-<td><input type='hidden' name='AUTH_CACHE_TTL' value='$proxysettings{'AUTH_CACHE_TTL'}' size='5' /></td>
-<td><input type='hidden' name='AUTH_MAX_USERIP' value='$proxysettings{'AUTH_MAX_USERIP'}' size='5' /></td>
-<td><input type='hidden' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td>
-<td><input type='hidden' name='AUTH_ALWAYS_REQUIRED' value='$proxysettings{'AUTH_ALWAYS_REQUIRED'}'></td>
-<td><input type='hidden' name='AUTH_REALM' value='$proxysettings{'AUTH_REALM'}'></td>
-<td><input type='hidden' name='DST_NOAUTH' value='$proxysettings{'DST_NOAUTH'}'></td>
-END
-; }
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ident') {
-print <<END
-<td><input type='hidden' name='AUTH_CHILDREN' value='$proxysettings{'AUTH_CHILDREN'}'></td>
-<td><input type='hidden' name='AUTH_CACHE_TTL' value='$proxysettings{'AUTH_CACHE_TTL'}' size='5' /></td>
-<td><input type='hidden' name='AUTH_MAX_USERIP' value='$proxysettings{'AUTH_MAX_USERIP'}' size='5' /></td>
-<td><input type='hidden' name='AUTH_IPCACHE_TTL' value='$proxysettings{'AUTH_IPCACHE_TTL'}' size='5' /></td>
-<td><input type='hidden' name='AUTH_REALM' value='$proxysettings{'AUTH_REALM'}'></td>
-END
-; }
-
-if (!($proxysettings{'AUTH_METHOD'} eq 'ncsa')) {
-print <<END
-<td><input type='hidden' name='NCSA_MIN_PASS_LEN' value='$proxysettings{'NCSA_MIN_PASS_LEN'}'></td>
-<td><input type='hidden' name='NCSA_BYPASS_REDIR' value='$proxysettings{'NCSA_BYPASS_REDIR'}'></td>
-END
-; }
-
-if (!($proxysettings{'AUTH_METHOD'} eq 'ident')) {
-print <<END
-<td><input type='hidden' name='IDENT_REQUIRED' value='$proxysettings{'IDENT_REQUIRED'}'></td>
-<td><input type='hidden' name='IDENT_TIMEOUT' value='$proxysettings{'IDENT_TIMEOUT'}'></td>
-<td><input type='hidden' name='IDENT_HOSTS' value='$proxysettings{'IDENT_HOSTS'}'></td>
-<td><input type='hidden' name='IDENT_ENABLE_ACL' value='$proxysettings{'IDENT_ENABLE_ACL'}'></td>
-<td><input type='hidden' name='IDENT_USER_ACL' value='$proxysettings{'IDENT_USER_ACL'}'></td>
-<td><input type='hidden' name='IDENT_ALLOW_USERS' value='$proxysettings{'IDENT_ALLOW_USERS'}'></td>
-<td><input type='hidden' name='IDENT_DENY_USERS' value='$proxysettings{'IDENT_DENY_USERS'}'></td>
-END
-; }
-
-if (!($proxysettings{'AUTH_METHOD'} eq 'ldap')) {
-print <<END
-<td><input type='hidden' name='LDAP_BASEDN' value='$proxysettings{'LDAP_BASEDN'}'></td>
-<td><input type='hidden' name='LDAP_TYPE' value='$proxysettings{'LDAP_TYPE'}'></td>
-<td><input type='hidden' name='LDAP_SERVER' value='$proxysettings{'LDAP_SERVER'}'></td>
-<td><input type='hidden' name='LDAP_PORT' value='$proxysettings{'LDAP_PORT'}'></td>
-<td><input type='hidden' name='LDAP_BINDDN_USER' value='$proxysettings{'LDAP_BINDDN_USER'}'></td>
-<td><input type='hidden' name='LDAP_BINDDN_PASS' value='$proxysettings{'LDAP_BINDDN_PASS'}'></td>
-<td><input type='hidden' name='LDAP_GROUP' value='$proxysettings{'LDAP_GROUP'}'></td>
-END
-; }
-
-if (!($proxysettings{'AUTH_METHOD'} eq 'ntlm')) {
-print <<END
-<td><input type='hidden' name='NTLM_DOMAIN' value='$proxysettings{'NTLM_DOMAIN'}'></td>
-<td><input type='hidden' name='NTLM_PDC' value='$proxysettings{'NTLM_PDC'}'></td>
-<td><input type='hidden' name='NTLM_BDC' value='$proxysettings{'NTLM_BDC'}'></td>
-<td><input type='hidden' name='NTLM_ENABLE_INT_AUTH' value='$proxysettings{'NTLM_ENABLE_INT_AUTH'}'></td>
-<td><input type='hidden' name='NTLM_ENABLE_ACL' value='$proxysettings{'NTLM_ENABLE_ACL'}'></td>
-<td><input type='hidden' name='NTLM_USER_ACL' value='$proxysettings{'NTLM_USER_ACL'}'></td>
-<td><input type='hidden' name='NTLM_ALLOW_USERS' value='$proxysettings{'NTLM_ALLOW_USERS'}'></td>
-<td><input type='hidden' name='NTLM_DENY_USERS' value='$proxysettings{'NTLM_DENY_USERS'}'></td>
-END
-; }
-
-if (!($proxysettings{'AUTH_METHOD'} eq 'radius')) {
-print <<END
-<td><input type='hidden' name='RADIUS_SERVER' value='$proxysettings{'RADIUS_SERVER'}'></td>
-<td><input type='hidden' name='RADIUS_PORT' value='$proxysettings{'RADIUS_PORT'}'></td>
-<td><input type='hidden' name='RADIUS_IDENTIFIER' value='$proxysettings{'RADIUS_IDENTIFIER'}'></td>
-<td><input type='hidden' name='RADIUS_SECRET' value='$proxysettings{'RADIUS_SECRET'}'></td>
-<td><input type='hidden' name='RADIUS_ENABLE_ACL' value='$proxysettings{'RADIUS_ENABLE_ACL'}'></td>
-<td><input type='hidden' name='RADIUS_USER_ACL' value='$proxysettings{'RADIUS_USER_ACL'}'></td>
-<td><input type='hidden' name='RADIUS_ALLOW_USERS' value='$proxysettings{'RADIUS_ALLOW_USERS'}'></td>
-<td><input type='hidden' name='RADIUS_DENY_USERS' value='$proxysettings{'RADIUS_DENY_USERS'}'></td>
-END
-; }
-
-print "</table>\n";
-
-print <<END
-<hr size='1'>
-END
-;
-
-print <<END
-<table width='100%'>
-<tr>
- <td> </td>
- <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
- <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'advproxy save and restart'}' /></td>
- <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'advproxy clear cache'}' /></td>
- <td> </td>
-</tr>
-
-</table>
-<br />
-<table width='100%'>
-<tr>
- <td><img src='/blob.gif' align='top' alt='*' />
- <font class='base'>$Lang::tr{'this field may be blank'}</font>
- </td>
- <td align='right'> </td>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-} else {
-
-# ===================================================================
-# NCSA user management
-# ===================================================================
-
-&Header::openbox('100%', 'left', "$Lang::tr{'advproxy NCSA auth'}");
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'advproxy NCSA user management'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'advproxy NCSA username'}:</td>
- <td width='25%'><input type='text' name='NCSA_USERNAME' value='$proxysettings{'NCSA_USERNAME'}' size='12'
-END
-;
- if ($proxysettings{'ACTION'} eq $Lang::tr{'edit'}) { print " readonly "; }
- print <<END
- /></td>
- <td width='25%' class='base'>$Lang::tr{'advproxy NCSA group'}:</td>
- <td class='base'>
- <select name='NCSA_GROUP'>
- <option value='standard' $selected{'NCSA_GROUP'}{'standard'}>$Lang::tr{'advproxy NCSA grp standard'}</option>
- <option value='extended' $selected{'NCSA_GROUP'}{'extended'}>$Lang::tr{'advproxy NCSA grp extended'}</option>
- <option value='disabled' $selected{'NCSA_GROUP'}{'disabled'}>$Lang::tr{'advproxy NCSA grp disabled'}</option>
- </select>
- </td>
-
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'advproxy NCSA password'}:</td>
- <td><input type='password' name='NCSA_PASS' value='$proxysettings{'NCSA_PASS'}' size='14' /></td>
- <td class='base'>$Lang::tr{'advproxy NCSA password confirm'}:</td>
- <td><input type='password' name='NCSA_PASS_CONFIRM' value='$proxysettings{'NCSA_PASS_CONFIRM'}' size='14' /></td>
-</tr>
-</table>
-<br>
-<table>
-<tr>
- <td> </td>
- <td><input type='submit' name='SUBMIT' value='$ncsa_buttontext' /></td>
- <td><input type='hidden' name='ACTION' value='$Lang::tr{'add'}' /></td>
- <td><input type='hidden' name='NCSA_MIN_PASS_LEN' value='$proxysettings{'NCSA_MIN_PASS_LEN'}'></td>
-END
-;
- if ($proxysettings{'ACTION'} eq $Lang::tr{'edit'}) {
- print "<td><input type='reset' name='ACTION' value='$Lang::tr{'advproxy reset'}' /></td>\n";
- }
-
-print <<END
- <td> </td>
- <td> </td>
- <td><input type='button' name='return2main' value='$Lang::tr{'advproxy back to main page'}' onClick='self.location.href="$ENV{'SCRIPT_NAME'}"'></td>
-</tr>
-</table>
-</form>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td><b>$Lang::tr{'advproxy NCSA user accounts'}:</b></td>
-</tr>
-</table>
-<table width='100%' align='center'>
-END
-;
-
-if (-e $extgrp)
-{
- open(FILE, $extgrp); @grouplist = <FILE>; close(FILE);
- foreach $user (@grouplist) { chomp($user); push(@userlist,$user.":extended"); }
-}
-if (-e $stdgrp)
-{
- open(FILE, $stdgrp); @grouplist = <FILE>; close(FILE);
- foreach $user (@grouplist) { chomp($user); push(@userlist,$user.":standard"); }
-}
-if (-e $disgrp)
-{
- open(FILE, $disgrp); @grouplist = <FILE>; close(FILE);
- foreach $user (@grouplist) { chomp($user); push(@userlist,$user.":disabled"); }
-}
-
-@userlist = sort(@userlist);
-
-# If the password file contains entries, print entries and action icons
-
-if ( $userdb ne "" ) {
- print <<END
- <tr>
- <td width='30%' class='boldbase' align='center'><b><i>$Lang::tr{'advproxy NCSA username'}</i></b></td>
- <td width='30%' class='boldbase' align='center'><b><i>$Lang::tr{'advproxy NCSA group membership'}</i></b></td>
- <td class='boldbase' colspan='2' align='center'> </td>
- </tr>
-END
-;
- $id = 0;
- foreach $line (@userlist)
- {
- $id++;
- chomp($line);
- @temp = split(/:/,$line);
- if($proxysettings{'ACTION'} eq $Lang::tr{'edit'} && $proxysettings{'ID'} eq $line) {
- print "<tr bgcolor='$Header::colouryellow'>\n"; }
- elsif ($id % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n"; }
- else {
- print "<tr bgcolor='$color{'color22'}'>\n"; }
-
- print <<END
- <td align='center'>$temp[0]</td>
- <td align='center'>
-END
-;
- if ($temp[1] eq 'standard') {
- print $Lang::tr{'advproxy NCSA grp standard'};
- } elsif ($temp[1] eq 'extended') {
- print $Lang::tr{'advproxy NCSA grp extended'};
- } elsif ($temp[1] eq 'disabled') {
- print $Lang::tr{'advproxy NCSA grp disabled'}; }
- print <<END
- </td>
- <td width='8%' align='center'>
- <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' />
- <input type='hidden' name='ID' value='$line' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
- </form>
- </td>
-
- <td width='8%' align='center'>
- <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
- <input type='hidden' name='ID' value='$temp[0]' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
- </form>
- </td>
- </tr>
-END
-;
- }
-
-print <<END
-</table>
-<br>
-<table>
-<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
-</tr>
-END
-;
-} else {
- print <<END
- <tr>
- <td><i>$Lang::tr{'advproxy NCSA no accounts'}</i></td>
- </tr>
-END
-;
-}
-
-print <<END
-</table>
-END
-;
-
-&Header::closebox();
-
-}
-
-# ===================================================================
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-# -------------------------------------------------------------------
-
-sub read_acls
-{
- if (-e "$acl_src_subnets") {
- open(FILE,"$acl_src_subnets");
- delete $proxysettings{'SRC_SUBNETS'};
- while (<FILE>) { $proxysettings{'SRC_SUBNETS'} .= $_ };
- close(FILE);
- }
- if (-e "$acl_src_banned_ip") {
- open(FILE,"$acl_src_banned_ip");
- delete $proxysettings{'SRC_BANNED_IP'};
- while (<FILE>) { $proxysettings{'SRC_BANNED_IP'} .= $_ };
- close(FILE);
- }
- if (-e "$acl_src_banned_mac") {
- open(FILE,"$acl_src_banned_mac");
- delete $proxysettings{'SRC_BANNED_MAC'};
- while (<FILE>) { $proxysettings{'SRC_BANNED_MAC'} .= $_ };
- close(FILE);
- }
- if (-e "$acl_src_unrestricted_ip") {
- open(FILE,"$acl_src_unrestricted_ip");
- delete $proxysettings{'SRC_UNRESTRICTED_IP'};
- while (<FILE>) { $proxysettings{'SRC_UNRESTRICTED_IP'} .= $_ };
- close(FILE);
- }
- if (-e "$acl_src_unrestricted_mac") {
- open(FILE,"$acl_src_unrestricted_mac");
- delete $proxysettings{'SRC_UNRESTRICTED_MAC'};
- while (<FILE>) { $proxysettings{'SRC_UNRESTRICTED_MAC'} .= $_ };
- close(FILE);
- }
- if (-e "$acl_dst_nocache") {
- open(FILE,"$acl_dst_nocache");
- delete $proxysettings{'DST_NOCACHE'};
- while (<FILE>) { $proxysettings{'DST_NOCACHE'} .= $_ };
- close(FILE);
- }
- if (-e "$acl_dst_noauth") {
- open(FILE,"$acl_dst_noauth");
- delete $proxysettings{'DST_NOAUTH'};
- while (<FILE>) { $proxysettings{'DST_NOAUTH'} .= $_ };
- close(FILE);
- }
- if (-e "$acl_ports_safe") {
- open(FILE,"$acl_ports_safe");
- delete $proxysettings{'PORTS_SAFE'};
- while (<FILE>) { $proxysettings{'PORTS_SAFE'} .= $_ };
- close(FILE);
- }
- if (-e "$acl_ports_ssl") {
- open(FILE,"$acl_ports_ssl");
- delete $proxysettings{'PORTS_SSL'};
- while (<FILE>) { $proxysettings{'PORTS_SSL'} .= $_ };
- close(FILE);
- }
- if (-e "$mimetypes") {
- open(FILE,"$mimetypes");
- delete $proxysettings{'MIME_TYPES'};
- while (<FILE>) { $proxysettings{'MIME_TYPES'} .= $_ };
- close(FILE);
- }
- if (-e "$ntlmdir/msntauth.allowusers") {
- open(FILE,"$ntlmdir/msntauth.allowusers");
- delete $proxysettings{'NTLM_ALLOW_USERS'};
- while (<FILE>) { $proxysettings{'NTLM_ALLOW_USERS'} .= $_ };
- close(FILE);
- }
- if (-e "$ntlmdir/msntauth.denyusers") {
- open(FILE,"$ntlmdir/msntauth.denyusers");
- delete $proxysettings{'NTLM_DENY_USERS'};
- while (<FILE>) { $proxysettings{'NTLM_DENY_USERS'} .= $_ };
- close(FILE);
- }
- if (-e "$raddir/radauth.allowusers") {
- open(FILE,"$raddir/radauth.allowusers");
- delete $proxysettings{'RADIUS_ALLOW_USERS'};
- while (<FILE>) { $proxysettings{'RADIUS_ALLOW_USERS'} .= $_ };
- close(FILE);
- }
- if (-e "$raddir/radauth.denyusers") {
- open(FILE,"$raddir/radauth.denyusers");
- delete $proxysettings{'RADIUS_DENY_USERS'};
- while (<FILE>) { $proxysettings{'RADIUS_DENY_USERS'} .= $_ };
- close(FILE);
- }
- if (-e "$identdir/identauth.allowusers") {
- open(FILE,"$identdir/identauth.allowusers");
- delete $proxysettings{'IDENT_ALLOW_USERS'};
- while (<FILE>) { $proxysettings{'IDENT_ALLOW_USERS'} .= $_ };
- close(FILE);
- }
- if (-e "$identdir/identauth.denyusers") {
- open(FILE,"$identdir/identauth.denyusers");
- delete $proxysettings{'IDENT_DENY_USERS'};
- while (<FILE>) { $proxysettings{'IDENT_DENY_USERS'} .= $_ };
- close(FILE);
- }
- if (-e "$identhosts") {
- open(FILE,"$identhosts");
- delete $proxysettings{'IDENT_HOSTS'};
- while (<FILE>) { $proxysettings{'IDENT_HOSTS'} .= $_ };
- close(FILE);
- }
- if (-e "$cre_groups") {
- open(FILE,"$cre_groups");
- delete $proxysettings{'CRE_GROUPS'};
- while (<FILE>) { $proxysettings{'CRE_GROUPS'} .= $_ };
- close(FILE);
- }
- if (-e "$cre_svhosts") {
- open(FILE,"$cre_svhosts");
- delete $proxysettings{'CRE_SVHOSTS'};
- while (<FILE>) { $proxysettings{'CRE_SVHOSTS'} .= $_ };
- close(FILE);
- }
-}
-
-# -------------------------------------------------------------------
-
-sub check_acls
-{
- @temp = split(/\n/,$proxysettings{'PORTS_SAFE'});
- undef $proxysettings{'PORTS_SAFE'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_)
- {
- $line = $_;
- if (/^[^#]+\s+#\sSquids\sport/) { s/(^[^#]+)(\s+#\sSquids\sport)/$proxysettings{'PROXY_PORT'}\2/; $line=$_; }
- s/#.*//g; s/\s+//g;
- if (/.*-.*-.*/) { $errormessage = $Lang::tr{'advproxy errmsg invalid destination port'}; }
- @templist = split(/-/);
- foreach (@templist) { unless (&General::validport($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid destination port'}; } }
- $proxysettings{'PORTS_SAFE'} .= $line."\n";
- }
- }
-
- @temp = split(/\n/,$proxysettings{'PORTS_SSL'});
- undef $proxysettings{'PORTS_SSL'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_)
- {
- $line = $_;
- s/#.*//g; s/\s+//g;
- if (/.*-.*-.*/) { $errormessage = $Lang::tr{'advproxy errmsg invalid destination port'}; }
- @templist = split(/-/);
- foreach (@templist) { unless (&General::validport($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid destination port'}; } }
- $proxysettings{'PORTS_SSL'} .= $line."\n";
- }
- }
-
- @temp = split(/\n/,$proxysettings{'DST_NOCACHE'});
- undef $proxysettings{'DST_NOCACHE'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_)
- {
- unless (/^\./) { $_ = '.'.$_; }
- $proxysettings{'DST_NOCACHE'} .= $_."\n";
- }
- }
-
- @temp = split(/\n/,$proxysettings{'SRC_SUBNETS'});
- undef $proxysettings{'SRC_SUBNETS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_)
- {
- unless (&General::validipandmask($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid ip or mask'}; }
- $proxysettings{'SRC_SUBNETS'} .= $_."\n";
- }
- }
-
- @temp = split(/\n/,$proxysettings{'SRC_BANNED_IP'});
- undef $proxysettings{'SRC_BANNED_IP'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_)
- {
- unless (&General::validipormask($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid ip or mask'}; }
- $proxysettings{'SRC_BANNED_IP'} .= $_."\n";
- }
- }
-
- @temp = split(/\n/,$proxysettings{'SRC_BANNED_MAC'});
- undef $proxysettings{'SRC_BANNED_MAC'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g; s/-/:/g;
- if ($_)
- {
- unless (&General::validmac($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid mac'}; }
- $proxysettings{'SRC_BANNED_MAC'} .= $_."\n";
- }
- }
-
- @temp = split(/\n/,$proxysettings{'SRC_UNRESTRICTED_IP'});
- undef $proxysettings{'SRC_UNRESTRICTED_IP'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_)
- {
- unless (&General::validipormask($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid ip or mask'}; }
- $proxysettings{'SRC_UNRESTRICTED_IP'} .= $_."\n";
- }
- }
-
- @temp = split(/\n/,$proxysettings{'SRC_UNRESTRICTED_MAC'});
- undef $proxysettings{'SRC_UNRESTRICTED_MAC'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g; s/-/:/g;
- if ($_)
- {
- unless (&General::validmac($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid mac'}; }
- $proxysettings{'SRC_UNRESTRICTED_MAC'} .= $_."\n";
- }
- }
-
- @temp = split(/\n/,$proxysettings{'DST_NOAUTH'});
- undef $proxysettings{'DST_NOAUTH'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_)
- {
- unless (/^\./) { $_ = '.'.$_; }
- $proxysettings{'DST_NOAUTH'} .= $_."\n";
- }
- }
-
- if (($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && ($proxysettings{'NTLM_USER_ACL'} eq 'positive'))
- {
- @temp = split(/\n/,$proxysettings{'NTLM_ALLOW_USERS'});
- undef $proxysettings{'NTLM_ALLOW_USERS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $proxysettings{'NTLM_ALLOW_USERS'} .= $_."\n"; }
- }
- if ($proxysettings{'NTLM_ALLOW_USERS'} eq '') { $errormessage = $Lang::tr{'advproxy errmsg acl cannot be empty'}; }
- }
-
- if (($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && ($proxysettings{'NTLM_USER_ACL'} eq 'negative'))
- {
- @temp = split(/\n/,$proxysettings{'NTLM_DENY_USERS'});
- undef $proxysettings{'NTLM_DENY_USERS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $proxysettings{'NTLM_DENY_USERS'} .= $_."\n"; }
- }
- if ($proxysettings{'NTLM_DENY_USERS'} eq '') { $errormessage = $Lang::tr{'advproxy errmsg acl cannot be empty'}; }
- }
-
- if (($proxysettings{'IDENT_ENABLE_ACL'} eq 'on') && ($proxysettings{'IDENT_USER_ACL'} eq 'positive'))
- {
- @temp = split(/\n/,$proxysettings{'IDENT_ALLOW_USERS'});
- undef $proxysettings{'IDENT_ALLOW_USERS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $proxysettings{'IDENT_ALLOW_USERS'} .= $_."\n"; }
- }
- if ($proxysettings{'IDENT_ALLOW_USERS'} eq '') { $errormessage = $Lang::tr{'advproxy errmsg acl cannot be empty'}; }
- }
-
- if (($proxysettings{'IDENT_ENABLE_ACL'} eq 'on') && ($proxysettings{'IDENT_USER_ACL'} eq 'negative'))
- {
- @temp = split(/\n/,$proxysettings{'IDENT_DENY_USERS'});
- undef $proxysettings{'IDENT_DENY_USERS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $proxysettings{'IDENT_DENY_USERS'} .= $_."\n"; }
- }
- if ($proxysettings{'IDENT_DENY_USERS'} eq '') { $errormessage = $Lang::tr{'advproxy errmsg acl cannot be empty'}; }
- }
-
- if (($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') && ($proxysettings{'RADIUS_USER_ACL'} eq 'positive'))
- {
- @temp = split(/\n/,$proxysettings{'RADIUS_ALLOW_USERS'});
- undef $proxysettings{'RADIUS_ALLOW_USERS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $proxysettings{'RADIUS_ALLOW_USERS'} .= $_."\n"; }
- }
- if ($proxysettings{'RADIUS_ALLOW_USERS'} eq '') { $errormessage = $Lang::tr{'advproxy errmsg acl cannot be empty'}; }
- }
-
- if (($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') && ($proxysettings{'RADIUS_USER_ACL'} eq 'negative'))
- {
- @temp = split(/\n/,$proxysettings{'RADIUS_DENY_USERS'});
- undef $proxysettings{'RADIUS_DENY_USERS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $proxysettings{'RADIUS_DENY_USERS'} .= $_."\n"; }
- }
- if ($proxysettings{'RADIUS_DENY_USERS'} eq '') { $errormessage = $Lang::tr{'advproxy errmsg acl cannot be empty'}; }
- }
-
- @temp = split(/\n/,$proxysettings{'IDENT_HOSTS'});
- undef $proxysettings{'IDENT_HOSTS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_)
- {
- unless (&General::validipormask($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid ip or mask'}; }
- $proxysettings{'IDENT_HOSTS'} .= $_."\n";
- }
- }
-
- @temp = split(/\n/,$proxysettings{'CRE_SVHOSTS'});
- undef $proxysettings{'CRE_SVHOSTS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_)
- {
- unless (&General::validipormask($_)) { $errormessage = $Lang::tr{'advproxy errmsg invalid ip or mask'}; }
- $proxysettings{'CRE_SVHOSTS'} .= $_."\n";
- }
- }
-}
-
-# -------------------------------------------------------------------
-
-sub write_acls
-{
- open(FILE, ">$acl_src_subnets");
- flock(FILE, 2);
- if (!$proxysettings{'SRC_SUBNETS'})
- {
- print FILE "$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}\n";
- if ($netsettings{'BLUE_DEV'})
- {
- print FILE "$netsettings{'BLUE_NETADDRESS'}\/$netsettings{'BLUE_NETMASK'}\n";
- }
- } else { print FILE $proxysettings{'SRC_SUBNETS'}; }
- close(FILE);
-
- open(FILE, ">$acl_src_banned_ip");
- flock(FILE, 2);
- print FILE $proxysettings{'SRC_BANNED_IP'};
- close(FILE);
-
- open(FILE, ">$acl_src_banned_mac");
- flock(FILE, 2);
- print FILE $proxysettings{'SRC_BANNED_MAC'};
- close(FILE);
-
- open(FILE, ">$acl_src_unrestricted_ip");
- flock(FILE, 2);
- print FILE $proxysettings{'SRC_UNRESTRICTED_IP'};
- close(FILE);
-
- open(FILE, ">$acl_src_unrestricted_mac");
- flock(FILE, 2);
- print FILE $proxysettings{'SRC_UNRESTRICTED_MAC'};
- close(FILE);
-
- open(FILE, ">$acl_dst_nocache");
- flock(FILE, 2);
- print FILE $proxysettings{'DST_NOCACHE'};
- close(FILE);
-
- open(FILE, ">$acl_dst_noauth");
- flock(FILE, 2);
- print FILE $proxysettings{'DST_NOAUTH'};
- close(FILE);
-
- open(FILE, ">$acl_ports_safe");
- flock(FILE, 2);
- if (!$proxysettings{'PORTS_SAFE'}) { print FILE $def_ports_safe; } else { print FILE $proxysettings{'PORTS_SAFE'}; }
- close(FILE);
-
- open(FILE, ">$acl_ports_ssl");
- flock(FILE, 2);
- if (!$proxysettings{'PORTS_SSL'}) { print FILE $def_ports_ssl; } else { print FILE $proxysettings{'PORTS_SSL'}; }
- close(FILE);
-
- open(FILE, ">$acl_dst_throttle");
- flock(FILE, 2);
- if ($proxysettings{'THROTTLE_BINARY'} eq 'on')
- {
- @temp = split(/\|/,$throttle_binary);
- foreach (@temp) { print FILE "\\.$_\$\n"; }
- }
- if ($proxysettings{'THROTTLE_DSKIMG'} eq 'on')
- {
- @temp = split(/\|/,$throttle_dskimg);
- foreach (@temp) { print FILE "\\.$_\$\n"; }
- }
- if ($proxysettings{'THROTTLE_MMEDIA'} eq 'on')
- {
- @temp = split(/\|/,$throttle_mmedia);
- foreach (@temp) { print FILE "\\.$_\$\n"; }
- }
- if (-s $throttled_urls)
- {
- open(URLFILE, $throttled_urls);
- @temp = <URLFILE>;
- close(URLFILE);
- foreach (@temp) { print FILE; }
- }
- close(FILE);
-
- open(FILE, ">$mimetypes");
- flock(FILE, 2);
- print FILE $proxysettings{'MIME_TYPES'};
- close(FILE);
-
- open(FILE, ">$ntlmdir/msntauth.allowusers");
- flock(FILE, 2);
- print FILE $proxysettings{'NTLM_ALLOW_USERS'};
- close(FILE);
-
- open(FILE, ">$ntlmdir/msntauth.denyusers");
- flock(FILE, 2);
- print FILE $proxysettings{'NTLM_DENY_USERS'};
- close(FILE);
-
- open(FILE, ">$raddir/radauth.allowusers");
- flock(FILE, 2);
- print FILE $proxysettings{'RADIUS_ALLOW_USERS'};
- close(FILE);
-
- open(FILE, ">$raddir/radauth.denyusers");
- flock(FILE, 2);
- print FILE $proxysettings{'RADIUS_DENY_USERS'};
- close(FILE);
-
- open(FILE, ">$identdir/identauth.allowusers");
- flock(FILE, 2);
- print FILE $proxysettings{'IDENT_ALLOW_USERS'};
- close(FILE);
-
- open(FILE, ">$identdir/identauth.denyusers");
- flock(FILE, 2);
- print FILE $proxysettings{'IDENT_DENY_USERS'};
- close(FILE);
-
- open(FILE, ">$identhosts");
- flock(FILE, 2);
- print FILE $proxysettings{'IDENT_HOSTS'};
- close(FILE);
-
- open(FILE, ">$cre_groups");
- flock(FILE, 2);
- print FILE $proxysettings{'CRE_GROUPS'};
- close(FILE);
-
- open(FILE, ">$cre_svhosts");
- flock(FILE, 2);
- print FILE $proxysettings{'CRE_SVHOSTS'};
- close(FILE);
-}
-
-# -------------------------------------------------------------------
-
-sub writepacfile
-{
- open(FILE, ">/srv/web/ipfire/html/proxy.pac");
- flock(FILE, 2);
- print FILE "function FindProxyForURL(url, host)\n";
- print FILE "{\n";
- if (($proxysettings{'ENABLE'} eq 'on') || ($proxysettings{'ENABLE_BLUE'} eq 'on'))
- {
- print FILE <<END
-if (
- (isPlainHostName(host)) ||
- (dnsDomainIs(host, ".$mainsettings{'DOMAINNAME'}")) ||
- (isInNet(host, "10.0.0.0", "255.0.0.0")) ||
- (isInNet(host, "172.16.0.0", "255.240.0.0")) ||
- (isInNet(host, "169.254.0.0", "255.255.0.0")) ||
- (isInNet(host, "192.168.0.0", "255.255.0.0"))
- )
- return "DIRECT";
-
- else
-
-END
-;
- if ($proxysettings{'ENABLE'} eq 'on')
- {
- print FILE "if (\n";
- print FILE " (isInNet(myIpAddress(), \"$netsettings{'GREEN_NETADDRESS'}\", \"$netsettings{'GREEN_NETMASK'}\"))";
-
- undef @templist;
- if (-e "$acl_src_subnets") {
- open(SUBNETS,"$acl_src_subnets");
- @templist = <SUBNETS>;
- close(SUBNETS);
- }
-
- foreach (@templist)
- {
- @temp = split(/\//);
- if (
- ($temp[0] ne $netsettings{'GREEN_NETADDRESS'}) && ($temp[1] ne $netsettings{'GREEN_NETMASK'}) &&
- ($temp[0] ne $netsettings{'BLUE_NETADDRESS'}) && ($temp[1] ne $netsettings{'BLUE_NETMASK'})
- )
- {
- chomp $temp[1];
- print FILE " ||\n (isInNet(myIpAddress(), \"$temp[0]\", \"$temp[1]\"))";
- }
- }
-
- print FILE "\n";
-
- print FILE <<END
-
-
- )
- return "PROXY $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}";
-END
-;
- }
- if (($proxysettings{'ENABLE'} eq 'on') && ($proxysettings{'ENABLE_BLUE'} eq 'on') && ($netsettings{'BLUE_DEV'}))
- {
- print FILE "\n else\n\n";
- }
- if (($netsettings{'BLUE_DEV'}) && ($proxysettings{'ENABLE_BLUE'} eq 'on'))
- {
- print FILE <<END
-if (
- (isInNet(myIpAddress(), "$netsettings{'BLUE_NETADDRESS'}", "$netsettings{'BLUE_NETMASK'}"))
- )
- return "PROXY $netsettings{'BLUE_ADDRESS'}:$proxysettings{'PROXY_PORT'}";
-END
-;
- }
- }
- print FILE "}\n";
- close(FILE);
-}
-
-# -------------------------------------------------------------------
-
-sub writeconfig
-{
- my $authrealm;
- my $delaypools;
-
- if ($proxysettings{'THROTTLING_GREEN_TOTAL'} +
- $proxysettings{'THROTTLING_GREEN_HOST'} +
- $proxysettings{'THROTTLING_BLUE_TOTAL'} +
- $proxysettings{'THROTTLING_BLUE_HOST'} gt 0)
- {
- $delaypools = 1; } else { $delaypools = 0;
- }
-
- if ($proxysettings{'AUTH_REALM'} eq '')
- {
- $authrealm = "IPCop Advanced Proxy Server";
- } else {
- $authrealm = $proxysettings{'AUTH_REALM'};
- }
-
- $_ = $proxysettings{'UPSTREAM_PROXY'};
- my ($remotehost, $remoteport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
-
- if ($remoteport eq '') { $remoteport = 80; }
-
- open(FILE, ">${General::swroot}/proxy/squid.conf");
- flock(FILE, 2);
- print FILE <<END
-# Do not modify '${General::swroot}/proxy/squid.conf' directly since any changes
-# you make will be overwritten whenever you resave proxy settings using the
-# web interface!
-#
-# Instead, modify the file '$acl_include' and
-# then restart the proxy service using the web interface. Changes made to the
-# 'include.acl' file will propagate to the 'squid.conf' file at that time.
-
-shutdown_lifetime 5 seconds
-icp_port 0
-
-END
- ;
- print FILE "http_port $netsettings{'GREEN_ADDRESS'}:$proxysettings{'PROXY_PORT'}";
- if ($proxysettings{'TRANSPARENT'} eq 'on') { print FILE " transparent" }
- if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" }
- print FILE "\n";
-
- if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {
- print FILE "http_port $netsettings{'BLUE_ADDRESS'}:$proxysettings{'PROXY_PORT'}";
- if ($proxysettings{'TRANSPARENT_BLUE'} eq 'on') { print FILE " transparent" }
- if ($proxysettings{'NO_CONNECTION_AUTH'} eq 'on') { print FILE " no-connection-auth" }
- print FILE "\n";
- }
-
- print FILE <<END
-
-acl QUERY urlpath_regex cgi-bin \\?
-cache deny QUERY
-END
- ;
- if (!-z $acl_dst_nocache) {
- print FILE "acl no_cache_domains dstdomain \"$acl_dst_nocache\"\n";
- print FILE "cache deny no_cache_domains\n";
- }
-
- print FILE <<END
-
-cache_effective_user squid
-cache_effective_group squid
-umask 022
-
-pid_filename /var/run/squid.pid
-
-cache_mem $proxysettings{'CACHE_MEM'} MB
-cache_dir aufs /var/log/cache $proxysettings{'CACHE_SIZE'} $proxysettings{'L1_DIRS'} 256
-
-END
- ;
-
- if (($proxysettings{'ERR_DESIGN'} eq 'ipfire' ))
- {
- print FILE "error_directory $errordir.ipfire/$proxysettings{'ERR_LANGUAGE'}\n\n";
- } else {
- print FILE "error_directory $errordir/$proxysettings{'ERR_LANGUAGE'}\n\n";
- }
-
- if ($proxysettings{'OFFLINE_MODE'} eq 'on') { print FILE "offline_mode on\n\n"; }
-
- if ((!($proxysettings{'MEM_POLICY'} eq 'LRU')) || (!($proxysettings{'CACHE_POLICY'} eq 'LRU')))
- {
- if (!($proxysettings{'MEM_POLICY'} eq 'LRU'))
- {
- print FILE "memory_replacement_policy $proxysettings{'MEM_POLICY'}\n";
- }
- if (!($proxysettings{'CACHE_POLICY'} eq 'LRU'))
- {
- print FILE "cache_replacement_policy $proxysettings{'CACHE_POLICY'}\n";
- }
- print FILE "\n";
- }
-
- if ($proxysettings{'LOGGING'} eq 'on')
- {
- print FILE <<END
-access_log /var/log/squid/access.log
-cache_log /var/log/squid/cache.log
-cache_store_log none
-END
- ;
- if ($proxysettings{'LOGUSERAGENT'} eq 'on') { print FILE "useragent_log \/var\/log\/squid\/user_agent.log\n"; }
- if ($proxysettings{'LOGQUERY'} eq 'on') { print FILE "\nstrip_query_terms off\n"; }
- } else {
- print FILE <<END
-access_log /dev/null
-cache_log /dev/null
-cache_store_log none
-END
- ;}
- print FILE <<END
-
-log_mime_hdrs off
-END
- ;
-
- if ($proxysettings{'FORWARD_IPADDRESS'} eq 'on')
- {
- print FILE "forwarded_for on\n";
- } else {
- print FILE "forwarded_for off\n";
- }
- if ($proxysettings{'FORWARD_VIA'} eq 'on')
- {
- print FILE "via on\n";
- } else {
- print FILE "via off\n";
- }
- print FILE "\n";
-
- if ((!($proxysettings{'AUTH_METHOD'} eq 'none')) && (!($proxysettings{'AUTH_METHOD'} eq 'ident')))
- {
- if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
- {
- print FILE "auth_param basic program $authdir/ncsa_auth $userdb\n";
- print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
- print FILE "auth_param basic realm $authrealm\n";
- print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n";
- if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
- }
-
- if ($proxysettings{'AUTH_METHOD'} eq 'ldap')
- {
- print FILE "auth_param basic program $authdir/squid_ldap_auth -b \"$proxysettings{'LDAP_BASEDN'}\"";
- if (!($proxysettings{'LDAP_BINDDN_USER'} eq '')) { print FILE " -D \"$proxysettings{'LDAP_BINDDN_USER'}\""; }
- if (!($proxysettings{'LDAP_BINDDN_PASS'} eq '')) { print FILE " -w $proxysettings{'LDAP_BINDDN_PASS'}"; }
- if ($proxysettings{'LDAP_TYPE'} eq 'ADS')
- {
- if ($proxysettings{'LDAP_GROUP'} eq '')
- {
- print FILE " -f \"(\&(objectClass=person)(sAMAccountName=\%s))\"";
- } else {
- print FILE " -f \"(\&(\&(objectClass=person)(sAMAccountName=\%s))(memberOf=$proxysettings{'LDAP_GROUP'}))\"";
- }
- print FILE " -u sAMAccountName -P";
- }
- if ($proxysettings{'LDAP_TYPE'} eq 'NDS')
- {
- if ($proxysettings{'LDAP_GROUP'} eq '')
- {
- print FILE " -f \"(\&(objectClass=person)(cn=\%s))\"";
- } else {
- print FILE " -f \"(\&(\&(objectClass=person)(cn=\%s))(groupMembership=$proxysettings{'LDAP_GROUP'}))\"";
- }
- print FILE " -u cn -P";
- }
- if (($proxysettings{'LDAP_TYPE'} eq 'V2') || ($proxysettings{'LDAP_TYPE'} eq 'V3'))
- {
- if ($proxysettings{'LDAP_GROUP'} eq '')
- {
- print FILE " -f \"(\&(objectClass=person)(uid=\%s))\"";
- } else {
- print FILE " -f \"(\&(\&(objectClass=person)(uid=\%s))(memberOf=$proxysettings{'LDAP_GROUP'}))\"";
- }
- if ($proxysettings{'LDAP_TYPE'} eq 'V2') { print FILE " -v 2"; }
- if ($proxysettings{'LDAP_TYPE'} eq 'V3') { print FILE " -v 3"; }
- print FILE " -u uid -P";
- }
- print FILE " $proxysettings{'LDAP_SERVER'}:$proxysettings{'LDAP_PORT'}\n";
- print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
- print FILE "auth_param basic realm $authrealm\n";
- print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n";
- if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
- }
-
- if ($proxysettings{'AUTH_METHOD'} eq 'ntlm')
- {
- if ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on')
- {
- print FILE "auth_param ntlm program $authdir/ntlm_auth $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_PDC'}";
- if ($proxysettings{'NTLM_BDC'} eq '') { print FILE "\n"; } else { print FILE " $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_BDC'}\n"; }
- print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n";
- if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
- } else {
- print FILE "auth_param basic program $authdir/msnt_auth\n";
- print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
- print FILE "auth_param basic realm $authrealm\n";
- print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n";
- if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
-
- open(MSNTCONF, ">$ntlmdir/msntauth.conf");
- flock(MSNTCONF,2);
- print MSNTCONF "server $proxysettings{'NTLM_PDC'}";
- if ($proxysettings{'NTLM_BDC'} eq '') { print MSNTCONF " $proxysettings{'NTLM_PDC'}"; } else { print MSNTCONF " $proxysettings{'NTLM_BDC'}"; }
- print MSNTCONF " $proxysettings{'NTLM_DOMAIN'}\n";
- if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on')
- {
- if ($proxysettings{'NTLM_USER_ACL'} eq 'positive')
- {
- print MSNTCONF "allowusers $ntlmdir/msntauth.allowusers\n";
- } else {
- print MSNTCONF "denyusers $ntlmdir/msntauth.denyusers\n";
- }
- }
- close(MSNTCONF);
- }
- }
-
- if ($proxysettings{'AUTH_METHOD'} eq 'radius')
- {
- print FILE "auth_param basic program $authdir/squid_radius_auth -h $proxysettings{'RADIUS_SERVER'} -p $proxysettings{'RADIUS_PORT'} ";
- if (!($proxysettings{'RADIUS_IDENTIFIER'} eq '')) { print FILE "-i $proxysettings{'RADIUS_IDENTIFIER'} "; }
- print FILE "-w $proxysettings{'RADIUS_SECRET'}\n";
- print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n";
- print FILE "auth_param basic realm $authrealm\n";
- print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TTL'} minutes\n";
- if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthenticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; }
- }
-
- print FILE "\n";
- print FILE "acl for_inetusers proxy_auth REQUIRED\n";
- if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on'))
- {
- if ((!-z "$ntlmdir/msntauth.allowusers") && ($proxysettings{'NTLM_USER_ACL'} eq 'positive'))
- {
- print FILE "acl for_acl_users proxy_auth \"$ntlmdir/msntauth.allowusers\"\n";
- }
- if ((!-z "$ntlmdir/msntauth.denyusers") && ($proxysettings{'NTLM_USER_ACL'} eq 'negative'))
- {
- print FILE "acl for_acl_users proxy_auth \"$ntlmdir/msntauth.denyusers\"\n";
- }
- }
- if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on'))
- {
- if ((!-z "$raddir/radauth.allowusers") && ($proxysettings{'RADIUS_USER_ACL'} eq 'positive'))
- {
- print FILE "acl for_acl_users proxy_auth \"$raddir/radauth.allowusers\"\n";
- }
- if ((!-z "$raddir/radauth.denyusers") && ($proxysettings{'RADIUS_USER_ACL'} eq 'negative'))
- {
- print FILE "acl for_acl_users proxy_auth \"$raddir/radauth.denyusers\"\n";
- }
- }
- if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
- {
- print FILE "\n";
- if (!-z $extgrp) { print FILE "acl for_extended_users proxy_auth \"$extgrp\"\n"; }
- if (!-z $disgrp) { print FILE "acl for_disabled_users proxy_auth \"$disgrp\"\n"; }
- }
- if (!($proxysettings{'AUTH_MAX_USERIP'} eq '')) { print FILE "\nacl concurrent max_user_ip -s $proxysettings{'AUTH_MAX_USERIP'}\n"; }
- print FILE "\n";
-
- if (!-z $acl_dst_noauth) { print FILE "acl to_domains_without_auth dstdomain \"$acl_dst_noauth\"\n"; }
- print FILE "\n";
- }
-
- if ($proxysettings{'AUTH_METHOD'} eq 'ident')
- {
- if ($proxysettings{'IDENT_REQUIRED'} eq 'on')
- {
- print FILE "acl for_inetusers ident REQUIRED\n";
- }
- if ($proxysettings{'IDENT_ENABLE_ACL'} eq 'on')
- {
- if ((!-z "$identdir/identauth.allowusers") && ($proxysettings{'IDENT_USER_ACL'} eq 'positive'))
- {
- print FILE "acl for_acl_users ident_regex -i \"$identdir/identauth.allowusers\"\n\n";
- }
- if ((!-z "$identdir/identauth.denyusers") && ($proxysettings{'IDENT_USER_ACL'} eq 'negative'))
- {
- print FILE "acl for_acl_users ident_regex -i \"$identdir/identauth.denyusers\"\n\n";
- }
- }
- if (!-z $acl_dst_noauth) { print FILE "acl to_domains_without_auth dstdomain \"$acl_dst_noauth\"\n"; }
- print FILE "\n";
- }
-
- if (($delaypools) && (!-z $acl_dst_throttle)) { print FILE "acl for_throttled_urls url_regex -i \"$acl_dst_throttle\"\n\n"; }
-
- if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE "acl with_allowed_useragents browser $browser_regexp\n\n"; }
-
- print FILE "acl within_timeframe time ";
- if ($proxysettings{'TIME_MON'} eq 'on') { print FILE "M"; }
- if ($proxysettings{'TIME_TUE'} eq 'on') { print FILE "T"; }
- if ($proxysettings{'TIME_WED'} eq 'on') { print FILE "W"; }
- if ($proxysettings{'TIME_THU'} eq 'on') { print FILE "H"; }
- if ($proxysettings{'TIME_FRI'} eq 'on') { print FILE "F"; }
- if ($proxysettings{'TIME_SAT'} eq 'on') { print FILE "A"; }
- if ($proxysettings{'TIME_SUN'} eq 'on') { print FILE "S"; }
- print FILE " $proxysettings{'TIME_FROM_HOUR'}:";
- print FILE "$proxysettings{'TIME_FROM_MINUTE'}-";
- print FILE "$proxysettings{'TIME_TO_HOUR'}:";
- print FILE "$proxysettings{'TIME_TO_MINUTE'}\n\n";
-
- if ((!-z $mimetypes) && ($proxysettings{'ENABLE_MIME_FILTER'} eq 'on')) {
- print FILE "acl blocked_mimetypes rep_mime_type \"$mimetypes\"\n\n";
- }
-
- print FILE <<END
-acl all src 0.0.0.0/0.0.0.0
-acl localhost src 127.0.0.1/255.255.255.255
-END
-;
-open (PORTS,"$acl_ports_ssl");
-@temp = <PORTS>;
-close PORTS;
-if (@temp)
-{
- foreach (@temp) { print FILE "acl SSL_ports port $_"; }
-}
-open (PORTS,"$acl_ports_safe");
-@temp = <PORTS>;
-close PORTS;
-if (@temp)
-{
- foreach (@temp) { print FILE "acl Safe_ports port $_"; }
-}
- print FILE <<END
-
-acl IPCop_http port $http_port
-acl IPCop_https port $https_port
-acl IPCop_ips dst $netsettings{'GREEN_ADDRESS'}
-acl IPCop_networks src "$acl_src_subnets"
-acl IPCop_servers dst "$acl_src_subnets"
-acl IPCop_green_network src $netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}
-acl IPCop_green_servers dst $netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}
-END
- ;
- if ($netsettings{'BLUE_DEV'}) { print FILE "acl IPCop_blue_network src $netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}\n"; }
- if ($netsettings{'BLUE_DEV'}) { print FILE "acl IPCop_blue_servers dst $netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}\n"; }
- if (!-z $acl_src_banned_ip) { print FILE "acl IPCop_banned_ips src \"$acl_src_banned_ip\"\n"; }
- if (!-z $acl_src_banned_mac) { print FILE "acl IPCop_banned_mac arp \"$acl_src_banned_mac\"\n"; }
- if (!-z $acl_src_unrestricted_ip) { print FILE "acl IPCop_unrestricted_ips src \"$acl_src_unrestricted_ip\"\n"; }
- if (!-z $acl_src_unrestricted_mac) { print FILE "acl IPCop_unrestricted_mac arp \"$acl_src_unrestricted_mac\"\n"; }
- print FILE <<END
-acl CONNECT method CONNECT
-END
- ;
-
- if ($proxysettings{'CLASSROOM_EXT'} eq 'on') {
- print FILE <<END
-
-#Classroom extensions
-acl IPCop_no_access_ips src "$acl_src_noaccess_ip"
-acl IPCop_no_access_mac arp "$acl_src_noaccess_mac"
-END
- ;
- print FILE "deny_info ";
- if ((($proxysettings{'ERR_DESIGN'} eq 'ipfire') && (-e "$errordir.ipfire/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED")) ||
- (($proxysettings{'ERR_DESIGN'} eq 'squid') && (-e "$errordir/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED")))
- {
- print FILE "ERR_ACCESS_DISABLED";
- } else {
- print FILE "ERR_ACCESS_DENIED";
- }
- print FILE " IPCop_no_access_ips\n";
- print FILE "deny_info ";
- if ((($proxysettings{'ERR_DESIGN'} eq 'ipfire') && (-e "$errordir.ipfire/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED")) ||
- (($proxysettings{'ERR_DESIGN'} eq 'squid') && (-e "$errordir/$proxysettings{'ERR_LANGUAGE'}/ERR_ACCESS_DISABLED")))
- {
- print FILE "ERR_ACCESS_DISABLED";
- } else {
- print FILE "ERR_ACCESS_DENIED";
- }
- print FILE " IPCop_no_access_mac\n";
-
- print FILE <<END
-http_access deny IPCop_no_access_ips
-http_access deny IPCop_no_access_mac
-END
- ;
- }
-
- #Insert acl file and replace __VAR__ with correct values
- my $blue_net = ''; #BLUE empty by default
- my $blue_ip = '';
- if ($netsettings{'BLUE_DEV'} && $proxysettings{'ENABLE_BLUE'} eq 'on') {
- $blue_net = "$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";
- $blue_ip = "$netsettings{'BLUE_ADDRESS'}";
- }
- if (!-z $acl_include)
- {
- open (ACL, "$acl_include");
- print FILE "\n#Start of custom includes\n";
- while (<ACL>) {
- $_ =~ s/__GREEN_IP__/$netsettings{'GREEN_ADDRESS'}/;
- $_ =~ s/__GREEN_NET__/$netsettings{'GREEN_NETADDRESS'}\/$netsettings{'GREEN_NETMASK'}/;
- $_ =~ s/__BLUE_IP__/$blue_ip/;
- $_ =~ s/__BLUE_NET__/$blue_net/;
- $_ =~ s/__PROXY_PORT__/$proxysettings{'PROXY_PORT'}/;
- print FILE $_;
- }
- print FILE "#End of custom includes\n";
- close (ACL);
- }
- if ((!-z $extgrp) && ($proxysettings{'AUTH_METHOD'} eq 'ncsa') && ($proxysettings{'NCSA_BYPASS_REDIR'} eq 'on')) { print FILE "\nredirector_access deny for_extended_users\n"; }
- print FILE <<END
-
-#Access to squid:
-#local machine, no restriction
-http_access allow localhost
-
-#GUI admin if local machine connects
-http_access allow IPCop_ips IPCop_networks IPCop_http
-http_access allow CONNECT IPCop_ips IPCop_networks IPCop_https
-
-#Deny not web services
-http_access deny !Safe_ports
-http_access deny CONNECT !SSL_ports
-
-END
- ;
-
-if ($proxysettings{'AUTH_METHOD'} eq 'ident')
-{
-print FILE "#Set ident ACLs\n";
-if (!-z $identhosts)
- {
- print FILE "acl on_ident_aware_hosts src \"$identhosts\"\n";
- print FILE "ident_lookup_access allow on_ident_aware_hosts\n";
- print FILE "ident_lookup_access deny all\n";
- } else {
- print FILE "ident_lookup_access allow all\n";
- }
- print FILE "ident_timeout $proxysettings{'IDENT_TIMEOUT'} seconds\n\n";
-}
-
-if ($delaypools) {
- print FILE "#Set download throttling\n";
-
- if ($netsettings{'BLUE_DEV'})
- {
- print FILE "delay_pools 2\n";
- } else {
- print FILE "delay_pools 1\n";
- }
-
- print FILE "delay_class 1 3\n";
- if ($netsettings{'BLUE_DEV'}) { print FILE "delay_class 2 3\n"; }
-
- print FILE "delay_parameters 1 ";
- if ($proxysettings{'THROTTLING_GREEN_TOTAL'} eq 'unlimited')
- {
- print FILE "-1/-1";
- } else {
- print FILE $proxysettings{'THROTTLING_GREEN_TOTAL'} * 125;
- print FILE "/";
- print FILE $proxysettings{'THROTTLING_GREEN_TOTAL'} * 250;
- }
-
- print FILE " -1/-1 ";
- if ($proxysettings{'THROTTLING_GREEN_HOST'} eq 'unlimited')
- {
- print FILE "-1/-1";
- } else {
- print FILE $proxysettings{'THROTTLING_GREEN_HOST'} * 125;
- print FILE "/";
- print FILE $proxysettings{'THROTTLING_GREEN_HOST'} * 250;
- }
- print FILE "\n";
-
- if ($netsettings{'BLUE_DEV'})
- {
- print FILE "delay_parameters 2 ";
- if ($proxysettings{'THROTTLING_BLUE_TOTAL'} eq 'unlimited')
- {
- print FILE "-1/-1";
- } else {
- print FILE $proxysettings{'THROTTLING_BLUE_TOTAL'} * 125;
- print FILE "/";
- print FILE $proxysettings{'THROTTLING_BLUE_TOTAL'} * 250;
- }
- print FILE " -1/-1 ";
- if ($proxysettings{'THROTTLING_BLUE_HOST'} eq 'unlimited')
- {
- print FILE "-1/-1";
- } else {
- print FILE $proxysettings{'THROTTLING_BLUE_HOST'} * 125;
- print FILE "/";
- print FILE $proxysettings{'THROTTLING_BLUE_HOST'} * 250;
- }
- print FILE "\n";
- }
-
- print FILE "delay_access 1 deny IPCop_ips\n";
- if (!-z $acl_src_unrestricted_ip) { print FILE "delay_access 1 deny IPCop_unrestricted_ips\n"; }
- if (!-z $acl_src_unrestricted_mac) { print FILE "delay_access 1 deny IPCop_unrestricted_mac\n"; }
- if (($proxysettings{'AUTH_METHOD'} eq 'ncsa') && (!-z $extgrp)) { print FILE "delay_access 1 deny for_extended_users\n"; }
-
- if ($netsettings{'BLUE_DEV'})
- {
- print FILE "delay_access 1 allow IPCop_green_network";
- if (!-z $acl_dst_throttle) { print FILE " for_throttled_urls"; }
- print FILE "\n";
- print FILE "delay_access 1 deny all\n";
- } else {
- print FILE "delay_access 1 allow all";
- if (!-z $acl_dst_throttle) { print FILE " for_throttled_urls"; }
- print FILE "\n";
- }
-
- if ($netsettings{'BLUE_DEV'})
- {
- print FILE "delay_access 2 deny IPCop_ips\n";
- if (!-z $acl_src_unrestricted_ip) { print FILE "delay_access 2 deny IPCop_unrestricted_ips\n"; }
- if (!-z $acl_src_unrestricted_mac) { print FILE "delay_access 2 deny IPCop_unrestricted_mac\n"; }
- if (($proxysettings{'AUTH_METHOD'} eq 'ncsa') && (!-z $extgrp)) { print FILE "delay_access 2 deny for_extended_users\n"; }
- print FILE "delay_access 2 allow IPCop_blue_network";
- if (!-z $acl_dst_throttle) { print FILE " for_throttled_urls"; }
- print FILE "\n";
- print FILE "delay_access 2 deny all\n";
- }
-
- print FILE "delay_initial_bucket_level 100\n";
- print FILE "\n";
-}
-
-if ($proxysettings{'NO_PROXY_LOCAL'} eq 'on')
-{
- print FILE "#Prevent internal proxy access to Green\n";
- print FILE "http_access deny IPCop_green_servers !IPCop_green_network\n\n";
-}
-
-if ($proxysettings{'NO_PROXY_LOCAL_BLUE'} eq 'on')
-{
- print FILE "#Prevent internal proxy access from Blue\n";
- print FILE "http_access allow IPCop_blue_network IPCop_blue_servers\n";
- print FILE "http_access deny IPCop_blue_network IPCop_servers\n\n";
-}
-
- print FILE <<END
-#Set custom configured ACLs
-END
- ;
- if (!-z $acl_src_banned_ip) { print FILE "http_access deny IPCop_banned_ips\n"; }
- if (!-z $acl_src_banned_mac) { print FILE "http_access deny IPCop_banned_mac\n"; }
-
- if ((!-z $acl_dst_noauth) && (!($proxysettings{'AUTH_METHOD'} eq 'none')))
- {
- if (!-z $acl_src_unrestricted_ip)
- {
- print FILE "http_access allow IPCop_unrestricted_ips to_domains_without_auth\n";
- }
- if (!-z $acl_src_unrestricted_mac)
- {
- print FILE "http_access allow IPCop_unrestricted_mac to_domains_without_auth\n";
- }
- print FILE "http_access allow IPCop_networks";
- if ($proxysettings{'TIME_ACCESS_MODE'} eq 'deny') {
- print FILE " !within_timeframe";
- } else {
- print FILE " within_timeframe"; }
- if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; }
- print FILE " to_domains_without_auth\n";
- }
-
- if (($proxysettings{'AUTH_METHOD'} eq 'ident') && ($proxysettings{'IDENT_REQUIRED'} eq 'on') && ($proxysettings{'AUTH_ALWAYS_REQUIRED'} eq 'on'))
- {
- print FILE "http_access deny !for_inetusers";
- if (!-z $identhosts) { print FILE " on_ident_aware_hosts"; }
- print FILE "\n";
- }
-
- if (
- ($proxysettings{'AUTH_METHOD'} eq 'ident') &&
- ($proxysettings{'AUTH_ALWAYS_REQUIRED'} eq 'on') &&
- ($proxysettings{'IDENT_ENABLE_ACL'} eq 'on') &&
- ($proxysettings{'IDENT_USER_ACL'} eq 'negative') &&
- (!-z "$identdir/identauth.denyusers")
- )
- {
- print FILE "http_access deny for_acl_users";
- if (($proxysettings{'AUTH_METHOD'} eq 'ident') && (!-z "$identdir/hosts")) { print FILE " on_ident_aware_hosts"; }
- print FILE "\n";
- }
-
- if (!-z $acl_src_unrestricted_ip)
- {
- print FILE "http_access allow IPCop_unrestricted_ips";
- if ($proxysettings{'AUTH_ALWAYS_REQUIRED'} eq 'on')
- {
- if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
- {
- if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FILE " for_inetusers"; }
- }
- if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || ($proxysettings{'AUTH_METHOD'} eq 'radius'))
- {
- print FILE " for_inetusers";
- }
- if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on'))
- {
- if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on')
- {
- if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/msntauth.allowusers"))
- {
- print FILE " for_acl_users";
- }
- if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/msntauth.denyusers"))
- {
- print FILE " !for_acl_users";
- }
- } else { print FILE " for_inetusers"; }
- }
- if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on'))
- {
- if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')
- {
- if (($proxysettings{'RADIUS_USER_ACL'} eq 'positive') && (!-z "$raddir/radauth.allowusers"))
- {
- print FILE " for_acl_users";
- }
- if (($proxysettings{'RADIUS_USER_ACL'} eq 'negative') && (!-z "$raddir/radauth.denyusers"))
- {
- print FILE " !for_acl_users";
- }
- } else { print FILE " for_inetusers"; }
- }
- }
- print FILE "\n";
- }
-
- if (!-z $acl_src_unrestricted_mac)
- {
- print FILE "http_access allow IPCop_unrestricted_mac";
- if ($proxysettings{'AUTH_ALWAYS_REQUIRED'} eq 'on')
- {
- if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
- {
- if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FILE " for_inetusers"; }
- }
- if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || ($proxysettings{'AUTH_METHOD'} eq 'radius'))
- {
- print FILE " for_inetusers";
- }
- if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on'))
- {
- if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on')
- {
- if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/msntauth.allowusers"))
- {
- print FILE " for_acl_users";
- }
- if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/msntauth.denyusers"))
- {
- print FILE " !for_acl_users";
- }
- } else { print FILE " for_inetusers"; }
- }
- if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on'))
- {
- if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on')
- {
- if (($proxysettings{'RADIUS_USER_ACL'} eq 'positive') && (!-z "$raddir/radauth.allowusers"))
- {
- print FILE " for_acl_users";
- }
- if (($proxysettings{'RADIUS_USER_ACL'} eq 'negative') && (!-z "$raddir/radauth.denyusers"))
- {
- print FILE " !for_acl_users";
- }
- } else { print FILE " for_inetusers"; }
- }
- }
- print FILE "\n";
- }
-
- if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
- {
- if (!-z $disgrp) { print FILE "http_access deny for_disabled_users\n"; }
- if (!-z $extgrp) { print FILE "http_access allow IPCop_networks for_extended_users\n"; }
- }
-
- if (
- (
- ($proxysettings{'AUTH_METHOD'} eq 'ntlm') &&
- ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') &&
- ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') &&
- ($proxysettings{'NTLM_USER_ACL'} eq 'negative') &&
- (!-z "$ntlmdir/msntauth.denyusers")
- )
- ||
- (
- ($proxysettings{'AUTH_METHOD'} eq 'radius') &&
- ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') &&
- ($proxysettings{'RADIUS_USER_ACL'} eq 'negative') &&
- (!-z "$raddir/radauth.denyusers")
- )
- ||
- (
- ($proxysettings{'AUTH_METHOD'} eq 'ident') &&
- ($proxysettings{'AUTH_ALWAYS_REQUIRED'} eq 'off') &&
- ($proxysettings{'IDENT_ENABLE_ACL'} eq 'on') &&
- ($proxysettings{'IDENT_USER_ACL'} eq 'negative') &&
- (!-z "$identdir/identauth.denyusers")
- )
- )
- {
- print FILE "http_access deny for_acl_users";
- if (($proxysettings{'AUTH_METHOD'} eq 'ident') && (!-z "$identdir/hosts")) { print FILE " on_ident_aware_hosts"; }
- print FILE "\n";
- }
-
- if (($proxysettings{'AUTH_METHOD'} eq 'ident') && ($proxysettings{'IDENT_REQUIRED'} eq 'on') && (!-z "$identhosts"))
- {
- print FILE "http_access allow";
- if ($proxysettings{'TIME_ACCESS_MODE'} eq 'deny') {
- print FILE " !within_timeframe";
- } else {
- print FILE " within_timeframe"; }
- if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; }
- print FILE " !on_ident_aware_hosts\n";
- }
-
- print FILE "http_access allow IPCop_networks";
- if (
- (
- ($proxysettings{'AUTH_METHOD'} eq 'ntlm') &&
- ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') &&
- ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') &&
- ($proxysettings{'NTLM_USER_ACL'} eq 'positive') &&
- (!-z "$ntlmdir/msntauth.allowusers")
- )
- ||
- (
- ($proxysettings{'AUTH_METHOD'} eq 'radius') &&
- ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') &&
- ($proxysettings{'RADIUS_USER_ACL'} eq 'positive') &&
- (!-z "$raddir/radauth.allowusers")
- )
- ||
- (
- ($proxysettings{'AUTH_METHOD'} eq 'ident') &&
- ($proxysettings{'IDENT_REQUIRED'} eq 'on') &&
- ($proxysettings{'IDENT_ENABLE_ACL'} eq 'on') &&
- ($proxysettings{'IDENT_USER_ACL'} eq 'positive') &&
- (!-z "$identdir/identauth.allowusers")
- )
- )
- {
- print FILE " for_acl_users";
- } elsif (((!($proxysettings{'AUTH_METHOD'} eq 'none')) && (!($proxysettings{'AUTH_METHOD'} eq 'ident'))) ||
- (($proxysettings{'AUTH_METHOD'} eq 'ident') && ($proxysettings{'IDENT_REQUIRED'} eq 'on'))) {
- print FILE " for_inetusers";
- }
- if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && (!($proxysettings{'AUTH_METHOD'} eq 'none')) && (!($proxysettings{'AUTH_METHOD'} eq 'ident')))
- {
- print FILE " !concurrent";
- }
- if ($proxysettings{'TIME_ACCESS_MODE'} eq 'deny') {
- print FILE " !within_timeframe";
- } else {
- print FILE " within_timeframe"; }
- if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_allowed_useragents"; }
- print FILE "\n";
-
- print FILE "http_access deny all\n\n";
-
- if (($proxysettings{'FORWARD_IPADDRESS'} eq 'off') || ($proxysettings{'FORWARD_VIA'} eq 'off') ||
- (!($proxysettings{'FAKE_USERAGENT'} eq '')) || (!($proxysettings{'FAKE_REFERER'} eq '')))
- {
- print FILE "#Strip HTTP Header\n";
-
- if ($proxysettings{'FORWARD_IPADDRESS'} eq 'off')
- {
- print FILE "header_access X-Forwarded-For deny all\n";
- }
- if ($proxysettings{'FORWARD_VIA'} eq 'off')
- {
- print FILE "header_access Via deny all\n";
- }
- if (!($proxysettings{'FAKE_USERAGENT'} eq ''))
- {
- print FILE "header_access User-Agent deny all\n";
- }
- if (!($proxysettings{'FAKE_REFERER'} eq ''))
- {
- print FILE "header_access Referer deny all\n";
- }
-
- print FILE "\n";
-
- if ((!($proxysettings{'FAKE_USERAGENT'} eq '')) || (!($proxysettings{'FAKE_REFERER'} eq '')))
- {
- if (!($proxysettings{'FAKE_USERAGENT'} eq ''))
- {
- print FILE "header_replace User-Agent $proxysettings{'FAKE_USERAGENT'}\n";
- }
- if (!($proxysettings{'FAKE_REFERER'} eq ''))
- {
- print FILE "header_replace Referer $proxysettings{'FAKE_REFERER'}\n";
- }
- print FILE "\n";
- }
- }
-
- if ($proxysettings{'SUPPRESS_VERSION'} eq 'on') { print FILE "httpd_suppress_version_string on\n\n" }
-
- if ((!-z $mimetypes) && ($proxysettings{'ENABLE_MIME_FILTER'} eq 'on')) {
- if (!-z $acl_src_unrestricted_ip) { print FILE "http_reply_access allow IPCop_unrestricted_ips\n"; }
- if (!-z $acl_src_unrestricted_mac) { print FILE "http_reply_access allow IPCop_unrestricted_mac\n"; }
- if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
- {
- if (!-z $extgrp) { print FILE "http_reply_access allow for_extended_users\n"; }
- }
- print FILE "http_reply_access deny blocked_mimetypes\n";
- print FILE "http_reply_access allow all\n\n";
- }
-
- print FILE <<END
-maximum_object_size $proxysettings{'MAX_SIZE'} KB
-minimum_object_size $proxysettings{'MIN_SIZE'} KB
-
-request_body_max_size $proxysettings{'MAX_OUTGOING_SIZE'} KB
-END
- ;
- $replybodymaxsize = 1024 * $proxysettings{'MAX_INCOMING_SIZE'};
- if ($proxysettings{'MAX_INCOMING_SIZE'} > 0) {
- if (!-z $acl_src_unrestricted_ip) { print FILE "reply_body_max_size 0 allow IPCop_unrestricted_ips\n"; }
- if (!-z $acl_src_unrestricted_mac) { print FILE "reply_body_max_size 0 allow IPCop_unrestricted_mac\n"; }
- if ($proxysettings{'AUTH_METHOD'} eq 'ncsa')
- {
- if (!-z $extgrp) { print FILE "reply_body_max_size 0 allow for_extended_users\n"; }
- }
- }
- print FILE "reply_body_max_size $replybodymaxsize allow all\n\n";
-
- print FILE "visible_hostname";
- if ($proxysettings{'VISIBLE_HOSTNAME'} eq '')
- {
- print FILE " $mainsettings{'HOSTNAME'}.$mainsettings{'DOMAINNAME'}\n\n";
- } else {
- print FILE " $proxysettings{'VISIBLE_HOSTNAME'}\n\n";
- }
-
- if (!($proxysettings{'ADMIN_MAIL_ADDRESS'} eq '')) { print FILE "cache_mgr $proxysettings{'ADMIN_MAIL_ADDRESS'}\n\n"; }
-
- # Write the parent proxy info, if needed.
