]>
Commit | Line | Data |
---|---|---|
ac1cfefa MT |
1 | #!/usr/bin/perl |
2 | # | |
3 | # (c) 2001 Jack Beglinger <jackb_guppy@yahoo.com> | |
4 | # | |
5 | # (c) 2003 Dave Roberts <countzerouk@hotmail.com> - colour coded netfilter/iptables rewrite for 1.3 | |
6 | # | |
c2b15814 MT |
7 | # (c) 2006 Franck - add sorting+filtering capability |
8 | # | |
f9aaffa6 MT |
9 | # (c) 2006 Peter Schälchli -inetwork (bug) |
10 | # | |
ac1cfefa | 11 | |
5433e2c9 | 12 | # Setup GREEN, ORANGE, IPFIRE, VPN CIDR networks, masklengths and colours only once |
ac1cfefa MT |
13 | |
14 | my @network=(); | |
15 | my @masklen=(); | |
16 | my @colour=(); | |
17 | ||
18 | use Net::IPv4Addr qw( :all ); | |
19 | ||
20 | use strict; | |
21 | ||
22 | # enable only the following on debugging purpose | |
5433e2c9 MT |
23 | use warnings; |
24 | use CGI::Carp 'fatalsToBrowser'; | |
ac1cfefa | 25 | |
986e08d9 | 26 | require '/var/ipfire/general-functions.pl'; |
ac1cfefa MT |
27 | require "${General::swroot}/lang.pl"; |
28 | require "${General::swroot}/header.pl"; | |
29 | ||
30 | #workaround to suppress a warning when a variable is used only once | |
31 | my @dummy = ( ${Header::table1colour} ); | |
32 | undef (@dummy); | |
33 | ||
34 | # Read various files | |
35 | ||
36 | my %netsettings=(); | |
37 | &General::readhash("${General::swroot}/ethernet/settings", \%netsettings); | |
38 | ||
39 | open (ACTIVE, "/proc/net/ip_conntrack") or die 'Unable to open ip_conntrack'; | |
40 | my @active = <ACTIVE>; | |
41 | close (ACTIVE); | |
42 | ||
43 | my @vpn = ('none'); | |
c2b15814 MT |
44 | open (ACTIVE, "/proc/net/ipsec_eroute") and @vpn = <ACTIVE>; |
45 | close (ACTIVE); | |
ac1cfefa MT |
46 | |
47 | my $aliasfile = "${General::swroot}/ethernet/aliases"; | |
48 | open(ALIASES, $aliasfile) or die 'Unable to open aliases file.'; | |
49 | my @aliases = <ALIASES>; | |
50 | close(ALIASES); | |
51 | ||
52 | # Add Green Firewall Interface | |
53 | push(@network, $netsettings{'GREEN_ADDRESS'}); | |
54 | push(@masklen, "255.255.255.255" ); | |
55 | push(@colour, ${Header::colourfw} ); | |
56 | ||
57 | # Add Green Network to Array | |
58 | push(@network, $netsettings{'GREEN_NETADDRESS'}); | |
59 | push(@masklen, $netsettings{'GREEN_NETMASK'} ); | |
60 | push(@colour, ${Header::colourgreen} ); | |
61 | ||
62 | # Add Green Routes to Array | |
63 | my @routes = `/sbin/route -n | /bin/grep $netsettings{'GREEN_DEV'}`; | |
64 | foreach my $route (@routes) { | |
f9aaffa6 MT |
65 | chomp($route); |
66 | my @temp = split(/[\t ]+/, $route); | |
67 | push(@network, $temp[0]); | |
68 | push(@masklen, $temp[2]); | |
69 | push(@colour, ${Header::colourgreen} ); | |
ac1cfefa MT |
70 | } |
71 | ||
72 | # Add Firewall Localhost 127.0.0.1 | |
73 | push(@network, '127.0.0.1'); | |
74 | push(@masklen, '255.255.255.255' ); | |
75 | push(@colour, ${Header::colourfw} ); | |
76 | ||
5433e2c9 MT |
77 | # Add Orange Network |
78 | if ($netsettings{'ORANGE_DEV'}) { | |
f9aaffa6 MT |
79 | push(@network, $netsettings{'ORANGE_NETADDRESS'}); |
80 | push(@masklen, $netsettings{'ORANGE_NETMASK'} ); | |
81 | push(@colour, ${Header::colourorange} ); | |
82 | # Add Orange Routes to Array | |
83 | @routes = `/sbin/route -n | /bin/grep $netsettings{'ORANGE_DEV'}`; | |
84 | foreach my $route (@routes) { | |
85 | chomp($route); | |
86 | my @temp = split(/[\t ]+/, $route); | |
87 | push(@network, $temp[0]); | |
88 | push(@masklen, $temp[2]); | |
89 | push(@colour, ${Header::colourorange} ); | |
90 | } | |
5433e2c9 MT |
91 | } |
92 | ||
f9aaffa6 MT |
93 | # Add Blue Firewall Interface |
94 | push(@network, $netsettings{'BLUE_ADDRESS'}); | |
95 | push(@masklen, "255.255.255.255" ); | |
96 | push(@colour, ${Header::colourfw} ); | |
97 | ||
5433e2c9 MT |
98 | # Add Blue Network |
99 | if ($netsettings{'BLUE_DEV'}) { | |
f9aaffa6 MT |
100 | push(@network, $netsettings{'BLUE_NETADDRESS'}); |
101 | push(@masklen, $netsettings{'BLUE_NETMASK'} ); | |
102 | push(@colour, ${Header::colourblue} ); | |
103 | # Add Blue Routes to Array | |
104 | @routes = `/sbin/route -n | /bin/grep $netsettings{'BLUE_DEV'}`; | |
105 | foreach my $route (@routes) { | |
106 | chomp($route); | |
107 | my @temp = split(/[\t ]+/, $route); | |
108 | push(@network, $temp[0]); | |
109 | push(@masklen, $temp[2]); | |
110 | push(@colour, ${Header::colourblue} ); | |
111 | } | |
5433e2c9 MT |
112 | } |
113 | ||
6e13d0a5 MT |
114 | # Add OpenVPN net and RED/BLUE/ORANGE entry (when appropriate) |
115 | if (-e "${General::swroot}/ovpn/settings") { | |
116 | my %ovpnsettings = (); | |
117 | &General::readhash("${General::swroot}/ovpn/settings", \%ovpnsettings); | |
118 | my @tempovpnsubnet = split("\/",$ovpnsettings{'DOVPN_SUBNET'}); | |
119 | ||
120 | # add OpenVPN net | |
f9aaffa6 MT |
121 | push(@network, $tempovpnsubnet[0]); |
122 | push(@masklen, $tempovpnsubnet[1]); | |
123 | push(@colour, ${Header::colourovpn} ); | |
6e13d0a5 MT |
124 | |
125 | if ( ($ovpnsettings{'ENABLED'} eq 'on') && open(IP, "${General::swroot}/red/local-ipaddress") ) { | |
126 | # add RED:port / proto | |
f9aaffa6 MT |
127 | my $redip = <IP>; |
128 | close(IP); | |
129 | chomp $redip; | |
130 | push(@network, $redip ); | |
131 | push(@masklen, '255.255.255.255' ); | |
132 | push(@colour, ${Header::colourovpn} ); | |
6e13d0a5 MT |
133 | } |
134 | if ( ($ovpnsettings{'ENABLED_BLUE'} eq 'on') && $netsettings{'BLUE_DEV'} ) { | |
135 | # add BLUE:port / proto | |
f9aaffa6 MT |
136 | push(@network, $netsettings{'BLUE_ADDRESS'} ); |
137 | push(@masklen, '255.255.255.255' ); | |
138 | push(@colour, ${Header::colourovpn} ); | |
6e13d0a5 MT |
139 | } |
140 | if ( ($ovpnsettings{'ENABLED_ORANGE'} eq 'on') && $netsettings{'ORANGE_DEV'} ) { | |
141 | # add ORANGE:port / proto | |
f9aaffa6 MT |
142 | push(@network, $netsettings{'ORANGE_ADDRESS'} ); |
143 | push(@masklen, '255.255.255.255' ); | |
144 | push(@colour, ${Header::colourovpn} ); | |
6e13d0a5 MT |
145 | } |
146 | } | |
147 | ||
ac1cfefa MT |
148 | # Add STATIC RED aliases |
149 | if ($netsettings{'RED_DEV'}) { | |
f9aaffa6 MT |