- if ($remotehost ne '')
- {
- print FILE "cache_peer $remotehost parent $remoteport 3130 default no-query";
-
- # Enter authentication for the parent cache. Option format is
- # login=user:password ($proxy1='YES')
- # login=PASS ($proxy1='PASS')
- # login=*:password ($proxysettings{'FORWARD_USERNAME'} eq 'on')
- if (($proxy1 eq 'YES') || ($proxy1 eq 'PASS'))
- {
- print FILE " login=$proxysettings{'UPSTREAM_USER'}";
- if ($proxy1 eq 'YES') { print FILE ":$proxysettings{'UPSTREAM_PASSWORD'}"; }
- }
- elsif ($proxysettings{'FORWARD_USERNAME'} eq 'on') { print FILE " login=*:password"; }
-
- print FILE "\nnever_direct allow all\n\n";
- }
- if (($proxysettings{'ENABLE_FILTER'} eq 'on') && ($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on'))
- {
- print FILE "url_rewrite_program /usr/sbin/redirect_wrapper\n";
- if ($filtersettings{'CHILDREN'} > $xlratorsettings{'CHILDREN'})
- {
- print FILE "url_rewrite_children $filtersettings{'CHILDREN'}\n\n";
- } else {
- print FILE "url_rewrite_children $xlratorsettings{'CHILDREN'}\n\n";
- }
- } else
- {
-
- if ($proxysettings{'ENABLE_FILTER'} eq 'on')
- {
- print FILE <<END
-url_rewrite_program /usr/bin/squidGuard
-url_rewrite_children $filtersettings{'CHILDREN'}
-
-END
- ;
- }
- if ($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on')
- {
- print FILE <<END
-url_rewrite_program /usr/sbin/updxlrator
-url_rewrite_children $xlratorsettings{'CHILDREN'}
-
-END
- ;
- }
- }
- close FILE;
-}
-
-# -------------------------------------------------------------------
-
-sub adduser
-{
- my ($str_user, $str_pass, $str_group) = @_;
- my @groupmembers=();
-
- if ($str_pass eq 'lEaVeAlOnE')
- {
- open(FILE, "$userdb");
- @groupmembers = <FILE>;
- close(FILE);
- foreach $line (@groupmembers) { if ($line =~ /^$str_user:/i) { $str_pass = substr($line,index($line,":")); } }
- &deluser($str_user);
- open(FILE, ">>$userdb");
- flock FILE,2;
- print FILE "$str_user$str_pass";
- close(FILE);
- } else {
- &deluser($str_user);
- system("/usr/bin/htpasswd -b $userdb $str_user $str_pass");
- }
-
- if ($str_group eq 'standard') { open(FILE, ">>$stdgrp");
- } elsif ($str_group eq 'extended') { open(FILE, ">>$extgrp");
- } elsif ($str_group eq 'disabled') { open(FILE, ">>$disgrp"); }
- flock FILE, 2;
- print FILE "$str_user\n";
- close(FILE);
-
- return;
-}
-
-# -------------------------------------------------------------------
-
-sub deluser
-{
- my ($str_user) = @_;
- my $groupfile='';
- my @groupmembers=();
- my @templist=();
-
- foreach $groupfile ($stdgrp, $extgrp, $disgrp)
- {
- undef @templist;
- open(FILE, "$groupfile");
- @groupmembers = <FILE>;
- close(FILE);
- foreach $line (@groupmembers) { if (!($line =~ /^$str_user$/i)) { push(@templist, $line); } }
- open(FILE, ">$groupfile");
- flock FILE, 2;
- print FILE @templist;
- close(FILE);
- }
-
- undef @templist;
- open(FILE, "$userdb");
- @groupmembers = <FILE>;
- close(FILE);
- foreach $line (@groupmembers) { if (!($line =~ /^$str_user:/i)) { push(@templist, $line); } }
- open(FILE, ">$userdb");
- flock FILE, 2;
- print FILE @templist;
- close(FILE);
-
- return;
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %cgiparams=();
-my %pppsettings=();
-my %netsettings=();
-my @graphs=();
-
-&Header::showhttpheaders();
-
-my $dir = "/srv/web/ipfire/html/sgraph";
-$cgiparams{'ACTION'} = '';
-&Header::getcgihash(\%cgiparams);
-my $sgraphdir = "/srv/web/ipfire/html/sgraph";
-
-&Header::openpage($Lang::tr{'proxy access graphs'}, 1, '');
-
-&Header::openbigbox('100%', 'left');
-
-&Header::openbox('100%', 'left', $Lang::tr{'proxy access graphs'} . ":" );
-
-if (open(IPACHTML, "$sgraphdir/index.html"))
-{
- my $skip = 1;
- while (<IPACHTML>)
- {
- $skip = 1 if /^<HR>$/;
- if ($skip)
- {
- $skip = 0 if /<H1>/;
- next;
- }
- s/<IMG SRC=([^"'>]+)>/<img src='\/sgraph\/$1' alt='Graph' \/>/;
- s/<HR>/<hr \/>/g;
- s/<BR>/<br \/>/g;
- s/<([^>]*)>/\L<$1>\E/g;
- s/(size|align|border|color)=([^'"> ]+)/$1='$2'/g;
- print;
- }
- close(IPACHTML);
-}
-else {
- print $Lang::tr{'no information available'}; }
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use RRDs;
-use strict;
-# enable only the following on debugging purpose
-# use warnings;
-# use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/graphs.pl";
-
-my %qossettings = ();
-my %checked = ();
-my %netsettings = ();
-my $message = '';
-my $errormessage = "";
-my $c = "";
-my $direntry = "";
-my $classentry = "";
-my $subclassentry = "";
-my $l7ruleentry = "";
-my $portruleentry = "";
-my $tosruleentry = "";
-my @tmp = ();
-my @classes = ();
-my @subclasses = ();
-my @l7rules = ();
-my @portrules = ();
-my @tosrules = ();
-my @tmpline = ();
-my @classline = ();
-my @subclassline = ();
-my @l7ruleline = ();
-my @portruleline = ();
-my @tosruleline = ();
-my @proto = ();
-my %selected= ();
-my @checked = ();
-my $classfile = "/var/ipfire/qos/classes";
-my $subclassfile = "/var/ipfire/qos/subclasses";
-my $level7file = "/var/ipfire/qos/level7config";
-my $portfile = "/var/ipfire/qos/portconfig";
-my $tosfile = "/var/ipfire/qos/tosconfig";
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-&Header::showhttpheaders();
-
-$qossettings{'ENABLED'} = 'off';
-$qossettings{'EDIT'} = 'no';
-$qossettings{'OUT_SPD'} = '';
-$qossettings{'INC_SPD'} = '';
-$qossettings{'DEF_OUT_SPD'} = '';
-$qossettings{'DEF_INC_SPD'} = '';
-$qossettings{'DEFCLASS_INC'} = '';
-$qossettings{'DEFCLASS_OUT'} = '';
-$qossettings{'ACK'} = '';
-$qossettings{'MTU'} = '1492';
-$qossettings{'SFQ_PERTUB'} = '10';
-$qossettings{'QLENGTH'} = '30';
-$qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`;
-$qossettings{'IMQ_DEV'} = 'imq0';
-$qossettings{'VALID'} = 'yes';
-### Values that have to be initialized
-$qossettings{'ACTION'} = '';
-$qossettings{'ACTIONDEF'} = '';
-$qossettings{'ACTIONBW'} = '';
-$qossettings{'RED_DEV_SEL'} = '';
-$qossettings{'IMQ_DEV_SEL'} = '';
-$qossettings{'PRIO'} = '';
-$qossettings{'SPD'} = '';
-$qossettings{'CLASS'} = '';
-$qossettings{'SCLASS'} = '';
-$qossettings{'QPORT'} = '';
-$qossettings{'DPORT'} = '';
-$qossettings{'QIP'} = '';
-$qossettings{'DIP'} = '';
-$qossettings{'PPROT'} = '';
-$qossettings{'L7PROT'} = '';
-$qossettings{'DEVICE'} = '';
-$qossettings{'MINBWDTH'} = '';
-$qossettings{'MAXBWDTH'} = '';
-$qossettings{'BURST'} = '';
-$qossettings{'CBURST'} = '';
-$qossettings{'DOCLASS'} = '';
-$qossettings{'DOSCLASS'} = '';
-$qossettings{'DOLEVEL7'} = '';
-$qossettings{'DOPORT'} = '';
-$qossettings{'CLASS'} = '';
-$qossettings{'CLASSPRFX'} = '';
-$qossettings{'DEV'} = '';
-$qossettings{'TOS'} = '';
-
-
-&General::readhash("${General::swroot}/qos/settings", \%qossettings);
-&Header::getcgihash(\%qossettings);
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-&Header::openpage('QoS', 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-############################################################################################################################
-############################################################################################################################
-
-if ($qossettings{'DOCLASS'} eq $Lang::tr{'save'})
-{
- &validclass();
- &validminbwdth();
- &validmaxbwdth();
- if ( $qossettings{'VALID'} eq 'yes' ) {
- open( FILE, ">> $classfile" ) or die "Unable to write $classfile";
- print FILE <<END
-$qossettings{'DEVICE'};$qossettings{'CLASS'};$qossettings{'PRIO'};$qossettings{'MINBWDTH'};$qossettings{'MAXBWDTH'};$qossettings{'BURST'};$qossettings{'CBURST'};$qossettings{'TOS'};$qossettings{'REMARK'};
-END
-;
- close FILE;
- } else {
- $qossettings{'ACTION'} = 'Parentklasse hinzufuegen';
- }
-}
-elsif ($qossettings{'DOCLASS'} eq 'Bearbeiten')
-{
- open( FILE, "< $classfile" ) or die "Unable to read $classfile";
- @classes = <FILE>;
- close FILE;
- open( FILE, "> $classfile" ) or die "Unable to write $classfile";
- foreach $classentry (sort @classes)
- {
- @classline = split( /\;/, $classentry );
- if ( $classline[1] ne $qossettings{'CLASS'} ) {
- print FILE $classentry;
- } else {
- $qossettings{'DEVICE'} = $classline[0];
- $qossettings{'PRIO'} = $classline[2];
- $qossettings{'MINBWDTH'} = $classline[3];
- $qossettings{'MAXBWDTH'} = $classline[4];
- $qossettings{'BURST'} = $classline[5];
- $qossettings{'CBURST'} = $classline[6];
- $qossettings{'TOS'} = $classline[7];
- $qossettings{'REMARK'} = $classline[8];
- $qossettings{'EDIT'} = 'yes';
- }
- }
- close FILE;
- &parentclass();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-elsif ($qossettings{'DOCLASS'} eq 'Loeschen')
-{
- open( FILE, "< $classfile" ) or die "Unable to read $classfile";
- @tmp = <FILE>;
- close FILE;
- open( FILE, "> $classfile" ) or die "Unable to write $classfile";
- foreach $classentry (sort @tmp)
- {
- @tmpline = split( /\;/, $classentry );
- if ( $tmpline[1] ne $qossettings{'CLASS'} )
- {
- print FILE $classentry;
- }
- }
- close FILE;
- open( FILE, "< $subclassfile" ) or die "Unable to read $classfile";
- @tmp = <FILE>;
- close FILE;
- open( FILE, "> $subclassfile" ) or die "Unable to write $classfile";
- foreach $subclassentry (sort @tmp)
- {
- @tmpline = split( /\;/, $subclassentry );
- if ( $tmpline[1] ne $qossettings{'CLASS'} )
- {
- print FILE $subclassentry;
- }
- }
- close FILE;
- $message = "$Lang::tr{'Class'} $qossettings{'CLASS'} $Lang::tr{'Class was deleted'}";
-}
-
-############################################################################################################################
-############################################################################################################################
-
-if ($qossettings{'DOSCLASS'} eq $Lang::tr{'save'})
-{
- &validsubclass();
- &validminbwdth();
- if ( $qossettings{'VALID'} eq 'yes' ) {
- open( FILE, ">> $subclassfile" ) or die "Unable to write $subclassfile";
- print FILE <<END
-$qossettings{'DEVICE'};$qossettings{'CLASS'};$qossettings{'SCLASS'};$qossettings{'PRIO'};$qossettings{'MINBWDTH'};$qossettings{'MAXBWDTH'};$qossettings{'BURST'};$qossettings{'CBURST'};$qossettings{'TOS'};
-END
-;
- close FILE;
- } else {
- $qossettings{'ACTION'} = 'Unterklasse hinzufuegen';
- }
-} elsif ($qossettings{'DOSCLASS'} eq 'Loeschen')
-{
- open( FILE, "< $subclassfile" ) or die "Unable to read $classfile";
- @tmp = <FILE>;
- close FILE;
- open( FILE, "> $subclassfile" ) or die "Unable to write $classfile";
- foreach $subclassentry (sort @tmp)
- {
- @tmpline = split( /\;/, $subclassentry );
- if ( $tmpline[2] ne $qossettings{'CLASS'} )
- {
- print FILE $subclassentry;
- }
- }
- close FILE;
- $message = "$Lang::tr{'Subclass'} $qossettings{'CLASS'} $Lang::tr{'was deleted'}.";
-}
-
-############################################################################################################################
-############################################################################################################################
-
-if ($qossettings{'DOLEVEL7'} eq $Lang::tr{'save'})
-{
- if ( $qossettings{'QIP'} ne '' ) {
- unless ( &General::validip($qossettings{'QIP'}) ) {
- $qossettings{'VALID'} = 'no';
- $message = "Die Quell-IP-Adresse ist ungueltig.";
- }
- }
- if ( $qossettings{'DIP'} ne '' ) {
- unless ( &General::validip($qossettings{'DIP'}) ) {
- $qossettings{'VALID'} = 'no';
- $message = "Die Ziel-IP-Adresse ist ungueltig.";
- }
- }
- if ($qossettings{'CLASS'} >= 100 && $qossettings{'CLASS'} < 121) {
- $qossettings{'DEVICE'} = $qossettings{'RED_DEV'};
- } elsif ($qossettings{'CLASS'} >= 1000 && $qossettings{'CLASS'} < 1021) {
- $qossettings{'DEVICE'} = $qossettings{'RED_DEV'};
- } elsif ($qossettings{'CLASS'} >= 200 && $qossettings{'CLASS'} < 221) {
- $qossettings{'DEVICE'} = $qossettings{'IMQ_DEV'};
- } elsif ($qossettings{'CLASS'} >= 2000 && $qossettings{'CLASS'} < 2021) {
- $qossettings{'DEVICE'} = $qossettings{'IMQ_DEV'};
- }
- if ( $qossettings{'VALID'} eq 'yes' ) {
- open( FILE, ">> $level7file" ) or die "Unable to write $level7file";
- print FILE <<END
-$qossettings{'CLASS'};$qossettings{'DEVICE'};$qossettings{'L7PROT'};$qossettings{'QIP'};$qossettings{'DIP'};
-END
-;
- close FILE;
- } else {
- $qossettings{'ACTION'} = 'Level7-Regel hinzufuegen';
- }
-} elsif ($qossettings{'DOLEVEL7'} eq 'Loeschen')
-{
- open( FILE, "< $level7file" ) or die "Unable to read $level7file";
- @l7rules = <FILE>;
- close FILE;
- system("rm $level7file");
- foreach $l7ruleentry (sort @l7rules)
- {
- @l7ruleline = split( /\;/, $l7ruleentry );
- if ( ($l7ruleline[0] eq $qossettings{'CLASS'}) && ($l7ruleline[2] eq $qossettings{'L7PROT'}))
- {$message = "Level7-Regel ($qossettings{'CLASS'} - $qossettings{'L7PROT'}) wurde geloescht.";}
- else
- { open( FILE, ">> $level7file" ) or die "Unable to read $level7file";
- print FILE $l7ruleentry;
- close FILE;
- }
- }
- open( FILE, "< $level7file" ) or system("touch $level7file");close FILE;
- } elsif ($qossettings{'DOLEVEL7'} eq 'Bearbeiten')
-{
- open( FILE, "< $level7file" ) or die "Unable to read $level7file";
- @l7rules = <FILE>;
- close FILE;
- system("rm $level7file");
- foreach $l7ruleentry (sort @l7rules)
- {
- @l7ruleline = split( /\;/, $l7ruleentry );
- if ( ($l7ruleline[0] eq $qossettings{'CLASS'}) && ($l7ruleline[2] eq $qossettings{'L7PROT'}))
- {$qossettings{'QIP'} = $l7ruleline[3];$qossettings{'DIP'} = $l7ruleline[4];}
- else {
- open( FILE, ">> $level7file" ) or die "Unable to write $level7file";
- print FILE $l7ruleentry;
- close FILE;
- }
- }
- &level7rule;
- open( FILE, "< $level7file" ) or system("touch $level7file");close FILE;
- }
-
-############################################################################################################################
-############################################################################################################################
-
-if ($qossettings{'DOPORT'} eq $Lang::tr{'save'})
-{
- if ( $qossettings{'QIP'} ne '' ) {
- unless ( &General::validip($qossettings{'QIP'}) ) {
- $qossettings{'VALID'} = 'no';
- $message = "Die Quell-IP-Adresse ist ungueltig.";
- }
- }
- if ( $qossettings{'DIP'} ne '' ) {
- unless ( &General::validip($qossettings{'DIP'}) ) {
- $qossettings{'VALID'} = 'no';
- $message = "Die Ziel-IP-Adresse ist ungueltig.";
- }
- }
- if ($qossettings{'CLASS'} >= 100 && $qossettings{'CLASS'} < 121) {
- $qossettings{'DEVICE'} = $qossettings{'RED_DEV'};
- } elsif ($qossettings{'CLASS'} >= 1000 && $qossettings{'CLASS'} < 1021) {
- $qossettings{'DEVICE'} = $qossettings{'RED_DEV'};
- } elsif ($qossettings{'CLASS'} >= 200 && $qossettings{'CLASS'} < 221) {
- $qossettings{'DEVICE'} = $qossettings{'IMQ_DEV'};
- } elsif ($qossettings{'CLASS'} >= 2000 && $qossettings{'CLASS'} < 2021) {
- $qossettings{'DEVICE'} = $qossettings{'IMQ_DEV'};
- }
- if ( $qossettings{'VALID'} eq 'yes' ) {
- open( FILE, ">> $portfile" ) or die "Unable to write $portfile";
- print FILE <<END
-$qossettings{'CLASS'};$qossettings{'DEVICE'};$qossettings{'PPROT'};$qossettings{'QIP'};$qossettings{'QPORT'};$qossettings{'DIP'};$qossettings{'DPORT'};
-END
-;
- close FILE;
- } else {
- $qossettings{'ACTION'} = 'Port-Regel hinzufuegen';
- }
-} elsif ($qossettings{'DOPORT'} eq 'Loeschen')
-{
- open( FILE, "< $portfile" ) or die "Unable to read $portfile";
- @portrules = <FILE>;
- close FILE;
- open( FILE, "> $portfile" ) or die "Unable to read $portfile";
- foreach $portruleentry (sort @portrules)
- {
- @portruleline = split( /\;/, $portruleentry );
- unless ( ($portruleline[0] eq $qossettings{'CLASS'}) && ($portruleline[2] eq $qossettings{'PPROT'}) && ($portruleline[3] eq $qossettings{'QIP'}) && ($portruleline[4] eq $qossettings{'QPORT'}) && ($portruleline[5] eq $qossettings{'DIP'}) && ($portruleline[6] eq $qossettings{'DPORT'}))
- {
- print FILE $portruleentry;
- }
- }
- close FILE;
- $message = "$Lang::tr{'Port Rule'} ($qossettings{'CLASS'} - $qossettings{'PPROT'}) $Lang::tr{'was deleted'}.";
-} elsif ($qossettings{'DOPORT'} eq 'Bearbeiten')
-{
- open( FILE, "< $portfile" ) or die "Unable to read $portfile";
- @portrules = <FILE>;
- close FILE;
- system("rm $portfile");
- foreach $portruleentry (sort @portrules)
- {
- @portruleline = split( /\;/, $portruleentry );
- if ( ($portruleline[0] eq $qossettings{'CLASS'}) && ($portruleline[2] eq $qossettings{'PPROT'}) && ($portruleline[3] eq $qossettings{'QIP'}) && ($portruleline[4] eq $qossettings{'QPORT'}) && ($portruleline[5] eq $qossettings{'DIP'}) && ($portruleline[6] eq $qossettings{'DPORT'}))
- {$qossettings{'CLASS'}=$portruleline[0];$qossettings{'PPROT'}=$portruleline[2];$qossettings{'QIP'}=$portruleline[3];$qossettings{'QPORT'}=$portruleline[4];$qossettings{'DIP'}=$portruleline[5];$qossettings{'DPORT'}=$portruleline[6];}
- else {
- open( FILE, ">> $portfile" ) or die "Unable to write $portfile";
- print FILE $portruleentry;
- close FILE;
- }
- }
- &portrule;
- open( FILE, "< $portfile" ) or system("touch $portfile");close FILE;
- }
-
-############################################################################################################################
-############################################################################################################################
-
-if ($qossettings{'DOTOS'} eq $Lang::tr{'save'})
-{
- if ($qossettings{'CLASS'} >= 100 && $qossettings{'CLASS'} < 121) {
- $qossettings{'DEVICE'} = $qossettings{'RED_DEV'};
- } elsif ($qossettings{'CLASS'} >= 1000 && $qossettings{'CLASS'} < 1021) {
- $qossettings{'DEVICE'} = $qossettings{'RED_DEV'};
- } elsif ($qossettings{'CLASS'} >= 200 && $qossettings{'CLASS'} < 221) {
- $qossettings{'DEVICE'} = $qossettings{'IMQ_DEV'};
- } elsif ($qossettings{'CLASS'} >= 2000 && $qossettings{'CLASS'} < 2021) {
- $qossettings{'DEVICE'} = $qossettings{'IMQ_DEV'};
- }
- open( FILE, ">> $tosfile" ) or die "Unable to write $tosfile";
- print FILE <<END
-$qossettings{'CLASS'};$qossettings{'DEVICE'};$qossettings{'TOS'};
-END
-;
- close FILE;
-}
-elsif ($qossettings{'DOTOS'} eq 'Loeschen')
-{
- open( FILE, "< $tosfile" ) or die "Unable to read $tosfile";
- @tosrules = <FILE>;
- close FILE;
- open( FILE, "> $tosfile" ) or die "Unable to read $tosfile";
- foreach $tosruleentry (sort @tosrules)
- {
- @tosruleline = split( /\;/, $tosruleentry );
- unless ( ($tosruleline[0] eq $qossettings{'CLASS'}) && ($tosruleline[2] eq $qossettings{'TOS'}))
- {
- print FILE $tosruleentry;
- }
- }
- close FILE;
- $message = "$Lang::tr{'TOS Rule'} ($qossettings{'CLASS'} - $qossettings{'TOS'}) $Lang::tr{'was deleted'}.";
-} elsif ($qossettings{'DOTOS'} eq 'Bearbeiten')
-{
- open( FILE, "< $tosfile" ) or die "Unable to read $tosfile";
- @tosrules = <FILE>;
- close FILE;
- open( FILE, "> $tosfile" ) or die "Unable to write $tosfile";
- foreach $tosruleentry (sort @tosrules)
- {
- @tosruleline = split( /\;/, $tosruleentry );
- if (( $tosruleline[0] eq $qossettings{'CLASS'} ) && ( $tosruleline[2] eq $qossettings{'TOS'} )) {
- $qossettings{'DEVICE'} = $tosruleline[1];
- $qossettings{'CLASS'} = $tosruleline[0];
- $qossettings{'TOS'} = $tosruleline[2];
- $qossettings{'EDIT'} = 'yes';
- } else {
- print FILE $tosruleentry;
- }
- }
- close FILE;
- &tosrule();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-
-############################################################################################################################
-############################################################################################################################
-
-if ($qossettings{'ACTION'} eq 'Start')
-{
- system("/usr/local/bin/qosctrl generate >/dev/null 2>&1");
- system("/usr/bin/touch /var/ipfire/qos/enable");
- system("/usr/local/bin/qosctrl start >/dev/null 2>&1");
- system("logger -t ipfire 'QoS started'");
- $qossettings{'ENABLED'} = 'on';
- &General::writehash("${General::swroot}/qos/settings", \%qossettings);
-}
-elsif ($qossettings{'ACTION'} eq 'Stop')
-{
- system("/usr/local/bin/qosctrl stop >/dev/null 2>&1");
- unlink "/var/ipfire/qos/bin/qos.sh";
- unlink "/var/ipfire/qos/enable";
- system("logger -t ipfire 'QoS stopped'");
- $qossettings{'ENABLED'} = 'off';
- &General::writehash("${General::swroot}/qos/settings", \%qossettings);
-}
-elsif ($qossettings{'ACTION'} eq 'Neustart')
-{
- if ($qossettings{'ENABLED'} eq 'on'){
- system("/usr/local/bin/qosctrl stop >/dev/null 2>&1");
- system("/usr/local/bin/qosctrl generate >/dev/null 2>&1");
- system("/usr/local/bin/qosctrl start >/dev/null 2>&1");
- system("logger -t ipfire 'QoS restarted'");
- }
-}
-elsif ($qossettings{'ACTION'} eq $Lang::tr{'save'})
-{
- if ($qossettings{'DEF_INC_SPD'} eq '') {
- $qossettings{'DEF_INC_SPD'} = int($qossettings{'INC_SPD'} * 0.9);
- }
- if ($qossettings{'DEF_OUT_SPD'} eq '') {
- $qossettings{'DEF_OUT_SPD'} = int($qossettings{'OUT_SPD'} * 0.9);
- }
- &General::writehash("${General::swroot}/qos/settings", \%qossettings);
-}
-elsif ($qossettings{'ACTION'} eq $Lang::tr{'template'} )
-{
- my @UP;
- #print "UP<br />";
- for(my $i = 1; $i <= 10; $i++) {
- $UP[$i] = int($qossettings{'OUT_SPD'} / $i );
- #print $i."=".$UP[$i]." ";
- }
- my @DOWN;
- #print "<br /><br />Down<br />";
- for(my $i = 1; $i <= 20; $i++) {
- $DOWN[$i] = int($qossettings{'INC_SPD'} / $i);
- #print $i."=".$DOWN[$i]." ";
- }
- open( FILE, "> $classfile" ) or die "Unable to write $classfile";
- print FILE <<END
-imq0;200;1;$DOWN[10];$DOWN[1];;;8;VoIP;
-imq0;203;4;$DOWN[20];$DOWN[1];;;0;VPN;
-imq0;204;5;$DOWN[20];$DOWN[1];;;8;Webtraffic;
-imq0;210;6;1;$DOWN[1];;;0;Standardklasse;
-imq0;220;7;1;$DOWN[1];;;1;P2P;
-$qossettings{'RED_DEV'};101;1;$UP[2];$UP[1];;;8;ACKs oder so;
-$qossettings{'RED_DEV'};102;2;$UP[3];$UP[1];;;8;VoIP;
-$qossettings{'RED_DEV'};104;5;$UP[10];$UP[1];;;8;Webtraffic;
-$qossettings{'RED_DEV'};110;6;1;$UP[1];;;0;Standardklasse;
-$qossettings{'RED_DEV'};120;7;1;$UP[1];;;1;P2P;
-$qossettings{'RED_DEV'};103;4;$UP[2];$UP[1];;;2;VPN;
-END
-;
- close FILE;
- open( FILE, "> $level7file" ) or die "Unable to write $level7file";
- print FILE <<END
-102;$qossettings{'RED_DEV'};dns;;;
-102;$qossettings{'RED_DEV'};sip;;;
-102;$qossettings{'RED_DEV'};skypetoskype;;;
-103;$qossettings{'RED_DEV'};ssh;;;
-103;$qossettings{'RED_DEV'};rdp;;;
-104;$qossettings{'RED_DEV'};http;;;
-104;$qossettings{'RED_DEV'};ssl;;;
-104;$qossettings{'RED_DEV'};pop3;;;
-110;$qossettings{'RED_DEV'};ftp;;;
-120;$qossettings{'RED_DEV'};applejuice;;;
-120;$qossettings{'RED_DEV'};bittorrent;;;
-200;imq0;skypetoskype;;;
-203;imq0;ssh;;;
-203;imq0;rdp;;;
-204;imq0;http;;;
-204;imq0;pop3;;;
-204;imq0;ssl;;;
-220;imq0;applejuice;;;
-220;imq0;bittorrent;;;
-210;imq0;ftp;;;
-END
-;
- close FILE;
- open( FILE, "> $portfile" ) or die "Unable to write $portfile";
- print FILE <<END
-101;$qossettings{'RED_DEV'};icmp;;;;;
-102;$qossettings{'RED_DEV'};tcp;;;;53;
-102;$qossettings{'RED_DEV'};udp;;;;53;
-103;$qossettings{'RED_DEV'};esp;;;;;
-103;$qossettings{'RED_DEV'};tcp;;;;1194;
-103;$qossettings{'RED_DEV'};udp;;4500;;4500;
-103;$qossettings{'RED_DEV'};udp;;500;;500;
-104;$qossettings{'RED_DEV'};tcp;;;;80;
-200;imq0;icmp;;;;;
-203;imq0;esp;;;;;
-203;imq0;tcp;;;;1194;
-203;imq0;udp;;4500;;4500;
-203;imq0;udp;;500;;500;
-204;imq0;tcp;;;;80;
-END
-;
- close FILE;
- if ($qossettings{'DEF_INC_SPD'} eq '') {
- $qossettings{'DEF_INC_SPD'} = int($qossettings{'INC_SPD'} * 0.9);
- }
- if ($qossettings{'DEF_OUT_SPD'} eq '') {
- $qossettings{'DEF_OUT_SPD'} = int($qossettings{'OUT_SPD'} * 0.9);
- }
- $qossettings{'DEFCLASS_INC'} = "210";
- $qossettings{'DEFCLASS_OUT'} = "110";
- $qossettings{'ACK'} ="101";
- &General::writehash("${General::swroot}/qos/settings", \%qossettings);
-
-}
-elsif ($qossettings{'ACTION'} eq 'Statusinformationen')
-{
- &Header::openbox('100%', 'left', 'QoS Status');
- if ($qossettings{'ENABLED'} eq 'on'){
- my $output = "";
- $output = `/usr/local/bin/qosctrl status`;
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- } else { print "$Lang::tr{'QoS not enabled'}"; }
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-elsif ($qossettings{'ACTION'} eq 'Parentklasse hinzufuegen')
-{
- &parentclass();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-elsif ($qossettings{'ACTION'} eq 'Unterklasse hinzufuegen')
-{
- &subclass();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-elsif ($qossettings{'ACTION'} eq 'Regel hinzufuegen')
-{
- &Header::openbox('100%', 'center', $Lang::tr{'Add Rule'});
- print <<END
- <table>
- <tr><td align='center'>$Lang::tr{'Choose Rule'}
- <tr><td align='center'>
- <input type="button" onClick="swapVisibility('l7rule')" value='Level7-Regel' />
- <input type="button" onClick="swapVisibility('portrule')" value='Port-Regel' />
- <input type="button" onClick="swapVisibility('tosrule')" value='TOS-Regel' />
- </table>
-END
-;
- &Header::closebox();
- print <<END
- <div id='l7rule' style='display: none'>
-END
-;
- &level7rule();
- print <<END
- </div>
- <div id='portrule' style='display: none'>
-END
-;
- &portrule();
- print <<END
- </div>
- <div id='tosrule' style='display: none'>
-END
-;
- &tosrule();
- print <<END
- </div>
-END
-;
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-elsif ($qossettings{'ACTION'} eq 'Erweiterte Einstellungen')
-{
- &expert();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-if ($qossettings{'ACTIONBW'} eq 'Andern')
-{
- &changebandwidth();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-if ($qossettings{'ACTIONDEF'} eq 'Andern')
-{
- &changedefclasses();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-
-&General::readhash("${General::swroot}/qos/settings", \%qossettings);
-
-my $status = $Lang::tr{'stopped'};
-my $statuscolor = '#993333';
-if ( $qossettings{'ENABLED'} eq 'on' ) {
- $status = $Lang::tr{'running'};
- $statuscolor = '#339933';
-}
-
-if ( $netsettings{'RED_TYPE'} ne 'PPPOE' ) {
- $qossettings{'RED_DEV'} = $netsettings{'RED_DEV'};
-}
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
-}
-
-############################################################################################################################
-############################################################################################################################
-
-&Header::openbox('100%', 'center', 'Quality of Service');
-
-print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
-END
-;
- if ( $message ne "" ) {
- print "<tr><td colspan='2' align='center'><font color='red'>$message</font>";
- }
- print <<END
- <tr><td width='50%' align='left'><b>Quality of Service:</b>
- <td width='50%' align='center' bgcolor='$statuscolor'><font color='white'>$status</font>
- <tr><td width='100%' align='center' colspan='2'>
- <input type='submit' name='ACTION' value="Start" />
- <input type='submit' name='ACTION' value="Stop" />
- <input type='submit' name='ACTION' value="$Lang::tr{'restart'}" /></table></form>
-END
-;
- if (($qossettings{'OUT_SPD'} ne '') && ($qossettings{'INC_SPD'} ne '')) {
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
- <tr><td colspan='3'>
- <tr><td width='50%' align='right'>$Lang::tr{'downlink speed'}: <td width='30%' align='left'>$qossettings{'INC_SPD'}
- <td width='20%' rowspan='2' align='center' valign='middle'><input type='submit' name='ACTIONBW' value='Andern' />
- <tr><td width='50%' align='right'>$Lang::tr{'uplink speed'}: <td width='30%' align='left'>$qossettings{'OUT_SPD'}
- </table></form>
-END
-;
- }
- if (($qossettings{'DEFCLASS_OUT'} ne '') && ($qossettings{'DEFCLASS_INC'} ne '')&& ($qossettings{'ACK'} ne '')) {
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
- <tr><td colspan='3'><hr />
- <tr><td width='50%' align='right'>$Lang::tr{'downlink std class'}: <td width='30%' align='left'>$qossettings{'DEFCLASS_INC'}
- <td width='20%' rowspan='3' align='center' valign='middle'><input type='submit' name='ACTIONDEF' value='Andern' />
- <tr><td width='50%' align='right'>$Lang::tr{'uplink std class'}: <td width='30%' align='left'>$qossettings{'DEFCLASS_OUT'}
- <tr><td width='50%' align='right'>ACKs: <td width='30%' align='left'>$qossettings{'ACK'}
- <tr><td colspan='3' width='100%'><hr />
- <tr><td colspan='3' width='100%' align='center'>
- </table>
- </form>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table border='0' cellpadding='0' cellspacing='0'>
- <tr><td><input type='submit' name='ACTION' value='Parentklasse hinzufuegen' />
- <td><input type='submit' name='ACTION' value='Erweiterte Einstellungen' />
- <td><input type='submit' name='ACTION' value='Statusinformationen' />
- </tr></table>
- </form>
-END
-;
- }
-&Header::closebox();
-
-if ( ($qossettings{'OUT_SPD'} eq '') || ($qossettings{'INC_SPD'} eq '') ) {
- &changebandwidth();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-
-if ( ($qossettings{'DEFCLASS_INC'} eq '') || ($qossettings{'DEFCLASS_OUT'} eq '') || ($qossettings{'ACK'} eq '') ) {
- &changedefclasses();
- &Header::closebigbox();
- &Header::closepage();
- exit
-}
-
-&Header::openbox('100%', 'center', $Lang::tr{'info'});
-&Graphs::overviewgraph("3240",$qossettings{'RED_DEV'});
-&Graphs::overviewgraph("3240",$qossettings{'IMQ_DEV'});
-print <<END
- <table>
- <tr><td colspan='9' align='center' valign='middle'><img alt="" src='/images/addblue.gif' /> $Lang::tr{'add subclass'} | <img alt="" src='/images/addgreen.gif' /> $Lang::tr{'Add Rule'} | <img alt="" src='/images/edit.gif' /> $Lang::tr{'edit'} | <img alt="" src='/images/delete.gif' /> $Lang::tr{'delete'}
- <tr><td colspan='9' align='right' valign='middle'><b>$Lang::tr{'TOS Bits'}:</b> <b>0</b> - $Lang::tr{'disabled'} | <b>8</b> - $Lang::tr{'min delay'} | <b>4</b> - $Lang::tr{'max throughput'} | <b>2</b> - $Lang::tr{'max reliability'} | <b>1</b> - $Lang::tr{'min costs'}
-END
-;
-if (( -e "/srv/web/ipfire/html/graphs/qos-graph-$qossettings{'RED_DEV'}-3240.png") && ( -e "/srv/web/ipfire/html/graphs/qos-graph-$qossettings{'IMQ_DEV'}-3240.png")) {
- print <<END
- <tr><td colspan='9' align='center'><a href='/cgi-bin/qosgraph.cgi?graph=$qossettings{'RED_DEV'}'><img alt="" src="/graphs/qos-graph-$qossettings{'RED_DEV'}-3240.png" border='0' /></a></td></tr>
- <tr><td colspan='9' align='center'><a href='/cgi-bin/qosgraph.cgi?graph=$qossettings{'IMQ_DEV'}'><img alt="" src="/graphs/qos-graph-$qossettings{'IMQ_DEV'}-3240.png" border='0' /></a></td></tr>
-END
-;}
-else
-{
-print "\t</table><br />".$Lang::tr{'no information available'};
-}
-print "\t</table>";
-
-&Header::closebox();
-
-&showclasses($qossettings{'RED_DEV'});
-&showclasses($qossettings{'IMQ_DEV'});
-
-&Header::closebigbox();
-&Header::closepage();
-
-############################################################################################################################
-############################################################################################################################
-
-sub changedefclasses {
- &Header::openbox('100%', 'center', $Lang::tr{'std classes'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
- <tr><td width='100%' colspan='3'>$Lang::tr{'no filter pass'}
- <tr><td width='33%' align='right'>Download:<td width='33%' align='left'><select name='DEFCLASS_INC'>
-END
-;
- for ( $c = 200 ; $c <= 220 ; $c++ )
- {
- if ( $qossettings{'DEFCLASS_INC'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- print <<END
- </select><td width='33%' align='center'>
- <tr><td width='33%' align='right'>Upload:<td width='33%' align='left'><select name='DEFCLASS_OUT'>
-END
-;
- for ( $c = 100 ; $c <= 120 ; $c++ )
- {
- if ( $qossettings{'DEFCLASS_OUT'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- print <<END
- </select><td width='33%' align='center'>
- </table>
- <hr />
- <table width='66%'>
- <tr><td width='100%' colspan='3'>$Lang::tr{'enter ack class'}
- <tr><td width='33%' align='right'>ACKs:<td width='33%' align='left'><select name='ACK'>
-END
-;
- for ( $c = 100 ; $c <= 120 ; $c++ )
- {
- if ( $qossettings{'ACK'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- print <<END
- </select><td width='33%' align='center'><input type='submit' name='ACTION' value="$Lang::tr{'save'}" />
- </table>
- </form>
-END
-;
- &Header::closebox();
-}
-
-sub changebandwidth {
- &Header::openbox('100%', 'center', $Lang::tr{'bandwithsettings'});
- if ($qossettings{'ENABLED'} eq 'on') {
- print "$Lang::tr{'bandwitherror'}";
- print "<a href='/cgi-bin/qos.cgi'>$Lang::tr{'back'}</a>";
- } else {
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='DEF_OUT_SPD' value='' /><input type='hidden' name='DEF_INC_SPD' value='' />
- <table width='66%'>
- <tr><td width='100%' colspan='3'>$Lang::tr{'down and up speed'}</td></tr>
- <tr><td width='50%' align='right'>$Lang::tr{'downlink speed'}:</td>
- <td width='30%' align='left'><input type='text' name='INC_SPD' maxlength='8' value="$qossettings{'INC_SPD'}" /></td>
- <td width='20%' align='center' rowspan='2'><input type='submit' name='ACTION' value="$Lang::tr{'template'}" /><br /><input type='submit' name='ACTION' value="$Lang::tr{'save'}" /><br /><input type='reset' name='ACTION' value="$Lang::tr{'reset'}" /></td></tr>
- <tr><td width='50%' align='right'>$Lang::tr{'uplink speed'}:</td>
- <td width='30%' align='left'><input type='text' name='OUT_SPD' maxlength='8' value="$qossettings{'OUT_SPD'}" /></td></tr>
- </table>
- </form>
- <font color='red'>$Lang::tr{'template warning'}</font>
-END
-;
- }
- &Header::closebox();
-}
-
-sub parentclass {
- &Header::openbox('100%', 'center', $Lang::tr{'parentclass'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
-END
-;
- if ( $message ne "" ) {
- print "<tr><td colspan='3' align='center'>$message";
- }
- if ( $qossettings{'EDIT'} eq 'yes' ) {
- print "<input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' />";
- print "<input type='hidden' name='DEVICE' value='$qossettings{'DEVICE'}' />";
- }
- print <<END
- <tr><td width='100%' colspan='3'>$Lang::tr{'enter data'}
- <tr><td width='33%' align='right'>$Lang::tr{'interface'}:
- <td width='33%' align='left'>
-END
-;
- if ( $qossettings{'EDIT'} eq 'yes' ) {
- print "<select name='DEVICE' disabled>";
- } else {
- print "<select name='DEVICE'>";
- }
- if ( $qossettings{'DEVICE'} eq $qossettings{'RED_DEV'} ) {
- $qossettings{'RED_DEV_SEL'} = 'selected';
- } elsif ( $qossettings{'DEVICE'} eq $qossettings{'IMQ_DEV'} ) {
- $qossettings{'IMQ_DEV_SEL'} = 'selected';
- }
- print <<END
- <option value='$qossettings{'RED_DEV'}' $qossettings{'RED_DEV_SEL'}>$qossettings{'RED_DEV'}</option>
- <option value='$qossettings{'IMQ_DEV'}' $qossettings{'IMQ_DEV_SEL'}>$qossettings{'IMQ_DEV'}</option></select>
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'Class'}:<td width='33%' align='left'>
-END
-;
- if ( $qossettings{'EDIT'} eq 'yes' ) {
- print "<select name='CLASS' disabled>";
- } else {
- print "<select name='CLASS'>";
- }
- for ( $c = 100 ; $c <= 120 ; $c++ )
- {
- if ( $qossettings{'CLASS'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- for ( $c = 200 ; $c <= 220 ; $c++ )
- {
- if ( $qossettings{'CLASS'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- print <<END
- </select>
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'priority'}:<td width='33%' align='left'><select name='PRIO'>
-END
-;
- for ( $c = 1 ; $c <= 7 ; $c++ )
- {
- if ( $qossettings{'PRIO'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- if ($qossettings{'MINBWDTH'} eq "") { $qossettings{'MINBWDTH'} = "1"; }
- print <<END
- </select>
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'guaranteed bandwith'}:
- <td width='33%' align='left'><input type='text' size='20' name='MINBWDTH' maxlength='8' required='1' value="$qossettings{'MINBWDTH'}" />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'max bandwith'}:
- <td width='33%' align='left'><input type='text' size='20' name='MAXBWDTH' maxlength='8' required='1' value="$qossettings{'MAXBWDTH'}" />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>Burst:
- <td width='33%' align='left'><input type='text' size='20' name='BURST' maxlength='8' value="$qossettings{'BURST'}" />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>Ceilburst:
- <td width='33%' align='left'><input type='text' size='20' name='CBURST' maxlength='8' value="$qossettings{'CBURST'}" />
- <td width='33%' align='center'>
-END
-;
- $selected{'TOS'}{$qossettings{'TOS'}} = "selected='selected'";
-print <<END
- <tr><td width='33%' align='right'>TOS-Bit:
- <td width='33%' align='left'><select name='TOS'>
- <option value='0' $selected{'TOS'}{'0'}>$Lang::tr{'disabled'} (0)</option>
- <option value='8' $selected{'TOS'}{'8'}>$Lang::tr{'min delay'} (8)</option>
- <option value='4' $selected{'TOS'}{'4'}>$Lang::tr{'max throughput'} (4)</option>
- <option value='2' $selected{'TOS'}{'2'}>$Lang::tr{'max reliability'} (2)</option>
- <option value='1' $selected{'TOS'}{'1'}>$Lang::tr{'min costs'} (1)</option></select>
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'remark'}:
- <td width='66%' colspan='2' align='left'><input type='text' name='REMARK' size='40' maxlength='40' value="$qossettings{'REMARK'}" /> <img alt="" alt='blob' src='/blob.gif' />
- <tr><td width='33%' align='right'>
- <td width='33%' align='left'>
- <td width='33%' align='center'><input type='submit' name='DOCLASS' value='$Lang::tr{'save'}' /> <input type='reset' value='$Lang::tr{'reset'}' />
- </table></form>
-END
-;
- &Header::closebox();
-}
-
-sub subclass {
- &Header::openbox('100%', 'center', $Lang::tr{'Subclass'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
-END
-;
- if ( $message ne "" ) {
- print "<tr><td colspan='3' align='center'>$message";
- }
- print <<END
- <tr><td colspan='3' width='100%'>$Lang::tr{'current class'}: $qossettings{'CLASS'}
- <tr><td width='100%' colspan='3'>$Lang::tr{'enter data'}
- <tr><td width='33%' align='right'>$Lang::tr{'Subclass'}:<td width='33%' align='left'><select name='SCLASS'>
-END
-;
- if ($qossettings{'CLASS'} >= 100 && $qossettings{'CLASS'} < 121) {
- $qossettings{'DEVICE'} = $qossettings{'RED_DEV'};
- for ( $c = 1000 ; $c <= 1020 ; $c++ )
- {
- if ( $qossettings{'SCLASS'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- } elsif ($qossettings{'CLASS'} >= 200 && $qossettings{'CLASS'} < 221) {
- $qossettings{'DEVICE'} = $qossettings{'IMQ_DEV'};
- for ( $c = 2000 ; $c <= 2020 ; $c++ )
- {
- if ( $qossettings{'SCLASS'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- }
- print <<END
- </select>
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'priority'}:<td width='33%' align='left'><select name='PRIO'>
-END
-;
- for ( $c = 1 ; $c <= 7 ; $c++ )
- {
- if ( $qossettings{'PRIO'} ne $c )
- { print "<option value='$c'>$c</option>\n"; }
- else { print "<option selected value='$c'>$c</option>\n"; }
- }
- print <<END
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'guaranteed bandwith'}:
- <td width='33%' align='left'><input type='text' name='MINBWDTH' maxlength='8' required='1' value="$qossettings{'MINBWDTH'}" />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'max bandwith'}:
- <td width='33%' align='left'><input type='text' name='MAXBWDTH' maxlength='8' required='1' value="$qossettings{'MAXBWDTH'}" />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>Burst:
- <td width='33%' align='left'><input type='text' name='BURST' maxlength='8' value="$qossettings{'BURST'}" />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>Ceilburst:
- <td width='33%' align='left'><input type='text' name='CBURST' maxlength='8' value="$qossettings{'CBURST'}" />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>TOS-Bit:
- <td width='33%' align='left'><select name='TOS'>
- <option value='0'>$Lang::tr{'disabled'} (0)</option>
- <option value='8'>$Lang::tr{'min delay'} (8)</option>
- <option value='4'>$Lang::tr{'max throughput'} (4)</option>
- <option value='2'>$Lang::tr{'max reliability'} (2)</option>
- <option value='1'>$Lang::tr{'min costs'} (1)</option></select>
- <td width='33%' align='center'><input type='hidden' name='CLASS' value="$qossettings{'CLASS'}" />
- <input type='hidden' name='DEVICE' value="$qossettings{'DEVICE'}" />
- <input type='submit' name='DOSCLASS' value='$Lang::tr{'save'}' /> <input type='reset' value='$Lang::tr{'reset'}' />
- </table></form>
-END
-;
- &Header::closebox();
-}
-
-sub level7rule {
- &Header::openbox('100%', 'center', $Lang::tr{'Level7 Rule'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
-END
-;
- if ( $message ne "" ) {
- print "<tr><td colspan='3' align='center'><font color='red'>$message</font>";
- }
- print <<END
- <tr><td colspan='3' width='100%'>$Lang::tr{'current class'}: $qossettings{'CLASS'}
- <tr><td width='100%' colspan='3'>$Lang::tr{'enter data'}
- <tr><td width='33%' align='right'>$Lang::tr{'protocol'}:
- <td width='33%' align='left'><select name='L7PROT'>
-END
-;
- opendir( DIR, "/etc/l7-protocols/protocols" );
- foreach $direntry ( sort readdir(DIR) )
- {
- next if $direntry eq ".";
- next if $direntry eq "..";
- next if -d "/etc/l7-protocols/protocols/$direntry";
- @proto = split( /\./, $direntry );
- if ( $proto[0] eq $qossettings{'L7PROT'} ) {
- print "<option value='$proto[0]' selected>$proto[0]</option>\n";
- } else {
- print "<option value='$proto[0]'>$proto[0]</option>\n";
- }
- }
- closedir DIR;
- print <<END
- </select><td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'source ip'}:
- <td width='33%' align='left'><input type='text' name='QIP' maxlength='15' value='$qossettings{'QIP'}' />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'destination ip'}:
- <td width='33%' align='left'><input type='text' name='DIP' maxlength='15' value='$qossettings{'DIP'}' />
- <td width='33%' align='center'><input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' /><input type='submit' name='DOLEVEL7' value='$Lang::tr{'save'}' />
- </table></form>
-END
-;
- &Header::closebox();
-}
-
-sub portrule {
- &Header::openbox('100%', 'center', $Lang::tr{'Add Port Rule'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
- <tr><td width='100%' colspan='3'>$Lang::tr{'enter data'}
- <tr><td width='33%' align='right'>$Lang::tr{'protocol'}:
- <td width='33%' align='left'><select name='PPROT'>
-END
-;
- open( FILE, "< /etc/protocols" );
- @proto = <FILE>;
- close FILE;
- foreach $direntry (sort @proto)
- {
- @tmpline = split( /\ /, $direntry );
- next if $tmpline[0] =~ "#";
- if ( $tmpline[0] eq $qossettings{'PPROT'} ) {
- print "<option value='$tmpline[0]' selected>$tmpline[0]</option>\n";
- } else {
- print "<option value='$tmpline[0]'>$tmpline[0]</option>\n";
- }
- }
- print <<END
- </select><td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'source port'}:
- <td width='33%' align='left'><input type='text' name='QPORT' maxlength='5' value='$qossettings{'QPORT'}' />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'destination port'}:
- <td width='33%' align='left'><input type='text' name='DPORT' maxlength='5' value='$qossettings{'DPORT'}' />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'source ip'}:
- <td width='33%' align='left'><input type='text' name='QIP' maxlength='15' value='$qossettings{'QIP'}' />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>$Lang::tr{'destination ip'}:
- <td width='33%' align='left'><input type='text' name='DIP' maxlength='15' value='$qossettings{'DIP'}' />
- <td width='33%' align='center'><input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' /><input type='submit' name='DOPORT' value='$Lang::tr{'save'}' />
- </table></form>
-END
-;
- &Header::closebox();
-}
-
-sub tosrule {
- &Header::openbox('100%', 'center', $Lang::tr{'TOS Rule'});
- if ($qossettings{'TOS'}) {
- $checked{$qossettings{'TOS'}} = "checked";
- }
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
-END
-;
- if ( $message ne "" ) {
- print "<tr><td colspan='3' align='center'><font color='red'>$message</font>";
- }
- print <<END
- <tr><td colspan='2' width='100%'>$Lang::tr{'current class'}: $qossettings{'CLASS'}
- <tr><td width='100%' colspan='2'>$Lang::tr{'Enter TOS'}
- <tr><td width='50%' align='left'>$Lang::tr{'min delay'} (8) <td width='50%'><input type="radio" name="TOS" value="8" $checked[8] />
- <tr><td width='50%' align='left'>$Lang::tr{'max throughput'} (4) <td width='50%'><input type="radio" name="TOS" value="4" $checked[4] />
- <tr><td width='50%' align='left'>$Lang::tr{'max reliability'} (2) <td width='50%'><input type="radio" name="TOS" value="2" $checked[2] />
- <tr><td width='50%' align='left'$Lang::tr{'min costs'} (1) <td width='50%'><input type="radio" name="TOS" value="1" $checked[1] />
- <tr><td width='100%' align='right' colspan='2'><input type='hidden' name='CLASS' value='$qossettings{'CLASS'}' /><input type='submit' name='DOTOS' value='$Lang::tr{'save'}' />
- </table></form>
-END
-;
- &Header::closebox();
-}
-
-sub showclasses {
- $qossettings{'DEV'} = shift;
- open( FILE, "< $classfile" ) or die "Unable to read $classfile";
- @classes = <FILE>;
- close FILE;
- if (@classes) {
- open( FILE, "< $subclassfile" ) or die "Unable to read $subclassfile";
- @subclasses = <FILE>;
- close FILE;
- open( FILE, "< $level7file" ) or die "Unable to read $level7file";
- @l7rules = <FILE>;
- close FILE;
- open( FILE, "< $tosfile" ) or die "Unable to read $tosfile";
- @tosrules = <FILE>;
- close FILE;
- open( FILE, "< $portfile" ) or die "Unable to read $portfile";
- @portrules = <FILE>;
- close FILE;
- foreach $classentry (sort @classes)
- {
- @classline = split( /\;/, $classentry );
- if ( $classline[0] eq $qossettings{'DEV'} )
- {
- &Header::openbox('100%', 'center', "Klasse: $classline[1]");
- print <<END
- <table border='0' width='100%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' width='10%' align='center'><b>$Lang::tr{'interface'}</b>
- <td bgcolor='$color{'color20'}' width='10%' align='center'><b>$Lang::tr{'Class'}</b>
- <td bgcolor='$color{'color20'}' width='10%' align='center'>$Lang::tr{'priority'}
- <td bgcolor='$color{'color20'}' width='10%' align='center'>$Lang::tr{'guaranteed bandwith'}
- <td bgcolor='$color{'color20'}' width='10%' align='center'>$Lang::tr{'max bandwith'}
- <td bgcolor='$color{'color20'}' width='10%' align='center'>Burst
- <td bgcolor='$color{'color20'}' width='10%' align='center'>Ceil Burst
- <td bgcolor='$color{'color20'}' width='10%' align='center'>TOS
- <td bgcolor='$color{'color20'}' width='20%' align='center'>$Lang::tr{'action'}
- <tr><td align='center' bgcolor='$color{'color22'}'>$classline[0]</td>
- <td align='center' bgcolor='$color{'color22'}'>$classline[1]</td>
- <td align='center' bgcolor='$color{'color22'}'>$classline[2]</td>
- <td align='center' bgcolor='$color{'color22'}'>$classline[3]</td>
- <td align='center' bgcolor='$color{'color22'}'>$classline[4]</td>
- <td align='center' bgcolor='$color{'color22'}'>$classline[5]</td>
- <td align='center' bgcolor='$color{'color22'}'>$classline[6]</td>
- <td align='center' bgcolor='$color{'color22'}'>$classline[7]</td>
- <td align='right' bgcolor='$color{'color22'}'>
- <table border='0'><tr>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$classline[1]' />
- <input type='hidden' name='ACTION' value='Unterklasse hinzufuegen' />
- <input type='image' alt='$Lang::tr{'add subclass'}' src='/images/addblue.gif' />
- </form>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$classline[1]' />
- <input type='hidden' name='ACTION' value='Regel hinzufuegen' />
- <input type='image' alt='$Lang::tr{'Add Rule'}' src='/images/addgreen.gif' />
- </form>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$classline[1]' />
- <input type='hidden' name='DOCLASS' value='Bearbeiten' />
- <input type='image' alt='$Lang::tr{'edit'}' src='/images/edit.gif' />
- </form>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$classline[1]' />
- <input type='hidden' name='DOCLASS' value='Loeschen' />
- <input type='image' alt='$Lang::tr{'delete'}' src='/images/delete.gif' />
- </form>
- </table>
- </td>
- <tr><td align='right' colspan='2'><b>$Lang::tr{'remark'}:</b>
- <td align='center' colspan='6'> $classline[8]
- <td align='right'><b>Queueing:</b> $classline[9]
-END
-;
-
- if (@l7rules) {
- foreach $l7ruleentry (sort @l7rules)
- {
- @l7ruleline = split( /\;/, $l7ruleentry );
- if ( $l7ruleline[0] eq $classline[1] )
- {
- print <<END
- <tr><td align='right' colspan='2'><b>$Lang::tr{'Level7 Protocol'}:</b>
- <td align='center' colspan='6'>$l7ruleline[2]
- <td align='right' >
- <table border='0'><tr>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$l7ruleline[0]' />
- <input type='hidden' name='L7PROT' value='$l7ruleline[2]' />
- <input type='hidden' name='DOLEVEL7' value='Bearbeiten' />
- <input type='image' alt='Bearbeiten' src='/images/edit.gif' />
- </form>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$l7ruleline[0]' />
- <input type='hidden' name='L7PROT' value='$l7ruleline[2]' />
- <input type='hidden' name='DOLEVEL7' value='Loeschen' />
- <input type='image' alt='Loeschen' src='/images/delete.gif' />
- </form>
- </table>
-END
-;
- if (($l7ruleline[3] ne "") || ($l7ruleline[4] ne "")){
- print <<END
- <tr><td align='center'>
- <td align='right' colspan='3'><b>$Lang::tr{'source ip'}:</b> $l7ruleline[3]
- <td align='right' colspan='3'><b>$Lang::tr{'destination ip'}:</b> $l7ruleline[4]
-END
-;
- }
-
-
-END
-;
- }
- }
- }
-
-
- if (@portrules) {
- foreach $portruleentry (sort @portrules)
- {
- @portruleline = split( /\;/, $portruleentry );
- if ( $portruleline[0] eq $classline[1] )
- {
- print <<END
- <tr><td align='right' colspan='2'><b>$Lang::tr{'Port Rule'}:</b>
- <td align='center'>($portruleline[2])
- <td align='center' colspan='2'>
-END
-;
- if ($portruleline[4]) {
- print <<END
- <i>Quell-Port:</i> $portruleline[4]
-END
-;
- }
- print "<td align='center' colspan='2'>";
- if ($portruleline[6]) {
- print <<END
- <i>Ziel-Port:</i> $portruleline[6]
-END
-;
- }
- print <<END
- <td>
- <td align='right'>
- <table border='0'><tr>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$portruleline[0]' />
- <input type='hidden' name='PPROT' value='$portruleline[2]' />
- <input type='hidden' name='QIP' value='$portruleline[3]' />
- <input type='hidden' name='QPORT' value='$portruleline[4]' />
- <input type='hidden' name='DIP' value='$portruleline[5]' />
- <input type='hidden' name='DPORT' value='$portruleline[6]' />
- <input type='hidden' name='DOPORT' value='Bearbeiten' />
- <input type='image' alt='$Lang::tr{'edit'}' src='/images/edit.gif' />
- </form>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$portruleline[0]' />
- <input type='hidden' name='PPROT' value='$portruleline[2]' />
- <input type='hidden' name='QIP' value='$portruleline[3]' />
- <input type='hidden' name='QPORT' value='$portruleline[4]' />
- <input type='hidden' name='DIP' value='$portruleline[5]' />
- <input type='hidden' name='DPORT' value='$portruleline[6]' />
- <input type='hidden' name='DOPORT' value='Loeschen' />
- <input type='image' alt='$Lang::tr{'delete'}' src='/images/delete.gif' />
- </form>
- </table>
-END
-;
- if (($portruleline[3] ne "") || ($portruleline[5] ne "")){
- print <<END
- <tr><td align='center'>
- <td align='right' colspan='3'><b>$Lang::tr{'source ip'}:</b> $portruleline[3]
- <td align='right' colspan='3'><b>$Lang::tr{'destination ip'}:</b> $portruleline[5]
-END
-;
- }
- }
- }
- }
-
- if (@tosrules) {
- foreach $tosruleentry (sort @tosrules)
- {
- @tosruleline = split( /\;/, $tosruleentry );
- if ( $tosruleline[0] eq $classline[1] )
- {
- print <<END
- <tr><td align='right' colspan='2'>
- <b>TOS Bit matches:</b>
- <td colspan='6' align='center'>
-END
-;
- if ( $tosruleline[2] eq "8") {
- print "$Lang::tr{'min delay'}\n";
- } elsif ( $tosruleline[2] eq "4") {
- print "$Lang::tr{'max throughput'}\n";
- } elsif ( $tosruleline[2] eq "2") {
- print "$Lang::tr{'max reliability'}\n";
- } elsif ( $tosruleline[2] eq "1") {
- print "$Lang::tr{'min costs'}\n";
- } else { print " \n"; }
-
- print <<END
- ($tosruleline[2])
- <td align='right'>
- <table border='0'><tr>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$tosruleline[0]' />
- <input type='hidden' name='DEV' value='$tosruleline[1]' />
- <input type='hidden' name='TOS' value='$tosruleline[2]' />
- <input type='hidden' name='DOTOS' value='Bearbeiten' />
- <input type='image' alt='$Lang::tr{'edit'}' src='/images/edit.gif' />
- </form>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$tosruleline[0]' />
- <input type='hidden' name='DEV' value='$tosruleline[1]' />
- <input type='hidden' name='TOS' value='$tosruleline[2]' />
- <input type='hidden' name='DOTOS' value='Loeschen' />
- <input type='image' alt='$Lang::tr{'delete'}' src='/images/delete.gif' />
- </form>
- </table>
-END
-;
- }
- }
- }
-END
-;
- foreach $subclassentry (sort @subclasses)
- {
- @subclassline = split( /\;/, $subclassentry );
- if ( $subclassline[1] eq $classline[1] ) {
- print <<END
- <tr><td align='center' bgcolor='#FAFAFA'>$Lang::tr{'Subclass'}:
- <td align='center' bgcolor='#FAFAFA'>$subclassline[2]
- <td align='center' bgcolor='#FAFAFA'>$subclassline[3]
- <td align='center' bgcolor='#FAFAFA'>$subclassline[4]
- <td align='center' bgcolor='#FAFAFA'>$subclassline[5]
- <td align='center' bgcolor='#FAFAFA'>$subclassline[6]
- <td align='center' bgcolor='#FAFAFA'>$subclassline[7]
- <td align='center' bgcolor='#FAFAFA'>$subclassline[8]
- <td align='right' bgcolor='#FAFAFA'>
- <table border='0'><tr>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$subclassline[2]' />
- <input type='hidden' name='ACTION' value='Regel hinzufuegen' />
- <input type='image' alt='$Lang::tr{'Add Rule'}' src='/images/addgreen.gif' />
- </form>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$subclassline[2]' />
- <input type='hidden' name='DOSCLASS' value='Bearbeiten' />
- <input type='image' alt='$Lang::tr{'edit'}' src='/images/edit.gif' />
- </form>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='CLASS' value='$subclassline[2]' />
- <input type='hidden' name='DOSCLASS' value='Loeschen' />
- <input type='image' alt='$Lang::tr{'delete'}' src='/images/delete.gif' />
- </form>
- </table>
-END
-;
- }
- }
- print <<END
- </table>
-END
-;
- &Header::closebox();
- }
- }
- }
- }
-
-sub expert
-{
- &Header::openbox('100%', 'center', $Lang::tr{'expertoptions'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='66%'>
- <tr><td width='33%' align='right'>MTU:<td width='33%' align='left'>
- <input type='text' name='MTU' maxlength='8' required='4' value='$qossettings{'MTU'}' />
- <td width='33%' align='center'>$Lang::tr{'mtu QoS'}
- <tr><td width='33%' align='right'>$Lang::tr{'Queuelenght'}:<td width='33%' align='left'>
- <input type='text' name='QLENGTH' maxlength='8' required='2' value='$qossettings{'QLENGTH'}' />
- <td width='33%' align='center'>
- <tr><td width='33%' align='right'>SFQ Perturb:<td width='33%' align='left'>
- <input type='text' name='SFQ_PERTUB' maxlength='8' required='1' value='$qossettings{'SFQ_PERTUB'}' />
- <td width='33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />
- </table>
- </form>
-END
-;
- &Header::closebox();
-}
-
-sub validminbwdth {
- if ( $qossettings{'VALID'} eq 'yes' ) {
- if ( $qossettings{'DEVICE'} eq $qossettings{'RED_DEV'} ) {
- $qossettings{'SPD'} = $qossettings{'OUT_SPD'};
- } elsif ( $qossettings{'DEVICE'} eq $qossettings{'IMQ_DEV'} ) {
- $qossettings{'SPD'} = $qossettings{'INC_SPD'};
- }
- unless ( ( $qossettings{'MINBWDTH'} >= 1 ) && ( $qossettings{'MINBWDTH'} <= $qossettings{'SPD'} ) ) {
- $qossettings{'VALID'} = 'no';
- $message = "$Lang::tr{'false min bandwith'}";
- }
- $qossettings{'SPD'} = '';
- }
-}
-
-sub validmaxbwdth {
- if ( $qossettings{'VALID'} eq 'yes' ) {
- if ( $qossettings{'DEVICE'} eq $qossettings{'RED_DEV'} ) {
- $qossettings{'SPD'} = $qossettings{'OUT_SPD'};
- } elsif ( $qossettings{'DEVICE'} eq $qossettings{'IMQ_DEV'} ) {
- $qossettings{'SPD'} = $qossettings{'INC_SPD'};
- }
- unless ( ( $qossettings{'MAXBDWTH'} >= 0 ) && ($qossettings{'MAXBDWTH'} >= $qossettings{'MINBDWTH'}) &&( $qossettings{'MAXBDWTH'} <= $qossettings{'SPD'} ) ) {
- $qossettings{'VALID'} = 'no';
- $message = "$Lang::tr{'false max bandwith'}";
- }
- $qossettings{'SPD'} = '';
- }
-}
-
-sub validclass {
- if ( $qossettings{'VALID'} eq 'yes' ) {
- if ( $qossettings{'DEVICE'} eq $qossettings{'RED_DEV'} ) {
- if ($qossettings{'CLASS'} lt 100 || $qossettings{'CLASS'} ge 121) {
- $qossettings{'VALID'} = 'no';
- $message = "$Lang::tr{'false classnumber'}";
- }
- } elsif ( $qossettings{'DEVICE'} eq $qossettings{'IMQ_DEV'} ) {
- if ($qossettings{'CLASS'} lt 200 || $qossettings{'CLASS'} ge 221) {
- $qossettings{'VALID'} = 'no';
- $message = "Die Klassennummer passt nicht zum angegebenen Interface.";
- }
- }
- open( FILE, "< $classfile" ) or die "Unable to read $classfile";
- @tmp = <FILE>;
- close FILE;
- foreach $classentry (sort @tmp)
- {
- @tmpline = split( /\;/, $classentry );
- if ( $tmpline[1] eq $qossettings{'CLASS'} )
- {
- $qossettings{'VALID'} = 'no';
- $message = "$Lang::tr{'false classnumber'}";
- last
- }
- }
- }
-}
-
-sub validsubclass {
- if ( $qossettings{'VALID'} eq 'yes' ) {
- open( FILE, "< $subclassfile" ) or die "Unable to read $subclassfile";
- @tmp = <FILE>;
- close FILE;
- foreach $subclassentry (sort @tmp)
- {
- @tmpline = split( /\;/, $subclassentry );
- if ( $tmpline[2] eq $qossettings{'SCLASS'} )
- {
- $qossettings{'VALID'} = 'no';
- $message = "$Lang::tr{'class in use'}";
- last
- }
- }
- }
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/graphs.pl";
-
-my @cgigraph=();
-my $errormessage = "";
-
-&Header::showhttpheaders();
-
-$ENV{'QUERY_STRING'} =~ s/&//g;
-@cgigraph = split(/graph=/,$ENV{'QUERY_STRING'});
-$cgigraph[1] = '' unless defined $cgigraph[1];
-
-&Graphs::overviewgraph("day",$cgigraph[1]);
-&Graphs::overviewgraph("week",$cgigraph[1]);
-&Graphs::overviewgraph("month",$cgigraph[1]);
-&Graphs::overviewgraph("year",$cgigraph[1]);
-
-&Header::openpage('QoS', 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-&Header::openbox('100%', 'left', $cgigraph[1]);
-
- if (-e "/srv/web/ipfire/html/graphs/qos-graph-$cgigraph[1]-day.png") {
- my $ftime = localtime((stat("/srv/web/ipfire/html/graphs/qos-graph-$cgigraph[1]-day.png"))[9]);
- print "<center>";
- print "<b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<img alt='' src='/graphs/qos-graph-$cgigraph[1]-day.png' border='0' /><hr />";
- } else {
- print $Lang::tr{'no information available'};
- }
-
- if (-e "/srv/web/ipfire/html/graphs/qos-graph-$cgigraph[1]-week.png") {
- my $ftime = localtime((stat("/srv/web/ipfire/html/graphs/qos-graph-$cgigraph[1]-week.png"))[9]);
- print "<center>";
- print "<b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<img alt='' src='/graphs/qos-graph-$cgigraph[1]-week.png' border='0' /><hr />";
- } else {
- print $Lang::tr{'no information available'};
- }
-
- if (-e "/srv/web/ipfire/html/graphs/qos-graph-$cgigraph[1]-month.png") {
- my $ftime = localtime((stat("/srv/web/ipfire/html/graphs/qos-graph-$cgigraph[1]-month.png.png"))[9]);
- print "<center>";
- print "<b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<img alt='' src='/graphs/qos-graph-$cgigraph[1]-month.png' border='0' /><hr />";
- } else {
- print $Lang::tr{'no information available'};
- }
-
- if (-e "/srv/web/ipfire/html/graphs/qos-graph-$cgigraph[1]-year.png") {
- my $ftime = localtime((stat("/srv/web/ipfire/html/graphs/qos-graph-$cgigraph[1]-year.png"))[9]);
- print "<center>";
- print "<b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<img alt='' src='/graphs/qos-graph-$cgigraph[1]-year.png' border='0' /><hr />";
- } else {
- print $Lang::tr{'no information available'};
- }
-
- print"<div align='center'><br/><a href='/cgi-bin/qos.cgi'>$Lang::tr{'back'}</a></div>";
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %remotesettings=();
-my %checked=();
-my $errormessage='';
-my $counter = 0;
-
-&Header::showhttpheaders();
-
-$remotesettings{'ENABLE_SSH'} = 'off';
-$remotesettings{'ENABLE_SSH_PROTOCOL1'} = 'off';
-$remotesettings{'ENABLE_SSH_PORTFW'} = 'off';
-$remotesettings{'ACTION'} = '';
-&Header::getcgihash(\%remotesettings);
-
-if ( (($remotesettings{'ACTION'} eq $Lang::tr{'save'}) || ($remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'}) || ($remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'})) && $remotesettings{'ACTION'} ne "" )
-{
- # not existing here indicates the box is unticked
- $remotesettings{'ENABLE_SSH_PASSWORDS'} = 'off' unless exists $remotesettings{'ENABLE_SSH_PASSWORDS'};
- $remotesettings{'ENABLE_SSH_KEYS'} = 'off' unless exists $remotesettings{'ENABLE_SSH_KEYS'};
-
-
- &General::writehash("${General::swroot}/remote/settings", \%remotesettings);
- if ($remotesettings{'ENABLE_SSH'} eq 'on')
- {
- &General::log($Lang::tr{'ssh is enabled'});
- if ($remotesettings{'ENABLE_SSH_PASSWORDS'} eq 'off'
- and $remotesettings{'ENABLE_SSH_KEYS'} eq 'off')
- {
- $errormessage = $Lang::tr{'ssh no auth'};
- }
- system ('/usr/bin/touch', "${General::swroot}/remote/enablessh");
- }
- else
- {
- &General::log($Lang::tr{'ssh is disabled'});
- unlink "${General::swroot}/remote/enablessh";
- }
-
- if ($remotesettings{'ENABLE_SSH_PROTOCOL1'} eq 'on')
- {
- &General::log($Lang::tr{'ssh1 enabled'});
- }
- else
- {
- &General::log($Lang::tr{'ssh1 disabled'});
- }
-if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} || $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ){
- if ($remotesettings{'ENABLE_SSH'} eq 'off')
- {
- system ('/usr/bin/touch', "${General::swroot}/remote/enablessh");
- system('/usr/local/bin/sshctrl');
- }
- if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} ) { $counter = 900;}
- elsif ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ) { $counter = 1800;}
-
- system("/usr/local/bin/sshctrl tempstart $counter >/dev/null");
- }
-else {
- system('/usr/local/bin/sshctrl') == 0
- or $errormessage = "$Lang::tr{'bad return code'} " . $?/256;
- }
-}
-
-&General::readhash("${General::swroot}/remote/settings", \%remotesettings);
-
-# not existing here means they're undefined and the default value should be
-# used
- $remotesettings{'ENABLE_SSH_PASSWORDS'} = 'on' unless exists $remotesettings{'ENABLE_SSH_PASSWORDS'};
- $remotesettings{'ENABLE_SSH_KEYS'} = 'on' unless exists $remotesettings{'ENABLE_SSH_KEYS'};
-
-$checked{'ENABLE_SSH'}{'off'} = '';
-$checked{'ENABLE_SSH'}{'on'} = '';
-$checked{'ENABLE_SSH'}{$remotesettings{'ENABLE_SSH'}} = "checked='checked'";
-$checked{'ENABLE_SSH_PROTOCOL1'}{'off'} = '';
-$checked{'ENABLE_SSH_PROTOCOL1'}{'on'} = '';
-$checked{'ENABLE_SSH_PROTOCOL1'}{$remotesettings{'ENABLE_SSH_PROTOCOL1'}} = "checked='checked'";
-$checked{'ENABLE_SSH_PORTFW'}{'off'} = '';
-$checked{'ENABLE_SSH_PORTFW'}{'on'} = '';
-$checked{'ENABLE_SSH_PORTFW'}{$remotesettings{'ENABLE_SSH_PORTFW'}} = "checked='checked'";
-$checked{'ENABLE_SSH_PASSWORDS'}{'off'} = '';
-$checked{'ENABLE_SSH_PASSWORDS'}{'on'} = '';
-$checked{'ENABLE_SSH_PASSWORDS'}{$remotesettings{'ENABLE_SSH_PASSWORDS'}} = "checked='checked'";
-$checked{'ENABLE_SSH_KEYS'}{'off'} = '';
-$checked{'ENABLE_SSH_KEYS'}{'on'} = '';
-$checked{'ENABLE_SSH_KEYS'}{$remotesettings{'ENABLE_SSH_KEYS'}} = "checked='checked'";
-
-
-&Header::openpage($Lang::tr{'remote access'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<FONT CLASS='base'>$errormessage </FONT>\n";
- &Header::closebox();
-}
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-&Header::openbox('100%', 'left', 'SSH:');
-print <<END
-<table width='100%'>
-<tr>
- <td><input type='checkbox' name='ENABLE_SSH' $checked{'ENABLE_SSH'}{'on'} /></td>
- <td class='base' colspan='2'>$Lang::tr{'ssh access'}</td>
-</tr>
-<tr>
- <td> </td>
- <td><input type='checkbox' name='ENABLE_SSH_PROTOCOL1' $checked{'ENABLE_SSH_PROTOCOL1'}{'on'} /></td>
- <td width='100%' class='base'>$Lang::tr{'ssh1 support'}</td>
-</tr>
-<tr>
- <td> </td>
- <td><input type='checkbox' name='ENABLE_SSH_PORTFW' $checked{'ENABLE_SSH_PORTFW'}{'on'} /></td>
- <td width='100%' class='base'>$Lang::tr{'ssh portfw'}</td>
-</tr>
-<tr>
- <td> </td>
- <td><input type='checkbox' name='ENABLE_SSH_PASSWORDS' $checked{'ENABLE_SSH_PASSWORDS'}{'on'} /></td>
- <td width='100%' class='base'>$Lang::tr{'ssh passwords'}</td>
-</tr>
-<tr>
- <td> </td>
- <td><input type='checkbox' name='ENABLE_SSH_KEYS' $checked{'ENABLE_SSH_KEYS'}{'on'} /></td>
- <td width='100%' class='base'>$Lang::tr{'ssh keys'}</td>
-</tr>
-<tr>
- <td align='center' colspan='3'><hr />
- <input type='submit' name='ACTION' value='$Lang::tr{'ssh tempstart15'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'ssh tempstart30'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
-</tr>
-</table>
-END
-;
-&Header::closebox();
-
-print "</form>\n";
-
-&Header::openbox('100%', 'left', $Lang::tr{'ssh host keys'});
-
-print "<table>\n";
-
-print <<END
-<tr><td class='boldbase'><b>$Lang::tr{'ssh key'}</b></td>
- <td class='boldbase'><b>$Lang::tr{'ssh fingerprint'}</b></td>
- <td class='boldbase'><b>$Lang::tr{'ssh key size'}</b></td></tr>
-END
-;
-
-&viewkey("/etc/ssh/ssh_host_key.pub","RSA1");
-&viewkey("/etc/ssh/ssh_host_rsa_key.pub","RSA2");
-&viewkey("/etc/ssh/ssh_host_dsa_key.pub","DSA");
-
-print "</table>\n";
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-
-sub viewkey
-{
- my $key = $_[0];
- my $name = $_[1];
-
- if ( -e $key )
- {
- my @temp = split(/ /,`/usr/bin/ssh-keygen -l -f $key`);
- my $keysize = &Header::cleanhtml($temp[0],"y");
- my $fingerprint = &Header::cleanhtml($temp[1],"y");
- print "<tr><td>$key ($name)</td><td><code>$fingerprint</code></td><td align='center'>$keysize</td></tr>\n";
- }
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %sambasettings = ();
-my %cgisettings = ();
-my %checked = ();
-my %netsettings = ();
-my %ovpnsettings = ();
-my %color = ();
-my %mainsettings = ();
-my $message = "";
-my $errormessage = "";
-
-my @Logs = qx(ls /var/log/samba/);
-my $Log =$Lang::tr{'no log selected'};
-
-my $Status = qx(/usr/local/bin/sambactrl smbstatus);
-$Status=~s/\n/<br \/>/g;
-
-my $userentry = "";
-my @user = ();
-my @userline = ();
-my $userfile = "${General::swroot}/samba/private/smbpasswd";
-my %selected= () ;
-
-my $defaultoption= "[Share]\npath = /var/ipfire/samba/share1\ncomment = Share - Public Access\nbrowseable = yes\nwriteable = yes\ncreate mask = 0777\ndirectory mask = 0777\npublic = yes\nforce user = samba";
-my $defaultprinter= "[Printer]\ncomment = Printer public\npath = /var/spool/cups\nprinting = sysvn\nprintcap = lpstat\npublic = yes\nwritable = no\nprintable = yes";
-my %printer = ();
-my %shares = ();
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-&General::readhash("${General::swroot}/ovpn/settings", \%ovpnsettings);
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-############################################################################################################################
-############################################# Samba Dienste fr Statusberprfung ##########################################
-
-my %servicenames = ('SMB Daemon' => 'smbd','NetBIOS Nameserver' => 'nmbd');
-#my %servicenames = ('SMB Daemon' => 'smbd','NetBIOS Nameserver' => 'nmbd','Winbind Daemon' => 'winbindd');
-
-&Header::showhttpheaders();
-
-############################################################################################################################
-#################################### Initialisierung von Samba Variablen fr global Settings ###############################
-
-$sambasettings{'WORKGRP'} = 'homeip.net';
-$sambasettings{'NETBIOSNAME'} = 'IPFire';
-$sambasettings{'SRVSTRING'} = 'Samba running on IPFire 2.1';
-$sambasettings{'INTERFACES'} = '';
-$sambasettings{'SECURITY'} = 'share';
-$sambasettings{'OSLEVEL'} = '33';
-$sambasettings{'GREEN'} = 'on';
-$sambasettings{'BLUE'} = 'off';
-$sambasettings{'ORANGE'} = 'off';
-$sambasettings{'VPN'} = 'off';
-$sambasettings{'WINSSRV'} = '';
-$sambasettings{'WINSSUPPORT'} = 'on';
-$sambasettings{'REMOTEANNOUNCE'} = '';
-$sambasettings{'REMOTESYNC'} = '';
-$sambasettings{'PASSWORDSYNC'} = 'off';
-$sambasettings{'OTHERINTERFACES'} = '127.0.0.1';
-$sambasettings{'GUESTACCOUNT'} = 'samba';
-$sambasettings{'MAPTOGUEST'} = 'Never';
-$sambasettings{'LOGLEVEL'} = '3 passdb:5 auth:5 winbind:2';
-$sambasettings{'SOCKETOPTIONS'} = 'TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_KEEPALIVE';
-### Values that have to be initialized
-$sambasettings{'ACTION'} = '';
-### Samba CUPS Variablen
-$sambasettings{'LOADPRINTERS'} = 'Yes';
-$sambasettings{'PRINTING'} = 'cups';
-$sambasettings{'PRINTCAPNAME'} = 'cups';
-my $LOGLINES = '50';
-
-################################################## Samba PDC Variablen #####################################################
-
-$sambasettings{'LOCALMASTER'} = 'off';
-$sambasettings{'DOMAINMASTER'} = 'off';
-$sambasettings{'PREFERREDMASTER'} = 'off';
-my $PDCOPTIONS = `cat ${General::swroot}/samba/pdc`;
-
-
-############################################################################################################################
-
-&General::readhash("${General::swroot}/samba/settings", \%sambasettings);
-&Header::getcgihash(\%sambasettings);
-
-sub refreshpage{&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'pagerefresh'}</font></center>";&Header::closebox();}
-
-&Header::openpage('Samba', 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-############################################################################################################################
-############################################# Samba Rootskript aufrufe fr SU-Actions #######################################
-
-if ($sambasettings{'ACTION'} eq 'smbuserdisable'){system("/usr/local/bin/sambactrl smbuserdisable $sambasettings{'NAME'}");refreshpage();}
-if ($sambasettings{'ACTION'} eq 'smbuserenable'){system("/usr/local/bin/sambactrl smbuserenable $sambasettings{'NAME'}");refreshpage();}
-if ($sambasettings{'ACTION'} eq 'smbuseradd'){system("/usr/local/bin/sambactrl smbuseradd $sambasettings{'USERNAME'} $sambasettings{'PASSWORD'} $sambasettings{'GROUP'} $sambasettings{'SHELL'}");refreshpage();}
-if ($sambasettings{'ACTION'} eq 'smbpcadd'){system("/usr/local/bin/sambactrl smbpcadd $sambasettings{'PCNAME'} $sambasettings{'GROUP'} $sambasettings{'SHELL'}");refreshpage();}
-if ($sambasettings{'ACTION'} eq 'smbchangepw'){system("/usr/local/bin/sambactrl smbchangepw $sambasettings{'USERNAME'} $sambasettings{'PASSWORD'}");refreshpage();}
-if ($sambasettings{'ACTION'} eq 'smbrestart'){system("/usr/local/bin/sambactrl smbrestart");refreshpage();}
-if ($sambasettings{'ACTION'} eq 'smbstart'){system("/usr/local/bin/sambactrl smbstart");refreshpage();}
-if ($sambasettings{'ACTION'} eq 'smbstop'){system("/usr/local/bin/sambactrl smbstop");refreshpage();}
-if ($sambasettings{'ACTION'} eq 'smbreload'){system("/usr/local/bin/sambactrl smbreload");refreshpage();}
-if ($sambasettings{'ACTION'} eq 'globalresetyes')
- {
- system("/usr/local/bin/sambactrl smbglobalreset");
- $sambasettings{'WORKGRP'} = 'homeip.net';
- $sambasettings{'NETBIOSNAME'} = 'IPFire';
- $sambasettings{'SRVSTRING'} = 'Samba running on IPFire 2.0';
- $sambasettings{'INTERFACES'} = '';
- $sambasettings{'SECURITY'} = 'share';
- $sambasettings{'OSLEVEL'} = '65';
- $sambasettings{'GREEN'} = 'on';
- $sambasettings{'BLUE'} = 'off';
- $sambasettings{'ORANGE'} = 'off';
- $sambasettings{'VPN'} = 'off';
- $sambasettings{'WINSSRV'} = '';
- $sambasettings{'WINSSUPPORT'} = 'on';
- $sambasettings{'REMOTEANNOUNCE'} = '';
- $sambasettings{'REMOTESYNC'} = '';
- $sambasettings{'PASSWORDSYNC'} = 'off';
- $sambasettings{'OTHERINTERFACES'} = '127.0.0.1';
- $sambasettings{'GUESTACCOUNT'} = 'samba';
- $sambasettings{'MAPTOGUEST'} = 'Never';
- $sambasettings{'LOGLEVEL'} = '3 passdb:5 auth:5 winbind:2';
-### Samba CUPS Variablen
- $sambasettings{'LOADPRINTERS'} = 'Yes';
- $sambasettings{'PRINTING'} = 'cups';
- $sambasettings{'PRINTCAPNAME'} = 'cups';
- $sambasettings{'PRINTERNAME'} = 'Printer';
-### Values that have to be initialized
- $sambasettings{'ACTION'} = '';
- $sambasettings{'LOCALMASTER'} = 'off';
- $sambasettings{'DOMAINMASTER'} = 'off';
- $sambasettings{'PREFERREDMASTER'} = 'off';
- $sambasettings{'SOCKETOPTIONS'} = 'TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_KEEPALIVE';
- $PDCOPTIONS = `cat ${General::swroot}/samba/pdc`;
- system("/usr/local/bin/sambactrl smbreload");
- refreshpage();
- }
-
-############################################################################################################################
-################################################ Sicherheitsabfrage für den Reset ##########################################
-
-if ($sambasettings{'ACTION'} eq 'globalreset')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' colspan='3' align='center'><b>$Lang::tr{'resetglobals'}</b>
- <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- $Lang::tr{'yes'} <input type='image' alt='$Lang::tr{'yes'}' title='$Lang::tr{'yes'}' src='/images/edit-redo.png' />
- <input type='hidden' name='ACTION' value='globalresetyes' /></form></td>
- <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'no'}' title='$Lang::tr{'no'}' src='/images/dialog-error.png' /> $Lang::tr{'no'}
- <input type='hidden' name='ACTION' value='cancel' /></form></td>
- </tr>
- </table>
-END
-;
-}
-
-if ($sambasettings{'ACTION'} eq 'sharesreset')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' colspan='3' align='center'><b>$Lang::tr{'resetshares'}</b>
- <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- $Lang::tr{'yes'} <input type='image' alt='$Lang::tr{'yes'}' title='$Lang::tr{'yes'}' src='/images/edit-redo.png' />
- <input type='hidden' name='ACTION' value='sharesresetyes' /></form></td>
- <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'no'}' title='$Lang::tr{'no'}' src='/images/dialog-error.png' /> $Lang::tr{'no'}
- <input type='hidden' name='ACTION' value='cancel' /></form></td>
- </tr>
- </table>
-END
-;
- }
-
-############################################################################################################################
-########################################### Samba Benutzer oder PC l�chen #################################################
-
-if ($sambasettings{'ACTION'} eq 'userdelete'){system("/usr/local/bin/sambactrl smbuserdelete $sambasettings{'NAME'}");refreshpage();}
-
-############################################################################################################################
-##################################### Umsetzen der Werte von Checkboxen und Dropdowns ######################################
-
-if ($sambasettings{'ACTION'} eq $Lang::tr{'save'})
-{
-$sambasettings{'INTERFACES'} = '';
-if ($sambasettings{'GREEN'} eq 'on'){ $sambasettings{'INTERFACES'} .= " $netsettings{'GREEN_DEV'}";}
-if ($sambasettings{'BLUE'} eq 'on'){ $sambasettings{'INTERFACES'} .= " $netsettings{'BLUE_DEV'}";}
-if ($sambasettings{'ORANGE'} eq 'on'){ $sambasettings{'INTERFACES'} .= " $netsettings{'ORANGE_DEV'}";}
-if ($sambasettings{'VPN'} eq 'on'){ $sambasettings{'INTERFACES'} .= " $ovpnsettings{'DOVPN_SUBNET'}";}
-if ($sambasettings{'OTHERINTERFACES'} ne ''){ $sambasettings{'INTERFACES'} .= " $sambasettings{'OTHERINTERFACES'}";}
-
-############################################################################################################################
-##################################### Schreiben settings und bersetzen fr smb.conf #######################################
-
-delete $sambasettings{'__CGI__'};delete $sambasettings{'x'};delete $sambasettings{'y'};
-&General::writehash("${General::swroot}/samba/settings", \%sambasettings);
-
-if ($sambasettings{'PASSWORDSYNC'} eq 'on'){ $sambasettings{'PASSWORDSYNC'} = "true";} else { $sambasettings{'PASSWORDSYNC'} = "false";}
-if ($sambasettings{'WINSSUPPORT'} eq 'on'){ $sambasettings{'WINSSUPPORT'} = "true";$sambasettings{'WINSSRV'} = "";} else { $sambasettings{'WINSSUPPORT'} = "false";}
-if ($sambasettings{'LOCALMASTER'} eq 'on'){ $sambasettings{'LOCALMASTER'} = "true";} else { $sambasettings{'LOCALMASTER'} = "false";}
-if ($sambasettings{'DOMAINMASTER'} eq 'on'){ $sambasettings{'DOMAINMASTER'} = "true";} else { $sambasettings{'DOMAINMASTER'} = "false";}
-if ($sambasettings{'PREFERREDMASTER'} eq 'on'){ $sambasettings{'PREFERREDMASTER'} = "true";} else { $sambasettings{'PREFERREDMASTER'} = "false";}
-
-############################################################################################################################
-############################################# Schreiben der Samba globals ##################################################
-
- open (FILE, ">${General::swroot}/samba/global") or die "Can't save the global settings: $!";
- flock (FILE, 2);
-
-print FILE <<END
-# global.settings by IPFire Project
-
-[global]
-netbios name = $sambasettings{'NETBIOSNAME'}
-server string = $sambasettings{'SRVSTRING'}
-workgroup = $sambasettings{'WORKGRP'}
-
-keep alive = 30
-os level = $sambasettings{'OSLEVEL'}
-fstype = NTFS
-
-kernel oplocks = false
-map to guest = $sambasettings{'MAPTOGUEST'}
-smb ports = 445 139
-unix charset = CP850
-
-security = $sambasettings{'SECURITY'}
-encrypt passwords = yes
-guest account = $sambasettings{'GUESTACCOUNT'}
-unix password sync = $sambasettings{'PASSWORDSYNC'}
-null passwords = yes
-
-bind interfaces only = true
-interfaces = $sambasettings{'INTERFACES'}
-socket options = $sambasettings{'SOCKETOPTIONS'}
-remote announce = $sambasettings{'REMOTEANNOUNCE'}
-remote browse sync = $sambasettings{'REMOTESYNC'}
-
-username level = 1
-wins support = $sambasettings{'WINSSUPPORT'}
-wins server = $sambasettings{'WINSSRV'}
-
-log file = /var/log/samba/samba-log.%m
-lock directory = /var/lock/samba
-pid directory = /var/run/
-log level = $sambasettings{'LOGLEVEL'}
-
-preferred master = $sambasettings{'PREFERREDMASTER'}
-domain master = $sambasettings{'DOMAINMASTER'}
-local master = $sambasettings{'LOCALMASTER'}
-
-END
-;
-close FILE;
-
- if (-e "${General::swroot}/cups/enable"){
- open (FILE, ">>${General::swroot}/samba/global") or die "Can't save the global cups settings: $!";
- flock (FILE, 2);
- print FILE <<END
-load printers = $sambasettings{'LOADPRINTERS'}
-printing = $sambasettings{'PRINTING'}
-printcap name = $sambasettings{'PRINTCAPNAME'}
-
-END
-;
-close FILE;
- }
-
- if ($sambasettings{'SECURITY'} eq 'User' && $sambasettings{'DOMAINMASTER'} eq 'true' )
- {
- open (FILE, ">${General::swroot}/samba/pdc") or die "Can't save the pdc settings: $!";
- flock (FILE, 2);
- chomp $sambasettings{'PDCOPTIONS'};
- $sambasettings{'PDCOPTIONS'} =~ s/\r\n/\n/gi;
- $sambasettings{'PDCOPTIONS'} =~ s/^\n//gi;
- $sambasettings{'PDCOPTIONS'} =~ s/^\r//gi;
- $sambasettings{'PDCOPTIONS'} =~ s/^.\n//gi;
- $sambasettings{'PDCOPTIONS'} =~ s/^.\r//gi;
- print FILE <<END
-$sambasettings{'PDCOPTIONS'}
-END
-;
- close FILE;
- }
-
-if ( -e "/var/ipfire/cups/enable")
- {
- if ( $sambasettings{'SECURITY'} eq 'User' && $sambasettings{'DOMAINMASTER'} eq 'true' ){system("/usr/local/bin/sambactrl smbsafeconfpdccups");refreshpage();}
- else {system("/usr/local/bin/sambactrl smbsafeconfcups");}
- }
-else
- {
- if ( $sambasettings{'SECURITY'} eq 'User' && $sambasettings{'DOMAINMASTER'} eq 'true' ){system("/usr/local/bin/sambactrl smbsafeconfpdc");refreshpage();}
- else{system("/usr/local/bin/sambactrl smbsafeconf");}
- }
-
-system("/usr/local/bin/sambactrl smbreload");refreshpage();
-}
- &General::readhash("${General::swroot}/samba/settings", \%sambasettings);
-
-
-if ($errormessage)
- {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
- }
-
-############################################################################################################################
-########################################## Aktivieren von Checkboxen und Dropdowns #########################################
-
-$checked{'WINSSUPPORT'}{'off'} = '';
-$checked{'WINSSUPPORT'}{'on'} = '';
-$checked{'WINSSUPPORT'}{$sambasettings{'WINSSUPPORT'}} = "checked='checked'";
-$checked{'PASSWORDSYNC'}{'off'} = '';
-$checked{'PASSWORDSYNC'}{'on'} = '';
-$checked{'PASSWORDSYNC'}{$sambasettings{'PASSWORDSYNC'}} = "checked='checked'";
-$checked{'LOCALMASTER'}{'off'} = '';