150 | # We have a RED eth iface |
151 | if ($netsettings{'RED_TYPE'} eq 'STATIC') { | |
152 | # We have a STATIC RED eth iface | |
153 | foreach my $line (@aliases) | |
154 | { | |
155 | chomp($line); | |
156 | my @temp = split(/\,/,$line); | |
157 | if ( $temp[0] ) { | |
158 | push(@network, $temp[0]); | |
159 | push(@masklen, $netsettings{'RED_NETMASK'} ); | |
160 | push(@colour, ${Header::colourfw} ); | |
161 | } | |
162 | } | |
163 | } | |
ac1cfefa MT |
164 | } |
165 | ||
166 | # Add VPNs | |
167 | if ( $vpn[0] ne 'none' ) { | |
f9aaffa6 MT |
168 | foreach my $line (@vpn) { |
169 | my @temp = split(/[\t ]+/,$line); | |
170 | my @temp1 = split(/[\/:]+/,$temp[3]); | |
171 | push(@network, $temp1[0]); | |
172 | push(@masklen, ipv4_cidr2msk($temp1[1])); | |
173 | push(@colour, ${Header::colourvpn} ); | |
174 | } | |
ac1cfefa MT |
175 | } |
176 | if (open(IP, "${General::swroot}/red/local-ipaddress")) { | |
f9aaffa6 MT |
177 | my $redip = <IP>; |
178 | close(IP); | |
179 | chomp $redip; | |
180 | push(@network, $redip); | |
181 | push(@masklen, '255.255.255.255' ); | |
182 | push(@colour, ${Header::colourfw} ); | |
ac1cfefa MT |
183 | } |
184 | ||
ac1cfefa | 185 | |
c2b15814 MT |
186 | #Establish simple filtering&sorting boxes on top of table |
187 | ||
188 | our %cgiparams; | |
189 | &Header::getcgihash(\%cgiparams); | |
190 | ||
191 | my @list_proto = ($Lang::tr{'all'}, 'icmp', 'udp', 'tcp'); | |
192 | my @list_state = ($Lang::tr{'all'}, 'SYN_SENT', 'SYN_RECV', 'ESTABLISHED', 'FIN_WAIT', | |
f9aaffa6 | 193 | 'CLOSE_WAIT', 'LAST_ACK', 'TIME_WAIT', 'CLOSE', 'LISTEN'); |
c2b15814 MT |
194 | my @list_mark = ($Lang::tr{'all'}, '[ASSURED]', '[UNREPLIED]'); |
195 | my @list_sort = ('orgsip','protocol', 'expires', 'status', 'orgdip', 'orgsp', | |
f9aaffa6 | 196 | 'orgdp', 'exsip', 'exdip', 'exsp', 'exdp', 'marked'); |
c2b15814 MT |
197 | |
198 | # init or silently correct unknown value... | |
199 | if ( ! grep ( /^$cgiparams{'SEE_PROTO'}$/ , @list_proto )) { $cgiparams{'SEE_PROTO'} = $list_proto[0] }; | |
200 | if ( ! grep ( /^$cgiparams{'SEE_STATE'}$/ , @list_state )) { $cgiparams{'SEE_STATE'} = $list_state[0] }; | |
5433e2c9 MT |
201 | if ( ($cgiparams{'SEE_MARK'} ne $Lang::tr{'all'}) && # ok the grep should work but it doesn't because of |
202 | ($cgiparams{'SEE_MARK'} ne '[ASSURED]') && # the '[' & ']' interpreted as list separator. | |
203 | ($cgiparams{'SEE_MARK'} ne '[UNREPLIED]') # So, explicitly enumerate items. | |
204 | ) { $cgiparams{'SEE_MARK'} = $list_mark[0] }; | |
c2b15814 MT |
205 | if ( ! grep ( /^$cgiparams{'SEE_SORT'}$/ , @list_sort )) { $cgiparams{'SEE_SORT'} = $list_sort[0] }; |
206 | # *.*.*.* or a valid IP | |
207 | if ( $cgiparams{'SEE_SRC'} !~ /^(\*\.\*\.\*\.\*\.|\d+\.\d+\.\d+\.\d+)$/) { $cgiparams{'SEE_SRC'} = '*.*.*.*' }; | |
208 | if ( $cgiparams{'SEE_DEST'} !~ /^(\*\.\*\.\*\.\*\.|\d+\.\d+\.\d+\.\d+)$/) { $cgiparams{'SEE_DEST'} = '*.*.*.*' }; | |
209 | ||
210 | ||
211 | our %entries = (); # will hold the lines analyzed correctly | |