-$checked{'LOCALMASTER'}{'on'} = '';
-$checked{'LOCALMASTER'}{$sambasettings{'LOCALMASTER'}} = "checked='checked'";
-$checked{'DOMAINMASTER'}{'off'} = '';
-$checked{'DOMAINMASTER'}{'on'} = '';
-$checked{'DOMAINMASTER'}{$sambasettings{'DOMAINMASTER'}} = "checked='checked'";
-$checked{'PREFERREDMASTER'}{'off'} = '';
-$checked{'PREFERREDMASTER'}{'on'} = '';
-$checked{'PREFERREDMASTER'}{$sambasettings{'PREFERREDMASTER'}} = "checked='checked'";
-$checked{'GREEN'}{'off'} = '';
-$checked{'GREEN'}{'on'} = '';
-$checked{'GREEN'}{$sambasettings{'GREEN'}} = "checked='checked'";
-$checked{'BLUE'}{'off'} = '';
-$checked{'BLUE'}{'on'} = '';
-$checked{'BLUE'}{$sambasettings{'BLUE'}} = "checked='checked'";
-$checked{'ORANGE'}{'off'} = '';
-$checked{'ORANGE'}{'on'} = '';
-$checked{'ORANGE'}{$sambasettings{'ORANGE'}} = "checked='checked'";
-$checked{'VPN'}{'off'} = '';
-$checked{'VPN'}{'on'} = '';
-$checked{'VPN'}{$sambasettings{'VPN'}} = "checked='checked'";
-
-$selected{'MAPTOGUEST'}{$sambasettings{'MAPTOGUEST'}} = "selected='selected'";
-$selected{'SECURITY'}{$sambasettings{'SECURITY'}} = "selected='selected'";
-
-############################################################################################################################
-################################### Aufbau der HTML Seite fr globale Sambaeinstellungen ###################################
-
-&Header::openbox('100%', 'center', $Lang::tr{'samba'});
-print <<END
-<br />
-<table width='95%' cellspacing='0'>
-END
-;
-if ( $message ne "" )
- {
- print "<tr><td colspan='3' align='left'><font color='red'>$message</font>";
- }
-
-print <<END
-<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'all services'}</b></td></tr>
-</table><table width='95%' cellspacing='0'>
-END
-;
-
-my $key = '';
-foreach $key (sort keys %servicenames)
- {
- print "<tr><td align='left' width='40%'>$key</td>";
- my $shortname = $servicenames{$key};
- my $status = &isrunning($shortname);
- print "$status</tr>";
- }
-
-print <<END
-</table>
-<br />
-<table width='95%' cellspacing='0'>
-<tr><td align='left' width='40%' />
-<td align='center' ><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='smbstart' /><input type='image' alt='$Lang::tr{'smbstart'}' title='$Lang::tr{'smbstart'}' src='/images/go-up.png' /></form></td>
-<td align='center' ><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='smbstop' /><input type='image' alt='$Lang::tr{'smbstop'}' title='$Lang::tr{'smbstop'}' src='/images/go-down.png' /></form></td>
-<td align='center' ><form method='post' action='$ENV{'SCRIPT_NAME'}'><input type='hidden' name='ACTION' value='smbrestart' /><input type='image' alt='$Lang::tr{'smbrestart'}' title='$Lang::tr{'smbrestart'}' src='/images/view-refresh.png' /></form></td></tr>
-</table>
-<br />
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='95%' cellspacing='0'>
-<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'basic options'}</b></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'workgroup'}</td><td align='left'><input type='text' name='WORKGRP' value='$sambasettings{'WORKGRP'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'netbios name'}</td><td align='left'><input type='text' name='NETBIOSNAME' value='$sambasettings{'NETBIOSNAME'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'server string'}</td><td align='left'><input type='text' name='SRVSTRING' value='$sambasettings{'SRVSTRING'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'log level'}</td><td align='left'><input type='text' name='LOGLEVEL' value='$sambasettings{'LOGLEVEL'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'interfaces'}</td><td align='left'>on <input type='radio' name='VPN' value='on' $checked{'VPN'}{'on'} />/
- <input type='radio' name='VPN' value='off' $checked{'VPN'}{'off'} /> off |
- <font size='2' color='$Header::colourovpn'><b> OpenVpn - $ovpnsettings{'DOVPN_SUBNET'}</b></font></td></tr>
-<tr><td align='left' width='40%'></td><td align='left'>on <input type='radio' name='GREEN' value='on' $checked{'GREEN'}{'on'} />/
- <input type='radio' name='GREEN' value='off' $checked{'GREEN'}{'off'} /> off |
- <font size='2' color='$Header::colourgreen'><b> $Lang::tr{'green'} - $netsettings{'GREEN_DEV'}</b></font></td></tr>
-END
-;
-
-if (&Header::blue_used())
- {
- print <<END
- <tr><td align='left' width='40%'></td><td align='left'>on <input type='radio' name='BLUE' value='on' $checked{'BLUE'}{'on'} />/
- <input type='radio' name='BLUE' value='off' $checked{'BLUE'}{'off'} /> off |
- <font size='2' color='$Header::colourblue'><b> $Lang::tr{'wireless'} - $netsettings{'BLUE_DEV'}</b></font></td></tr>
-END
-;
- }
-
-if (&Header::orange_used())
- {
- print <<END
- <tr><td align='left' width='40%'></td><td align='left'>on <input type='radio' name='ORANGE' value='on' $checked{'ORANGE'}{'on'} />/
- <input type='radio' name='ORANGE' value='off' $checked{'ORANGE'}{'off'} /> off |
- <font size='2' color='$Header::colourorange'><b> $Lang::tr{'dmz'} - $netsettings{'ORANGE_DEV'}</b></font></td></tr>
-END
-;
- }
-
-print <<END
-<tr><td align='center' width='40%'>$Lang::tr{'more'}</td><td align='left'><input type='text' name='OTHERINTERFACES' value='$sambasettings{'OTHERINTERFACES'}' size="30" /></td></tr>
-<tr><td align='left'><br /></td><td></td></tr>
-<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'security options'}</b></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'security'}</td><td align='left'><select name='SECURITY' style="width: 165px">
- <option value='share' $selected{'SECURITY'}{'share'}>Share</option>
- <option value='user' $selected{'SECURITY'}{'user'}>User</option>
- <option value='domain' $selected{'SECURITY'}{'domain'}>Domain</option>
- <option value='ADS' $selected{'SECURITY'}{'ADS'}>ADS</option>
- <option value='server' $selected{'SECURITY'}{'server'}>Server</option>
- </select></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'map to guest'}</td><td align='left'><select name='MAPTOGUEST' style="width: 165px">
- <option value='Never' $selected{'MAPTOGUEST'}{'Never'}>Never</option>
- <option value='Bad User' $selected{'MAPTOGUEST'}{'Bad User'}>Bad User</option>
- <option value='Bad Password' $selected{'MAPTOGUEST'}{'Bad Password'}>Bad Password</option>
- </select></td></tr>
-END
-;
-#<tr><td align='left' width='40%'>$Lang::tr{'unix password sync'}</td><td align='left'>on <input type='radio' name='PASSWORDSYNC' value='on' $checked{'PASSWORDSYNC'}{'on'} />/
-# <input type='radio' name='PASSWORDSYNC' value='off' $checked{'PASSWORDSYNC'}{'off'} /> off</td></tr>
-print <<END
-<tr><td align='left'><br /></td><td /></tr>
-<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'network options'}</b></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'os level'}</td><td align='left'><input type='text' name='OSLEVEL' value='$sambasettings{'OSLEVEL'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'socket options'}</td><td align='left'><input type='text' name='SOCKETOPTIONS' value='$sambasettings{'SOCKETOPTIONS'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'remote announce'}</td><td align='left'><input type='text' name='REMOTEANNOUNCE' value='$sambasettings{'REMOTEANNOUNCE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'remote browse sync'}</td><td align='left'><input type='text' name='REMOTESYNC' value='$sambasettings{'REMOTESYNC'}' size="30" /></td></tr>
-END
-;
-if ($sambasettings{'WINSSUPPORT'} eq 'off') {print"<tr><td align='left' width='40%'>$Lang::tr{'wins server'}</td><td align='left'><input type='text' name='WINSSRV' value='$sambasettings{'WINSSRV'}' size='30' /></td></tr>";}
- print <<END
-<tr><td align='left' width='40%'>$Lang::tr{'wins support'}</td><td align='left'>on <input type='radio' name='WINSSUPPORT' value='on' $checked{'WINSSUPPORT'}{'on'} />/
- <input type='radio' name='WINSSUPPORT' value='off' $checked{'WINSSUPPORT'}{'off'} /> off</td></tr>
-END
-;
-
-if ($sambasettings{'SECURITY'} eq 'user')
- {
- print <<END
-<tr><td align='left' width='40%'>$Lang::tr{'local master'}</td><td align='left'>on <input type='radio' name='LOCALMASTER' value='on' $checked{'LOCALMASTER'}{'on'} />/
- <input type='radio' name='LOCALMASTER' value='off' $checked{'LOCALMASTER'}{'off'} /> off</td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'domain master'}</td><td align='left'>on <input type='radio' name='DOMAINMASTER' value='on' $checked{'DOMAINMASTER'}{'on'} />/
- <input type='radio' name='DOMAINMASTER' value='off' $checked{'DOMAINMASTER'}{'off'} /> off</td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'prefered master'}</td><td align='left'>on <input type='radio' name='PREFERREDMASTER' value='on' $checked{'PREFERREDMASTER'}{'on'} />/
- <input type='radio' name='PREFERREDMASTER' value='off' $checked{'PREFERREDMASTER'}{'off'} /> off</td></tr>
-END
-;
- }
-
-if ($sambasettings{'SECURITY'} eq 'user' && $sambasettings{'DOMAINMASTER'} eq 'on')
- {
- print <<END
- <tr><td align='left'><br /></td><td></td></tr>
- <tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'pdc options'}</b></td></tr>
- <tr><td align='left'><br /></td><td></td></tr>
- <tr><td colspan='2' align='center'><textarea name="PDCOPTIONS" cols="50" rows="15" Wrap="off">$PDCOPTIONS</textarea></td></tr>
-END
-;
- }
-
- if ( -e "/var/ipfire/cups/enable")
- {
- print <<END
- <tr><td align='left'><br /></td><td></td></tr>
- <tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'printing options'}</b></td></tr>
- <tr><td align='left' width='40%'>$Lang::tr{'load printer'}</td><td align='left'><input type='text' name='LOADPRINTERS' value='$sambasettings{'LOADPRINTERS'}' size="30" /></td></tr>
- <tr><td align='left' width='40%'>$Lang::tr{'printing'}</td><td align='left'><input type='text' name='PRINTING' value='$sambasettings{'PRINTING'}' size="30" /></td></tr>
- <tr><td align='left' width='40%'>$Lang::tr{'printcap name'}</td><td align='left'><input type='text' name='PRINTCAPNAME' value='$sambasettings{'PRINTCAPNAME'}' size="30" /></td></tr>
-END
-;
- }
-
-print <<END
-</table>
-<br />
-<table width='10%' cellspacing='0'>
-<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value=$Lang::tr{'save'} />
- <input type='image' alt='$Lang::tr{'save'}' title='$Lang::tr{'save'}' src='/images/media-floppy.png' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='globalreset' />
- <input type='image' alt='$Lang::tr{'reset'}' title='$Lang::tr{'reset'}' src='/images/reload.gif' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='globalcaption' />
- <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form></td></tr>
-</table>
-END
-;
-
-if ($sambasettings{'ACTION'} eq 'globalcaption')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr>
- <tr><td align='right' width='33%'><img src='/images/media-floppy.png' /></td><td align='left'>$Lang::tr{'save settings'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/reload.gif' /></td><td align='left'>$Lang::tr{'restore settings'}</td></tr>
- </table>
-END
-;
- }
-
-&Header::closebox();
-
-############################################################################################################################
-########################################## Benutzerverwaltung fr Usersecurity #############################################
-
-if ($sambasettings{'SECURITY'} eq 'user')
- {
- if ($sambasettings{'DOMAINMASTER'} eq 'off')
- {
- &Header::openbox('100%', 'center', $Lang::tr{'accounting user nonpdc'});
- }
- else
- {
- &Header::openbox('100%', 'center', $Lang::tr{'accounting user pdc'});
- }
- print <<END
- <a name="$Lang::tr{'accounting'}"</a>
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td colspan='6' align='left'></td></tr>
- <tr><td bgcolor='$color{'color20'}' colspan='7' align='left'><b>$Lang::tr{'accounting'}</b></td></tr>
- <tr><td align='left'><u>$Lang::tr{'username'}</u></td><td align='left'><u>$Lang::tr{'password'}</u></td>
-END
-;
-
- if ($sambasettings{'DOMAINMASTER'} eq 'off')
- {
- print "<td></td>";
- }
- else
- {
- print "<td align='left'><u>$Lang::tr{'type'}</u></td>";
- }
-
- print "<td align='left'><u>$Lang::tr{'status'}</u></td><td colspan='3' width='5%' align='center'><u>$Lang::tr{'options'}</u></td></tr>";
- system('/usr/local/bin/sambactrl readsmbpasswd');
- open(FILE, "<${General::swroot}/samba/private/smbpasswd") or die "Can't read user file: $!";
- @user = <FILE>;
- close(FILE);
- system('/usr/local/bin/sambactrl locksmbpasswd');
-
- my $lines = 0;
-
- foreach $userentry (sort @user)
- {
- @userline = split( /\:/, $userentry );
- if ($lines % 2) {print "<tr bgcolor='$color{'color20'}'>";} else {print "<tr bgcolor='$color{'color22'}'>";}
- print "<td align='left'>$userline[0]</td><td align='left'>";
- if ($userline[4] =~ /N/)
- {
- print "$Lang::tr{'not set'}</td><td align='left'>";
- }
- else
- {
- print "$Lang::tr{'set'}</td><td align='left'>";
- }
-
- if ($sambasettings{'DOMAINMASTER'} eq 'off')
- {
- print "</td><td align='left'>";
- }
- else
- {
- if ($userline[0] =~ /\$/)
- {
- print "$Lang::tr{'pc'}</td><td align='left'>";
- }
- else
- {
- print "$Lang::tr{'user'}</td><td align='left'>";
- }
- }
-
- if ($userline[4] =~ /D/)
- {
- print <<END
- $Lang::tr{'inactive'}</td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <input type='hidden' name='NAME' value='$userline[0]' />
- <input type='hidden' name='ACTION' value='smbuserenable' />
- <input type='image' alt='$Lang::tr{'activate'}' title='$Lang::tr{'activate'}' src='/images/off.gif' />
- </form></td>
-END
-;
- }
- else
- {
- print <<END
- $Lang::tr{'active'}</td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <input type='hidden' name='NAME' value='$userline[0]' />
- <input type='hidden' name='ACTION' value='smbuserdisable' />
- <input type='image' alt='$Lang::tr{'deactivate'}' title='$Lang::tr{'deactivate'}' src='/images/on.gif' />
- </form></td>
-END
-;
- }
-
- if ($userline[0] =~ /\$/)
- {
- print "<td></td>";
- }
- else
- {
- print <<END
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <input type='hidden' name='NAME' value='$userline[0]' />
- <input type='hidden' name='ACTION' value='userchangepw' />
- <input type='image' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' src='/images/edit.gif' />
- </form></td>
-END
-;
- }
-
- if ($sambasettings{'DOMAINMASTER'} eq 'on' && $userline[0] =~ /\$/)
- {
- print <<END
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <input type='hidden' name='NAME' value='$userline[0]' />
- <input type='hidden' name='ACTION' value='userdelete' />
- <input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/network-error.png' />
- </form></td></tr>
-END
-;
- }
- else
- {
- print <<END
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <input type='hidden' name='NAME' value='$userline[0]' />
- <input type='hidden' name='ACTION' value='userdelete' />
- <input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-option-remove.png' />
- </form></td></tr>
-END
-;
- }
- $lines++;
- }
- print <<END
- </table>
- <br />
- <table width='10%' cellspacing='0'>
- <tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <input type='hidden' name='ACTION' value='useradd' />
- <input type='image' alt='$Lang::tr{'add user'}' title='$Lang::tr{'add user'}' src='/images/user-option-add.png' /></form></td>
-END
-;
-
- if ($sambasettings{'DOMAINMASTER'} eq 'on')
- {
- print <<END
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <input type='hidden' name='ACTION' value='pcadd' />
- <input type='image' alt='$Lang::tr{'pc add'}' title='$Lang::tr{'pc add'}' src='/images/network.png' /></form>
-END
-;
- }
- print <<END
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <input type='hidden' name='ACTION' value='usercaption' />
- <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form>
- </td></tr>
- </table>
-END
-;
-
- if ($sambasettings{'ACTION'} eq 'usercaption')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr>
- <tr><td align='right' width='33%'><img src='/images/user-option-add.png' /></td><td align='left'>$Lang::tr{'add user'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/network.png' /></td><td align='left'>$Lang::tr{'pc add'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/user-option-remove.png' /></td><td align='left'>$Lang::tr{'delete user'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/network-error.png' /></td><td align='left'>$Lang::tr{'delete pc'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/off.gif' /></td><td align='left'>$Lang::tr{'activate user'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/on.gif' /></td><td align='left'>$Lang::tr{'deactivate user'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/edit.gif' /></td><td align='left'>$Lang::tr{'change passwords'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/media-floppy.png' /></td><td align='left'>$Lang::tr{'save config'}</td></tr>
- </table>
-END
-;
- }
-
- if ($sambasettings{'ACTION'} eq 'userchangepw')
- {
- my $username = "$sambasettings{'NAME'}";
- my $password = 'samba';
- print <<END
- <br />
- <form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <table width='95%' cellspacing='0'>
- <tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'change passwords'}</b></td></tr>
- <tr><td align='left'>$Lang::tr{'username'}</td><td><input type='text' name='USERNAME' value='$username' size='30' readonly /></td></tr>
- <tr><td align='left'>$Lang::tr{'password'}</td><td><input type='password' name='PASSWORD' value='$password' size='30' /></td></tr>
- <tr><td colspan='2' align='center'><input type='hidden' name='ACTION' value='smbchangepw' />
- <input type='image' alt=$Lang::tr{'save'} title=$Lang::tr{'save'} src='/images/media-floppy.png' /></td></tr>
- </table>
- </form>
-END
-;
- }
-
- if ($sambasettings{'ACTION'} eq 'useradd')
- {
- my $username = "user";
- my $password = "samba";
- chomp $username;
- $username=~s/\s//g;
- chomp $password;
- $password=~s/\s//g;
- print <<END
- <br />
- <form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <table width='95%' cellspacing='0'>
- <tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'add user'}</b></td></tr>
- <tr><td align='left'>$Lang::tr{'username'}</td><td><input type='text' name='USERNAME' value='$username' size='30' /></td></tr>
- <tr><td align='left'>$Lang::tr{'password'}</td><td><input type='password' name='PASSWORD' value='$password' size='30' /></td></tr>
- <tr><td align='left'>$Lang::tr{'unix group'}</td><td><input type='text' name='GROUP' value='sambauser' size='30' /></td></tr>
- <tr><td align='left'>$Lang::tr{'unix shell'}</td><td><input type='text' name='SHELL' value='/bin/false' size='30' /></td></tr>
- <tr><td colspan='2' align='center'><input type='hidden' name='ACTION' value='smbuseradd' />
- <input type='image' alt=$Lang::tr{'save'} title=$Lang::tr{'save'} src='/images/media-floppy.png' /></td></tr>
- </table>
- </form>
-END
-;
- }
-
- if ($sambasettings{'ACTION'} eq 'pcadd')
- {
- my $pcname = "client\$";
- chomp $pcname;
- $pcname=~s/\s//g;
- print <<END
- <br />
- <form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'accounting'}'>
- <table width='95%' cellspacing='0'>
- <tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'pc add'}</b></td></tr>
- <tr><td align='left'>$Lang::tr{'client'}</td><td><input type='text' name='PCNAME' value='$pcname' size='30' /></td></tr>
- <tr><td align='left'>$Lang::tr{'unix group'}</td><td><input type='text' name='GROUP' value='sambawks' size='30' /></td></tr>
- <tr><td align='left'>$Lang::tr{'unix shell'}</td><td><input type='text' name='SHELL' value='/bin/false' size='30' /></td></tr>
- <tr><td colspan='2' align='center'><input type='hidden' name='ACTION' value='smbpcadd' />
- <input type='image' title=$Lang::tr{'save'} alt=$Lang::tr{'save'} src='/images/media-floppy.png' /></td></tr>
- </table>
- </form>
-END
-;
- }
-
-&Header::closebox();
-}
-
-############################################################################################################################
-############################################### Verwalten von Freigaben ####################################################
-
-&Header::openbox('100%', 'center', $Lang::tr{'shares'});
-
-my %shares = config("${General::swroot}/samba/shares");
-
-
-print <<END
-<a name="$Lang::tr{'manage shares'}"</a>
-<br />
-<table width='95%' cellspacing='0'>
-<tr><td bgcolor='$color{'color20'}' colspan='3' align='left'><b>$Lang::tr{'manage shares'}</b>
-<tr><td align='left'><u>$Lang::tr{'sharename'}</u></td><td colspan='2' width="5%" align='center'><u>$Lang::tr{'options'}</u></td></tr>
-END
-;
-
-my @Shares = keys(%shares);
-my $lines = 0;
-
-foreach my $shareentry (sort @Shares)
- {
- chomp $shareentry;
- if ($lines % 2) {print "<tr bgcolor='$color{'color20'}'>";} else {print "<tr bgcolor='$color{'color22'}'>";}
- print <<END
- <td align='left'>$shareentry</td>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage shares'}'>
- <input type='hidden' name='NAME' value='$shareentry' />
- <input type='hidden' name='ACTION' value='sharechange' />
- <input type='image' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' src='/images/edit.gif' />
- </form></td>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage shares'}'>
- <input type='hidden' name='NAME' value='$shareentry' />
- <input type='hidden' name='ACTION' value='smbsharedel' />
- <input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-trash.png' />
- </form></td></tr>
-END
-;
- $lines++;
- }
-
-print <<END
-</table>
-<br />
-<table width='10%' cellspacing='0'>
-<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage shares'}'>
- <input type='hidden' name='ACTION' value='shareadd' />
- <input type='image' alt='$Lang::tr{'add share'}' title='$Lang::tr{'add share'}' src='/images/list-add.png' />
- </form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage shares'}'>
- <input type='hidden' name='ACTION' value='sharesreset' />
- <input type='image' alt='$Lang::tr{'reset'}' title='$Lang::tr{'reset'}' src='/images/reload.gif' />
- </form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage shares'}'>
- <input type='hidden' name='ACTION' value='sharecaption' />
- <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' />
- </form></td>
-</tr>
-</table>
-END
-;
-
-if ($sambasettings{'ACTION'} eq 'sharecaption')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr>
- <tr><td align='right' width='33%'><img src='/images/list-add.png' /></td><td align='left'>$Lang::tr{'add share'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/edit.gif' /></td><td align='left'>$Lang::tr{'edit share'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/media-floppy.png' /></td><td align='left'>$Lang::tr{'save config'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/reload.gif' /></td><td align='left'>$Lang::tr{'reset shares'}</td></tr>
- <tr><td align='right' width='33%'><img src='/images/user-trash.png' /></td><td align='left'>$Lang::tr{'delete share'}</td></tr>
- </table>
-END
-;
- }
-
-if ($sambasettings{'ACTION'} eq 'shareadd' || $sambasettings{'ACTION'} eq 'optioncaption' )
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'add share'}</b></td></tr>
- <tr><td colspan='2' align='center'></td></tr>
- <tr><td colspan='2' align='center'>$Lang::tr{'show share options'}
- <a href="sambahlp.cgi" target="popup" onClick="window.open ('', 'popup', 'width=580,height=600,scrollbars=yes, toolbar=no,status=no, resizable=yes,menubar=no,location=no,directories=no,top=10,left=10')"><img border="0" src="/images/help-browser.png"></a></td></tr>
- <form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage shares'}'><tr><td colspan='2' align='center'><textarea name="SHAREOPTION" cols="50" rows="15" Wrap="off">$defaultoption</textarea></td></tr>
- </table>
- <br />
- <table width='10%' cellspacing='0'>
- <tr><td align='center'><input type='hidden' name='ACTION' value='smbshareadd' />
- <input type='image' alt='$Lang::tr{'add share'}' title='$Lang::tr{'add share'}' src='/images/media-floppy.png' /></td></tr></form>
- </table>
-END
-;
- }
-
-if ($sambasettings{'ACTION'} eq 'sharechange' || $sambasettings{'ACTION'} eq 'optioncaption2' )
- {
- my $shareoption = $shares{$sambasettings{'NAME'}};
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'edit share'}</b></td></tr>
- <tr><td colspan='2' align='center'></td></tr>
- <tr><td colspan='2' align='center'>$Lang::tr{'show share options'}<a href="sambahlp.cgi" target="popup" onClick="window.open ('', 'popup', 'width=580,height=600,scrollbars=yes, toolbar=no,status=no, resizable=yes,menubar=no,location=no,directories=no,top=10,left=10')"><img border="0" src="/images/help-browser.png"></a></td></tr>
- <tr><td colspan='2' align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage shares'}'><textarea name="SHAREOPTION" cols="50" rows="15" Wrap="off">$shareoption</textarea></td></tr>
- </table>
- <br />
- <table width='10%' cellspacing='0'>
- <tr><td align='center'><input type='hidden' name='NAME' value='$sambasettings{'NAME'}' />
- <input type='image' alt='$Lang::tr{'change share'}' title='$Lang::tr{'change share'}' src='/images/media-floppy.png' />
- <input type='hidden' name='ACTION' value='smbsharechange' /></form></td></tr>
- </table>
-END
-;
- }
-
-if ($sambasettings{'ACTION'} eq 'sharesresetyes')
- {
- system('/usr/local/bin/sambactrl smbsharesreset');
- my $shares = config("${General::swroot}/samba/shares");
- system("/usr/local/bin/sambactrl smbreload");
- }
-if ($sambasettings{'ACTION'} eq 'smbshareadd')
- {
- $shares{'xvx'}= "$sambasettings{'SHAREOPTION'}";
- save("shares");
- my $shares = config("${General::swroot}/samba/shares");
- }
-if ($sambasettings{'ACTION'} eq 'smbsharedel')
- {
- delete $shares{$sambasettings{'NAME'}};
- save("shares");
- my %shares = config("${General::swroot}/samba/shares");
- }
-if ($sambasettings{'ACTION'} eq 'smbsharechange')
- {
- $shares{$sambasettings{'NAME'}} = $sambasettings{'SHAREOPTION'};
- save("shares");
- my %shares = config("${General::swroot}/samba/shares");
- }
-
-&Header::closebox();
-
-############################################################################################################################
-################################################ Verwalten von Druckern ####################################################
-
-my %printer = config("${General::swroot}/samba/printer");
-
-if ( -e "/var/ipfire/cups/enable")
-{
-&Header::openbox('100%', 'center', $Lang::tr{'printer'});
-
-my @Printers = keys(%printer);
-print <<END
-<a name="$Lang::tr{'manage printers'}"</a>
-<br />
-<table width='95%' cellspacing='0'>
-<tr><td bgcolor='$color{'color20'}' colspan='3' align='left'><b>$Lang::tr{'manage printers'}</b>
-<tr><td align='left'><u>$Lang::tr{'printername'}</u></td><td colspan='2' width="5%" align='center'><u>$Lang::tr{'options'}</u></td></tr>
-END
-;
-foreach my $printerentry (sort @Printers)
- {
- chomp $printerentry;
- print <<END
- <tr><td align='left'>$printerentry</td>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage printers'}'>
- <input type='hidden' name='NAME' value='$printerentry' />
- <input type='hidden' name='ACTION' value='printerchange' />
- <input type='image' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' src='/images/edit.gif' />
- </form></td>
- <td><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage printers'}'>
- <input type='hidden' name='NAME' value='$printerentry' />
- <input type='hidden' name='ACTION' value='smbprinterdel' />
- <input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-trash.png' />
- </form></td></tr>
-END
-;
- }
-print <<END
-</table>
-<br />
-<table width='10%' cellspacing='0'>
-<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage printers'}'>
- <input type='hidden' name='ACTION' value='printeradd' />
- <input type='image' alt='$Lang::tr{'add printer'}' title='$Lang::tr{'add printer'}' src='/images/list-add.png' />
- </form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage printers'}'>
- <input type='hidden' name='ACTION' value='printereset' />
- <input type='image' alt='$Lang::tr{'reset'}' title='$Lang::tr{'reset'}' src='/images/reload.gif' />
- </form></td>
- <td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage printers'}'>
- <input type='hidden' name='ACTION' value='printercaption' />
- <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' />
- </form></td>
-</tr>
-</table>
-END
-;
-
-if ($sambasettings{'ACTION'} eq 'printeradd' || $sambasettings{'ACTION'} eq 'printercaption' )
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'add printer'}</b></td></tr>
- <tr><td colspan='2' align='center'></td></tr>
- <tr><td colspan='2' align='center'>$Lang::tr{'show share options'}
- <a href="sambahlp.cgi" target="popup" onClick="window.open ('', 'popup', 'width=580,height=600,scrollbars=yes, toolbar=no,status=no, resizable=yes,menubar=no,location=no,directories=no,top=10,left=10')"><img border="0" src="/images/help-browser.png"></a></td></tr>
- <form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage printers'}'><tr><td colspan='2' align='center'><textarea name="PRINTEROPTION" cols="50" rows="15" Wrap="off">$defaultprinter</textarea></td></tr>
- </table>
- <br />
- <table width='10%' cellspacing='0'>
- <tr><td align='center'><input type='hidden' name='ACTION' value='smbprinteradd' />
- <input type='image' alt='$Lang::tr{'add share'}' title='$Lang::tr{'add share'}' src='/images/media-floppy.png' /></td></tr>
- </table>
- </form>
-END
-;
- }
-
-if ($sambasettings{'ACTION'} eq 'printerchange' || $sambasettings{'ACTION'} eq 'printercaption2' )
- {
- my $printeroption = $printer{$sambasettings{'NAME'}};
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'edit printer'}</b></td></tr>
- <tr><td colspan='2' align='center'></td></tr>
- <tr><td colspan='2' align='center'>$Lang::tr{'show share options'}<a href="sambahlp.cgi" target="popup" onClick="window.open ('', 'popup', 'width=580,height=600,scrollbars=yes, toolbar=no,status=no, resizable=yes,menubar=no,location=no,directories=no,top=10,left=10')"><img border="0" src="/images/help-browser.png"></a></td></tr>
- <tr><td colspan='2' align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'manage printers'}'><textarea name="PRINTEROPTION" cols="50" rows="15" Wrap="off">$printeroption</textarea></td></tr>
- </table>
- <br />
- <table width='10%' cellspacing='0'>
- <tr><td align='center'><input type='hidden' name='NAME' value='$sambasettings{'NAME'}' />
- <input type='image' alt='$Lang::tr{'change share'}' title='$Lang::tr{'change share'}' src='/images/media-floppy.png' />
- <input type='hidden' name='ACTION' value='smbprinterchange' /></form></td></tr>
- </table>
-END
-;
- }
-
-if ($sambasettings{'ACTION'} eq 'smbprinteradd')
- {
- $printer{'xvx'}= "$sambasettings{'PRINTEROPTION'}";
- save("printer");
- my %printer = config("${General::swroot}/samba/printer");
- }
-
-if ($sambasettings{'ACTION'} eq 'smbprinterdel')
- {
- delete $printer{$sambasettings{'NAME'}};
- save("printer");
- my %printer = config("${General::swroot}/samba/printer");
- }
-
-if ($sambasettings{'ACTION'} eq 'smbprinterchange')
- {
- $printer{$sambasettings{'NAME'}} = $sambasettings{'PRINTEROPTION'};
- save("printer");
- my %printer = config("${General::swroot}/samba/printer");
- }
-
-&Header::closebox();
-}
-
-############################################################################################################################
-############################################### Anzeige des Sambastatus ####################################################
-
-&Header::openbox('100%', 'center', 'Status');
-
-print <<END
-<br />
-<table width='95%' cellspacing='0'>
-<tr><td bgcolor='$color{'color20'}' colspan='3' align='left'><b>$Lang::tr{'samba status'}</b></td></tr>
-<tr><td align='left'>$Status</td></tr>
-</table>
-END
-;
-&Header::closebox();
-
-############################################################################################################################
-############################################### Anzeige der Sambalogs ######################################################
-
-
-if ($sambasettings{'ACTION'} eq 'showlog')
-{
-$Log = qx(tail -n $sambasettings{'LOGLINES'} /var/log/samba/$sambasettings{'LOG'});
-$Log=~s/\n/<br \/>/g;
-}
-
-&Header::openbox('100%', 'center', $Lang::tr{'log'});
-
-print <<END
-<a name="$Lang::tr{'log view'}"</a>
-<br />
-<form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'log view'}'>
-<table width='95%' cellspacing='0'>
-<tr><td bgcolor='$color{'color20'}' colspan='3' align='left'><b>$Lang::tr{'log view'}</b></td></tr>
-<tr><td colspan='3' align='left'><br /></td></tr>
-<tr><td align='left'><select name='LOG' style="width: 200px">
-END
-;
-foreach my $log (@Logs) {chomp $log;print"<option value='$log'>$log</option>";}
-print <<END
-
-</select></td><td align='left'>$Lang::tr{'show last x lines'}<input type='text' name='LOGLINES' value='$LOGLINES' size="3" /></td>
- <td align='left'><input type='hidden' name='ACTION' value='showlog' /><input type='image' alt='view Log' title='view Log' src='/images/format-justify-fill.png' /></td></tr>
-<tr><td colspan='3' align='left'><br /></td></tr>
-<tr><td colspan='3' align='left'><font size=2>$Log</font></td></tr>
-<tr><td colspan='3' align='left'><br /></td></tr>
-<tr><td colspan='3' align='center'>$sambasettings{'LOG'}</td></tr>
-</table>
-</form>
-END
-;
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-############################################################################################################################
-############################################ Subfunktion fr Sambadienste ###################################################
-
-sub config
-{
-my $file = shift;
-my @allarray = `grep -n '^\\[' $file`;
-my @linesarray = ();
-my @namearray = ();
-my %hash = ();
-my $options = ();
-my $EOF = qx(cat $file | wc -l);
-foreach my $allarrayentry (@allarray)
- {
- my @allarrayline = split( /\:/, $allarrayentry );
- push(@linesarray,$allarrayline[0]);$allarrayline[1]=~s/\[//g;$allarrayline[1]=~s/\]//g;push(@namearray,$allarrayline[1]);
- }
- for(my $i = 0; $i <= $#namearray; $i++)
- {
- chomp $namearray[$i];
- $namearray[$i]=~s/\[//g;$namearray[$i]=~s/\]//g;
- if ( $i eq $#namearray )
- {
- my $lineend = $EOF-$linesarray[$i]+1;
- $options=qx(tail -$lineend $file);
- }
- else
- {
- my $linestart = $EOF-$linesarray[$i]+1;
- my $lineend = $linesarray[$i+1]-$linesarray[$i];
- $options=qx(tail -$linestart $file | head -$lineend);
- }
- $hash{$namearray[$i]} = "$options";
- #print"<pre>$namearray[$i]\n$options\n</pre>"; # enable only for debuging
- }
-return(%hash);
-}
-
-sub save
-{
-my $smb = shift;
-open (FILE, ">${General::swroot}/samba/$smb") or die "Can't $smb settings $!";
-flock (FILE, 2);
-
-if ( $smb eq 'printer')
- {while (my ($name, $option) = each %printer){chomp $option;$option =~ s/\r\n/\n/gi;$option =~ s/^\n//gi;$option =~ s/^\r//gi;$option =~ s/^.\n//gi;$option =~ s/^.\r//gi;print FILE "$option\n";}}
-
-if ( $smb eq 'shares')
- {while (my ($name, $option) = each %shares){chomp $option;$option =~ s/\r\n/\n/gi;$option =~ s/^\n//gi;$option =~ s/^\r//gi;$option =~ s/^.\n//gi;$option =~ s/^.\r//gi;print FILE "$option\n";} }
-
-close FILE;
-
-if ( -e "/var/ipfire/cups/enable")
- {
- if ( $sambasettings{'SECURITY'} eq 'User' && $sambasettings{'DOMAINMASTER'} eq 'true' ){system("/usr/local/bin/sambactrl smbsafeconfpdccups");}
- else {system("/usr/local/bin/sambactrl smbsafeconfcups");}
- }
-else
- {
- if ( $sambasettings{'SECURITY'} eq 'User' && $sambasettings{'DOMAINMASTER'} eq 'true' ){system("/usr/local/bin/sambactrl smbsafeconfpdc");}
- else{system("/usr/local/bin/sambactrl smbsafeconf");}
- }
-
-system("/usr/local/bin/sambactrl smbreload");
-refreshpage();
-}
-
-sub isrunning
- {
- my $cmd = $_[0];
- my $status = "<td align='center' bgcolor='${Header::colourred}'><font color='white'><b>$Lang::tr{'stopped'}</b></font></td>";
- my $pid = '';
- my $testcmd = '';
- my $exename;
-
- $cmd =~ /(^[a-z]+)/;
- $exename = $1;
-
- if (open(FILE, "/var/run/${cmd}.pid"))
- {
- $pid = <FILE>; chomp $pid;
- close FILE;
- if (open(FILE, "/proc/${pid}/status"))
- {
- while (<FILE>)
- {
- if (/^Name:\W+(.*)/)
- {
- $testcmd = $1;
- }
- }
- close FILE;
- if ($testcmd =~ /$exename/)
- {
- $status = "<td align='center' bgcolor='${Header::colourgreen}'><font color='white'><b>$Lang::tr{'running'}</b></font></td>";
- }
- }
- }
- return $status;
- }
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-&Header::showhttpheaders();
-&Header::openpagewithoutmenu('Samba', 1, '');
-&Header::openbigbox('100%', 'left', '', 'BigBox');
-&Header::openbox('100%', 'left', '', 'Sambahelp');
-
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td><b>$Lang::tr{'caption'}</b></td></tr>
- <tr><td><u>$Lang::tr{'options'}</u></td><td><u>$Lang::tr{'meaning'}</u> / <u>$Lang::tr{'exampel'}</u></td></tr>
- <tr><td>comment</td><td>$Lang::tr{'comment'}</td></tr>
- <tr><td></td><td>comment = $Lang::tr{'my new share'}</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>path</td><td>$Lang::tr{'path to directory'}</td></tr>
- <tr><td></td><td>path = /tmp</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>writeable</td><td>$Lang::tr{'directory writeable'}</td></tr>
- <tr><td></td><td>writeable = yes</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>browseable</td><td>sichtbar in Verzeichnisliste</td></tr>
- <tr><td></td><td>browsable = yes</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>user</td><td>Besitzer der Freigabe</td></tr>
- <tr><td></td><td>user = samba</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>valid users</td><td>Liste der Zugriffsberechtigten</td></tr>
- <tr><td></td><td>valid users = samba, user1</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>write list</td><td>$Lang::tr{'visible in browselist'}</td></tr>
- <tr><td></td><td>write list = samba</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>hosts allow</td><td>$Lang::tr{'host allow'}</td></tr>
- <tr><td></td><td>hosts allow = localhost 192.168.1.1 192.168.2.0/24</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>hosts deny</td><td>$Lang::tr{'host deny'}</td></tr>
- <tr><td></td><td>hosts deny = 192.168.1.2 192.168.3.0/24</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>read list</td><td>$Lang::tr{'read list'}</td></tr>
- <tr><td></td><td>read list = user1</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>admin users</td><td>$Lang::tr{'admin users'}</td></tr>
- <tr><td></td><td>admin users = user1</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>invalid users</td><td>$Lang::tr{'invalid users'}</td></tr>
- <tr><td></td><td>invalid users = user2</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>force user</td><td>$Lang::tr{'force user'}</td></tr>
- <tr><td></td><td>force user = samba</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>directory mask</td><td>$Lang::tr{'directory mask'}</td></tr>
- <tr><td></td><td>directory mask = 0777</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>create mask</td><td>U$Lang::tr{'create mask'}</td></tr>
- <tr><td></td><td>create mask = 0777</td></tr>
- <tr><td><br /></td><td></td></tr>
- <tr><td>guest ok</td><td>$Lang::tr{'guest ok'}</td></tr>
- <tr><td></td><td>guest ok = yes</td></tr>
- </table>
-END
-;
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my @icmptypes = &get_icmptypes();
-
-&Header::showhttpheaders();
-
-my %cgiparams=();
-my %selected=();
-my %checked=();
-my $filename = "${General::swroot}/firewall/customservices";
-my $key = 0; # used for finding last sequence number used
-
-# Darren Critchley - vars for setting up sort order
-my $sort_col = '1';
-my $sort_type = 'a';
-my $sort_dir = 'asc';
-
-if ($ENV{'QUERY_STRING'} ne '') {
- my ($item1, $item2, $item3) = split(/\&/,$ENV{'QUERY_STRING'});
- if ($item1 ne '') {
- ($junk, $sort_col) = split(/\=/,$item1)
- }
- if ($item2 ne '') {
- ($junk, $sort_type) = split(/\=/,$item2)
- }
- if ($item3 ne '') {
- ($junk, $sort_dir) = split(/\=/,$item3)
- }
-}
-
-$cgiparams{'KEY'} = '';
-$cgiparams{'PORTS'} = '';
-$cgiparams{'PROTOCOL'} = '6';
-$cgiparams{'NAME'} = '';
-$cgiparams{'PORT_INVERT'} = 'off';
-$cgiparams{'PROTOCOL_INVERT'} = 'off';
-$cgiparams{'ICMP'} = 'BLANK';
-
-&Header::getcgihash(\%cgiparams);
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'add'}){
-
- &validateparams();
- unless($errormessage){
- $key++; # Add one to last sequence number
- open(FILE,">>$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- print FILE "$key,$cgiparams{'NAME'},$cgiparams{'PORTS'},$cgiparams{'PROTOCOL'},$cgiparams{'PORT_INVERT'},$cgiparams{'PROTOCOL_INVERT'},$cgiparams{'ICMP'}\n";
- close(FILE);
- &General::log("$Lang::tr{'service added'}: $cgiparams{'NAME'}");
- undef %cgiparams;
- }
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'update'})
-{
- &validateparams();
- # Darren Critchley - If there is an error don't waste any more processing time
- if ($errormessage) { $cgiparams{'ACTION'} = $Lang::tr{'edit'}; goto UPD_ERROR; }
-
- unless($errormessage){
- open(FILE, $filename) or die 'Unable to open custom services file.';
- my @current = <FILE>;
- close(FILE);
- my $line;
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- foreach $line (@current) {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY'} eq $temp[0]) {
- print FILE "$cgiparams{'KEY'},$cgiparams{'NAME'},$cgiparams{'PORTS'},$cgiparams{'PROTOCOL'},$cgiparams{'PORT_INVERT'},$cgiparams{'PROTOCOL_INVERT'},$cgiparams{'ICMP'}\n";
- } else {
- print FILE "$line\n";
- }
- }
- close(FILE);
- &General::log("$Lang::tr{'service updated'}: $cgiparams{'NAME'}");
- undef %cgiparams;
- }
-UPD_ERROR:
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'})
-{
- open(FILE, "$filename") or die 'Unable to open custom services file.';
- my @current = <FILE>;
- close(FILE);
-
- unless ($errormessage)
- {
- foreach my $line (@current)
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY'} eq $temp[0]) {
- $cgiparams{'NAME'} = $temp[1];
- $cgiparams{'PORTS'} = $temp[2];
- $cgiparams{'PROTOCOL'} = $temp[3];
- $cgiparams{'PORT_INVERT'} = $temp[4];
- $cgiparams{'PROTOCOL_INVERT'} = $temp[5];
- $cgiparams{'ICMP'} = $temp[6];
- }
-
- }
- }
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'})
-{
- open(FILE, $filename) or die 'Unable to open custom services file.';
- my @current = <FILE>;
- close(FILE);
-
- open(FILE, ">$filename") or die 'Unable to open custom services file.';
- flock FILE, 2;
- foreach my $line (@current)
- {
- chomp($line);
- if ($line ne '') {
- my @temp = split(/\,/,$line);
- if ($cgiparams{'KEY'} eq $temp[0]) {
- &General::log("$Lang::tr{'service removed'}: $temp[1]");
- } else {
- print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6]\n";
- }
- }
- }
- close(FILE);
- undef %cgiparams;
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'reset'})
-{
- undef %cgiparams;
-}
-
-if ($cgiparams{'ACTION'} eq '')
-{
- $cgiparams{'KEY'} = '';
- $cgiparams{'PORTS'} = '';
- $cgiparams{'PROTOCOL'} = '6';
- $cgiparams{'NAME'} = '';
- $cgiparams{'PORT_INVERT'} = 'off';
- $cgiparams{'PROTOCOL_INVERT'} = 'off';
- $cgiparams{'ICMP'} = 'BLANK';
-}
-
-# Darren Critchley - Bring in the protocols file built from /etc/protocols into hash %protocol
-require "${General::swroot}/firewall/protocols.pl";
-
-# Darren Critchley - figure out which protocol is selected
-$selected{'PROTOCOL'}{'tcpudp'}= '';
-$selected{'PROTOCOL'}{'all'}= '';
-foreach $line (keys %protocols) {
-# $selected{'PROTOCOL'}{"$protocols{$line}"}= '';
- $selected{'PROTOCOL'}{$line}= '';
-}
-$selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = 'SELECTED';
-
-# Darren Critchley - figure out which icmptype is selected
-$selected{'ICMP'}{$cgiparams{'ICMP'}} = 'SELECTED';
-
-$checked{'PORT_INVERT'}{'off'} = '';
-$checked{'PORT_INVERT'}{'on'} = '';
-$checked{'PORT_INVERT'}{$cgiparams{'PORT_INVERT'}} = 'CHECKED';
-$checked{'PROTOCOL_INVERT'}{'off'} = '';
-$checked{'PROTOCOL_INVERT'}{'on'} = '';
-$checked{'PROTOCOL_INVERT'}{$cgiparams{'PROTOCOL_INVERT'}} = 'CHECKED';
-
-&Header::openpage($Lang::tr{'services settings'}, 1, '');
-
-&Header::openbigbox('100%', 'LEFT', '', $errormessage);
-
-# DEBUG DEBUG
-#&Header::openbox('100%', 'LEFT', 'DEBUG');
-#foreach $line (keys %cgiparams) {
-# print "<CLASS NAME='base'>$line = $cgiparams{$line}<BR>";
-#}
-#print "$sort_col\n";
-#print "$ENV{'QUERY_STRING'}\n";
-#print " </CLASS>\n";
-#&Header::closebox();
-
-if ($errormessage) {
- &Header::openbox('100%', 'LEFT', $Lang::tr{'error messages'});
- print "<CLASS NAME='base'><FONT COLOR='${Header::colourred}'>$errormessage\n</FONT>";
- print " </CLASS>\n";
- &Header::closebox();
-}
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}){
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'edit service'}:");
-} else {
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'add service'}:");
-}
-# Darren Critchley - Show protocols with TCP, UDP, etc at the top of the list.
-print <<END
-<FORM METHOD='POST'>
-<DIV ALIGN='CENTER'>
-<TABLE WIDTH='100%' ALIGN='CENTER'>
-<TR align="center">
- <TD><strong>$Lang::tr{'servicename'}</strong></TD>
- <TD ALIGN='RIGHT'><strong>$Lang::tr{'invert'}</strong></TD>
- <TD><strong>$Lang::tr{'ports'}</strong></TD>
- <TD ALIGN='RIGHT'><strong>$Lang::tr{'invert'}</strong></TD>
- <TD><strong>$Lang::tr{'protocol'}</strong></TD>
- <TD> </TD>
- <TD> </TD>
-</TR>
-<TR align="center">
- <TD>
- <INPUT TYPE='TEXT' NAME='NAME' VALUE='$cgiparams{'NAME'}' SIZE='20' MAXLENGTH='20'>
- </TD>
- <TD ALIGN='RIGHT'>
- <INPUT TYPE='CHECKBOX' NAME='PORT_INVERT' $checked{'PORT_INVERT'}{'on'}>
- </TD>
- <TD>
- <INPUT TYPE='TEXT' NAME='PORTS' VALUE='$cgiparams{'PORTS'}' SIZE='15' MAXLENGTH='11'>
- </TD>
- <TD ALIGN='RIGHT'>
- <INPUT TYPE='CHECKBOX' NAME='PROTOCOL_INVERT' $checked{'PROTOCOL_INVERT'}{'on'}>
- </TD>
- <TD ALIGN='LEFT'>
- <SELECT NAME='PROTOCOL'>
- <OPTION VALUE='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</OPTION>
- <OPTION VALUE='udp' $selected{'PROTOCOL'}{'udp'}>UDP</OPTION>
- <OPTION VALUE='tcpudp' $selected{'PROTOCOL'}{'tcpudp'}>TCP & UDP</OPTION>
- <OPTION VALUE='all' $selected{'PROTOCOL'}{'all'}>ALL</OPTION>
- <OPTION VALUE='icmp' $selected{'PROTOCOL'}{'icmp'}>ICMP</OPTION>
- <OPTION VALUE='gre' $selected{'PROTOCOL'}{'gre'}>GRE</OPTION>
-END
-;
-foreach $line (sort keys %protocols) {
- # Darren Critchley - do not have duplicates in the list
- if ($protocols{$line} ne '6' && $protocols{$line} ne '17' && $protocols{$line} ne '1' && $protocols{$line} ne '47'){
-# print "<OPTION VALUE='$line' $selected{'PROTOCOL'}{$protocols{$line}}>".uc($line)."</OPTION>\n";
- print "<OPTION VALUE='$line' $selected{'PROTOCOL'}{$line}>".uc($line)."</OPTION>\n";
- }
-}
-print <<END
- </SELECT>
- </TD>
-</TR>
-<TR>
- <TD> </TD>
- <TD> </TD>
- <TD> </TD>
- <TD><strong>$Lang::tr{'icmp type'}:</strong></TD>
- <TD ALIGN='LEFT'>
- <SELECT NAME='ICMP'>
- <OPTION VALUE='BLANK' $selected{'ICMP'}{'BLANK'}>Valid ICMP Types</OPTION>
-END
-;
-foreach $line (@icmptypes) {
- if ($cgiparams{'ICMP'} eq $line){
- print "<OPTION VALUE='$line' SELECTED>$line</OPTION>\n";
- } else {
- print "<OPTION VALUE='$line' >$line</OPTION>\n";
- }
-}
-print <<END
- </SELECT>
- </TD>
-</TR>
-<TR>
-END
-;
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}){
- print "<TD ALIGN='CENTER'><INPUT TYPE='SUBMIT' NAME='ACTION' VALUE='$Lang::tr{'update'}'></TD>\n";
- print "<INPUT TYPE='HIDDEN' NAME='KEY' VALUE='$cgiparams{'KEY'}'>\n";
- print "<TD ALIGN='CENTER'><INPUT TYPE='SUBMIT' NAME='ACTION' VALUE='$Lang::tr{'reset'}'></TD>\n";
-} else {
- print "<TD ALIGN='CENTER'><INPUT TYPE='SUBMIT' NAME='ACTION' VALUE='$Lang::tr{'add'}'></TD>\n";
- print "<TD ALIGN='CENTER'><INPUT TYPE='SUBMIT' NAME='ACTION' VALUE='$Lang::tr{'reset'}'></TD>\n";
-}
-print <<END
-</TR>
-</TABLE>
-</DIV>
-</FORM>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'LEFT', "$Lang::tr{'custom services'}:");
-print <<END
-<DIV ALIGN='CENTER'>
-<TABLE WIDTH='100%' ALIGN='CENTER'>
-<TR align="center">
-END
-;
-
-if ($sort_dir eq 'asc' && $sort_col eq '2') {
- print "<TD WIDTH='25%'><strong><a href='services.cgi?sortcol=2&srtype=a&srtdir=dsc' title='$Lang::tr{'sort descending'}'>$Lang::tr{'servicename'}</a></strong></TD>\n";
-} else {
- print "<TD WIDTH='25%'><strong><a href='services.cgi?sortcol=2&srtype=a&srtdir=asc' title='$Lang::tr{'sort ascending'}'>$Lang::tr{'servicename'}</a></strong></TD>\n";
-}
-if ($sort_dir eq 'asc' && $sort_col eq '3') {
- print "<TD WIDTH='25%'><strong><a href='services.cgi?sortcol=3&srtype=n&srtdir=dsc' title='$Lang::tr{'sort descending'}'>$Lang::tr{'ports'}</a></strong></TD>\n";
-} else {
- print "<TD WIDTH='25%'><strong><a href='services.cgi?sortcol=3&srtype=n&srtdir=asc' title='$Lang::tr{'sort ascending'}'>$Lang::tr{'ports'}</a></strong></TD>\n";
-}
-if ($sort_dir eq 'asc' && $sort_col eq '4') {
- print "<TD WIDTH='25%'><strong><a href='services.cgi?sortcol=4&srtype=a&srtdir=dsc' title='$Lang::tr{'sort descending'}'>$Lang::tr{'protocol'}</a></strong></TD>\n";
-} else {
- print "<TD WIDTH='25%'><strong><a href='services.cgi?sortcol=4&srtype=a&srtdir=asc' title='$Lang::tr{'sort ascending'}'>$Lang::tr{'protocol'}</a></strong></TD>\n";
-}
-
-print <<END
- <TD WIDTH='25%'><strong>$Lang::tr{'icmp type'}</strong></TD>
- <TD WIDTH='5%'> </TD>
- <TD WIDTH='5%'> </TD>
-</TR>
-END
-;
-&display_custom_services();
-print <<END
-</TABLE>
-</DIV>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'LEFT', "$Lang::tr{'default services'}:");
-print <<END
-<DIV ALIGN='CENTER'>
-<TABLE WIDTH='100%' ALIGN='CENTER'>
-<TR align="center">
- <TD><strong>$Lang::tr{'servicename'}</strong></TD>
- <TD><strong>$Lang::tr{'ports'}</strong></TD>
- <TD><strong>$Lang::tr{'protocol'}</strong></TD>
-</TR>
-END
-;
-&display_default_services();
-print <<END
-</TABLE>
-</DIV>
-END
-;
-&Header::closebox();
-
- print "$Lang::tr{'this feature has been sponsored by'} : ";
- print "<A HREF='http://www.kdi.ca/' TARGET='_blank'>Kobelt Development Inc.</A>.\n";
-
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub display_custom_services
-{
-
- open(FILE, "$filename") or die 'Unable to open services file.';
- my @current = <FILE>;
- close(FILE);
-
- my $id = 0;
- my $port_inv = '';
- my $prot_inv = '';
- my $port_inv_tail = '';
- my $prot_inv_tail = '';
- my @outarray = &General::srtarray($sort_col,$sort_type,$sort_dir,@current);
- foreach $line (@outarray)
- {
- chomp($line);
- if ($line ne ''){
- my @temp = split(/\,/,$line);
- # Darren Critchley highlight the row we are editing
- if ( $cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'KEY'} eq $temp[0] ) {
- print "<TR BGCOLOR='${Header::colouryellow}'>\n";
- } else {
- if ($id % 2) {
- print "<TR BGCOLOR='${Header::table1colour}'>\n";
- } else {
- print "<TR BGCOLOR='${Header::table2colour}'>\n";
- }
- }
- print "<TD>$temp[1]</TD>\n";
- if ($temp[4] eq 'on'){$port_inv = " <strong><font color='RED'>! (</font></strong>";$port_inv_tail = "<strong><font color='RED'>)</font></strong>";}else{$port_inv='';$port_inv_tail='';}
- print "<TD ALIGN='CENTER'>" . $port_inv . &cleanport("$temp[2]") . $port_inv_tail . "</TD>\n";
- if ($temp[5] eq 'on'){$prot_inv = " <strong><font color='RED'>! (</font></strong>";$prot_inv_tail = "<strong><font color='RED'>)</font></strong>";}else{$prot_inv='';$prot_inv_tail='';}
- print "<TD ALIGN='CENTER'>" . $prot_inv . &cleanprotocol("$temp[3]") . $prot_inv_tail . "</TD>\n";
- if ($temp[6] eq 'BLANK') {
- print "<TD ALIGN='CENTER'>N/A</TD>\n";
- } else {
- print "<TD ALIGN='CENTER'>$temp[6]</TD>\n";
- }
- print <<END
-<FORM METHOD='POST' NAME='frm$temp[0]'>
-<TD ALIGN='CENTER'>
- <INPUT TYPE='hidden' NAME='ACTION' VALUE='$Lang::tr{'edit'}'>
- <INPUT TYPE='image' NAME='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' width='20' height='20' border='0'>
- <INPUT TYPE='hidden' NAME='KEY' VALUE='$temp[0]'>
-</TD>
-</FORM>
-<FORM METHOD='POST' NAME='frm$temp[0]b'>
-<TD ALIGN='CENTER'>
- <INPUT TYPE='hidden' NAME='ACTION' VALUE='$Lang::tr{'remove'}'>
- <INPUT TYPE='image' NAME='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' width='20' height='20' border='0'>
- <INPUT TYPE='hidden' NAME='KEY' VALUE='$temp[0]'>
-</TD>
-</FORM>
-END
-;
- print "</TR>\n";
- $id++;
- }
- }
-}
-
-sub display_default_services
-{
- my $fname = "${General::swroot}/firewall/defaultservices";
- my $prev = "";
- my $newline="";
-
- open(FILE, "$fname") or die 'Unable to open default services file.';
- my @current = <FILE>;
- close(FILE);
-
- my $id = 0;
-
- foreach my $line (sort @current)
- {
- my @temp = split(/\,/,$line);
- if ($id % 2) {
- print "<TR BGCOLOR='${Header::table1colour}'>\n";
- } else {
- print "<TR BGCOLOR='${Header::table2colour}'>\n";
- }
- print "<TD>$temp[0]</TD>\n";
- print "<TD ALIGN='CENTER'>$temp[1]</TD>\n";
- print "<TD ALIGN='CENTER'>" . &cleanprotocol("$temp[2]") . "</TD>\n";
- print "</TR>\n";
- $id++;
- }
-}
-
-sub cleanprotocol
-{
- my $prtcl = $_[0];
- chomp($prtcl);
- if ($prtcl eq 'tcpudp') {
- $prtcl = 'TCP & UDP';
- } else {
- $prtcl = uc($prtcl);
- }
- return $prtcl;
-}
-
-sub cleanport
-{
- my $prt = $_[0];
- chomp($prt);
- # Darren Critchley - Format the ports
- $prt =~ s/-/ - /;
- $prt =~ s/:/ - /;
- return $prt;
-}
-
-# Validate Field Entries
-sub validateparams
-{
- $erromessage='';
- if ($cgiparams{'PROTOCOL'} eq 'tcp' || $cgiparams{'PROTOCOL'} eq 'udp' || $cgiparams{'PROTOCOL'} eq 'tcpudp' || $cgiparams{'PROTOCOL'} eq 'all') {
- # Darren Critchley - Get rid of dashes in port ranges
- $cgiparams{'PORTS'}=~ tr/-/:/;
- # Darren Critchley - code to substitue wildcards
- if ($cgiparams{'PORTS'} eq "*") {
- $cgiparams{'PORTS'} = "1:65535";
- }
- if ($cgiparams{'PORTS'} =~ /^(\D)\:(\d+)$/) {
- $cgiparams{'PORTS'} = "1:$2";
- }
- if ($cgiparams{'PORTS'} =~ /^(\d+)\:(\D)$/) {
- $cgiparams{'PORTS'} = "$1:65535";
- }
- # Darren Critchley - watch the order here, the validportrange sets errormessage=''
- $errormessage = &General::validportrange($cgiparams{'PORTS'}, 'src');
- if ($errormessage) {return;}
- } else {
- $cgiparams{'PORTS'} = "";
- }
- if ($cgiparams{'PROTOCOL'} eq 'tcp') {
- $cgiparams{'ICMP'} = "BLANK";
- }
-
- if($cgiparams{'PORTS'} eq '' && $cgiparams{'PORT_INVERT'} ne 'off'){
- $cgiparams{'PORT_INVERT'} = 'off';
- }
- if ($cgiparams{'NAME'} eq '') {
- $errormessage = $Lang::tr{'noservicename'};
- return;
- }
- if ($cgiparams{'PROTOCOL'} eq 'icmp' && $cgiparams{'ICMP'} eq 'BLANK'){
- $errormessage = $Lang::tr{'icmp selected but no type'};
- return;
- }
- unless($errormessage){
- $cgiparams{'NAME'}=&Header::cleanhtml($cgiparams{'NAME'});
- open(FILE, $filename) or die 'Unable to open custom services file.';
- my @current = <FILE>;
- close(FILE);
- foreach my $line (@current)
- {
- chomp($line);
- if ($line ne '') {
- my @temp = split(/\,/,$line);
- if ($cgiparams{'NAME'} eq $temp[1] && $cgiparams{'KEY'} ne $temp[0]) {
- $errormessage=$Lang::tr{'duplicate name'};
- return;
- }
- $key=$temp[0];
- }
- }
- unless($errormessage){
- my $fname = "${General::swroot}/firewall/defaultservices";
- my $prev = "";
- my $newline="";
-
- open(FILE, "$fname") or die 'Unable to open default services file.';
- my @current = <FILE>;
- close(FILE);
-
- foreach my $line (sort @current)
- {
- my @temp = split(/\,/,$line);
- if ($cgiparams{'NAME'} eq $temp[0]) {
- $errormessage=$Lang::tr{'duplicate name'};
- return;
- }
- }
- }
- }
-}
-
-sub get_icmptypes
-{
- my $fname = "${General::swroot}/firewall/icmptypes";
- my $newline="";
- my @newarray=();
-
- open(FILE, "$fname") or die 'Unable to open icmp file.';
- my @current = <FILE>;
- close(FILE);
-
- foreach $newline (sort @current)
- {
- chomp ($newline);
- if (substr($newline, 0, 1) ne "#") {
- push (@newarray, $newline);
- }
- }
- return (@newarray);
-}
-
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-my $data_last = $ENV{'QUERY_STRING'};
-my $rxb_last = 0;
-my $txb_last = 0;
-
-my (@fields, $field, $name, $value);
-@fields = split(/&/, $data_last);
-foreach $field (@fields) {
- ($name, $value) = split(/=/, $field);
- $value =~ tr/+/ /;
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- if ("$name" eq "rxb_last") {
- $rxb_last = $value;
- } elsif ("$name" eq "txb_last") {
- $txb_last = $value;
- }
-}
-
-my @data_now = `ip -s link show red0`;
-
-my $lastline;
-my $rxb_now = 0;
-my $txb_now = 0;
-foreach (@data_now) {
- if ( $lastline =~ /RX/ ) {
- @fields = split(/ /, $_);
- $rxb_now = $fields[4];
- } elsif ( $lastline =~ /TX/ ) {
- @fields = split(/ /, $_);
- $txb_now = $fields[4];
- }
- $lastline = $_;
-}
-
-my ($rx_kbs, $tx_kbs);
-my $rxb_diff = $rxb_now - $rxb_last;
-my $txb_diff = $txb_now - $txb_last;
-
-if(( $rxb_diff == $rxb_now ) && ( $txb_diff == $txb_now ))
-{
- $rx_kbs = "0";
- $tx_kbs = "0";
-}
-else
-{
- $rx_kbs = $rxb_diff / 1024;
- $rx_kbs = $rx_kbs / 3.2;
- $rx_kbs = int($rx_kbs);
- $tx_kbs = $txb_diff / 1024;
- $tx_kbs = $tx_kbs / 3.2;
- $tx_kbs = int($tx_kbs);
-}
-
-print "Content-type: text/xml\n\n";
-print "<?xml version=\"1.0\"?>\n";
-print <<END
-<inetinfo>
- <rx_kbs>$tx_kbs kb/s</rx_kbs>
- <tx_kbs>$rx_kbs kb/s</tx_kbs>
- <rxb>$rxb_now</rxb>
- <txb>$txb_now</txb>
-</inetinfo>
-END
-;
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/graphs.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colourred} );
-undef (@dummy);
-
-my %netsettings=();
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my %cgiparams=();
-# Maps a nice printable name to the changing part of the pid file, which
-# is also the name of the program
-my %servicenames =
-(
- $Lang::tr{'dhcp server'} => 'dhcpd',
- $Lang::tr{'web server'} => 'httpd',
- $Lang::tr{'cron server'} => 'fcron',
- $Lang::tr{'dns proxy server'} => 'dnsmasq',
- $Lang::tr{'logging server'} => 'syslogd',
- $Lang::tr{'kernel logging server'} => 'klogd',
- $Lang::tr{'ntp server'} => 'ntpd',
- $Lang::tr{'secure shell server'} => 'sshd',
- $Lang::tr{'vpn'} => 'pluto',
- $Lang::tr{'web proxy'} => 'squid',
- 'OpenVPN' => 'openvpn'
-);
-
-my $iface = '';
-if (open(FILE, "${General::swroot}/red/iface"))
-{
- $iface = <FILE>;
- close FILE;
- chomp $iface;
-}
-$servicenames{"$Lang::tr{'intrusion detection system'} (RED)"} = "snort_${iface}";
-$servicenames{"$Lang::tr{'intrusion detection system'} (GREEN)"} = "snort_$netsettings{'GREEN_DEV'}";
-if ($netsettings{'ORANGE_DEV'} ne '') {
- $servicenames{"$Lang::tr{'intrusion detection system'} (ORANGE)"} = "snort_$netsettings{'ORANGE_DEV'}";
-}
-if ($netsettings{'BLUE_DEV'} ne '') {
- $servicenames{"$Lang::tr{'intrusion detection system'} (BLUE)"} = "snort_$netsettings{'BLUE_DEV'}";
-}
-
-# Generate Graphs from rrd Data
-&Graphs::updatecpugraph ("day");
-&Graphs::updateloadgraph ("day");
-
-&Header::showhttpheaders();
-&Header::getcgihash(\%cgiparams);
-&Header::openpage($Lang::tr{'status information'}, 1, '');
-&Header::openbigbox('100%', 'left');
-
-&Header::openbox('100%', 'center', "CPU $Lang::tr{'graph'}");
-if (-e "$Header::graphdir/cpu-day.png") {
- my $ftime = localtime((stat("$Header::graphdir/cpu-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/graphs.cgi?graph=cpu'>";
- print "<img alt='' src='/graphs/cpu-day.png' border='0' />";
- print "</a>";
-} else {
- print $Lang::tr{'no information available'};
-}
-print "<br />\n";
-&Header::closebox();
-
-&Header::openbox('100%', 'center', "Load $Lang::tr{'graph'}");
-if (-e "$Header::graphdir/load-day.png") {
- my $ftime = localtime((stat("$Header::graphdir/load-day.png"))[9]);
- print "<center><b>$Lang::tr{'the statistics were last updated at'}: $ftime</b></center><br />\n";
- print "<a href='/cgi-bin/graphs.cgi?graph=load'>";
- print "<img alt='' src='/graphs/load-day.png' border='0' />";
- print "</a>";
-} else {
- print $Lang::tr{'no information available'};
-}
-print "<br />\n";
-&Header::closebox();
-
-&Header::openbox('100%', 'left', $Lang::tr{'services'});
-
-print <<END
-<div align='center'>
-<table width='60%' cellspacing='1' border='0'>
-<tr><td align='left'><b>$Lang::tr{'services'}</b></td><td align='center'><b>$Lang::tr{'status'}</b></td><td align='center'><b>PID</b></td><td align='center'><b>$Lang::tr{'memory'}</b></td></tr>
-END
-;
-
-my $key = '';
-foreach $key (sort keys %servicenames)
-{
- print "<tr>\n<td align='left'>$key</td>\n";
- my $shortname = $servicenames{$key};
- my $status = &isrunning($shortname);
- print "$status\n";
- print "</tr>\n";
-}
-
-
-print "</table></div>\n";
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-sub isrunning
-{
- my $cmd = $_[0];
- my $status = "<td align='center' bgcolor='${Header::colourred}'><font color='white'><b>$Lang::tr{'stopped'}</b></font></td><td colspan='2'></td>";
- my $pid = '';
- my $testcmd = '';
- my $exename;
- my @memory;
-
- $cmd =~ /(^[a-z]+)/;
- $exename = $1;
-
- if (open(FILE, "/var/run/${cmd}.pid")){
- $pid = <FILE>; chomp $pid;
- close FILE;
- if (open(FILE, "/proc/${pid}/status")){
- while (<FILE>){
- if (/^Name:\W+(.*)/) {$testcmd = $1; }
- }
- close FILE;
- }
- if (open(FILE, "/proc/${pid}/statm")){
- my $temp = <FILE>;
- @memory = split(/ /,$temp);
- }
- close FILE;
- if ($testcmd =~ /$exename/){$status = "<td align='center' bgcolor='${Header::colourgreen}'><font color='white'><b>$Lang::tr{'running'}</b></font></td><td align='center'>$pid</td><td align='center'>$memory[0] KB</td>";}
- }
-return $status;
-}
-
-sub percentbar
-{
- my $percent = $_[0];
- my $fg = '#a0a0a0';
- my $bg = '#e2e2e2';
-
- if ($percent =~ m/^(\d+)%$/ ){
- print <<END
-<table width='100' border='1' cellspacing='0' cellpadding='0' style='border-width:1px;border-style:solid;border-color:$fg;width:100px;height:10px;'>
-<tr>
-END
-;
- if ($percent eq "100%") {
- print "<td width='100%' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'>"
- } elsif ($percent eq "0%") {
- print "<td width='100%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- } else {
- print "<td width='$percent' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'></td><td width='" . (100-$1) . "%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- }
- print <<END
-<img src='/images/null.gif' width='1' height='1' alt='' /></td></tr></table>
-END
-;
- }
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %timesettings=();
-my $errormessage = '';
-
-&Header::showhttpheaders();
-
-$timesettings{'ACTION'} = '';
-$timesettings{'VALID'} = '';
-
-$timesettings{'ENABLENTP'} = 'off';
-$timesettings{'NTP_ADDR_1'} = '';
-$timesettings{'NTP_ADDR_2'} = '';
-$timesettings{'UPDATE_METHOD'} = 'manually';
-$timesettings{'UPDATE_VALUE'} = '0';
-$timesettings{'UPDATE_PERIOD'} = '';
-$timesettings{'ENABLECLNTP'} = 'off';
-
-&Header::getcgihash(\%timesettings);
-
-if ($timesettings{'ACTION'} eq $Lang::tr{'save'})
-{
- if ($timesettings{'ENABLENTP'} eq 'on')
- {
- if ( ! ( &General::validfqdn($timesettings{'NTP_ADDR_1'}) ||
- &General::validip ($timesettings{'NTP_ADDR_1'})))
- {
- $errormessage = $Lang::tr{'invalid primary ntp'};
- goto ERROR;
- }
- }
- if ($timesettings{'NTP_ADDR_2'})
- {
- if ( ! ( &General::validfqdn($timesettings{'NTP_ADDR_2'}) ||
- &General::validip ($timesettings{'NTP_ADDR_2'})))
- {
- $errormessage = $Lang::tr{'invalid secondary ntp'};
- goto ERROR;
- }
- }
- if (!($timesettings{'NTP_ADDR_1'}) && $timesettings{'NTP_ADDR_2'})
- {
- $errormessage = $Lang::tr{'cannot specify secondary ntp without specifying primary'};
- goto ERROR;
- }
-
- if (!($timesettings{'UPDATE_VALUE'} =~ /^\d+$/) || $timesettings{'UPDATE_VALUE'} <= 0)
- {
- $errormessage = $Lang::tr{'invalid time period'};
- goto ERROR;
- }
-
- if ($timesettings{'ENABLENTP'} ne "on" && $timesettings{'ENABLECLNTP'} eq "on")
- {
- $errormessage = $Lang::tr{'ntp must be enabled to have clients'};
- goto ERROR;
- }
- if ($timesettings{'ENABLENTP'} eq "on" && !($timesettings{'NTP_ADDR_1'}) && !($timesettings{'NTP_ADDR_2'}))
- {
- $errormessage = $Lang::tr{'cannot enable ntp without specifying primary'};
- goto ERROR;
- }
-ERROR:
- if ($errormessage) {
- $timesettings{'VALID'} = 'no'; }
- else {
- $timesettings{'VALID'} = 'yes'; }
-
- &General::writehash("${General::swroot}/time/settings", \%timesettings);
- open(FILE, ">/${General::swroot}/time/settime.conf") or die "Unable to write settime.conf file";
- flock(FILE, 2);
- print FILE "$timesettings{'NTP_ADDR_1'} $timesettings{'NTP_ADDR_2'}\n";
- close FILE;
-
- my $updateperiod=0;
-
- if ($timesettings{'UPDATE_PERIOD'} eq 'daily') {
- $updateperiod = $timesettings{'UPDATE_VALUE'} * 1440; }
- elsif ($timesettings{'UPDATE_PERIOD'} eq 'weekly') {
- $updateperiod = $timesettings{'UPDATE_VALUE'} * 10080; }
- elsif ($timesettings{'UPDATE_PERIOD'} eq 'monthly') {
- $updateperiod = $timesettings{'UPDATE_VALUE'} * 40320; }
- else {
- $updateperiod = $timesettings{'UPDATE_VALUE'} * 60; }
-
- $updateperiod = $updateperiod - 5;
-
- if ($updateperiod <= 5) {
- $updateperiod = 5; }
-
- open(FILE, ">/${General::swroot}/time/counter.conf") or die "Unable to write counter.conf file";
- flock(FILE, 2);
- print FILE "$updateperiod\n";
- close FILE;
-
- if ($timesettings{'ENABLENTP'} eq 'on' && $timesettings{'VALID'} eq 'yes')
- {
- system ('/usr/bin/touch', "${General::swroot}/time/enable");
- system ('/usr/local/bin/timectrl enable >/dev/null 2>&1');
- &General::log($Lang::tr{'ntp syncro enabled'});
- unlink "${General::swroot}/time/counter";
- if ($timesettings{'UPDATE_METHOD'} eq 'periodically')
- {
- open(FILE, ">/${General::swroot}/time/counter") or die "Unable to write counter file";
- flock(FILE, 2);
- print FILE "$updateperiod\n";
- close FILE;
- }
- if ($timesettings{'ENABLECLNTP'} eq 'on') # DPC added to 1.3.1
- {
- system ('/usr/bin/touch', "${General::swroot}/time/allowclients"); # DPC added to 1.3.1
- &General::log($Lang::tr{'ntpd restarted'}); # DPC added to 1.3.1
- } else {
- unlink "${General::swroot}/time/allowclients";
- }
-
- }
- else
- {
- unlink "${General::swroot}/time/enable";
- unlink "${General::swroot}/time/settimenow";
- unlink "${General::swroot}/time/allowclients"; # DPC added to 1.3.1
- system ('/usr/local/bin/timectrl disable >/dev/null 2>&1');
- &General::log($Lang::tr{'ntp syncro disabled'})
- }
- if (! $errormessage) {
- system ('/usr/local/bin/timectrl restart >/dev/null 2>&1'); # DPC added to 1.3.1
- }
-}
-
-# To enter an ' into a pushbutton solution is to use ' in it's definition
-# but returned value when pressed is ' not the code. Cleanhtml recode the ' to enable comparison.
-$timesettings{'ACTION'} = &Header::cleanhtml ($timesettings{'ACTION'});
-if ($timesettings{'ACTION'} eq $Lang::tr{'set time now'} && $timesettings{'ENABLENTP'} eq 'on')
-{
- system ('/usr/bin/touch', "${General::swroot}/time/settimenow");
-}
-
-&General::readhash("${General::swroot}/time/settings", \%timesettings);
-
-if ($timesettings{'VALID'} eq '')
-{
- $timesettings{'ENABLENTP'} = 'off';
- $timesettings{'UPDATE_METHOD'} = 'manually';
- $timesettings{'UPDATE_VALUE'} = '1';
- $timesettings{'UPDATE_PERIOD'} = 'daily';
- $timesettings{'NTP_ADDR_1'} = 'de.pool.ntp.org';
- $timesettings{'NTP_ADDR_2'} = 'pool.ntp.org';
-}
-
-unless ($errormessage) {
- $timesettings{'SETMONTH'} = `date +'%m %e %Y %H %M'|cut -c 1-2`;
- $timesettings{'SETDAY'} = `date +'%m %e %Y %H %M'|cut -c 4-5`;
- $timesettings{'SETYEAR'} = `date +'%m %e %Y %H %M'|cut -c 7-10`;
- $timesettings{'SETHOUR'} = `date +'%m %e %Y %H %M'|cut -c 12-13`;
- $timesettings{'SETMINUTES'} = `date +'%m %e %Y %H %M'|cut -c 15-16`;
- $_=$timesettings{'SETDAY'};
- $timesettings{'SETDAY'}=~ tr/ /0/;
-}
-
-my %selected=();
-my %checked=();
-
-$checked{'ENABLENTP'}{'off'} = '';
-$checked{'ENABLENTP'}{'on'} = '';
-$checked{'ENABLENTP'}{$timesettings{'ENABLENTP'}} = "checked='checked'";
-
-$checked{'ENABLECLNTP'}{'off'} = '';
-$checked{'ENABLECLNTP'}{'on'} = '';
-$checked{'ENABLECLNTP'}{$timesettings{'ENABLECLNTP'}} = "checked='checked'";
-
-$checked{'UPDATE_METHOD'}{'manually'} = '';
-$checked{'UPDATE_METHOD'}{'periodically'} = '';
-$checked{'UPDATE_METHOD'}{$timesettings{'UPDATE_METHOD'}} = "checked='checked'";
-
-$selected{'UPDATE_PERIOD'}{'hourly'} = '';
-$selected{'UPDATE_PERIOD'}{'daily'} = '';
-$selected{'UPDATE_PERIOD'}{'weekly'} = '';
-$selected{'UPDATE_PERIOD'}{'monthly'} = '';
-$selected{'UPDATE_PERIOD'}{$timesettings{'UPDATE_PERIOD'}} = "selected='selected'";
-
-# added to v0.0.4 to refresh screen if syncro event queued
-my $refresh = '';
-if ( -e "${General::swroot}/time/settimenow") {
- $refresh = "<meta http-equiv='refresh' content='60;' />";
-}
-
-&Header::openpage($Lang::tr{'ntp configuration'}, 1, $refresh);
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-# DPC move error message to top so it is seen!
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
- }
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-&Header::openbox('100%', 'left', $Lang::tr{'network time'});
-print <<END
-<table width='100%'>
-<tr>
- <td><input type='checkbox' name='ENABLENTP' $checked{'ENABLENTP'}{'on'} /></td>
- <td width='100%' colspan='4' class='base'>$Lang::tr{'network time from'}</td>
-</tr>
-<tr>
- <td> </td>
- <td width='100%' class='base' colspan='4'>
-END
-;
-
-if ( -e "${General::swroot}/time/lastset")
-{
- print "$Lang::tr{'clock last synchronized at'}\n";
- my $output = `cat ${General::swroot}/time/lastset`;
- print $output;
-}
-else
-{
- print "$Lang::tr{'clock has not been synchronized'}\n";
-}
-
-print <<END
-</td></tr>
-<tr>
- <td> </td>
- <td width='25%' class='base'>$Lang::tr{'primary ntp server'}:</td>
- <td width='25%'><input type='text' name='NTP_ADDR_1' value='$timesettings{'NTP_ADDR_1'}' /></td>
- <td width='25%' class='base'>$Lang::tr{'secondary ntp server'}: <img src='/blob.gif' align='top' alt='*' /></td>
- <td width='25%'><input type='text' name='NTP_ADDR_2' value='$timesettings{'NTP_ADDR_2'}' /></td>
-</tr>
-<tr>
- <td> </td>
- <td class='base' colspan='4'><input type='checkbox' name='ENABLECLNTP' $checked{'ENABLECLNTP'}{'on'} /> $Lang::tr{'clenabled'}</td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
- <td colspan='4'><hr /><b>$Lang::tr{'update time'}</b></td>
-</tr>
-<tr>
- <td> </td>
- <td class='base' colspan='2'>$Lang::tr{'set time now help'}</td>
-</tr>
-<tr>
- <td class='base'><input type='radio' name='UPDATE_METHOD' value='periodically' $checked{'UPDATE_METHOD'}{'periodically'} /></td>
- <td width='15%'>$Lang::tr{'every'}: </td>
- <td width='35%'><input type='text' name='UPDATE_VALUE' size='3' maxlength='3' value='$timesettings{'UPDATE_VALUE'}' />
- <select name='UPDATE_PERIOD'>
- <option value='hourly' $selected{'UPDATE_PERIOD'}{'hourly'}>$Lang::tr{'hours'}</option>
- <option value='daily' $selected{'UPDATE_PERIOD'}{'daily'}>$Lang::tr{'days'}</option>
- <option value='weekly' $selected{'UPDATE_PERIOD'}{'weekly'}>$Lang::tr{'weeks'}</option>
- <option value='monthly' $selected{'UPDATE_PERIOD'}{'monthly'}>$Lang::tr{'months'}</option>
- </select></td>
- <td width='50%'> </td>
-</tr>
-<tr>
- <td class='base'><input type='radio' name='UPDATE_METHOD' value='manually' $checked{'UPDATE_METHOD'}{'manually'} /></td>
- <td colspan='2'>$Lang::tr{'manually'}</td>
-</tr>
-END
-;
-
-if ( -e "${General::swroot}/time/settimenow") {
- print "<tr>\n<td align='center'><img src='/images/clock.gif' alt='' /></td>\n";
- print "<td colspan='2'><font color='red'>$Lang::tr{'waiting to synchronize clock'}...</font></td></tr>\n";
-}
-print <<END
-</table>
-<br />
-<hr />
-<table width='100%'>
-<tr>
- <td width='30%'><img src='/blob.gif' alt='*' /> $Lang::tr{'this field may be blank'}</td>
- <td width='40%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'set time now'}' /></td>
- <td width='25%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
- <td width='5%' align='right'> </td>
-</tr>
-</table>
-END
-;
-
-&Header::closebox();
-
-print "</form>\n";
-
-&Header::closebigbox();
-
-&Header::closepage();
-
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/net-traffic/net-traffic-admin.pl";
-require "${General::swroot}/net-traffic/net-traffic-lib.pl";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my @dummy = (@NETTRAFF::months, @NETTRAFF::longmonths, $NETTRAFF::colorOk, $NETTRAFF::colorWarn, $NETTRAFF::colorMax);
-undef(@dummy);
-
-my %cgiparams;
-my %pppsettings;
-my %netsettings;
-
-&General::readhash("${General::swroot}/ppp/settings", \%pppsettings);
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-my @now = localtime(time);
-
-$now[5] = $now[5]+1900;
-
-$cgiparams{'STARTYEAR'} = $now[5];
-$cgiparams{'STARTMONTH'} = $now[4];
-
-my $startDay = '1';
-my $endDay = '1';
-
-if($NETTRAFF::settings{'MONTHLY_VOLUME_ON'} eq 'on')
-{
- $startDay = $NETTRAFF::settings{'STARTDAY'};
- $endDay = $NETTRAFF::settings{'STARTDAY'};
-}
-
-# this periode started last month
-if ($now[3] < $startDay)
-{
- # when current month is january we start in last year december
- if ($now[4] == 0) {
- $cgiparams{'STARTYEAR'} = $now[5]-1;
- $cgiparams{'STARTMONTH'} = 11;
- }
- else
- {
- $cgiparams{'STARTYEAR'} = $now[5];
- $cgiparams{'STARTMONTH'} = $now[4]-1;
- }
-}
-
-&Header::getcgihash(\%cgiparams);
-
-my $selectYearALL = "";
-$selectYearALL = 'selected=\'selected\'' if($cgiparams{'STARTYEAR'} eq '????');
-
-my $selectMonthALL = "";
-$selectMonthALL = 'selected=\'selected\'' if($cgiparams{'STARTMONTH'} eq '??');
-
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'sstraffic'}, 1, '');
-&Header::openbigbox('100%', 'left');
-&Header::openbox('100%', 'left', "");
-
-my $firstDayTxt = '';
-
-if($NETTRAFF::settings{'MONTHLY_VOLUME_ON'} eq 'on')
-{
- $firstDayTxt = " ($Lang::tr{'monthly volume start day short'}: $NETTRAFF::settings{'STARTDAY'}.)";
-}
-
-print <<END;
- <table width='100%' align='center'>
- <tr>
- <td width='90%' align='left' nowrap='nowrap'>
- <form method='post' action='/cgi-bin/traffic.cgi'>
- $Lang::tr{'selecttraffic'}$firstDayTxt:
- <select name='STARTMONTH'>
-END
-
-foreach my $month (@NETTRAFF::months)
-{
- print "\t<option ";
- if ("$month" eq "$cgiparams{'STARTMONTH'}") {
- print 'selected=\'selected\' '; }
- print "value='$month'>$NETTRAFF::longmonths[$month]</option>\n";
-}
-
-print <<END;
- <option $selectMonthALL value='??'>$Lang::tr{'allmsg'}</option>
- </select>
- <select name='STARTYEAR'>
-END
-
-for (my $index=0; $index<=$#NETTRAFF::years; $index++) {
- print "\t<option ";
- if ("$NETTRAFF::years[$index]" eq "$cgiparams{'STARTYEAR'}") {
- print 'selected=\'selected\' '; }
- print "value='$NETTRAFF::years[$index]'>$NETTRAFF::years[$index]</option>\n";
-}
-
-print <<END;
- <option $selectYearALL value='????'>$Lang::tr{'allmsg'}</option>
- </select>
- <input type='submit' name='ACTION' value='$Lang::tr{'update'}' />
- </form>
- </td>
- <td width='5%' align='center'>
- <form method='post' action='/cgi-bin/traffics.cgi'>
- <input type='submit' name='ACTION' value=' > ' />
- </form>
- </td>
- </tr>
- </table>
-END
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', "$Lang::tr{'traffics'}");
-
-my $dateWidth = '20%';
-my $netWidth = '34%';
-my $inOutWidth = '17%';
-
-# 4 networks
-if ($netsettings{'CONFIG_TYPE'} =~ /^(4)$/) {
- $dateWidth = '12%';
- $netWidth = '22%';
- $inOutWidth = '11%';
-}
-# 3 networks
-if ($netsettings{'CONFIG_TYPE'} =~ /^(2|3)$/) {
- $dateWidth = '16%';
- $netWidth = '28%';
- $inOutWidth = '14%';
-}
-
-print <<END;
- <table width='100%'>
- <tr>
- <td width='$dateWidth' align='center' class='boldbase'></td>
- <td width='$netWidth' align='center' class='boldbase' ><b>$Lang::tr{'trafficgreen'}</b></td>
-END
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/) {
- print "<td width='$netWidth' align='center' class='boldbase' ><b>$Lang::tr{'trafficblue'}</b></td>";
-}
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/) {
- print "<td width='$netWidth' align='center' class='boldbase' ><b>$Lang::tr{'trafficorange'}</b></td>";
-}
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/) {
- print "<td width='$netWidth' align='center' class='boldbase'><b>$Lang::tr{'trafficred'}</b></td>";
-}
-print <<END;
- </tr>
- </table>
- <table width='100%'>
- <tr>
- <td width='$dateWidth' align='center' class='boldbase'><b>$Lang::tr{'trafficdate'}</b></td>
- <td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourgreen'><b>$Lang::tr{'trafficin'}</b></font></td>
- <td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourgreen'><b>$Lang::tr{'trafficout'}</b></font></td>
-END
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/)
-{
- print "<td width='$inOutWidth' align='center' class='boldbase'><font color='${Header::colourblue}'><b>$Lang::tr{'trafficin'}</b></font></td>";
- print "<td width='$inOutWidth' align='center' class='boldbase'><font color='${Header::colourblue}'><b>$Lang::tr{'trafficout'}</b></font></td>";
-}
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/)
-{
- print "<td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourorange'><b>$Lang::tr{'trafficin'}</b></font></td>";
- print "<td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourorange'><b>$Lang::tr{'trafficout'}</b></font></td>";
-}
-if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/)
-{
-print "<td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourred'><b>$Lang::tr{'trafficin'}</b></font></td>";
-print "<td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourred'><b>$Lang::tr{'trafficout'}</b></font></td>";
-}
-print "</tr>";
-
-my $total_blue_in=0;
-my $total_blue_out=0;
-my $total_green_in=0;
-my $total_green_out=0;
-my $total_orange_in=0;
-my $total_orange_out=0;
-my $total_red_in=0;
-my $total_red_out=0;
-my $lines=0;
-
-
-
-my $startYear = $cgiparams{'STARTYEAR'};
-my $endYear = $cgiparams{'STARTYEAR'};
-my $startMonth = $cgiparams{'STARTMONTH'};
-my $endMonth = $cgiparams{'STARTMONTH'};
-my $displayMode = "daily_multi";
-$startDay = '1';
-$endDay = '1';
-my $selectedMonth = '0';
-
-if($NETTRAFF::settings{'MONTHLY_VOLUME_ON'} eq 'on')
-{
- $startDay = $NETTRAFF::settings{'STARTDAY'};
- $endDay = $NETTRAFF::settings{'STARTDAY'};
-}
-
-# "show All ?
-if ($cgiparams{'STARTYEAR'} eq '????')
-{
- # 'show all month' + 'show all years'
- # OR <selected Month> + 'show all years'
-
- # if we have a <selected Month>, we read all traffic but display only the selected month
- if($cgiparams{'STARTMONTH'} ne '??')
- {
- $selectedMonth = $cgiparams{'STARTMONTH'} + 1;
- $selectedMonth = $selectedMonth < 10 ? $selectedMonth = "0".$selectedMonth : $selectedMonth;
- }
-
- $displayMode = "monthly";
- # start with 1970-01-01
- $startYear = 1970;
- $startMonth = '1';
- $startDay = '1';
- # end with next year: 20xx-01-01
- $endYear = $now[5] + 1;
- $endMonth = '1';
- $endDay = '1';
-}
-elsif ($cgiparams{'STARTMONTH'} eq '??')
-{
- # 'show all month' + 200x
- $displayMode = "monthly";
- # start with 200x-01-01
- $startMonth = '1';
- $startDay = '1';
- # end with (200x+1)-01-01
- $endYear = $startYear + 1;
- $endMonth = '1';
- $endDay = '1';
-}
-else
-{
- # no "Show All"
- $startMonth++;
- $endMonth = $endMonth + 2;
-
- # this periode started last month
- if ($now[3] < $startDay)
- {
- # when current month is january we start in last year december
- if ($endMonth == 1) {
- $startYear--;
- $startMonth = 12;
- }
- }
- else
- {
- # when we are in december, this periode ends next year january
- if ($startMonth == 12) {
- $endYear++;
- $endMonth = 1;
- }
- }
-}
-
-
-
-$startMonth = $startMonth < 10 ? $startMonth = "0".$startMonth : $startMonth;
-$endMonth = $endMonth < 10 ? $endMonth = "0".$endMonth : $endMonth;
-$startDay = $startDay < 10 ? $startDay = "0".$startDay : $startDay;
-$endDay = $endDay < 10 ? $endDay = "0".$endDay : $endDay;
-
-my $start = "$startYear$startMonth$startDay";
-my $end = "$endYear$endMonth$endDay";
-
-my %allDaysBytes = ();
-my @allDays = &Traffic::calcTraffic(\%allDaysBytes,$start,$end, $displayMode);
-
-
-foreach (@allDays)
-{
- # special code for: <selected Month> + 'show all years'
- if($cgiparams{'STARTMONTH'} ne '??' && $cgiparams{'STARTYEAR'} eq '????')