212 | my $unknownlines = ''; # should be empty all the time... | |
213 | my $index = 0; # just a counter to make unique entryies in entries | |
ac1cfefa | 214 | |
c2b15814 | 215 | foreach my $line (@active) { |
f9aaffa6 MT |
216 | my $protocol=''; |
217 | my $expires=''; | |
218 | my $status=''; | |
219 | my $orgsip=''; | |
220 | my $orgdip=''; | |
221 | my $orgsp=''; | |
222 | my $orgdp=''; | |
223 | my $exsip=''; | |
224 | my $exdip=''; | |
225 | my $exsp=''; | |
226 | my $exdp=''; | |
227 | my $marked=''; | |
228 | my $use=''; | |
229 | ||
230 | chomp($line); | |
231 | my @temp = split(' ',$line); | |
232 | ||
233 | if ($temp[0] eq 'icmp') { | |
234 | $protocol = $temp[0]; | |
235 | $status = $Lang::tr{'all'}; | |
236 | $orgsip = substr $temp[3], 4; | |
237 | $orgdip = substr $temp[4], 4; | |
238 | $marked = $temp[8] eq '[UNREPLIED]' ? '[UNREPLIED]' : ' '; | |
239 | } | |
240 | if ($temp[0] eq 'udp') { | |
241 | $protocol = $temp[0]; | |
242 | $status = $Lang::tr{'all'}; | |
243 | $orgsip = substr $temp[3], 4; | |
244 | $orgdip = substr $temp[4], 4; | |
245 | $marked = $temp[7] eq '[UNREPLIED]' ? '[UNREPLIED]' : defined ($temp[12]) ? $temp[11] : ' '; | |
246 | } | |
247 | if ($temp[0] eq 'tcp') { | |
248 | $protocol = $temp[0]; | |
249 | $status = $temp[3]; | |
250 | $orgsip = substr $temp[4], 4; | |
251 | $orgdip = substr $temp[5], 4; | |
252 | $marked = $temp[8] eq '[UNREPLIED]' ? '[UNREPLIED]' : defined ($temp[13]) ? $temp[12] : ' '; | |
253 | } | |
254 | ||
255 | # filter the line if we found a known proto | |
256 | next if( !( | |
257 | (($cgiparams{'SEE_PROTO'} eq $Lang::tr{'all'}) || ($protocol eq $cgiparams{'SEE_PROTO'} )) | |
258 | && (($cgiparams{'SEE_STATE'} eq $Lang::tr{'all'}) || ($status eq $cgiparams{'SEE_STATE'} )) | |
259 | && (($cgiparams{'SEE_MARK'} eq $Lang::tr{'all'}) || ($marked eq $cgiparams{'SEE_MARK'} )) | |
260 | && (($cgiparams{'SEE_SRC'} eq "*.*.*.*") || ($orgsip eq $cgiparams{'SEE_SRC'} )) | |
261 | && (($cgiparams{'SEE_DEST'} eq "*.*.*.*") || ($orgdip eq $cgiparams{'SEE_DEST'} )) | |
262 | )); | |
263 | ||
264 | if ($temp[0] eq 'icmp') { | |
265 | my $offset = 0; | |
266 | $protocol = $temp[0] . " (" . $temp[1] . ")"; | |
267 | $expires = $temp[2]; | |
268 | $status = ' '; | |
269 | if ($temp[8] eq '[UNREPLIED]' ) { | |
270 | $offset = +1; | |
271 | } | |
272 | $orgsip = substr $temp[3], 4; | |
273 | $orgdip = substr $temp[4], 4; | |
274 | $orgsp = &General::GetIcmpDescription(substr( $temp[5], 5)) . "/" . substr( $temp[6], 5);; | |
275 | $orgdp = 'id=' . substr( $temp[7], 3); | |
276 | $exsip = substr $temp[8 + $offset], 4; | |
277 | $exdip = substr $temp[9 + $offset], 4; | |
278 | $exsp = &General::GetIcmpDescription(substr( $temp[10 + $offset], 5)). "/" . substr( $temp[11 + $offset], 5); | |
279 | $exdp = 'id=' . substr( $temp[11 + $offset], 5); | |
280 | $marked = $temp[8] eq '[UNREPLIED]' ? '[UNREPLIED]' : ' '; | |
281 | $use = substr( $temp[13 + $offset], 4 ); | |
282 | } | |
283 | if ($temp[0] eq 'udp') { | |
284 | my $offset = 0; | |
285 | $marked = ''; | |
286 | $protocol = $temp[0] . " (" . $temp[1] . ")"; | |
287 | $expires = $temp[2]; | |
288 | $status = ' '; | |
289 | $orgsip = substr $temp[3], 4; | |
290 | $orgdip = substr $temp[4], 4; | |
291 | $orgsp = substr $temp[5], 6; | |
292 | $orgdp = substr $temp[6], 6; | |
293 | if ($temp[7] eq '[UNREPLIED]') { | |
c2b15814 | 294 | $offset = 1; |
f9aaffa6 MT |
295 | $marked = $temp[7]; |
296 | $use = substr $temp[12], 4; | |
c2b15814 | 297 | } else { |
f9aaffa6 MT |
298 | if ((substr $temp[11], 0, 3) eq 'use' ) { |
299 | $marked = ''; | |
300 | $use = substr $temp[11], 4; | |
301 | } else { | |
302 | $marked = $temp[11]; | |
303 | $use = substr $temp[12], 4; | |
304 | } | |
305 | } | |
306 | $exsip = substr $temp[7 + $offset], 4; | |
307 | $exdip = substr $temp[8 + $offset], 4; | |
308 | $exsp = substr $temp[9 + $offset], 6; | |
309 | $exdp = substr $temp[10 + $offset], 6; | |
310 | } | |
311 | if ($temp[0] eq 'tcp') { | |
312 | my $offset = 0; | |
ac1cfefa MT |
313 | $protocol = $temp[0] . " (" . $temp[1] . ")"; |
314 | $expires = $temp[2]; | |
c2b15814 | 315 | $status = $temp[3]; |
ac1cfefa MT |
316 | $orgsip = substr $temp[4], 4; |
317 | $orgdip = substr $temp[5], 4; | |
318 | $orgsp = substr $temp[6], 6; | |
f9aaffa6 MT |
319 | $orgdp = substr $temp[7], 6; |
320 | if ($temp[8] eq '[UNREPLIED]') { | |
ac1cfefa MT |
321 | $marked = $temp[8]; |
322 | $offset = 1; | |
c2b15814 | 323 | } else { |
ac1cfefa | 324 | $marked = $temp[12]; |
ac1cfefa | 325 | } |
f9aaffa6 | 326 | $exsip = substr $temp[8 + $offset], 4; |
ac1cfefa MT |
327 | $exdip = substr $temp[9 + $offset], 4; |
328 | $exsp = substr $temp[10 + $offset], 6; | |
329 | $exdp = substr $temp[11 + $offset], 6; | |
f9aaffa6 | 330 | $use = substr $temp[13], 4; |
ac1cfefa | 331 | } |
f9aaffa6 | 332 | if ($temp[0] eq 'unknown') { |
ac1cfefa MT |
333 | my $offset = 0; |
334 | $protocol = "??? (" . $temp[1] . ")"; | |
335 | $protocol = "esp (" . $temp[1] . ")" if ($temp[1] == 50); | |
c2b15814 | 336 | $protocol = "ah (" . $temp[1] . ")" if ($temp[1] == 51); |
ac1cfefa | 337 | $expires = $temp[2]; |
c2b15814 | 338 | $status = ' '; |
ac1cfefa MT |
339 | $orgsip = substr $temp[3], 4; |
340 | $orgdip = substr $temp[4], 4; | |
341 | $orgsp = ' '; | |
342 | $orgdp = ' '; | |
343 | $exsip = substr $temp[5], 4; | |
344 | $exdip = substr $temp[6], 4; | |
345 | $exsp = ' '; | |
346 | $exdp = ' '; | |
347 | $marked = ' '; | |
348 | $use = ' '; | |
349 | } | |
f9aaffa6 | 350 | if ($temp[0] eq 'gre') { |
ac1cfefa | 351 | my $offset = 0; |
f9aaffa6 | 352 | $protocol = $temp[0] . " (" . $temp[1] . ")"; |
ac1cfefa MT |
353 | $expires = $temp[2]; |
354 | $orgsip = substr $temp[5], 4; | |
355 | $orgdip = substr $temp[6], 4; | |
356 | $orgsp = ' '; | |
f9aaffa6 MT |
357 | $orgdp = ' '; |
358 | $exsip = substr $temp[11], 4; | |
ac1cfefa MT |
359 | $exdip = substr $temp[12], 4; |
360 | $exsp = ' '; | |
361 | $exdp = ' '; | |
f9aaffa6 MT |
362 | $marked = $temp[17]; |
363 | $use = $temp[18]; | |
364 | } | |