- {
- # show only those traffic in the selected month
- if($allDaysBytes{$_}{'Day'} !~ /^\d\d\d\d-$selectedMonth$/)
- {
- next;
- }
- }
-
- $total_green_in += $allDaysBytes{$_}{${Traffic::green_in}};
- $total_green_out += $allDaysBytes{$_}{${Traffic::green_out}};
-
- if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/)
- {
- $total_blue_in += $allDaysBytes{$_}{${Traffic::blue_in}};
- $total_blue_out += $allDaysBytes{$_}{${Traffic::blue_out}};
- }
-
- if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/)
- {
- $total_orange_in += $allDaysBytes{$_}{${Traffic::orange_in}};
- $total_orange_out += $allDaysBytes{$_}{${Traffic::orange_out}};
- }
-
- if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/)
- {
- $total_red_in += $allDaysBytes{$_}{${Traffic::red_in}};
- $total_red_out += $allDaysBytes{$_}{${Traffic::red_out}};
- }
-
- if ($lines % 2) {
- print "<tr bgcolor='$color{'color20'}'>"; }
- else {
- print "<tr bgcolor='$color{'color22'}}'>"; }
-
- printf "<td align='center' nowrap='nowrap'>%s</td>\n", $allDaysBytes{$_}{'Day'};
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::green_in}}/1048576);
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::green_out}}/1048576);
-
- if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/)
- {
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::blue_in}}/1048576);
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::blue_out}}/1048576);
- }
- if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/)
- {
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::orange_in}}/1048576);
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::orange_out}}/1048576);
- }
-
- if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/)
- {
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::red_in}}/1048576);
- printf "<td align='center' nowrap='nowrap'>%.3f</td></tr>\n", ($allDaysBytes{$_}{${Traffic::red_out}}/1048576);
- }
-
- $lines++;
-}
-
-$total_green_in=sprintf("%.2f", ($total_green_in/1048576));
-$total_green_out=sprintf("%.2f", ($total_green_out/1048576));
-$total_blue_in=sprintf("%.2f", ($total_blue_in/1048576));
-$total_blue_out=sprintf("%.2f", ($total_blue_out/1048576));
-$total_orange_in=sprintf("%.2f", ($total_orange_in/1048576));
-$total_orange_out=sprintf("%.2f", ($total_orange_out/1048576));
-$total_red_in=sprintf("%.2f", ($total_red_in/1048576));
-$total_red_out=sprintf("%.2f", ($total_red_out/1048576));
-
-if ($lines % 2) {print "<tr bgcolor='$color{'color20'}'>"; }
-else {print "<tr bgcolor='$color{'color22'}'>"; }
-
-print <<END;
- <td align='center' class='boldbase' height='20' nowrap='nowrap'><b>$Lang::tr{'trafficsum'}</b></td>
- <td align='center' class='boldbase' nowrap='nowrap'><b>$total_green_in MB</b></td>
- <td align='center' class='boldbase' nowrap='nowrap'><b>$total_green_out MB</b></td>
-END
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/)
-{
- print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_blue_in MB</b></td>";
- print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_blue_out MB</b></td>";
-}
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/)
-{
- print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_orange_in MB</b></td>";
- print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_orange_out MB</b></td>";
-}
-if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/)
-{
-print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_red_in MB</b></td>";
-print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_red_out MB</b></td>";
-}
-print "</tr></table>";
-
-if($NETTRAFF::settings{'MONTHLY_VOLUME_ON'} eq 'on')
-{
- my $total_red_all = sprintf("%.2f", ($total_red_in + $total_red_out));
-
- my $color = $NETTRAFF::colorOk;
-
- my $warnTraff = ($NETTRAFF::settings{'MONTHLY_VOLUME'} * $NETTRAFF::settings{'WARN'} / 100);
- if($NETTRAFF::settings{'WARN_ON'} eq 'on'
- && $warnTraff < $total_red_all)
- {
- $color = $NETTRAFF::colorWarn;
- }
- if($NETTRAFF::settings{'MONTHLY_VOLUME'} < $total_red_all)
- {
- $color = $NETTRAFF::colorMax;
- }
-
- print <<END;
- <table width='100%'>
- <tr><td align='center' class='boldbase' nowrap='nowrap' ><b>$Lang::tr{'monthly volume'} ($NETTRAFF::settings{'MONTHLY_VOLUME'} MB)</b></td></tr>
- <tr><td align='center' class='boldbase' nowrap='nowrap' bgcolor='$color'><b>$total_red_all MB</b></td></tr>
- </table>
-END
-}
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/net-traffic/net-traffic-admin.pl";
-require "${General::swroot}/net-traffic/net-traffic-lib.pl";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my %cgiparams;
-my %netsettings;
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-my @days = ( 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 );
-
-my @now = localtime(time);
-
-$now[5] = $now[5]+1900;
-
-$cgiparams{'STARTDAY'} = 10;
-$cgiparams{'STOPDAY'} = 11;
-$cgiparams{'STARTYEAR'} = $now[5];
-$cgiparams{'STOPYEAR'} = $now[5];
-
-if($NETTRAFF::settings{'MONTHLY_VOLUME_ON'} eq 'on')
-{
- $cgiparams{'STARTDAY'} = $NETTRAFF::settings{'STARTDAY'};
- $cgiparams{'STOPDAY'} = $NETTRAFF::settings{'STARTDAY'};
-}
-
-# this periode started last month
-if ($now[3] < $cgiparams{'STARTDAY'}) {
- $cgiparams{'STARTMONTH'} = $now[4]-1;
- $cgiparams{'STOPMONTH'} = $now[4];
- # when current month is january we start in last year december
- if ($cgiparams{'STOPMONTH'} == 0) {
- $cgiparams{'STARTYEAR'} = $now[5]-1;
- $cgiparams{'STARTMONTH'} = 11;
- }
-}
-else {
- $cgiparams{'STARTMONTH'} = $now[4];
- $cgiparams{'STOPMONTH'} = $now[4]+1;
- # when we are in december, this periode ends next year january
- if ($cgiparams{'STARTMONTH'} == 11) {
- $cgiparams{'STOPYEAR'} = $now[5]+1;
- $cgiparams{'STOPMONTH'} = 0;
- }
-}
-
-&Header::getcgihash(\%cgiparams);
-&Header::showhttpheaders();
-&Header::openpage($Lang::tr{'sstraffic'}, 1, '');
-&Header::openbigbox('100%', 'left');
-&Header::openbox('100%', 'left', "");
-
-print <<END;
-<table width='100%' align='center'>
-<tr>
- <td width='90%' class='base' align='center'>
- <form method='post' action='/cgi-bin/traffics.cgi'>
- $Lang::tr{'trafficfrom'}
- <select name='STARTDAY'>
-END
-
-foreach my $day (@days)
-{
- print "\t<option ";
- if ($day == $cgiparams{'STARTDAY'}) {
- print 'selected=\'selected\' '; }
- print "value='$day'>$day</option>\n";
-}
-print <<END;
- </select>
- <select name='STARTMONTH'>
-END
-
-foreach my $month (@NETTRAFF::months)
-{
- print "\t<option ";
- if ($month == $cgiparams{'STARTMONTH'}) {
- print 'selected=\'selected\' '; }
- print "value='$month'>$NETTRAFF::longmonths[$month]</option>\n";
-}
-
-print <<END;
- </select>
- <select name='STARTYEAR'>
-END
-
-foreach my $year (@NETTRAFF::years) {
- print "\t<option ";
- if ($year == $cgiparams{'STARTYEAR'}) {
- print 'selected=\'selected\' '; }
- print "value='$year'>$year</option>\n";
-}
-
-print <<END;
- </select>
- $Lang::tr{'trafficto'}
- <select name='STOPDAY'>
-END
-
-foreach my $day (@days)
-{
- print "\t<option ";
- if ($day == $cgiparams{'STOPDAY'})
- {
- print 'selected=\'selected\' '; }
- print "value='$day'>$day</option>\n";
-}
-
-print <<END;
- </select>
- <select name='STOPMONTH'>
-END
-
-foreach my $month (@NETTRAFF::months)
-{
- print "\t<option ";
- if ($month == $cgiparams{'STOPMONTH'}) {
- print 'selected=\'selected\' '; }
- print "value='$month'>$NETTRAFF::longmonths[$month]</option>\n";
-}
-
-print <<END;
- </select>
- <select name='STOPYEAR'>
-END
-
-foreach my $year (@NETTRAFF::years) {
- print "\t<option ";
- if ($year == $cgiparams{'STOPYEAR'}) {
- print 'selected=\'selected\' '; }
- print "value='$year'>$year</option>\n";
-}
-
-
-print <<END;
- </select>
- <input type='submit' name='ACTION' value='$Lang::tr{'update'}' />
- </form>
- </td>
- <td width='5%' align='center'>
- <form method='post' action='/cgi-bin/traffic.cgi'>
- <input type='submit' name='ACTION' value=' > ' />
- </form>
- </td>
- </tr>
- </table>
-END
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', "$Lang::tr{'traffics'}");
-
-my $dateWidth = '20%';
-my $netWidth = '34%';
-my $inOutWidth = '17%';
-
-# 4 networks
-if ($netsettings{'CONFIG_TYPE'} =~ /^(4)$/) {
- $dateWidth = '12%';
- $netWidth = '22%';
- $inOutWidth = '11%';
-}
-# 3 networks
-if ($netsettings{'CONFIG_TYPE'} =~ /^(2|3)$/) {
- $dateWidth = '16%';
- $netWidth = '28%';
- $inOutWidth = '14%';
-}
-
-print <<END;
- <table width='100%'>
- <tr>
- <td width='$dateWidth' align='center' class='boldbase'></td>
- <td width='$netWidth' align='center' class='boldbase' ><b>$Lang::tr{'trafficgreen'}</b></td>
-END
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/) {
- print "<td width='$netWidth' align='center' class='boldbase' ><b>$Lang::tr{'trafficblue'}</b></td>";
-}
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/) {
- print "<td width='$netWidth' align='center' class='boldbase' ><b>$Lang::tr{'trafficorange'}</b></td>";
-}
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/)
-{
-print "<td width='$netWidth' align='center' class='boldbase'><b>$Lang::tr{'trafficred'}</b></td>";
-}
-print <<END;
- </tr>
- </table>
- <table width='100%'>
- <tr>
- <td width='$dateWidth' align='center' class='boldbase'><b>$Lang::tr{'trafficdate'}</b></td>
- <td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourgreen'><b>$Lang::tr{'trafficin'}</b></font></td>
- <td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourgreen'><b>$Lang::tr{'trafficout'}</b></font></td>
-END
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/)
-{
- print "<td width='$inOutWidth' align='center' class='boldbase'><font color='${Header::colourblue}'><b>$Lang::tr{'trafficin'}</b></font></td>";
- print "<td width='$inOutWidth' align='center' class='boldbase'><font color='${Header::colourblue}'><b>$Lang::tr{'trafficout'}</b></font></td>";
-}
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/)
-{
- print "<td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourorange'><b>$Lang::tr{'trafficin'}</b></font></td>";
- print "<td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourorange'><b>$Lang::tr{'trafficout'}</b></font></td>";
-}
-if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/)
-{
-print "<td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourred'><b>$Lang::tr{'trafficin'}</b></font></td>";
-print "<td width='$inOutWidth' align='center' class='boldbase'><font color='$Header::colourred'><b>$Lang::tr{'trafficout'}</b></font></td>";
-}
-print "</tr>";
-
-my $total_blue_in=0;
-my $total_blue_out=0;
-my $total_green_in=0;
-my $total_green_out=0;
-my $total_orange_in=0;
-my $total_orange_out=0;
-my $total_red_in=0;
-my $total_red_out=0;
-my $lines=0;
-
-
-my $startyear = $cgiparams{'STARTYEAR'};
-my $stopyear = $cgiparams{'STOPYEAR'};
-
-my $startMonth = $cgiparams{'STARTMONTH'}+1;
-$startMonth = $startMonth < 10 ? $startMonth = "0".$startMonth : $startMonth;
-
-my $endMonth = $cgiparams{'STOPMONTH'}+1;
-$endMonth = $endMonth < 10 ? $endMonth = "0".$endMonth : $endMonth;
-
-my $startDay = $cgiparams{'STARTDAY'};
-$startDay = $startDay < 10 ? $startDay = "0".$startDay : $startDay;
-
-my $endDay = $cgiparams{'STOPDAY'}+1;
-$endDay = $endDay < 10 ? $endDay = "0".$endDay : $endDay;
-
-my $displayMode = "daily_multi";
-my $start = $startyear.$startMonth.$startDay;
-my $end = $stopyear.$endMonth.$endDay;
-
-my %allDaysBytes = ();
-my @allDays = &Traffic::calcTraffic(\%allDaysBytes,$start,$end, $displayMode);
-
-
-foreach (@allDays) {
- $total_green_in += $allDaysBytes{$_}{${Traffic::green_in}};
- $total_green_out += $allDaysBytes{$_}{${Traffic::green_out}};
-
- if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/)
- {
- $total_blue_in += $allDaysBytes{$_}{${Traffic::blue_in}};
- $total_blue_out += $allDaysBytes{$_}{${Traffic::blue_out}};
- }
-
- if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/)
- {
- $total_orange_in += $allDaysBytes{$_}{${Traffic::orange_in}};
- $total_orange_out += $allDaysBytes{$_}{${Traffic::orange_out}};
- }
-
- if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/)
- {
- $total_red_in += $allDaysBytes{$_}{${Traffic::red_in}};
- $total_red_out += $allDaysBytes{$_}{${Traffic::red_out}};
- }
-
- if ($lines % 2) {
- print "<tr bgcolor='$color{'color20'}'>"; }
- else {
- print "<tr bgcolor='$color{'color22'}'>"; }
-
- printf "<td align='center' nowrap='nowrap'>%s</td>\n", $allDaysBytes{$_}{'Day'};
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::green_in}}/1048576);
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::green_out}}/1048576);
-
- if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/)
- {
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::blue_in}}/1048576);
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::blue_out}}/1048576);
- }
- if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/)
- {
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::orange_in}}/1048576);
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::orange_out}}/1048576);
- }
- if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/)
- {
- printf "<td align='center' nowrap='nowrap'>%.3f</td>\n", ($allDaysBytes{$_}{${Traffic::red_in}}/1048576);
- printf "<td align='center' nowrap='nowrap'>%.3f</td></tr>\n", ($allDaysBytes{$_}{${Traffic::red_out}}/1048576);
- }
- $lines++;
-}
-
-$total_green_in=sprintf("%.2f", ($total_green_in/1048576));
-$total_green_out=sprintf("%.2f", ($total_green_out/1048576));
-$total_blue_in=sprintf("%.2f", ($total_blue_in/1048576));
-$total_blue_out=sprintf("%.2f", ($total_blue_out/1048576));
-$total_orange_in=sprintf("%.2f", ($total_orange_in/1048576));
-$total_orange_out=sprintf("%.2f", ($total_orange_out/1048576));
-$total_red_in=sprintf("%.2f", ($total_red_in/1048576));
-$total_red_out=sprintf("%.2f", ($total_red_out/1048576));
-
-if ($lines % 2) {print "<tr bgcolor='$color{'color20'}'>"; }
-else {print "<tr bgcolor='$color{'color22'}'>"; }
-
-print <<END;
- <td align='center' class='boldbase' height='20' nowrap='nowrap'><b>$Lang::tr{'trafficsum'}</b></td>
- <td align='center' class='boldbase' nowrap='nowrap'><b>$total_green_in MB</b></td>
- <td align='center' class='boldbase' nowrap='nowrap'><b>$total_green_out MB</b></td>
-END
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(3|4)$/)
-{
- print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_blue_in MB</b></td>";
- print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_blue_out MB</b></td>";
-}
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(2|4)$/)
-{
- print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_orange_in MB</b></td>";
- print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_orange_out MB</b></td>";
-}
-
-if ($netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/)
-{
-print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_red_in MB</b></td>";
-print "<td align='center' class='boldbase' nowrap='nowrap'><b>$total_red_out MB</b></td>";
-}
-print "</tr></table>";
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %tripwiresettings = ();
-my %checked = ();
-my %netsettings = ();
-my $message = "";
-my $errormessage = "";
-my @Logs = `ls -r /var/ipfire/tripwire/report/ 2>/dev/null`;
-my $file = `ls -tr /var/ipfire/tripwire/report/ | tail -1 2>/dev/null`;
-my @cronjobs = `ls /etc/fcron.daily/tripwire* 2>/dev/null`;
-my $Log =$Lang::tr{'no log selected'};
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-############################################################################################################################
-################################################# Tripwire Default Variablen ################################################
-
-$tripwiresettings{'ROOT'} = '/usr/sbin';
-$tripwiresettings{'POLFILE'} = '/var/ipfire/tripwire/tw.pol';
-$tripwiresettings{'DBFILE'} = '/var/ipfire/tripwire/$(HOSTNAME).twd';
-$tripwiresettings{'REPORTFILE'} = '/var/ipfire/tripwire/report/$(DATE).twr';
-$tripwiresettings{'SITEKEYFILE'} = '/var/ipfire/tripwire/site.key';
-$tripwiresettings{'LOCALKEYFILE'} = '/var/ipfire/tripwire/local.key';
-$tripwiresettings{'EDITOR'} = '/usr/bin/vi';
-$tripwiresettings{'LATEPROMPTING'} = 'false';
-$tripwiresettings{'LOOSEDIRECTORYCHECKING'} = 'false';
-$tripwiresettings{'MAILNOVIOLATIONS'} = 'false';
-$tripwiresettings{'EMAILREPORTLEVEL'} = '3';
-$tripwiresettings{'REPORTLEVEL'} = '3';
-$tripwiresettings{'MAILMETHOD'} = 'SENDMAIL';
-$tripwiresettings{'SMTPHOST'} = 'ipfire.myipfire.de';
-$tripwiresettings{'SMTPPORT'} = '25';
-$tripwiresettings{'SYSLOGREPORTING'} = 'false';
-$tripwiresettings{'MAILPROGRAM'} = '/usr/sbin/sendmail -oi -t';
-$tripwiresettings{'SITEKEY'} = 'ipfire';
-$tripwiresettings{'LOCALKEY'} = 'ipfire';
-$tripwiresettings{'ACTION'} = '';
-
-&General::readhash("${General::swroot}/tripwire/settings", \%tripwiresettings);
-
-############################################################################################################################
-######################################################### Tripwire HTML Part ###############################################
-
-&Header::showhttpheaders();
-
-&Header::getcgihash(\%tripwiresettings);
-&Header::openpage('Tripwire', 1,);
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-############################################################################################################################
-############################################### Tripwire Config Datei erstellen ############################################
-
-if ($tripwiresettings{'ACTION'} eq $Lang::tr{'save'})
-{
-system("/usr/local/bin/tripwirectrl readconfig >/dev/null 2>&1");
-open (FILE, ">${General::swroot}/tripwire/twcfg.txt") or die "Can't save tripwire config: $!";
-flock (FILE, 2);
-
-print FILE <<END
-
-ROOT =$tripwiresettings{'ROOT'}
-POLFILE =$tripwiresettings{'POLFILE'}
-DBFILE =$tripwiresettings{'DBFILE'}
-REPORTFILE =$tripwiresettings{'REPORTFILE'}
-SITEKEYFILE =$tripwiresettings{'SITEKEYFILE'}
-LOCALKEYFILE =$tripwiresettings{'LOCALKEYFILE'}
-EDITOR =$tripwiresettings{'EDITOR'}
-LATEPROMPTING =$tripwiresettings{'LATEPROMPTING'}
-LOOSEDIRECTORYCHECKING =$tripwiresettings{'LOOSEDIRECTORYCHECKING'}
-MAILNOVIOLATIONS =$tripwiresettings{'MAILNOVIOLATIONS'}
-EMAILREPORTLEVEL =$tripwiresettings{'EMAILREPORTLEVEL'}
-REPORTLEVEL =$tripwiresettings{'REPORTLEVEL'}
-MAILMETHOD =$tripwiresettings{'MAILMETHOD'}
-SMTPHOST =$tripwiresettings{'SMTPHOST'}
-SMTPPORT =$tripwiresettings{'SMTPPORT'}
-SYSLOGREPORTING =$tripwiresettings{'SYSLOGREPORTING'}
-MAILPROGRAM =$tripwiresettings{'MAILPROGRAM'}
-
-END
-;
-close FILE;
-
-&General::writehash("${General::swroot}/tripwire/settings", \%tripwiresettings);
-system("/usr/local/bin/tripwirectrl lockconfig >/dev/null 2>&1");
-}
-
-############################################################################################################################
-################################################## Sicherheitsabfrage für CGI ##############################################
-
-if ($tripwiresettings{'ACTION'} eq 'addcron')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'add cron'}</b>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <tr><td align='center' colspan='2'>HH<input type='text' size='2' name='HOUR' value='08'/>MM<input type='text' size='2' name='MINUTE' value='00'/><br /><br /></td></tr>
- <tr><td align='right' width='50%'>
- $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' />
- <input type='hidden' name='ACTION' value='addcronyes' /></form></td>
- <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'}
- <input type='hidden' name='ACTION' value='cancel' /></form></td>
- </tr>
- </table>
-END
-;
-}
-
-if ($tripwiresettings{'ACTION'} eq 'globalreset')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'resetglobals'}</b>
- <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'defaultwarning'}<br /><br /></font></td></tr>
- <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' />
- <input type='hidden' name='ACTION' value='globalresetyes' /></form></td>
- <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'}
- <input type='hidden' name='ACTION' value='cancel' /></form></td>
- </tr>
- </table>
-END
-;
-}
-
-if ($tripwiresettings{'ACTION'} eq 'generatepolicypw')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'generatepolicy'}</b>
- <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningpolicy'}<br /><br /></font></td></tr>
- <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'sitekey'}</td><td align='left'><input type='password' name='SITEKEY' value='$tripwiresettings{'SITEKEY'}' size="30" /></td></tr>
- <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'localkey'}</td><td align='left'><input type='password' name='LOCALKEY' value='$tripwiresettings{'LOCALKEY'}' size="30" /><br /><br /></td></tr>
- <tr><td align='right' width='50%'>
- $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' tilte='$Lang::tr{'ok'}' src='/images/edit-redo.png' />
- <input type='hidden' name='ACTION' value='generatepolicyyes' /></form></td>
- <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'}
- <input type='hidden' name='ACTION' value='cancel' /></form></td>
- </tr>
- </table>
-END
-;
-}
-
-if ($tripwiresettings{'ACTION'} eq 'policyresetpw')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'resetpolicy'}</b>
- <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningpolicy'}<br /><br /></font></td></tr>
- <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'sitekey'}</td><td align='left'><input type='password' name='SITEKEY' value='$tripwiresettings{'SITEKEY'}' size="30" /></td></tr>
- <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'localkey'}</td><td align='left'><input type='password' name='LOCALKEY' value='$tripwiresettings{'LOCALKEY'}' size="30" /><br /><br /></td></tr>
- <tr><td align='right' width='50%'>
- $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' />
- <input type='hidden' name='ACTION' value='resetpolicyyes' /></form></td>
- <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'}
- <input type='hidden' name='ACTION' value='cancel' /></form></td>
- </tr>
- </table>
-END
-;
-}
-
-if ($tripwiresettings{'ACTION'} eq 'updatedatabasepw')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'updatedatabase'}</b>
- <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningdatabase'}<br /><br /></font></td></tr>
- <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'localkey'}</td><td align='left'><input type='password' name='LOCALKEY' value='$tripwiresettings{'LOCALKEY'}' size="30" /><br /><br /></td></tr>
- <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' />
- <input type='hidden' name='ACTION' value='updatedatabaseyes' /></form></td>
- <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'}
- <input type='hidden' name='ACTION' value='cancel' /></form></td>
- </tr>
- </table>
-END
-;
-}
-if ($tripwiresettings{'ACTION'} eq 'keyreset')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'keyreset'}</b>
- <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningkeys'}<br /><br /></font></td></tr>
- <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' />
- <input type='hidden' name='ACTION' value='keyresetyes' /></form></td>
- <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'}
- <input type='hidden' name='ACTION' value='cancel' /></form></td>
- </tr>
- </table>
-END
-;
-}
-
-if ($tripwiresettings{'ACTION'} eq 'generatekeys')
- {
- print <<END
- <br />
- <table width='95%' cellspacing='0'>
- <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'generatekeys'}</b>
- <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningkeys'}<br /><br /></font></td></tr>
- <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' />
- <input type='hidden' name='ACTION' value='generatekeysyes' /></form></td>
- <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'}
- <input type='hidden' name='ACTION' value='cancel' /></form></td>
- </tr>
- </table>
-END
-;
-}
-
-############################################################################################################################
-######################################################## Tripwire Funktionen ###############################################
-
-if ($tripwiresettings{'ACTION'} eq 'globalresetyes')
-{
-&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";&Header::closebox();
-$tripwiresettings{'ROOT'} = '/usr/sbin';
-$tripwiresettings{'POLFILE'} = '/var/ipfire/tripwire/tw.pol';
-$tripwiresettings{'DBFILE'} = '/var/ipfire/tripwire/$(HOSTNAME).twd';
-$tripwiresettings{'REPORTFILE'} = '/var/ipfire/tripwire/report/$(DATE).twr';
-$tripwiresettings{'SITEKEYFILE'} = '/var/ipfire/tripwire/site.key';
-$tripwiresettings{'LOCALKEYFILE'} = '/var/ipfire/tripwire/local.key';
-$tripwiresettings{'EDITOR'} = '/usr/bin/vi';
-$tripwiresettings{'LATEPROMPTING'} = 'false';
-$tripwiresettings{'LOOSEDIRECTORYCHECKING'} = 'false';
-$tripwiresettings{'MAILNOVIOLATIONS'} = 'false';
-$tripwiresettings{'EMAILREPORTLEVEL'} = '3';
-$tripwiresettings{'REPORTLEVEL'} = '3';
-$tripwiresettings{'MAILMETHOD'} = 'SENDMAIL';
-$tripwiresettings{'SMTPHOST'} = 'ipfire.myipfire.de';
-$tripwiresettings{'SMTPPORT'} = '25';
-$tripwiresettings{'SYSLOGREPORTING'} = 'false';
-$tripwiresettings{'MAILPROGRAM'} = '/usr/sbin/sendmail -oi -t';
-$tripwiresettings{'SITEKEY'} = 'ipfire';
-$tripwiresettings{'LOCALKEY'} = 'ipfire';
-$tripwiresettings{'ACTION'} = '';
-system("/usr/local/bin/tripwirectrl readconfig >/dev/null 2>&1");
-open (FILE, ">${General::swroot}/tripwire/twcfg.txt") or die "Can't save tripwire config: $!";
-flock (FILE, 2);
-print FILE <<END
-
-ROOT =$tripwiresettings{'ROOT'}
-POLFILE =$tripwiresettings{'POLFILE'}
-DBFILE =$tripwiresettings{'DBFILE'}
-REPORTFILE =$tripwiresettings{'REPORTFILE'}
-SITEKEYFILE =$tripwiresettings{'SITEKEYFILE'}
-LOCALKEYFILE =$tripwiresettings{'LOCALKEYFILE'}
-EDITOR =$tripwiresettings{'EDITOR'}
-LATEPROMPTING =$tripwiresettings{'LATEPROMPTING'}
-LOOSEDIRECTORYCHECKING =$tripwiresettings{'LOOSEDIRECTORYCHECKING'}
-MAILNOVIOLATIONS =$tripwiresettings{'MAILNOVIOLATIONS'}
-EMAILREPORTLEVEL =$tripwiresettings{'EMAILREPORTLEVEL'}
-REPORTLEVEL =$tripwiresettings{'REPORTLEVEL'}
-MAILMETHOD =$tripwiresettings{'MAILMETHOD'}
-SMTPHOST =$tripwiresettings{'SMTPHOST'}
-SMTPPORT =$tripwiresettings{'SMTPPORT'}
-SYSLOGREPORTING =$tripwiresettings{'SYSLOGREPORTING'}
-MAILPROGRAM =$tripwiresettings{'MAILPROGRAM'}
-
-END
-;
-close FILE;
-&General::writehash("${General::swroot}/tripwire/settings", \%tripwiresettings);
-system("/usr/local/bin/tripwirectrl lockconfig >/dev/null 2>&1l");
-system("/usr/local/bin/tripwirectrl keys ipfire ipfire >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire';
-}
-if ($tripwiresettings{'ACTION'} eq 'generatekeysyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl keys $tripwiresettings{'SITEKEY'} $tripwiresettings{'LOCALKEY'} >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire';}
-if ($tripwiresettings{'ACTION'} eq 'keyresetyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl keys ipfire ipfire >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire';}
-if ($tripwiresettings{'ACTION'} eq 'resetpolicyyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl resetpolicy tripwiresettings{'SITEKEY'} $tripwiresettings{'LOCALKEY'} >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire';}
-if ($tripwiresettings{'ACTION'} eq 'generatepolicyyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl generatepolicy $tripwiresettings{'SITEKEY'} $tripwiresettings{'LOCALKEY'} >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire';}
-if ($tripwiresettings{'ACTION'} eq 'updatedatabaseyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl updatedatabase $tripwiresettings{'LOCALKEY'} /var/ipfire/tripwire/report/$file >/dev/null 2>&1");$tripwiresettings{'LOCALKEY'} = 'ipfire';}
-if ($tripwiresettings{'ACTION'} eq 'generatereport'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl generatereport >/dev/null 2>&1");}
-if ($tripwiresettings{'ACTION'} eq 'addcronyes'){system("/usr/local/bin/tripwirectrl addcron $tripwiresettings{'HOUR'} $tripwiresettings{'MINUTE'} >/dev/null 2>&1");}
-if ($tripwiresettings{'ACTION'} eq 'deletecron'){system("/usr/local/bin/tripwirectrl disablecron $tripwiresettings{'CRON'} >/dev/null 2>&1");@cronjobs = `ls /etc/fcron.daily/tripwire* 2>/dev/null`;}
-
-############################################################################################################################
-##################################################### Tripwire globale Optionen ############################################
-
-&Header::openbox('100%', 'center', 'Tripwire');
-print <<END
-<br />
-
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='95%' cellspacing='0'>
-<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'basic options'}</b></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'emailreportlevel'}</td><td align='left'><input type='text' name='EMAILREPORTLEVEL' value='$tripwiresettings{'EMAILREPORTLEVEL'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'reportlevel'}</td><td align='left'><input type='text' name='REPORTLEVEL' value='$tripwiresettings{'REPORTLEVEL'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'mailmethod'}</td><td align='left'><input type='text' name='MAILMETHOD' value='$tripwiresettings{'MAILMETHOD'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'smtphost'}</td><td align='left'><input type='text' name='SMTPHOST' value='$tripwiresettings{'SMTPHOST'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'smtpport'}</td><td align='left'><input type='text' name='SMTPPORT' value='$tripwiresettings{'SMTPPORT'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'mailprogramm'}</td><td align='left'><input type='text' name='MAILPROGRAM' value='$tripwiresettings{'MAILPROGRAM'}' size="30" /></td></tr>
-</table>
-<br />
-<table width='10%' cellspacing='0'>
-<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value=$Lang::tr{'save'} />
- <input type='image' alt='$Lang::tr{'save'}' title='$Lang::tr{'save'}' src='/images/media-floppy.png' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='globalreset' />
- <input type='image' alt='$Lang::tr{'reset'}' title='$Lang::tr{'reset'}' src='/images/reload.gif' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='globalcaption' />
- <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form></td></tr>
-</table>
-</from>
-END
-;
-if ($tripwiresettings{'ACTION'} eq 'globalcaption')
-{
-print <<END
-<br />
-<table width='95%' cellspacing='0'>
-<tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr>
-<tr><td align='right' width='33%'><img src='/images/media-floppy.png' alt='$Lang::tr{'save settings'}' /></td><td align='left'>$Lang::tr{'save settings'}</td></tr>
-<tr><td align='right' width='33%'><img src='/images/reload.gif' alt='$Lang::tr{'restore settings'}' /></td><td align='left'>$Lang::tr{'restore settings'}</td></tr>
-</table>
-END
-;
-
-}
-
-&Header::closebox();
-
-############################################################################################################################
-################################################### Tripwire Init Policy and keygen ########################################
-
-&Header::openbox('100%', 'center', $Lang::tr{'generate tripwire keys and init'});
-print <<END
-<br />
-
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='95%' cellspacing='0'>
-<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'keys'}</b></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'sitekey'}</td><td align='left'><input type='password' name='SITEKEY' value='$tripwiresettings{'SITEKEY'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'localkey'}</td><td align='left'><input type='password' name='LOCALKEY' value='$tripwiresettings{'LOCALKEY'}' size="30" /></td></tr>
-</table>
-<br />
-<table width='10%' cellspacing='0'>
-<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='generatekeys'/>
- <input type='image' alt='$Lang::tr{'generatekeys'}' title='$Lang::tr{'generatekeys'}' src='/images/system-lock-screen.png' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='keyreset' />
- <input type='image' alt='$Lang::tr{'reset'}' title='$Lang::tr{'reset'}' src='/images/reload.gif' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='keycaption' />
- <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form></td></tr>
-</table>
-</from>
-END
-;
-if ($tripwiresettings{'ACTION'} eq 'keycaption')
-{
-print <<END
-<br />
-<table width='95%' cellspacing='0'>
-<tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr>
-<tr><td align='right' width='33%'><img src='/images/system-lock-screen.png' alt='$Lang::tr{'generatekeys'}' /></td><td align='left'>$Lang::tr{'generatekeys'}</td></tr>
-<tr><td align='right' width='33%'><img src='/images/reload.gif' alt='$Lang::tr{'keyreset'}' /></td><td align='left'>$Lang::tr{'keyreset'}</td></tr>
-</table>
-END
-;
-
-}
-
-&Header::closebox();
-
-############################################################################################################################
-################################################# Tripwire general functions ###############################################
-
-&Header::openbox('100%', 'center', $Lang::tr{'tripwire functions'});
-print <<END
-<br />
-
-<table width='95%' cellspacing='0'>
-<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='generatepolicypw'/>
- <input type='image' alt='$Lang::tr{'generatepolicy'}' title='$Lang::tr{'generatepolicy'}' src='/images/document-new.png' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='policyresetpw' />
- <input type='image' alt='$Lang::tr{'resetpolicy'}' title='$Lang::tr{'resetpolicy'}' src='/images/reload.gif' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='generatereport' />
- <input type='image' alt='$Lang::tr{'generatereport'}' title='$Lang::tr{'generatereport'}' src='/images/document-properties.png' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='updatedatabasepw' />
- <input type='image' alt='$Lang::tr{'updatedatabase'}' title='$Lang::tr{'updatedatabase'}' src='/images/network-server.png' /></form></td>
-<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='policycaption' />
- <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form></td></tr>
-</table>
-END
-;
-if ($tripwiresettings{'ACTION'} eq 'policycaption')
-{
-print <<END
-<br />
-<table width='95%' cellspacing='0'>
-<tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr>
-<tr><td align='right' width='33%'><img src='/images/document-new.png' alt='$Lang::tr{'generatepolicy'}' /></td><td align='left'>$Lang::tr{'generatepolicy'}</td></tr>
-<tr><td align='right' width='33%'><img src='/images/reload.gif' alt='$Lang::tr{'resetpolicy'}' /></td><td align='left'>$Lang::tr{'resetpolicy'}</td></tr>
-<tr><td align='right' width='33%'><img src='/images/document-properties.png' alt='$Lang::tr{'generatereport'}' /></td><td align='left'>$Lang::tr{'generatereport'}</td></tr>
-<tr><td align='right' width='33%'><img src='/images/network-server.png' alt='$Lang::tr{'updatedatabase'}' /></td><td align='left'>$Lang::tr{'updatedatabase'}</td></tr>
-</table>
-END
-;
-
-}
-&Header::closebox();
-
-############################################################################################################################
-####################################################### Tripwire Log View ##################################################
-
-&Header::openbox('100%', 'center', $Lang::tr{'tripwire reports'});
-print <<END
-<a name="$Lang::tr{'log view'}"</a>
-<br />
-<form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'log view'}'>
-<table width='95%' cellspacing='0'>
-<tr><td bgcolor='$color{'color20'}' colspan='3' align='left'><b>$Lang::tr{'log view'}</b></td></tr>
-<tr><td colspan='3' align='left'><br /></td></tr>
-<tr><td align='left'><select name='LOG' style="width: 500px">
-END
-;
-foreach my $log (@Logs) {chomp $log;print"<option value='$log'>$log</option>";}
-print <<END
-
-</select></td><td align='left'><input type='hidden' name='ACTION' value='showlog' /><input type='image' alt='view Log' title='view log' src='/images/format-justify-fill.png' /></td></tr>
-</table>
-</form>
-END
-;
-if ($tripwiresettings{'ACTION'} eq 'showlog')
-{
-$Log = qx(/usr/local/bin/tripwirectrl tripwirelog $tripwiresettings{'LOG'});
-$Log=~s/--cfgfile \/var\/ipfire\/tripwire\/tw.cfg --polfile \/var\/ipfire\/tripwire\/tw.pol//g;
-print <<END
-<table width='95%' cellspacing='0'>
-<tr><td><br /></td></tr>
-<tr><td><pre>$Log</pre></td></tr>
-<tr><td><br /></td></tr>
-<tr><td align=center>$tripwiresettings{'LOG'}</td></tr>
-</table>
-END
-;
-
-}
-
-&Header::closebox();
-
-############################################################################################################################
-####################################################### Tripwire Cronjob ##################################################
-#
-#&Header::openbox('100%', 'center', $Lang::tr{'tripwire cronjob'});
-#print <<END
-#<br />
-#<table width='95%' cellspacing='0'>
-#<tr><td colspan='3' align='left'><br /></td></tr>
-#END
-#;
-#foreach my $cronjob (@cronjobs) {chomp $cronjob;my $time=$cronjob; $time=~s/\/etc\/fcron.daily\/tripwire//g;print"<form method='post' action='$ENV{'SCRIPT_NAME'}'><tr><td align='left' colspan='2'>$cronjob at $time daily</td><td><input type='hidden' name='ACTION' value='deletecron' /><input type='hidden' name='CRON' value='$time' /><input type='image' alt='delete cron' src='/images/user-trash.png' /></td></tr></form>";}
-#print <<END
-#</table>
-#<br />
-#<table width='10%' cellspacing='0'>
-#<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
-# <input type='hidden' name='ACTION' value='addcron'/>
-# <input type='image' alt='$Lang::tr{'add cron'}' src='/images/appointment-new.png' /></form></td>
-#<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'>
-# <input type='hidden' name='ACTION' value='croncaption' />
-# <input type='image' alt='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form></td></tr>
-#</table>
-#END
-#;
-
-#if ($tripwiresettings{'ACTION'} eq 'croncaption')
-#{
-#print <<END
-#<br />
-#<table width='95%' cellspacing='0'>
-#<tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr>
-#<tr><td align='right' width='33%'><img src='/images/appointment-new.png' /></td><td align='left'>$Lang::tr{'add cron'}</td></tr>
-#<tr><td align='right' width='33%'><img src='/images/user-trash.png' /></td><td align='left'>$Lang::tr{'delete cron'}</td></tr>
-#</table>
-#END
-#;
-#}
-#
-#&Header::closebox();
-
-&Header::closebigbox();
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-use IO::Socket;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %color = ();
-my %checked=();
-my %selected=();
-my %netsettings=();
-my %mainsettings=();
-my %proxysettings=();
-my %xlratorsettings=();
-my $id=0;
-my $updatefile='';
-my $shortname='';
-my $vendor='';
-my $time='';
-my $filesize=0;
-my $filedate='';
-my $lastaccess='';
-my $lastcheck='';
-
-my $repository = "/srv/web/ipfire/html/updatecache";
-my $hintcolour = '#FFFFCC';
-
-my $sfNoSource='0';
-my $sfOk='1';
-my $sfOutdated='2';
-
-my $not_accessed_last='';
-
-my $errormessage='';
-
-my @repositorylist=();
-my @repositoryfiles=();
-
-my @metadata=();
-
-my $chk_cron_dly = "${General::swroot}/updatexlrator/autocheck/cron.daily";
-my $chk_cron_wly = "${General::swroot}/updatexlrator/autocheck/cron.weekly";
-my $chk_cron_mly = "${General::swroot}/updatexlrator/autocheck/cron.monthly";
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-$xlratorsettings{'ACTION'} = '';
-$xlratorsettings{'ENABLE_LOG'} = 'off';
-$xlratorsettings{'CHILDREN'} = '5';
-$xlratorsettings{'PASSIVE_MODE'} = 'off';
-$xlratorsettings{'MAX_DISK_USAGE'} = '75';
-$xlratorsettings{'LOW_DOWNLOAD_PRIORITY'} = 'off';
-$xlratorsettings{'ENABLE_AUTOCHECK'} = 'off';
-$xlratorsettings{'FULL_AUTOSYNC'} = 'off';
-$xlratorsettings{'NOT_ACCESSED_LAST'} = 'month1';
-
-&Header::getcgihash(\%xlratorsettings);
-
-if ($xlratorsettings{'ACTION'} eq $Lang::tr{'updxlrtr purge'})
-{
- if (($xlratorsettings{'REMOVE_OBSOLETE'} eq 'on') || ($xlratorsettings{'REMOVE_NOSOURCE'} eq 'on') || ($xlratorsettings{'REMOVE_OUTDATED'} eq 'on'))
- {
- @repositorylist = <$repository/*>;
- foreach (@repositorylist)
- {
- if (!-d $_)
- {
- $updatefile = substr($_,rindex($_,"/")+1);
- if (-e "$repository/metadata/$updatefile")
- {
- open (FILE,"$repository/metadata/$updatefile");
- @metadata = <FILE>;
- close FILE;
- chomp(@metadata);
-
- if (($xlratorsettings{'REMOVE_NOSOURCE'} eq 'on') && ($metadata[2] == $sfNoSource))
- {
- unlink("$repository/$updatefile");
- unlink("$repository/metadata/$updatefile");
- }
- if (($xlratorsettings{'REMOVE_OUTDATED'} eq 'on') && ($metadata[2] == $sfOutdated))
- {
- unlink("$repository/$updatefile");
- unlink("$repository/metadata/$updatefile");
- }
- if ($xlratorsettings{'REMOVE_OBSOLETE'} eq 'on')
- {
- if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'week') && ($metadata[-1] < (time - 604800)))
- {
- unlink("$repository/$updatefile");
- unlink("$repository/metadata/$updatefile");
- }
- if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'month1') && ($metadata[-1] < (time - 2505600)))
- {
- unlink("$repository/$updatefile");
- unlink("$repository/metadata/$updatefile");
- }
- if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'month3') && ($metadata[-1] < (time - 7516800)))
- {
- unlink("$repository/$updatefile");
- unlink("$repository/metadata/$updatefile");
- }
- if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'month6') && ($metadata[-1] < (time - 15033600)))
- {
- unlink("$repository/$updatefile");
- unlink("$repository/metadata/$updatefile");
- }
- if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'year') && ($metadata[-1] < (time - 31536000)))
- {
- unlink("$repository/$updatefile");
- unlink("$repository/metadata/$updatefile");
- }
- }
- }
- }
- }
- }
-}
-
-if ($xlratorsettings{'ACTION'} eq $Lang::tr{'save'})
-{
- if (!($xlratorsettings{'CHILDREN'} =~ /^\d+$/) || ($xlratorsettings{'CHILDREN'} < 1))
- {
- $errormessage = $Lang::tr{'updxlrtr invalid num of children'};
- goto ERROR;
- }
- if (!($xlratorsettings{'MAX_DISK_USAGE'} =~ /^\d+$/) || ($xlratorsettings{'MAX_DISK_USAGE'} < 1) || ($xlratorsettings{'MAX_DISK_USAGE'} > 100))
- {
- $errormessage = $Lang::tr{'updxlrtr invalid disk usage'};
- goto ERROR;
- }
-
- &savesettings;
-}
-
-if ($xlratorsettings{'ACTION'} eq $Lang::tr{'updxlrtr save and restart'})
-{
- if (!($xlratorsettings{'CHILDREN'} =~ /^\d+$/) || ($xlratorsettings{'CHILDREN'} < 1))
- {
- $errormessage = $Lang::tr{'updxlrtr invalid num of children'};
- goto ERROR;
- }
- if (!($xlratorsettings{'MAX_DISK_USAGE'} =~ /^\d+$/) || ($xlratorsettings{'MAX_DISK_USAGE'} < 1) || ($xlratorsettings{'MAX_DISK_USAGE'} > 100))
- {
- $errormessage = $Lang::tr{'updxlrtr invalid disk usage'};
- goto ERROR;
- }
- if (!(-e "${General::swroot}/proxy/enable"))
- {
- $errormessage = $Lang::tr{'updxlrtr web proxy service required'};
- goto ERROR;
- }
- if (!($proxysettings{'ENABLE_UPDXLRATOR'} eq 'on'))
- {
- $errormessage = $Lang::tr{'updxlrtr not enabled'};
- goto ERROR;
- }
-
- &savesettings;
-
- system('/usr/local/bin/squidctrl restart >/dev/null 2>&1');
-}
-
-if ($xlratorsettings{'ACTION'} eq $Lang::tr{'updxlrtr remove file'})
-{
- $updatefile = $xlratorsettings{'ID'};
- if (-e "$repository/$updatefile") { unlink("$repository/$updatefile"); }
- $updatefile =~ s/^download\///i;
- if (-e "$repository/metadata/$updatefile") { unlink("$repository/metadata/$updatefile"); }
-}
-
-ERROR:
-
-$not_accessed_last = $xlratorsettings{'NOT_ACCESSED_LAST'};
-undef($xlratorsettings{'NOT_ACCESSED_LAST'});
-
-if (-e "${General::swroot}/updatexlrator/settings") { &General::readhash("${General::swroot}/updatexlrator/settings", \%xlratorsettings); }
-
-if ($xlratorsettings{'NOT_ACCESSED_LAST'} eq '') { $xlratorsettings{'NOT_ACCESSED_LAST'} = $not_accessed_last; } ;
-
-
-$checked{'ENABLE_LOG'}{'off'} = '';
-$checked{'ENABLE_LOG'}{'on'} = '';
-$checked{'ENABLE_LOG'}{$xlratorsettings{'ENABLE_LOG'}} = "checked='checked'";
-$checked{'PASSIVE_MODE'}{'off'} = '';
-$checked{'PASSIVE_MODE'}{'on'} = '';
-$checked{'PASSIVE_MODE'}{$xlratorsettings{'PASSIVE_MODE'}} = "checked='checked'";
-$checked{'LOW_DOWNLOAD_PRIORITY'}{'off'} = '';
-$checked{'LOW_DOWNLOAD_PRIORITY'}{'on'} = '';
-$checked{'LOW_DOWNLOAD_PRIORITY'}{$xlratorsettings{'LOW_DOWNLOAD_PRIORITY'}} = "checked='checked'";
-$checked{'ENABLE_AUTOCHECK'}{'off'} = '';
-$checked{'ENABLE_AUTOCHECK'}{'on'} = '';
-$checked{'ENABLE_AUTOCHECK'}{$xlratorsettings{'ENABLE_AUTOCHECK'}} = "checked='checked'";
-$checked{'FULL_AUTOSYNC'}{'off'} = '';
-$checked{'FULL_AUTOSYNC'}{'on'} = '';
-$checked{'FULL_AUTOSYNC'}{$xlratorsettings{'FULL_AUTOSYNC'}} = "checked='checked'";
-
-$selected{'AUTOCHECK_SCHEDULE'}{$xlratorsettings{'AUTOCHECK_SCHEDULE'}} = "selected='selected'";
-$selected{'NOT_ACCESSED_LAST'}{$xlratorsettings{'NOT_ACCESSED_LAST'}} = "selected='selected'";
-
-# ----------------------------------------------------
-# Settings dialog
-# ----------------------------------------------------
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'updxlrtr configuration'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-}
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}' enctype='multipart/form-data'>\n";
-
-&Header::openbox('100%', 'left', "$Lang::tr{'updxlrtr update accelerator'}");
-
-print <<END
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'updxlrtr common settings'}</b></td>
-</tr>
-<tr>
- <td class='base' width='25%'>$Lang::tr{'updxlrtr enable log'}:</td>
- <td class='base' width='20%'><input type='checkbox' name='ENABLE_LOG' $checked{'ENABLE_LOG'}{'on'} /></td>
- <td class='base' width='25%'>$Lang::tr{'updxlrtr children'}:</td>
- <td class='base' width='30%'><input type='text' name='CHILDREN' value='$xlratorsettings{'CHILDREN'}' size='5' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'updxlrtr passive mode'}:</td>
- <td class='base'><input type='checkbox' name='PASSIVE_MODE' $checked{'PASSIVE_MODE'}{'on'} /></td>
- <td class='base'>$Lang::tr{'updxlrtr max disk usage'}:</td>
- <td class='base'><input type='text' name='MAX_DISK_USAGE' value='$xlratorsettings{'MAX_DISK_USAGE'}' size='1' /> %</td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'updxlrtr low download priority'}:</td>
- <td class='base'><input type='checkbox' name='LOW_DOWNLOAD_PRIORITY' $checked{'LOW_DOWNLOAD_PRIORITY'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'updxlrtr source checkup'}</b></td>
-</tr>
-<tr>
- <td class='base' width='25%'>$Lang::tr{'updxlrtr enable autocheck'}:</td>
- <td class='base' width='20%'><input type='checkbox' name='ENABLE_AUTOCHECK' $checked{'ENABLE_AUTOCHECK'}{'on'} /></td>
- <td class='base' width='25%'>$Lang::tr{'updxlrtr source checkup schedule'}:</td>
- <td class='base' width='30%'>
- <select name='AUTOCHECK_SCHEDULE'>
- <option value='daily' $selected{'AUTOCHECK_SCHEDULE'}{'daily'}>$Lang::tr{'updxlrtr daily'}</option>
- <option value='weekly' $selected{'AUTOCHECK_SCHEDULE'}{'weekly'}>$Lang::tr{'updxlrtr weekly'}</option>
- <option value='monthly' $selected{'AUTOCHECK_SCHEDULE'}{'monthly'}>$Lang::tr{'updxlrtr monthly'}</option>
- </select>
- </td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'updxlrtr full autosync'}:</td>
- <td class='base'><input type='checkbox' name='FULL_AUTOSYNC' $checked{'FULL_AUTOSYNC'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='6'><b>$Lang::tr{'updxlrtr maintenance'}</b></td>
-</tr>
-<tr>
- <td class='base' colspan='3'><input type='submit' name='ACTION' value='$Lang::tr{'updxlrtr purge'}' /> $Lang::tr{'updxlrtr all files'}</td>
- <td class='base' width='25%'><input type='checkbox' name='REMOVE_OBSOLETE' $checked{'REMOVE_OBSOLETE'}{'on'} /> $Lang::tr{'updxlrtr not accessed'}</td>
- <td class='base' colspan='3'><select name='NOT_ACCESSED_LAST'>
- <option value='week' $selected{'NOT_ACCESSED_LAST'}{'week'}>$Lang::tr{'updxlrtr week'}</option>
- <option value='month1' $selected{'NOT_ACCESSED_LAST'}{'month1'}>$Lang::tr{'updxlrtr month'}</option>
- <option value='month3' $selected{'NOT_ACCESSED_LAST'}{'month3'}>$Lang::tr{'updxlrtr 3 months'}</option>
- <option value='month6' $selected{'NOT_ACCESSED_LAST'}{'month6'}>$Lang::tr{'updxlrtr 6 months'}</option>
- <option value='year' $selected{'NOT_ACCESSED_LAST'}{'year'}>$Lang::tr{'updxlrtr year'}</option>
- </select>
- </td>
-</tr>
-<tr>
-</tr>
-<tr>
- <td class='base' width='25%'><input type='checkbox' name='REMOVE_NOSOURCE' $checked{'REMOVE_NOSOURCE'}{'on'} /> $Lang::tr{'updxlrtr marked as'}</td>
- <td class='base' width='3%'><img src='/images/updxl-led-yellow.gif' alt='$Lang::tr{'updxlrtr condition nosource'}' /></td>
- <td class='base' width='17%'>[<i>$Lang::tr{'updxlrtr condition nosource'}</i>]</td>
- <td class='base' width='25%'><input type='checkbox' name='REMOVE_OUTDATED' $checked{'REMOVE_OUTDATED'}{'on'} /> $Lang::tr{'updxlrtr marked as'}</td>
- <td class='base' width='3%'><img src='/images/updxl-led-red.gif' alt='$Lang::tr{'updxlrtr condition outdated'}' /></td>
- <td class='base' width='27%'>[<i>$Lang::tr{'updxlrtr condition outdated'}</i>]</td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td> </td>
- <td align='center' width='45%'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
- <td align='center' width='45%'><input type='submit' name='ACTION' value='$Lang::tr{'updxlrtr save and restart'}' /></td>
- <td> </td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
- <td align='right'>
-
- </td>
-</tr>
-</table>
-END
-;
-
-&Header::closebox();
-
-print "</form>\n";
-
-# ----------------------------------------------------
-# File list dialog
-# ----------------------------------------------------
-
-&Header::openbox('100%', 'left', "$Lang::tr{'updxlrtr current files'}:");
-
-@repositorylist = <$repository/download/*>;
-
-undef @repositoryfiles;
-foreach (@repositorylist)
-{
- if (!-d)
- {
- $updatefile = substr($_,rindex($_,"/")+1);
- $updatefile = "download/$updatefile";
- push(@repositoryfiles,$updatefile);
- }
-}
-
-@repositorylist = <$repository/*>;
-
-foreach (@repositorylist)
-{
- if (!-d) { push(@repositoryfiles,substr($_,rindex($_,"/")+1)); }
-}
-
-if (@repositoryfiles)
-{
- print <<END
-<table width='100%'>
-<colgroup span='2' width='2%'></colgroup>
-<colgroup span='1' width='0*'></colgroup>
-<colgroup span='4' width='5%'></colgroup>
-<colgroup span='1' width='2%'></colgroup>
-<tr>
- <td class='base' align='center'> </td>
- <td class='base' align='center'> </td>
- <td class='base' align='center'><b>$Lang::tr{'updxlrtr filename'}</b></td>
- <td class='base' align='center'><b>$Lang::tr{'updxlrtr filesize'}</b></td>
- <td class='base' align='center'><b>$Lang::tr{'date'}</b></td>
- <td class='base' align='center'><img src='/images/reload.gif' alt='$Lang::tr{'updxlrtr last access'}' /></td>
- <td class='base' align='center'><img src='/images/floppy.gif' alt='$Lang::tr{'updxlrtr last checkup'}' /></td>
- <td class='base' align='center'> </td>
-</tr>
-END
-;
- $id = 0;
- foreach $updatefile (@repositoryfiles)
- {
- $id++;
- if ($id % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n"; }
- else {
- print "<tr bgcolor='$color{'color22'}'>\n"; }
- $filesize = (-s "$repository/$updatefile");
- 1 while $filesize =~ s/^(-?\d+)(\d{3})/$1.$2/;
-
- my ($SECdt,$MINdt,$HOURdt,$DAYdt,$MONTHdt,$YEARdt) = localtime(&getmtime("$repository/$updatefile"));
- $DAYdt = sprintf ("%.02d",$DAYdt);
- $MONTHdt = sprintf ("%.02d",$MONTHdt+1);
- $YEARdt = sprintf ("%.04d",$YEARdt+1900);
- $filedate = $YEARdt."-".$MONTHdt."-".$DAYdt;
-
- $lastaccess = "n/a";
- $lastcheck = "n/a";
- undef @metadata;
-
- $shortname = $updatefile;
- $shortname =~ s/^download\///i;
-
- if (-e "$repository/metadata/$shortname")
- {
- open (FILE,"$repository/metadata/$shortname");
- @metadata = <FILE>;
- close(FILE);
- chomp @metadata;
-
- ($SECdt,$MINdt,$HOURdt,$DAYdt,$MONTHdt,$YEARdt) = localtime($metadata[-1]);
- $DAYdt = sprintf ("%.02d",$DAYdt);
- $MONTHdt = sprintf ("%.02d",$MONTHdt+1);
- $YEARdt = sprintf ("%.04d",$YEARdt+1900);
- if (($metadata[-1] =~ /^\d+/) && ($metadata[-1] >= 1)) { $lastaccess = $YEARdt."-".$MONTHdt."-".$DAYdt; }
-
- ($SECdt,$MINdt,$HOURdt,$DAYdt,$MONTHdt,$YEARdt) = localtime($metadata[3]);
- $DAYdt = sprintf ("%.02d",$DAYdt);
- $MONTHdt = sprintf ("%.02d",$MONTHdt+1);
- $YEARdt = sprintf ("%.04d",$YEARdt+1900);
- if (($metadata[3] =~ /^\d+/) && ($metadata[3] >= 1)) { $lastcheck = $YEARdt."-".$MONTHdt."-".$DAYdt; }
- }
-
- print "\t\t<td align='center' nowrap='nowrap'> ";
- if ($metadata[2] eq $sfNoSource)
- {
- print "<img src='/images/updxl-led-yellow.gif' alt='$Lang::tr{'updxlrtr condition nosource'}' /> </td>\n";
- }
- if ($metadata[2] eq $sfOk)
- {
- print "<img src='/images/updxl-led-green.gif' alt='$Lang::tr{'updxlrtr condition ok'}' /> </td>\n";
- }
- if (($metadata[2] eq $sfOutdated) && (!($updatefile =~ /^download\//i)))
- {
- print "<img src='/images/updxl-led-red.gif' alt='$Lang::tr{'updxlrtr condition outdated'}' /> </td>\n";
- }
- if (($metadata[2] eq $sfOutdated) && ($updatefile =~ /^download\//i))
- {
- print "<img src='/images/updxl-led-blue.gif' alt='$Lang::tr{'updxlrtr condition download'}' /> </td>\n";
- }
- if ($metadata[2] eq '')
- {
- print "<img src='/images/updxl-led-red.gif' alt='$Lang::tr{'updxlrtr condition outdated'}' /> </td>\n";
- }
-
- print "\t\t<td align='center' nowrap='nowrap'> ";
- if ($metadata[1] eq 'Adobe')
- {
- print "<img src='/images/updxl-src-adobe.gif' alt='Adobe' /> </td>\n";
- } elsif ($metadata[1] eq 'Microsoft')
- {
- print "<img src='/images/updxl-src-windows.gif' alt='Microsoft' /> </td>\n";
- } elsif ($metadata[1] eq 'Symantec')
- {
- print "<img src='/images/updxl-src-symantec.gif' alt='Symantec' /> </td>\n";
- } elsif ($metadata[1] eq 'Avira')
- {
- print "<img src='/images/updxl-src-avira.gif' alt='Avira' /> </td>\n";
- } elsif ($metadata[1] eq 'Avast')
- {
- print "<img src='/images/updxl-src-avast.gif' alt='Avast' /> </td>\n";
- } elsif ($metadata[1] eq 'IPFire')
- {
- print "<img src='/images/IPFire.png' width='18' height='18' alt='IPFire' /> </td>\n";
- } elsif ($metadata[1] eq 'Apple')
- {
- print "<img src='/images/updxl-src-apple.gif' alt='Apple' /> </td>\n";
- } elsif ($metadata[1] eq 'Kaspersky')
- {
- print "<img src='/images/updxl-src-kaspersky.gif' alt='Kaspersky' /> </td>\n";
- } elsif ($metadata[1] eq 'Linux')
- {
- print "<img src='/images/tux.png' alt='Linux' /> </td>\n";
- } else
- {
- print "<img src='/images/updxl-src-unknown.gif' alt='$Lang::tr{'updxlrtr unknown'}' /> </td>\n";
- }
-
- $shortname = $updatefile;
- $shortname =~ s/(.*)_[\da-f]*(\.(exe|cab|psf)$)/\1_*\2/i;
- $shortname =~ s/^download\///i;
-
-print <<END
- <td class='base' align='left' title='$updatefile'>$shortname</td>
- <td class='base' align='right' nowrap='nowrap'> $filesize </td>
- <td class='base' align='center' nowrap='nowrap'> $filedate </td>
- <td class='base' align='center' nowrap='nowrap'> $lastaccess </td>
- <td class='base' align='center' nowrap='nowrap'> $lastcheck </td>
- <td align='center'>
- <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'updxlrtr remove file'}' src='/images/delete.gif' title='$Lang::tr{'updxlrtr remove file'}' alt='$Lang::tr{'updxlrtr remove file'}' />
- <input type='hidden' name='ID' value='$updatefile' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'updxlrtr remove file'}' />
- </form>
- </td>
- </tr>
-END
-;
- }
-
-print <<END
-</table>
-<br>
-<table>
- <tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td class='base'> </td>
- <td><img src='/images/reload.gif' alt='$Lang::tr{'updxlrtr last access'}' /></td>
- <td class='base'>$Lang::tr{'updxlrtr last access'}</td>
- <td class='base'> </td>
- <td><img src='/images/floppy.gif' alt='$Lang::tr{'updxlrtr last checkup'}' /></td>
- <td class='base'>$Lang::tr{'updxlrtr last checkup'}</td>
- <td class='base'> </td>
- <td><img src='/images/delete.gif' alt='$Lang::tr{'updxlrtr remove file'}' /></td>
- <td class='base'>$Lang::tr{'updxlrtr remove file'}</td>
- <td class='base'> </td>
- <td class='base'> </td>
- <td class='base'> </td>
- </tr>
- <tr>
- <td colspan='13'></td>
- </tr>
- <tr>
- <td class='base'> $Lang::tr{'status'}:</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-led-green.gif' alt='$Lang::tr{'updxlrtr condition ok'}' /></td>
- <td class='base'>$Lang::tr{'updxlrtr condition ok'}</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-led-yellow.gif' alt='$Lang::tr{'updxlrtr condition nosource'}' /></td>
- <td class='base'>$Lang::tr{'updxlrtr condition nosource'}</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-led-red.gif' alt='$Lang::tr{'updxlrtr condition outdated'}' /></td>
- <td class='base'>$Lang::tr{'updxlrtr condition outdated'}</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-led-blue.gif' alt='$Lang::tr{'updxlrtr condition download'}' /></td>
- <td class='base'>$Lang::tr{'updxlrtr condition download'}</td>
- </tr>
- <tr>
- <td colspan='13'></td>
- </tr>
- <tr>
- <td class='base'> $Lang::tr{'updxlrtr source'}:</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-src-adobe.gif' alt='Adobe' /></td>
- <td class='base'>Adobe</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-src-windows.gif' alt='Microsoft' /></td>
- <td class='base'>Microsoft</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-src-symantec.gif' alt='Symantec' /></td>
- <td class='base'>Symantec</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-src-avira.gif' alt='Avira' /></td>
- <td class='base'>Avira</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-src-apple.gif' alt='Apple' /></td>
- <td class='base'>Apple</td>
- <td class='base'> </td>
- </tr>
- <tr>
- <td class='base' colspan='2'> </td>
- <td align='center'><img src='/images/IPFire.png' width='18' height='18' alt='IPFire' /></td>
- <td class='base'>IPFire</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/tux.png' alt='Linux' /></td>
- <td class='base'>Linux</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-src-avast.gif' alt='Avast' /></td>
- <td class='base'>Avast</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-src-kaspersky.gif' alt='Kaspersky' /></td>
- <td class='base'>Kaspersky</td>
- <td class='base'> </td>
- <td align='center'><img src='/images/updxl-src-unknown.gif' alt='$Lang::tr{'updxlrtr unknown'}' /></td>
- <td class='base'>$Lang::tr{'updxlrtr unknown'}</td>
- <td class='base'> </td>
- </tr>
-</table>
-END
-;
-} else {
-
- print "<i>$Lang::tr{'updxlrtr empty repository'}</i>\n";
-}
-
-print <<END
-<hr>
-
-<table>
-<tr><td class='boldbase'><b>$Lang::tr{'updxlrtr disk usage'}:</b></td></tr>
-</table>
-
-<table cellpadding='3'>
-END
-;
-open(DF,"/bin/df -h $repository|");
-while(<DF>)
-{
- if ($_ =~ m/^Filesystem/ )
- {
- print <<END
-<tr>
-<td align='left' class='base'><i>$Lang::tr{'updxlrtr cache dir'}</i></td>
-<td align='center' class='base'><i>$Lang::tr{'size'}</i></td>
-<td align='center' class='base'><i>$Lang::tr{'used'}</i></td>
-<td align='center' class='base'><i>$Lang::tr{'free'}</i></td>
-<td align='left' class='base' colspan='2'><i>$Lang::tr{'percentage'}</i></td>
-</tr>
-END
-;
- }
- else
- {
- my ($device,$size,$used,$free,$percent,$mount) = split;
- print <<END
-<tr>
-<td>[$repository]</td>
-<td align='right'>$size</td>
-<td align='right'>$used</td>
-<td align='right'>$free</td>
-<td>
-END
-;
- &percentbar($percent);
- print <<END
-</td>
-<td align='right'>$percent</td>
-</tr>
-END
-;
- }
-}
-close DF;
-print "</table>\n";
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-# -------------------------------------------------------------------
-
-sub savesettings
-{
- if (-e $chk_cron_dly) { unlink($chk_cron_dly); }
- if (-e $chk_cron_wly) { unlink($chk_cron_wly); }
- if (-e $chk_cron_mly) { unlink($chk_cron_mly); }
-
- if (($xlratorsettings{'ENABLE_AUTOCHECK'} eq 'on') && ($xlratorsettings{'AUTOCHECK_SCHEDULE'} eq 'daily'))
- {
- symlink("../bin/checkup",$chk_cron_dly)
- } else {
- symlink("/bin/false",$chk_cron_dly)
- }
- if (($xlratorsettings{'ENABLE_AUTOCHECK'} eq 'on') && ($xlratorsettings{'AUTOCHECK_SCHEDULE'} eq 'weekly'))
- {
- symlink("../bin/checkup",$chk_cron_wly)
- } else {
- symlink("/bin/false",$chk_cron_wly)
- }
- if (($xlratorsettings{'ENABLE_AUTOCHECK'} eq 'on') && ($xlratorsettings{'AUTOCHECK_SCHEDULE'} eq 'monthly'))
- {
- symlink("../bin/checkup",$chk_cron_mly)
- } else {
- symlink("/bin/false",$chk_cron_mly)
- }
-
- delete($xlratorsettings{'REMOVE_OBSOLETE'});
- delete($xlratorsettings{'REMOVE_NOSOURCE'});
- delete($xlratorsettings{'REMOVE_OUTDATED'});
-
- &General::writehash("${General::swroot}/updatexlrator/settings", \%xlratorsettings);
-}
-
-# -------------------------------------------------------------------
-
-sub percentbar
-{
- my $percent = $_[0];
- my $fg = '#a0a0a0';
- my $bg = '#e2e2e2';
-
- if ($percent =~ m/^(\d+)%$/ )
- {
- print <<END
-<table width='100' border='1' cellspacing='0' cellpadding='0' style='border-width:1px;border-style:solid;border-color:$fg;width:100px;height:10px;'>
-<tr>
-END
-;
- if ($percent eq "100%") {
- print "<td width='100%' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'>"
- } elsif ($percent eq "0%") {
- print "<td width='100%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- } else {
- print "<td width='$percent' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'></td><td width='" . (100-$1) . "%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- }
- print <<END
-<img src='/images/null.gif' width='1' height='1' alt='' /></td></tr></table>
-END
-;
- }
-}
-
-# -------------------------------------------------------------------
-
-sub getmtime
-{
- my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = stat($_[0]);
-
- return $mtime;
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %upnpsettings = ();
-my %netsettings = ();
-my $message = "";
-my $errormessage = "";
-my %selected= () ;
-
-my %servicenames =('UPnP Daemon' => 'upnpd',);
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-&Header::showhttpheaders();
-############################################################################################################################
-############################################### Setzen von Standartwerten ##################################################
-
-$upnpsettings{'DEBUGMODE'} = '3';
-$upnpsettings{'FORWARDRULES'} = 'yes';
-$upnpsettings{'DOWNSTREAM'} = '1048576';
-$upnpsettings{'UPSTREAM'} = '131072';
-$upnpsettings{'DESCRIPTION'} = 'gatedesc.xml';
-$upnpsettings{'XML'} = '/etc/linuxigd';
-$upnpsettings{'ENABLED'} = 'off';
-$upnpsettings{'friendlyName'} = 'IPFire Gateway';
-### Values that have to be initialized
-$upnpsettings{'ACTION'} = '';
-
-&General::readhash("${General::swroot}/upnp/settings", \%upnpsettings);
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-&Header::getcgihash(\%upnpsettings);
-
-&Header::openpage('UPnP', 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-############################################################################################################################
-################################################### Speichern der Config ###################################################
-
-if ($upnpsettings{'ACTION'} eq $Lang::tr{'save'})
- {
- $upnpsettings{'DOWNSTREAM'} = $upnpsettings{'DOWNSTREAM'} * 1024;
- $upnpsettings{'UPSTREAM'} = $upnpsettings{'UPSTREAM'} * 1024;
- &General::writehash("${General::swroot}/upnp/settings", \%upnpsettings);
-
- open (FILE, ">${General::swroot}/upnp/upnpd.conf") or die "Can't save the upnp config: $!";
- flock (FILE, 2);
-
- print FILE <<END
-
-# UPnP Config by Ipfire Project
-
-debug_mode = $upnpsettings{'DEBUGMODE'}
-insert_forward_rules = $upnpsettings{'FORWARDRULES'}
-forward_chain_name = FORWARD
-prerouting_chain_name = PORTFW
-upstream_bitrate = $upnpsettings{'DOWNSTREAM'}
-downstream_bitrate = $upnpsettings{'UPSTREAM'}
-description_document_name = $upnpsettings{'DESCRIPTION'}
-xml_document_path = $upnpsettings{'XML'}
-
-END
-;
- close FILE;
- system("/usr/local/bin/upnpctrl","upnpxml","$upnpsettings{'friendlyName'}","$upnpsettings{'XML'}","$upnpsettings{'DESCRIPTION'}");
- }
-elsif ($upnpsettings{'ACTION'} eq 'Start')
- {
- $upnpsettings{'ENABLED'} = 'on';
- &General::writehash("${General::swroot}/upnp/settings", \%upnpsettings);
- system("/usr/local/bin/upnpctrl upnpdstart $netsettings{'RED_DEV'} $netsettings{'GREEN_DEV'}");
- }
-elsif ($upnpsettings{'ACTION'} eq 'Stop')
- {
- $upnpsettings{'ENABLED'} = 'off';
- &General::writehash("${General::swroot}/upnp/settings", \%upnpsettings);
- system("/usr/local/bin/upnpctrl stop");
- }
-elsif ($upnpsettings{'ACTION'} eq $Lang::tr{'restart'})
- {
- &General::writehash("${General::swroot}/upnp/settings", \%upnpsettings);
- system("/usr/local/bin/upnpctrl stop");
- system("/usr/local/bin/upnpctrl start $netsettings{'RED_DEV'} $netsettings{'GREEN_DEV'}");
- }
-
-&General::readhash("${General::swroot}/upnp/settings", \%upnpsettings);
-$upnpsettings{'DOWNSTREAM'} = $upnpsettings{'DOWNSTREAM'} / 1024;
-$upnpsettings{'UPSTREAM'} = $upnpsettings{'UPSTREAM'} / 1024;
-
-if ($errormessage)
- {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
- }
-
-############################################################################################################################
-############################################################################################################################
-
-&Header::openbox('100%', 'center', 'UPnP');
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='95%' cellspacing='0'>
-END
-;
-if ( $message ne "" ) {print "<tr><td colspan='3' align='center'><font color='red'>$message</font>";}
-
-my $lines = 0;
-my $key = '';
-foreach $key (sort keys %servicenames)
-{
- print "<tr><td align='left'>$key\n";
- my $shortname = $servicenames{$key};
- my $status = &isrunning($shortname);
- print "$status\n";
- $lines++;
-}
-
-print <<END
-<tr><td align='left'>Alle Dienste:</td><td align='center' colspan='2'>
-<input type='submit' name='ACTION' value='Start' />
-<input type='submit' name='ACTION' value='Stop' />
-<input type='submit' name='ACTION' value='$Lang::tr{'restart'}' />
-</table>
-</form>
-<br />
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<table width='95%' cellspacing='0'>
-<tr><td colspan='2' align='left' bgcolor='$color{'color20'}'><b>$Lang::tr{'options'}</b></td></tr>
-<tr><td align='left' colspan='2'><br /></td></tr>
-<tr><td align='left'>UPnP Device Name:</td><td><input type='text' name='friendlyName' value='$upnpsettings{'friendlyName'}' size="30" /></td></tr>
-<tr><td align='left' colspan='2'><br /></td></tr>
-<tr><td align='left'>Downstream in KB:</td><td><input type='text' name='DOWNSTREAM' value='$upnpsettings{'DOWNSTREAM'}' size="30" /></td></tr>
-<tr><td align='left'>Upstream in KB:</td><td><input type='text' name='UPSTREAM' value='$upnpsettings{'UPSTREAM'}' size="30" /></td></tr>
-<tr><td align='left' colspan='2'><br /></td></tr>
-<tr><td colspan='2' align='center'> <input type='hidden' name='ACTION' value=$Lang::tr{'save'} />
- <input type='image' alt=$Lang::tr{'save'} src='/images/floppy.gif' /></td></tr>
-</table></form>
-END
-;
-&Header::closebox();
-
-&Header::openbox('100%', 'center', 'Aktuell geoeffnete Ports');
-my @output = qx(iptables -t nat -n -L PORTFW);
-my ($outputline, $extip, $extport, $int);
-my @output2;
-print "<table>";
-foreach $outputline (@output) {
- if ( $outputline =~ /^DNAT/ ) {
- @output2 = split(/ /, $outputline);
- $extip = $output2[23];
- $extport = $output2[29];
- $extport =~ s/dpt://;
- $int = "$output2[31]";
- $int =~ s/to://;
- print "<tr><td>$extip:$extport<td align='center'><img src='/images/forward.gif' alt='=>' /><td>$int";
-
- }
-}
-
-print "</table>";
-
-&Header::closebox();
-
-&Header::closebigbox();
-&Header::closepage();
-
-############################################################################################################################
-############################################################################################################################
-
-sub isrunning
- {
- my $cmd = $_[0];
- my $status = "<td bgcolor='${Header::colourred}' align='center'><font color='white'><b>$Lang::tr{'stopped'}</b></font></td>";
- my $pid = '';
- my $testcmd = '';
- my $exename;
-
- $cmd =~ /(^[a-z]+)/;
- $exename = $1;
-
- if (open(FILE, "/var/run/${cmd}.pid"))
- {
- $pid = <FILE>; chomp $pid;
- close FILE;
- if (open(FILE, "/proc/${pid}/status"))
- {
- while (<FILE>)
- {if (/^Name:\W+(.*)/) {$testcmd = $1; }}
- close FILE;
- if ($testcmd =~ /$exename/)
- {$status = "<td bgcolor='${Header::colourgreen}'><font color='white'><b>$Lang::tr{'running'}</b></font></td>";}
- }
- }
-
- return $status;
- }
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-use File::Copy;
-use IO::Socket;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my $http_port='81';
-my %netsettings=();
-my %mainsettings=();
-my %proxysettings=();
-my %filtersettings=();
-my %tcsettings=();
-my %uqsettings=();
-my %besettings=();
-my %updatesettings=();
-my %checked=();
-my %selected=();
-my $id=0;
-my $line='';
-my $i=0;
-my $n=0;
-my $time='';
-my $filesize;
-my $category='';
-my $section='';
-my $blacklist='';
-my $blistbackup='';
-
-my $changed = 'no';
-my $tcfile = "${General::swroot}/urlfilter/timeconst";
-my $uqfile = "${General::swroot}/urlfilter/userquota";
-my $dbdir = "${General::swroot}/urlfilter/blacklists";
-my $editdir = "${General::swroot}/urlfilter/editor";
-my $repository = "/home/httpd/html/repository";
-my $hintcolour = '#FFFFCC';
-
-my $sourceurlfile = "${General::swroot}/urlfilter/autoupdate/autoupdate.urls";
-my $updconffile = "${General::swroot}/urlfilter/autoupdate/autoupdate.conf";
-my $updflagfile = "${General::swroot}/urlfilter/blacklists/.autoupdate.last";
-my $upd_cron_dly = "${General::swroot}/urlfilter/autoupdate/cron.daily";
-my $upd_cron_wly = "${General::swroot}/urlfilter/autoupdate/cron.weekly";
-my $upd_cron_mly = "${General::swroot}/urlfilter/autoupdate/cron.monthly";
-
-my $errormessage='';
-my $updatemessage='';
-my $restoremessage='';
-my $buttontext='';
-my $source_name='';
-my $source_url='';
-my $blacklistage=0;
-
-my @repositorylist=();
-my @repositoryfiles=();
-my @categories=();
-my @selectedcategories=();
-my @filtergroups=();
-my @tclist=();
-my @uqlist=();
-my @source_urllist=();
-my @clients=();
-my @temp=();
-
-my $lastslashpos=0;
-
-my $toggle='';
-my $gif='';
-my $led='';
-my $ldesc='';
-my $gdesc='';
-
-if (! -d $dbdir) { mkdir("$dbdir"); }
-if (! -e $tcfile) { system("touch $tcfile"); }
-if (! -e $uqfile) { system("touch $uqfile"); }
-if (! -e $sourceurlfile) { system("touch $sourceurlfile"); }
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
-
-&readblockcategories;
-
-open(FILE, $tcfile);
-@tclist = <FILE>;
-close(FILE);
-open(FILE, $uqfile);
-@uqlist = <FILE>;
-close(FILE);
-open(FILE, $sourceurlfile);
-@source_urllist = <FILE>;
-close(FILE);
-
-$filtersettings{'ENABLE_CUSTOM_BLACKLIST'} = 'off';
-$filtersettings{'ENABLE_CUSTOM_WHITELIST'} = 'off';
-$filtersettings{'ENABLE_CUSTOM_EXPRESSIONS'} = 'off';
-$filtersettings{'BLOCK_EXECUTABLES'} = 'off';
-$filtersettings{'BLOCK_AUDIO-VIDEO'} = 'off';
-$filtersettings{'BLOCK_ARCHIVES'} = 'off';
-$filtersettings{'ENABLE_REWRITE'} = 'off';
-$filtersettings{'UNFILTERED_CLIENTS'} = '';
-$filtersettings{'BANNED_CLIENTS'} = '';
-$filtersettings{'SHOW_CATEGORY'} = 'off';
-$filtersettings{'SHOW_URL'} = 'off';
-$filtersettings{'SHOW_IP'} = 'off';
-$filtersettings{'ENABLE_DNSERROR'} = 'off';
-$filtersettings{'ENABLE_JPEG'} = 'off';
-$filtersettings{'REDIRECT_PAGE'} = '';
-$filtersettings{'MSG_TEXT_1'} = '';
-$filtersettings{'MSG_TEXT_2'} = '';
-$filtersettings{'MSG_TEXT_3'} = '';
-$filtersettings{'ENABLE_EXPR_LISTS'} = 'off';
-$filtersettings{'BLOCK_IP_ADDR'} = 'off';
-$filtersettings{'BLOCK_ALL'} = 'off';
-$filtersettings{'ENABLE_EMPTY_ADS'} = 'off';
-$filtersettings{'ENABLE_GLOBAL_WHITELIST'} = 'off';
-$filtersettings{'ENABLE_SAFESEARCH'} = 'off';
-$filtersettings{'ENABLE_LOG'} = 'off';
-$filtersettings{'ENABLE_USERNAME_LOG'} = 'off';
-$filtersettings{'ENABLE_CATEGORY_LOG'} = 'off';
-$filtersettings{'CHILDREN'} = '5';
-$filtersettings{'ENABLE_AUTOUPDATE'} = 'off';
-
-$filtersettings{'ACTION'} = '';
-$filtersettings{'VALID'} = '';
-
-&Header::getcgihash(\%filtersettings);
-&Header::getcgihash(\%tcsettings);
-&Header::getcgihash(\%uqsettings);
-&Header::getcgihash(\%besettings);
-
-if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
- ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter save and restart'}) ||
- ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload file'}) ||
- ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter remove file'}) ||
- ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload background'}) ||
- ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload blacklist'}) ||
- ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter backup'}) ||
- ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter restore'}))
-{
-
- @clients = split(/\n/,$filtersettings{'UNFILTERED_CLIENTS'});
- foreach (@clients)
- {
- s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
- if (/.*-.*-.*/) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; }
- @temp = split(/-/);
- foreach (@temp) { unless ((&General::validipormask($_)) || (&General::validipandmask($_))) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; } }
- }
- @clients = split(/\n/,$filtersettings{'BANNED_CLIENTS'});
- foreach (@clients)
- {
- s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
- if (/.*-.*-.*/) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; }
- @temp = split(/-/);
- foreach (@temp) { unless ((&General::validipormask($_)) || (&General::validipandmask($_))) { $errormessage = $Lang::tr{'urlfilter invalid ip or mask error'}; } }
- }
- if ($errormessage) { goto ERROR; }
-
- if (!($filtersettings{'CHILDREN'} =~ /^\d+$/) || ($filtersettings{'CHILDREN'} < 1))
- {
- $errormessage = $Lang::tr{'urlfilter invalid num of children'};
- goto ERROR;
- }
-
- if ((!($filtersettings{'REDIRECT_PAGE'} eq '')) && (!($filtersettings{'REDIRECT_PAGE'} =~ /^https?:\/\//)))
- {
- $filtersettings{'REDIRECT_PAGE'} = "http://".$filtersettings{'REDIRECT_PAGE'};
- }
-
- if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter remove file'})
- {
- if (-e "$repository/$filtersettings{'ID'}") { unlink("$repository/$filtersettings{'ID'}"); }
- $filtersettings{'ACTION'} = $Lang::tr{'urlfilter manage repository'};
- }
-
- if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload file'})
- {
- &Header::getcgihash(\%filtersettings, {'wantfile' => 1, 'filevar' => 'UPLOADFILE'});
-
- $filtersettings{'ACTION'} = $Lang::tr{'urlfilter manage repository'};
- $_ = $filtersettings{'UPLOADFILE'};
- tr/\\/\//;
- $_ = substr($_,rindex($_,"/")+1);
- if ($_) {
- if (copy($filtersettings{'UPLOADFILE'}, "$repository/$_") != 1)
- {
- $errormessage = $!;
- goto ERROR;
- }
- }
-
- }
-
- if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload background'})
- {
- &Header::getcgihash(\%filtersettings, {'wantfile' => 1, 'filevar' => 'BACKGROUND'});
-
- if (copy($filtersettings{'BACKGROUND'}, "/home/httpd/html/images/urlfilter/background.jpg") != 1)
- {
- $errormessage = $!;
- goto ERROR;
- }
- }
-
- if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter upload blacklist'})
- {
- &Header::getcgihash(\%filtersettings, {'wantfile' => 1, 'filevar' => 'UPDATEFILE'});
-
- if (!($filtersettings{'UPDATEFILE'} =~ /.tar.gz$/))
- {
- $errormessage = $Lang::tr{'urlfilter wrong filetype'};
- goto ERROR;
- }
-
- if (copy($filtersettings{'UPDATEFILE'}, "${General::swroot}/urlfilter/blacklists.tar.gz") != 1)
- {
- $errormessage = $!;
- goto ERROR;
- }
-
- if (!(-d "${General::swroot}/urlfilter/update")) { mkdir("${General::swroot}/urlfilter/update"); }
-
- my $exitcode = system("/bin/tar --no-same-owner -xzf ${General::swroot}/urlfilter/blacklists.tar.gz -C ${General::swroot}/urlfilter/update");
-
- if ($exitcode > 0)
- {
- $errormessage = $Lang::tr{'urlfilter tar error'};
- } else {
-
- if (-d "${General::swroot}/urlfilter/update/BL")
- {
- system("mv ${General::swroot}/urlfilter/update/BL ${General::swroot}/urlfilter/update/blacklists");
- }
-
- if (-d "${General::swroot}/urlfilter/update/category")
- {
- system("mv ${General::swroot}/urlfilter/update/category ${General::swroot}/urlfilter/update/blacklists");
- }
-
- if (!(-d "${General::swroot}/urlfilter/update/blacklists"))
- {
- $errormessage = $Lang::tr{'urlfilter invalid content'};
- } else {
- system("cp -r ${General::swroot}/urlfilter/update/blacklists/* $dbdir");
-
- &readblockcategories;
- &readcustomlists;
-
- &writeconfigfile;
-
- $updatemessage = $Lang::tr{'urlfilter upload success'};
- system("${General::swroot}/urlfilter/bin/prebuild.pl &");
- system("logger -t installpackage[urlfilter] \"URL filter blacklist - Blacklist update from local source completed\"");
- }
- }
- if (-d "${General::swroot}/urlfilter/update") { system("rm -rf ${General::swroot}/urlfilter/update"); }
- if (-e "${General::swroot}/urlfilter/blacklists.tar.gz") { unlink("${General::swroot}/urlfilter/blacklists.tar.gz"); }
- if ($errormessage) { goto ERROR; }
- }
-
- if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter backup'})
- {
- $blistbackup = ($filtersettings{'ENABLE_FULLBACKUP'} eq 'on') ? "blacklists" : "blacklists/custom";
- if (system("/bin/tar -C ${General::swroot}/urlfilter -czf ${General::swroot}/urlfilter/backup.tar.gz settings timeconst userquota autoupdate $blistbackup"))
- {
- $errormessage = $Lang::tr{'urlfilter backup error'};
- goto ERROR;
- }
- else
- {
- print "Content-type: application/gzip\n";
- print "Content-length: ";
- print (-s "${General::swroot}/urlfilter/backup.tar.gz");
- print "\n";
- print "Content-disposition: attachment; filename=urlfilter-backup.tar.gz\n\n";
-
- open (FILE, "${General::swroot}/urlfilter/backup.tar.gz");
- while (<FILE>) { print; }
- close (FILE);
-
- if (-e "${General::swroot}/urlfilter/backup.tar.gz") { unlink("${General::swroot}/urlfilter/backup.tar.gz"); }
- exit;
- }
- }
-
- if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter restore'})
- {
- &Header::getcgihash(\%filtersettings, {'wantfile' => 1, 'filevar' => 'UPDATEFILE'});
-
- if (!($filtersettings{'UPDATEFILE'} =~ /.tar.gz$/))
- {
- $errormessage = $Lang::tr{'urlfilter wrong filetype'};
- goto ERROR;
- }
-
- if (!(-d "${General::swroot}/urlfilter/restore")) { mkdir("${General::swroot}/urlfilter/restore"); }
-
- if (copy($filtersettings{'UPDATEFILE'}, "${General::swroot}/urlfilter/backup.tar.gz") != 1)
- {
- $errormessage = $!;
- }
-
- my $exitcode = system("/bin/tar --no-same-owner --preserve-permissions -xzf ${General::swroot}/urlfilter/backup.tar.gz -C ${General::swroot}/urlfilter/restore");
- if ($exitcode > 0)
- {
- $errormessage = $Lang::tr{'urlfilter tar error'};
- } else {
- if (!(-e "${General::swroot}/urlfilter/restore/settings"))
- {
- $errormessage = $Lang::tr{'urlfilter invalid restore file'};
- } else {
- system("cp -rp ${General::swroot}/urlfilter/restore/* ${General::swroot}/urlfilter/");
- &readblockcategories;
- &readcustomlists;
- &writeconfigfile;
-
- $restoremessage = $Lang::tr{'urlfilter restore success'};
- }
- }
-
- if (-e "${General::swroot}/urlfilter/backup.tar.gz") { unlink("${General::swroot}/urlfilter/backup.tar.gz"); }
- if (-d "${General::swroot}/urlfilter/restore") { system("rm -rf ${General::swroot}/urlfilter/restore"); }
- if ($errormessage) { goto ERROR; }
- }
-
- if ($filtersettings{'ACTION'} eq $Lang::tr{'save'})
- {
- $filtersettings{'VALID'} = 'yes';
- &savesettings;
- }
-
- if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter save and restart'})
- {
- if ((!(-e "${General::swroot}/proxy/enable")) && (!(-e "${General::swroot}/proxy/enable_blue")))
- {
- $errormessage = $Lang::tr{'urlfilter web proxy service required'};
- goto ERROR;
- }
- if (!($proxysettings{'ENABLE_FILTER'} eq 'on'))
- {
- $errormessage = $Lang::tr{'urlfilter not enabled'};
- goto ERROR;
- }
-
- $filtersettings{'VALID'} = 'yes';
- &savesettings;
-
- system("chown -R nobody.nobody $dbdir");
-
- if (-e "$dbdir/custom/allowed/domains.db") { unlink("$dbdir/custom/allowed/domains.db"); }
- if (-e "$dbdir/custom/allowed/urls.db") { unlink("$dbdir/custom/allowed/urls.db"); }
- if (-e "$dbdir/custom/blocked/domains.db") { unlink("$dbdir/custom/blocked/domains.db"); }
- if (-e "$dbdir/custom/blocked/urls.db") { unlink("$dbdir/custom/blocked/urls.db"); }
-
- &setpermissions ($dbdir);
-
- system('/usr/local/bin/squidctrl restart >/dev/null 2>&1');
- }
-}
-
-if ($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter set time constraints'}) { $tcsettings{'TCMODE'} = 'on'}
-
-if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'add'}))
-{
- $tcsettings{'TCMODE'}='on';
-
- if (!$tcsettings{'DST'})
- {
- $errormessage=$Lang::tr{'urlfilter dst error'};
- }
-
- if (!$tcsettings{'SRC'})
- {
- $errormessage=$Lang::tr{'urlfilter src error'};
- }
-
- if (!($tcsettings{'TO_HOUR'}.$tcsettings{'TO_MINUTE'} gt $tcsettings{'FROM_HOUR'}.$tcsettings{'FROM_MINUTE'}))
- {
- $errormessage=$Lang::tr{'urlfilter timespace error'};
- }
-
- if (!(($tcsettings{'MON'} eq 'on') || ($tcsettings{'TUE'} eq 'on') || ($tcsettings{'WED'} eq 'on') || ($tcsettings{'THU'} eq 'on') || ($tcsettings{'FRI'} eq 'on') || ($tcsettings{'SAT'} eq 'on') || ($tcsettings{'SUN'} eq 'on')))
- {
- $errormessage=$Lang::tr{'urlfilter weekday error'};
- }
-
- if (!$errormessage)
- {
- # transform to pre1.8 client definitions
- @clients = split(/\n/,$tcsettings{'SRC'});
- undef $tcsettings{'SRC'};
- foreach(@clients)
- {
- s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
- $tcsettings{'SRC'} .= "$_ ";
- }
- $tcsettings{'SRC'} =~ s/\s+$//;
-
- if ($tcsettings{'DST'} =~ /^any/) { $tcsettings{'DST'} = 'any'; }
- if ($tcsettings{'ENABLERULE'} eq 'on') { $tcsettings{'ACTIVE'} = $tcsettings{'ENABLERULE'}; } else { $tcsettings{'ACTIVE'} = 'off'}
-
- $tcsettings{'ENABLERULE'} = 'on';
- if($tcsettings{'EDITING'} eq 'no') {
- open(FILE,">>$tcfile");
- flock FILE, 2;
- print FILE "$tcsettings{'DEFINITION'},$tcsettings{'MON'},$tcsettings{'TUE'},$tcsettings{'WED'},$tcsettings{'THU'},$tcsettings{'FRI'},$tcsettings{'SAT'},$tcsettings{'SUN'},$tcsettings{'FROM_HOUR'},$tcsettings{'FROM_MINUTE'},$tcsettings{'TO_HOUR'},$tcsettings{'TO_MINUTE'},$tcsettings{'SRC'},$tcsettings{'DST'},$tcsettings{'ACCESS'},$tcsettings{'ACTIVE'},$tcsettings{'COMMENT'}\n";
- } else {
- open(FILE, ">$tcfile");
- flock FILE, 2;
- $id = 0;
- foreach $line (@tclist)
- {
- $id++;
- if ($tcsettings{'EDITING'} eq $id) {
- print FILE "$tcsettings{'DEFINITION'},$tcsettings{'MON'},$tcsettings{'TUE'},$tcsettings{'WED'},$tcsettings{'THU'},$tcsettings{'FRI'},$tcsettings{'SAT'},$tcsettings{'SUN'},$tcsettings{'FROM_HOUR'},$tcsettings{'FROM_MINUTE'},$tcsettings{'TO_HOUR'},$tcsettings{'TO_MINUTE'},$tcsettings{'SRC'},$tcsettings{'DST'},$tcsettings{'ACCESS'},$tcsettings{'ACTIVE'},$tcsettings{'COMMENT'}\n";
- } else { print FILE "$line"; }
- }
- }
- close(FILE);
- undef %tcsettings;
- $tcsettings{'CHANGED'}='yes';
- $tcsettings{'TCMODE'}='on';
- $changed = 'yes';
- } else {
- if ($tcsettings{'EDITING'} ne 'no')
- {
- $tcsettings{'ACTION'} = $Lang::tr{'edit'};
- $tcsettings{'ID'} = $tcsettings{'EDITING'};
- }
- }
-}
-
-if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter copy rule'}) && (!$errormessage))
-{
- $id = 0;
- foreach $line (@tclist)
- {
- $id++;
- if ($tcsettings{'ID'} eq $id)
- {
- chomp($line);
- @temp = split(/\,/,$line);
- $tcsettings{'DEFINITION'} = $temp[0];
- $tcsettings{'MON'} = $temp[1];
- $tcsettings{'TUE'} = $temp[2];
- $tcsettings{'WED'} = $temp[3];
- $tcsettings{'THU'} = $temp[4];
- $tcsettings{'FRI'} = $temp[5];
- $tcsettings{'SAT'} = $temp[6];
- $tcsettings{'SUN'} = $temp[7];
- $tcsettings{'FROM_HOUR'} = $temp[8];
- $tcsettings{'FROM_MINUTE'} = $temp[9];
- $tcsettings{'TO_HOUR'} = $temp[10];
- $tcsettings{'TO_MINUTE'} = $temp[11];
- $tcsettings{'SRC'} = $temp[12];
- $tcsettings{'DST'} = $temp[13];
- $tcsettings{'ACCESS'} = $temp[14];
- $tcsettings{'ENABLERULE'} = $temp[15];
- $tcsettings{'COMMENT'} = $temp[16];
- }
- }
- $tcsettings{'TCMODE'}='on';