365 | # Only from this point, lines have the same known format/field | |
366 | # The floating fields [UNREPLIED] [ASSURED] etc are ok. | |
367 | ||
368 | # Store the line in a hash array for sorting | |
369 | if ( $protocol ) { # line is decoded ? | |
370 | my @record = ( 'index', $index++, | |
371 | 'protocol', $protocol, | |
372 | 'expires', $expires, | |
373 | 'status', $status, | |
374 | 'orgsip', $orgsip, | |
375 | 'orgdip', $orgdip, | |
376 | 'orgsp', $orgsp, | |
377 | 'orgdp', $orgdp, | |
378 | 'exsip', $exsip, | |
379 | 'exdip', $exdip, | |
380 | 'exsp', $exsp, | |
381 | 'exdp', $exdp, | |
382 | 'marked', $marked, | |
383 | 'use', $use); | |
384 | my $record = {}; # create a reference to empty hash | |
385 | %{$record} = @record; # populate that hash with @record | |
386 | $entries{$record->{index}} = $record; # add this to a hash of hashes | |
387 | } else { # it was not a known line | |
388 | $unknownlines .= "<tr bgcolor='${Header::table1colour}'>"; | |
389 | $unknownlines .= "<td colspan='9'> unknown:$line></td></tr>"; | |
390 | } | |
c2b15814 MT |
391 | } |
392 | ||
393 | # Build listbox objects | |
394 | my $menu_proto = &make_select ('SEE_PROTO', $cgiparams{'SEE_PROTO'}, @list_proto); | |
395 | my $menu_state = &make_select ('SEE_STATE', $cgiparams{'SEE_STATE'}, @list_state); | |
396 | my $menu_src = &make_select ('SEE_SRC', $cgiparams{'SEE_SRC'}, &get_known_ips('orgsip')); | |
397 | my $menu_dest = &make_select ('SEE_DEST', $cgiparams{'SEE_DEST'}, &get_known_ips('orgdip')); | |
398 | my $menu_mark = &make_select ('SEE_MARK', $cgiparams{'SEE_MARK'}, @list_mark); | |
399 | my $menu_sort = &make_select ('SEE_SORT', $cgiparams{'SEE_SORT'}, @list_sort); | |
400 | ||
401 | &Header::showhttpheaders(); | |
402 | &Header::openpage($Lang::tr{'connections'}, 1, ''); | |
403 | &Header::openbigbox('100%', 'left'); | |
404 | &Header::openbox('100%', 'left', $Lang::tr{'connection tracking'}); | |
405 | ||
406 | print <<END | |
5433e2c9 | 407 | <form method='post' action='$ENV{'SCRIPT_NAME'}'> |
c2b15814 MT |
408 | <table width='60%'> |
409 | <tr><td align='center'><b>$Lang::tr{'legend'} : </b></td> | |
410 | <td align='center' bgcolor='${Header::colourgreen}'><b><font color='#FFFFFF'>$Lang::tr{'lan'}</font></b></td> | |
411 | <td align='center' bgcolor='${Header::colourred}'><b><font color='#FFFFFF'>$Lang::tr{'internet'}</font></b></td> | |
412 | <td align='center' bgcolor='${Header::colourorange}'><b><font color='#FFFFFF'>$Lang::tr{'dmz'}</font></b></td> | |
413 | <td align='center' bgcolor='${Header::colourblue}'><b><font color='#FFFFFF'>$Lang::tr{'wireless'}</font></b></td> | |
78331e30 | 414 | <td align='center' bgcolor='${Header::colourfw}'><b><font color='#FFFFFF'>IPFire</font></b></td> |
c2b15814 | 415 | <td align='center' bgcolor='${Header::colourvpn}'><b><font color='#FFFFFF'>$Lang::tr{'vpn'}</font></b></td> |
6e13d0a5 | 416 | <td align='center' bgcolor='${Header::colourovpn}'><b><font color='#FFFFFF'>$Lang::tr{'OpenVPN'}</font></b></td> |
c2b15814 MT |
417 | </tr> |
418 | </table> | |