-}
-
-if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'remove'}))
-{
- $id = 0;
- open(FILE, ">$tcfile");
- flock FILE, 2;
- foreach $line (@tclist)
- {
- $id++;
- unless ($tcsettings{'ID'} eq $id) { print FILE "$line"; }
- }
- close(FILE);
- $tcsettings{'CHANGED'}='yes';
- $tcsettings{'TCMODE'}='on';
-}
-
-if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter restart'}))
-{
- if (!($proxysettings{'ENABLE_FILTER'} eq 'on'))
- {
- $errormessage = $Lang::tr{'urlfilter not enabled'};
- }
- if ((!(-e "${General::swroot}/proxy/enable")) && (!(-e "${General::swroot}/proxy/enable_blue")))
- {
- $errormessage = $Lang::tr{'urlfilter web proxy service required'};
- }
-
- if (!$errormessage) { system('/usr/local/bin/squidctrl restart >/dev/null 2>&1'); }
- $tcsettings{'TCMODE'}='on';
-}
-
-if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'toggle enable disable'}))
-{
- open(FILE, ">$tcfile");
- flock FILE, 2;
- $id = 0;
- foreach $line (@tclist)
- {
- $id++;
- unless ($tcsettings{'ID'} eq $id) { print FILE "$line"; }
- else
- {
- chomp($line);
- @temp = split(/\,/,$line);
- if ($temp[15] eq 'on') { $temp[15] = 'off'; } else { $temp[15] = 'on' }
- print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$temp[4],$temp[5],$temp[6],$temp[7],$temp[8],$temp[9],$temp[10],$temp[11],$temp[12],$temp[13],$temp[14],$temp[15],$temp[16]\n";
- }
- }
- close(FILE);
- $tcsettings{'CHANGED'}='yes';
- $tcsettings{'TCMODE'}='on';
-}
-
-if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang::tr{'edit'}) && (!$errormessage))
-{
- $id = 0;
- foreach $line (@tclist)
- {
- $id++;
- if ($tcsettings{'ID'} eq $id)
- {
- chomp($line);
- @temp = split(/\,/,$line);
- $tcsettings{'DEFINITION'} = $temp[0];
- $tcsettings{'MON'} = $temp[1];
- $tcsettings{'TUE'} = $temp[2];
- $tcsettings{'WED'} = $temp[3];
- $tcsettings{'THU'} = $temp[4];
- $tcsettings{'FRI'} = $temp[5];
- $tcsettings{'SAT'} = $temp[6];
- $tcsettings{'SUN'} = $temp[7];
- $tcsettings{'FROM_HOUR'} = $temp[8];
- $tcsettings{'FROM_MINUTE'} = $temp[9];
- $tcsettings{'TO_HOUR'} = $temp[10];
- $tcsettings{'TO_MINUTE'} = $temp[11];
- $tcsettings{'SRC'} = $temp[12];
- $tcsettings{'DST'} = $temp[13];
- $tcsettings{'ACCESS'} = $temp[14];
- $tcsettings{'ENABLERULE'} = $temp[15];
- $tcsettings{'COMMENT'} = $temp[16];
- }
- }
- $tcsettings{'TCMODE'}='on';
-}
-
-if ((!$errormessage) && (!($tcsettings{'ACTION'} eq $Lang::tr{'urlfilter copy rule'})) && (!($tcsettings{'ACTION'} eq $Lang::tr{'edit'}))) {
- $tcsettings{'ENABLERULE'}='on';
- $tcsettings{'TO_HOUR'}='24';
-}
-
-if ($uqsettings{'ACTION'} eq $Lang::tr{'urlfilter set user quota'}) { $uqsettings{'UQMODE'} = 'on'}
-
-if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{'add'}))
-{
- $uqsettings{'UQMODE'}='on';
-
- if ((!($uqsettings{'TIME_QUOTA'} =~ /^\d+/)) || ($uqsettings{'TIME_QUOTA'} < '1'))
- {
- $errormessage=$Lang::tr{'urlfilter quota time error'};
- }
-
- @temp = split(/\n/,$uqsettings{'QUOTA_USERS'});
- undef $uqsettings{'QUOTA_USERS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $uqsettings{'QUOTA_USERS'} .= $_."\n"; }
- }
-
- if ($uqsettings{'QUOTA_USERS'} eq '')
- {
- $errormessage=$Lang::tr{'urlfilter quota user error'};
- }
-
- $_ = $uqsettings{'QUOTA_USERS'};
- chomp; s/\n/|/g;
- my $quota_users = $_;
-
- if ($uqsettings{'QUOTA_USERS'} =~ /\\/)
- {
- $errormessage=$Lang::tr{'urlfilter invalid user error'};
- }
-
- if (!$errormessage) {
- if ($uqsettings{'ENABLEQUOTA'} eq 'on') { $uqsettings{'ACTIVE'} = $uqsettings{'ENABLEQUOTA'}; } else { $uqsettings{'ACTIVE'} = 'off'}
-
- $uqsettings{'ENABLERULE'} = 'on';
- if($uqsettings{'EDITING'} eq 'no') {
- open(FILE,">>$uqfile");
- flock FILE, 2;
- print FILE "$uqsettings{'TIME_QUOTA'},$uqsettings{'SPORADIC'},$uqsettings{'RENEWAL'},$quota_users,$uqsettings{'ACTIVE'}\n";
- } else {
- open(FILE, ">$uqfile");
- flock FILE, 2;
- $id = 0;
- foreach $line (@uqlist)
- {
- $id++;
- if ($uqsettings{'EDITING'} eq $id) {
- print FILE "$uqsettings{'TIME_QUOTA'},$uqsettings{'SPORADIC'},$uqsettings{'RENEWAL'},$quota_users,$uqsettings{'ACTIVE'}\n";
- } else { print FILE "$line"; }
- }
- }
- close(FILE);
- undef %uqsettings;
- $uqsettings{'CHANGED'}='yes';
- $uqsettings{'MODE'}='USERQUOTA';
- $uqsettings{'UQMODE'}='on';
- $changed = 'yes';
- } else {
- if ($uqsettings{'EDITING'} ne 'no')
- {
- $uqsettings{'ACTION'} = $Lang::tr{'edit'};
- $uqsettings{'ID'} = $uqsettings{'EDITING'};
- }
- }
-}
-
-if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{'remove'}))
-{
- $id = 0;
- open(FILE, ">$uqfile");
- flock FILE, 2;
- foreach $line (@uqlist)
- {
- $id++;
- unless ($uqsettings{'ID'} eq $id) { print FILE "$line"; }
- }
- close(FILE);
- $uqsettings{'CHANGED'}='yes';
- $uqsettings{'UQMODE'}='on';
-}
-
-if (!$errormessage) {
- $uqsettings{'ENABLEQUOTA'}='on';
-}
-
-if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{'edit'}) && (!$errormessage))
-{
- $id = 0;
- foreach $line (@uqlist)
- {
- $id++;
- if ($uqsettings{'ID'} eq $id)
- {
- chomp($line);
- @temp = split(/\,/,$line);
- $uqsettings{'TIME_QUOTA'} = $temp[0];
- $uqsettings{'SPORADIC'} = $temp[1];
- $uqsettings{'RENEWAL'} = $temp[2];
- $uqsettings{'QUOTA_USERS'} = $temp[3];
- $uqsettings{'ENABLEQUOTA'} = $temp[4];
- }
- }
- $uqsettings{'UQMODE'}='on';
-}
-
-if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{'toggle enable disable'}))
-{
- open(FILE, ">$uqfile");
- flock FILE, 2;
- $id = 0;
- foreach $line (@uqlist)
- {
- $id++;
- unless ($uqsettings{'ID'} eq $id) { print FILE "$line"; }
- else
- {
- chomp($line);
- @temp = split(/\,/,$line);
- if ($temp[4] eq 'on') { $temp[4] = 'off'; } else { $temp[4] = 'on' }
- print FILE "$temp[0],$temp[1],$temp[2],$temp[3],$temp[4]\n";
- }
- }
- close(FILE);
- $uqsettings{'CHANGED'}='yes';
- $uqsettings{'UQMODE'}='on';
-}
-
-if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{'urlfilter restart'}))
-{
- if (!($proxysettings{'ENABLE_FILTER'} eq 'on'))
- {
- $errormessage = $Lang::tr{'urlfilter not enabled'};
- }
- if ((!(-e "${General::swroot}/proxy/enable")) && (!(-e "${General::swroot}/proxy/enable_blue")))
- {
- $errormessage = $Lang::tr{'urlfilter web proxy service required'};
- }
-
- if (!$errormessage) { system('/usr/local/bin/squidctrl restart >/dev/null 2>&1'); }
- $uqsettings{'UQMODE'}='on';
-}
-
-if ($besettings{'ACTION'} eq $Lang::tr{'urlfilter blacklist editor'}) { $besettings{'BEMODE'} = 'on'; }
-
-if ($besettings{'MODE'} eq 'BLACKLIST_EDITOR')
-{
- @temp = split(/\n/,$besettings{'BE_DOMAINS'});
- undef $besettings{'BE_DOMAINS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $besettings{'BE_DOMAINS'} .= $_."\n"; }
- }
- chomp($besettings{'BE_DOMAINS'});
- @temp = split(/\n/,$besettings{'BE_URLS'});
- undef $besettings{'BE_URLS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $besettings{'BE_URLS'} .= $_."\n"; }
- }
- chomp($besettings{'BE_URLS'});
- @temp = split(/\n/,$besettings{'BE_EXPRESSIONS'});
- undef $besettings{'BE_EXPRESSIONS'};
- foreach (@temp)
- {
- s/^\s+//g; s/\s+$//g;
- if ($_) { $besettings{'BE_EXPRESSIONS'} .= $_."\n"; }
- }
- chomp($besettings{'BE_EXPRESSIONS'});
-}
-
-if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter load blacklist'}) && ($besettings{'MODE'} = 'BLACKLIST_EDITOR'))
-{
- $besettings{'BEMODE'} = 'on';
-
- $besettings{'BE_NAME'} = $besettings{'BE_BLACKLIST'};
-
- delete $besettings{'BE_DOMAINS'};
- delete $besettings{'BE_URLS'};
- delete $besettings{'BE_EXPRESSIONS'};
-
- if (-e "$dbdir/$besettings{'BE_NAME'}/domains")
- {
- open(FILE, "$dbdir/$besettings{'BE_NAME'}/domains");
- while (<FILE>) { unless ($_ eq '\n') { $besettings{'BE_DOMAINS'} .= $_ } };
- close FILE;
- chomp($besettings{'BE_DOMAINS'});
- }
- if (-e "$dbdir/$besettings{'BE_NAME'}/urls")
- {
- open(FILE, "$dbdir/$besettings{'BE_NAME'}/urls");
- while (<FILE>) { unless ($_ eq '\n') { $besettings{'BE_URLS'} .= $_ } };
- close FILE;
- chomp($besettings{'BE_URLS'});
- }
- if (-e "$dbdir/$besettings{'BE_NAME'}/expressions")
- {
- open(FILE, "$dbdir/$besettings{'BE_NAME'}/expressions");
- while (<FILE>) { unless ($_ eq '\n') { $besettings{'BE_EXPRESSIONS'} .= $_ } };
- close FILE;
- chomp($besettings{'BE_EXPRESSIONS'});
- }
-}
-
-if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter import blacklist'}) && ($besettings{'MODE'} = 'BLACKLIST_EDITOR'))
-{
- $besettings{'BEMODE'} = 'on';
-
- &Header::getcgihash(\%besettings, {'wantfile' => 1, 'filevar' => 'IMPORTFILE'});
-
- if (!($besettings{'IMPORTFILE'} =~ /.tar.gz$/))
- {
- $errormessage = $Lang::tr{'urlfilter wrong filetype'};
- } else {
- if (!-d "$editdir") { mkdir("$editdir"); }
-
- if (copy($besettings{'IMPORTFILE'}, "$editdir/blacklist.tar.gz") != 1)
- {
- $errormessage = $!;
- } else {
-
- my $exitcode = system("/bin/tar --no-same-owner --preserve-permissions -xzf $editdir/blacklist.tar.gz -C $editdir");
- if ($exitcode > 0)
- {
- $errormessage = $Lang::tr{'urlfilter tar error'};
- } else {
- $i = 0;
- foreach (<$editdir/blacklists/*>)
- {
- if (-d)
- {
- $i++;
- $besettings{'BE_NAME'} = substr($_, rindex($_,"/")+1);
- }
- }
-
- if (!($i == 1))
- {
- $errormessage = $Lang::tr{'urlfilter invalid import file'};
- } else {
- delete $besettings{'BE_DOMAINS'};
- delete $besettings{'BE_URLS'};
- delete $besettings{'BE_EXPRESSIONS'};
-
- if (-e "$editdir/blacklists/$besettings{'BE_NAME'}/domains")
- {
- open(FILE, "$editdir/blacklists/$besettings{'BE_NAME'}/domains");
- while (<FILE>) { unless ($_ eq '\n') { $besettings{'BE_DOMAINS'} .= $_ } };
- close FILE;
- chomp($besettings{'BE_DOMAINS'});
- }
- if (-e "$editdir/blacklists/$besettings{'BE_NAME'}/urls")
- {
- open(FILE, "$editdir/blacklists/$besettings{'BE_NAME'}/urls");
- while (<FILE>) { unless ($_ eq '\n') { $besettings{'BE_URLS'} .= $_ } };
- close FILE;
- chomp($besettings{'BE_URLS'});
- }
- if (-e "$editdir/blacklists/$besettings{'BE_NAME'}/expressions")
- {
- open(FILE, "$editdir/blacklists/$besettings{'BE_NAME'}/expressions");
- while (<FILE>) { unless ($_ eq '\n') { $besettings{'BE_EXPRESSIONS'} .= $_ } };
- close FILE;
- chomp($besettings{'BE_EXPRESSIONS'});
- }
- }
- }
-
- if (-d $editdir) { system("rm -rf $editdir"); }
-
- }
- }
-}
-
-if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter export blacklist'}) && ($besettings{'MODE'} = 'BLACKLIST_EDITOR'))
-{
- $besettings{'BEMODE'} = 'on';
-
- if ($besettings{'BE_NAME'} eq '')
- {
- $errormessage = $Lang::tr{'urlfilter category name error'};
- } elsif ($besettings{'BE_DOMAINS'} || $besettings{'BE_URLS'} || $besettings{'BE_EXPRESSIONS'}) {
-
- $_ = $besettings{'BE_NAME'}; tr/A-Z/a-z/; $besettings{'BE_NAME'} = $_;
-
- if (!(-d "$editdir")) { mkdir("$editdir"); }
- if (!(-d "$editdir/blacklists")) { mkdir("$editdir/blacklists"); }
- if (!(-d "$editdir/blacklists/$besettings{'BE_NAME'}")) { mkdir("$editdir/blacklists/$besettings{'BE_NAME'}"); }
-
- open(FILE, ">$editdir/blacklists/$besettings{'BE_NAME'}/domains");
- flock FILE, 2;
- print FILE "$besettings{'BE_DOMAINS'}\n";
- close FILE;
- open(FILE, ">$editdir/blacklists/$besettings{'BE_NAME'}/urls");
- flock FILE, 2;
- print FILE "$besettings{'BE_URLS'}\n";
- close FILE;
- open(FILE, ">$editdir/blacklists/$besettings{'BE_NAME'}/expressions");
- flock FILE, 2;
- print FILE "$besettings{'BE_EXPRESSIONS'}\n";
- close FILE;
-
- if (system("/bin/tar -C $editdir -czf $editdir/$besettings{'BE_NAME'}.tar.gz blacklists"))
- {
- $errormessage = $Lang::tr{'urlfilter export error'};
- }
- else
- {
- print "Content-type: application/gzip\n";
- print "Content-length: ";
- print (-s "$editdir/$besettings{'BE_NAME'}.tar.gz");
- print "\n";
- print "Content-disposition: attachment; filename=$besettings{'BE_NAME'}.tar.gz\n\n";
-
- open (FILE, "$editdir/$besettings{'BE_NAME'}.tar.gz");
- while (<FILE>) { print; }
- close (FILE);
-
- if (-d $editdir) { system("rm -rf $editdir"); }
- exit;
- }
- } else {
- $errormessage = $Lang::tr{'urlfilter category data error'};
- }
-}
-
-if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter install blacklist'}) && ($besettings{'MODE'} = 'BLACKLIST_EDITOR'))
-{
- $besettings{'BEMODE'} = 'on';
-
- if ($besettings{'BE_NAME'} eq '')
- {
- $errormessage = $Lang::tr{'urlfilter category name error'};
- } elsif ($besettings{'BE_DOMAINS'} || $besettings{'BE_URLS'} || $besettings{'BE_EXPRESSIONS'}) {
-
- $_ = $besettings{'BE_NAME'}; tr/A-Z/a-z/; $besettings{'BE_NAME'} = $_;
-
- if (!-d "$editdir") { mkdir("$editdir"); }
-
- if (!-d "$dbdir/$besettings{'BE_NAME'}") { mkdir("$dbdir/$besettings{'BE_NAME'}"); }
-
- if (-e "$dbdir/$besettings{'BE_NAME'}/domains") { unlink("$dbdir/$besettings{'BE_NAME'}/domains"); }
- if ($besettings{'BE_DOMAINS'})
- {
- open(FILE, ">$dbdir/$besettings{'BE_NAME'}/domains");
- flock FILE, 2;
- print FILE "$besettings{'BE_DOMAINS'}\n";
- close FILE;
- }
- if (-e "$dbdir/$besettings{'BE_NAME'}/urls") { unlink("$dbdir/$besettings{'BE_NAME'}/urls"); }
- if ($besettings{'BE_URLS'})
- {
- open(FILE, ">$dbdir/$besettings{'BE_NAME'}/urls");
- flock FILE, 2;
- print FILE "$besettings{'BE_URLS'}\n";
- close FILE;
- }
- if (-e "$dbdir/$besettings{'BE_NAME'}/expressions") { unlink("$dbdir/$besettings{'BE_NAME'}/expressions"); }
- if ($besettings{'BE_EXPRESSIONS'})
- {
- open(FILE, ">$dbdir/$besettings{'BE_NAME'}/expressions");
- flock FILE, 2;
- print FILE "$besettings{'BE_EXPRESSIONS'}\n";
- close FILE;
- }
-
- open(FILE, ">$editdir/install.conf");
- flock FILE, 2;
- print FILE "logdir /var/log/squidGuard\n";
- print FILE "dbhome $dbdir/$besettings{'BE_NAME'}\n\n";
- print FILE "dest $besettings{'BE_NAME'} {\n";
- if ($besettings{'BE_DOMAINS'}) { print FILE " domainlist domains\n"; }
- if ($besettings{'BE_URLS'}) { print FILE " urllist urls\n"; }
- if ($besettings{'BE_EXPRESSIONS'}) { print FILE " expressions expressions\n"; }
- print FILE "}\n\n";
- print FILE "acl {\n";
- print FILE " default {\n";
- print FILE " pass none\n";
- print FILE " }\n";
- print FILE "}\n";
- close FILE;
-
- system("rm -f $dbdir/$besettings{'BE_NAME'}/*.db");
- system("/usr/sbin/squidGuard -c $editdir/install.conf -C all");
- system("chmod a+w $dbdir/$besettings{'BE_NAME'}/*.db");
-
- &readblockcategories;
- &readcustomlists;
-
- &writeconfigfile;
-
- system('/usr/local/bin/squidctrl restart >/dev/null 2>&1') unless ($besettings{'NORESTART'} eq 'on');
-
- if (-d $editdir) { system("rm -rf $editdir"); }
- } else {
- $errormessage = $Lang::tr{'urlfilter category data error'};
- }
-}
-
-if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter save schedule'})
-{
- if (($filtersettings{'UPDATE_SOURCE'} eq 'custom') && ($filtersettings{'CUSTOM_UPDATE_URL'} eq ''))
- {
- $errormessage = $Lang::tr{'urlfilter custom url required'};
- } else {
- open (FILE, ">$updconffile");
- print FILE "ENABLE_AUTOUPDATE=$filtersettings{'ENABLE_AUTOUPDATE'}\n";
- print FILE "UPDATE_SCHEDULE=$filtersettings{'UPDATE_SCHEDULE'}\n";
- print FILE "UPDATE_SOURCE=$filtersettings{'UPDATE_SOURCE'}\n";
- print FILE "CUSTOM_UPDATE_URL=$filtersettings{'CUSTOM_UPDATE_URL'}\n";
- close FILE;
-
- if (-e $upd_cron_dly) { unlink($upd_cron_dly); }
- if (-e $upd_cron_wly) { unlink($upd_cron_wly); }
- if (-e $upd_cron_mly) { unlink($upd_cron_mly); }
-
- if (($filtersettings{'ENABLE_AUTOUPDATE'} eq 'on') && ($filtersettings{'UPDATE_SCHEDULE'} eq 'daily'))
- {
- symlink("../bin/autoupdate.pl",$upd_cron_dly)
- } else {
- symlink("/bin/false",$upd_cron_dly)
- }
-
- if (($filtersettings{'ENABLE_AUTOUPDATE'} eq 'on') && ($filtersettings{'UPDATE_SCHEDULE'} eq 'weekly'))
- {
- symlink("../bin/autoupdate.pl",$upd_cron_wly)
- } else {
- symlink("/bin/false",$upd_cron_wly)
- }
-
- if (($filtersettings{'ENABLE_AUTOUPDATE'} eq 'on') && ($filtersettings{'UPDATE_SCHEDULE'} eq 'monthly'))
- {
- symlink("../bin/autoupdate.pl",$upd_cron_mly)
- } else {
- symlink("/bin/false",$upd_cron_mly)
- }
- }
-}
-
-if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter update now'})
-{
- if ($filtersettings{'UPDATE_SOURCE'} eq 'custom')
- {
- if ($filtersettings{'CUSTOM_UPDATE_URL'} eq '')
- {
- $errormessage = $Lang::tr{'urlfilter custom url required'};
- } else {
- system("${General::swroot}/urlfilter/bin/autoupdate.pl $filtersettings{'CUSTOM_UPDATE_URL'} &");
- }
- } else {
- system("${General::swroot}/urlfilter/bin/autoupdate.pl $filtersettings{'UPDATE_SOURCE'} &");
- }
-}
-
-
-if (-e "${General::swroot}/urlfilter/settings") { &General::readhash("${General::swroot}/urlfilter/settings", \%filtersettings); }
-
-&readcustomlists;
-
-ERROR:
-
-if ($errormessage) { $filtersettings{'VALID'} = 'no'; }
-
-$checked{'ENABLE_CUSTOM_BLACKLIST'}{'off'} = '';
-$checked{'ENABLE_CUSTOM_BLACKLIST'}{'on'} = '';
-$checked{'ENABLE_CUSTOM_BLACKLIST'}{$filtersettings{'ENABLE_CUSTOM_BLACKLIST'}} = "checked='checked'";
-$checked{'ENABLE_CUSTOM_WHITELIST'}{'off'} = '';
-$checked{'ENABLE_CUSTOM_WHITELIST'}{'on'} = '';
-$checked{'ENABLE_CUSTOM_WHITELIST'}{$filtersettings{'ENABLE_CUSTOM_WHITELIST'}} = "checked='checked'";
-$checked{'ENABLE_CUSTOM_EXPRESSIONS'}{'off'} = '';
-$checked{'ENABLE_CUSTOM_EXPRESSIONS'}{'on'} = '';
-$checked{'ENABLE_CUSTOM_EXPRESSIONS'}{$filtersettings{'ENABLE_CUSTOM_EXPRESSIONS'}} = "checked='checked'";
-$checked{'BLOCK_EXECUTABLES'}{'off'} = '';
-$checked{'BLOCK_EXECUTABLES'}{'on'} = '';
-$checked{'BLOCK_EXECUTABLES'}{$filtersettings{'BLOCK_EXECUTABLES'}} = "checked='checked'";
-$checked{'BLOCK_AUDIO-VIDEO'}{'off'} = '';
-$checked{'BLOCK_AUDIO-VIDEO'}{'on'} = '';
-$checked{'BLOCK_AUDIO-VIDEO'}{$filtersettings{'BLOCK_AUDIO-VIDEO'}} = "checked='checked'";
-$checked{'BLOCK_ARCHIVES'}{'off'} = '';
-$checked{'BLOCK_ARCHIVES'}{'on'} = '';
-$checked{'BLOCK_ARCHIVES'}{$filtersettings{'BLOCK_ARCHIVES'}} = "checked='checked'";
-$checked{'ENABLE_REWRITE'}{'off'} = '';
-$checked{'ENABLE_REWRITE'}{'on'} = '';
-$checked{'ENABLE_REWRITE'}{$filtersettings{'ENABLE_REWRITE'}} = "checked='checked'";
-$checked{'SHOW_CATEGORY'}{'off'} = '';
-$checked{'SHOW_CATEGORY'}{'on'} = '';
-$checked{'SHOW_CATEGORY'}{$filtersettings{'SHOW_CATEGORY'}} = "checked='checked'";
-$checked{'SHOW_URL'}{'off'} = '';
-$checked{'SHOW_URL'}{'on'} = '';
-$checked{'SHOW_URL'}{$filtersettings{'SHOW_URL'}} = "checked='checked'";
-$checked{'SHOW_IP'}{'off'} = '';
-$checked{'SHOW_IP'}{'on'} = '';
-$checked{'SHOW_IP'}{$filtersettings{'SHOW_IP'}} = "checked='checked'";
-$checked{'ENABLE_DNSERROR'}{'off'} = '';
-$checked{'ENABLE_DNSERROR'}{'on'} = '';
-$checked{'ENABLE_DNSERROR'}{$filtersettings{'ENABLE_DNSERROR'}} = "checked='checked'";
-$checked{'ENABLE_JPEG'}{'off'} = '';
-$checked{'ENABLE_JPEG'}{'on'} = '';
-$checked{'ENABLE_JPEG'}{$filtersettings{'ENABLE_JPEG'}} = "checked='checked'";
-$checked{'ENABLE_EXPR_LISTS'}{'off'} = '';
-$checked{'ENABLE_EXPR_LISTS'}{'on'} = '';
-$checked{'ENABLE_EXPR_LISTS'}{$filtersettings{'ENABLE_EXPR_LISTS'}} = "checked='checked'";
-$checked{'BLOCK_IP_ADDR'}{'off'} = '';
-$checked{'BLOCK_IP_ADDR'}{'on'} = '';
-$checked{'BLOCK_IP_ADDR'}{$filtersettings{'BLOCK_IP_ADDR'}} = "checked='checked'";
-$checked{'BLOCK_ALL'}{'off'} = '';
-$checked{'BLOCK_ALL'}{'on'} = '';
-$checked{'BLOCK_ALL'}{$filtersettings{'BLOCK_ALL'}} = "checked='checked'";
-$checked{'ENABLE_EMPTY_ADS'}{'off'} = '';
-$checked{'ENABLE_EMPTY_ADS'}{'on'} = '';
-$checked{'ENABLE_EMPTY_ADS'}{$filtersettings{'ENABLE_EMPTY_ADS'}} = "checked='checked'";
-$checked{'ENABLE_GLOBAL_WHITELIST'}{'off'} = '';
-$checked{'ENABLE_GLOBAL_WHITELIST'}{'on'} = '';
-$checked{'ENABLE_GLOBAL_WHITELIST'}{$filtersettings{'ENABLE_GLOBAL_WHITELIST'}} = "checked='checked'";
-$checked{'ENABLE_SAFESEARCH'}{'off'} = '';
-$checked{'ENABLE_SAFESEARCH'}{'on'} = '';
-$checked{'ENABLE_SAFESEARCH'}{$filtersettings{'ENABLE_SAFESEARCH'}} = "checked='checked'";
-$checked{'ENABLE_LOG'}{'off'} = '';
-$checked{'ENABLE_LOG'}{'on'} = '';
-$checked{'ENABLE_LOG'}{$filtersettings{'ENABLE_LOG'}} = "checked='checked'";
-$checked{'ENABLE_USERNAME_LOG'}{'off'} = '';
-$checked{'ENABLE_USERNAME_LOG'}{'on'} = '';
-$checked{'ENABLE_USERNAME_LOG'}{$filtersettings{'ENABLE_USERNAME_LOG'}} = "checked='checked'";
-$checked{'ENABLE_CATEGORY_LOG'}{'off'} = '';
-$checked{'ENABLE_CATEGORY_LOG'}{'on'} = '';
-$checked{'ENABLE_CATEGORY_LOG'}{$filtersettings{'ENABLE_CATEGORY_LOG'}} = "checked='checked'";
-
-foreach $category (@filtergroups) {
- $checked{$category}{'off'} = '';
- $checked{$category}{'on'} = '';
- $checked{$category}{$filtersettings{$category}} = "checked='checked'";
-}
-
-$selected{'DEFINITION'}{$tcsettings{'DEFINITION'}} = "selected='selected'";
-$selected{'FROM_HOUR'}{$tcsettings{'FROM_HOUR'}} = "selected='selected'";
-$selected{'FROM_MINUTE'}{$tcsettings{'FROM_MINUTE'}} = "selected='selected'";
-$selected{'TO_HOUR'}{$tcsettings{'TO_HOUR'}} = "selected='selected'";
-$selected{'TO_MINUTE'}{$tcsettings{'TO_MINUTE'}} = "selected='selected'";
-
-@selectedcategories = split(/\|/,$tcsettings{'DST'});
-foreach (@selectedcategories)
-{
- $selected{'DST'}{$_} = "selected='selected'";
-}
-
-$selected{'ACCESS'}{$tcsettings{'ACCESS'}} = "selected='selected'";
-
-$checked{'ENABLERULE'}{'off'} = '';
-$checked{'ENABLERULE'}{'on'} = '';
-$checked{'ENABLERULE'}{$tcsettings{'ENABLERULE'}} = "checked='checked'";
-$checked{'MON'}{'off'} = '';
-$checked{'MON'}{'on'} = '';
-$checked{'MON'}{$tcsettings{'MON'}} = "checked='checked'";
-$checked{'TUE'}{'off'} = '';
-$checked{'TUE'}{'on'} = '';
-$checked{'TUE'}{$tcsettings{'TUE'}} = "checked='checked'";
-$checked{'WED'}{'off'} = '';
-$checked{'WED'}{'on'} = '';
-$checked{'WED'}{$tcsettings{'WED'}} = "checked='checked'";
-$checked{'THU'}{'off'} = '';
-$checked{'THU'}{'on'} = '';
-$checked{'THU'}{$tcsettings{'THU'}} = "checked='checked'";
-$checked{'FRI'}{'off'} = '';
-$checked{'FRI'}{'on'} = '';
-$checked{'FRI'}{$tcsettings{'FRI'}} = "checked='checked'";
-$checked{'SAT'}{'off'} = '';
-$checked{'SAT'}{'on'} = '';
-$checked{'SAT'}{$tcsettings{'SAT'}} = "checked='checked'";
-$checked{'SUN'}{'off'} = '';
-$checked{'SUN'}{'on'} = '';
-$checked{'SUN'}{$tcsettings{'SUN'}} = "checked='checked'";
-
-$selected{'SPORADIC'}{$uqsettings{'SPORADIC'}} = "selected='selected'";
-$selected{'RENEWAL'} {$uqsettings{'RENEWAL'}} = "selected='selected'";
-
-$checked{'ENABLEQUOTA'}{'off'} = '';
-$checked{'ENABLEQUOTA'}{'on'} = '';
-$checked{'ENABLEQUOTA'}{$uqsettings{'ENABLEQUOTA'}} = "checked='checked'";
-
-$selected{'BE_BLACKLIST'}{$besettings{'BE_BLACKLIST'}} = "selected='selected'";
-
-
-&Header::showhttpheaders();
-
-&Header::openpage($Lang::tr{'urlfilter configuration'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>\n";
- &Header::closebox();
-} elsif (($tcsettings{'CHANGED'} eq 'yes') || ($uqsettings{'CHANGED'} eq 'yes') ) {
- &writeconfigfile;
- print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
- &Header::openbox('100%', 'left', "$Lang::tr{'urlfilter restart notification'}:");
- print "<class name='base'>$Lang::tr{'urlfilter restart message'}\n";
- if ($uqsettings{'MODE'} eq 'USERQUOTA') { print "<p><class name='base'>$Lang::tr{'urlfilter quota restart message'}\n"; }
- print "</class>\n";
- print "<p><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter restart'}' />";
- if ($tcsettings{'MODE'} eq 'TIMECONSTRAINT') { print "<input type='hidden' name='MODE' value='TIMECONSTRAINT' />"; }
- if ($uqsettings{'MODE'} eq 'USERQUOTA') { print "<input type='hidden' name='MODE' value='USERQUOTA' />"; }
- &Header::closebox();
- print "</form>\n";
-}
-
-if ($restoremessage) {
- &Header::openbox('100%', 'left', "$Lang::tr{'urlfilter restore results'}:");
- print "<class name='base'>$restoremessage\n";
- print " </class>\n";
- &Header::closebox();
-}
-
-if ((!$tcsettings{'TCMODE'}) && (!$uqsettings{'UQMODE'}) && (!$besettings{'BEMODE'})) {
-
-if (!($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter manage repository'})) {
-
-#==========================================================
-#
-# Section: Main Configuration
-#
-#==========================================================
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}' enctype='multipart/form-data'>\n";
-
-&Header::openbox('100%', 'left', "$Lang::tr{'urlfilter filter settings'}:");
-print <<END
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'urlfilter block categories'}</b></td>
-</tr>
-END
-;
-
-if (@categories == 0) {
-print <<END
-<tr>
- <td><i>$Lang::tr{'urlfilter no categories'}</i></td>
- <td> </td>
- <td> </td>
- <td> </td>
-</tr>
-
-END
-;
-}
-
-for ($n=0; $n<=@categories; $n = $n + $i) {
- for ($i=0; $i<=3; $i++) {
- if ($i eq 0) { print "<tr>\n"; }
- if (($n+$i) < @categories) {
- print "<td width='15%'>@categories[$n+$i]:<\/td>\n";
- print "<td width='10%'><input type='checkbox' name=@filtergroups[$n+$i] $checked{@filtergroups[$n+$i]}{'on'} /></td>\n";
- }
- if ($i eq 3) { print "<\/tr>\n"; }
- }
-}
-
-print <<END
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td><b>$Lang::tr{'urlfilter custom blacklist'}</b></td>
- <td> </td>
- <td> </td>
- <td> </td>
-</tr>
-<tr>
- <td colspan='2'>$Lang::tr{'urlfilter blocked domains'} <img src='/blob.gif' alt='*' /></td>
- <td colspan='2'>$Lang::tr{'urlfilter blocked urls'} <img src='/blob.gif' alt='*' /></td>
-</tr>
-<tr>
- <td colspan='2' width='50%'><textarea name='CUSTOM_BLACK_DOMAINS' cols='32' rows='6' wrap='off'>
-END
-;
-
-print $filtersettings{'CUSTOM_BLACK_DOMAINS'};
-
-print <<END
-</textarea></td>
- <td colspan='2' width='50%'><textarea name='CUSTOM_BLACK_URLS' cols='32' rows='6' wrap='off'>
-END
-;
-
-print $filtersettings{'CUSTOM_BLACK_URLS'};
-
-print <<END
-</textarea></td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
- <td class='base' width='25%'>$Lang::tr{'urlfilter enable custom blacklist'}:</td>
- <td><input type='checkbox' name='ENABLE_CUSTOM_BLACKLIST' $checked{'ENABLE_CUSTOM_BLACKLIST'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td><b>$Lang::tr{'urlfilter custom whitelist'}</b></td>
- <td> </td>
- <td> </td>
- <td> </td>
-</tr>
-<tr>
- <td colspan='2'>$Lang::tr{'urlfilter allowed domains'} <img src='/blob.gif' alt='*' /></td>
- <td colspan='2'>$Lang::tr{'urlfilter allowed urls'} <img src='/blob.gif' alt='*' /></td>
-</tr>
-<tr>
- <td colspan='2' width='50%'><textarea name='CUSTOM_WHITE_DOMAINS' cols='32' rows='6' wrap='off'>
-END
-;
-
-print $filtersettings{'CUSTOM_WHITE_DOMAINS'};
-
-print <<END
-</textarea></td>
- <td colspan='2' width='50%'><textarea name='CUSTOM_WHITE_URLS' cols='32' rows='6' wrap='off'>
-END
-;
-
-print $filtersettings{'CUSTOM_WHITE_URLS'};
-
-print <<END
-</textarea></td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
- <td class='base' width='25%'>$Lang::tr{'urlfilter enable custom whitelist'}:</td>
- <td><input type='checkbox' name='ENABLE_CUSTOM_WHITELIST' $checked{'ENABLE_CUSTOM_WHITELIST'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'urlfilter custom expression list'}</b></td>
-</tr>
-<tr>
- <td colspan='4'>$Lang::tr{'urlfilter blocked expressions'} <img src='/blob.gif' alt='*' /></td>
-</tr>
-<tr>
- <td colspan='4'><textarea name='CUSTOM_EXPRESSIONS' cols='70' rows='3' wrap='off'>
-END
-;
-
-print $filtersettings{'CUSTOM_EXPRESSIONS'};
-
-print <<END
-</textarea></td>
-</tr>
-<tr>
- <td class='base' width='25%'>$Lang::tr{'urlfilter enable custom expression list'}:</td>
- <td><input type='checkbox' name='ENABLE_CUSTOM_EXPRESSIONS' $checked{'ENABLE_CUSTOM_EXPRESSIONS'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'urlfilter file ext block'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'urlfilter block executables'}:</td>
- <td width='12%'><input type='checkbox' name='BLOCK_EXECUTABLES' $checked{'BLOCK_EXECUTABLES'}{'on'} /></td>
- <td width='25%' class='base'>$Lang::tr{'urlfilter block audio-video'}:</td>
- <td><input type='checkbox' name='BLOCK_AUDIO-VIDEO' $checked{'BLOCK_AUDIO-VIDEO'}{'on'} /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter block archives'}:</td>
- <td><input type='checkbox' name='BLOCK_ARCHIVES' $checked{'BLOCK_ARCHIVES'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'urlfilter local file redirection'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'urlfilter enable rewrite rules'}:</td>
- <td width='12%'><input type='checkbox' name='ENABLE_REWRITE' $checked{'ENABLE_REWRITE'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-<tr>
- <td><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter manage repository'}'></td>
- <td> </td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='2'><b>$Lang::tr{'urlfilter network access control'}</b></td>
- <td> </td>
- <td> </td>
-</tr>
-<tr>
- <td colspan='2'>$Lang::tr{'urlfilter unfiltered clients'} <img src='/blob.gif' alt='*' /></td>
- <td colspan='2'>$Lang::tr{'urlfilter banned clients'} <img src='/blob.gif' alt='*' /></td>
-</tr>
-<tr>
- <td colspan='2' width='50%'><textarea name='UNFILTERED_CLIENTS' cols='32' rows='6' wrap='off'>
-END
-;
-
-# transform from pre1.8 client definitions
-$filtersettings{'UNFILTERED_CLIENTS'} =~ s/^\s+//g;
-$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+$//g;
-$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+-\s+/-/g;
-$filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+/ /g;
-
-@clients = split(/ /,$filtersettings{'UNFILTERED_CLIENTS'});
-undef $filtersettings{'UNFILTERED_CLIENTS'};
-foreach (@clients) { $filtersettings{'UNFILTERED_CLIENTS'} .= "$_\n"; }
-
-print $filtersettings{'UNFILTERED_CLIENTS'};
-
-print <<END
-</textarea></td>
- <td colspan='2' width='50%'><textarea name='BANNED_CLIENTS' cols='32' rows='6' wrap='off'>
-END
-;
-
-# transform from pre1.8 client definitions
-$filtersettings{'BANNED_CLIENTS'} =~ s/^\s+//g;
-$filtersettings{'BANNED_CLIENTS'} =~ s/\s+$//g;
-$filtersettings{'BANNED_CLIENTS'} =~ s/\s+-\s+/-/g;
-$filtersettings{'BANNED_CLIENTS'} =~ s/\s+/ /g;
-
-@clients = split(/ /,$filtersettings{'BANNED_CLIENTS'});
-undef $filtersettings{'BANNED_CLIENTS'};
-foreach (@clients) { $filtersettings{'BANNED_CLIENTS'} .= "$_\n"; }
-
-print $filtersettings{'BANNED_CLIENTS'};
-
-print <<END
-</textarea></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'urlfilter timebased access control'}</b></td>
-</tr>
-<tr>
- <td width='25%'><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter set time constraints'}'></td>
- <td width='25%'><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter set user quota'}'></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'urlfilter block settings'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'urlfilter show category'}:</td>
- <td width='12%'><input type='checkbox' name='SHOW_CATEGORY' $checked{'SHOW_CATEGORY'}{'on'} /></td>
- <td width='25%' class='base'>$Lang::tr{'urlfilter redirectpage'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='REDIRECT_PAGE' value='$filtersettings{'REDIRECT_PAGE'}' size='40' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter show url'}:</td>
- <td><input type='checkbox' name='SHOW_URL' $checked{'SHOW_URL'}{'on'} /></td>
- <td class='base'>$Lang::tr{'urlfilter msg text 1'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='MSG_TEXT_1' value='$filtersettings{'MSG_TEXT_1'}' size='40' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter show ip'}:</td>
- <td><input type='checkbox' name='SHOW_IP' $checked{'SHOW_IP'}{'on'} /></td>
- <td class='base'>$Lang::tr{'urlfilter msg text 2'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='MSG_TEXT_2' value='$filtersettings{'MSG_TEXT_2'}' size='40' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter show dnserror'}:</td>
- <td><input type='checkbox' name='ENABLE_DNSERROR' $checked{'ENABLE_DNSERROR'}{'on'} /></td>
- <td class='base'>$Lang::tr{'urlfilter msg text 3'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='MSG_TEXT_3' value='$filtersettings{'MSG_TEXT_3'}' size='40' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter enable jpeg'}:</td>
- <td><input type='checkbox' name='ENABLE_JPEG' $checked{'ENABLE_JPEG'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
- <td class='base'><b>$Lang::tr{'urlfilter background image'}</b></td>
-</tr>
-<tr>
- <td><br>$Lang::tr{'urlfilter background text'}:</td>
-</tr>
-<tr>
- <td><input type='file' name='BACKGROUND' size='40' /> <input type='submit' name='ACTION' value='$Lang::tr{'urlfilter upload background'}' /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td colspan='4'><b>$Lang::tr{'urlfilter advanced settings'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'urlfilter enable expression lists'}:</td>
- <td width='12%'><input type='checkbox' name='ENABLE_EXPR_LISTS' $checked{'ENABLE_EXPR_LISTS'}{'on'} /></td>
- <td width='25%' class='base'>$Lang::tr{'urlfilter enable log'}:</td>
- <td><input type='checkbox' name='ENABLE_LOG' $checked{'ENABLE_LOG'}{'on'} /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter safesearch'}:</td>
- <td><input type='checkbox' name='ENABLE_SAFESEARCH' $checked{'ENABLE_SAFESEARCH'}{'on'} /></td>
- <td class='base'>$Lang::tr{'urlfilter username log'}:</td>
- <td><input type='checkbox' name='ENABLE_USERNAME_LOG' $checked{'ENABLE_USERNAME_LOG'}{'on'} /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter empty ads'}:</td>
- <td><input type='checkbox' name='ENABLE_EMPTY_ADS' $checked{'ENABLE_EMPTY_ADS'}{'on'} /></td>
- <td class='base'>$Lang::tr{'urlfilter category log'}:</td>
- <td><input type='checkbox' name='ENABLE_CATEGORY_LOG' $checked{'ENABLE_CATEGORY_LOG'}{'on'} /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter block ip'}:</td>
- <td><input type='checkbox' name='BLOCK_IP_ADDR' $checked{'BLOCK_IP_ADDR'}{'on'} /></td>
- <td class='base'>$Lang::tr{'urlfilter children'}:</td>
- <td><input type='text' name='CHILDREN' value='$filtersettings{'CHILDREN'}' size='5' /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter block all'}:</td>
- <td><input type='checkbox' name='BLOCK_ALL' $checked{'BLOCK_ALL'}{'on'} /></td>
- <td class='base'>$Lang::tr{'urlfilter whitelist always allowed'}:</td>
- <td><input type='checkbox' name='ENABLE_GLOBAL_WHITELIST' $checked{'ENABLE_GLOBAL_WHITELIST'}{'on'} /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td>
- <img src='/blob.gif' align='top' alt='*' />
- <font class='base'>$Lang::tr{'this field may be blank'}</font>
- </td>
- <td align='right'>
- </td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
-<td> </td>
-<td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
-<td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter save and restart'}' /></td>
-<td> </td>
-</tr>
-</table>
-END
-;
-
-&Header::closebox();
-
-print "</form>\n";
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}' enctype='multipart/form-data'>\n";
-
-&Header::openbox('100%', 'left', "$Lang::tr{'urlfilter maintenance'}:");
-
-print <<END
-<table width='100%'>
-<tr>
-<td class='base'><b>$Lang::tr{'urlfilter blacklist update'}</b></td>
-</tr>
-<tr>
-<td>$Lang::tr{'urlfilter upload information'}<p>$Lang::tr{'urlfilter upload text'}:</td>
-</tr>
-<tr>
-<td><input type='file' name='UPDATEFILE' size='40' /> <input type='submit' name='ACTION' value='$Lang::tr{'urlfilter upload blacklist'}' /></td>
-</tr>
-</table>
-
-<hr size='1'>
-
-<table width='100%'>
-<tr>
- <td colspan='2' class='base'><b>$Lang::tr{'urlfilter automatic blacklist update'}</b>
-END
-;
-if (-e "$updflagfile")
-{
-$blacklistage = int(-M "$updflagfile");
-print " <b>[</b> <small><i>$Lang::tr{'urlfilter blacklist age 1'} <b>$blacklistage</b> $Lang::tr{'urlfilter blacklist age 2'}</i></small> <b>]</b>";
-}
-
-$updatesettings{'UPDATE_SCHEDULE'} = 'monthly';
-$updatesettings{'CUSTOM_UPDATE_URL'} = '';
-
-if (-e "$updconffile") { &General::readhash("$updconffile", \%updatesettings); }
-
-$checked{'ENABLE_AUTOUPDATE'}{'off'} = '';
-$checked{'ENABLE_AUTOUPDATE'}{'on'} = '';
-$checked{'ENABLE_AUTOUPDATE'}{$updatesettings{'ENABLE_AUTOUPDATE'}} = "checked='checked'";
-
-$selected{'UPDATE_SCHEDULE'}{$updatesettings{'UPDATE_SCHEDULE'}} = "selected='selected'";
-
-$selected{'UPDATE_SOURCE'}{$updatesettings{'UPDATE_SOURCE'}} = "selected='selected'";
-
-print <<END
- </td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'urlfilter enable automatic blacklist update'}:</td>
- <td width='75%' class='base'><input type='checkbox' name='ENABLE_AUTOUPDATE' $checked{'ENABLE_AUTOUPDATE'}{'on'} /></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter automatic update schedule'}:</td>
- <td class='base'>
- <select name='UPDATE_SCHEDULE'>
- <option value='daily' $selected{'UPDATE_SCHEDULE'}{'daily'}>$Lang::tr{'urlfilter daily'}</option>
- <option value='weekly' $selected{'UPDATE_SCHEDULE'}{'weekly'}>$Lang::tr{'urlfilter weekly'}</option>
- <option value='monthly' $selected{'UPDATE_SCHEDULE'}{'monthly'}>$Lang::tr{'urlfilter monthly'}</option>
- </select>
- </td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter select source'}:</td>
- <td class='base' colspan='2'>
- <select name='UPDATE_SOURCE'>
-END
-;
-
-foreach (@source_urllist) {
- chomp;
- $source_name = substr($_,0,rindex($_,","));
- $source_url = substr($_,index($_,",")+1);
- print "\t<option value='$source_url' $selected{'UPDATE_SOURCE'}{$source_url}>$source_name</option>\n";
-}
-
-print <<END
- <option value='custom' $selected{'UPDATE_SOURCE'}{'custom'}>$Lang::tr{'urlfilter custom url'}</option>
- </select>
- </td>
-</tr>
-<tr>
- <td>$Lang::tr{'urlfilter custom url'}:</td>
- <td><input type='text' name='CUSTOM_UPDATE_URL' value='$updatesettings{'CUSTOM_UPDATE_URL'}' size='72' /></td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
- <td width='25%'><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter save schedule'}'> <input type='submit' name='ACTION' value='$Lang::tr{'urlfilter update now'}'></td>
-</tr>
-</table>
-
-<hr size='1'>
-
-<table width='100%'>
-<tr>
- <td class='base'><b>$Lang::tr{'urlfilter blacklist editor'}</b></td>
-</tr>
-<tr>
- <td>$Lang::tr{'urlfilter blacklist editor info'}</td>
-</tr>
-<tr>
- <td><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter blacklist editor'}' /></td>
-</tr>
-</table>
-
-<hr size='1'>
-
-<table width='100%'>
-<tr>
- <td colspan='4' class='base'><b>$Lang::tr{'urlfilter backup settings'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'urlfilter enable full backup'}:</td>
- <td width='12%' class='base'><input type='checkbox' name='ENABLE_FULLBACKUP' $checked{'ENABLE_FULLBACKUP'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-<tr>
- <td colspan='4' class='base'><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter backup'}' /></td>
-</tr>
-</table>
-
-<hr size='1'>
-
-<table width='100%'>
-<tr>
- <td class='base'><b>$Lang::tr{'urlfilter restore settings'}</b></td>
-</tr>
-<tr>
- <td>$Lang::tr{'urlfilter restore text'}:</td>
-</tr>
-<tr>
- <td><input type='file' name='UPDATEFILE' size='40' /> <input type='submit' name='ACTION' value='$Lang::tr{'urlfilter restore'}' /></td>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-} else {
-
-#==========================================================
-#
-# Section: Manage Repository
-#
-#==========================================================
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}' enctype='multipart/form-data'>\n";
-
-&Header::openbox('100%', 'left', "$Lang::tr{'urlfilter manage local file repository'}:");
-print <<END
-<table width='100%'>
-<tr>
- <td>$Lang::tr{'urlfilter repository information'}<br><br></td>
-</tr>
-<tr>
- <td>$Lang::tr{'urlfilter upload file text'}:</td>
-</tr>
-<tr>
- <td><input type='file' name='UPLOADFILE' size='50' /> <input type='submit' name='ACTION' value='$Lang::tr{'urlfilter upload file'}' /></td>
-</tr>
-<tr>
- <td><br><b>$Lang::tr{'urlfilter upload file information 1'}:</b> $Lang::tr{'urlfilter upload file information 2'}</td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td><input type='button' name='return2main' value='$Lang::tr{'urlfilter back to main page'}' onClick='self.location.href="$ENV{'SCRIPT_NAME'}"'></td>
-</tr>
-</table>
-</form>
-END
-;
-
-&Header::closebox();
-
-&Header::openbox('100%', 'left', "$Lang::tr{'urlfilter current files'}: </b>[$repository]");
-
-@repositorylist = <$repository/*>;
-
-undef @repositoryfiles;
-foreach (@repositorylist)
-{
- if (!-d) { push(@repositoryfiles,substr($_,rindex($_,"/")+1)); }
-}
-
-if (@repositoryfiles)
-{
- print <<END
-<table width='100%'>
-<tr>
- <td align='center'><b>$Lang::tr{'urlfilter filename'}</b></td>
- <td width='15%' align='center'><b>$Lang::tr{'urlfilter filesize'}</b></td>
- <td width='10%'></td>
-</tr>
-END
-;
- $id = 0;
- foreach $line (@repositoryfiles)
- {
- $id++;
- if ($id % 2) {
- print "<tr bgcolor='$Header::table1colour'>\n"; }
- else {
- print "<tr bgcolor='$Header::table2colour'>\n"; }
- $filesize = (-s "$repository/$line");
- 1 while $filesize =~ s/^(-?\d+)(\d{3})/$1.$2/;
-
-print <<END
- <td> $line</td>
- <td align='right'>$filesize </td>
-
- <td align='center'>
- <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
- <input type='hidden' name='ID' value='$line' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'urlfilter remove file'}' />
- </form>
- </td>
-
- </tr>
-END
-;
- }
-
-print <<END
-</table>
-<table>
- <tr>
- </tr>
-</table>
-<table>
- <tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
- </tr>
-</table>
-END
-;
-} else {
-
- print "<i>$Lang::tr{'urlfilter empty repository'}</i>\n";
-}
-
-&Header::closebox();
-
-}
-
-} elsif ($tcsettings{'TCMODE'}) {
-
-#==========================================================
-#
-# Section: Set Time Constraints
-#
-#==========================================================
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-$buttontext = $Lang::tr{'urlfilter add rule'};
-if ($tcsettings{'ACTION'} eq $Lang::tr{'edit'}) {
-&Header::openbox('100%', 'left', $Lang::tr{'urlfilter edit time constraint rule'}.':');
-$buttontext = $Lang::tr{'urlfilter update rule'};
-} else {
-&Header::openbox('100%', 'left', $Lang::tr{'urlfilter add new time constraint rule'}.':');
-}
-print <<END
-
-<table width='100%'>
-<tr>
- <td width='2%'>$Lang::tr{'urlfilter constraint definition'}</td>
- <td width='1%'> </td>
- <td width='2%' align='center'>$Lang::tr{'urlfilter monday'}</td>
- <td width='2%' align='center'>$Lang::tr{'urlfilter tuesday'}</td>
- <td width='2%' align='center'>$Lang::tr{'urlfilter wednesday'}</td>
- <td width='2%' align='center'>$Lang::tr{'urlfilter thursday'}</td>
- <td width='2%' align='center'>$Lang::tr{'urlfilter friday'}</td>
- <td width='2%' align='center'>$Lang::tr{'urlfilter saturday'}</td>
- <td width='2%' align='center'>$Lang::tr{'urlfilter sunday'}</td>
- <td width='1%'> </td>
- <td width='7%' colspan=3>$Lang::tr{'urlfilter from'}</td>
- <td width='1%'> </td>
- <td width='7%' colspan=3>$Lang::tr{'urlfilter to'}</td>
- <td> </td>
-</tr>
-<tr>
- <td class='base'>
- <select name='DEFINITION'>
- <option value='within' $selected{'DEFINITION'}{'within'}>$Lang::tr{'urlfilter constraint within'}</option>
- <option value='outside' $selected{'DEFINITION'}{'outside'}>$Lang::tr{'urlfilter constraint outside'}</option>
- </select>
- </td>
- <td> </td>
- <td class='base'><input type='checkbox' name='MON' $checked{'MON'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='TUE' $checked{'TUE'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='WED' $checked{'WED'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='THU' $checked{'THU'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='FRI' $checked{'FRI'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='SAT' $checked{'SAT'}{'on'} /></td>
- <td class='base'><input type='checkbox' name='SUN' $checked{'SUN'}{'on'} /></td>
- <td> </td>
- <td class='base'>
- <select name='FROM_HOUR'>
-END
-;
-for ($i=0;$i<=24;$i++) {
-$_ = sprintf("%02s",$i);
-print "<option $selected{'FROM_HOUR'}{$_}>$_</option>\n";
-}
-print <<END
- </select>
- </td>
- <td>:</td>
- <td class='base'>
- <select name='FROM_MINUTE'>
-END
-;
-for ($i=0;$i<=45;$i+=15) {
-$_ = sprintf("%02s",$i);
-print "<option $selected{'FROM_MINUTE'}{$_}>$_</option>\n";
-}
-print <<END
- </select>
- <td> - </td>
- </td>
- <td class='base'>
- <select name='TO_HOUR'>
-END
-;
-for ($i=0;$i<=24;$i++) {
-$_ = sprintf("%02s",$i);
-print "<option $selected{'TO_HOUR'}{$_}>$_</option>\n";
-}
-print <<END
- </select>
- </td>
- <td>:</td>
- <td class='base'>
- <select name='TO_MINUTE'>
-END
-;
-for ($i=0;$i<=45;$i+=15) {
-$_ = sprintf("%02s",$i);
-print "<option $selected{'TO_MINUTE'}{$_}>$_</option>\n";
-}
-print <<END
- </select>
- </td>
- <td> </td>
-</tr>
-</table>
-
-<br>
-
-<table width='100%'>
- <tr>
- <td width='5%'>$Lang::tr{'urlfilter source'}</td>
- <td width='1%'> </td>
- <td width='5%'>$Lang::tr{'urlfilter dst'} <img src='/blob.gif' alt='*'><img src='/blob.gif' alt='*'></td>
- <td width='1%'> </td>
- <td width='5%'>$Lang::tr{'urlfilter access'}</td>
- <td> </td>
- </tr>
- <tr>
- <td rowspan='2'><textarea name='SRC' cols='28' rows='5' wrap='off'>
-END
-;
-
-# transform from pre1.8 client definitions
-$tcsettings{'SRC'} =~ s/^\s+//g;
-$tcsettings{'SRC'} =~ s/\s+$//g;
-$tcsettings{'SRC'} =~ s/\s+-\s+/-/g;
-$tcsettings{'SRC'} =~ s/\s+/ /g;
-
-@clients = split(/ /,$tcsettings{'SRC'});
-undef $tcsettings{'SRC'};
-foreach (@clients) { $tcsettings{'SRC'} .= "$_\n"; }
-
-print $tcsettings{'SRC'};
-
-print <<END
-</textarea></td>
-
- <td> </td>
- <td class='base' rowspan='2' valign='top'>
- <select name='DST' size='6' multiple>
- <option value='any' $selected{'DST'}{'any'} = "selected='selected'">$Lang::tr{'urlfilter category all'}</option>
- <option value='in-addr' $selected{'DST'}{'in-addr'} = "selected='selected'">in-addr</option>
-END
-;
-
-&readblockcategories;
-foreach (@categories)
-{
- print "<option value='$_' $selected{'DST'}{$_}>$_</option>\n";
-}
-
-print <<END
- <option value='files' $selected{'DST'}{'files'} = "selected='selected'">files</option>
- <option value='custom-blocked' $selected{'DST'}{'custom-blocked'} = "selected='selected'">custom-blocked</option>
- <option value='custom-expressions' $selected{'DST'}{'custom-expressions'} = "selected='selected'">custom-expressions</option>
- </select>
- </td>
- <td> </td>
- <td class='base' valign='top'>
- <select name='ACCESS'>
- <option value='block' $selected{'ACCESS'}{'block'}>$Lang::tr{'urlfilter mode block'}</option>
- <option value='allow' $selected{'ACCESS'}{'allow'}>$Lang::tr{'urlfilter mode allow'}</option>
- </select>
- </td>
- <td> </td>
- </tr>
- <tr>
- <td> </td>
- <td> </td>
- <td> </td>
- <td> </td>
- </tr>
- <tr>
- <td>$Lang::tr{'remark'} <img src='/blob.gif' alt='*'></td>
- <td> </td>
- <td> </td>
- <td> </td>
- <td> </td>
- <td> </td>
- </tr>
- <tr>
- <td><input type='text' name='COMMENT' value='$tcsettings{'COMMENT'}' size='32' /></td>
- <td> </td>
- <td> </td>
- <td> </td>
- <td> </td>
- <td> </td>
- </tr>
-</table>
-
-<table width='100%'>
- <tr>
- <td class='base'>$Lang::tr{'urlfilter enabled'}<input type='checkbox' name='ENABLERULE' $checked{'ENABLERULE'}{'on'} /></td>
- </tr>
-</table>
-
-<p>
-
-<table width='50%'>
- <tr>
- <td><input type='hidden' name='ACTION' value='$Lang::tr{'add'}' /></td>
- <td><input type='hidden' name='MODE' value='TIMECONSTRAINT' /></td>
- <td><input type='submit' name='SUBMIT' value='$buttontext' /></td>
- <td><input type='reset' name='ACTION' value='$Lang::tr{'urlfilter reset'}' /></td>
- <td> </td>
- <td><input type='button' name='return2main' value='$Lang::tr{'urlfilter back to main page'}' onClick='self.location.href="$ENV{'SCRIPT_NAME'}"'></td>
- </tr>
-</table>
-<p>
-<table width='100%'>
- <tr>
- <td width='1%' align='right'> <img src='/blob.gif' align='top' alt='*' /> </td>
- <td><font class='base'>$Lang::tr{'this field may be blank'}</font></td>
- </tr>
- <tr>
- <td width='1%' align='right'><img src='/blob.gif' align='top' alt='*' /><img src='/blob.gif' align='top' alt='*' /> </td>
- <td><font class='base'>$Lang::tr{'urlfilter select multi'}</font></td>
- </tr>
-</table>
-END
-;
-
-if ($tcsettings{'ACTION'} eq $Lang::tr{'edit'}) {
- print "<input type='hidden' name='EDITING' value='$tcsettings{'ID'}' />\n";
-} else {
- print "<input type='hidden' name='EDITING' value='no' />\n";
-}
-
-&Header::closebox();
-print "</form>\n";
-
-&Header::openbox('100%', 'left', $Lang::tr{'current rules'});
-print <<END
-<table width='100%'>
- <tr>
- <td width='5%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter constraint definition'}</b></td>
- <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter time space'}</b></td>
- <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter src'}</b></td>
- <td width='5%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter dst'}</b></td>
- <td width='10%' class='boldbase' colspan='5' align='center'> </td>
- </tr>
-END
-;
-
-if ($tcsettings{'ACTION'} ne '' or $changed ne 'no')
-{
- open(FILE, $tcfile);
- @tclist = <FILE>;
- close(FILE);
-}
-
-$id = 0;
-foreach $line (@tclist)
-{
- $id++;
- chomp($line);
- @temp = split(/\,/,$line);
- if($tcsettings{'ACTION'} eq $Lang::tr{'edit'} && $tcsettings{'ID'} eq $id) {
- print "<tr bgcolor='$Header::colouryellow'>\n"; }
- elsif ($id % 2) {
- print "<tr bgcolor='$Header::table1colour'>\n"; }
- else {
- print "<tr bgcolor='$Header::table2colour'>\n"; }
- if ($temp[0] eq 'within') { $temp[0]=$Lang::tr{'urlfilter constraint within'}; } else { $temp[0]=$Lang::tr{'urlfilter constraint outside'}; }
- if ($temp[13] eq 'any') { $temp[13]=$Lang::tr{'urlfilter category all'}; }
- if ($temp[15] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
- else { $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; }
- if ($temp[14] eq 'block') { $led='led-red.gif'; $ldesc=$Lang::tr{'urlfilter block access'};}
- else { $led='led-green.gif'; $ldesc=$Lang::tr{'urlfilter allow access'}; }
-
- undef $time;
- if ($temp[1] eq 'on') { $time.=$Lang::tr{'urlfilter mon'}; } else { $time.='='; }
- if ($temp[2] eq 'on') { $time.=$Lang::tr{'urlfilter tue'}; } else { $time.='='; }
- if ($temp[3] eq 'on') { $time.=$Lang::tr{'urlfilter wed'}; } else { $time.='='; }
- if ($temp[4] eq 'on') { $time.=$Lang::tr{'urlfilter thu'}; } else { $time.='='; }
- if ($temp[5] eq 'on') { $time.=$Lang::tr{'urlfilter fri'}; } else { $time.='='; }
- if ($temp[6] eq 'on') { $time.=$Lang::tr{'urlfilter sat'}; } else { $time.='='; }
- if ($temp[7] eq 'on') { $time.=$Lang::tr{'urlfilter sun'}; } else { $time.='='; }
- $time=$time.' '.$temp[8].':'.$temp[9].' to '.$temp[10].':'.$temp[11];
-
-print <<END
- <td align='center'>$temp[0]</td>
- <td align='center' nowrap>$time</td>
- <td align='center'>$temp[12]</td>
- <td align='center'>$temp[13]</td>
- <td align='center'><image src='/images/urlfilter/$led' alt='$ldesc'></td>
-
- <td align='center'>
- <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' />
- <input type='hidden' name='MODE' value='TIMECONSTRAINT' />
- <input type='hidden' name='ID' value='$id' />
- <input type='hidden' name='ACTIVE' value='$toggle' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
- </form>
- </td>
-
- <td align='center'>
- <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' />
- <input type='hidden' name='MODE' value='TIMECONSTRAINT' />
- <input type='hidden' name='ID' value='$id' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
- </form>
- </td>
-
- <td align='center'>
- <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'urlfilter copy rule'}' src='/images/urlfilter/copy.gif' title='$Lang::tr{'urlfilter copy rule'}' alt='$Lang::tr{'urlfilter copy rule'}' />
- <input type='hidden' name='MODE' value='TIMECONSTRAINT' />
- <input type='hidden' name='ID' value='$id' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'urlfilter copy rule'}' />
- </form>
- </td>
-
- <td align='center'>
- <form method='post' name='frmd$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
- <input type='hidden' name='MODE' value='TIMECONSTRAINT' />
- <input type='hidden' name='ID' value='$id' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
- </form>
- </td>
-
- </tr>
-END
-;
- if($tcsettings{'ACTION'} eq $Lang::tr{'edit'} && $tcsettings{'ID'} eq $id) {
- print "<tr bgcolor='$Header::colouryellow'>\n"; }
- elsif ($id % 2) {
- print "<tr bgcolor='$Header::table1colour'>\n"; }
- else {
- print "<tr bgcolor='$Header::table2colour'>\n"; }
-print <<END
- <td align='center' colspan='4'>$temp[16]
- </td>
- <td align='center' colspan='5'>
- </td>
- </tr>
-END
-;
-}
-
-print "</table>\n";
-
-# If the time constraint file contains entries, print entries and action icons
-if (! -z "$tcfile") {
-print <<END
-
-<table>
- <tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/urlfilter/led-green.gif' alt='$Lang::tr{'urlfilter allow access'}' /></td>
- <td class='base'>$Lang::tr{'urlfilter allow'}</td>
- <td> <img src='/images/urlfilter/led-red.gif' alt='$Lang::tr{'urlfilter block access'}' /></td>
- <td class='base'>$Lang::tr{'urlfilter block'}</td>
- <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> <img src='/images/urlfilter/copy.gif' alt='$Lang::tr{'urlfilter copy rule'}' /></td>
- <td class='base'>$Lang::tr{'urlfilter copy rule'}</td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
- </tr>
-</table>
-END
-;
-}
-
-&Header::closebox();
-
-} elsif ($uqsettings{'UQMODE'}) {
-
-#==========================================================
-#
-# Section: Set User Quota
-#
-#==========================================================
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-$buttontext = $Lang::tr{'urlfilter add rule'};
-if ($uqsettings{'ACTION'} eq $Lang::tr{'edit'}) {
-&Header::openbox('100%', 'left', $Lang::tr{'urlfilter edit user quota rule'}.':');
-$buttontext = $Lang::tr{'urlfilter update rule'};
-} else {
-&Header::openbox('100%', 'left', $Lang::tr{'urlfilter add new user quota rule'}.':');
-}
-print <<END
-
-<table width='100%'>
-<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter user time quota'}:</td>
- <td><input type='text' name='TIME_QUOTA' value='$uqsettings{'TIME_QUOTA'}' size='5' /></td>
- <td colspan='2' rowspan= '5' valign='top' class='base'>
- <table cellpadding='0' cellspacing='0'>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <td>$Lang::tr{'urlfilter assigned quota users'}:</td>
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <!-- intentionally left empty -->
- </tr>
- <tr>
- <td><textarea name='QUOTA_USERS' cols='32' rows='6' wrap='off'>
-END
-;
-
-$uqsettings{'QUOTA_USERS'} =~ s/\|/\n/g;
-print $uqsettings{'QUOTA_USERS'};
-
-print <<END
-</textarea></td>
- </tr>
- </table>
- </td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter activity detection'}:</td>
- <td class='base'><select name='SPORADIC'>
- <option value='0' $selected{'SPORADIC'}{'0'}>$Lang::tr{'urlfilter disabled'}</option>
- <option value='300' $selected{'SPORADIC'}{'300'}>5 $Lang::tr{'urlfilter minutes'}</option>
- <option value='900' $selected{'SPORADIC'}{'900'}>15 $Lang::tr{'urlfilter minutes'}</option>
- </select></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter renewal period'}:</td>
- <td class='base'><select name='RENEWAL'>
- <option value='hourly' $selected{'RENEWAL'}{'hourly'}>$Lang::tr{'urlfilter hourly'}</option>
- <option value='daily' $selected{'RENEWAL'}{'daily'}>$Lang::tr{'urlfilter daily'}</option>
- <option value='weekly' $selected{'RENEWAL'}{'weekly'}>$Lang::tr{'urlfilter weekly'}</option>
- </select></td>
-</tr>
-<tr>
- <td colspan='2'> </td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter enabled'}</td>
- <td class='base'><input type='checkbox' name='ENABLEQUOTA' $checked{'ENABLEQUOTA'}{'on'} /></td>
-</tr>
-
-</table>
-<p>
-
-<table width='50%'>
- <tr>
- <td><input type='hidden' name='ACTION' value='$Lang::tr{'add'}' /></td>
- <td><input type='hidden' name='MODE' value='USERQUOTA' /></td>
- <td><input type='submit' name='SUBMIT' value='$buttontext' /></td>
- <td><input type='reset' name='ACTION' value='$Lang::tr{'urlfilter reset'}' /></td>
- <td> </td>
- <td><input type='button' name='return2main' value='$Lang::tr{'urlfilter back to main page'}' onClick='self.location.href="$ENV{'SCRIPT_NAME'}"'></td>
- </tr>
-</table>
-
-<p>
-END
-;
-
-if ($uqsettings{'ACTION'} eq $Lang::tr{'edit'}) {
- print "<input type='hidden' name='EDITING' value='$uqsettings{'ID'}' />\n";
-} else {
- print "<input type='hidden' name='EDITING' value='no' />\n";
-}
-
-&Header::closebox();
-print "</form>\n";
-
-&Header::openbox('100%', 'left', $Lang::tr{'current rules'});
-print <<END
-<table width='100%'>
- <tr>
- <td width='15%' class='boldbase' align='center'><b><nobr>$Lang::tr{'urlfilter time quota'}</nobr></b></td>
- <td width='15%' class='boldbase' align='center'><b><nobr>$Lang::tr{'urlfilter activity detection'}</nobr></b></td>
- <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'urlfilter renewal'}</b></td>
- <td class='boldbase' align='center'><b>$Lang::tr{'urlfilter assigned users'}</b></td>
- <td width='20%' class='boldbase' colspan='4' align='center'> </td>
- </tr>
-END
-;
-
-if ($uqsettings{'ACTION'} ne '' or $changed ne 'no')
-{
- open(FILE, $uqfile);
- @uqlist = <FILE>;
- close(FILE);
-}
-
-$id = 0;
-foreach $line (@uqlist)
-{
- $id++;
- chomp($line);
- @temp = split(/\,/,$line);
- if($uqsettings{'ACTION'} eq $Lang::tr{'edit'} && $uqsettings{'ID'} eq $id) {
- print "<tr bgcolor='$Header::colouryellow'>\n"; }
- elsif ($id % 2) {
- print "<tr bgcolor='$Header::table1colour'>\n"; }
- else {
- print "<tr bgcolor='$Header::table2colour'>\n"; }
- if ($temp[4] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
- else { $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; }
-
- $temp[5] = $temp[1];
- if ($temp[1] eq '0') { $temp[5] = $Lang::tr{'urlfilter disabled'} } else { $temp[5] = ($temp[5]/60).' '.$Lang::tr{'urlfilter minutes'} }
- $_ = $temp[3]; s/\|/, /g; $temp[6] = $_;
-
-print <<END
- <td align='center'>$temp[0] $Lang::tr{'urlfilter minutes'}</td>
- <td align='center'>$temp[5]</td>
- <td align='center'>$Lang::tr{'urlfilter '.$temp[2]}</td>
- <td align='center'>$temp[6]</td>
-
- <td align='center'>
- <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' />
- <input type='hidden' name='MODE' value='USERQUOTA' />
- <input type='hidden' name='ID' value='$id' />
- <input type='hidden' name='ACTIVE' value='$toggle' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
- </form>
- </td>
-
- <td align='center'>
- <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' />
- <input type='hidden' name='MODE' value='USERQUOTA' />
- <input type='hidden' name='ID' value='$id' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
- </form>
- </td>
-
- <td align='center'>
- <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
- <input type='hidden' name='MODE' value='USERQUOTA' />
- <input type='hidden' name='ID' value='$id' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
- </form>
- </td>
-
- </tr>
-END
-;
-}
-
-print "</table>\n";
-
-# If the user quota file contains entries, print entries and action icons
-if (! -z "$uqfile") {
-print <<END
-
-<table>
- <tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
- </tr>
-</table>
-END
-;
-}
-
-&Header::closebox();
-
-} else {
-
-#==========================================================
-#
-# Section: Blacklist editor
-#
-#==========================================================
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}' enctype='multipart/form-data'>\n";
-
-&Header::openbox('100%', 'left', $Lang::tr{'urlfilter urlfilter blacklist editor'}.':');
-
-print <<END
-
-<table width='100%'>
-<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='30%'></td>
-</tr>
-<tr>
- <td class='base'><b>$Lang::tr{'urlfilter blacklist name'}</b></td>
-</tr>
-<tr>
- <td class='base'>$Lang::tr{'urlfilter blacklist category name'}:</td>
- <td><input type='text' name='BE_NAME' value='$besettings{'BE_NAME'}' size='12' /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td width='25%'></td> <td width='20%'> </td><td width='25%'> </td><td width='20%'></td>
-</tr>
-<tr>
- <td class='base' colspan='4'><b>$Lang::tr{'urlfilter edit domains urls expressions'}</b></td>
-</tr>
-<tr>
- <td colspan='2'>$Lang::tr{'urlfilter domains'}</td>
- <td colspan='2'>$Lang::tr{'urlfilter urls'}</td>
-</tr>
-<tr>
- <td colspan='2'><textarea name='BE_DOMAINS' cols='38' rows='10' wrap='off'>
-END
-;
-
-print $besettings{'BE_DOMAINS'};
-
-print <<END
-</textarea></td>
- <td colspan='2'><textarea name='BE_URLS' cols='38' rows='10' wrap='off'>
-END
-;
-
-print $besettings{'BE_URLS'};
-
-print <<END
-</textarea></td>
-</tr>
-<tr>
- <td colspan='4'>$Lang::tr{'urlfilter expressions'}</td>
-</tr>
-<tr>
- <td colspan='4'><textarea name='BE_EXPRESSIONS' cols='80' rows='3' wrap='off'>
-END
-;
-
-print $besettings{'BE_EXPRESSIONS'};
-
-print <<END
-</textarea></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td class='base' colspan='4'><b>$Lang::tr{'urlfilter load blacklist'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'urlfilter select blacklist'}:</td>
- <td width='20%' class='base'>
- <select name='BE_BLACKLIST'>
-END
-;
-
-&readblockcategories;
-foreach (@categories)
-{
- print "<option value='$_' $selected{'BE_BLACKLIST'}{$_}>$_</option>\n";
-}
-
-print <<END
- </select>
- </td>
- <td> </td>
- <td> </td>
-<tr>
- <td colpsan='4'><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter load blacklist'}' /></td>
-</tr>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td class='base' colspan='4'><b>$Lang::tr{'urlfilter import blacklist'}</b></td>
-</tr>
-<tr>
- <td colspan='4'>$Lang::tr{'urlfilter import text'}:</td>
-</tr>
-<tr>
- <td nowrap><input type='file' name='IMPORTFILE' size='40' /> <input type='submit' name='ACTION' value='$Lang::tr{'urlfilter import blacklist'}' /></td>
- <td><input type='hidden' name='MODE' value='BLACKLIST_EDITOR' /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td class='base' colspan='4'><b>$Lang::tr{'urlfilter export blacklist'}</b></td>
-</tr>
-<tr>
- <td><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter export blacklist'}' /></td>
-</tr>
-</table>
-<hr size='1'>
-<table width='100%'>
-<tr>
- <td class='base' colspan='4'><b>$Lang::tr{'urlfilter install blacklist'}</b></td>
-</tr>
-<tr>
- <td width='25%' class='base'>$Lang::tr{'urlfilter dont restart urlfilter'}:</td>
- <td width='20%' class='base'><input type='checkbox' name='NORESTART' $checked{'NORESTART'}{'on'} /></td>
- <td> </td>
- <td> </td>
-</tr>
-<tr>
- <td><input type='submit' name='ACTION' value='$Lang::tr{'urlfilter install blacklist'}' /></td>
-</tr>
-<tr>
- <td class='base' colspan='4'><br>$Lang::tr{'urlfilter install information'}</td>
-</tr>
-</table>
-<hr size='1'>
-<table width='20%'>
-<tr>
- <td><input type='reset' name='ACTION' value='$Lang::tr{'urlfilter reset'}' /></td>
- <td> </td>
- <td><input type='button' name='return2main' value='$Lang::tr{'urlfilter back to main page'}' onClick='self.location.href="$ENV{'SCRIPT_NAME'}"'></td>
-</tr>
-</table>
-
-END
-;
-
-&Header::closebox();
-print "</form>\n";
-
-}
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-# -------------------------------------------------------------------
-
-sub savesettings
-{
- # transform to pre1.8 client definitions
- @clients = split(/\n/,$filtersettings{'UNFILTERED_CLIENTS'});
- undef $filtersettings{'UNFILTERED_CLIENTS'};
- foreach(@clients)
- {
- s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
- $filtersettings{'UNFILTERED_CLIENTS'} .= "$_ ";
- }
- $filtersettings{'UNFILTERED_CLIENTS'} =~ s/\s+$//;
-
- # transform to pre1.8 client definitions
- @clients = split(/\n/,$filtersettings{'BANNED_CLIENTS'});
- undef $filtersettings{'BANNED_CLIENTS'};
- foreach(@clients)
- {
- s/^\s+//g; s/\s+$//g; s/\s+-\s+/-/g; s/\s+/ /g; s/\n//g;
- $filtersettings{'BANNED_CLIENTS'} .= "$_ ";
- }
- $filtersettings{'BANNED_CLIENTS'} =~ s/\s+$//;
-
- &writeconfigfile;
-
- delete $filtersettings{'CUSTOM_BLACK_DOMAINS'};
- delete $filtersettings{'CUSTOM_BLACK_URLS'};
- delete $filtersettings{'CUSTOM_WHITE_DOMAINS'};
- delete $filtersettings{'CUSTOM_WHITE_URLS'};
- delete $filtersettings{'CUSTOM_EXPRESSIONS'};
- delete $filtersettings{'BACKGROUND'};
- delete $filtersettings{'UPDATEFILE'};
-
- &General::writehash("${General::swroot}/urlfilter/settings", \%filtersettings);
-}
-
-# -------------------------------------------------------------------
-
-sub readblockcategories
-{
- undef(@categories);
-
- &getblockcategory ($dbdir);
-
- foreach (@categories) { $_ = substr($_,length($dbdir)+1); }
-
- @filtergroups = @categories;
-
- foreach (@filtergroups) {
- s/\//_SLASH_/g;
- tr/a-z/A-Z/;
- $_ = "FILTER_".$_;
- }
-}
-
-# -------------------------------------------------------------------
-
-sub getblockcategory
-{
- foreach $category (<$_[0]/*>)
- {
- if (-d $category)
- {
- if ((-e "$category/domains") || (-e "$category/urls"))
- {
- unless ($category =~ /\bcustom\b/) { push(@categories,$category); }
- }
- &getblockcategory ($category);
- }
- }
-}
-
-# -------------------------------------------------------------------
-
-sub readcustomlists
-{
- if (-e "$dbdir/custom/blocked/domains") {
- open(FILE,"$dbdir/custom/blocked/domains");
- delete $filtersettings{'CUSTOM_BLACK_DOMAINS'};
- while (<FILE>) { $filtersettings{'CUSTOM_BLACK_DOMAINS'} .= $_ };
- close(FILE);
- }
-
- if (-e "$dbdir/custom/blocked/urls") {
- open(FILE,"$dbdir/custom/blocked/urls");
- delete $filtersettings{'CUSTOM_BLACK_URLS'};
- while (<FILE>) { $filtersettings{'CUSTOM_BLACK_URLS'} .= $_ };
- close(FILE);
- }
-
- if (-e "$dbdir/custom/blocked/expressions") {
- open(FILE,"$dbdir/custom/blocked/expressions");
- delete $filtersettings{'CUSTOM_EXPRESSIONS'};
- while (<FILE>) { $filtersettings{'CUSTOM_EXPRESSIONS'} .= $_ };
- close(FILE);
- }
-
- if (-e "$dbdir/custom/allowed/domains") {
- open(FILE,"$dbdir/custom/allowed/domains");
- delete $filtersettings{'CUSTOM_WHITE_DOMAINS'};
- while (<FILE>) { $filtersettings{'CUSTOM_WHITE_DOMAINS'} .= $_ };
- close(FILE);
- }
- if (-e "$dbdir/custom/allowed/urls") {
- open(FILE,"$dbdir/custom/allowed/urls");
- delete $filtersettings{'CUSTOM_WHITE_URLS'};
- while (<FILE>) { $filtersettings{'CUSTOM_WHITE_URLS'} .= $_ };
- close(FILE);
- }
-}
-
-# -------------------------------------------------------------------
-
-sub aggregatedconstraints
-{
- my $aggregated;
- my @old;
- my @new;
- my @tmp1;
- my @tmp2;
- my $x;
-
- if (-e $tcfile)
- {
- open(TC, $tcfile);
- @old = <TC>;
- close(TC);
-
- while (@old > 0)
- {
- $aggregated = 0;
- $x = shift(@old);
- chomp($x);
- @tmp1 = split(/\,/,$x);
- $tmp1[16] = '';
- foreach (@new)
- {
- @tmp2 = split(/\,/);
- if (($tmp1[15] eq 'on') && ($tmp2[15] eq 'on'))
- {
- if (($tmp1[0] eq $tmp2[0]) && ($tmp1[12] eq $tmp2[12]) && ($tmp1[13] eq $tmp2[13]) && ($tmp1[14] eq $tmp2[14]))
- {
- $aggregated = 1;
- $tmp2[16] .= " weekly ";
- if ($tmp1[1] eq 'on') { $tmp2[16] .= "m"; }
- if ($tmp1[2] eq 'on') { $tmp2[16] .= "t"; }
- if ($tmp1[3] eq 'on') { $tmp2[16] .= "w"; }
- if ($tmp1[4] eq 'on') { $tmp2[16] .= "h"; }
- if ($tmp1[5] eq 'on') { $tmp2[16] .= "f"; }
- if ($tmp1[6] eq 'on') { $tmp2[16] .= "a"; }
- if ($tmp1[7] eq 'on') { $tmp2[16] .= "s"; }
- $tmp2[16] .= " $tmp1[8]:$tmp1[9]-$tmp1[10]:$tmp1[11]\n";
- $_ = join(",",@tmp2);
- }
-
- }
- }
- if (!$aggregated)
- {
- $tmp1[16] .= " weekly ";
- if ($tmp1[1] eq 'on') { $tmp1[16] .= "m"; }
- if ($tmp1[2] eq 'on') { $tmp1[16] .= "t"; }
- if ($tmp1[3] eq 'on') { $tmp1[16] .= "w"; }
- if ($tmp1[4] eq 'on') { $tmp1[16] .= "h"; }
- if ($tmp1[5] eq 'on') { $tmp1[16] .= "f"; }
- if ($tmp1[6] eq 'on') { $tmp1[16] .= "a"; }
- if ($tmp1[7] eq 'on') { $tmp1[16] .= "s"; }
- $tmp1[16] .= " $tmp1[8]:$tmp1[9]-$tmp1[10]:$tmp1[11]\n";
- $x = join(",",@tmp1);
- push(@new,$x);
- }
- }
- }
-
- return @new;
-
-}
-
-# -------------------------------------------------------------------
-
-sub setpermissions
-{
- my $bldir = $_[0];
-
- foreach $category (<$bldir/*>)
- {
- if (-d $category){
- system("chmod 755 $category &> /dev/null");
- foreach $blacklist (<$category/*>)
- {
- if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
- if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
- }
- system("chmod 666 $category/*.db &> /dev/null");
- &setpermissions ($category);
- }
- }
-}
-
-# -------------------------------------------------------------------
-
-sub writeconfigfile
-{
- my $executables = "\\.\(ade|adp|asx|bas|bat|chm|com|cmd|cpl|crt|dll|eml|exe|hiv|hlp|hta|inc|inf|ins|isp|jse|jtd|lnk|msc|msh|msi|msp|mst|nws|ocx|oft|ops|pcd|pif|plx|reg|scr|sct|sha|shb|shm|shs|sys|tlb|tsp|url|vbe|vbs|vxd|wsc|wsf|wsh\)\$";
- my $audiovideo = "\\.\(aiff|asf|avi|dif|divx|mov|movie|mp3|mpe?g?|mpv2|ogg|ra?m|snd|qt|wav|wma|wmf|wmv\)\$";
- my $archives = "\\.\(bin|bz2|cab|cdr|dmg|gz|hqx|rar|smi|sit|sea|tar|tgz|zip\)\$";
-
- my $ident = " anonymous";
-
- my $defaultrule='';
- my $tcrule='';
- my $redirect='';
- my $qredirect='';
-
- my $idx;
-
- my @ec=();
- my @tc=();
- my @uq=();
-
- if (!(-d "$dbdir/custom")) { mkdir("$dbdir/custom") }
- if (!(-d "$dbdir/custom/blocked")) { mkdir("$dbdir/custom/blocked") }
- if (!(-d "$dbdir/custom/allowed")) { mkdir("$dbdir/custom/allowed") }
-
- open(FILE, ">/$dbdir/custom/blocked/domains");
- print FILE $filtersettings{'CUSTOM_BLACK_DOMAINS'};
- close(FILE);
- open(FILE, ">/$dbdir/custom/blocked/urls");
- print FILE $filtersettings{'CUSTOM_BLACK_URLS'};
- close(FILE);
- open(FILE, ">/$dbdir/custom/blocked/expressions");
- print FILE $filtersettings{'CUSTOM_EXPRESSIONS'};
- close(FILE);
- open(FILE, ">/$dbdir/custom/blocked/files");
- if ($filtersettings{'BLOCK_EXECUTABLES'} eq 'on') { print FILE "$executables\n"; }
- if ($filtersettings{'BLOCK_AUDIO-VIDEO'} eq 'on') { print FILE "$audiovideo\n"; }
- if ($filtersettings{'BLOCK_ARCHIVES'} eq 'on') { print FILE "$archives\n"; }
- close(FILE);
- open(FILE, ">/$dbdir/custom/allowed/domains");
- print FILE $filtersettings{'CUSTOM_WHITE_DOMAINS'};
- close(FILE);
- open(FILE, ">/$dbdir/custom/allowed/urls");
- print FILE $filtersettings{'CUSTOM_WHITE_URLS'};
- close(FILE);
-
- if ($filtersettings{'ENABLE_USERNAME_LOG'} eq 'on') { $ident = ""; }
-
- if ($filtersettings{'REDIRECT_PAGE'} eq '')
- {
- if (($filtersettings{'SHOW_CATEGORY'} eq 'on') || ($filtersettings{'SHOW_URL'} eq 'on') || ($filtersettings{'SHOW_IP'} eq 'on')) {
- if ($filtersettings{'SHOW_CATEGORY'} eq 'on') { $redirect .= "&category=%t"; }
- if ($filtersettings{'SHOW_URL'} eq 'on') { $redirect .= "&url=%u"; }
- if ($filtersettings{'SHOW_IP'} eq 'on') { $redirect .= "&ip=%a"; }
- $redirect =~ s/^&/?/;
- $redirect = "http:\/\/$netsettings{'GREEN_ADDRESS'}:$http_port\/redirect.cgi".$redirect;
- } else {
- $redirect="http:\/\/$netsettings{'GREEN_ADDRESS'}:$http_port\/redirect.cgi";
- }
- } else { $redirect=$filtersettings{'REDIRECT_PAGE'}; }
-
- if ($filtersettings{'ENABLE_DNSERROR'} eq 'on') { $redirect = "302:http://0.0.0.0"; }
-
- undef $defaultrule;
-
- if ($filtersettings{'ENABLE_CUSTOM_WHITELIST'} eq 'on')
- {
- $defaultrule .= "custom-allowed ";
- }
- if ($filtersettings{'BLOCK_ALL'} eq 'on')
- {
- $defaultrule .= "none";
- }
- else
- {
- if ($filtersettings{'BLOCK_IP_ADDR'} eq 'on')
- {
- $defaultrule .= "!in-addr ";
- }
- for ($i=0; $i<=@filtergroups; $i++) {
- if ($filtersettings{@filtergroups[$i]} eq 'on')
- {
- $defaultrule .= "!@categories[$i] ";
- }
- }
- if ($filtersettings{'ENABLE_CUSTOM_BLACKLIST'} eq 'on')
- {
- $defaultrule .= "!custom-blocked ";
- }
- if ($filtersettings{'ENABLE_CUSTOM_EXPRESSIONS'} eq 'on')
- {
- $defaultrule .= "!custom-expressions ";
- }
- if (($filtersettings{'BLOCK_EXECUTABLES'} eq 'on') ||
- ($filtersettings{'BLOCK_AUDIO-VIDEO'} eq 'on') ||
- ($filtersettings{'BLOCK_ARCHIVES'} eq 'on'))
- {
- $defaultrule .= "!files ";
- }
- $defaultrule .= "any";
- }
-
- $defaultrule =~ s/\//_/g;
-
- open(FILE, ">${General::swroot}/urlfilter/squidGuard.conf") or die "Unable to write squidGuard.conf file";
- flock(FILE, 2);
-
- print FILE "logdir /var/log/squidGuard\n";
- print FILE "dbhome $dbdir\n\n";
-
- undef @repositoryfiles;
- if ($filtersettings{'ENABLE_REWRITE'} eq 'on')
- {
- @repositorylist = <$repository/*>;
- foreach (@repositorylist)
- {
- if (!-d) { push(@repositoryfiles,substr($_,rindex($_,"/")+1)); }
- }
- }
-
- if ((($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles)) || ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on'))
- {
- print FILE "rewrite rew-rule-1 {\n";
-
- if (($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles))
- {
- print FILE " # rewrite localfiles\n";
- foreach (@repositoryfiles)
- {
- print FILE " s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:$http_port/repository/$_\@i\n";
- }
- }
-
- if ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on')
- {
- print FILE " # rewrite safesearch\n";
- print FILE " s@(.*\\Wgoogle\\.\\w+/(webhp|search|imghp|images|grphp|groups|frghp|froogle)\\?)(.*)(\\bsafe=\\w+)(.*)\@\\1\\3safe=strict\\5\@i\n";
- print FILE " s@(.*\\Wgoogle\\.\\w+/(webhp|search|imghp|images|grphp|groups|frghp|froogle)\\?)(.*)\@\\1safe=strict\\\&\\3\@i\n";
- print FILE " s@(.*\\Wsearch\\.yahoo\\.\\w+/search\\W)(.*)(\\bvm=\\w+)(.*)\@\\1\\2vm=r\\4\@i\n";
- print FILE " s@(.*\\Wsearch\\.yahoo\\.\\w+/search\\W.*)\@\\1\\\&vm=r\@i\n";
- print FILE " s@(.*\\Walltheweb\\.com/customize\\?)(.*)(\\bcopt_offensive=\\w+)(.*)\@\\1\\2copt_offensive=on\\4\@i\n";
- }
-
- print FILE "}\n\n";
-
- if ((!($filtersettings{'UNFILTERED_CLIENTS'} eq '')) && ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on')) {
- print FILE "rewrite rew-rule-2 {\n";
- if (($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles))
- {
- print FILE " # rewrite localfiles\n";
- foreach (@repositoryfiles)
- {
- print FILE " s@.*/$_\$\@http://$netsettings{'GREEN_ADDRESS'}:$http_port/repository/$_\@i\n";
- }
- } else {
- print FILE " # rewrite nothing\n";
- }
- print FILE "}\n\n";
- }
- }
-
- if (!($filtersettings{'UNFILTERED_CLIENTS'} eq '')) {
- print FILE "src unfiltered {\n";
- print FILE " ip $filtersettings{'UNFILTERED_CLIENTS'}\n";
- print FILE "}\n\n";
- }
- if (!($filtersettings{'BANNED_CLIENTS'} eq '')) {
- print FILE "src banned {\n";
- print FILE " ip $filtersettings{'BANNED_CLIENTS'}\n";
- if ($filtersettings{'ENABLE_LOG'} eq 'on')
- {
- if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
- {
- print FILE " logfile ".$ident." banned.log\n";
- } else {
- print FILE " logfile ".$ident." urlfilter.log\n";
- }
- }
- print FILE "}\n\n";
- }
-
- if (-e $uqfile)
- {
- open(UQ, $uqfile);
- @uqlist = <UQ>;
- close(UQ);
-
- if (@uqlist > 0)
- {
- $idx=0;
- foreach (@uqlist)
- {
- chomp;
- @uq = split(/\,/);
- if ($uq[4] eq 'on')
- {
- $idx++;
- $uq[0] = $uq[0] * 60;
- if ($uq[1] eq '0') {
- if ($uq[2] eq 'hourly') { $uq[1] = 3600 }
- if ($uq[2] eq 'daily') { $uq[1] = 86400 }
- if ($uq[2] eq 'weekly') { $uq[1] = 604800 }
- }
- $uq[3] =~ s/\|/ /g;
- print FILE "src quota-$idx {\n";
- print FILE " user $uq[3]\n";
- print FILE " userquota $uq[0] $uq[1] $uq[2]\n";
- print FILE "}\n\n";
- }
- }
-
- }
- }
-
- @tclist = &aggregatedconstraints;
-
- if (@tclist > 0)
- {
- $idx=0;
- foreach (@tclist)
- {
- chomp;
- @tc = split(/\,/);
- if ($tc[15] eq 'on')
- {
- $idx++;
- print FILE "src network-$idx {\n";
- @clients = split(/ /,$tc[12]);
- @temp = split(/-/,$clients[0]);
- if ( (&General::validipormask($temp[0])) || (&General::validipandmask($temp[0])))
- {
- print FILE " ip $tc[12]\n";
- } else {
- print FILE " user";
- @clients = split(/ /,$tc[12]);
- foreach $line (@clients)
- {
- $line =~ s/(^\w+)\\(\w+$)/$1%5c$2/;
- print FILE " $line";
- }
- print FILE "\n";
- }
- if (($filtersettings{'ENABLE_LOG'} eq 'on') && ($tc[14] eq 'block') && ($tc[13] eq 'any'))
- {
- if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
- {
- print FILE " logfile ".$ident." timeconst.log\n";
- } else {
- print FILE " logfile ".$ident." urlfilter.log\n";
- }
- }
- print FILE "}\n\n";
- }
- }
-
- $idx=0;
- foreach (@tclist)
- {
- chomp;
- @tc = split(/\,/);
- if ($tc[15] eq 'on')
- {
- $idx++;
- print FILE "time constraint-$idx {\n";
- print FILE "$tc[16]\n";
- print FILE "}\n\n";
- }
- }
- }
-
- foreach $category (@categories) {
- $blacklist = $category;
- $category =~ s/\//_/g;
- if ( $filtersettings{"FILTER_".uc($category)} ne "on" ){next;}
- print FILE "dest $category {\n";
- if (-e "$dbdir/$blacklist/domains") {
- print FILE " domainlist $blacklist\/domains\n";
- }
- if (-e "$dbdir/$blacklist/urls") {
- print FILE " urllist $blacklist\/urls\n";
- }
- if ((-e "$dbdir/$blacklist/expressions") && ($filtersettings{'ENABLE_EXPR_LISTS'} eq 'on')) {
- print FILE " expressionlist $blacklist\/expressions\n";
- }
- if ((($category eq 'ads') || ($category eq 'adv')) && ($filtersettings{'ENABLE_EMPTY_ADS'} eq 'on'))
- {
- print FILE " redirect http:\/\/$netsettings{'GREEN_ADDRESS'}:$http_port\/images/urlfilter/1x1.gif\n";
- }
- if ($filtersettings{'ENABLE_LOG'} eq 'on')
- {
- if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
- {
- print FILE " logfile $ident $category.log\n";
- } else {
- print FILE " logfile $ident urlfilter.log\n";
- }
- }
- print FILE "}\n\n";
- $category = $blacklist;
- }
-
- print FILE "dest files {\n";
- print FILE " expressionlist custom\/blocked\/files\n";
- if ($filtersettings{'ENABLE_LOG'} eq 'on')
- {
- if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
- {
- print FILE " logfile $ident files.log\n";
- } else {
- print FILE " logfile $ident urlfilter.log\n";
- }
- }
- print FILE "}\n\n";
-
- print FILE "dest custom-allowed {\n";
- print FILE " domainlist custom\/allowed\/domains\n";
- print FILE " urllist custom\/allowed\/urls\n";
- print FILE "}\n\n";
-
- print FILE "dest custom-blocked {\n";
- print FILE " domainlist custom\/blocked\/domains\n";
- print FILE " urllist custom\/blocked\/urls\n";
- if ($filtersettings{'ENABLE_LOG'} eq 'on')
- {
- if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
- {
- print FILE " logfile $ident custom.log\n";
- } else {
- print FILE " logfile $ident urlfilter.log\n";
- }
- }
- print FILE "}\n\n";
-
- print FILE "dest custom-expressions {\n";
- print FILE " expressionlist custom\/blocked\/expressions\n";
- if ($filtersettings{'ENABLE_LOG'} eq 'on')
- {
- if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
- {
- print FILE " logfile $ident custom.log\n";
- } else {
- print FILE " logfile $ident urlfilter.log\n";
- }
- }
- print FILE "}\n\n";
-
- print FILE "acl {\n";
- if (!($filtersettings{'UNFILTERED_CLIENTS'} eq '')) {
- print FILE " unfiltered {\n";
- print FILE " pass all\n";
- if ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on')
- {
- print FILE " rewrite rew-rule-2\n";
- }
- print FILE " }\n\n";
- }
- if (!($filtersettings{'BANNED_CLIENTS'} eq '')) {
- print FILE " banned {\n";
- print FILE " pass ";
- if (($filtersettings{'ENABLE_CUSTOM_WHITELIST'} eq 'on') && ($filtersettings{'ENABLE_GLOBAL_WHITELIST'} eq 'on'))
- {
- print FILE "custom-allowed ";
- }
- print FILE "none\n";
- print FILE " }\n\n";
- }
-
- if (-s $uqfile)
- {
- open(UQ, $uqfile);
- @uqlist = <UQ>;
- close(UQ);
-
- $idx=0;
- foreach (@uqlist)
- {
- chomp;
- @uq = split(/\,/);
- if ($uq[4] eq 'on')
- {
- $idx++;
- $qredirect = $redirect;
- $qredirect =~ s/\%t/\%q\%20-\%20\%i/;
- print FILE " quota-$idx {\n";
- print FILE " pass ";
- if (($filtersettings{'ENABLE_CUSTOM_WHITELIST'} eq 'on') && ($filtersettings{'ENABLE_GLOBAL_WHITELIST'} eq 'on'))
- {
- print FILE "custom-allowed ";
- }
- print FILE "none\n";
- unless ($redirect eq $qredirect) { print FILE " redirect $qredirect\n"; }
- print FILE " }\n\n";
- }
- }
- }
-
- if (@tclist > 0)
- {
- $idx=0;
- foreach (@tclist)
- {
- chomp;
- @tc = split(/\,/);
- @ec = split(/\|/,$tc[13]);
- foreach (@ec) { s/\//_/g; }
- if ($tc[15] eq 'on')
- {
- $idx++;
- print FILE " network-$idx $tc[0] constraint-$idx {\n";
- print FILE " pass ";
-
- if ($filtersettings{'BLOCK_ALL'} eq 'on')
- {
- if ($tc[14] eq 'block')
- {
- if ((@ec == 1) && ($ec[0] eq 'any')) {
- if (($filtersettings{'ENABLE_CUSTOM_WHITELIST'} eq 'on') && ($filtersettings{'ENABLE_GLOBAL_WHITELIST'} eq 'on'))
- {
- print FILE "custom-allowed ";
- }
- print FILE "none";
- } else {
- print FILE $defaultrule;
- }
- } else {
- foreach (@ec)
- {
- print FILE "$_ ";
- }
- print FILE $defaultrule unless ((@ec == 1) && ($ec[0] eq 'any'));
- }
- } else {
- if ($tc[14] eq 'block')
- {
- $tcrule = $defaultrule;
- if ($filtersettings{'ENABLE_CUSTOM_WHITELIST'} eq 'on') {
- $tcrule =~ s/custom-allowed //;
- print FILE "custom-allowed " unless ((@ec == 1) && ($ec[0] eq 'any') && ($filtersettings{'ENABLE_GLOBAL_WHITELIST'} eq 'off'));
- }
- if ((@ec == 1) && ($ec[0] eq 'any')) {
- print FILE "none";
- } else {
- foreach (@ec)
- {
- print FILE "!$_ " unless (index($defaultrule,"!".$_." ") ge 0);
- }
- }
- print FILE $tcrule unless ((@ec == 1) && ($ec[0] eq 'any'));
- } else {
- $tcrule = $defaultrule;
- if ((@ec == 1) && ($ec[0] eq 'any'))
- {
- print FILE "any";
- } else {
- foreach (@ec)
- {
- $tcrule = "$_ ".$tcrule unless (index($defaultrule,"!".$_." ") ge 0);
- $tcrule =~ s/!$_ //;
- }
- print FILE $tcrule;
- }
- }
- }
-
- print FILE "\n";
-
- print FILE " }\n\n";
- }
- }
- }
-
- print FILE " default {\n";
- print FILE " pass $defaultrule\n";
- if (($filtersettings{'ENABLE_LOG'} eq 'on') && ($filtersettings{'BLOCK_ALL'} eq 'on'))
- {
- if ($filtersettings{'ENABLE_CATEGORY_LOG'} eq 'on')
- {
- print FILE " logfile".$ident." default.log\n";
- } else {
- print FILE " logfile".$ident." urlfilter.log\n";
- }
- }
- if ((($filtersettings{'ENABLE_REWRITE'} eq 'on') && (@repositoryfiles)) || ($filtersettings{'ENABLE_SAFESEARCH'} eq 'on'))
- {
- print FILE " rewrite rew-rule-1\n";
- }
- print FILE " redirect $redirect\n";
- print FILE " }\n";
- print FILE "}\n";
-
- close FILE;
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use Net::DNS;
-use File::Copy;
-use File::Temp qw/ tempfile tempdir /;
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-require "${General::swroot}/countries.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colourgreen}, ${Header::colourblue} );
-undef (@dummy);
-
-###
-### Initialize variables
-###
-my $sleepDelay = 4; # after a call to ipsecctrl S or R, wait this delay (seconds) before reading status
- # (let the ipsec do its job)
-my %netsettings=();
-our %cgiparams=();
-our %vpnsettings=();
-my %checked=();
-my %confighash=();
-my %cahash=();
-my %selected=();
-my $warnmessage = '';
-my $errormessage = '';
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-$cgiparams{'ENABLED'} = 'off';
-$cgiparams{'EDIT_ADVANCED'} = 'off';
-$cgiparams{'ACTION'} = '';
-$cgiparams{'CA_NAME'} = '';
-$cgiparams{'DBG_CRYPT'} = '';
-$cgiparams{'DBG_PARSING'} = '';
-$cgiparams{'DBG_EMITTING'} = '';
-$cgiparams{'DBG_CONTROL'} = '';
-$cgiparams{'DBG_KLIPS'} = '';
-$cgiparams{'DBG_DNS'} = '';
-$cgiparams{'DBG_NAT_T'} = '';
-$cgiparams{'KEY'} = '';
-$cgiparams{'TYPE'} = '';
-$cgiparams{'ADVANCED'} = '';
-$cgiparams{'INTERFACE'} = '';
-$cgiparams{'NAME'} = '';
-$cgiparams{'LOCAL_SUBNET'} = '';
-$cgiparams{'REMOTE_SUBNET'} = '';
-$cgiparams{'REMOTE'} = '';
-$cgiparams{'LOCAL_ID'} = '';
-$cgiparams{'REMOTE_ID'} = '';
-$cgiparams{'REMARK'} = '';
-$cgiparams{'PSK'} = '';
-$cgiparams{'CERT_NAME'} = '';
-$cgiparams{'CERT_EMAIL'} = '';
-$cgiparams{'CERT_OU'} = '';
-$cgiparams{'CERT_ORGANIZATION'} = '';
-$cgiparams{'CERT_CITY'} = '';
-$cgiparams{'CERT_STATE'} = '';
-$cgiparams{'CERT_COUNTRY'} = '';
-$cgiparams{'SUBJECTALTNAME'} = '';
-$cgiparams{'CERT_PASS1'} = '';
-$cgiparams{'CERT_PASS2'} = '';
-$cgiparams{'ROOTCERT_HOSTNAME'} = '';
-$cgiparams{'ROOTCERT_COUNTRY'} = '';
-$cgiparams{'P12_PASS'} = '';
-$cgiparams{'ROOTCERT_ORGANIZATION'} = '';
-$cgiparams{'ROOTCERT_HOSTNAME'} = '';
-$cgiparams{'ROOTCERT_EMAIL'} = '';
-$cgiparams{'ROOTCERT_OU'} = '';
-$cgiparams{'ROOTCERT_CITY'} = '';
-$cgiparams{'ROOTCERT_STATE'} = '';
-
-&Header::getcgihash(\%cgiparams, {'wantfile' => 1, 'filevar' => 'FH'});
-
-###
-### Useful functions
-###
-sub valid_dns_host {
- my $hostname = $_[0];
- unless ($hostname) { return "No hostname"};
- my $res = new Net::DNS::Resolver;
- my $query = $res->search("$hostname");
- if ($query) {
- foreach my $rr ($query->answer) {
- ## Potential bug - we are only looking at A records:
- return 0 if $rr->type eq "A";
- }
- } else {
- return $res->errorstring;
- }
-}
-###
-### Just return true is one interface is vpn enabled
-###
-sub vpnenabled {
- return ($vpnsettings{'ENABLED'} eq 'on');
-}
-###
-### old version: maintain serial number to one, without explication.