419 | <br /> | |
420 | <table cellpadding='2'> | |
421 | <tr><td align='center'><b>$Lang::tr{'protocol'}</b></td> | |
422 | <td align='center'><b>$Lang::tr{'expires'}<br />($Lang::tr{'seconds'})</b></td> | |
423 | <td align='center'><b>$Lang::tr{'connection'}<br />$Lang::tr{'status'}</b></td> | |
424 | <td align='center'><b>$Lang::tr{'original'}<br />$Lang::tr{'source ip and port'}</b></td> | |
425 | <td align='center'><b>$Lang::tr{'original'}<br />$Lang::tr{'dest ip and port'}</b></td> | |
426 | <td align='center'><b>$Lang::tr{'expected'}<br />$Lang::tr{'source ip and port'}</b></td> | |
427 | <td align='center'><b>$Lang::tr{'expected'}<br />$Lang::tr{'dest ip and port'}</b></td> | |
428 | <td align='center'><b>$Lang::tr{'marked'}</b></td> | |
429 | <td align='center'><b>$Lang::tr{'use'}</b></td> | |
430 | </tr> | |
5433e2c9 | 431 | <tr> |
c2b15814 | 432 | <td align='center'>$menu_proto</td> |
5433e2c9 | 433 | <td> </td> |
c2b15814 MT |
434 | <td align='center'>$menu_state</td> |
435 | <td align='center'>$menu_src</td> | |
436 | <td align='center'>$menu_dest</td> | |
437 | <td align='center'colspan='2'>$Lang::tr{'sort ascending'}:$menu_sort </td> | |
438 | <td align='center'>$menu_mark</td> | |
439 | <td align='center'><input type='submit' value='!' /></td> | |
c2b15814 MT |
440 | </tr> |
441 | END | |
442 | ; | |
443 | ||
444 | foreach my $entry (sort sort_entries keys %entries) { | |
f9aaffa6 MT |
445 | my $orgsipcolour = &ipcolour( $entries{$entry}->{orgsip} ); |
446 | my $orgdipcolour = &ipcolour( $entries{$entry}->{orgdip} ); | |
447 | my $exsipcolour = &ipcolour( $entries{$entry}->{exsip} ); | |
448 | my $exdipcolour = &ipcolour( $entries{$entry}->{exdip} ); | |
ac1cfefa | 449 | print <<END |
f9aaffa6 MT |
450 | <tr bgcolor='${Header::table1colour}'> |
451 | <td align='center'>$entries{$entry}->{protocol}</td> | |
452 | <td align='center'>$entries{$entry}->{expires}</td> | |
453 | <td align='center'>$entries{$entry}->{status}</td> | |
454 | <td align='center' bgcolor='$orgsipcolour'> | |
455 | <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{orgsip}'> | |
456 | <font color='#FFFFFF'>$entries{$entry}->{orgsip}</font> | |
457 | </a><font color='#FFFFFF'>:$entries{$entry}->{orgsp}</font></td> | |
458 | <td align='center' bgcolor='$orgdipcolour'> | |
459 | <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{orgdip}'> | |
460 | <font color='#FFFFFF'>$entries{$entry}->{orgdip}</font> | |
461 | </a><font color='#FFFFFF'>:$entries{$entry}->{orgdp}</font></td> | |
462 | <td align='center' bgcolor='$exsipcolour'> | |
463 | <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{exsip}'> | |
464 | <font color='#FFFFFF'>$entries{$entry}->{exsip}</font> | |
465 | </a><font color='#FFFFFF'>:$entries{$entry}->{exsp}</font></td> | |
466 | <td align='center' bgcolor='$exdipcolour'> | |
467 | <a href='/cgi-bin/ipinfo.cgi?ip=$entries{$entry}->{exdip}'> | |
468 | <font color='#FFFFFF'>$entries{$entry}->{exdip}</font> | |
469 | </a><font color='#FFFFFF'>:$entries{$entry}->{exdp}</font></td> | |