-### this : let the counter go, so that each cert is numbered.
-###
-sub cleanssldatabase
-{
- if (open(FILE, ">${General::swroot}/certs/serial")) {
- print FILE "01";
- close FILE;
- }
- if (open(FILE, ">${General::swroot}/certs/index.txt")) {
- print FILE "";
- close FILE;
- }
- unlink ("${General::swroot}/certs/index.txt.old");
- unlink ("${General::swroot}/certs/serial.old");
- unlink ("${General::swroot}/certs/01.pem");
-}
-sub newcleanssldatabase
-{
- if (! -s "${General::swroot}/certs/serial" ) {
- open(FILE, ">${General::swroot}/certs/serial");
- print FILE "01";
- close FILE;
- }
- if (! -s ">${General::swroot}/certs/index.txt") {
- system ("touch ${General::swroot}/certs/index.txt");
- }
- unlink ("${General::swroot}/certs/index.txt.old");
- unlink ("${General::swroot}/certs/serial.old");
-# unlink ("${General::swroot}/certs/01.pem"); numbering evolves. Wrong place to delete
-}
-
-###
-### Call openssl and return errormessage if any
-###
-sub callssl ($) {
- my $opt = shift;
- my $retssl = `/usr/bin/openssl $opt 2>&1`; #redirect stderr
- my $ret = '';
- foreach my $line (split (/\n/, $retssl)) {
- &General::log("ipsec", "$line") if (0); # 1 for verbose logging
- $ret .= '<br>'.$line if ( $line =~ /error|unknown/ );
- }
- if ($ret) {
- $ret= &Header::cleanhtml($ret);
- }
- return $ret ? "$Lang::tr{'openssl produced an error'}: $ret" : '' ;
-}
-###
-### Obtain a CN from given cert
-###
-sub getCNfromcert ($) {
- #&General::log("ipsec", "Extracting name from $_[0]...");
- my $temp = `/usr/bin/openssl x509 -text -in $_[0]`;
- $temp =~ /Subject:.*CN=(.*)[\n]/;
- $temp = $1;
- $temp =~ s+/Email+, E+;
- $temp =~ s/ ST=/ S=/;
- $temp =~ s/,//g;
- $temp =~ s/\'//g;
- return $temp;
-}
-###
-### Obtain Subject from given cert
-###
-sub getsubjectfromcert ($) {
- #&General::log("ipsec", "Extracting subject from $_[0]...");
- my $temp = `/usr/bin/openssl x509 -text -in $_[0]`;
- $temp =~ /Subject: (.*)[\n]/;
- $temp = $1;
- $temp =~ s+/Email+, E+;
- $temp =~ s/ ST=/ S=/;
- return $temp;
-}
-###
-### Combine local subnet and connection name to make a unique name for each connection section
-### (this sub is not used now)
-###
-sub makeconnname ($) {
- my $conn = shift;
- my $subnet = shift;
-
- $subnet =~ /^(.*?)\/(.*?)$/; # $1=IP $2=mask
- my $ip = unpack('N', &Socket::inet_aton($1));
- if (length ($2) > 2) {
- my $mm = unpack('N', &Socket::inet_aton($2));
- while ( ($mm & 1)==0 ) {
- $ip >>= 1;
- $mm >>= 1;
- };
- } else {
- $ip >>= (32 - $2);
- }
- return sprintf ("%s-%X", $conn, $ip);
-}
-###
-### Write a config file.
-###
-###Type=Host : GUI can choose the interface used (RED,GREEN,BLUE) and
-### the side is always defined as 'left'.
-### configihash[14]: 'VHOST' is allowed
-###
-
-sub writeipsecfiles {
- my %lconfighash = ();
- my %lvpnsettings = ();
- &General::readhasharray("${General::swroot}/vpn/config", \%lconfighash);
- &General::readhash("${General::swroot}/vpn/settings", \%lvpnsettings);
-
- open(CONF, ">${General::swroot}/vpn/ipsec.conf") or die "Unable to open ${General::swroot}/vpn/ipsec.conf: $!";
- open(SECRETS, ">${General::swroot}/vpn/ipsec.secrets") or die "Unable to open ${General::swroot}/vpn/ipsec.secrets: $!";
- flock CONF, 2;
- flock SECRETS, 2;
- print CONF "version 2\n\n";
- print CONF "config setup\n";
- #create an ipsec Interface for each 'enabled' ones
- #loop trought configuration and add physical interfaces to the list
- my $interfaces = "\tinterfaces=\"";
- foreach my $key (keys %lconfighash) {
- next if ($lconfighash{$key}[0] ne 'on');
- $interfaces .= "%defaultroute " if ($interfaces !~ /defaultroute/ && $lconfighash{$key}[26] eq 'RED');
- $interfaces .= "ipsec1=$netsettings{'GREEN_DEV'} " if ($interfaces !~ /ipsec1/ && $lconfighash{$key}[26] eq 'GREEN');
- $interfaces .= "ipsec2=$netsettings{'BLUE_DEV'} " if ($interfaces !~ /ipsec2/ && $lconfighash{$key}[26] eq 'BLUE');
- $interfaces .= "ipsec3=$netsettings{'ORANGE_DEV'} " if ($interfaces !~ /ipsec3/ && $lconfighash{$key}[26] eq 'ORANGE');
- }
- print CONF $interfaces . "\"\n";
-
- my $plutodebug = ''; # build debug list
- map ($plutodebug .= $lvpnsettings{$_} eq 'on' ? lc (substr($_,4)).' ' : '',
- ('DBG_CRYPT','DBG_PARSING','DBG_EMITTING','DBG_CONTROL',
- 'DBG_KLIPS','DBG_DNS','DBG_NAT_T'));
- $plutodebug = 'none' if $plutodebug eq ''; # if nothing selected, use 'none'.
- print CONF "\tklipsdebug=\"none\"\n";
- print CONF "\tplutodebug=\"$plutodebug\"\n";
- # deprecated in ipsec.conf version 2
- #print CONF "\tplutoload=%search\n";
- #print CONF "\tplutostart=%search\n";
- print CONF "\tuniqueids=yes\n";
- print CONF "\tnat_traversal=yes\n";
- print CONF "\toverridemtu=$lvpnsettings{'VPN_OVERRIDE_MTU'}\n" if ($lvpnsettings{'VPN_OVERRIDE_MTU'} ne '');
- print CONF "\tvirtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16";
- print CONF ",%v4:!$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
- if (length($netsettings{'ORANGE_DEV'}) > 2) {
- print CONF ",%v4:!$netsettings{'ORANGE_NETADDRESS'}/$netsettings{'ORANGE_NETMASK'}";
- }
- if (length($netsettings{'BLUE_DEV'}) > 2) {
- print CONF ",%v4:!$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";
- }
- foreach my $key (keys %lconfighash) {
- if ($lconfighash{$key}[3] eq 'net') {
- print CONF ",%v4:!$lconfighash{$key}[11]";
- }
- }
- print CONF "\n\n";
- print CONF "conn %default\n";
- print CONF "\tkeyingtries=0\n";
- print CONF "\tdisablearrivalcheck=no\n";
- print CONF "\n";
-
- if (-f "${General::swroot}/certs/hostkey.pem") {
- print SECRETS ": RSA ${General::swroot}/certs/hostkey.pem\n"
- }
- my $last_secrets = ''; # old the less specifics connections
-
- foreach my $key (keys %lconfighash) {
- next if ($lconfighash{$key}[0] ne 'on');
-
- #remote peer is not set? => use '%any'
- $lconfighash{$key}[10] = '%any' if ($lconfighash{$key}[10] eq '');
-
- my $localside;
- if ($lconfighash{$key}[26] eq 'BLUE') {
- $localside = $netsettings{'BLUE_ADDRESS'};
- } elsif ($lconfighash{$key}[26] eq 'GREEN') {
- $localside = $netsettings{'GREEN_ADDRESS'};
- } elsif ($lconfighash{$key}[26] eq 'ORANGE') {
- $localside = $netsettings{'ORANGE_ADDRESS'};
- } else { # it is RED
- $localside = $lvpnsettings{'VPN_IP'};
- }
-
- print CONF "conn $lconfighash{$key}[1]\n";
- print CONF "\tleft=$localside\n";
- print CONF "\tleftnexthop=%defaultroute\n" if ($lconfighash{$key}[26] eq 'RED' && $lvpnsettings{'VPN_IP'} ne '%defaultroute');
- print CONF "\tleftsubnet=$lconfighash{$key}[8]\n";
-
- print CONF "\tright=$lconfighash{$key}[10]\n";
- if ($lconfighash{$key}[3] eq 'net') {
- print CONF "\trightsubnet=$lconfighash{$key}[11]\n";
- print CONF "\trightnexthop=%defaultroute\n";
- } elsif ($lconfighash{$key}[10] eq '%any' && $lconfighash{$key}[14] eq 'on') { #vhost allowed for roadwarriors?
- print CONF "\trightsubnet=vhost:%no,%priv\n";
- }
-
- # Local Cert and Remote Cert (unless auth is DN dn-auth)
- if ($lconfighash{$key}[4] eq 'cert') {
- print CONF "\tleftcert=${General::swroot}/certs/hostcert.pem\n";
- print CONF "\trightcert=${General::swroot}/certs/$lconfighash{$key}[1]cert.pem\n" if ($lconfighash{$key}[2] ne '%auth-dn');
- }
-
- # Local and Remote IDs
- print CONF "\tleftid=\"$lconfighash{$key}[7]\"\n" if ($lconfighash{$key}[7]);
- print CONF "\trightid=\"$lconfighash{$key}[9]\"\n" if ($lconfighash{$key}[9]);
-
- # Algorithms
- if ($lconfighash{$key}[18] && $lconfighash{$key}[19] && $lconfighash{$key}[20]) {
- print CONF "\tike=";
- my @encs = split('\|', $lconfighash{$key}[18]);
- my @ints = split('\|', $lconfighash{$key}[19]);
- my @groups = split('\|', $lconfighash{$key}[20]);
- my $comma = 0;
- foreach my $i (@encs) {
- foreach my $j (@ints) {
- foreach my $k (@groups) {
- if ($comma != 0) { print CONF ","; } else { $comma = 1; }
- print CONF "$i-$j-modp$k";
- }
- }
- }
- if ($lconfighash{$key}[24] eq 'on') { #only proposed algorythms?
- print CONF "!\n";
- } else {
- print CONF "\n";
- }
- }
- if ($lconfighash{$key}[21] && $lconfighash{$key}[22]) {
- print CONF "\tesp=";
- my @encs = split('\|', $lconfighash{$key}[21]);
- my @ints = split('\|', $lconfighash{$key}[22]);
- my $comma = 0;
- foreach my $i (@encs) {
- foreach my $j (@ints) {
- if ($comma != 0) { print CONF ","; } else { $comma = 1; }
- print CONF "$i-$j";
- }
- }
- if ($lconfighash{$key}[24] eq 'on') { #only proposed algorythms?
- print CONF "!\n";
- } else {
- print CONF "\n";
- }
- }
- if ($lconfighash{$key}[23]) {
- print CONF "\tpfsgroup=$lconfighash{$key}[23]\n";
- }
-
- # Lifetimes
- print CONF "\tikelifetime=$lconfighash{$key}[16]h\n" if ($lconfighash{$key}[16]);
- print CONF "\tkeylife=$lconfighash{$key}[17]h\n" if ($lconfighash{$key}[17]);
-
- # Aggresive mode
- print CONF "\taggrmode=yes\n" if ($lconfighash{$key}[12] eq 'on');
-
- # Compression
- print CONF "\tcompress=yes\n" if ($lconfighash{$key}[13] eq 'on');
-
- # Dead Peer Detection
- print CONF "\tdpddelay=30\n";
- print CONF "\tdpdtimeout=120\n";
- print CONF "\tdpdaction=$lconfighash{$key}[27]\n";
-
- # Disable pfs ?
- print CONF "\tpfs=". ($lconfighash{$key}[28] eq 'on' ? "yes\n" : "no\n");
-
- # Build Authentication details: LEFTid RIGHTid : PSK psk
- my $psk_line;
- if ($lconfighash{$key}[4] eq 'psk') {
- $psk_line = ($lconfighash{$key}[7] ? $lconfighash{$key}[7] : $localside) . " " ;
- $psk_line .= $lconfighash{$key}[9] ? $lconfighash{$key}[9] : $lconfighash{$key}[10]; #remoteid or remote address?
- $psk_line .= " : PSK '$lconfighash{$key}[5]'\n";
- # if the line contains %any, it is less specific than two IP or ID, so move it at end of file.
- if ($psk_line =~ /%any/) {
- $last_secrets .= $psk_line;
- } else {
- print SECRETS $psk_line;
- }
- print CONF "\tauthby=secret\n";
- } else {
- print CONF "\tauthby=rsasig\n";
- print CONF "\tleftrsasigkey=%cert\n";
- print CONF "\trightrsasigkey=%cert\n";
- }
-
- # Automatically start only if a net-to-net connection
- if ($lconfighash{$key}[3] eq 'host') {
- print CONF "\tauto=add\n";
- } else {
- print CONF "\tauto=start\n";
- }
- print CONF "\n";
- }#foreach key
- print SECRETS $last_secrets if ($last_secrets);
- close(CONF);
- close(SECRETS);
-}
-
-###
-### Save main settings
-###
-if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cgiparams{'KEY'} eq '') {
- &General::readhash("${General::swroot}/vpn/settings", \%vpnsettings);
- unless (&General::validfqdn($cgiparams{'VPN_IP'}) || &General::validip($cgiparams{'VPN_IP'})
- || $cgiparams{'VPN_IP'} eq '%defaultroute' ) {
- $errormessage = $Lang::tr{'invalid input for hostname'};
- goto SAVE_ERROR;
- }
-
- unless ($cgiparams{'VPN_DELAYED_START'} =~ /^[0-9]{1,3}$/ ) { #allow 0-999 seconds !
- $errormessage = $Lang::tr{'invalid time period'};
- goto SAVE_ERROR;
- }
-
- unless ($cgiparams{'VPN_OVERRIDE_MTU'} =~ /^(|[0-9]{1,5})$/ ) { #allow 0-99999
- $errormessage = $Lang::tr{'vpn mtu invalid'};
- goto SAVE_ERROR;
- }
-
- unless ($cgiparams{'VPN_WATCH'} =~ /^(|off|on)$/ ) {
- $errormessage = $Lang::tr{'invalid input'};
- goto SAVE_ERROR;
- }
-
- map ($vpnsettings{$_} = $cgiparams{$_},
- ('ENABLED','DBG_CRYPT','DBG_PARSING','DBG_EMITTING','DBG_CONTROL',
- 'DBG_KLIPS','DBG_DNS','DBG_NAT_T'));
-
- $vpnsettings{'VPN_IP'} = $cgiparams{'VPN_IP'};
- $vpnsettings{'VPN_DELAYED_START'} = $cgiparams{'VPN_DELAYED_START'};
- $vpnsettings{'VPN_OVERRIDE_MTU'} = $cgiparams{'VPN_OVERRIDE_MTU'};
- $vpnsettings{'VPN_WATCH'} = $cgiparams{'VPN_WATCH'};
- &General::writehash("${General::swroot}/vpn/settings", \%vpnsettings);
- &writeipsecfiles();
- if (&vpnenabled) {
- system('/usr/local/bin/ipsecctrl', 'S');
- } else {
- system('/usr/local/bin/ipsecctrl', 'D');
- }
- sleep $sleepDelay;
- SAVE_ERROR:
-###
-### Reset all step 2
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove x509'} && $cgiparams{'AREUSURE'} eq 'yes') {
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
-
- foreach my $key (keys %confighash) {
- if ($confighash{$key}[4] eq 'cert') {
- delete $confighash{$key};
- }
- }
- while (my $file = glob("${General::swroot}/{ca,certs,crls,private}/*")) {
- unlink $file
- }
- &cleanssldatabase();
- if (open(FILE, ">${General::swroot}/vpn/caconfig")) {
- print FILE "";
- close FILE;
- }
- &General::writehasharray("${General::swroot}/vpn/config", \%confighash);
- &writeipsecfiles();
- system('/usr/local/bin/ipsecctrl', 'R');
- sleep $sleepDelay;
-
-###
-### Reset all step 1
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove x509'}) {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', '');
- &Header::openbox('100%', 'left', $Lang::tr{'are you sure'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='100%'>
- <tr>
- <td align='center'>
- <input type='hidden' name='AREUSURE' value='yes' />
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
- $Lang::tr{'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections'}</td>
- </tr><tr>
- <td align='center'>
- <input type='submit' name='ACTION' value='$Lang::tr{'remove x509'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></td>
- </tr>
- </table>
- </form>
-END
- ;
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit (0);
-
-###
-### Upload CA Certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'upload ca certificate'}) {
- &General::readhasharray("${General::swroot}/vpn/caconfig", \%cahash);
-
- if ($cgiparams{'CA_NAME'} !~ /^[a-zA-Z0-9]+$/) {
- $errormessage = $Lang::tr{'name must only contain characters'};
- goto UPLOADCA_ERROR;
- }
-
- if (length($cgiparams{'CA_NAME'}) >60) {
- $errormessage = $Lang::tr{'name too long'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'CA_NAME'} eq 'ca') {
- $errormessage = $Lang::tr{'name is invalid'};
- goto UPLOAD_CA_ERROR;
- }
-
- # Check if there is no other entry with this name
- foreach my $key (keys %cahash) {
- if ($cahash{$key}[0] eq $cgiparams{'CA_NAME'}) {
- $errormessage = $Lang::tr{'a ca certificate with this name already exists'};
- goto UPLOADCA_ERROR;
- }
- }
-
- if (ref ($cgiparams{'FH'}) ne 'Fh') {
- $errormessage = $Lang::tr{'there was no file upload'};
- goto UPLOADCA_ERROR;
- }
- # Move uploaded ca to a temporary file
- (my $fh, my $filename) = tempfile( );
- if (copy ($cgiparams{'FH'}, $fh) != 1) {
- $errormessage = $!;
- goto UPLOADCA_ERROR;
- }
- my $temp = `/usr/bin/openssl x509 -text -in $filename`;
- if ($temp !~ /CA:TRUE/i) {
- $errormessage = $Lang::tr{'not a valid ca certificate'};
- unlink ($filename);
- goto UPLOADCA_ERROR;
- } else {
- move($filename, "${General::swroot}/ca/$cgiparams{'CA_NAME'}cert.pem");
- if ($? ne 0) {
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
- unlink ($filename);
- goto UPLOADCA_ERROR;
- }
- }
-
- my $key = &General::findhasharraykey (\%cahash);
- $cahash{$key}[0] = $cgiparams{'CA_NAME'};
- $cahash{$key}[1] = &Header::cleanhtml(getsubjectfromcert ("${General::swroot}/ca/$cgiparams{'CA_NAME'}cert.pem"));
- &General::writehasharray("${General::swroot}/vpn/caconfig", \%cahash);
- system('/usr/local/bin/ipsecctrl', 'R');
- sleep $sleepDelay;
-
- UPLOADCA_ERROR:
-
-###
-### Display ca certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show ca certificate'}) {
- &General::readhasharray("${General::swroot}/vpn/caconfig", \%cahash);
-
- if ( -f "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem") {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', '');
- &Header::openbox('100%', 'left', "$Lang::tr{'ca certificate'}:");
- my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
- print "<div align='center'><a href='/cgi-bin/vpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Export ca certificate to browser
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download ca certificate'}) {
- &General::readhasharray("${General::swroot}/vpn/caconfig", \%cahash);
-
- if ( -f "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
- print "Content-Type: application/force-download\n";
- print "Content-Type: application/octet-stream\r\n";
- print "Content-Disposition: attachment; filename=$cahash{$cgiparams{'KEY'}}[0]cert.pem\r\n\r\n";
- print `/usr/bin/openssl x509 -in ${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
- exit(0);
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Remove ca certificate (step 2)
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove ca certificate'} && $cgiparams{'AREUSURE'} eq 'yes') {
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
- &General::readhasharray("${General::swroot}/vpn/caconfig", \%cahash);
-
- if ( -f "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
- foreach my $key (keys %confighash) {
- my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/certs/$confighash{$key}[1]cert.pem`;
- if ($test =~ /: OK/) {
- # Delete connection
- system('/usr/local/bin/ipsecctrl', 'D', $key) if (&vpnenabled);
- unlink ("${General::swroot}/certs/$confighash{$key}[1]cert.pem");
- unlink ("${General::swroot}/certs/$confighash{$key}[1].p12");
- delete $confighash{$key};
- &General::writehasharray("${General::swroot}/vpn/config", \%confighash);
- &writeipsecfiles();
- }
- }
- unlink ("${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
- delete $cahash{$cgiparams{'KEY'}};
- &General::writehasharray("${General::swroot}/vpn/caconfig", \%cahash);
- system('/usr/local/bin/ipsecctrl', 'R');
- sleep $sleepDelay;
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-###
-### Remove ca certificate (step 1)
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove ca certificate'}) {
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
- &General::readhasharray("${General::swroot}/vpn/caconfig", \%cahash);
-
- my $assignedcerts = 0;
- if ( -f "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
- foreach my $key (keys %confighash) {
- my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/certs/$confighash{$key}[1]cert.pem`;
- if ($test =~ /: OK/) {
- $assignedcerts++;
- }
- }
- if ($assignedcerts) {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', '');
- &Header::openbox('100%', 'left', $Lang::tr{'are you sure'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='100%'>
- <tr>
- <td align='center'>
- <input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />
- <input type='hidden' name='AREUSURE' value='yes' /></td>
- </tr><tr>
- <td align='center'>
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>
- $Lang::tr{'connections are associated with this ca. deleting the ca will delete these connections as well.'}</td>
- </tr><tr>
- <td align='center'>
- <input type='submit' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
- <input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></td>
- </tr>
- </table>
- </form>
-END
- ;
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit (0);
- } else {
- unlink ("${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
- delete $cahash{$cgiparams{'KEY'}};
- &General::writehasharray("${General::swroot}/vpn/caconfig", \%cahash);
- system('/usr/local/bin/ipsecctrl', 'R');
- sleep $sleepDelay;
- }
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Display root certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'} ||
- $cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
- my $output;
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', '');
- if ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'}) {
- &Header::openbox('100%', 'left', "$Lang::tr{'root certificate'}:");
- $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ca/cacert.pem`;
- } else {
- &Header::openbox('100%', 'left', "$Lang::tr{'host certificate'}:");
- $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/certs/hostcert.pem`;
- }
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
- print "<div align='center'><a href='/cgi-bin/vpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
-
-###
-### Export root certificate to browser
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download root certificate'}) {
- if ( -f "${General::swroot}/ca/cacert.pem" ) {
- print "Content-Type: application/force-download\n";
- print "Content-Disposition: attachment; filename=cacert.pem\r\n\r\n";
- print `/usr/bin/openssl x509 -in ${General::swroot}/ca/cacert.pem`;
- exit(0);
- }
-###
-### Export host certificate to browser
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download host certificate'}) {
- if ( -f "${General::swroot}/certs/hostcert.pem" ) {
- print "Content-Type: application/force-download\n";
- print "Content-Disposition: attachment; filename=hostcert.pem\r\n\r\n";
- print `/usr/bin/openssl x509 -in ${General::swroot}/certs/hostcert.pem`;
- exit(0);
- }
-###
-### Form for generating/importing the caroot+host certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'generate root/host certificates'} ||
- $cgiparams{'ACTION'} eq $Lang::tr{'upload p12 file'}) {
-
- if (-f "${General::swroot}/ca/cacert.pem") {
- $errormessage = $Lang::tr{'valid root certificate already exists'};
- goto ROOTCERT_SKIP;
- }
-
- &General::readhash("${General::swroot}/vpn/settings", \%vpnsettings);
- # fill in initial values
- if ($cgiparams{'ROOTCERT_HOSTNAME'} eq '') {
- if (-e "${General::swroot}/red/active" && open(IPADDR, "${General::swroot}/red/local-ipaddress")) {
- my $ipaddr = <IPADDR>;
- close IPADDR;
- chomp ($ipaddr);
- $cgiparams{'ROOTCERT_HOSTNAME'} = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0];
- if ($cgiparams{'ROOTCERT_HOSTNAME'} eq '') {
- $cgiparams{'ROOTCERT_HOSTNAME'} = $ipaddr;
- }
- }
- $cgiparams{'ROOTCERT_COUNTRY'} = $vpnsettings{'ROOTCERT_COUNTRY'} if (!$cgiparams{'ROOTCERT_COUNTRY'});
- } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'upload p12 file'}) {
- &General::log("ipsec", "Importing from p12...");
-
- if (ref ($cgiparams{'FH'}) ne 'Fh') {
- $errormessage = $Lang::tr{'there was no file upload'};
- goto ROOTCERT_ERROR;
- }
-
- # Move uploaded certificate request to a temporary file
- (my $fh, my $filename) = tempfile( );
- if (copy ($cgiparams{'FH'}, $fh) != 1) {
- $errormessage = $!;
- goto ROOTCERT_ERROR;
- }
-
- # Extract the CA certificate from the file
- &General::log("ipsec", "Extracting caroot from p12...");
- if (open(STDIN, "-|")) {
- my $opt = " pkcs12 -cacerts -nokeys";
- $opt .= " -in $filename";
- $opt .= " -out /tmp/newcacert";
- $errormessage = &callssl ($opt);
- } else { #child
- print "$cgiparams{'P12_PASS'}\n";
- exit (0);
- }
-
- # Extract the Host certificate from the file
- if (!$errormessage) {
- &General::log("ipsec", "Extracting host cert from p12...");
- if (open(STDIN, "-|")) {
- my $opt = " pkcs12 -clcerts -nokeys";
- $opt .= " -in $filename";
- $opt .= " -out /tmp/newhostcert";
- $errormessage = &callssl ($opt);
- } else { #child
- print "$cgiparams{'P12_PASS'}\n";
- exit (0);
- }
- }
-
- # Extract the Host key from the file
- if (!$errormessage) {
- &General::log("ipsec", "Extracting private key from p12...");
- if (open(STDIN, "-|")) {
- my $opt = " pkcs12 -nocerts -nodes";
- $opt .= " -in $filename";
- $opt .= " -out /tmp/newhostkey";
- $errormessage = &callssl ($opt);
- } else { #child
- print "$cgiparams{'P12_PASS'}\n";
- exit (0);
- }
- }
-
- if (!$errormessage) {
- &General::log("ipsec", "Moving cacert...");
- move("/tmp/newcacert", "${General::swroot}/ca/cacert.pem");
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!" if ($? ne 0);
- }
-
- if (!$errormessage) {
- &General::log("ipsec", "Moving host cert...");
- move("/tmp/newhostcert", "${General::swroot}/certs/hostcert.pem");
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!" if ($? ne 0);
- }
-
- if (!$errormessage) {
- &General::log("ipsec", "Moving private key...");
- move("/tmp/newhostkey", "${General::swroot}/certs/hostkey.pem");
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!" if ($? ne 0);
- }
-
- #cleanup temp files
- unlink ($filename);
- unlink ('/tmp/newcacert');
- unlink ('/tmp/newhostcert');
- unlink ('/tmp/newhostkey');
- if ($errormessage) {
- unlink ("${General::swroot}/ca/cacert.pem");
- unlink ("${General::swroot}/certs/hostcert.pem");
- unlink ("${General::swroot}/certs/hostkey.pem");
- goto ROOTCERT_ERROR;
- }
-
- # Create empty CRL cannot be done because we don't have
- # the private key for this CAROOT
- # IPFire can only import certificates
-
- &General::log("ipsec", "p12 import completed!");
- &cleanssldatabase();
- goto ROOTCERT_SUCCESS;
-
- } elsif ($cgiparams{'ROOTCERT_COUNTRY'} ne '') {
-
- # Validate input since the form was submitted
- if ($cgiparams{'ROOTCERT_ORGANIZATION'} eq ''){
- $errormessage = $Lang::tr{'organization cant be empty'};
- goto ROOTCERT_ERROR;
- }
- if (length($cgiparams{'ROOTCERT_ORGANIZATION'}) >60) {
- $errormessage = $Lang::tr{'organization too long'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_ORGANIZATION'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for organization'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_HOSTNAME'} eq ''){
- $errormessage = $Lang::tr{'hostname cant be empty'};
- goto ROOTCERT_ERROR;
- }
- unless (&General::validfqdn($cgiparams{'ROOTCERT_HOSTNAME'}) || &General::validip($cgiparams{'ROOTCERT_HOSTNAME'})) {
- $errormessage = $Lang::tr{'invalid input for hostname'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'ROOTCERT_EMAIL'}))) {
- $errormessage = $Lang::tr{'invalid input for e-mail address'};
- goto ROOTCERT_ERROR;
- }
- if (length($cgiparams{'ROOTCERT_EMAIL'}) > 40) {
- $errormessage = $Lang::tr{'e-mail address too long'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_OU'} ne '' && $cgiparams{'ROOTCERT_OU'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for department'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_CITY'} ne '' && $cgiparams{'ROOTCERT_CITY'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for city'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_STATE'} ne '' && $cgiparams{'ROOTCERT_STATE'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for state or province'};
- goto ROOTCERT_ERROR;
- }
- if ($cgiparams{'ROOTCERT_COUNTRY'} !~ /^[A-Z]*$/) {
- $errormessage = $Lang::tr{'invalid input for country'};
- goto ROOTCERT_ERROR;
- }
- #the exact syntax is a list comma separated of
- # email:any-validemail
- # URI: a uniform resource indicator
- # DNS: a DNS domain name
- # RID: a registered OBJECT IDENTIFIER
- # IP: an IP address
- # example: email:franck@foo.com,IP:10.0.0.10,DNS:franck.foo.com
-
- if ($cgiparams{'SUBJECTALTNAME'} ne '' && $cgiparams{'SUBJECTALTNAME'} !~ /^(email|URI|DNS|RID|IP):[a-zA-Z0-9 :\/,\.\-_@]*$/) {
- $errormessage = $Lang::tr{'vpn altname syntax'};
- goto VPNCONF_ERROR;
- }
-
- # Copy the cgisettings to vpnsettings and save the configfile
- $vpnsettings{'ROOTCERT_ORGANIZATION'} = $cgiparams{'ROOTCERT_ORGANIZATION'};
- $vpnsettings{'ROOTCERT_HOSTNAME'} = $cgiparams{'ROOTCERT_HOSTNAME'};
- $vpnsettings{'ROOTCERT_EMAIL'} = $cgiparams{'ROOTCERT_EMAIL'};
- $vpnsettings{'ROOTCERT_OU'} = $cgiparams{'ROOTCERT_OU'};
- $vpnsettings{'ROOTCERT_CITY'} = $cgiparams{'ROOTCERT_CITY'};
- $vpnsettings{'ROOTCERT_STATE'} = $cgiparams{'ROOTCERT_STATE'};
- $vpnsettings{'ROOTCERT_COUNTRY'} = $cgiparams{'ROOTCERT_COUNTRY'};
- &General::writehash("${General::swroot}/vpn/settings", \%vpnsettings);
-
- # Replace empty strings with a .
- (my $ou = $cgiparams{'ROOTCERT_OU'}) =~ s/^\s*$/\./;
- (my $city = $cgiparams{'ROOTCERT_CITY'}) =~ s/^\s*$/\./;
- (my $state = $cgiparams{'ROOTCERT_STATE'}) =~ s/^\s*$/\./;
-
- # Create the CA certificate
- if (!$errormessage) {
- &General::log("ipsec", "Creating cacert...");
- if (open(STDIN, "-|")) {
- my $opt = " req -x509 -nodes -rand /proc/interrupts:/proc/net/rt_cache";
- $opt .= " -days 999999";
- $opt .= " -newkey rsa:2048";
- $opt .= " -keyout ${General::swroot}/private/cakey.pem";
- $opt .= " -out ${General::swroot}/ca/cacert.pem";
-
- $errormessage = &callssl ($opt);
- } else { #child
- print "$cgiparams{'ROOTCERT_COUNTRY'}\n";
- print "$state\n";
- print "$city\n";
- print "$cgiparams{'ROOTCERT_ORGANIZATION'}\n";
- print "$ou\n";
- print "$cgiparams{'ROOTCERT_ORGANIZATION'} CA\n";
- print "$cgiparams{'ROOTCERT_EMAIL'}\n";
- exit (0);
- }
- }
-
- # Create the Host certificate request
- if (!$errormessage) {
- &General::log("ipsec", "Creating host cert...");
- if (open(STDIN, "-|")) {
- my $opt = " req -nodes -rand /proc/interrupts:/proc/net/rt_cache";
- $opt .= " -newkey rsa:1024";
- $opt .= " -keyout ${General::swroot}/certs/hostkey.pem";
- $opt .= " -out ${General::swroot}/certs/hostreq.pem";
- $errormessage = &callssl ($opt);
- } else { #child
- print "$cgiparams{'ROOTCERT_COUNTRY'}\n";
- print "$state\n";
- print "$city\n";
- print "$cgiparams{'ROOTCERT_ORGANIZATION'}\n";
- print "$ou\n";
- print "$cgiparams{'ROOTCERT_HOSTNAME'}\n";
- print "$cgiparams{'ROOTCERT_EMAIL'}\n";
- print ".\n";
- print ".\n";
- exit (0);
- }
- }
-
- # Sign the host certificate request
- if (!$errormessage) {
- &General::log("ipsec", "Self signing host cert...");
-
- #No easy way for specifying the contain of subjectAltName without writing a config file...
- my ($fh, $v3extname) = tempfile ('/tmp/XXXXXXXX');
- print $fh <<END
- basicConstraints=CA:FALSE
- nsComment="OpenSSL Generated Certificate"
- subjectKeyIdentifier=hash
- authorityKeyIdentifier=keyid,issuer:always
-END
-;
- print $fh "subjectAltName=$cgiparams{'SUBJECTALTNAME'}" if ($cgiparams{'SUBJECTALTNAME'});
- close ($fh);
-
- my $opt = " ca -days 999999";
- $opt .= " -batch -notext";
- $opt .= " -in ${General::swroot}/certs/hostreq.pem";
- $opt .= " -out ${General::swroot}/certs/hostcert.pem";
- $opt .= " -extfile $v3extname";
- $errormessage = &callssl ($opt);
- unlink ("${General::swroot}/certs/hostreq.pem"); #no more needed
- unlink ($v3extname);
- }
-
- # Create an empty CRL
- if (!$errormessage) {
- &General::log("ipsec", "Creating emptycrl...");
- my $opt = " ca -gencrl";
- $opt .= " -out ${General::swroot}/crls/cacrl.pem";
- $errormessage = &callssl ($opt);
- }
-
- # Successfully build CA / CERT!
- if (!$errormessage) {
- &cleanssldatabase();
- goto ROOTCERT_SUCCESS;
- }
-
- #Cleanup
- unlink ("${General::swroot}/ca/cacert.pem");
- unlink ("${General::swroot}/certs/hostkey.pem");
- unlink ("${General::swroot}/certs/hostcert.pem");
- unlink ("${General::swroot}/crls/cacrl.pem");
- &cleanssldatabase();
- }
-
- ROOTCERT_ERROR:
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', $errormessage);
- if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage";
- print " </class>";
- &Header::closebox();
- }
- &Header::openbox('100%', 'left', "$Lang::tr{'generate root/host certificates'}:");
- print <<END
- <form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'>
- <table width='100%' border='0' cellspacing='1' cellpadding='0'>
- <tr><td width='40%' class='base'>$Lang::tr{'organization name'}:</td>
- <td width='60%' class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_ORGANIZATION' value='$cgiparams{'ROOTCERT_ORGANIZATION'}' size='32' /></td></tr>
- <tr><td class='base'>$Lang::tr{'ipfires hostname'}:</td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_HOSTNAME' value='$cgiparams{'ROOTCERT_HOSTNAME'}' size='32' /></td></tr>
- <tr><td class='base'>$Lang::tr{'your e-mail'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_EMAIL' value='$cgiparams{'ROOTCERT_EMAIL'}' size='32' /></td></tr>
- <tr><td class='base'>$Lang::tr{'your department'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_OU' value='$cgiparams{'ROOTCERT_OU'}' size='32' /></td></tr>
- <tr><td class='base'>$Lang::tr{'city'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_CITY' value='$cgiparams{'ROOTCERT_CITY'}' size='32' /></td></tr>
- <tr><td class='base'>$Lang::tr{'state or province'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='ROOTCERT_STATE' value='$cgiparams{'ROOTCERT_STATE'}' size='32' /></td></tr>
- <tr><td class='base'>$Lang::tr{'country'}:</td>
- <td class='base'><select name='ROOTCERT_COUNTRY'>
-END
- ;
- foreach my $country (sort keys %{Countries::countries}) {
- print "<option value='$Countries::countries{$country}'";
- if ( $Countries::countries{$country} eq $cgiparams{'ROOTCERT_COUNTRY'} ) {
- print " selected='selected'";
- }
- print ">$country</option>";
- }
- print <<END
- </select></td></tr>
- <tr><td class='base'>$Lang::tr{'vpn subjectaltname'} (subjectAltName=email:*,URI:*,DNS:*,RID:*) <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='SUBJECTALTNAME' value='$cgiparams{'SUBJECTALTNAME'}' size='32' /></td></tr>
- <tr><td> </td>
- <td><br /><input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' /><br /><br /></td></tr>
- <tr><td class='base' colspan='2' align='left'>
- <b><font color='${Header::colourred}'>$Lang::tr{'capswarning'}</font></b>:
- $Lang::tr{'generating the root and host certificates may take a long time. it can take up to several minutes on older hardware. please be patient'}
- </td></tr>
- <tr><td colspan='2'><hr /></td></tr>
- <tr><td class='base' nowrap='nowrap'>$Lang::tr{'upload p12 file'}:</td>
- <td nowrap='nowrap'><input type='file' name='FH' size='32' /></td></tr>
- <tr><td class='base'>$Lang::tr{'pkcs12 file password'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='password' name='P12_PASS' value='$cgiparams{'P12_PASS'}' size='32' /></td></tr>
- <tr><td> </td>
- <td><input type='submit' name='ACTION' value='$Lang::tr{'upload p12 file'}' /></td></tr>
- <tr><td class='base' colspan='2' align='left'>
- <img src='/blob.gif' alt='*' /> $Lang::tr{'this field may be blank'}</td></tr>
- </table></form>
-END
- ;
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
-
- ROOTCERT_SUCCESS:
- if (&vpnenabled) {
- system('/usr/local/bin/ipsecctrl', 'S');
- sleep $sleepDelay;
- }
- ROOTCERT_SKIP:
-###
-### Export PKCS12 file to browser
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download pkcs12 file'}) {
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
- print "Content-Type: application/force-download\n";
- print "Content-Disposition: attachment; filename=" . $confighash{$cgiparams{'KEY'}}[1] . ".p12\r\n";
- print "Content-Type: application/octet-stream\r\n\r\n";
- print `/bin/cat ${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1].p12`;
- exit (0);
-
-###
-### Display certificate
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show certificate'}) {
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
-
- if ( -f "${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', '');
- &Header::openbox('100%', 'left', "$Lang::tr{'cert'}:");
- my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
- $output = &Header::cleanhtml($output,"y");
- print "<pre>$output</pre>\n";
- &Header::closebox();
- print "<div align='center'><a href='/cgi-bin/vpnmain.cgi'>$Lang::tr{'back'}</a></div>";
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
- }
-
-###
-### Export Certificate to browser
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'download certificate'}) {
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
-
- if ( -f "${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
- print "Content-Type: application/force-download\n";
- print "Content-Disposition: attachment; filename=" . $confighash{$cgiparams{'KEY'}}[1] . "cert.pem\n\n";
- print `/bin/cat ${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
- exit (0);
- }
-
-###
-### Enable/Disable connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
-
- &General::readhash("${General::swroot}/vpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
-
- if ($confighash{$cgiparams{'KEY'}}) {
- if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
- $confighash{$cgiparams{'KEY'}}[0] = 'on';
- &General::writehasharray("${General::swroot}/vpn/config", \%confighash);
- &writeipsecfiles();
- system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'}) if (&vpnenabled);
- } else {
- system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'}) if (&vpnenabled);
- $confighash{$cgiparams{'KEY'}}[0] = 'off';
- &General::writehasharray("${General::swroot}/vpn/config", \%confighash);
- &writeipsecfiles();
- }
- sleep $sleepDelay;
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Restart connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'restart'}) {
- &General::readhash("${General::swroot}/vpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
-
- if ($confighash{$cgiparams{'KEY'}}) {
- if (&vpnenabled) {
- system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
- sleep $sleepDelay;
- }
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Remove connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
- &General::readhash("${General::swroot}/vpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
-
- if ($confighash{$cgiparams{'KEY'}}) {
- system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'}) if (&vpnenabled);
- unlink ("${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
- unlink ("${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
- delete $confighash{$cgiparams{'KEY'}};
- &General::writehasharray("${General::swroot}/vpn/config", \%confighash);
- &writeipsecfiles();
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-
-###
-### Choose between adding a host-net or net-net connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', '');
- &Header::openbox('100%', 'left', $Lang::tr{'connection type'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <b>$Lang::tr{'connection type'}:</b><br />
- <table>
- <tr><td><input type='radio' name='TYPE' value='host' checked='checked' /></td>
- <td class='base'>$Lang::tr{'host to net vpn'}</td>
- </tr><tr>
- <td><input type='radio' name='TYPE' value='net' /></td>
- <td class='base'>$Lang::tr{'net to net vpn'}</td>
- </tr><tr>
- <td align='center' colspan='2'><input type='submit' name='ACTION' value='$Lang::tr{'add'}' /></td>
- </tr>
- </table></form>
-END
- ;
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit (0);
-###
-### Adding/Editing/Saving a connection
-###
-} elsif (($cgiparams{'ACTION'} eq $Lang::tr{'add'}) ||
- ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) ||
- ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'ADVANCED'} eq '')) {
-
- &General::readhash("${General::swroot}/vpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/vpn/caconfig", \%cahash);
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
-
- if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
- if (! $confighash{$cgiparams{'KEY'}}[0]) {
- $errormessage = $Lang::tr{'invalid key'};
- goto VPNCONF_END;
- }
- $cgiparams{'ENABLED'} = $confighash{$cgiparams{'KEY'}}[0];
- $cgiparams{'NAME'} = $confighash{$cgiparams{'KEY'}}[1];
- $cgiparams{'TYPE'} = $confighash{$cgiparams{'KEY'}}[3];
- $cgiparams{'AUTH'} = $confighash{$cgiparams{'KEY'}}[4];
- $cgiparams{'PSK'} = $confighash{$cgiparams{'KEY'}}[5];
- #$cgiparams{'free'} = $confighash{$cgiparams{'KEY'}}[6];
- $cgiparams{'LOCAL_ID'} = $confighash{$cgiparams{'KEY'}}[7];
- $cgiparams{'LOCAL_SUBNET'} = $confighash{$cgiparams{'KEY'}}[8];
- $cgiparams{'REMOTE_ID'} = $confighash{$cgiparams{'KEY'}}[9];
- $cgiparams{'REMOTE'} = $confighash{$cgiparams{'KEY'}}[10];
- $cgiparams{'REMOTE_SUBNET'} = $confighash{$cgiparams{'KEY'}}[11];
- $cgiparams{'REMARK'} = $confighash{$cgiparams{'KEY'}}[25];
- $cgiparams{'INTERFACE'} = $confighash{$cgiparams{'KEY'}}[26];
- $cgiparams{'DPD_ACTION'} = $confighash{$cgiparams{'KEY'}}[27];
- $cgiparams{'IKE_ENCRYPTION'} = $confighash{$cgiparams{'KEY'}}[18];
- $cgiparams{'IKE_INTEGRITY'} = $confighash{$cgiparams{'KEY'}}[19];
- $cgiparams{'IKE_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[20];
- $cgiparams{'IKE_LIFETIME'} = $confighash{$cgiparams{'KEY'}}[16];
- $cgiparams{'ESP_ENCRYPTION'} = $confighash{$cgiparams{'KEY'}}[21];
- $cgiparams{'ESP_INTEGRITY'} = $confighash{$cgiparams{'KEY'}}[22];
- $cgiparams{'ESP_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[23];
- $cgiparams{'ESP_KEYLIFE'} = $confighash{$cgiparams{'KEY'}}[17];
- $cgiparams{'AGGRMODE'} = $confighash{$cgiparams{'KEY'}}[12];
- $cgiparams{'COMPRESSION'} = $confighash{$cgiparams{'KEY'}}[13];
- $cgiparams{'ONLY_PROPOSED'} = $confighash{$cgiparams{'KEY'}}[24];
- $cgiparams{'PFS'} = $confighash{$cgiparams{'KEY'}}[28];
- $cgiparams{'VHOST'} = $confighash{$cgiparams{'KEY'}}[14];
-
- } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
- $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
- if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
- $errormessage = $Lang::tr{'connection type is invalid'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'NAME'} !~ /^[a-zA-Z0-9]+$/) {
- $errormessage = $Lang::tr{'name must only contain characters'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'NAME'} =~ /^(host|01|block|private|clear|packetdefault)$/) {
- $errormessage = $Lang::tr{'name is invalid'};
- goto VPNCONF_ERROR;
- }
-
- if (length($cgiparams{'NAME'}) >60) {
- $errormessage = $Lang::tr{'name too long'};
- goto VPNCONF_ERROR;
- }
-
- # Check if there is no other entry with this name
- if (! $cgiparams{'KEY'}) { #only for add
- foreach my $key (keys %confighash) {
- if ($confighash{$key}[1] eq $cgiparams{'NAME'}) {
- $errormessage = $Lang::tr{'a connection with this name already exists'};
- goto VPNCONF_ERROR;
- }
- }
- }
-
- if (($cgiparams{'TYPE'} eq 'net') && (! $cgiparams{'REMOTE'})) {
- $errormessage = $Lang::tr{'invalid input for remote host/ip'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'REMOTE'}) {
- if (! &General::validip($cgiparams{'REMOTE'})) {
- if (! &General::validfqdn ($cgiparams{'REMOTE'})) {
- $errormessage = $Lang::tr{'invalid input for remote host/ip'};
- goto VPNCONF_ERROR;
- } else {
- if (&valid_dns_host($cgiparams{'REMOTE'})) {
- $warnmessage = "$Lang::tr{'check vpn lr'} $cgiparams{'REMOTE'}. $Lang::tr{'dns check failed'}";
- }
- }
- }
- }
-
- unless (&General::validipandmask($cgiparams{'LOCAL_SUBNET'})) {
- $errormessage = $Lang::tr{'local subnet is invalid'};
- goto VPNCONF_ERROR;
- }
-
- # Allow only one roadwarrior/psk without remote IP-address
- if ($cgiparams{'REMOTE'} eq '' && $cgiparams{'AUTH'} eq 'psk') {
- foreach my $key (keys %confighash) {
- if ( ($cgiparams{'KEY'} ne $key) &&
- ($confighash{$key}[4] eq 'psk') &&
- ($confighash{$key}[10] eq '') ) {
- $errormessage = $Lang::tr{'you can only define one roadwarrior connection when using pre-shared key authentication'};
- goto VPNCONF_ERROR;
- }
- }
- }
- if (($cgiparams{'TYPE'} eq 'net') && (! &General::validipandmask($cgiparams{'REMOTE_SUBNET'}))) {
- $errormessage = $Lang::tr{'remote subnet is invalid'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'EDIT_ADVANCED'} !~ /^(on|off)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto VPNCONF_ERROR;
- }
-
- # Allow nothing or a string (DN,FDQN,) beginning with @
- # with no comma but slashes between RID eg @O=FR/C=Paris/OU=myhome/CN=franck
- if ( ($cgiparams{'LOCAL_ID'} !~ /^(|[\w.-]*@[\w. =*\/-]+|\d\.\d\.\d\.\d)$/) ||
- ($cgiparams{'REMOTE_ID'} !~ /^(|[\w.-]*@[\w. =*\/-]+|\d\.\d\.\d\.\d)$/) ||
- (($cgiparams{'REMOTE_ID'} eq $cgiparams{'LOCAL_ID'}) && ($cgiparams{'LOCAL_ID'} ne ''))
- ) {
- $errormessage = $Lang::tr{'invalid local-remote id'} . '<br />' .
- 'DER_ASN1_DN: @c=FR/ou=Paris/ou=Home/cn=*<br />' .
- 'FQDN: @ipfire.org<br />' .
- 'USER_FQDN: info@ipfire.org<br />' .
- 'IPV4_ADDR: @123.123.123.123';
- goto VPNCONF_ERROR;
- }
- # If Auth is DN, verify existance of Remote ID.
- if ( $cgiparams{'REMOTE_ID'} eq '' && (
- $cgiparams{'AUTH'} eq 'auth-dn'|| # while creation
- $confighash{$cgiparams{'KEY'}}[2] eq '%auth-dn')){ # while editing
- $errormessage = $Lang::tr{'vpn missing remote id'};
- goto VPNCONF_ERROR;
- }
-
- if ($cgiparams{'AUTH'} eq 'psk') {
- if (! length($cgiparams{'PSK'}) ) {
- $errormessage = $Lang::tr{'pre-shared key is too short'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'PSK'} =~ /'/) {
- $cgiparams{'PSK'} =~ tr/'/ /;
- $errormessage = $Lang::tr{'invalid characters found in pre-shared key'};
- goto VPNCONF_ERROR;
- }
- } elsif ($cgiparams{'AUTH'} eq 'certreq') {
- if ($cgiparams{'KEY'}) {
- $errormessage = $Lang::tr{'cant change certificates'};
- goto VPNCONF_ERROR;
- }
- if (ref ($cgiparams{'FH'}) ne 'Fh') {
- $errormessage = $Lang::tr{'there was no file upload'};
- goto VPNCONF_ERROR;
- }
-
- # Move uploaded certificate request to a temporary file
- (my $fh, my $filename) = tempfile( );
- if (copy ($cgiparams{'FH'}, $fh) != 1) {
- $errormessage = $!;
- goto VPNCONF_ERROR;
- }
-
- # Sign the certificate request
- &General::log("ipsec", "Signing your cert $cgiparams{'NAME'}...");
- my $opt = " ca -days 999999";
- $opt .= " -batch -notext";
- $opt .= " -in $filename";
- $opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}cert.pem";
-
- if ( $errormessage = &callssl ($opt) ) {
- unlink ($filename);
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}cert.pem");
- &cleanssldatabase();
- goto VPNCONF_ERROR;
- } else {
- unlink ($filename);
- &cleanssldatabase();
- }
-
- $cgiparams{'CERT_NAME'} = getCNfromcert ("${General::swroot}/certs/$cgiparams{'NAME'}cert.pem");
- if ($cgiparams{'CERT_NAME'} eq '') {
- $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
- goto VPNCONF_ERROR;
- }
- } elsif ($cgiparams{'AUTH'} eq 'pkcs12') {
- &General::log("ipsec", "Importing from p12...");
-
- if (ref ($cgiparams{'FH'}) ne 'Fh') {
- $errormessage = $Lang::tr{'there was no file upload'};
- goto ROOTCERT_ERROR;
- }
-
- # Move uploaded certificate request to a temporary file
- (my $fh, my $filename) = tempfile( );
- if (copy ($cgiparams{'FH'}, $fh) != 1) {
- $errormessage = $!;
- goto ROOTCERT_ERROR;
- }
-
- # Extract the CA certificate from the file
- &General::log("ipsec", "Extracting caroot from p12...");
- if (open(STDIN, "-|")) {
- my $opt = " pkcs12 -cacerts -nokeys";
- $opt .= " -in $filename";
- $opt .= " -out /tmp/newcacert";
- $errormessage = &callssl ($opt);
- } else { #child
- print "$cgiparams{'P12_PASS'}\n";
- exit (0);
- }
-
- # Extract the Host certificate from the file
- if (!$errormessage) {
- &General::log("ipsec", "Extracting host cert from p12...");
- if (open(STDIN, "-|")) {
- my $opt = " pkcs12 -clcerts -nokeys";
- $opt .= " -in $filename";
- $opt .= " -out /tmp/newhostcert";
- $errormessage = &callssl ($opt);
- } else { #child
- print "$cgiparams{'P12_PASS'}\n";
- exit (0);
- }
- }
-
- if (!$errormessage) {
- &General::log("ipsec", "Moving cacert...");
- #If CA have new subject, add it to our list of CA
- my $casubject = &Header::cleanhtml(getsubjectfromcert ('/tmp/newcacert'));
- my @names;
- foreach my $x (keys %cahash) {
- $casubject='' if ($cahash{$x}[1] eq $casubject);
- unshift (@names,$cahash{$x}[0]);
- }
- if ($casubject) { # a new one!
- my $temp = `/usr/bin/openssl x509 -text -in /tmp/newcacert`;
- if ($temp !~ /CA:TRUE/i) {
- $errormessage = $Lang::tr{'not a valid ca certificate'};
- } else {
- #compute a name for it
- my $idx=0;
- while (grep(/Imported-$idx/, @names) ) {$idx++};
- $cgiparams{'CA_NAME'}="Imported-$idx";
- $cgiparams{'CERT_NAME'}=&Header::cleanhtml(getCNfromcert ('/tmp/newhostcert'));
- move("/tmp/newcacert", "${General::swroot}/ca/$cgiparams{'CA_NAME'}cert.pem");
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!" if ($? ne 0);
- if (!$errormessage) {
- my $key = &General::findhasharraykey (\%cahash);
- $cahash{$key}[0] = $cgiparams{'CA_NAME'};
- $cahash{$key}[1] = $casubject;
- &General::writehasharray("${General::swroot}/vpn/caconfig", \%cahash);
- system('/usr/local/bin/ipsecctrl', 'R');
- }
- }
- }
- }
- if (!$errormessage) {
- &General::log("ipsec", "Moving host cert...");
- move("/tmp/newhostcert", "${General::swroot}/certs/$cgiparams{'NAME'}cert.pem");
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!" if ($? ne 0);
- }
-
- #cleanup temp files
- unlink ($filename);
- unlink ('/tmp/newcacert');
- unlink ('/tmp/newhostcert');
- if ($errormessage) {
- unlink ("${General::swroot}/ca/$cgiparams{'CA_NAME'}cert.pem");
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}cert.pem");
- goto VPNCONF_ERROR;
- }
- &General::log("ipsec", "p12 import completed!");
- } elsif ($cgiparams{'AUTH'} eq 'certfile') {
- if ($cgiparams{'KEY'}) {
- $errormessage = $Lang::tr{'cant change certificates'};
- goto VPNCONF_ERROR;
- }
- if (ref ($cgiparams{'FH'}) ne 'Fh') {
- $errormessage = $Lang::tr{'there was no file upload'};
- goto VPNCONF_ERROR;
- }
- # Move uploaded certificate to a temporary file
- (my $fh, my $filename) = tempfile( );
- if (copy ($cgiparams{'FH'}, $fh) != 1) {
- $errormessage = $!;
- goto VPNCONF_ERROR;
- }
-
- # Verify the certificate has a valid CA and move it
- &General::log("ipsec", "Validating imported cert against our known CA...");
- my $validca = 1; #assume ok
- my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ca/cacert.pem $filename`;
- if ($test !~ /: OK/) {
- my $validca = 0;
- foreach my $key (keys %cahash) {
- $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ca/$cahash{$key}[0]cert.pem $filename`;
- if ($test =~ /: OK/) {
- $validca = 1;
- last;
- }
- }
- }
- if (! $validca) {
- $errormessage = $Lang::tr{'certificate does not have a valid ca associated with it'};
- unlink ($filename);
- goto VPNCONF_ERROR;
- } else {
- move($filename, "${General::swroot}/certs/$cgiparams{'NAME'}cert.pem");
- if ($? ne 0) {
- $errormessage = "$Lang::tr{'certificate file move failed'}: $!";
- unlink ($filename);
- goto VPNCONF_ERROR;
- }
- }
-
- $cgiparams{'CERT_NAME'} = getCNfromcert ("${General::swroot}/certs/$cgiparams{'NAME'}cert.pem");
- if ($cgiparams{'CERT_NAME'} eq '') {
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}cert.pem");
- $errormessage = $Lang::tr{'could not retrieve common name from certificate'};
- goto VPNCONF_ERROR;
- }
- } elsif ($cgiparams{'AUTH'} eq 'certgen') {
- if ($cgiparams{'KEY'}) {
- $errormessage = $Lang::tr{'cant change certificates'};
- goto VPNCONF_ERROR;
- }
- # Validate input since the form was submitted
- if (length($cgiparams{'CERT_NAME'}) >60) {
- $errormessage = $Lang::tr{'name too long'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
- $errormessage = $Lang::tr{'invalid input for name'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'CERT_EMAIL'}))) {
- $errormessage = $Lang::tr{'invalid input for e-mail address'};
- goto VPNCONF_ERROR;
- }
- if (length($cgiparams{'CERT_EMAIL'}) > 40) {
- $errormessage = $Lang::tr{'e-mail address too long'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_OU'} ne '' && $cgiparams{'CERT_OU'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for department'};
- goto VPNCONF_ERROR;
- }
- if (length($cgiparams{'CERT_ORGANIZATION'}) >60) {
- $errormessage = $Lang::tr{'organization too long'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_ORGANIZATION'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
- $errormessage = $Lang::tr{'invalid input for organization'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_CITY'} ne '' && $cgiparams{'CERT_CITY'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for city'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_STATE'} ne '' && $cgiparams{'CERT_STATE'} !~ /^[a-zA-Z0-9 ,\.\-_]*$/) {
- $errormessage = $Lang::tr{'invalid input for state or province'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_COUNTRY'} !~ /^[A-Z]*$/) {
- $errormessage = $Lang::tr{'invalid input for country'};
- goto VPNCONF_ERROR;
- }
- #the exact syntax is a list comma separated of
- # email:any-validemail
- # URI: a uniform resource indicator
- # DNS: a DNS domain name
- # RID: a registered OBJECT IDENTIFIER
- # IP: an IP address
- # example: email:franck@foo.com,IP:10.0.0.10,DNS:franck.foo.com
-
- if ($cgiparams{'SUBJECTALTNAME'} ne '' && $cgiparams{'SUBJECTALTNAME'} !~ /^(email|URI|DNS|RID|IP):[a-zA-Z0-9 :\/,\.\-_@]*$/) {
- $errormessage = $Lang::tr{'vpn altname syntax'};
- goto VPNCONF_ERROR;
- }
-
- if (length($cgiparams{'CERT_PASS1'}) < 5) {
- $errormessage = $Lang::tr{'password too short'};
- goto VPNCONF_ERROR;
- }
- if ($cgiparams{'CERT_PASS1'} ne $cgiparams{'CERT_PASS2'}) {
- $errormessage = $Lang::tr{'passwords do not match'};
- goto VPNCONF_ERROR;
- }
-
- # Replace empty strings with a .
- (my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/\./;
- (my $city = $cgiparams{'CERT_CITY'}) =~ s/^\s*$/\./;
- (my $state = $cgiparams{'CERT_STATE'}) =~ s/^\s*$/\./;
-
- # Create the Host certificate request
- &General::log("ipsec", "Creating a cert...");
-
- if (open(STDIN, "-|")) {
- my $opt = " req -nodes -rand /proc/interrupts:/proc/net/rt_cache";
- $opt .= " -newkey rsa:1024";
- $opt .= " -keyout ${General::swroot}/certs/$cgiparams{'NAME'}key.pem";
- $opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}req.pem";
-
- if ( $errormessage = &callssl ($opt) ) {
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}key.pem");
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}req.pem");
- goto VPNCONF_ERROR;
- }
- } else { #child
- print "$cgiparams{'CERT_COUNTRY'}\n";
- print "$state\n";
- print "$city\n";
- print "$cgiparams{'CERT_ORGANIZATION'}\n";
- print "$ou\n";
- print "$cgiparams{'CERT_NAME'}\n";
- print "$cgiparams{'CERT_EMAIL'}\n";
- print ".\n";
- print ".\n";
- exit (0);
- }
-
- # Sign the host certificate request
- &General::log("ipsec", "Signing the cert $cgiparams{'NAME'}...");
-
- #No easy way for specifying the contain of subjectAltName without writing a config file...
- my ($fh, $v3extname) = tempfile ('/tmp/XXXXXXXX');
- print $fh <<END
- basicConstraints=CA:FALSE
- nsComment="OpenSSL Generated Certificate"
- subjectKeyIdentifier=hash
- authorityKeyIdentifier=keyid,issuer:always
-END
-;
- print $fh "subjectAltName=$cgiparams{'SUBJECTALTNAME'}" if ($cgiparams{'SUBJECTALTNAME'});
- close ($fh);
-
- my $opt = " ca -days 999999 -batch -notext";
- $opt .= " -in ${General::swroot}/certs/$cgiparams{'NAME'}req.pem";
- $opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}cert.pem";
- $opt .= " -extfile $v3extname";
-
- if ( $errormessage = &callssl ($opt) ) {
- unlink ($v3extname);
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}key.pem");
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}req.pem");
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}cert.pem");
- &cleanssldatabase();
- goto VPNCONF_ERROR;
- } else {
- unlink ($v3extname);
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}req.pem");
- &cleanssldatabase();
- }
-
- # Create the pkcs12 file
- &General::log("ipsec", "Packing a pkcs12 file...");
- $opt = " pkcs12 -export";
- $opt .= " -inkey ${General::swroot}/certs/$cgiparams{'NAME'}key.pem";
- $opt .= " -in ${General::swroot}/certs/$cgiparams{'NAME'}cert.pem";
- $opt .= " -name \"$cgiparams{'NAME'}\"";
- $opt .= " -passout pass:$cgiparams{'CERT_PASS1'}";
- $opt .= " -certfile ${General::swroot}/ca/cacert.pem";
- $opt .= " -caname \"$vpnsettings{'ROOTCERT_ORGANIZATION'} CA\"";
- $opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}.p12";
-
- if ( $errormessage = &callssl ($opt) ) {
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}key.pem");
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}cert.pem");
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}.p12");
- goto VPNCONF_ERROR;
- } else {
- unlink ("${General::swroot}/certs/$cgiparams{'NAME'}key.pem");
- }
- } elsif ($cgiparams{'AUTH'} eq 'cert') {
- ;# Nothing, just editing
- } elsif ($cgiparams{'AUTH'} eq 'auth-dn') {
- $cgiparams{'CERT_NAME'} = '%auth-dn'; # a special value saying 'no cert file'
- } else {
- $errormessage = $Lang::tr{'invalid input for authentication method'};
- goto VPNCONF_ERROR;
- }
-
- # 1)Error message here is not accurate.
- # 2)Test is superfluous, openswan can reference same cert multiple times
- # 3)Present since initial version (1.3.2.11), it isn't a bug correction
- # Check if there is no other entry with this certificate name
- #if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk') && ($cgiparams{'AUTH'} ne 'auth-dn')) {
- # foreach my $key (keys %confighash) {
- # if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) {
- # $errormessage = $Lang::tr{'a connection with this common name already exists'};
- # goto VPNCONF_ERROR;
- # }
- # }
- #}
- # Save the config
-
- my $key = $cgiparams{'KEY'};
- if (! $key) {
- $key = &General::findhasharraykey (\%confighash);
- foreach my $i (0 .. 28) { $confighash{$key}[$i] = "";}
- }
- $confighash{$key}[0] = $cgiparams{'ENABLED'};
- $confighash{$key}[1] = $cgiparams{'NAME'};
- if ((! $cgiparams{'KEY'}) && $cgiparams{'AUTH'} ne 'psk') {
- $confighash{$key}[2] = $cgiparams{'CERT_NAME'};
- }
- $confighash{$key}[3] = $cgiparams{'TYPE'};
- if ($cgiparams{'AUTH'} eq 'psk') {
- $confighash{$key}[4] = 'psk';
- $confighash{$key}[5] = $cgiparams{'PSK'};
- } else {
- $confighash{$key}[4] = 'cert';
- }
- if ($cgiparams{'TYPE'} eq 'net') {
- $confighash{$key}[11] = $cgiparams{'REMOTE_SUBNET'};
- }
- $confighash{$key}[7] = $cgiparams{'LOCAL_ID'};
- $confighash{$key}[8] = $cgiparams{'LOCAL_SUBNET'};
- $confighash{$key}[9] = $cgiparams{'REMOTE_ID'};
- $confighash{$key}[10] = $cgiparams{'REMOTE'};
- $confighash{$key}[25] = $cgiparams{'REMARK'};
- $confighash{$key}[26] = $cgiparams{'INTERFACE'};
- $confighash{$key}[27] = $cgiparams{'DPD_ACTION'};
-
- #dont forget advanced value
- $confighash{$key}[18] = $cgiparams{'IKE_ENCRYPTION'};
- $confighash{$key}[19] = $cgiparams{'IKE_INTEGRITY'};
- $confighash{$key}[20] = $cgiparams{'IKE_GROUPTYPE'};
- $confighash{$key}[16] = $cgiparams{'IKE_LIFETIME'};
- $confighash{$key}[21] = $cgiparams{'ESP_ENCRYPTION'};
- $confighash{$key}[22] = $cgiparams{'ESP_INTEGRITY'};
- $confighash{$key}[23] = $cgiparams{'ESP_GROUPTYPE'};
- $confighash{$key}[17] = $cgiparams{'ESP_KEYLIFE'};
- $confighash{$key}[12] = $cgiparams{'AGGRMODE'};
- $confighash{$key}[13] = $cgiparams{'COMPRESSION'};
- $confighash{$key}[24] = $cgiparams{'ONLY_PROPOSED'};
- $confighash{$key}[28] = $cgiparams{'PFS'};
- $confighash{$key}[14] = $cgiparams{'VHOST'};
-
- #free unused fields!
- $confighash{$key}[6] = 'off';
- $confighash{$key}[15] = 'off';
-
- &General::writehasharray("${General::swroot}/vpn/config", \%confighash);
- &writeipsecfiles();
- if (&vpnenabled) {
- system('/usr/local/bin/ipsecctrl', 'S', $key);
- sleep $sleepDelay;
- }
- if ($cgiparams{'EDIT_ADVANCED'} eq 'on') {
- $cgiparams{'KEY'} = $key;
- $cgiparams{'ACTION'} = $Lang::tr{'advanced'};
- }
- goto VPNCONF_END;
- } else { # add new connection
- $cgiparams{'ENABLED'} = 'on';
- if ( ! -f "${General::swroot}/private/cakey.pem" ) {
- $cgiparams{'AUTH'} = 'psk';
- } elsif ( ! -f "${General::swroot}/ca/cacert.pem") {
- $cgiparams{'AUTH'} = 'certfile';
- } else {
- $cgiparams{'AUTH'} = 'certgen';
- }
- $cgiparams{'LOCAL_SUBNET'} ="$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
- $cgiparams{'CERT_EMAIL'} = $vpnsettings{'ROOTCERT_EMAIL'};
- $cgiparams{'CERT_OU'} = $vpnsettings{'ROOTCERT_OU'};
- $cgiparams{'CERT_ORGANIZATION'} = $vpnsettings{'ROOTCERT_ORGANIZATION'};
- $cgiparams{'CERT_CITY'} = $vpnsettings{'ROOTCERT_CITY'};
- $cgiparams{'CERT_STATE'} = $vpnsettings{'ROOTCERT_STATE'};
- $cgiparams{'CERT_COUNTRY'} = $vpnsettings{'ROOTCERT_COUNTRY'};
-
- # choose appropriate dpd action
- if ($cgiparams{'TYPE'} eq 'host') {
- $cgiparams{'DPD_ACTION'} = 'clear';
- } else {
- $cgiparams{'DPD_ACTION'} = 'restart';
- }
-
- # Default is yes for 'pfs'
- $cgiparams{'PFS'} = 'on';
-
- # ID are empty
- $cgiparams{'LOCAL_ID'} = '';
- $cgiparams{'REMOTE_ID'} = '';
-
- #use default advanced value
- $cgiparams{'IKE_ENCRYPTION'} = 'aes128|3des'; #[18];
- $cgiparams{'IKE_INTEGRITY'} = 'sha|md5'; #[19];
- $cgiparams{'IKE_GROUPTYPE'} = '1536|1024'; #[20];
- $cgiparams{'IKE_LIFETIME'} = '1'; #[16];
- $cgiparams{'ESP_ENCRYPTION'} = 'aes128|3des'; #[21];
- $cgiparams{'ESP_INTEGRITY'} = 'sha1|md5'; #[22];
- $cgiparams{'ESP_GROUPTYPE'} = ''; #[23];
- $cgiparams{'ESP_KEYLIFE'} = '8'; #[17];
- $cgiparams{'AGGRMODE'} = 'off'; #[12];
- $cgiparams{'COMPRESSION'} = 'off'; #[13];
- $cgiparams{'ONLY_PROPOSED'} = 'off'; #[24];
- $cgiparams{'PFS'} = 'on'; #[28];
- $cgiparams{'VHOST'} = 'on'; #[14];
- }
-
- VPNCONF_ERROR:
- $checked{'ENABLED'}{'off'} = '';
- $checked{'ENABLED'}{'on'} = '';
- $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";
-
- $checked{'EDIT_ADVANCED'}{'off'} = '';
- $checked{'EDIT_ADVANCED'}{'on'} = '';
- $checked{'EDIT_ADVANCED'}{$cgiparams{'EDIT_ADVANCED'}} = "checked='checked'";
-
- $checked{'AUTH'}{'psk'} = '';
- $checked{'AUTH'}{'certreq'} = '';
- $checked{'AUTH'}{'certgen'} = '';
- $checked{'AUTH'}{'certfile'} = '';
- $checked{'AUTH'}{'pkcs12'} = '';
- $checked{'AUTH'}{'auth-dn'} = '';
- $checked{'AUTH'}{$cgiparams{'AUTH'}} = "checked='checked'";
-
- $selected{'INTERFACE'}{'RED'} = '';
- $selected{'INTERFACE'}{'ORANGE'} = '';
- $selected{'INTERFACE'}{'GREEN'} = '';
- $selected{'INTERFACE'}{'BLUE'} = '';
- $selected{'INTERFACE'}{$cgiparams{'INTERFACE'}} = "selected='selected'";
-
- $selected{'DPD_ACTION'}{'clear'} = '';
- $selected{'DPD_ACTION'}{'hold'} = '';
- $selected{'DPD_ACTION'}{'restart'} = '';
- $selected{'DPD_ACTION'}{$cgiparams{'DPD_ACTION'}} = "selected='selected'";
-
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', $errormessage);
- if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage";
- print " </class>";
- &Header::closebox();
- }
-
- if ($warnmessage) {
- &Header::openbox('100%', 'left', "$Lang::tr{'warning messages'}:");
- print "<class name='base'>$warnmessage";
- print " </class>";
- &Header::closebox();
- }
-
- print "<form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'>";
- print<<END
- <input type='hidden' name='TYPE' value='$cgiparams{'TYPE'}' />
- <input type='hidden' name='IKE_ENCRYPTION' value='$cgiparams{'IKE_ENCRYPTION'}' />
- <input type='hidden' name='IKE_INTEGRITY' value='$cgiparams{'IKE_INTEGRITY'}' />
- <input type='hidden' name='IKE_GROUPTYPE' value='$cgiparams{'IKE_GROUPTYPE'}' />
- <input type='hidden' name='IKE_LIFETIME' value='$cgiparams{'IKE_LIFETIME'}' />
- <input type='hidden' name='ESP_ENCRYPTION' value='$cgiparams{'ESP_ENCRYPTION'}' />
- <input type='hidden' name='ESP_INTEGRITY' value='$cgiparams{'ESP_INTEGRITY'}' />
- <input type='hidden' name='ESP_GROUPTYPE' value='$cgiparams{'ESP_GROUPTYPE'}' />
- <input type='hidden' name='ESP_KEYLIFE' value='$cgiparams{'ESP_KEYLIFE'}' />
- <input type='hidden' name='AGGRMODE' value='$cgiparams{'AGGRMODE'}' />
- <input type='hidden' name='COMPRESSION' value='$cgiparams{'COMPRESSION'}' />
- <input type='hidden' name='ONLY_PROPOSED' value='$cgiparams{'ONLY_PROPOSED'}' />
- <input type='hidden' name='PFS' value='$cgiparams{'PFS'}' />
- <input type='hidden' name='VHOST' value='$cgiparams{'VHOST'}' />
-END
- ;
- if ($cgiparams{'KEY'}) {
- print "<input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />";
- print "<input type='hidden' name='AUTH' value='$cgiparams{'AUTH'}' />";
- }
-
- &Header::openbox('100%', 'left', "$Lang::tr{'connection'}:");
- print "<table width='100%'>";
- print "<tr><td width='25%' class='boldbase'>$Lang::tr{'name'}:</td>";
- if ($cgiparams{'KEY'}) {
- print "<td width='25%' class='base'><input type='hidden' name='NAME' value='$cgiparams{'NAME'}' /><b>$cgiparams{'NAME'}</b></td>";
- } else {
- print "<td width='25%'><input type='text' name='NAME' value='$cgiparams{'NAME'}' size='30' /></td>";
- }
- print "<td>$Lang::tr{'enabled'}</td><td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td></tr>";
- print '</tr><td><br /></td><tr>';
-
- my $disabled;
- my $blob;
- if ($cgiparams{'TYPE'} eq 'host') {
- $disabled = "disabled='disabled'";
- $blob = "<img src='/blob.gif' alt='*' />";
- };
-
- print "<tr><td>$Lang::tr{'host ip'}:</td>";
- print "<td><select name='INTERFACE'>";
- print "<option value='RED' $selected{'INTERFACE'}{'RED'}>RED ($vpnsettings{'VPN_IP'})</option>";
- print "<option value='GREEN' $selected{'INTERFACE'}{'GREEN'}>GREEN ($netsettings{'GREEN_ADDRESS'})</option>";
- print "<option value='BLUE' $selected{'INTERFACE'}{'BLUE'}>BLUE ($netsettings{'BLUE_ADDRESS'})</option>" if ($netsettings{'BLUE_DEV'} ne '');
- print "<option value='ORANGE' $selected{'INTERFACE'}{'ORANGE'}>ORANGE ($netsettings{'ORANGE_ADDRESS'})</option>" if ($netsettings{'ORANGE_DEV'} ne '');
- print "</select></td>";
- print <<END
- <td class='boldbase'>$Lang::tr{'remote host/ip'}: $blob</td>
- <td><input type='text' name='REMOTE' value='$cgiparams{'REMOTE'}' size='30' /></td>
- </tr><tr>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'local subnet'}</td>
- <td><input type='text' name='LOCAL_SUBNET' value='$cgiparams{'LOCAL_SUBNET'}' size='30' /></td>
- <td class='boldbase' nowrap='nowrap'>$Lang::tr{'remote subnet'}</td>
- <td><input $disabled type='text' name='REMOTE_SUBNET' value='$cgiparams{'REMOTE_SUBNET'}' size='30' /></td>
- </tr><tr>
- <td class='boldbase'>$Lang::tr{'vpn local id'}: <img src='/blob.gif' alt='*' />
- <br />($Lang::tr{'eg'} <tt>@xy.example.com</tt>)</td>
- <td><input type='text' name='LOCAL_ID' value='$cgiparams{'LOCAL_ID'}' /></td>
- <td class='boldbase'>$Lang::tr{'vpn remote id'}: <img src='/blob.gif' alt='*' /></td>
- <td><input type='text' name='REMOTE_ID' value='$cgiparams{'REMOTE_ID'}' /></td>
- </tr><tr>
- </tr><td><br /></td><tr>
- <td>$Lang::tr{'dpd action'}:</td>
- <td><select name='DPD_ACTION'>
- <option value='clear' $selected{'DPD_ACTION'}{'clear'}>clear</option>
- <option value='hold' $selected{'DPD_ACTION'}{'hold'}>hold</option>
- <option value='restart' $selected{'DPD_ACTION'}{'restart'}>restart</option>
- </select> <a href='http://www.openswan.com/docs/local/README.DPD'>?</a>
- </td>
- </tr><tr>
-<!--http://www.openswan.com/docs/local/README.DPD
- http://bugs.xelerance.com/view.php?id=156
- restart = clear + reinitiate connection
--->
- <td class='boldbase'>$Lang::tr{'remark title'} <img src='/blob.gif' alt='*' /></td>
- <td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' /></td>
- </tr>
-END
- ;
- if (!$cgiparams{'KEY'}) {
- print "<tr><td colspan='3'><input type='checkbox' name='EDIT_ADVANCED' $checked{'EDIT_ADVANCED'}{'on'} /> $Lang::tr{'edit advanced settings when done'}</td></tr>";
- }
- print "</table>";
- &Header::closebox();
-
- if ($cgiparams{'KEY'} && $cgiparams{'AUTH'} eq 'psk') {
- &Header::openbox('100%', 'left', $Lang::tr{'authentication'});
- print <<END
- <table width='100%' cellpadding='0' cellspacing='5' border='0'>
- <tr><td class='base' width='50%'>$Lang::tr{'use a pre-shared key'}</td>
- <td class='base' width='50%'><input type='text' name='PSK' size='30' value='$cgiparams{'PSK'}' /></td>
- </tr>
- </table>
-END
- ;
- &Header::closebox();
- } elsif (! $cgiparams{'KEY'}) {
- my $pskdisabled = ($vpnsettings{'VPN_IP'} eq '%defaultroute') ? "disabled='disabled'" : '' ;
- $cgiparams{'PSK'} = $Lang::tr{'vpn incompatible use of defaultroute'} if ($pskdisabled);
- my $cakeydisabled = ( ! -f "${General::swroot}/private/cakey.pem" ) ? "disabled='disabled'" : '';
- $cgiparams{'CERT_NAME'} = $Lang::tr{'vpn no full pki'} if ($cakeydisabled);
- my $cacrtdisabled = ( ! -f "${General::swroot}/ca/cacert.pem" ) ? "disabled='disabled'" : '';
-
- &Header::openbox('100%', 'left', $Lang::tr{'authentication'});
- print <<END
- <table width='100%' cellpadding='0' cellspacing='5' border='0'>
- <tr><td width='5%'><input type='radio' name='AUTH' value='psk' $checked{'AUTH'}{'psk'} $pskdisabled/></td>
- <td class='base' width='55%'>$Lang::tr{'use a pre-shared key'}</td>
- <td class='base' width='40%'><input type='text' name='PSK' size='30' value='$cgiparams{'PSK'}' $pskdisabled/></td></tr>
- <tr><td colspan='3' bgcolor='#000000'></td></tr>
- <tr><td><input type='radio' name='AUTH' value='certreq' $checked{'AUTH'}{'certreq'} $cakeydisabled /></td>
- <td class='base'><hr />$Lang::tr{'upload a certificate request'}</td>
- <td class='base' rowspan='3' valign='middle'><input type='file' name='FH' size='30' $cacrtdisabled /></td></tr>
- <tr><td><input type='radio' name='AUTH' value='certfile' $checked{'AUTH'}{'certfile'} $cacrtdisabled /></td>
- <td class='base'>$Lang::tr{'upload a certificate'}</td></tr>
- <tr><td><input type='radio' name='AUTH' value='pkcs12' $cacrtdisabled /></td>
- <td class='base'>$Lang::tr{'upload p12 file'} $Lang::tr{'pkcs12 file password'}:<input type='password' name='P12_PASS'/></td></tr>
- <tr><td><input type='radio' name='AUTH' value='auth-dn' $checked{'AUTH'}{'auth-dn'} $cacrtdisabled /></td>
- <td class='base'><hr />$Lang::tr{'vpn auth-dn'}</td></tr>
- <tr><td colspan='3' bgcolor='#000000'></td></tr>
- <tr><td><input type='radio' name='AUTH' value='certgen' $checked{'AUTH'}{'certgen'} $cakeydisabled /></td>
- <td class='base'><hr />$Lang::tr{'generate a certificate'}</td><td> </td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'users fullname or system hostname'}:</td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_NAME' value='$cgiparams{'CERT_NAME'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'users email'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_EMAIL' value='$cgiparams{'CERT_EMAIL'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'users department'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_OU' value='$cgiparams{'CERT_OU'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'organization name'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_ORGANIZATION' value='$cgiparams{'CERT_ORGANIZATION'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'city'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_CITY' value='$cgiparams{'CERT_CITY'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'state or province'}: <img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='CERT_STATE' value='$cgiparams{'CERT_STATE'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'country'}:</td>
- <td class='base'><select name='CERT_COUNTRY' $cakeydisabled>
-END
- ;
- foreach my $country (sort keys %{Countries::countries}) {
- print "\t\t\t<option value='$Countries::countries{$country}'";
- if ( $Countries::countries{$country} eq $cgiparams{'CERT_COUNTRY'} ) {
- print " selected='selected'";
- }
- print ">$country</option>\n";
- }
- print <<END
- </select></td></tr>
-
- <tr><td> </td><td class='base'>$Lang::tr{'vpn subjectaltname'} (subjectAltName=email:*,URI:*,DNS:*,RID:*)<img src='/blob.gif' alt='*' /></td>
- <td class='base' nowrap='nowrap'><input type='text' name='SUBJECTALTNAME' value='$cgiparams{'SUBJECTALTNAME'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td>
- <td class='base'>$Lang::tr{'pkcs12 file password'}:</td>
- <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS1' value='$cgiparams{'CERT_PASS1'}' size='32' $cakeydisabled /></td></tr>
- <tr><td> </td><td class='base'>$Lang::tr{'pkcs12 file password'}:($Lang::tr{'confirmation'})</td>
- <td class='base' nowrap='nowrap'><input type='password' name='CERT_PASS2' value='$cgiparams{'CERT_PASS2'}' size='32' $cakeydisabled /></td></tr>
- </table>
-END
- ;
- &Header::closebox();
- }
-
- print "<div align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
- if ($cgiparams{'KEY'}) {
- print "<input type='submit' name='ACTION' value='$Lang::tr{'advanced'}' />";
- }
- print "<input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></div></form>";
- &Header::closebigbox();
- &Header::closepage();
- exit (0);
-
- VPNCONF_END:
-}
-
-###
-### Advanced settings
-###
-if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
- ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'ADVANCED'} eq 'yes')) {
- &General::readhash("${General::swroot}/vpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
- if (! $confighash{$cgiparams{'KEY'}}) {
- $errormessage = $Lang::tr{'invalid key'};
- goto ADVANCED_END;
- }
-
- if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
- # I didn't read any incompatibilities here....
- #if ($cgiparams{'VHOST'} eq 'on' && $cgiparams{'COMPRESSION'} eq 'on') {
- # $errormessage = $Lang::tr{'cannot enable both nat traversal and compression'};
- # goto ADVANCED_ERROR;
- #}
- my @temp = split('\|', $cgiparams{'IKE_ENCRYPTION'});
- if ($#temp < 0) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes128|3des|twofish256|twofish128|serpent256|serpent128|blowfish256|blowfish128|cast128)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- }
- @temp = split('\|', $cgiparams{'IKE_INTEGRITY'});
- if ($#temp < 0) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- foreach my $val (@temp) {
- if ($val !~ /^(sha2_512|sha2_256|sha|md5)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- }
- @temp = split('\|', $cgiparams{'IKE_GROUPTYPE'});
- if ($#temp < 0) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- foreach my $val (@temp) {
- if ($val !~ /^(768|1024|1536|2048|3072|4096|6144|8192)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- }
- if ($cgiparams{'IKE_LIFETIME'} !~ /^\d+$/) {
- $errormessage = $Lang::tr{'invalid input for ike lifetime'};
- goto ADVANCED_ERROR;
- }
- if ($cgiparams{'IKE_LIFETIME'} < 1 || $cgiparams{'IKE_LIFETIME'} > 8) {
- $errormessage = $Lang::tr{'ike lifetime should be between 1 and 8 hours'};
- goto ADVANCED_ERROR;
- }
- @temp = split('\|', $cgiparams{'ESP_ENCRYPTION'});
- if ($#temp < 0) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes128|3des|twofish256|twofish128|serpent256|serpent128|blowfish256|blowfish128)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- }
- @temp = split('\|', $cgiparams{'ESP_INTEGRITY'});
- if ($#temp < 0) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- foreach my $val (@temp) {
- if ($val !~ /^(sha2_512|sha2_256|sha1|md5)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
- }
- if ($cgiparams{'ESP_GROUPTYPE'} ne '' &&
- $cgiparams{'ESP_GROUPTYPE'} !~ /^modp(768|1024|1536|2048|3072|4096)$/) {
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
-
- if ($cgiparams{'ESP_KEYLIFE'} !~ /^\d+$/) {
- $errormessage = $Lang::tr{'invalid input for esp keylife'};
- goto ADVANCED_ERROR;
- }
- if ($cgiparams{'ESP_KEYLIFE'} < 1 || $cgiparams{'ESP_KEYLIFE'} > 24) {
- $errormessage = $Lang::tr{'esp keylife should be between 1 and 24 hours'};
- goto ADVANCED_ERROR;
- }
-
- if (
- ($cgiparams{'AGGRMODE'} !~ /^(|on|off)$/) ||
- ($cgiparams{'COMPRESSION'} !~ /^(|on|off)$/) ||
- ($cgiparams{'ONLY_PROPOSED'} !~ /^(|on|off)$/) ||
- ($cgiparams{'PFS'} !~ /^(|on|off)$/) ||
- ($cgiparams{'VHOST'} !~ /^(|on|off)$/)
- ){
- $errormessage = $Lang::tr{'invalid input'};
- goto ADVANCED_ERROR;
- }
-
- $confighash{$cgiparams{'KEY'}}[18] = $cgiparams{'IKE_ENCRYPTION'};
- $confighash{$cgiparams{'KEY'}}[19] = $cgiparams{'IKE_INTEGRITY'};
- $confighash{$cgiparams{'KEY'}}[20] = $cgiparams{'IKE_GROUPTYPE'};
- $confighash{$cgiparams{'KEY'}}[16] = $cgiparams{'IKE_LIFETIME'};
- $confighash{$cgiparams{'KEY'}}[21] = $cgiparams{'ESP_ENCRYPTION'};
- $confighash{$cgiparams{'KEY'}}[22] = $cgiparams{'ESP_INTEGRITY'};
- $confighash{$cgiparams{'KEY'}}[23] = $cgiparams{'ESP_GROUPTYPE'};
- $confighash{$cgiparams{'KEY'}}[17] = $cgiparams{'ESP_KEYLIFE'};
- $confighash{$cgiparams{'KEY'}}[12] = $cgiparams{'AGGRMODE'};
- $confighash{$cgiparams{'KEY'}}[13] = $cgiparams{'COMPRESSION'};
- $confighash{$cgiparams{'KEY'}}[24] = $cgiparams{'ONLY_PROPOSED'};
- $confighash{$cgiparams{'KEY'}}[28] = $cgiparams{'PFS'};
- $confighash{$cgiparams{'KEY'}}[14] = $cgiparams{'VHOST'};
- &General::writehasharray("${General::swroot}/vpn/config", \%confighash);
- &writeipsecfiles();
- if (&vpnenabled) {
- system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
- sleep $sleepDelay;
- }
- goto ADVANCED_END;
- } else {
- $cgiparams{'IKE_ENCRYPTION'} = $confighash{$cgiparams{'KEY'}}[18];
- $cgiparams{'IKE_INTEGRITY'} = $confighash{$cgiparams{'KEY'}}[19];
- $cgiparams{'IKE_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[20];
- $cgiparams{'IKE_LIFETIME'} = $confighash{$cgiparams{'KEY'}}[16];
- $cgiparams{'ESP_ENCRYPTION'} = $confighash{$cgiparams{'KEY'}}[21];
- $cgiparams{'ESP_INTEGRITY'} = $confighash{$cgiparams{'KEY'}}[22];
- $cgiparams{'ESP_GROUPTYPE'} = $confighash{$cgiparams{'KEY'}}[23];
- $cgiparams{'ESP_KEYLIFE'} = $confighash{$cgiparams{'KEY'}}[17];
- $cgiparams{'AGGRMODE'} = $confighash{$cgiparams{'KEY'}}[12];
- $cgiparams{'COMPRESSION'} = $confighash{$cgiparams{'KEY'}}[13];
- $cgiparams{'ONLY_PROPOSED'} = $confighash{$cgiparams{'KEY'}}[24];
- $cgiparams{'PFS'} = $confighash{$cgiparams{'KEY'}}[28];
- $cgiparams{'VHOST'} = $confighash{$cgiparams{'KEY'}}[14];
-
- if ($confighash{$cgiparams{'KEY'}}[3] eq 'net' || $confighash{$cgiparams{'KEY'}}[10]) {
- $cgiparams{'VHOST'} = 'off';
- }
- }
-
- ADVANCED_ERROR:
- $checked{'IKE_ENCRYPTION'}{'aes256'} = '';
- $checked{'IKE_ENCRYPTION'}{'aes128'} = '';
- $checked{'IKE_ENCRYPTION'}{'3des'} = '';
- $checked{'IKE_ENCRYPTION'}{'twofish256'} = '';
- $checked{'IKE_ENCRYPTION'}{'twofish128'} = '';
- $checked{'IKE_ENCRYPTION'}{'serpent256'} = '';
- $checked{'IKE_ENCRYPTION'}{'serpent128'} = '';
- $checked{'IKE_ENCRYPTION'}{'blowfish256'} = '';
- $checked{'IKE_ENCRYPTION'}{'blowfish128'} = '';
- $checked{'IKE_ENCRYPTION'}{'cast128'} = '';
- my @temp = split('\|', $cgiparams{'IKE_ENCRYPTION'});
- foreach my $key (@temp) {$checked{'IKE_ENCRYPTION'}{$key} = "selected='selected'"; }
- $checked{'IKE_INTEGRITY'}{'sha2_512'} = '';
- $checked{'IKE_INTEGRITY'}{'sha2_256'} = '';
- $checked{'IKE_INTEGRITY'}{'sha'} = '';
- $checked{'IKE_INTEGRITY'}{'md5'} = '';
- @temp = split('\|', $cgiparams{'IKE_INTEGRITY'});
- foreach my $key (@temp) {$checked{'IKE_INTEGRITY'}{$key} = "selected='selected'"; }
- $checked{'IKE_GROUPTYPE'}{'768'} = '';
- $checked{'IKE_GROUPTYPE'}{'1024'} = '';
- $checked{'IKE_GROUPTYPE'}{'1536'} = '';
- $checked{'IKE_GROUPTYPE'}{'2048'} = '';
- $checked{'IKE_GROUPTYPE'}{'3072'} = '';
- $checked{'IKE_GROUPTYPE'}{'4096'} = '';
- $checked{'IKE_GROUPTYPE'}{'6144'} = '';
- $checked{'IKE_GROUPTYPE'}{'8192'} = '';
- @temp = split('\|', $cgiparams{'IKE_GROUPTYPE'});
- foreach my $key (@temp) {$checked{'IKE_GROUPTYPE'}{$key} = "selected='selected'"; }
- $checked{'ESP_ENCRYPTION'}{'aes256'} = '';
- $checked{'ESP_ENCRYPTION'}{'aes128'} = '';
- $checked{'ESP_ENCRYPTION'}{'3des'} = '';
- $checked{'ESP_ENCRYPTION'}{'twofish256'} = '';
- $checked{'ESP_ENCRYPTION'}{'twofish128'} = '';
- $checked{'ESP_ENCRYPTION'}{'serpent256'} = '';
- $checked{'ESP_ENCRYPTION'}{'serpent128'} = '';
- $checked{'ESP_ENCRYPTION'}{'blowfish256'} = '';
- $checked{'ESP_ENCRYPTION'}{'blowfish128'} = '';
- @temp = split('\|', $cgiparams{'ESP_ENCRYPTION'});
- foreach my $key (@temp) {$checked{'ESP_ENCRYPTION'}{$key} = "selected='selected'"; }
- $checked{'ESP_INTEGRITY'}{'sha2_512'} = '';
- $checked{'ESP_INTEGRITY'}{'sha2_256'} = '';
- $checked{'ESP_INTEGRITY'}{'sha1'} = '';
- $checked{'ESP_INTEGRITY'}{'md5'} = '';
- @temp = split('\|', $cgiparams{'ESP_INTEGRITY'});
- foreach my $key (@temp) {$checked{'ESP_INTEGRITY'}{$key} = "selected='selected'"; }
- $checked{'ESP_GROUPTYPE'}{'modp768'} = '';
- $checked{'ESP_GROUPTYPE'}{'modp1024'} = '';
- $checked{'ESP_GROUPTYPE'}{'modp1536'} = '';
- $checked{'ESP_GROUPTYPE'}{'modp2048'} = '';
- $checked{'ESP_GROUPTYPE'}{'modp3072'} = '';
- $checked{'ESP_GROUPTYPE'}{'modp4096'} = '';
- $checked{'ESP_GROUPTYPE'}{$cgiparams{'ESP_GROUPTYPE'}} = "selected='selected'";
-
- $checked{'AGGRMODE'} = $cgiparams{'AGGRMODE'} eq 'on' ? "checked='checked'" : '' ;
- $checked{'COMPRESSION'} = $cgiparams{'COMPRESSION'} eq 'on' ? "checked='checked'" : '' ;
- $checked{'ONLY_PROPOSED'} = $cgiparams{'ONLY_PROPOSED'} eq 'on' ? "checked='checked'" : '' ;
- $checked{'PFS'} = $cgiparams{'PFS'} eq 'on' ? "checked='checked'" : '' ;
- $checked{'VHOST'} = $cgiparams{'VHOST'} eq 'on' ? "checked='checked'" : '' ;
-
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', $errormessage);
-
- if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage";
- print " </class>";
- &Header::closebox();
- }
-
- if ($warnmessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'warning messages'});
- print "<class name='base'>$warnmessage";
- print " </class>";
- &Header::closebox();
- }
-
- &Header::openbox('100%', 'left', "$Lang::tr{'advanced'}:");
- print <<EOF
- <form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ADVANCED' value='yes' />
- <input type='hidden' name='KEY' value='$cgiparams{'KEY'}' />
-
- <table width='100%'>
- <tr><td class='boldbase' align='right' valign='top'>$Lang::tr{'ike encryption'}</td><td class='boldbase' valign='top'>
- <select name='IKE_ENCRYPTION' multiple='multiple' size='4'>
- <option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
- <option value='aes128' $checked{'IKE_ENCRYPTION'}{'aes128'}>AES (128 bit)</option>
- <option value='3des' $checked{'IKE_ENCRYPTION'}{'3des'}>3DES</option>
- <option value='twofish256' $checked{'IKE_ENCRYPTION'}{'twofish256'}>Twofish (256 bit)</option>
- <option value='twofish128' $checked{'IKE_ENCRYPTION'}{'twofish128'}>Twofish (128 bit)</option>
- <option value='serpent256' $checked{'IKE_ENCRYPTION'}{'serpent256'}>Serpent (256 bit)</option>
- <option value='serpent128' $checked{'IKE_ENCRYPTION'}{'serpent128'}>Serpent (128 bit)</option>
- <option value='blowfish256' $checked{'IKE_ENCRYPTION'}{'blowfish256'}>Blowfish (256 bit)</option>
- <option value='blowfish128' $checked{'IKE_ENCRYPTION'}{'blowfish128'}>Blowfish (128 bit)</option>
- <option value='cast128' $checked{'IKE_ENCRYPTION'}{'cast128'}>Cast (128 bit)</option>
- </select></td>
-
- <td class='boldbase' align='right' valign='top'>$Lang::tr{'ike integrity'}</td><td class='boldbase' valign='top'>
- <select name='IKE_INTEGRITY' multiple='multiple' size='4'>
- <option value='sha' $checked{'IKE_INTEGRITY'}{'sha'}>SHA</option>
- <option value='md5' $checked{'IKE_INTEGRITY'}{'md5'}>MD5</option>
- </select></td>
-
- <td class='boldbase' align='right' valign='top'>$Lang::tr{'ike grouptype'}</td><td class='boldbase' valign='top'>
- <select name='IKE_GROUPTYPE' multiple='multiple' size='4'>
- <option value='8192' $checked{'IKE_GROUPTYPE'}{'8192'}>MODP-8192</option>
- <option value='6144' $checked{'IKE_GROUPTYPE'}{'6144'}>MODP-6144</option>
- <option value='4096' $checked{'IKE_GROUPTYPE'}{'4096'}>MODP-4096</option>
- <option value='3072' $checked{'IKE_GROUPTYPE'}{'3072'}>MODP-3072</option>
- <option value='2048' $checked{'IKE_GROUPTYPE'}{'2048'}>MODP-2048</option>
- <option value='1536' $checked{'IKE_GROUPTYPE'}{'1536'}>MODP-1536</option>
- <option value='1024' $checked{'IKE_GROUPTYPE'}{'1024'}>MODP-1024</option>
- <option value='768' $checked{'IKE_GROUPTYPE'}{'768'}>MODP-768</option>
- </select></td>
- </tr><tr>
- <td class='boldbase' align='right' valign='top'>$Lang::tr{'ike lifetime'}</td><td class='boldbase' valign='top'>
- <input type='text' name='IKE_LIFETIME' value='$cgiparams{'IKE_LIFETIME'}' size='5' /> $Lang::tr{'hours'}</td>
-
- </tr><tr>
- <td colspan='1'><hr /></td>
- </tr><tr>
- <td class='boldbase' align='right' valign='top'>$Lang::tr{'esp encryption'}</td><td class='boldbase' valign='top'>
- <select name='ESP_ENCRYPTION' multiple='multiple' size='4'>
- <option value='aes256' $checked{'ESP_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
- <option value='aes128' $checked{'ESP_ENCRYPTION'}{'aes128'}>AES (128 bit)</option>
- <option value='3des' $checked{'ESP_ENCRYPTION'}{'3des'}>3DES</option>
- <option value='twofish256' $checked{'ESP_ENCRYPTION'}{'twofish256'}>Twofish (256 bit)</option>
- <option value='twofish128' $checked{'ESP_ENCRYPTION'}{'twofish128'}>Twofish (128 bit)</option>
- <option value='serpent256' $checked{'ESP_ENCRYPTION'}{'serpent256'}>Serpent (256 bit)</option>
- <option value='serpent128' $checked{'ESP_ENCRYPTION'}{'serpent128'}>Serpent (128 bit)</option>
- <option value='blowfish256' $checked{'ESP_ENCRYPTION'}{'blowfish256'}>Blowfish (256 bit)</option>
- <option value='blowfish128' $checked{'ESP_ENCRYPTION'}{'blowfish128'}>Blowfish (128 bit)</option></select></td>
-
- <td class='boldbase' align='right' valign='top'>$Lang::tr{'esp integrity'}</td><td class='boldbase' valign='top'>
- <select name='ESP_INTEGRITY' multiple='multiple' size='4'>
- <option value='sha1' $checked{'ESP_INTEGRITY'}{'sha1'}>SHA1</option>
- <option value='md5' $checked{'ESP_INTEGRITY'}{'md5'}>MD5</option></select></td>
-
- <td class='boldbase' align='right' valign='top'>$Lang::tr{'esp grouptype'}</td><td class='boldbase' valign='top'>
- <select name='ESP_GROUPTYPE'>
- <option value=''>$Lang::tr{'phase1 group'}</option>
- <option value='modp4096' $checked{'ESP_GROUPTYPE'}{'modp4096'}>MODP-4096</option>
- <option value='modp3072' $checked{'ESP_GROUPTYPE'}{'modp3072'}>MODP-3072</option>
- <option value='modp2048' $checked{'ESP_GROUPTYPE'}{'modp2048'}>MODP-2048</option>
- <option value='modp1536' $checked{'ESP_GROUPTYPE'}{'modp1536'}>MODP-1536</option>
- <option value='modp1024' $checked{'ESP_GROUPTYPE'}{'modp1024'}>MODP-1024</option>
- <option value='modp768' $checked{'ESP_GROUPTYPE'}{'modp768'}>MODP-768</option></select></td>
- </tr><tr>
- <td class='boldbase' align='right' valign='top'>$Lang::tr{'esp keylife'}</td><td class='boldbase' valign='top'>
- <input type='text' name='ESP_KEYLIFE' value='$cgiparams{'ESP_KEYLIFE'}' size='5' /> $Lang::tr{'hours'}</td>
- </tr><tr>
- <td colspan='1'><hr /></td>
- </tr><tr>
- <td colspan='5'><input type='checkbox' name='ONLY_PROPOSED' $checked{'ONLY_PROPOSED'} />
- IKE+ESP: $Lang::tr{'use only proposed settings'}</td>
- </tr><tr>
- <td colspan='5'><input type='checkbox' name='AGGRMODE' $checked{'AGGRMODE'} />
- $Lang::tr{'vpn aggrmode'}</td>
- </tr><tr>
- <td colspan='5'><input type='checkbox' name='PFS' $checked{'PFS'} />
- $Lang::tr{'pfs yes no'}</td>
- <td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
- </tr><tr>
- <td colspan='5'><input type='checkbox' name='COMPRESSION' $checked{'COMPRESSION'} />
- $Lang::tr{'vpn payload compression'}</td>
- <td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'cancel'}' /></td>
- </tr>
-EOF
- ;
- if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
- print "<tr><td><input type='hidden' name='VHOST' value='off' /></td></tr>";
- } elsif ($confighash{$cgiparams{'KEY'}}[10]) {
- print "<tr><td colspan='5'><input type='checkbox' name='VHOST' $checked{'VHOST'} disabled='disabled' />";
- print " $Lang::tr{'vpn vhost'}</td></tr>";
- } else {
- print "<tr><td colspan='5'><input type='checkbox' name='VHOST' $checked{'VHOST'} />";
- print " $Lang::tr{'vpn vhost'}</td></tr>";
- }
-
- print "</table></form>";
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
- exit(0);
-
- ADVANCED_END:
-}
-
-###
-### Default status page
-###
- %cgiparams = ();
- %cahash = ();
- %confighash = ();
- &General::readhash("${General::swroot}/vpn/settings", \%cgiparams);
- &General::readhasharray("${General::swroot}/vpn/caconfig", \%cahash);
- &General::readhasharray("${General::swroot}/vpn/config", \%confighash);
- $cgiparams{'CA_NAME'} = '';
-
- my @status = `/usr/sbin/ipsec auto --status`;
-
- # suggest a default name for this side
- if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") {
- if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) {
- my $ipaddr = <IPADDR>;
- close IPADDR;
- chomp ($ipaddr);
- $cgiparams{'VPN_IP'} = (gethostbyaddr(pack("C4", split(/\./, $ipaddr)), 2))[0];
- if ($cgiparams{'VPN_IP'} eq '') {
- $cgiparams{'VPN_IP'} = $ipaddr;
- }
- }
- }
- # no IP found, use %defaultroute
- $cgiparams{'VPN_IP'} ='%defaultroute' if ($cgiparams{'VPN_IP'} eq '');
-
- $cgiparams{'VPN_DELAYED_START'} = 0 if (! defined ($cgiparams{'VPN_DELAYED_START'}));
- $checked{'VPN_WATCH'} = $cgiparams{'VPN_WATCH'} eq 'on' ? "checked='checked'" : '' ;
- map ($checked{$_} = $cgiparams{$_} eq 'on' ? "checked='checked'" : '',
- ('ENABLED','DBG_CRYPT','DBG_PARSING','DBG_EMITTING','DBG_CONTROL',
- 'DBG_KLIPS','DBG_DNS','DBG_NAT_T'));
-
-
- &Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
- &Header::openbigbox('100%', 'left', '', $errormessage);
-
- if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
- }
-
- &Header::openbox('100%', 'left', $Lang::tr{'global settings'});
- print <<END
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <table width='100%'>
- <tr>
- <td width='20%' class='base' nowrap='nowrap'>$Lang::tr{'vpn red name'}:</td>
- <td width='20%'><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' /></td>
- <td width='20%' class='base'>$Lang::tr{'enabled'}<input type='checkbox' name='ENABLED' $checked{'ENABLED'} /></td>
- </tr>
-END
- ;
- print <<END
- <tr>
- <td class='base' nowrap='nowrap'>$Lang::tr{'override mtu'}: <img src='/blob.gif' alt='*' /></td>
- <td ><input type='text' name='VPN_OVERRIDE_MTU' value='$cgiparams{'VPN_OVERRIDE_MTU'}' /></td>
- </tr>
-END
- ;
-print <<END
- <tr>
- <td class='base' nowrap='nowrap'>$Lang::tr{'vpn delayed start'}: <img src='/blob.gif' alt='*' /><img src='/blob.gif' alt='*' /></td>
- <td ><input type='text' name='VPN_DELAYED_START' value='$cgiparams{'VPN_DELAYED_START'}' /></td>
- </tr>
- </table>
-<p>$Lang::tr{'vpn watch'}:<input type='checkbox' name='VPN_WATCH' $checked{'VPN_WATCH'} /></p>
-<p>PLUTO DEBUG =
-crypt:<input type='checkbox' name='DBG_CRYPT' $checked{'DBG_CRYPT'} />,
-parsing:<input type='checkbox' name='DBG_PARSING' $checked{'DBG_PARSING'} />,
-emitting:<input type='checkbox' name='DBG_EMITTING' $checked{'DBG_EMITTING'} />,
-control:<input type='checkbox' name='DBG_CONTROL' $checked{'DBG_CONTROL'} />,
-klips:<input type='checkbox' name='DBG_KLIPS' $checked{'DBG_KLIPS'} />,
-dns:<input type='checkbox' name='DBG_DNS' $checked{'DBG_DNS'} />,
-nat_t:<input type='checkbox' name='DBG_NAT_T' $checked{'DBG_NAT_T'} /></p>
-
-<hr />
-<table width='100%'>
-<tr>
- <td class='base' valign='top'><img src='/blob.gif' alt='*' /></td>
- <td width='70%' class='base' valign='top'>$Lang::tr{'this field may be blank'}</td>
-</tr>
-<tr>
- <td class='base' valign='top' nowrap='nowrap'><img src='/blob.gif' alt='*' /><img src='/blob.gif' alt='*' /> </td>
- <td class='base'> <font class='base'>$Lang::tr{'vpn delayed start help'}</font></td>
- <td width='30%' align='center' class='base'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
-</tr>
-</table>
-END
-;
- print "</form>";
- &Header::closebox();
-
- &Header::openbox('100%', 'left', $Lang::tr{'connection status and controlc'});
- print <<END
- <table width='100%' border='0' cellspacing='1' cellpadding='0'>
- <tr>
- <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
- <td width='22%' class='boldbase' align='center'><b>$Lang::tr{'type'}</b></td>
- <td width='23%' class='boldbase' align='center'><b>$Lang::tr{'common name'}</b></td>
- <td width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></td>
- <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'status'}</b></td>
- <td class='boldbase' align='center' colspan='6'><b>$Lang::tr{'action'}</b></td>
- </tr>
-END
- ;
- my $id = 0;
- my $gif;
- foreach my $key (keys %confighash) {
- if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
-
- if ($id % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n";
- } else {
- print "<tr bgcolor='$color{'color22'}'>\n";
- }
- print "<td align='center' nowrap='nowrap'>$confighash{$key}[1]</td>";
- print "<td align='center' nowrap='nowrap'>" . $Lang::tr{"$confighash{$key}[3]"} . " (" . $Lang::tr{"$confighash{$key}[4]"} . ")</td>";
- if ($confighash{$key}[2] eq '%auth-dn') {
- print "<td align='left' nowrap='nowrap'>$confighash{$key}[9]</td>";
- } elsif ($confighash{$key}[4] eq 'cert') {
- print "<td align='left' nowrap='nowrap'>$confighash{$key}[2]</td>";
- } else {
- print "<td align='left'> </td>";
- }
- print "<td align='center'>$confighash{$key}[25]</td>";
- # get real state
- my $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourred}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
- foreach my $line (@status) {
- if ($line =~ /\"$confighash{$key}[1]\".*IPsec SA established/) {
- $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourgreen}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsopen'}</font></b></td></tr></table>";
- }
- }
- # move to blueif really down
- if ($confighash{$key}[0] eq 'off' && $active =~ /${Header::colourred}/ ) {
- $active = "<table cellpadding='2' cellspacing='0' bgcolor='${Header::colourblue}' width='100%'><tr><td align='center'><b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b></td></tr></table>";
- }
- print <<END
- <td align='center'>$active</td>
- <td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'restart'}' src='/images/reload.gif' alt='$Lang::tr{'restart'}' title='$Lang::tr{'restart'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'restart'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
-END
- ;
- if (($confighash{$key}[4] eq 'cert') && ($confighash{$key}[2] ne '%auth-dn')) {
- print <<END
- <td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'show certificate'}' src='/images/info.gif' alt='$Lang::tr{'show certificate'}' title='$Lang::tr{'show certificate'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'show certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
-END
- ; } else {
- print "<td width='2%'> </td>";
- }
- if ($confighash{$key}[4] eq 'cert' && -f "${General::swroot}/certs/$confighash{$key}[1].p12") {
- print <<END
- <td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'download pkcs12 file'}' src='/images/floppy.gif' alt='$Lang::tr{'download pkcs12 file'}' title='$Lang::tr{'download pkcs12 file'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download pkcs12 file'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
-END
- ; } elsif (($confighash{$key}[4] eq 'cert') && ($confighash{$key}[2] ne '%auth-dn')) {
- print <<END
- <td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'download certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' title='$Lang::tr{'download certificate'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
-END
- ; } else {
- print "<td width='2%'> </td>";
- }
- print <<END
- <td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$Lang::tr{'toggle enable disable'}' title='$Lang::tr{'toggle enable disable'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
-
- <td align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
- <td align='center' >
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
- </tr>
-END
- ;
- $id++;
- }
- print "</table>";
-
- # If the config file contains entries, print Key to action icons
- if ( $id ) {
- print <<END
- <table>
- <tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
- <td class='base'>$Lang::tr{'show certificate'}</td>
- <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
- </tr>
- <tr>
- <td> </td>
- <td> <img src='/images/off.gif' alt='?OFF' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> <img src='/images/floppy.gif' alt='?FLOPPY' /></td>
- <td class='base'>$Lang::tr{'download certificate'}</td>
- <td> <img src='/images/reload.gif' alt='?RELOAD'/></td>
- <td class='base'>$Lang::tr{'restart'}</td>
- </tr>
- </table>
-END
- ;
- }
-
- print <<END
- <table width='100%'>
- <tr><td align='center' colspan='9'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='submit' name='ACTION' value='$Lang::tr{'add'}' />
- </form>
- </td></tr>
- </table>
-END
- ;
- &Header::closebox();
-
- &Header::openbox('100%', 'left', "$Lang::tr{'certificate authorities'}:");
- print <<EOF
- <table width='100%' border='0' cellspacing='1' cellpadding='0'>
- <tr>
- <td width='25%' class='boldbase' align='center'><b>$Lang::tr{'name'}</b></td>
- <td width='65%' class='boldbase' align='center'><b>$Lang::tr{'subject'}</b></td>
- <td width='10%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
- </tr>
-EOF
- ;
- if (-f "${General::swroot}/ca/cacert.pem") {
- my $casubject = &Header::cleanhtml(getsubjectfromcert ("${General::swroot}/ca/cacert.pem"));
-
- print <<END
- <tr bgcolor='$color{'color22'}'>
- <td class='base'>$Lang::tr{'root certificate'}</td>
- <td class='base'>$casubject</td>
- <td width='3%' align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'show root certificate'}' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/info.gif' alt='$Lang::tr{'show root certificate'}' title='$Lang::tr{'show root certificate'}' />
- </form>
- </td>
- <td width='3%' align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'download root certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download root certificate'}' title='$Lang::tr{'download root certificate'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download root certificate'}' />
- </form>
- </td>
- <td width='4%'> </td></tr>
-END
- ;
- } else {
- # display rootcert generation buttons
- print <<END
- <tr bgcolor='$color{'color22'}'>
- <td class='base'>$Lang::tr{'root certificate'}:</td>
- <td class='base'>$Lang::tr{'not present'}</td>
- <td colspan='3'> </td></tr>
-END
- ;
- }
-
- if (-f "${General::swroot}/certs/hostcert.pem") {
- my $hostsubject = &Header::cleanhtml(getsubjectfromcert ("${General::swroot}/certs/hostcert.pem"));
-
- print <<END
- <tr bgcolor='$color{'color20'}'>
- <td class='base'>$Lang::tr{'host certificate'}</td>
- <td class='base'>$hostsubject</td>
- <td width='3%' align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'show host certificate'}' />
- <input type='image' name='$Lang::tr{'show host certificate'}' src='/images/info.gif' alt='$Lang::tr{'show host certificate'}' title='$Lang::tr{'show host certificate'}' />
- </form>
- </td>
- <td width='3%' align='center'>
- <form method='post' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'download host certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download host certificate'}' title='$Lang::tr{'download host certificate'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download host certificate'}' />
- </form>
- </td>
- <td width='4%'> </td></tr>
-END
- ;
- } else {
- # Nothing
- print <<END
- <tr bgcolor='$color{'color20'}'>
- <td width='25%' class='base'>$Lang::tr{'host certificate'}:</td>
- <td class='base'>$Lang::tr{'not present'}</td>
- <td colspan='3'> </td></tr>
-END
- ;
- }
-
- my $rowcolor = 0;
- if (keys %cahash > 0) {
- foreach my $key (keys %cahash) {
- if ($rowcolor++ % 2) {
- print "<tr bgcolor='$color{'color20'}'>\n";
- } else {
- print "<tr bgcolor='$color{'color22'}'>\n";
- }
- print "<td class='base'>$cahash{$key}[0]</td>\n";
- print "<td class='base'>$cahash{$key}[1]</td>\n";
- print <<END
- <td align='center'>
- <form method='post' name='cafrm${key}a' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'show ca certificate'}' src='/images/info.gif' alt='$Lang::tr{'show ca certificate'}' title='$Lang::tr{'show ca certificate'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'show ca certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
- <td align='center'>
- <form method='post' name='cafrm${key}b' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'download ca certificate'}' src='/images/floppy.gif' alt='$Lang::tr{'download ca certificate'}' title='$Lang::tr{'download ca certificate'}' />
- <input type='hidden' name='ACTION' value='$Lang::tr{'download ca certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
- <td align='center'>
- <form method='post' name='cafrm${key}c' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='$Lang::tr{'remove ca certificate'}' />
- <input type='image' name='$Lang::tr{'remove ca certificate'}' src='/images/delete.gif' alt='$Lang::tr{'remove ca certificate'}' title='$Lang::tr{'remove ca certificate'}' />
- <input type='hidden' name='KEY' value='$key' />
- </form>
- </td>
- </tr>
-END
- ;
- }
- }
- print "</table>";
-
- # If the file contains entries, print Key to action icons
- if ( -f "${General::swroot}/ca/cacert.pem") {
- print <<END
- <table><tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/info.gif' alt='$Lang::tr{'show certificate'}' /></td>
- <td class='base'>$Lang::tr{'show certificate'}</td>
- <td> <img src='/images/floppy.gif' alt='$Lang::tr{'download certificate'}' /></td>
- <td class='base'>$Lang::tr{'download certificate'}</td>
- </tr></table>
-END
- ;
- }
- my $createCA = -f "${General::swroot}/ca/cacert.pem" ? '' : "<tr><td colspan='3'></td><td><input type='submit' name='ACTION' value='$Lang::tr{'generate root/host certificates'}' /></td></tr>";
- print <<END
- <hr />
- <form method='post' enctype='multipart/form-data' action='$ENV{'SCRIPT_NAME'}'>
- <table width='100%' border='0' cellspacing='1' cellpadding='0'>
- $createCA
- <tr>
- <td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
- <td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' /> </td>
- <td nowrap='nowrap'><input type='file' name='FH' size='30' /></td>
- <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td>
- </tr>
- <tr>
- <td colspan='3'>$Lang::tr{'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections'}:</td>
- <td><input type='submit' name='ACTION' value='$Lang::tr{'remove x509'}' /></td>
- </tr>
- </table>
- </form>
-END
- ;
- &Header::closebox();
- &Header::closebigbox();
- &Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-
-# remove comment from next line to get wakeup info in seperate page
-my $refresh = 'yes';
-# remove comment from next line to get wakeup info as inline box
-#my $refresh = '';
-
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colouryellow} );
-undef (@dummy);
-my $line;
-my $i;
-
-my @wol_devices = ();
-#configfile
-our $datafile = "/var/ipfire/wakeonlan/clients.conf";
-&ReadConfig;
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my %netsettings = ();
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-my %cgiparams = ();
-
-$cgiparams{'ACTION'} = ''; # add/edit/update/remove/wakeup
-$cgiparams{'ID'} = ''; # points to record for ACTION (edit/update/remove)
-$cgiparams{'CLIENT_MAC'} = '';
-$cgiparams{'CLIENT_IFACE'} = '';
-$cgiparams{'CLIENT_COMMENT'} = '';
-&Header::getcgihash(\%cgiparams);
-
-my %selected = ();
-$selected{'CLIENT_IFACE'}{'green'} = '';
-$selected{'CLIENT_IFACE'}{'blue'} = '';
-$selected{'CLIENT_IFACE'}{'orange'} = '';
-$selected{'CLIENT_IFACE'}{'red'} = '';
-
-&Header::showhttpheaders();
-
-my $errormessage = "";
-
-if ( $cgiparams{'ACTION'} eq 'add' )
-{
- # add a device, check for valid and non-duplicate MAC
- if ( $cgiparams{'CLIENT_MAC'} eq '' )
- {
- goto ADDEXIT;
- }
-
- $cgiparams{'CLIENT_MAC'} =~ tr/-/:/;
-
- unless( &General::validmac($cgiparams{'CLIENT_MAC'}) )
- {
- $errormessage = $Lang::tr{'invalid mac address'};
- goto ADDEXIT;
- }
-
- for $i ( 0 .. $#wol_devices )
- {
- if ( lc($cgiparams{'CLIENT_MAC'}) eq lc($wol_devices[$i]{'MAC'}) )
- {
- $errormessage = $Lang::tr{'duplicate mac'};
- goto ADDEXIT;
- }
- }
-
- unless ( $errormessage )
- {
- push @wol_devices, { MAC => uc($cgiparams{'CLIENT_MAC'}), IFace => $cgiparams{'CLIENT_IFACE'}, Comment => $cgiparams{'CLIENT_COMMENT'} };
- &WriteConfig;
- undef %cgiparams;
- }
-
-ADDEXIT:
-# jump here to keep cgiparams!
-}
-
-if ( $cgiparams{'ACTION'} eq 'update' )
-{
- # update a device, check for valid and non-duplicate MAC
- if ( $cgiparams{'CLIENT_MAC'} eq '' )
- {
- goto UPDATEEXIT;
- }
-
- $cgiparams{'CLIENT_MAC'} =~ tr/-/:/;
-
- unless( &General::validmac($cgiparams{'CLIENT_MAC'}) )
- {
- $errormessage = $Lang::tr{'invalid mac address'};
- goto UPDATEEXIT;
- }
-
- for $i ( 0 .. $#wol_devices )
- {
- if ( $i == $cgiparams{'ID'} ) { next; }
- if ( lc($cgiparams{'CLIENT_MAC'}) eq lc($wol_devices[$i]{'MAC'}) )
- {
- $errormessage = $Lang::tr{'duplicate mac'};
- goto UPDATEEXIT;
- }
- }
-
- unless ( $errormessage )
- {
- $wol_devices[$cgiparams{'ID'}]{'MAC'} = $cgiparams{'CLIENT_MAC'};
- $wol_devices[$cgiparams{'ID'}]{'IFace'} = $cgiparams{'CLIENT_IFACE'};
- $wol_devices[$cgiparams{'ID'}]{'Comment'} = $cgiparams{'CLIENT_COMMENT'};
- &WriteConfig;
- undef %cgiparams;
- }
-
-UPDATEEXIT:
-# jump here to keep cgiparams!
-}
-
-if ( $cgiparams{'ACTION'} eq 'remove' )
-{
- # simply set MAC to empty, WriteConfig will handle the gory details
- $wol_devices[$cgiparams{'ID'}]{'MAC'} = '';
- &WriteConfig;
-}
-
-if ( ($cgiparams{'ACTION'} ne 'wakeup') || ($refresh ne 'yes') )
-{
- &Header::openpage($Lang::tr{'WakeOnLan'}, 1, '');
- &Header::openbigbox('100%', 'left', '', $errormessage);
-}
-
-if ( $cgiparams{'ACTION'} eq 'wakeup' )
-{
- # wakey wakey
- my $mac = $wol_devices[$cgiparams{'ID'}]{'MAC'};
- my $iface = uc($wol_devices[$cgiparams{'ID'}]{'IFace'}).'_DEV';
- $iface = $netsettings{"$iface"};
-
- undef %cgiparams;
-
- system("/usr/local/bin/launch-ether-wake $mac $iface");
-
- # make a box with info, 'refresh' to normal screen after 5 seconds
- if ( $refresh eq 'yes' )
- {
- &Header::openpage($Lang::tr{'WakeOnLan'}, 1, "<meta http-equiv='refresh' content='3;url=/cgi-bin/wakeonlan.cgi'");
- &Header::openbigbox('100%', 'left');
- }
- &Header::openbox('100%', 'left', $Lang::tr{'WakeOnLan'});
- print "<p>$Lang::tr{'magic packet send to:'} $mac ($iface)</p>";
- &Header::closebox();
-
- if ( $refresh eq 'yes' )
- {
- &Header::closebigbox();
- &Header::closepage();
- # that's all folks
- exit;
- }
-}
-
-#print "Action: $cgiparams{'ACTION'}<br />";
-#print "ID: $cgiparams{'ID'}<br />";
-#print "MAC: $cgiparams{'CLIENT_MAC'}<br />";
-#print "IFace: $cgiparams{'CLIENT_IFACE'}<br />";
-#print "Rem: $cgiparams{'CLIENT_COMMENT'}<br />";
-
-if ( $errormessage )
-{
- # some error from add / update
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
-}
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-$selected{'CLIENT_IFACE'}{$cgiparams{'CLIENT_IFACE'}} = "selected='selected'";
-my $buttontext = $Lang::tr{'add'};
-if ( $cgiparams{'ACTION'} eq 'edit' )
-{
- &Header::openbox('100%', 'left', "$Lang::tr{'edit device'}");
- $buttontext = $Lang::tr{'update'};
- $cgiparams{'CLIENT_MAC'} = $wol_devices[$cgiparams{'ID'}]{'MAC'};
- $selected{'CLIENT_IFACE'}{$wol_devices[$cgiparams{'ID'}]{'IFace'}} = "selected='selected'";
- $cgiparams{'CLIENT_COMMENT'} = $wol_devices[$cgiparams{'ID'}]{'Comment'};
-}
-elsif ( $cgiparams{'ACTION'} eq 'update' )
-{
- &Header::openbox('100%', 'left', "$Lang::tr{'edit device'}");
- $buttontext = $Lang::tr{'update'};
-}
-else
-{
- &Header::openbox('100%', 'left', "$Lang::tr{'add device'}");
-}
-
-print <<END
-<table width='100%'>
-<tr>
- <td width='15%' class='base'>$Lang::tr{'mac address'}: </td>
- <td width='40%'><input type='text' name='CLIENT_MAC' value='$cgiparams{'CLIENT_MAC'}' size='25' /></td>
- <td width='10%' class='base'>$Lang::tr{'interface'}: </td>
- <td align='left'>
- <select name='CLIENT_IFACE'>
-END
-;
-
-print "<option value='green' $selected{'CLIENT_IFACE'}{'green'}>$Lang::tr{'green'}</option>";
-if (&haveBlueNet())
-{
- print "<option value='blue' $selected{'CLIENT_IFACE'}{'blue'}>$Lang::tr{'blue'}</option>";
-}
-if (&haveOrangeNet())
-{
- print "<option value='orange' $selected{'CLIENT_IFACE'}{'orange'}>$Lang::tr{'orange'}</option>";
-}
-# red for some testing purposes only
-# print "<option value='red' $selected{'CLIENT_IFACE'}{'red'}>$Lang::tr{'red'}</option>";
-print <<END
- </select>
- </td>
-</tr>
-<tr>
- <td width='15%' class='base'>$Lang::tr{'remark'}: <img src='/blob.gif' alt='*' /></td>
- <td colspan='4' align='left'><input type='text' name='CLIENT_COMMENT' value='$cgiparams{'CLIENT_COMMENT'}' size='40' /></td>
-</tr>
-</table>
-<hr />
-<table width='100%'>
-<tr>
- <td class='base' valign='top'><img src='/blob.gif' alt='*' /></td>
- <td width='55%' class='base'>$Lang::tr{'this field may be blank'}</td>
- <td width='40%' align='center'>
-END
-;
-
-if ( ($cgiparams{'ACTION'} eq 'edit') || ($cgiparams{'ACTION'} eq 'update') )
-{
- print "<input type='hidden' name='ID' value='$cgiparams{'ID'}' />\n";
- print "<input type='hidden' name='ACTION' value='update' />";
-}
-else
-{
- print "<input type='hidden' name='ACTION' value='add' />";
-}
-print "<input type='submit' name='SUBMIT' value='$buttontext' /></td></tr></table>";
-
-&Header::closebox();
-
-print "</form>\n";
-
-#######################################
-#
-# now list already configured devivces
-#
-#######################################
-&Header::openbox('100%', 'left', "$Lang::tr{'current devices'}");
-
-print <<END
-<table width='100%'>
-<tr>
-<td align='center' width='20%'><b>$Lang::tr{'mac address'}</b></td>
-<td align='center' width='10%'><b>$Lang::tr{'interface'}</b></td>
-<td align='center' width='60%'><b>$Lang::tr{'remark'}</b></td>
-<td align='center' colspan='2'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-
-for $i ( 0 .. $#wol_devices )
-{
- my $wol_mac = $wol_devices[$i]{'MAC'};
- my $wol_iface = $wol_devices[$i]{'IFace'};
- my $wol_txt = &Header::cleanhtml($wol_devices[$i]{'Comment'});
-
- if ( (($cgiparams{'ACTION'} eq 'edit') || ($cgiparams{'ACTION'} eq 'update')) && ($i == $cgiparams{'ID'}) )
- {
- print "<tr bgcolor='${Header::colouryellow}'>";
- }
- elsif ( $i % 2)
- {
- print "<tr bgcolor='$color{'color22'}'>";
- }
- else
- {
- print "<tr bgcolor='$color{'color20'}'>";
- }
-
- print <<END
-<td align='center'>$wol_mac</td>
-<td align='center'>$Lang::tr{"$wol_iface"}</td>
-<td align='left'>$wol_txt</td>
-<td align='center'>
-END
-;
- if ( (($wol_iface eq 'blue') && ! &haveBlueNet())
- || (($wol_iface eq 'orange') && ! &haveOrangeNet()) )
- {
- # configured IFace (momentarily) not available -> now wakeup button/image
- print " ";
- }
- else
- {
- print <<END
-<form method='post' name='frma$i' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='wakeup' />
-<input type='image' name='wakeup' src='/images/wakeup.gif' alt='$Lang::tr{'wol wakeup'}' title='$Lang::tr{'wol wakeup'}' />
-<input type='hidden' name='ID' value='$i' />
-</form>
-END
-;
- }
- print <<END
-</td>
-<td align='center'>
- <form method='post' name='frmb$i' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='edit' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
- <input type='hidden' name='ID' value='$i' />
- </form>
-</td>
-<td align='center'>
- <form method='post' name='frmc$i' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='remove' />
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
- <input type='hidden' name='ID' value='$i' />
- </form>
-</td>
-END
-;
- print "</tr>\n";
-}
-
-print "</table>";
-
-&Header::closebox();
-
-&Header::closebigbox();
-&Header::closepage();
-
-#
-# load the configuration file
-#
-sub ReadConfig
-{
- # datafileformat:
- # ID,MAC,IFACE,,Comment
- #
- my @tmpfile = ();
- if ( open(FILE, "$datafile") )
- {
- @tmpfile = <FILE>;
- close (FILE);
- }
-
- @wol_devices = ();
-
- # populate devices list
- foreach $line ( @tmpfile )
- {
- chomp($line); # remove newline
- my @temp = split(/\,/,$line,5);
- if ( $temp[1] eq '' ) { next; }
- unless(&General::validmac($temp[1])) { next; }
-
- push @wol_devices, { ID => $temp[0], MAC => $temp[1], IFace => $temp[2], Comment => $temp[4] };
- }
-}
-
-#
-# write the configuration file
-#
-sub WriteConfig
-{
- my $line;
- my @temp;
-
- my @tmp_clients;
-
- for $i ( 0 .. $#wol_devices )
- {
- unless(&General::validmac($wol_devices[$i]{'MAC'})) { next; }
- unshift (@tmp_clients, uc($wol_devices[$i]{'MAC'}).",$wol_devices[$i]{'IFace'},,$wol_devices[$i]{'Comment'}");
- }
-
- # sort tmp_clients on MAC
- @tmp_clients = sort ( @tmp_clients );
-
- open(FILE, ">$datafile") or die 'hosts datafile error';
-
- my $count = 0;
- foreach $line (@tmp_clients)
- {
- print FILE "$count,$line\n";
- $count++;
- }
- close FILE;
-
- &ReadConfig;
-}
-
-
-#
-# copied these from dmzholes.cgi (thnx dotzball)
-# seems to be the way to do this :-S
-#
-sub haveOrangeNet
-{
- if ($netsettings{'CONFIG_TYPE'} == 2) {return 1;}
- if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
- return 0;
-}
-
-sub haveBlueNet
-{
- if ($netsettings{'CONFIG_TYPE'} == 3) {return 1;}
- if ($netsettings{'CONFIG_TYPE'} == 4) {return 1;}
- return 0;
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use CGI;
-
-my $swroot = "/var/ipfire";
-my $apdir = "$swroot/proxy/advanced";
-my $group_def_file = "$apdir/cre/classrooms";
-my $svhosts_file = "$apdir/cre/supervisors";
-my $acl_src_noaccess_ips = "$apdir/acls/src_noaccess_ip.acl";
-my $acl_src_noaccess_mac = "$apdir/acls/src_noaccess_mac.acl";
-
-my $banner = "A D V A N C E D P R O X Y - W E B A C C E S S M A N A G E R";
-my %cgiparams;
-my %mainsettings;
-my %proxysettings;
-
-my %acl=();
-my @group_defs=();
-my @groups=();
-
-### Initialize environment
-&readhash("${swroot}/main/settings", \%mainsettings);
-&readhash("${swroot}/proxy/advanced/settings", \%proxysettings);
-$language = $mainsettings{'LANGUAGE'};
-
-### Initialize language
-if ($language =~ /^(\w+)$/) {$language = $1;}
- #
- # Uncomment this to force a certain language:
- # $language='en';
- #
-require "${swroot}/langs/en.pl";
-require "${swroot}/langs/${language}.pl";
-
-&getcgihash(\%cgiparams);
-
-&read_all_groups;
-&read_acl_groups;
-
-foreach (@groups)
-{
- if ($cgiparams{$_} eq $tr{'advproxy mode deny'}) { $acl{$_}='on'; }
- if ($cgiparams{$_} eq $tr{'advproxy mode allow'}) { $acl{$_}='off'; }
-}
-
-&read_all_groups;
-
-my $is_supervisor=0;
-
-if ((-e $svhosts_file) && (!-z $svhosts_file))
-{
- open (FILE, $svhosts_file);
- while (<FILE>)
- {
- chomp;
- if ($ENV{'REMOTE_ADDR'} eq $_) { $is_supervisor=1; }
- }
- close (FILE);
-
-} else { $is_supervisor=1; }
-
-if (($cgiparams{'ACTION'} eq 'submit') && ($is_supervisor))
-{
- if ( ($cgiparams{'PASSWORD'} eq $proxysettings{'SUPERVISOR_PASSWORD'}) && (!($proxysettings{'SUPERVISOR_PASSWORD'} eq '')) ||
- ((defined($proxysettings{'SUPERVISOR_PASSWORD'})) && ($proxysettings{'SUPERVISOR_PASSWORD'} eq '')))
- {
- &write_acl;
- system("/usr/local/bin/squidctrl restart >/dev/null 2>&1");
- }
-}
-
-&read_acl_groups;
-
-#undef(%cgiparams);
-
-# -------------------------------------------------------------------
-
-print <<END
-Pragma: no-cache
-Cache-control: no-cache
-Connection: close
-Content-type: text/html
-
-<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'>
-<html>
-<head>
-<meta http-equiv='Content-Type' content='text/html; charset=UTF-8'>
-<title>Advanced Proxy - Web Access Manager</title>
-<style type='text/css'>
- a:link { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#ffffff; }
- a:visited { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#ffffff; }
- a:hover { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#000000; }
- a:active { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#000000; }
- a:focus { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#ffffff; }
-</style>
-</head>
-<body bgcolor='#FFFFFF'>
-
-<center>
-
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-
-<table width='720' cellspacing='10' cellpadding='5' border='0'>
-
-<tr>
- <td bgcolor='#C0C0C0' height='20'></td>
-</tr>
-
-<tr>
- <td bgcolor='#F4F4F4' align='center'>
- <table width='100%' cellspacing='10' cellpadding='10' border='0'>
-
- <tr>
- <td nowrap bgcolor='#FFFFFF' align='center'>
- <font face='verdana,arial,helvetica' color='#000000' size='3'>$banner</font>
- </td>
- </tr>
-
-END
-;
-if ($proxysettings{'CLASSROOM_EXT'} eq 'on')
-{
-if (@groups)
-{
-print <<END
- <tr>
- <td>
- <table width='70%' cellspacing='2' cellpadding='2' border='0' align='center'>
- <tr><td><input type='hidden' name='ACTION' value='submit'></td></tr>
- <tr>
-END
-;
-if (($is_supervisor) && ((defined($proxysettings{'SUPERVISOR_PASSWORD'})) && (!($proxysettings{'SUPERVISOR_PASSWORD'} eq ''))))
-{
-print <<END
- <td align='center'>
- <font face='verdana,arial,helvetica' color='#000000' size='2'>$tr{'advproxy supervisor password'}:</font>
- </td>
- <td align='center'><input type='password' name='PASSWORD' size='15'></td>
-END
-;
-}
-print <<END
- </tr>
-
- </table>
-
- <p>
-
-END
-;
- foreach (@groups) {
- if ($is_supervisor)
- {
- print"<table width='65%' cellspacing='2' cellpadding='2' border='0' align='center' rules='groups'>";
- } else {
- print"<table width='50%' cellspacing='2' cellpadding='6' border='0' align='center' rules='groups'>";
- }
- print "<tr>\n";
- if ((defined($acl{$_})) && ($acl{$_} eq 'on'))
- {
- print " <td bgcolor='#D00000' align='center'><font face='verdana,arial,helvetica' color='#FFFFFF' size='2'>$_</font>";
- } else { print " <td bgcolor='#00A000' align='center'><font face='verdana,arial,helvetica' color='#FFFFFF' size='2'>$_</font>"; }
- if ($is_supervisor)
- {
- if ((defined($acl{$_})) && ($acl{$_} eq 'on'))
- {
- print "</td><td width='120' align='center'>";
- print "<input type='submit' name='$_' value=' $tr{'advproxy mode allow'} '>";
- print "</td><td width='16' bgcolor='#D00000'> </td>\n";
- } else {
- print "</td><td width='120' align='center'>";
- print "<input type='submit' name='$_' value=' $tr{'advproxy mode deny'} '>";
- print "</td><td width='16' bgcolor='#00A000'> </td>\n";
- }
- }
- print "</tr>\n";
- print "</table>\n";
- print"<table width='65%' cellspacing='2' cellpadding='2' border='0' align='center'>";
- print "<tr><td></td></tr>\n";
- print "</table>\n";
- }
-
-print <<END
- </td>
- </tr>
-END
-;
-} else {
- print " <tr>\n";
- print " <td align='center'>\n";
- print " <font face='verdana,arial,helvetica' color='#000000' size='2'>$tr{'advproxy no cre groups'}</font>\n";
- print " </td>\n";
- print " </tr>\n";
-}
-} else {
- print " <tr>\n";
- print " <td align='center'>\n";
- print " <font face='verdana,arial,helvetica' color='#000000' size='2'>$tr{'advproxy cre disabled'}</font>\n";
- print " </td>\n";
- print " </tr>\n";
-}
-
-print <<END
-
- </table>
- </td>
-</tr>
-
-
-<tr>
- <td bgcolor='#C0C0C0' align='right'>
- <font face='verdana,arial,helvetica' color='#FFFFFF' size='1'>
- <a href='http://www.advproxy.net' target='_blank'>Advanced Proxy</a> running on
- <a href='http://www.ipcop.org' target='_blank'>IPCop</a>
- </font>
- </td>
-</tr>
-
-</table>
-
-</form>
-
-</center>
-
-</body>
-
-</html>
-END
-;
-
-# -------------------------------------------------------------------
-
-sub readhash
-{
- my $filename = $_[0];
- my $hash = $_[1];
- my ($var, $val);
-
- if (-e $filename)
- {
- open(FILE, $filename) or die "Unable to read file $filename";
- while (<FILE>)
- {
- chop;
- ($var, $val) = split /=/, $_, 2;
- if ($var)
- {
- $val =~ s/^\'//g;
- $val =~ s/\'$//g;
-
- # Untaint variables read from hash
- $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
- $val =~ /([\w\W]*)/; $val = $1;
- $hash->{$var} = $val;
- }
- }
- close FILE;
- }
-}
-
-# -------------------------------------------------------------------
-
-sub getcgihash
-{
- my ($hash, $params) = @_;
- my $cgi = CGI->new ();
- return if ($ENV{'REQUEST_METHOD'} ne 'POST');
- if (!$params->{'wantfile'}) {
- $CGI::DISABLE_UPLOADS = 1;
- $CGI::POST_MAX = 512 * 1024;
- } else {
- $CGI::POST_MAX = 10 * 1024 * 1024;
- }
-
- $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/;
- my $referer = $1;
- $cgi->url() =~ m/^https?\:\/\/([^\/]+)/;
- my $servername = $1;
- return if ($referer ne $servername);
-
- ### Modified for getting multi-vars, split by |
- %temp = $cgi->Vars();
- foreach my $key (keys %temp) {
- $hash->{$key} = $temp{$key};
- $hash->{$key} =~ s/\0/|/g;
- $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/;
- }
-
- if (($params->{'wantfile'})&&($params->{'filevar'})) {
- $hash->{$params->{'filevar'}} = $cgi->upload
- ($params->{'filevar'});
- }
- return;
-}
-
-# -------------------------------------------------------------------
-
-sub read_acl_groups
-{
- undef(%acl);
- open (FILE,"$acl_src_noaccess_ips");
- my @aclgroups = <FILE>;
- close (FILE);
- foreach (@aclgroups)
- {
- chomp;
- if (/^\#/)
- {
- s/^\# //;
- $acl{$_}='on';
- }
- }
-}
-
-# -------------------------------------------------------------------
-
-sub read_all_groups
-{
- my $grpstr;
-
- open (FILE,"$group_def_file");
- @group_defs = <FILE>;
- close (FILE);
-
- undef(@groups);
- foreach (@group_defs)
- {
- chomp;
- if (/^\s*\[.*\]\s*$/)
- {
- $grpstr=$_;
- $grpstr =~ s/^\s*\[\s*//;
- $grpstr =~ s/\s*\]\s*$//;
- push(@groups,$grpstr);
- }
- }
-}
-
-# -------------------------------------------------------------------
-
-sub write_acl
-{
- my $is_blocked=0;
-
- open (FILE_IPS,">$acl_src_noaccess_ips");
- open (FILE_MAC,">$acl_src_noaccess_mac");
- flock (FILE_IPS, 2);
- flock (FILE_MAC, 2);
- foreach (@group_defs)
- {
- if (/^\s*\[.*\]\s*$/)
- {
- s/^\s*\[\s*//;
- s/\s*\]\s*$//;
- if ((defined($acl{$_})) && ($acl{$_} eq 'on'))
- {
- print FILE_IPS "# $_\n";
- print FILE_MAC "# $_\n";
- $is_blocked=1;
- } else { $is_blocked=0; }
- } elsif (($is_blocked) && ($_))
- {
- s/^\s+//g; s/\s+$//g;
- /^[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}$/i ? print FILE_MAC "$_\n" : print FILE_IPS "$_\n";
- }
- }
-
- close (FILE_IPS);
- close (FILE_MAC);
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-use Time::Local;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colouryellow} );
-undef (@dummy);
-
-my %cgiparams=();
-my %checked=();
-my $errormessage = '';
-my $filename = "${General::swroot}/wireless/config";
-my $hostsfile = "${General::swroot}/main/hosts";
-our %dhcpsettings=();
-our %netsettings=();
-
-$cgiparams{'ENABLED'} = 'off';
-$cgiparams{'ACTION'} = '';
-$cgiparams{'VALID'} = '';
-$cgiparams{'SOURCE_IP'} ='';
-$cgiparams{'SOURCE_MAC'} ='';
-$cgiparams{'REMARK'} ='';
-
-&Header::getcgihash(\%cgiparams);
-
-&General::readhash("${General::swroot}/dhcp/settings", \%dhcpsettings);
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-&Header::showhttpheaders();
-
-open(FILE, $filename) or die 'Unable to open config file.';
-my @current = <FILE>;
-close(FILE);
-
-if ($cgiparams{'ACTION'} eq 'add')
-{
-
- if ($cgiparams{'SOURCE_IP'} eq '' && $cgiparams{'SOURCE_MAC'} eq '')
- {
- goto ADDEXIT;
- }
-
- $cgiparams{'SOURCE_MAC'} =~ tr/-/:/;
-
- my $key = 0;
- foreach my $line (@current)
- {
- $key++;
- my @temp = split(/\,/,$line);
-
- if ($temp[1] ne '' && $cgiparams{'SOURCE_IP'} eq $temp[1] && $cgiparams{'EDITING'} ne $key)
- {
- $errormessage = $Lang::tr{'duplicate ip'};
- goto ADDERROR;
- }
- if ($temp[2] ne '' && lc($cgiparams{'SOURCE_MAC'}) eq lc($temp[2]) && $cgiparams{'EDITING'} ne $key)
- {
- $errormessage = $Lang::tr{'duplicate mac'};
- goto ADDERROR;
- }
- }
-
- if ($cgiparams{'SOURCE_IP'} eq '')
- {
- $cgiparams{'SOURCE_IP'} = 'NONE';
- } else {
- unless(&General::validip($cgiparams{'SOURCE_IP'}))
- {
- $errormessage = $Lang::tr{'invalid fixed ip address'};
- goto ADDERROR;
- }
- }
- if ($cgiparams{'SOURCE_MAC'} eq '')
- {
- $cgiparams{'SOURCE_MAC'} = 'NONE';
- } else {
- unless(&General::validmac($cgiparams{'SOURCE_MAC'}))
- {
- $errormessage = $Lang::tr{'invalid fixed mac address'};
- }
- }
-
-ADDERROR:
- if ($errormessage)
- {
- $cgiparams{'SOURCE_MAC'} = '' if $cgiparams{'SOURCE_MAC'} eq 'NONE';
- $cgiparams{'SOURCE_IP'} = '' if $cgiparams{'SOURCE_IP'} eq 'NONE';
- } else {
- if ($cgiparams{'EDITING'} eq 'no') {
- open(FILE,">>$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- print FILE "$key,$cgiparams{'SOURCE_IP'},$cgiparams{'SOURCE_MAC'},$cgiparams{'ENABLED'},$cgiparams{'REMARK'}\n";
- } else {
- open(FILE,">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- my $id = 0;
- foreach my $line (@current)
- {
- $id++;
- if ($cgiparams{'EDITING'} eq $id) {
- print FILE "$id,$cgiparams{'SOURCE_IP'},$cgiparams{'SOURCE_MAC'},$cgiparams{'ENABLED'},$cgiparams{'REMARK'}\n";
- } else { print FILE "$line"; }
- }
- }
- close(FILE);
- undef %cgiparams;
- &General::log($Lang::tr{'wireless config added'});
- system('/usr/local/bin/wirelessctrl');
- }
-ADDEXIT:
-}
-
-if ($cgiparams{'ACTION'} eq 'edit')
-{
- my $id = 0;
- foreach my $line (@current)
- {
- $id++;
- if ($cgiparams{'ID'} eq $id)
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- $cgiparams{'SOURCE_IP'} = $temp[1];
- $cgiparams{'SOURCE_MAC'} = $temp[2];
- $cgiparams{'ENABLED'} = $temp[3];
- $cgiparams{'REMARK'} = $temp[4];
- $cgiparams{'SOURCE_IP'} = '' if $cgiparams{'SOURCE_IP'} eq 'NONE';
- $cgiparams{'SOURCE_MAC'} = '' if $cgiparams{'SOURCE_MAC'} eq 'NONE';
- }
- }
- &General::log($Lang::tr{'wireless config changed'});
- system('/usr/local/bin/wirelessctrl');
-}
-
-if ($cgiparams{'ACTION'} eq 'remove' || $cgiparams{'ACTION'} eq 'toggle')
-{
- my $id = 0;
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- foreach my $line (@current)
- {
- $id++;
- unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }
- elsif ($cgiparams{'ACTION'} eq 'toggle')
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- print FILE "$temp[0],$temp[1],$temp[2],$cgiparams{'ENABLE'},$temp[4]\n";
- }
- }
- close(FILE);
- &General::log($Lang::tr{'wireless config changed'});
- system('/usr/local/bin/wirelessctrl');
-}
-
-
-$checked{'ENABLED'}{'off'} = '';
-$checked{'ENABLED'}{'on'} = '';
-$checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";
-
-
-&Header::openpage($Lang::tr{'wireless configuration'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
-}
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-my $buttontext = $Lang::tr{'add'};
-if ($cgiparams{'ACTION'} eq 'edit') {
- &Header::openbox('100%', 'left', "$Lang::tr{'edit device'}");
- $buttontext = $Lang::tr{'update'};
-} else {
- &Header::openbox('100%', 'left', "$Lang::tr{'add device'}");
-}
-
-print <<END
-<table width='100%'>
-<tr>
-<td width='25%' class='base'>$Lang::tr{'source ip'}: </td>
-<td width='25%' ><input type='text' name='SOURCE_IP' value='$cgiparams{'SOURCE_IP'}' size='25' /></td>
-<td width='25%' class='base' align='right'>$Lang::tr{'enabled'} </td>
-<td width='25%'><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
-</tr>
-<tr>
-<td width='25%' class='base'>$Lang::tr{'source'} $Lang::tr{'mac address'}: </td>
-<td colspan='3'><input type='text' name='SOURCE_MAC' value='$cgiparams{'SOURCE_MAC'}' size='25' /></td>
-</tr>
-<tr>
-<td width='25%' class='base'>$Lang::tr{'remark'}: <img src='/blob.gif' alt='*' /></td>
-<td colspan='3'><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='40' /></td>
-</tr>
-</table>
-<hr />
-<table width='100%'>
-<tr>
- <td class='base' valign='top'><img src='/blob.gif' alt='*' /></td>
- <td width='55%' class='base'>$Lang::tr{'this field may be blank'}</td>
- <td width='40%' align='center'>
- <input type='hidden' name='ACTION' value='add' />
- <input type='submit' name='SUBMIT' value='$buttontext' />
- </td>
- <td width='5%' align='right'> </td>
-</tr>
-</table>
-END
-;
-
-if ($cgiparams{'ACTION'} eq 'edit') {
- print "<input type='hidden' name='EDITING' value='$cgiparams{'ID'}' />\n";
-} else {
- print "<input type='hidden' name='EDITING' value='no' />\n";
-}
-
-&Header::closebox();
-
-print "</form>\n";
-
-&Header::openbox('100%', 'left', "$Lang::tr{'devices on blue'}");
-print <<END
-<div align='center'>
-END
-;
-open (FILE, "$filename");
-my @current = <FILE>;
-close (FILE);
-
-print <<END
-<table width='100%'>
-<tr>
-<td align='center' width='20%'><b>$Lang::tr{'hostname'}</b></td>
-<td align='center' width='20%'><b>$Lang::tr{'source ip'}</b></td>
-<td align='center' width='20%'><b>$Lang::tr{'mac address'}</b></td>
-<td align='center' width='35%'><b>$Lang::tr{'remark'}</b></td>
-<td align='center' colspan='3'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-
-my $id = 0;
-
-open (HOSTFILE, "$hostsfile");
-my @curhosts = <HOSTFILE>;
-close (HOSTFILE);
-
-my $connstate = &Header::connectionstatus();
-my @arp = `/sbin/arp -n`;
-shift @arp;
-
-foreach my $line (@current)
-{
- $id++;
- chomp($line);
- my $gif = "";
- my $gdesc = "";
- my $hname = "";
- my $toggle = "";
- my @temp = split(/\,/,$line);
- my $wirelessid = $temp[0];
- my $sourceip = $temp[1];
- my $sourcemac = $temp[2];
- if ( $sourceip eq 'NONE' ) {
- foreach my $aline ( @arp )
- {
- chomp($aline);
- my @atemp = split( m{\s+}, $aline );
- my $aipaddr = $atemp[0];
- my $amacaddr = lc( $atemp[2] );
- if ( $amacaddr eq $sourcemac ) {
- $sourceip = $aipaddr;
- last;
- }
- }
- }
-
- # SourceIP could now have been set by the ARP probe.