470 | <td align='center'>$entries{$entry}->{marked}</td> | |
471 | <td align='center'>$entries{$entry}->{use}</td> | |
472 | </tr> | |
ac1cfefa | 473 | END |
c2b15814 | 474 | ; |
ac1cfefa | 475 | } |
c2b15814 | 476 | |
5433e2c9 | 477 | print "$unknownlines</table></form>"; |
ac1cfefa MT |
478 | |
479 | &Header::closebox(); | |
480 | &Header::closebigbox(); | |
481 | &Header::closepage(); | |
482 | ||
483 | sub ipcolour($) { | |
f9aaffa6 MT |
484 | my $id = 0; |
485 | my $line; | |
486 | my $colour = ${Header::colourred}; | |
487 | my ($ip) = $_[0]; | |
c2b15814 MT |
488 | my $found = 0; |
489 | foreach $line (@network) { | |
f9aaffa6 MT |
490 | if ($network[$id] eq '') { |
491 | $id++; | |
492 | } else { | |
493 | if (!$found && ipv4_in_network( $network[$id] , $masklen[$id], $ip) ) { | |
494 | $found = 1; | |
495 | $colour = $colour[$id]; | |
496 | } | |
497 | $id++; | |
ac1cfefa | 498 | } |
f9aaffa6 MT |
499 | } |
500 | return $colour | |
ac1cfefa | 501 | } |
c2b15814 MT |
502 | |
503 | # Create a string containing a complete SELECT html object | |
504 | # param1: name | |
505 | # param2: current value selected | |
506 | # param3: field list | |
507 | sub make_select ($,$,$) { | |
f9aaffa6 MT |
508 | my $select_name = shift; |
509 | my $selected = shift; | |
510 | my $select = "<select name='$select_name'>"; | |
511 | ||
512 | foreach my $value (@_) { | |
513 | my $check = $selected eq $value ? "selected='selected'" : ''; | |
514 | $select .= "<option $check value='$value'>$value</option>"; | |
515 | } | |
516 | $select .= "</select>"; | |
517 | return $select; | |
c2b15814 MT |
518 | } |
519 | ||
520 | # Build a list of IP obtained from the %entries hash | |
521 | # param1: IP field name | |
522 | sub get_known_ips ($) { | |
f9aaffa6 MT |
523 | my $field = shift; |
524 | my $qs = $cgiparams{'SEE_SORT'}; # switch the sort order | |
525 | $cgiparams{'SEE_SORT'} = $field; | |
c2b15814 | 526 | |
f9aaffa6 MT |
527 | my @liste=('*.*.*.*'); |
528 | foreach my $entry ( sort sort_entries keys %entries) { | |
529 | push (@liste, $entries{$entry}->{$field}) if (! grep (/^$entries{$entry}->{$field}$/,@liste) ); | |
530 | } | |
c2b15814 | 531 | |
f9aaffa6 | 532 | $cgiparams{'SEE_SORT'} = $qs; #restore sort order |
c2b15814 MT |
533 | return @liste; |
534 | } | |
535 | ||
536 | # Used to sort the table containing the lines displayed. | |
537 | sub sort_entries { #Reverse is not implemented | |
538 | my $qs=$cgiparams{'SEE_SORT'}; | |
539 | if ($qs =~ /orgsip|orgdip|exsip|exdip/) { | |
f9aaffa6 MT |
540 | my @a = split(/\./,$entries{$a}->{$qs}); |
541 | my @b = split(/\./,$entries{$b}->{$qs}); | |
542 | ($a[0]<=>$b[0]) || | |
543 | ($a[1]<=>$b[1]) || | |
544 | ($a[2]<=>$b[2]) || | |
545 | ($a[3]<=>$b[3]); | |
546 | } elsif ($qs =~ /expire|orgsp|orgdp|exsp|exdp/) { | |
547 | $entries{$a}->{$qs} <=> $entries{$b}->{$qs}; | |
548 | } else { | |
549 | $entries{$a}->{$qs} cmp $entries{$b}->{$qs}; | |
550 | } | |
c2b15814 MT |
551 | } |
552 | ||
553 | 1; |