- if ( $sourceip ne 'NONE' ) {
- foreach my $hline (@curhosts)
- {
- chomp($hline);
- my @htemp = split(/\,/,$hline);
- my $hkey = $htemp[0];
- my $hipaddr = $htemp[1];
- my $hostname = $htemp[2];
- my $domainname = $htemp[3];
- if ($sourceip eq $hipaddr) {
- $hname = "$hostname.$domainname";
- last;
- }
- }
- if ( $hname eq "" ) {
- my ($aliases, $addrtype, $length, @addrs);
- ($hname, $aliases, $addrtype, $length, @addrs) =
- gethostbyaddr(pack("C4", split(/\./, $sourceip)), 2);
- }
- }
-
- if ($temp[3] eq 'on') { $gif = 'on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
- else { $gif = 'off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'};}
-
- my $remark = &Header::cleanhtml($temp[4]);
-
- if ($cgiparams{'ACTION'} eq 'edit' && $cgiparams{'ID'} eq $id) {
- print "<tr bgcolor='${Header::colouryellow}'>\n";
- } elsif ($id % 2) {
- print "<tr bgcolor='${Header::table1colour}'>\n";
- } else {
- print "<tr bgcolor='${Header::table2colour}'>\n";
- }
- print "<td align='center'>$hname</td>\n";
- print "<td align='center'>$sourceip</td>\n";
- print "<td align='center'>$sourcemac</td>\n";
- print "<td align='center'>$remark</td>\n";
-print<<END
-<td align='center'>
- <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' />
- <input type='hidden' name='ACTION' value='toggle'}' />
- <input type='hidden' name='ID' value='$id' />
- <input type='hidden' name='ENABLE' value='$toggle' />
- </form>
-</td>
-
-<td align='center'>
- <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='edit' />
- <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
- <input type='hidden' name='ID' value='$id' />
- </form>
-</td>
-
-<td align='center'>
- <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='remove' />
- <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
- <input type='hidden' name='ID' value='$id' />
- </form>
-</td>
-END
- ;
- print "</tr>\n";
-}
-print "</table>\n";
-
-print "</div>\n";
-
-&Header::closebox();
-
-if ( $dhcpsettings{"ENABLE_BLUE"} eq 'on') {
- &printblueleases;
-}
-
-&Header::closebigbox();
-
-&Header::closepage();
-
-sub printblueleases
-{
- our %entries = ();
-
- sub blueleasesort {
- # Sort by IP address
- my $qs ='IPADDR';
- my @a = split(/\./,$entries{$a}->{$qs});
- my @b = split(/\./,$entries{$b}->{$qs});
- ($a[0]<=>$b[0]) ||
- ($a[1]<=>$b[1]) ||
- ($a[2]<=>$b[2]) ||
- ($a[3]<=>$b[3]);
- }
-
- &Header::openbox('100%', 'left', "$Lang::tr{'current dhcp leases on blue'}");
- print <<END
-<table width='100%'>
-<tr>
-<td width='25%' align='center'><b>$Lang::tr{'ip address'}</b></td>
-<td width='25%' align='center'><b>$Lang::tr{'mac address'}</b></td>
-<td width='20%' align='center'><b>$Lang::tr{'hostname'}</b></td>
-<td width='30%' align='center'><b>$Lang::tr{'lease expires'} (local time d/m/y)</b></td>
-</tr>
-END
- ;
-
- my ($ip, $endtime, $ether, $hostname, @record, $record);
- open(LEASES,"/var/state/dhcp/dhcpd.leases") or die "Can't open dhcpd.leases";
- while (my $line = <LEASES>) {
- next if( $line =~ /^\s*#/ );
- chomp($line);
- my @temp = split (' ', $line);
-
- if ($line =~ /^\s*lease/) {
- $ip = $temp[1];
- # All fields are not necessarily read. Clear everything
- $endtime = 0;
- $ether = "";
- $hostname = "";
- } elsif ($line =~ /^\s*ends never;/) {
- $endtime = 'never';
- } elsif ($line =~ /^\s*ends/) {
- $line =~ /(\d+)\/(\d+)\/(\d+) (\d+):(\d+):(\d+)/;
- $endtime = timegm($6, $5, $4, $3, $2 - 1, $1 - 1900);
- } elsif ($line =~ /^\s*hardware ethernet/) {
- $ether = $temp[2];
- $ether =~ s/;//g;
- } elsif ($line =~ /^\s*client-hostname/) {
- shift (@temp);
- $hostname = join (' ',@temp);
- $hostname =~ s/;//g;
- $hostname =~ s/\"//g;
- } elsif ($line eq "}") {
- # Select records in Blue subnet
- if ( &General::IpInSubnet ( $ip,
- $netsettings{"BLUE_NETADDRESS"},
- $netsettings{"BLUE_NETMASK"} ) ) {
- @record = ('IPADDR',$ip,'ENDTIME',$endtime,'ETHER',$ether,'HOSTNAME',$hostname);
- $record = {}; # create a reference to empty hash
- %{$record} = @record; # populate that hash with @record
- $entries{$record->{'IPADDR'}} = $record; # add this to a hash of hashes
- }
- }
- }
- close(LEASES);
-
- my $id = 0;
- foreach my $key (sort blueleasesort keys %entries) {
-
- my $hostname = &Header::cleanhtml($entries{$key}->{HOSTNAME},"y");
-
- if ($id % 2) {
- print "<tr bgcolor='$Header::table2colour'>";
- } else {
- print "<tr bgcolor='$Header::table1colour'>";
- }
-
- print <<END
-<td align='center'>$entries{$key}->{IPADDR}</td>
-<td align='center'>$entries{$key}->{ETHER}</td>
-<td align='center'> $hostname </td>
-<td align='center'>
-END
- ;
-
- if ($entries{$key}->{ENDTIME} eq 'never') {
- print "$Lang::tr{'no time limit'}";
- } else {
- my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $dst);
- ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $dst) = localtime ($entries{$key}->{ENDTIME});
- my $enddate = sprintf ("%02d/%02d/%d %02d:%02d:%02d",$mday,$mon+1,$year+1900,$hour,$min,$sec);
-
- if ($entries{$key}->{ENDTIME} < time() ){
- print "<strike>$enddate</strike>";
- } else {
- print "$enddate";
- }
- }
-
- if ( $hostname eq '' ) {
- $hostname = $Lang::tr{'device'};
- }
-
- print <<END
-<td align='center'>
- <form method='post' name='frmd$id' action='$ENV{'SCRIPT_NAME'}'>
- <input type='hidden' name='ACTION' value='add' />
- <input type='hidden' name='SOURCE_IP' value='' />
- <input type='hidden' name='SOURCE_MAC' value='$entries{$key}->{ETHER}' />
- <input type='hidden' name='REMARK' value='$hostname $Lang::tr{'added from dhcp lease list'}' />
- <input type='hidden' name='ENABLED' value='on' />
- <input type='hidden' name='EDITING' value='no' />
- <input type='image' name='$Lang::tr{'add device'}' src='/images/addblue.gif' alt='$Lang::tr{'add device'}' title='$Lang::tr{'add device'}' />
- </form>
-</td></tr>
-END
- ;
- $id++;
- }
-
- print "</table>";
- &Header::closebox();
-}
-
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-
-# enable only the following on debugging purpose
-#use warnings;
-#use CGI::Carp 'fatalsToBrowser';
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colouryellow} );
-undef (@dummy);
-
-my %cgiparams=();
-my %checked=();
-my %selected=();
-my $errormessage = '';
-my $filename = "${General::swroot}/xtaccess/config";
-my $aliasfile = "${General::swroot}/ethernet/aliases";
-my $changed = 'no';
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-&Header::showhttpheaders();
-
-$cgiparams{'ENABLED'} = 'off';
-$cgiparams{'ACTION'} = '';
-$cgiparams{'SRC'} = '';
-$cgiparams{'DEST_PORT'} = '';
-$cgiparams{'REMARK'} ='';
-&Header::getcgihash(\%cgiparams);
-open(FILE, $filename) or die 'Unable to open config file.';
-my @current = <FILE>;
-close(FILE);
-
-if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
-{
- unless($cgiparams{'PROTOCOL'} =~ /^(tcp|udp)$/) { $errormessage = $Lang::tr{'invalid input'}; }
- unless(&General::validipormask($cgiparams{'SRC'}))
- {
- if ($cgiparams{'SRC'} ne '') {
- $errormessage = $Lang::tr{'source ip bad'}; }
- else {
- $cgiparams{'SRC'} = '0.0.0.0/0'; }
- }
- unless($errormessage){ $errormessage = &General::validportrange($cgiparams{'DEST_PORT'},'dst'); }
- if ( ! $errormessage)
- {
- $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
-
- if($cgiparams{'EDITING'} eq 'no') {
- open(FILE,">>$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";
- } else {
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- my $id = 0;
- foreach my $line (@current)
- {
- $id++;
- if ($cgiparams{'EDITING'} eq $id) {
- print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";
- } else { print FILE "$line"; }
- }
- }
- close(FILE);
- undef %cgiparams;
- $changed = 'yes';
- &General::log($Lang::tr{'external access rule added'});
- system('/usr/local/bin/setxtaccess');
- } else {
- # stay on edit mode if an error occur
- if ($cgiparams{'EDITING'} ne 'no')
- {
- $cgiparams{'ACTION'} = $Lang::tr{'edit'};
- $cgiparams{'ID'} = $cgiparams{'EDITING'};
- }
- }
-}
-if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'})
-{
- my $id = 0;
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- foreach my $line (@current)
- {
- $id++;
- unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }
- }
- close(FILE);
- system('/usr/local/bin/setxtaccess');
- &General::log($Lang::tr{'external access rule removed'});
-}
-if ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'})
-{
- open(FILE, ">$filename") or die 'Unable to open config file.';
- flock FILE, 2;
- my $id = 0;
- foreach my $line (@current)
- {
- $id++;
- unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }
- else
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- print FILE "$temp[0],$temp[1],$temp[2],$cgiparams{'ENABLE'},$temp[4],$temp[5]\n";
- }
- }
- close(FILE);
- system('/usr/local/bin/setxtaccess');
-}
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'})
-{
- my $id = 0;
- foreach my $line (@current)
- {
- $id++;
- if ($cgiparams{'ID'} eq $id)
- {
- chomp($line);
- my @temp = split(/\,/,$line);
- $cgiparams{'PROTOCOL'} = $temp[0];
- $cgiparams{'SRC'} = $temp[1];
- $cgiparams{'DEST_PORT'} = $temp[2];
- $cgiparams{'ENABLED'} = $temp[3];
- $cgiparams{'DEST'} = $temp[4];
- $cgiparams{'REMARK'} = $temp[5];
- }
- }
-}
-
-if ($cgiparams{'ACTION'} eq '')
-{
- $cgiparams{'PROTOCOL'} = 'tcp';
- $cgiparams{'DEST'} = '0.0.0.0';
- $cgiparams{'ENABLED'} = 'on';
-}
-
-$selected{'PROTOCOL'}{'udp'} = '';
-$selected{'PROTOCOL'}{'tcp'} = '';
-$selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = "selected='selected'";
-
-$selected{'DEST'}{$cgiparams{'DEST'}} = "selected='selected'";
-
-$checked{'ENABLED'}{'off'} = '';
-$checked{'ENABLED'}{'on'} = '';
-$checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";
-
-&Header::openpage($Lang::tr{'external access configuration'}, 1, '');
-
-&Header::openbigbox('100%', 'left', '', $errormessage);
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<class name='base'>$errormessage\n";
- print " </class>\n";
- &Header::closebox();
-}
-
-print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
-
-my $buttontext = $Lang::tr{'add'};
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
- &Header::openbox('100%', 'left', $Lang::tr{'edit a rule'});
- $buttontext = $Lang::tr{'update'};
-} else {
- &Header::openbox('100%', 'left', $Lang::tr{'add a new rule'});
-}
-print <<END
-<table width='100%'>
-<tr>
-<td width='10%'>
-<select name='PROTOCOL'>
-<option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
-<option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option>
-</select>
-</td>
-<td class='base'><font color='${Header::colourred}'>$Lang::tr{'source network'}</font></td>
-<td><input type='text' name='SRC' value='$cgiparams{'SRC'}' size='32' /></td>
-<td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination port'}:</font></td>
-<td><input type='text' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
-<td width='10%' class='base'>$Lang::tr{'enabled'}<input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
-<td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination ip'}: </font>
-<select name='DEST'>
-<option value='0.0.0.0' $selected{'DEST'}{'0.0.0.0'}>DEFAULT IP</option>
-END
-;
-
-open(ALIASES, "$aliasfile") or die 'Unable to open aliases file.';
-while (<ALIASES>)
-{
- chomp($_);
- my @temp = split(/\,/,$_);
- if ($temp[1] eq 'on') {
- print "<option value='$temp[0]' $selected{'DEST'}{$temp[0]}>$temp[0]";
- if (defined $temp[2] and ($temp[2] ne '')) { print " ($temp[2])"; }
- print "</option>\n";
- }
-}
-close(ALIASES);
-print <<END
-</select>
-</td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
-<td width ='10%' class='base'>
-<font class='boldbase'>$Lang::tr{'remark'}:</font> <img src='/blob.gif' alt='*' />
-</td>
-<td width='65%'>
-<input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' />
-</td>
-<td width='25%' align='center'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'add'}' />
-<input type='submit' name='SUBMIT' value='$buttontext' />
-</td>
-</tr>
-</table>
-<table width='100%'>
-<tr>
-<td class='base' width='30%'><img src='/blob.gif' alt ='*' align='top' /> <font class='base'>$Lang::tr{'this field may be blank'}</font>
-</td>
-</tr>
-</table>
-END
-;
-if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
- print "<input type='hidden' name='EDITING' value='$cgiparams{'ID'}' />\n";
-} else {
- print "<input type='hidden' name='EDITING' value='no' />\n";
-}
-
-&Header::closebox();
-print "</form>\n";
-
-&Header::openbox('100%', 'left', $Lang::tr{'current rules'});
-print <<END
-<table width='100%'>
-<tr>
-<td width='10%' class='boldbase' align='center'><b>$Lang::tr{'proto'}</b></td>
-<td width='20%' class='boldbase' align='center'><b>$Lang::tr{'source ip'}</b></td>
-<td width='20%' class='boldbase' align='center'><b>$Lang::tr{'destination ip'}</b></td>
-<td width='15%' class='boldbase' align='center'><b>$Lang::tr{'destination port'}</b></td>
-<td width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></td>
-<td width='5%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-
-# If something has happened re-read config
-if($cgiparams{'ACTION'} ne '' or $changed ne 'no')
-{
- open(FILE, $filename) or die 'Unable to open config file.';
- @current = <FILE>;
- close(FILE);
-}
-my $id = 0;
-foreach my $line (@current)
-{
- $id++;
- chomp($line);
- my @temp = split(/\,/,$line);
- my $protocol = '';
- my $gif = '';
- my $gdesc = '';
- my $toggle = '';
- if ($temp[0] eq 'udp') {
- $protocol = 'UDP'; }
- else {
- $protocol = 'TCP' }
- if($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'ID'} eq $id) {
- print "<tr bgcolor='${Header::colouryellow}'>\n"; }
- elsif ($id % 2) {
- print "<tr bgcolor='$color{'color22'}'>\n"; }
- else {
- print "<tr bgcolor='$color{'color20'}'>\n"; }
- if ($temp[3] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
- else { $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; }
- if ($temp[1] eq '0.0.0.0/0') {
- $temp[1] = $Lang::tr{'caps all'}; }
- # catch for 'old-style' rules file - assume default ip if
- # none exists
- if (!&General::validip($temp[4]) || $temp[4] eq '0.0.0.0') {
- $temp[4] = 'DEFAULT IP'; }
- $temp[5] = '' unless defined $temp[5];
-print <<END
-<td align='center'>$protocol</td>
-<td align='center'>$temp[1]</td>
-<td align='center'>$temp[4]</td>
-<td align='center'>$temp[2]</td>
-<td align='left'> $temp[5]</td>
-<td align='center'>
-<form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
-<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' />
-<input type='hidden' name='ID' value='$id' />
-<input type='hidden' name='ENABLE' value='$toggle' />
-<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-</form>
-</td>
-<td align='center'>
-<form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
-<input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' />
-<input type='hidden' name='ID' value='$id' />
-<input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
-</form>
-</td>
-<td align='center'>
-<form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
-<input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
-<input type='hidden' name='ID' value='$id' />
-<input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
-</form>
-</td>
-
-</tr>
-END
- ;
-}
-print "</table>\n";
-
-# If the xt access file contains entries, print Key to action icons
-if ( ! -z "$filename") {
-print <<END
-<table>
-<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>
- <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
-</tr>
-</table>
-END
-;
-}
-
-&Header::closebox();
-
-&Header::closebigbox();
-
-&Header::closepage();
+++ /dev/null
-#!/usr/bin/perl
-
-print "Status: 302 Moved\n";
-print "Location: /cgi-bin/dial/index.cgi\n\n";
+++ /dev/null
-/*
-File Info: utility.js - JavaScript library
-
-Author: Drew S. Dupont
-
-Date: 2/26/2003 - 8/12/2004 (or present day)
-
-Description: Utility functions in JavaScript
- Drew S. Dupont <dsdupont@alumni.indiana.edu>
-*/
-// Show/Hide HTML Span
-function showHideHTML(id, content) {
- // Browser variables
- var ie45, ns6, ns4, dom = false;
-
- // Basic browser parse
- if (navigator.appName == "Microsoft Internet Explorer") {
- ie45 = parseInt(navigator.appVersion) >= 4;
- } else if (navigator.appName == "Netscape") {
- ns6 = parseInt(navigator.appVersion) >= 5;
- ns4 = parseInt(navigator.appVersion) < 5;
- }
- dom = ie45 || ns6;
-
- // Return if using an old Netscape browser
- if(ns4) return;
-
- // Check for type of call supported
- el = document.all ? document.all[id] : dom ? document.getElementById(id) : document.layers[id];
-
- // Check if content to be "switched" is ""
- if (content == "") {
- // Return old content and replace with ""
- content = el.innerHTML;
- el.innerHTML = "";
- } else {
- // Replace current content with new content and return ""
- el.innerHTML = content;
- content = "";
- }
-
- // Return content (either old or "")
- return content;
-}
-
-// Check for special chars
-function checkForSpecialChars(field, alphaStart, specialCheckChars) {
- // Local vars
- var alphaStartChars = /^[a-zA-Z]/;
- var noSpecialChars = /([^a-zA-Z0-9 _,?!':;\r\t\n\/\\\-\.#@]+)/;
-
- // Check if should start with an alpha char
- if (alphaStart) {
- // Make sure starts with a alpha char
- if (alphaStartChars.test(field.value)) {
- // Check for special chars
- if (noSpecialChars.test(field.value)) {
- // Return true
- return true;
- } else {
- // Check for specialCheckChars
- if (specialCheckChars && (specialCheckChars.test(field.value))) {
- // Return true
- return true;
- } else {
- // Return false
- return false;
- }
- }
- } else {
- // Return true
- return true;
- }
- } else {
- // Check if contains any special chars
- if (noSpecialChars.test(field.value)) {
- // Return true
- return true;
- } else {
- // Check for specialCheckChars
- if (specialCheckChars && (specialCheckChars.test(field.value))) {
- // Return true
- return true;
- } else {
- // Return false
- return false;
- }
- }
- }
-} // End checkForSpecialChars
-
-// Launch help
-function launchHelp(helpSrc) {
- helpWindow = window.open(helpSrc, "helpWindow", "resizable=yes,menubar=no,statusbar=no,titlebar=no,scrollbars=yes,width=400,height=400")
- helpWindow.moveTo(25, 25);
- helpWindow.focus();
-}
-
-// Image On
-function imageOn(imageName) {
- document[imageName].src = eval(imageName + "_over.src");
-}
-
-// Image Off
-function imageOff(imageName) {
- document[imageName].src = eval(imageName + ".src");
-}
-
-// Image Down
-function imageDown(imageName) {
- document[imageName].src = eval(imageName + "_down.src");
-}
-
-// Image button On
-function imageButtonOn(item, imageName) {
- item.src = eval(imageName + "_over.src");
-}
-
-// Image button Off
-function imageButtonOff(item, imageName) {
- item.src = eval(imageName + ".src");
-}
-
-// Image button Down
-function imageButtonDown(item, imageName) {
- item.src = eval(imageName + "_down.src");
-}
-
-// changeStatus
-function changeStatus(message) {
- // Set window status
- window.status = message;
-
- // Return true
- return true;
-} // End changeStatus
-
-// isNumeric function
-function isNumeric(num) {
- // Boolean var
- var bolValidNum = true;
- var digits = "1234567890";
- var len = num.length;
-
- // Loop over num
- for (i = 0; i < len; ++i) {
- numSub = num.substring(i, i + 1);
-
- // Test for numeric match
- if (digits.indexOf(numSub) == -1) {
- bolValidNum = false;
- }
- }
-
- // Return boolean var
- return bolValidNum;
-} // End isNumeric
-
-// Check for numeric and display nice error
-function checkNumeric(field, message) {
- // Is it valid
- if (!isNumeric(field.value)) {
- alert(message);
- field.focus();
- }
-} // End checkNumeric
-
-// Function getInt which return numeric value of passed in string
-function getInt(str, i, minlength, maxlength) {
- for (x = maxlength; x >= minlength; --x) {
- var token = str.substring(i, i + x);
-
- // Check for numeric
- if (isNumeric(token)) {
- return token;
- }
- }
-
- // Return null
- return null;
-}
-
-// Function dateCheck, requires global err variable for passing error messages
-// and requires the isNumeric function
-function dateCheck(date, humanname, dateFormat) {
- // Date validation
- var date_s = date;
-
- // If no dateFormat, then set one
- if (dateFormat == null) {
- format = "mm/dd/yyyy";
- } else {
- format = dateFormat;
- }
-
- var date_err = 0; // Possible values are 0, 1
- var date_year_err = 0; // Possible values are 0, 1
- var date_month_err = 0; // Possible values are 1-12
- var date_day_err = 0; // Possible values are 0, 1, 2, 3, 4
- var i_date_s = 0;
- var i_format = 0;
- var err = "";
- var c = "";
- var token = "";
- var token2 = "";
- var x, y;
- var year = 0;
- var month = 0;
- var date = 0;
- var bYearProvided = false;
- var MONTH_NAMES = new Array('January','February','March','April','May','June','July','August','September','October','November','December','Jan','Feb','Mar','Apr','May','Jun','Jul','Aug','Sep','Oct','Nov','Dec');
-
- // Trim the leading spaces from the string
- while (date_s.charAt(0) == ' ') {
- date_s = date_s.slice(1);
- }
-
- while (i_format < format.length) {
- // Get next token from format string
- c = format.charAt(i_format);
- token = "";
-
- while ((format.charAt(i_format) == c) && (i_format < format.length)) {
- token += format.charAt(i_format);
- ++i_format;
- }
-
- // Extract contents of value based on format token
- if ((token == "yyyy") || (token == "yy") || (token == "y")) {
- if (token == "yyyy") { x = 4; y = 4; } // 4-digit year
- if (token == "yy") { x = 2; y = 2; } // 2-digit year
- if (token == "y") { x = 2; y = 4; } // 2-or-4-digit year
-
- year = getInt(date_s, i_date_s, x, y);
- bYearProvided = true;
-
- if ((year == null) || (year.length != token.length)) {
- date_year_err = 1;
- }
-
- i_date_s += year.length;
- } else {
- if (token == "mmm") { // Month name
- month = 0;
-
- for (var i = 0; i < MONTH_NAMES.length; ++i) {
- var month_name = MONTH_NAMES[i];
-
- if (date_s.substring(i_date_s, (i_date_s + month_name.length)).toLowerCase() == month_name.toLowerCase()) {
- month = i + 1;
-
- if (month > 12) {
- month -= 12;
- }
-
- i_date_s += month_name.length;
- break;
- }
- }
-
- if ((month == 0) || (month < 1) || (month > 12)) {
- date_month_err = 1;
- }
- } else {
- if ((token == "mm") || (token == "m")) {
- x = token.length; y = 2;
- month = getInt(date_s, i_date_s, x, y);
-
- if ((month == null) || (month < 1) || (month > 12)) {
- date_month_err = 1;
- }
-
- i_date_s += month.length;
- } else {
- if (token=="dd" || token=="d") {
- x = token.length; y = 2;
- date = getInt(date_s, i_date_s, x, y);
-
- if ((date == null) || (date < 1) || (date > 31)) {
- date_day_err = 1;
- }
-
- i_date_s += date.length;
- } else {
- if (date_s.substring(i_date_s, (i_date_s + token.length)) != token) {
- date_err = 1;
- } else {
- i_date_s += token.length;
- }
- }
- }
- }
- }
- }
-
- // If there are any trailing characters left in the date_s, it doesn't match
- if (i_date_s != date_s.length) {
- date_err = 1;
- }
-
- // Is date valid for month?
- if ((month == 4) || (month == 6) || (month == 9) || (month == 11)) {
- if (date > 30) {
- date_day_err = 2;
- }
- } else {
- if (month == 2) {
- // Check for leap year
- if ((((year % 4) == 0) && ((year % 100) != 0)) || ((year % 400) == 0)) {
- // Leap year
- if (date > 29) {
- date_day_err = 3
- }
- } else {
- if (date > 28) {
- date_day_err = 4;
- }
- }
- } else {
- if (date > 31) {
- date_day_err = 1;
- }
- }
- }
-
- // Add to the error message, if needed
- if (date_err != 0) {
- err += "\n - The " + humanname + " must be a valid date in the format " + format + ".";
- }
-
- // Add to the error message, if needed
- if (date_month_err != 0) {
- err += "\n - The month must be between 1-12.";
- }
-
- // Add to the error message, if needed
- if (date_year_err != 0) {
- err += "\n - The " + humanname + " must have a valid year.";
- }
-
- // Add to the error message, if needed
- if (date_day_err != 0) {
- switch (date_day_err) {
- case 1:
- err += "\n - The month you entered in the " + humanname + " can only have between 1 and 31 days.";
- break;
- case 2:
- err += "\n - The month you entered in the " + humanname + " can only have between 1 and 30 days.";
- break;
- case 3:
- err += "\n - The month you entered in the " + humanname + " can only have between 1 and 29 days in a Leap Year.";
- break;
- default:
- err += "\n - The month you entered in the " + humanname + " can only have between 1 and 28 days in a non-Leap Year.";
- break;
- }
- }
-
- return err;
-} // End dateCheck
-
-// Compares two MM/DD/YYY dates for less than (-1), equal to (0), or
-// greater than (1)
-function dateCompare(date1, date2) {
- var localDate1 = new Date(date1.substring(6,10), date1.substring(0,2), date1.substring(3,5));
- var localDate2 = new Date(date2.substring(6,10), date2.substring(0,2), date2.substring(3,5));
-
- // Greater than
- if (localDate1.getTime() > localDate2.getTime()) {
- return 1;
- } else {
- // Less than
- if (localDate1.getTime() < localDate2.getTime()) {
- return -1;
- } else {
- // Equal
- return 0;
- }
- }
-} // End dateCompare
-
-// All-purpose form validation script
-function checkForm(dataForm) {
- var msg = "";
- var stripBlanksStart = /^\s+/g;
- var stripBlanksEnd = /\s+$/g;
- var squeezeBlanks = /\s+/g;
- var stripNonNumbers = /\D+/g;
- var stripNotDollars = /[^0-9\.]/g;
- var noSpaces = /\s+/g;
- var allNumbers = /^\d+$/;
- var zipCodeCheck = /^(\d{5})$|^(\d{5}-\d{4})$/;
- var passwordNumbers = /\d{1,}/;
- var passwordLetters = /\D{1,}/;
- var emailPattern = /^[a-zA-Z0-9]([a-zA-Z0-9_\-\.]*)@([a-zA-Z0-9_\-\.]*)(\.[a-zA-Z]{2,3}(\.[a-zA-Z]{2}){0,2})$/i;
- var replaceSeps = /[-,\.\/]/g;
- var time24Format = /^(([0-1]?\d)|(2[0-3])):[0-5]\d(:([0-5]\d))?/;
- var time12Format = /^(\d|0\d|1[0-2]):[0-5]\d(:[0-5]\d)?( (A|P)\.?M\.?)?/;
- var ipNetworkAddress = /^((\d{1,2}|[1]\d{2}|2[0-4]\d|25[0-5])(\.(\d{1,2}|[1]\d{2}|2[0-4]\d|25[0-5])){3}){1}((\/(0\.0\.0\.0|128\.0\.0\.0|192\.0\.0\.0|224\.0\.0\.0|240\.0\.0\.0|248\.0\.0\.0|252\.0\.0\.0|254\.0\.0\.0|(255\.(0\.0\.0|128\.0\.0|192\.0\.0|224\.0\.0|240\.0\.0|248\.0\.0|252\.0\.0|254\.0\.0|(255\.(0\.0|128\.0|192\.0|224\.0|240\.0|248\.0|252\.0|254\.0|(255\.(0|128|192|224|240|248|252|254|255))))))))|(\/(\d|[1-2]\d|3[0-2]))){0,1}$/;
- var ipNetworkPort = /^(\d{1,4}|[1-5]\d{4}|6[0-4]\d{3}|65[0-4]\d{2}|655[0-2]\d|6553[0-5]){1}((\:|\-)(\d{1,4}|[1-5]\d{4}|6[0-4]\d{3}|65[0-4]\d{2}|655[0-2]\d|6553[0-5])){0,1}$/;
- var passwordLength = 6;
- var error_fields = "";
- var errors = "";
-
- // Loop over form elements
- for (var i = 0; i < dataForm.length; ++i) {
- var element = dataForm.elements[i];
-
- // Check for select box
- if (element.selectbox) {
- // Check for required
- if (element.required) {
- // Check for value
- if (element.options[element.selectedIndex].value == "") {
- error_fields += "\n - " + element.humanname + " requires a selection.";
- }
- }
- continue;
- }
-
- // Strip the leading and trailing blanks
- element.value = element.value.replace(stripBlanksStart, '');
- element.value = element.value.replace(stripBlanksEnd, '');
-
- // If it is required and is empty, alert
- if (element.required && (!element.value.length)) {
- error_fields += "\n - " + element.humanname + " is required.";
- continue;
- } else {
- // If it isn't required and doesn't have any length, skip it
- if ((! element.required) && (! element.value.length)) {
- continue;
- }
- }
-
- // Check for special characters
- if (element.checkspecialchars) {
- if (checkForSpecialChars(element, element.alphaStart, element.specialChars)) {
- error_fields += "\n - " + element.humanname + " contains invalid characters.";
- continue;
- }
- }
-
- // Convert to uppercase if necessary
- if (element.uppercase) {
- element.value = element.value.toUpperCase();
- }
-
- // Convert to uppercase if necessary
- if (element.lowercase) {
- element.value = element.value.toLowerCase();
- }
-
- // UCFirst if necessary
- if (element.ucfirst) {
- // Squeeze the blanks
- rs = element.value.replace(squeezeBlanks, ' ');
- dsegs = rs.split(' ');
- element.value = "";
-
- // Loop over chars
- for (j = 0; j < dsegs.length; ++j) {
- if (dsegs[j].length > 1) {
- fl = dsegs[j].substr(0, 1);
- fl = fl.toUpperCase();
- rn = dsegs[j].substr(1);
- rn = rn.toLowerCase();
- dsegs[j] = fl + rn;
- }
-
- // Check for first value
- element.value = j ? element.value + ' ' + dsegs[j] : dsegs[j];
- }
- }
-
- // Check for equality test
- if (element.equalto) {
- // Check for truevalue and use if found, otherwise use value
- var elementValue1 = element.truevalue ? element.truevalue : element.value;
- var elementValue2 = element.equaltovalue.truevalue ? element.equaltovalue.truevalue : element.equaltovalue.value;
-
- // Check for value equality
- if (elementValue1 != elementValue2) {
- error_fields +="\n - " + element.humanname + " is not the same as " + element.equaltovalue.humanname;
- continue;
- }
- }
-
- // Check for less than
- if (element.lessthan) {
- // Check for truevalue and use if found, otherwise use value
- var elementValue1 = element.truevalue ? element.truevalue : element.value;
- var elementValue2 = element.lessthanvalue.truevalue ? element.lessthanvalue.truevalue : element.lessthanvalue.value;
-
- // Check for values
- if ((elementValue1 != '') && (elementValue2 != '')) {
- // Check for value less than
- if (elementValue1 >= elementValue2) {
- error_fields +="\n - " + element.humanname + " must be less than " + element.lessthanvalue.humanname;
- continue;
- }
- }
- }
-
- // Check for less than equalto
- if (element.lessthanequalto) {
- // Check for truevalue and use if found, otherwise use value
- var elementValue1 = element.truevalue ? element.truevalue : element.value;
- var elementValue2 = element.lessthanequaltovalue.truevalue ? element.lessthanequaltovalue.truevalue : element.lessthanequaltovalue.value;
-
- // Check for values
- if ((elementValue1 != '') && (elementValue2 != '')) {
- // Check for value less than equalto
- if (elementValue1 > elementValue2) {
- error_fields +="\n - " + element.humanname + " must be less than or equal to " + element.lessthanequaltovalue.humanname;
- continue;
- }
- }
- }
-
- // Check for greater than
- if (element.greaterthan) {
- // Check for truevalue and use if found, otherwise use value
- var elementValue1 = element.truevalue ? element.truevalue : element.value;
- var elementValue2 = element.greaterthanvalue.truevalue ? element.greaterthanvalue.truevalue : element.greaterthanvalue.value;
-
- // Check for values
- if ((elementValue1 != '') && (elementValue2 != '')) {
- // Check for value greater than
- if (elementValue1 <= elementValue2) {
- error_fields +="\n - " + element.humanname + " must be greater than " + element.greaterthanvalue.humanname;
- continue;
- }
- }
- }
-
- // Check for greater than equalto
- if (element.greaterthanequalto) {
- // Check for truevalue and use if found, otherwise use value
- var elementValue1 = element.truevalue ? element.truevalue : element.value;
- var elementValue2 = element.greaterthanequaltovalue.truevalue ? element.greaterthanequaltovalue.truevalue : element.greaterthanequaltovalue.value;
-
- // Check for values
- if ((elementValue1 != '') && (elementValue2 != '')) {
- // Check for value greater than equalto
- if (elementValue1 < elementValue2) {
- error_fields +="\n - " + element.humanname + " must be greater than or equal to " + element.greaterthanequaltovalue.humanname;
- continue;
- }
- }
- }
-
- // Check a price (sort of)
- if (element.price) {
- // Strip out currency stuff
- element.value = element.value.replace(stripNotDollars, '');
- continue;
- }
-
- // Check a telephone number
- if (element.telephone) {
- // Strip out parens and spaces
- rs = element.value.replace(stripNonNumbers, '');
-
- if (rs.length == 7) {
- element.value = rs.substr(0, 3) + "-" + rs.substr(3, 4);
- } else {
- if (rs.length == 10) {
- element.value = rs.substr(0, 3) + "-" + rs.substr(3, 3) + "-" + rs.substr(6, 4);
- } else {
- error_fields += "\n - " + element.humanname + " is an invalid telephone number.";
- }
- }
- continue;
- }
-
- // Check a zip code
- if (element.zipcode) {
- if (!zipCodeCheck.test(element.value)) {
- error_fields +="\n - " + element.humanname + " is an invalid zipcode.";
- }
- continue;
- }
-
- // Check a password (sort of)
- if (element.password) {
- if (element.value.length < passwordLength) {
- error_fields += "\n - " + element.humanname + " is too short";
- error_fields += "\n Minimum length is " + passwordLength + " characters.";
- continue;
- }
-
- if (!passwordNumbers.test(element.value)) {
- error_fields += "\n - " + element.humanname + " must contain at least one number.";
- continue;
- }
-
- if (!passwordLetters.test(element.value)) {
- error_fields += "\n - " + element.humanname + " must contain at least one letter.";
- continue;
- }
- }
-
- // Check for all numbers
- if (element.numeric) {
- if (!allNumbers.test(element.value)) {
- error_fields += "\n - " + element.humanname + " is not numeric.";
- }
- continue;
- }
-
- // Check an email address for validity
- if (element.email) {
- element.value = element.value.replace(noSpaces, '');
-
- if (!emailPattern.test(element.value)) {
- error_fields += "\n - " + element.humanname + " is not a valid email address.";
- }
- continue;
- }
-
- // Check a date
- if (element.date) {
- error_fields += dateCheck(element.value, element.humanname, element.format);
- continue;
- }
-
- // Check a time
- if (element.time) {
- // Check for 24 hour time
- if (element.time24) {
- // Check for valid
- if (!time24Format.test(element.value)) {
- error_fields += "\n - " + element.humanname + " is not a valid 24 hour time.";
- }
- } else {
- // Check for valid
- if (!time12Format.test(element.value)) {
- error_fields += "\n - " + element.humanname + " is not a valid 12 hour time.";
- }
- }
- continue;
- }
-
- // Check the lengths
- if (element.minlen && (element.value.length < element.minlen)) {
- error_fields += "\n - " + element.humanname + " is too short";
- error_fields += "\n Minimum length is " + element.minlen + " characters.";
- continue;
- }
-
- if (element.maxlen && (element.value.length > element.maxlen)) {
- error_fields +="\n - " + element.humanname + " is too long";
- error_fields +="\n Maximum length is " + element.maxlen + " characters.";
- continue;
- }
-
- // Check for ip/network address
- if (element.ipnetworkaddress) {
- if (!ipNetworkAddress.test(element.value)) {
- error_fields +="\n - " + element.humanname + " is not a valid ip/network address";
- }
- continue;
- }
-
- // Check for ip/network port
- if (element.ipnetworkport) {
- if (!ipNetworkPort.test(element.value)) {
- error_fields +="\n - " + element.humanname + " is not a valid ip/network port";
- } else {
- var searchChar = "";
- var portArray = "";
-
- if (element.value.indexOf(":") > -1) {
- searchChar = ":";
- } else if (element.value.indexOf("-") > -1) {
- searchChar = "-";
- }
-
- if (searchChar != '') {
- portArray = element.value.split(searchChar);
-
- if (portArray.length == 2) {
- if (parseInt(portArray[0]) > parseInt(portArray[1])) {
- error_fields +="\n - " + element.humanname + " can not have a start port greater than an end port";
- }
- }
- }
- }
- continue;
- }
- }
-
- // Check for any errors
- if (error_fields == "") {
- return true;
- } else {
- msg = "The following fields have errors:\n";
- msg += error_fields;
- alert(msg);
- return false;
- }
-}
-
-// Clear data
-function clearData(field, data) {
- // Check if they equal
- if (field.value == data) {
- // Clear data
- field.value = '';
- }
-}
-
-// Set empty data
-function setEmptyData(field, data) {
- // Check if they equal
- if (! field.value.length) {
- // Clear data
- field.value = data;
- }
-}
-
-// Trim whitespace from beginning and end
-function trim(data) {
- var objRegExp = /^(\s*)$/;
-
- // Check for all spaces
- if (objRegExp.test(data)) {
- data = data.replace(objRegExp, '');
-
- if (data.length == 0)
- return data;
- }
-
- // Check for leading & trailing spaces
- objRegExp = /^(\s*)([\W\w]*)(\b\s*$)/;
-
- if (objRegExp.test(data)) {
- // Remove leading and trailing whitespace characters
- data = data.replace(objRegExp, '$2');
- }
-
- return data;
-}
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-print "Status: 302 Moved\n";
-print "Location: /cgi-bin/index.cgi\n\n";
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use CGI qw(param);
-
-$swroot="/var/ipfire";
-
-my %netsettings;
-my %filtersettings;
-
-&readhash("$swroot/ethernet/settings", \%netsettings);
-&readhash("$swroot/urlfilter/settings", \%filtersettings);
-
-$category=param("category");
-$url=param("url");
-$ip=param("ip");
-
-if ($filtersettings{'MSG_TEXT_1'} eq '') {
- $msgtext1 = "A C C E S S D E N I E D";
-} else { $msgtext1 = $filtersettings{'MSG_TEXT_1'}; }
-if ($filtersettings{'MSG_TEXT_2'} eq '') {
- $msgtext2 = "Access to the requested page has been denied";
-} else { $msgtext2 = $filtersettings{'MSG_TEXT_2'}; }
-if ($filtersettings{'MSG_TEXT_3'} eq '') {
- $msgtext3 = "Please contact the Network Administrator if you think there has been an error";
-} else { $msgtext3 = $filtersettings{'MSG_TEXT_3'}; }
-
-if ($category eq '') { $category = ' '; } else { $category = '['.$category.']'; }
-
-print "Pragma: no-cache\n";
-print "Cache-control: no-cache\n";
-print "Connection: close\n";
-print "Content-type: text/html\n\n";
-
-print <<END
-
-<html>
-<head>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<title>ACCESS MESSAGE</title>
-</head>
-
-<body>
-<table width="100%" height='100%' border="0">
-<tr>
- <td colspan='3' width='100%' height='130' align="center" background="http://$netsettings{'GREEN_ADDRESS'}:81/images/background.gif">
-<tr> <td width='10%'><td align='center' bgcolor='#CC000000' width='80%'><font face="verdana, arial, sans serif" color="#FFFFFF" size="5">
- <b>$msgtext1</b>
- </font>
- <td width='10%'>
-END
-;
-
-if (!($category eq ""))
-{
- print <<END
- <tr> <td colspan='3' align='center'>
- <font face="verdana, arial, sans serif" color="#CC000000" size="1">
- <b>$category</b>
- </font>
-END
-;
-}
-print <<END
-<tr>
- <td colspan='3' align="center">
- <font face="verdana, arial, sans serif" color="#000000" size="4">
- <b>$msgtext2</b>
- </font>
- <font face="verdana,arial,sans serif" color="#000000" size="2">
-END
-;
-
-if (!($url eq ""))
-{
-print <<END
- <p>URL: <a href="$url">$url</a>
-END
-;
-}
-
-if (!($ip eq ""))
-{
-print <<END
- <p>Client IP address: <i>$ip</i>
-END
-;
-}
-
-print <<END
- <br><p>$msgtext3
- </font>
-
-<tr>
- <td colspan='3' height='60%' valign="bottom" align="right">
- <font face="verdana,arial,sans serif" color="#656565" size="1">Web Filtering by
- </font>
- <a href="http://www.ipfire.eu" target="_blank"><b>
- <font face="verdana,arial,sans serif" color="#656565" size="1">IPFire</b></a>
- </font>
-
-</table>
-</body>
-
-</html>
-END
-;
-
-sub readhash
-{
- my $filename = $_[0];
- my $hash = $_[1];
- my ($var, $val);
-
- if (-e $filename)
- {
- open(FILE, $filename) or die "Unable to read file $filename";
- while (<FILE>)
- {
- chop;
- ($var, $val) = split /=/, $_, 2;
- if ($var)
- {
- $val =~ s/^\'//g;
- $val =~ s/\'$//g;
-
- # Untaint variables read from hash
- $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
- $val =~ /([\w\W]*)/; $val = $1;
- $hash->{$var} = $val;
- }
- }
- close FILE;
- }
-}
+++ /dev/null
-color1=#CD5B45
-color2=#EE6A50
-color3=#FF7256
-color4=#EE9572
-color5=#FFA07A
-color6=#CDAF95
-color7=#EECBAD
-color8=#FFDAB9
-color9=#FFE4C4
-color10=#FFCCCC
-color11=#0000FF
-color12=#00FF00
-color13=#FF0000
-color14=#FFD700
-color15=#CCCCCC
-color16=#40E0D0
-color17=#90EE90
-color18=#F4A460
-color19=#EAE9EE
-color20=#D6D6D6
-color21=#FFFFFF
-color22=#F0F0F0
-color23=#FF00FF
-color24=#6464FF
-color25=#FF6464
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-sub showmenu() {
- print <<EOF
- <div id="menu">
- <ul>
-EOF
-;
- foreach my $k1 ( sort keys %$menu ) {
- if (! $menu->{$k1}{'enabled'}) {
- next;
- }
- my $link = getlink($menu->{$k1});
- if ($link eq '') {
- next;
- }
- if (! is_menu_visible($link)) {
- next;
- }
- if ($menu->{$k1}->{'selected'}) {
- print "<li><a href=\"$link\" class=\"active\">$menu->{$k1}{'caption'}</a></li>";
- } else {
- print "<li><a href=\"$link\">$menu->{$k1}{'caption'}</a></li>";
- }
- }
- print <<EOF
- </ul>
- </div>
-EOF
-;
-}
-
-sub getselected($) {
- my $root = shift;
- if (!$root) {
- return 0;
- }
-
- foreach my $item (%$root) {
- if ($root->{$item}{'selected'}) {
- return $root->{$item};
- }
- }
-}
-
-sub showsubsection($$) {
- my $root = shift;
-
- if (! $root) {
- return;
- }
- my $selected = getselected($root);
- if (! $selected) {
- return;
- }
- my $submenus = $selected->{'subMenu'};
- if (! $submenus) {
- return;
- }
-
- print <<EOF
- <h4><span>Side</span>menu</h4>
- <ul class="links">
-EOF
-;
- foreach my $item (sort keys %$submenus) {
- my $hash = $submenus->{$item};
- if (! $hash->{'enabled'}) {
- next;
- }
- my $link = getlink($hash);
- if ($link eq '') {
- next;
- }
- if (! is_menu_visible($link)) {
- next;
- }
- if ($hash->{'selected'}) {
- print '<li class="selected">';
- } else {
- print '<li>';
- }
-
- print "<a href=\"$link\">$hash->{'caption'}</a></li>";
- }
-
- print <<EOF
- </ul>
-EOF
-;
-}
-
-
-sub showsubsubsection($) {
- my $root = shift;
- if (!$root) {
- return;
- }
- my $selected = getselected($root);
- if (! $selected) {
- return
- }
- if (! $selected->{'subMenu'}) {
- return
- }
-
- showsubsection($selected->{'subMenu'}, 'menu-subtop');
-}
-
-sub openpage {
- my $title = shift;
- my $boh = shift;
- my $extrahead = shift;
-
- @URI=split ('\?', $ENV{'REQUEST_URI'} );
- &General::readhash("${swroot}/main/settings", \%settings);
- &genmenu();
-
- my $h2 = gettitle($menu);
-
- $title = "IPFire - $title";
- if ($settings{'WINDOWWITHHOSTNAME'} eq 'on') {
- $title = "$settings{'HOSTNAME'}.$settings{'DOMAINNAME'} - $title";
- }
-
- print <<END
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-
-<html>
- <head>
- <title>$title</title>
-
- $extrahead
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
-END
-;
- if ($settings{'FX'} ne 'off') {
- print <<END
- <meta http-equiv="Page-Enter" content="blendTrans(Duration=0.5,Transition=12)" />
- <meta http-equiv="Page-Exit" content="blendTrans(Duration=0.5,Transition=12)" />
-END
-;
- }
- print <<END
- <link rel="shortcut icon" href="/favicon.ico" />
- <link rel="stylesheet" type="text/css" href="/themes/ipfire/include/style.css" />
- <script language="javascript" type="text/javascript">
-
- function swapVisibility(id) {
- el = document.getElementById(id);
- if(el.style.display != 'block') {
- el.style.display = 'block'
- }
- else {
- el.style.display = 'none'
- }
- }
- </script>
-END
-;
-if ($settings{'SPEED'} ne 'off') {
-print <<END
- <script type="text/javascript" language="javascript">
-
- var http_request = false;
-
- function LoadInetInfo(url) {
-
- http_request = false;
-
- if (window.XMLHttpRequest) { // Mozilla, Safari,...
- http_request = new XMLHttpRequest();
- if (http_request.overrideMimeType) {
- http_request.overrideMimeType('text/xml');
- // zu dieser Zeile siehe weiter unten
- }
- } else if (window.ActiveXObject) { // IE
- try {
- http_request = new ActiveXObject("Msxml2.XMLHTTP");
- } catch (e) {
- try {
- http_request = new ActiveXObject("Microsoft.XMLHTTP");
- } catch (e) {}
- }
- }
-
- if (!http_request) {
- alert('Ende :( Kann keine XMLHTTP-Instanz erzeugen');
- return false;
- }
- http_request.onreadystatechange = DisplayInetInfo;
- http_request.open('GET', url, true);
- http_request.send(null);
-
- }
-
- function DisplayInetInfo() {
- if (http_request.readyState == 4) {
- var xmldoc = http_request.responseXML;
- var root1_node = xmldoc.getElementsByTagName('rx_kbs').item(0);
- var root2_node = xmldoc.getElementsByTagName('tx_kbs').item(0);
- var root3_node = xmldoc.getElementsByTagName('rxb').item(0);
- var root4_node = xmldoc.getElementsByTagName('txb').item(0);
-
- document.forms['speed'].txkb.value = root1_node.firstChild.data;
- document.forms['speed'].rxkb.value = root2_node.firstChild.data;
-
- // document.getElementsByTagName("input")[0].style.color = "#00FF00";
- url = "/cgi-bin/speed.cgi?rxb_last=" + root3_node.firstChild.data + "&txb_last=" + root4_node.firstChild.data;
-
- window.setTimeout("LoadInetInfo(url)", 3000);
- }
-
- }
- </script>
- </head>
- <body onLoad="LoadInetInfo('/cgi-bin/speed.cgi')">
-END
-;
-}
-else {
-print "</head><body>";}
-print <<END
-<!-- IPFIRE HEADER -->
-
-<div id="header">
-
- <div id="header_inner" class="fixed">
-
- <div id="logo">
-END
-;
- if ($settings{'WINDOWWITHHOSTNAME'} eq 'on') {
- print "<h1><span>$settings{'HOSTNAME'}.$settings{'DOMAINNAME'}</span></h1><br />";
- } else {
- print "<h1><span>IPFire</span></h1><br />";
- }
- print <<END
- <h2>$h2</h2>
- </div>
-
-END
-;
- &showmenu();
-
-print <<END
- </div>
-</div>
-
-<div id="main">
- <div id="main_inner" class="fixed">
- <div id="primaryContent_2columns">
- <div id="columnA_2columns">
-END
-;
-}
-
-sub openpagewithoutmenu {
- my $title = shift;
- my $boh = shift;
- my $extrahead = shift;
-
- @URI=split ('\?', $ENV{'REQUEST_URI'} );
- &General::readhash("${swroot}/main/settings", \%settings);
- &genmenu();
-
- my $h2 = gettitle($menu);
-
- $title = "IPFire - $title";
- if ($settings{'WINDOWWITHHOSTNAME'} eq 'on') {
- $title = "$settings{'HOSTNAME'}.$settings{'DOMAINNAME'} - $title";
- }
-
- print <<END
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-
-<html>
- <head>
- <title>$title</title>
-
- $extrahead
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
-END
-;
- if ($settings{'FX'} ne 'off') {
- print <<END
- <meta http-equiv="Page-Enter" content="blendTrans(Duration=0.5,Transition=12)" />
- <meta http-equiv="Page-Exit" content="blendTrans(Duration=0.5,Transition=12)" />
-END
-;
- }
- print <<END
- <link rel="shortcut icon" href="/favicon.ico" />
- <link rel="stylesheet" type="text/css" href="/include/style.css" />
- <script language="javascript" type="text/javascript">
-
- function swapVisibility(id) {
- el = document.getElementById(id);
- if(el.style.display != 'block') {
- el.style.display = 'block'
- }
- else {
- el.style.display = 'none'
- }
- }
- </script>
-
- </head>
- <body>
-<!-- IPFIRE HEADER -->
-
-<div id="header">
-
- <div id="header_inner" class="fixed">
-
- <div id="logo">
- <h1><span>IPFire</span></h1>
- <h2>$h2</h2>
- </div>
- </div>
-</div>
-
-<div id="main">
- <div id="main_inner" class="fixed">
- <div id="primaryContent_2columns">
- <div id="columnA_2columns">
-END
-;
-}
-
-sub closepage () {
- my $status = &connectionstatus();
- $uptime = `/usr/bin/uptime`;
-
- print <<END
- </div>
- </div>
-
- <div id="secondaryContent_2columns">
-
- <div id="columnC_2columns">
-END
-;
- &showsubsection($menu);
- &showsubsubsection($menu);
-
- print <<END
- </div>
- </div>
-
- <br class="clear" />
- <div id="footer" class="fixed">
- <b>Status:</b> $status <b>Uptime:</b>$uptime
-END
-;
-if ($settings{'SPEED'} ne 'off') {
-print <<END
- <br />
- <form name='speed'>
- <b>$Lang::tr{'bandwidth usage'}:</b> $Lang::tr{'incoming'}:<input type="text" name="rxkb" size="5" value="0 kb/s" style="font-size: 12px; font-family: Arial, Helvetica;text-align: center;color:green; border: none; padding: 0; background-color: #FFFFFF;vertical-align: middle" />
- $Lang::tr{'outgoing'}: <input type="text" name="txkb" size="5" value="0 kb/s" style="font-size: 12px; font-family: Arial, Helvetica;text-align: center;color:red; border: none; padding: 0; background-color: #FFFFFF;vertical-align: middle"/>
- </form>
-END
-;
-}
-print <<END
- </div>
- </div>
-</div>
-</body>
-</html>
-END
-;
-}
-
-sub openbigbox
-{
-}
-
-sub closebigbox
-{
-}
-
-sub openbox
-{
- $width = $_[0];
- $align = $_[1];
- $caption = $_[2];
-
- print <<END
-<!-- openbox -->
- <div class="post" align="$align">
-END
-;
-
- if ($caption) { print "<h3>$caption</h3>\n"; } else { print " "; }
-}
-
-sub closebox
-{
- print <<END
- </div>
- <br class="clear" />
- <!-- closebox -->
-END
-;
-}
-
-1;
+++ /dev/null
-/*
-
- Nonzero1.0 by nodethirtythree design
- http://www.nodethirtythree.com
- missing in a maze
-
-*/
-
-/* This controls the width of the fluid width layouts */
-
-div.fluid
-{
-width: 90% !important;
-}
-
-/* This controls the width of the fixed width layouts */
-
-div.fixed
-{
-width: 950px !important;
-}
-
-/* Basic Stuff */
-
-*
-{
-margin: 0em;
-padding: 0em;
-}
-
-body
-{
-background-color: #fff;
-color: #585858;
-font-size: 9pt;
-font-family: "trebuchet ms", helvetica, sans-serif;
-}
-
-h1,h2,h3,h4,h5,h6
-{
-font-weight: normal;
-letter-spacing: -1px;
-text-transform: lowercase;
-text-align: left;
-}
-
-h3,h4,h5,h6
-{
-color: #66000F;
-}
-
-h1 span
-{
-font-weight: bold;
-}
-
-h3 span
-{
-font-weight: bold;
-}
-
-h4 span
-{
-font-weight: bold;
-}
-
-br.clear
-{
-clear: both;
-}
-
-img
-{
-padding: 3px;
-#border: solid 1px #e1e1e1;
-}
-
-img.floatTL
-{
-float: left;
-margin-right: 1.5em;
-margin-bottom: 1.5em;
-margin-top: 0.5em;
-}
-
-a
-{
-text-decoration: underline;
-color: #D90000;
-}
-
-a:hover
-{
-text-decoration: none;
-}
-
-ul.links
-{
-list-style: none;
-}
-
-ul.links li
-{
-line-height: 2em;
-}
-
-ul.links li.first
-{
-}
-
-p
-{
-line-height: 1.8em;
-}
-
-/* Header */
-
-#header
-{
-width:100%;
-height:122px;
-background: #440000 url('/themes/ipfire/images/n1.gif') repeat-x;
-}
-
-#header_inner
-{
-position: relative;
-width: 950px;
-height:122px;
-margin: 0 auto;
-}
-
-/* Logo */
-
-#logo
-{
-position: absolute;
-bottom: 0.6em;
-}
-
-#logo h1
-{
-display: inline;
-color: #fff;
-font-size: 2.6em;
-}
-
-#logo h2
-{
-display: inline;
-padding-left: 0.5em;
-color: #E5CCD0;
-font-size: 1.0em;
-}
-
-/* Menu */
-
-#menu
-{
-position: absolute;
-right: 0em;
-bottom: 0em;
-}
-
-#menu ul
-{
-list-style: none;
-}
-
-#menu li
-{
-float: left;
-}
-
-#menu li a
-{
-margin-left: 0.5em;
-display: block;
-padding: 1.1em 1.4em 1.0em 1.4em;
-background: #fff url('/themes/ipfire/images/n4.gif') repeat-x;
-border: solid 1px #fff;
-color: #616161;
-font-weight: bold;
-font-size: 1.0em;
-text-transform: lowercase;
-text-decoration: none;
-}
-
-#menu li a.active
-{
-background: #CA2F2F url('/themes/ipfire/images/n3.gif') repeat-x;
-color: #fff;
-border: solid 1px #A94B4B;
-}
-
-/* Main */
-
-#main
-{
-background: #fff url('/themes/ipfire/images/n2.gif') 0px 1px repeat-x;
-}
-
-#main_inner p
-{
-text-align: justify;
-margin-bottom: 2.0em;
-}
-
-#main_inner ul
-{
-margin-bottom: 2.0em;
-}
-
-#main_inner
-{
-position: relative;
-width: 950px;
-margin: 0 auto;
-padding-top: 3.5em;
-}
-
-#main_inner h3,h4
-{
-border-bottom: dotted 1px #E1E1E1;
-position: relative;
-}
-
-#main_inner h3
-{
-font-size: 2.1em;
-padding-bottom: 0.1em;
-margin-bottom: 0.8em;
-}
-
-#main_inner h4
-{
-font-size: 1.2em;
-padding-bottom: 0.175em;
-margin-bottom: 1.4em;
-margin-top: 0.95em;
-}
-
-#main_inner .post
-{
-position: relative;
-}
-
-#main_inner .post h3
-{
-position: relative;
-font-size: 1.7em;
-padding-bottom: 1.2em;
-}
-
-#main_inner .post ul.post_info
-{
-list-style: none;
-position: absolute;
-top: 3em;
-font-size: 0.8em;
-}
-
-#main_inner .post ul.post_info li
-{
-background-position: 0em 0.2em;
-background-repeat: no-repeat;
-display: inline;
-padding-left: 18px;
-}
-
-#main_inner .post ul.post_info li.date
-{
-background-image: url('/themes/ipfire/images/n5.gif');
-}
-
-#main_inner .post ul.post_info li.comments
-{
-background-image: url('/themes/ipfire/images/n6.gif');
-margin-left: 1.1em;
-}
-
-/* Footer */
-
-#footer
-{
-width: 950px;
-margin: 0 auto;
-text-align: center;
-clear: both;
-border-top: dotted 1px #E1E1E1;
-margin-top: 1.0em;
-margin-bottom: 1.0em;
-padding-top: 1.0em;
-text-transform: lowercase;
-}
-
-/* Search */
-
-input
-{
-margin: 0.2em;
-}
-
-input.button
-{
-background: #CA2F2F url('/themes/ipfire/images/n3.gif') repeat-x;
-color: #fff;
-border: solid 1px #A94B4B;
-font-weight: bold;
-text-transform: lowercase;
-font-size: 0.8em;
-height: 2.0em;
-}
-
-input.text
-{
-border: solid 1px #F1F1F1;
-font-size: 1.0em;
-padding: 0.25em 0.25em 0.25em 0.25em;
-}
-
-#search
-{
-position: relative;
-width: 100%;
-margin-bottom: 2.0em;
-}
-
-#search input.text
-{
-position: absolute;
-top: 0em;
-left: 0em;
-width: 9.5em;
-}
-
-#search input.button
-{
-position: absolute;
-top: 0em;
-right: 0em;
-min-width: 2.0em;
-max-width: 2.5em;
-}
-
-/* LAYOUT - 3 COLUMNS */
-
- /* Primary content */
-
- #primaryContent_3columns
- {
- position: relative;
- margin-right: 34em;
- }
-
- #columnA_3columns
- {
- position: relative;
- float: left;
- width: 100%;
- margin-right: -34em;
- padding-right: 2em;
- }
-
- /* Secondary Content */
-
- #secondaryContent_3columns
- {
- float: right;
- }
-
- #columnB_3columns
- {
- width: 13.0em;
- float: left;
- padding: 0em 2em 0.5em 2em;
- border-left: dotted 1px #E1E1E1;
- }
-
- #columnC_3columns
- {
- width: 13.0em;
- float: left;
- padding: 0em 0em 0.5em 2em;
- border-left: dotted 1px #E1E1E1;
- }
-
-/* LAYOUT - 2 COLUMNS */
-
- /* Primary content */
-
- #primaryContent_2columns
- {
- position: relative;
- margin-right: 17em;
- }
-
- #columnA_2columns
- {
- position: relative;
- float: left;
- width: 100%;
- margin-right: -17em;
- padding-right: 2em;
- }
-
- /* Secondary Content */
-
- #secondaryContent_2columns
- {
- float: right;
- }
-
- #columnC_2columns
- {
- width: 13.0em;
- float: left;
- padding: 0em 0em 0.5em 2em;
- border-left: dotted 1px #E1E1E1;
- }
-
-/* LAYOUT - COLUMNLESS */
-
- /* Primary content */
-
- #primaryContent_columnless
- {
- position: relative;
- }
-
- #columnA_columnless
- {
- position: relative;
- width: 100%;
- }
+++ /dev/null
-color1=#CD3700
-color2=#FF4500
-color3=#CD6600
-color4=#FF7F00
-color5=#CD8500
-color6=#FFA500
-color7=#FF7F24
-color8=#FFA54F
-color9=#EEAD0E
-color10=#EEC900
-color11=#0000FF
-color12=#00FF00
-color13=#FF0000
-color14=#FFD700
-color15=#CCCCCC
-color16=#40E0D0
-color17=#90EE90
-color18=#F4A460
-color19=#EAE9EE
-color20=#1C1C1C
-color21=#CD6600
-color22=#4F4F4F
-color23=#FF00FF
-color24=#6464FF
-color25=#FF6464
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-sub showmenu() {
- print <<EOF
- <div id="menu">
- <ul>
-EOF
-;
- foreach my $k1 ( sort keys %$menu ) {
- if (! $menu->{$k1}{'enabled'}) {
- next;
- }
- my $link = getlink($menu->{$k1});
- if ($link eq '') {
- next;
- }
- if (! is_menu_visible($link)) {
- next;
- }
- if ($menu->{$k1}->{'selected'}) {
- print "<li><a href=\"$link\" class=\"active\">$menu->{$k1}{'caption'}</a></li>";
- } else {
- print "<li><a href=\"$link\">$menu->{$k1}{'caption'}</a></li>";
- }
- }
- print <<EOF
- </ul>
- </div>
-EOF
-;
-}
-
-sub getselected($) {
- my $root = shift;
- if (!$root) {
- return 0;
- }
-
- foreach my $item (%$root) {
- if ($root->{$item}{'selected'}) {
- return $root->{$item};
- }
- }
-}
-
-sub showsubsection($$) {
- my $root = shift;
-
- if (! $root) {
- return;
- }
- my $selected = getselected($root);
- if (! $selected) {
- return;
- }
- my $submenus = $selected->{'subMenu'};
- if (! $submenus) {
- return;
- }
-
- print <<EOF
- <h4><span>Side</span>menu</h4>
- <ul class="links">
-EOF
-;
- foreach my $item (sort keys %$submenus) {
- my $hash = $submenus->{$item};
- if (! $hash->{'enabled'}) {
- next;
- }
- my $link = getlink($hash);
- if ($link eq '') {
- next;
- }
- if (! is_menu_visible($link)) {
- next;
- }
- if ($hash->{'selected'}) {
- print '<li class="selected">';
- } else {
- print '<li>';
- }
-
- print "<a href=\"$link\">$hash->{'caption'}</a></li>";
- }
-
- print <<EOF
- </ul>
-EOF
-;
-}
-
-
-sub showsubsubsection($) {
- my $root = shift;
- if (!$root) {
- return;
- }
- my $selected = getselected($root);
- if (! $selected) {
- return
- }
- if (! $selected->{'subMenu'}) {
- return
- }
-
- showsubsection($selected->{'subMenu'}, 'menu-subtop');
-}
-
-sub openpage {
- my $title = shift;
- my $boh = shift;
- my $extrahead = shift;
-
- @URI=split ('\?', $ENV{'REQUEST_URI'} );
- &General::readhash("${swroot}/main/settings", \%settings);
- &genmenu();
-
- my $h2 = gettitle($menu);
-
- $title = "-= IPFire - $title =-";
- if ($settings{'WINDOWWITHHOSTNAME'} eq 'on') {
- $title = "$settings{'HOSTNAME'}.$settings{'DOMAINNAME'} - $title";
- }
-
- print <<END
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-
-<html>
- <head>
- <title>$title</title>
-
- $extrahead
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
-END
-;
- if ($settings{'FX'} ne 'off') {
- print <<END
- <meta http-equiv="Page-Enter" content="blendTrans(Duration=0.5,Transition=12)" />
- <meta http-equiv="Page-Exit" content="blendTrans(Duration=0.5,Transition=12)" />
-END
-;
- }
- print <<END
- <link rel="shortcut icon" href="/favicon.ico" />
- <link rel="stylesheet" type="text/css" href="/themes/maniac/include/style.css" />
- <script language="javascript" type="text/javascript">
-
- function swapVisibility(id) {
- el = document.getElementById(id);
- if(el.style.display != 'block') {
- el.style.display = 'block'
- }
- else {
- el.style.display = 'none'
- }
- }
- </script>
-END
-;
-if ($settings{'SPEED'} ne 'off') {
-print <<END
- <script type="text/javascript" language="javascript">
-
- var http_request = false;
-
- function LoadInetInfo(url) {
-
- http_request = false;
-
- if (window.XMLHttpRequest) { // Mozilla, Safari,...
- http_request = new XMLHttpRequest();
- if (http_request.overrideMimeType) {
- http_request.overrideMimeType('text/xml');
- // zu dieser Zeile siehe weiter unten
- }
- } else if (window.ActiveXObject) { // IE
- try {
- http_request = new ActiveXObject("Msxml2.XMLHTTP");
- } catch (e) {
- try {
- http_request = new ActiveXObject("Microsoft.XMLHTTP");
- } catch (e) {}
- }
- }
-
- if (!http_request) {
- alert('Ende :( Kann keine XMLHTTP-Instanz erzeugen');
- return false;
- }
- http_request.onreadystatechange = DisplayInetInfo;
- http_request.open('GET', url, true);
- http_request.send(null);
-
- }
-
- function DisplayInetInfo() {
- if (http_request.readyState == 4) {
- var xmldoc = http_request.responseXML;
- var root1_node = xmldoc.getElementsByTagName('rx_kbs').item(0);
- var root2_node = xmldoc.getElementsByTagName('tx_kbs').item(0);
- var root3_node = xmldoc.getElementsByTagName('rxb').item(0);
- var root4_node = xmldoc.getElementsByTagName('txb').item(0);
-
- document.forms['speed'].txkb.value = root1_node.firstChild.data;
- document.forms['speed'].rxkb.value = root2_node.firstChild.data;
-
- // document.getElementsByTagName("input")[0].style.color = "#00FF00";
- url = "/cgi-bin/speed.cgi?rxb_last=" + root3_node.firstChild.data + "&txb_last=" + root4_node.firstChild.data;
-
- window.setTimeout("LoadInetInfo(url)", 3000);
- }
-
- }
- </script>
- </head>
- <body onLoad="LoadInetInfo('/cgi-bin/speed.cgi')">
-END
-;
-}
-else {
-print "</head><body>";}
-print <<END
-<!-- IPFIRE HEADER -->
-
-<div id="header">
-
- <div id="header_inner" class="fixed">
-
- <div id="logo">
-END
-;
- if ($settings{'WINDOWWITHHOSTNAME'} eq 'on') {
- print "<h1><span>$settings{'HOSTNAME'}.$settings{'DOMAINNAME'}</span></h1><br />";
- } else {
- print "<h1><span>-= IPFire =-</span></h1><br />";
- }
- print <<END
- <h2>+ $h2 +</h2>
- </div>
-
-END
-;
- &showmenu();
-
-print <<END
- </div>
-</div>
-
-<div id="main">
- <div id="main_inner" class="fixed">
- <div id="primaryContent_2columns">
- <div id="columnA_2columns">
-END
-;
-}
-
-sub openpagewithoutmenu {
- my $title = shift;
- my $boh = shift;
- my $extrahead = shift;
-
- @URI=split ('\?', $ENV{'REQUEST_URI'} );
- &General::readhash("${swroot}/main/settings", \%settings);
- &genmenu();
-
- my $h2 = gettitle($menu);
-
- $title = "-= IPFire - $title =-";
- if ($settings{'WINDOWWITHHOSTNAME'} eq 'on') {
- $title = "$settings{'HOSTNAME'}.$settings{'DOMAINNAME'} - $title";
- }
-
- print <<END
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-
-<html>
- <head>
- <title>$title</title>
-
- $extrahead
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
-END
-;
- if ($settings{'FX'} ne 'off') {
- print <<END
- <meta http-equiv="Page-Enter" content="blendTrans(Duration=0.5,Transition=12)" />
- <meta http-equiv="Page-Exit" content="blendTrans(Duration=0.5,Transition=12)" />
-END
-;
- }
- print <<END
- <link rel="shortcut icon" href="/favicon.ico" />
- <link rel="stylesheet" type="text/css" href="/include/style.css" />
- <script language="javascript" type="text/javascript">
-
- function swapVisibility(id) {
- el = document.getElementById(id);
- if(el.style.display != 'block') {
- el.style.display = 'block'
- }
- else {
- el.style.display = 'none'
- }
- }
- </script>
-
- </head>
- <body>
-<!-- IPFIRE HEADER -->
-
-<div id="header">
-
- <div id="header_inner" class="fixed">
-
- <div id="logo">
- <h1><span>-= IPFire =-</span></h1>
- <h2>+ $h2 +</h2>
- </div>
- </div>
-</div>
-
-<div id="main">
- <div id="main_inner" class="fixed">
- <div id="primaryContent_2columns">
- <div id="columnA_2columns">
-END
-;
-}
-
-sub closepage () {
- my $status = &connectionstatus();
- $uptime = `/usr/bin/uptime`;
-
- print <<END
- </div>
- </div>
-
- <div id="secondaryContent_2columns">
-
- <div id="columnC_2columns">
-END
-;
- &showsubsection($menu);
- &showsubsubsection($menu);
-
- print <<END
- </div>
- </div>
-
- <br class="clear" />
- <div id="footer" class="fixed">
- <b>Status:</b> $status <b>Uptime:</b>$uptime
-END
-;
-if ($settings{'SPEED'} ne 'off') {
-print <<END
- <br />
- <form name='speed'>
- <b>$Lang::tr{'bandwidth usage'}:</b> $Lang::tr{'incoming'}:<input type="text" name="rxkb" size="5" value="0 kb/s" style="font-size: 12px; font-family: Arial, Helvetica;text-align: center;color:green; border: none; padding: 0; background-color: #000000; vertical-align: middle" />
- $Lang::tr{'outgoing'}: <input type="text" name="txkb" size="5" value="0 kb/s" style="font-size: 12px; font-family: Arial, Helvetica;text-align: center;color:red; border: none; padding: 0; background-color: #000000; vertical-align: middle"/>
- </form>
-END
-;
-}
-print <<END
- </div>
- </div>
-</div>
-</body>
-</html>
-END
-;
-}
-
-sub openbigbox
-{
-}
-
-sub closebigbox
-{
-}
-
-sub openbox
-{
- $width = $_[0];
- $align = $_[1];
- $caption = $_[2];
-
- print <<END
-<!-- openbox -->
- <div class="post" align="$align">
-END
-;
-
- if ($caption) { print "<h3>$caption</h3>\n"; } else { print " "; }
-}
-
-sub closebox
-{
- print <<END
- </div>
- <br class="clear" />
- <!-- closebox -->
-END
-;
-}
-
-1;
+++ /dev/null
-/*
-
- Nonzero1.0 by nodethirtythree design
- http://www.nodethirtythree.com
- missing in a maze
-
-*/
-
-/* This controls the width of the fluid width layouts */
-
-div.fluid
-{
-width: 90% !important;
-}
-
-/* This controls the width of the fixed width layouts */
-
-div.fixed
-{
-width: 950px !important;
-}
-
-/* Basic Stuff */
-
-*
-{
-margin: 0em;
-padding: 0em;
-}
-
-body
-{
-background-color: #000000;
-color: rgb(255,128,0);
-font-size: 9pt;
-font-family: "trebuchet ms", helvetica, sans-serif;
-}
-
-h1,h2,h3,h4,h5,h6
-{
-background-color: #000000;
-font-weight: normal;
-letter-spacing: -1px;
-text-transform: lowercase;
-text-align: left;
-}
-
-h3,h4,h5,h6
-{
-background-color: #000000;
-color: silver;
-}
-
-h1 span
-{
-font-weight: bold;
-color: rgb(255,128,0);
-}
-
-h3 span
-{
-background-color: #000000;
-font-weight: bold;
-}
-
-h4 span
-{
-background-color: #000000;
-font-weight: bold;
-}
-
-br.clear
-{
-background-color: #000000;
-clear: both;
-}
-
-img
-{
-}
-
-img.floatTL
-{
-float: left;
-margin-right: 1.5em;
-margin-bottom: 1.5em;
-margin-top: 0.5em;
-}
-
-a
-{
-text-decoration: underline;
-color: white;
-}
-
-a:hover
-{
-text-decoration: none;
-}
-
-ul.links
-{
-list-style: none;
-}
-
-ul.links li
-{
-line-height: 2em;
-}
-
-ul.links li.first
-{
-}
-
-p
-{
-line-height: 1.8em;
-}
-
-/* Header */
-
-#header
-{
-width:100%;
-height:100px;
-background: #000000 url('/themes/ipfire3/images/b1.gif') repeat-x;
-}
-
-#header_inner
-{
-position: relative;
-width: 700px;
-height:110px;
-margin: 0 auto;
-}
-
-/* Logo */
-
-#logo
-{
-position: absolute;
-bottom: 0.6em;
-}
-
-#logo h1
-{
-display: inline;
-color: #fff;
-font-size: 2.6em;
-}
-
-#logo h2
-{
-display: inline;
-padding-left: 0.5em;
-color: white;
-font-size: 1.0em;
-}
-
-/* Menu */
-
-#menu
-{
-position: absolute;
-right: 0em;
-bottom: 0em;
-}
-
-#menu ul
-{
-list-style: none;
-}
-
-#menu li
-{
-float: left;
-}
-
-#menu li a
-{
-margin-left: 0.5em;
-display: block;
-padding: 1.1em 1.4em 1.0em 1.4em;
-background: url('/themes/maniac/images/b4.gif') repeat-x;
-border: solid 1px #fff;
-color: #616161;
-font-weight: bold;
-font-size: 1.0em;
-text-transform: lowercase;
-text-decoration: none;
-}
-
-#menu li a.active
-{
-background: url('/themes/maniac/images/b3.gif') repeat-x;
-color: #fff;
-border: solid 1px silver;
-}
-
-/* Main */
-
-#main
-{
-background: #000000 url('/themes/maniac/images/b2.gif') 0px 1px repeat-x;
-}
-
-#main_inner p
-{
-text-align: justify;
-margin-bottom: 2.0em;
-}
-
-#main_inner ul
-{
-margin-bottom: 2.0em;
-}
-
-#main_inner
-{
-position: relative;
-width: 950px;
-margin: 0 auto;
-padding-top: 3.5em;
-}
-
-#main_inner h3,h4
-{
-border-bottom: dotted 1px #E1E1E1;
-position: relative;
-}
-
-#main_inner h3
-{
-font-size: 2.1em;
-padding-bottom: 0.1em;
-margin-bottom: 0.8em;
-}
-
-#main_inner h4
-{
-font-size: 1.2em;
-padding-bottom: 0.175em;
-margin-bottom: 1.4em;
-margin-top: 0.95em;
-}
-
-#main_inner .post
-{
-position: relative;
-}
-
-#main_inner .post h3
-{
-position: relative;
-font-size: 1.7em;
-padding-bottom: 1.2em;
-}
-
-#main_inner .post ul.post_info
-{
-list-style: none;
-position: absolute;
-top: 3em;
-font-size: 0.8em;
-}
-
-#main_inner .post ul.post_info li
-{
-background-position: 0em 0.2em;
-background-repeat: no-repeat;
-display: inline;
-padding-left: 18px;
-}
-
-#main_inner .post ul.post_info li.date
-{
-background-image: url('/themes/maniac/images/b5.gif');
-}
-
-#main_inner .post ul.post_info li.comments
-{
-background-image: url('/themes/maniac/images/b6.gif');
-margin-left: 1.1em;
-}
-
-/* Footer */
-
-#footer
-{
-width: 950px;
-margin: 0 auto;
-text-align: center;
-clear: both;
-border-top: dotted 1px #E1E1E1;
-margin-top: 1.0em;
-margin-bottom: 1.0em;
-padding-top: 1.0em;
-text-transform: lowercase;
-}
-
-/* Search */
-
-select
-{
-margin: 0.2em;
-background-color: rgb(255,128,0); color:black; border:1px solid silver;
-}
-
-textarea
-{
-margin: 0.2em;
-background-color: rgb(255,128,0); color:black; border:1px solid silver;
-}
-
-checkbox
-{
-margin: 0.2em;
-background-color: rgb(255,128,0); color:black; border:1px solid silver;
-}
-
-radio
-{
-margin: 0.2em;
-background-color: rgb(255,128,0); color:black; border:1px solid silver;
-}
-
-input
-{
-margin: 0.2em;
-background-color: rgb(255,128,0); color:black; border:1px solid silver;
-}
-
-input.button
-{
-background: #CA2F2F url('/themes/maniac/images/b3.gif') repeat-x;
-color: #fff;
-border: solid 1px #2941BC;
-font-weight: bold;
-text-transform: lowercase;
-font-size: 0.8em;
-height: 2.0em;
-}
-
-input.text
-{
-border: solid 1px #F1F1F1;
-font-size: 1.0em;
-padding: 0.25em 0.25em 0.25em 0.25em;
-}
-
-#search
-{
-position: relative;
-width: 100%;
-margin-bottom: 2.0em;
-}
-
-#search input.text
-{
-position: absolute;
-top: 0em;
-left: 0em;
-width: 9.5em;
-}
-
-#search input.button
-{
-position: absolute;
-top: 0em;
-right: 0em;
-min-width: 2.0em;
-max-width: 2.5em;
-}
-
-/* LAYOUT - 3 COLUMNS */
-
- /* Primary content */
-
- #primaryContent_3columns
- {
- position: relative;
- margin-right: 34em;
- }
-
- #columnA_3columns
- {
- position: relative;
- float: left;
- width: 100%;
- margin-right: -34em;
- padding-right: 2em;
- }
-
- /* Secondary Content */
-
- #secondaryContent_3columns
- {
- float: right;
- }
-
- #columnB_3columns
- {
- width: 13.0em;
- float: left;
- padding: 0em 2em 0.5em 2em;
- border-left: dotted 1px #E1E1E1;
- }
-
- #columnC_3columns
- {
- width: 13.0em;
- float: left;
- padding: 0em 0em 0.5em 2em;
- border-left: dotted 1px #E1E1E1;
- }
-
-/* LAYOUT - 2 COLUMNS */
-
- /* Primary content */
-
- #primaryContent_2columns
- {
- position: relative;
- margin-right: 17em;
- }
-
- #columnA_2columns
- {
- position: relative;
- float: left;
- width: 100%;
- margin-right: -17em;
- padding-right: 2em;
- }
-
- /* Secondary Content */
-
- #secondaryContent_2columns
- {
- float: right;
- }
-
- #columnC_2columns
- {
- width: 13.0em;
- float: left;
- padding: 0em 0em 0.5em 2em;
- border-left: dotted 1px #E1E1E1;
- }
-
-/* LAYOUT - COLUMNLESS */
-
- /* Primary content */
-
- #primaryContent_columnless
- {
- position: relative;
- }
-
- #columnA_columnless
- {
- position: relative;
- width: 100%;
- }
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure --prefix=/usr
cd $(DIR_APP) && make
- #cd $(DIR_APP)/doc && docbook2html rsync.sgml
cd $(DIR_APP) && make install
- #cd $(DIR_APP) && install -v -m755 -d /usr/share/doc/rsync-$(VER) &&
- #cd $(DIR_APP) && install -v -m644 doc/*.html /usr/share/doc/rsync-$(VER)
@rm -rf $(DIR_APP)
@$(POSTBUILD)
rm -f /etc/squid/errors
ln -sf /usr/lib/squid/errors/English /etc/squid/errors
- -mkdir -p /var/log/cache /var/log/squid /var/log/updatexlrator
+ -mkdir -p /var/log/cache /var/log/squid
touch /var/log/squid/access.log
- chown -R squid:squid /var/log/squid /var/log/cache /var/log/updatexlrator
-
- cp -f $(DIR_SRC)/config/updxlrator/updxlrator /usr/sbin/updxlrator
- cp -f $(DIR_SRC)/config/updxlrator/checkup /var/ipfire/updatexlrator/bin/checkup
- cp -f $(DIR_SRC)/config/updxlrator/download /var/ipfire/updatexlrator/bin/download
- -mkdir -p /usr/lib/squid/errors.ipfire
- cp -fr $(DIR_SRC)/config/proxy/errors.ipfire/* /usr/lib/squid/errors.ipfire/
- -find /usr/lib/squid/errors.ipfire/ -name .svn -exec rm -rf {} \;
- chmod 755 /usr/sbin/updxlrator /var/ipfire/updatexlrator/bin/checkup \
- /var/ipfire/updatexlrator/bin/download
-
- ln -fs /bin/false /var/ipfire/updatexlrator/autocheck/cron.daily
- ln -fs /bin/false /var/ipfire/updatexlrator/autocheck/cron.monthly
- ln -fs /bin/false /var/ipfire/updatexlrator/autocheck/cron.weekly
-
- chown -R nobody:nobody /var/ipfire/updatexlrator
- chown nobody.squid /srv/web/ipfire/html/updatecache
- chown nobody.squid /srv/web/ipfire/html/updatecache/download
- chown nobody.squid /srv/web/ipfire/html/updatecache/metadata
- chmod 775 /srv/web/ipfire/html/updatecache
- chmod 775 /srv/web/ipfire/html/updatecache/download
- chmod 775 /srv/web/ipfire/html/updatecache/metadata
- chmod 755 /var/log/updatexlrator
+ chown -R squid:squid /var/log/squid /var/log/cache
chown squid:squid /var/log/squid
ln -sf /usr/lib/squid /usr/lib/squid/auth
- cp -f $(DIR_SRC)/config/proxy/proxy.pac /srv/web/ipfire/html/proxy.pac
- chown nobody.nobody /srv/web/ipfire/html/proxy.pac
- ln -sf /srv/web/ipfire/html/proxy.pac /srv/web/ipfire/html/wpad.dat
@rm -rf $(DIR_APP)
@$(POSTBUILD)
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
- # URL-Filter
- -mkdir /etc/squidGuard /srv/web/ipfire/html/repository
- cp -f $(DIR_CONF)/urlfilter/autoupdate.urls /var/ipfire/urlfilter/autoupdate/autoupdate.urls
- ln -fs /bin/false /var/ipfire/urlfilter/autoupdate/cron.daily
- ln -fs /bin/false /var/ipfire/urlfilter/autoupdate/cron.weekly
- ln -fs /bin/false /var/ipfire/urlfilter/autoupdate/cron.monthly
- cp -f $(DIR_CONF)/urlfilter/squidGuard.conf /var/ipfire/urlfilter/squidGuard.conf
- ln -fs /var/ipfire/urlfilter/squidGuard.conf /etc/squidGuard/squidGuard.conf
- cp -f $(DIR_CONF)/urlfilter/prebuild.pl /var/ipfire/urlfilter/bin/prebuild.pl
- chmod 755 /var/ipfire/urlfilter/bin/prebuild.pl
- cp -f $(DIR_CONF)/urlfilter/autoupdate.pl /var/ipfire/urlfilter/bin/autoupdate.pl
- chmod 755 /var/ipfire/urlfilter/bin/autoupdate.pl
- echo "1.7.1" > /var/ipfire/urlfilter/version
-
- # Wrapper
- cp -f $(DIR_CONF)/urlfilter/redirect_wrapper /usr/sbin
- chmod 755 /usr/sbin/redirect_wrapper
-
- /bin/tar --no-same-owner -xzf $(DIR_CONF)/urlfilter/blacklists.tar.gz -C /var/ipfire/urlfilter
- /usr/bin/perl $(DIR_CONF)/urlfilter/makeconf.pl
- chown -R nobody:nobody /var/ipfire/urlfilter
- chmod 755 /srv/web/ipfire/html/images/urlfilter
- chmod 644 /srv/web/ipfire/html/images/urlfilter/*
- chown -R nobody:nobody /srv/web/ipfire/html/repository
+ -mkdir /etc/squidGuard
chown -R squid:squid /var/log/squidGuard
@rm -rf $(DIR_APP)