]> git.ipfire.org Git - ipfire-2.x.git/blob - html/cgi-bin/fwhosts.cgi
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
kernel: update to 4.9.34
[ipfire-2.x.git] / html / cgi-bin / fwhosts.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 Alexander Marx <amarx@ipfire.org> #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21 use strict;
22
23 # enable only the following on debugging purpose
24 #use warnings;
25
26 use Sort::Naturally;
27 use CGI::Carp 'fatalsToBrowser';
28 no warnings 'uninitialized';
29 require '/var/ipfire/general-functions.pl';
30 require '/var/ipfire/network-functions.pl';
31 require "/var/ipfire/geoip-functions.pl";
32 require "/usr/lib/firewall/firewall-lib.pl";
33 require "${General::swroot}/lang.pl";
34 require "${General::swroot}/header.pl";
35
36 my %fwhostsettings=();
37 my %customnetwork=();
38 my %customhost=();
39 my %customgrp=();
40 my %customservice=();
41 my %customservicegrp=();
42 my %customgeoipgrp=();
43 my %ccdnet=();
44 my %ccdhost=();
45 my %ipsecconf=();
46 my %icmptypes=();
47 my %color=();
48 my %defaultNetworks=();
49 my %mainsettings=();
50 my %ownnet=();
51 my %ipsecsettings=();
52 my %fwfwd=();
53 my %fwinp=();
54 my %fwout=();
55 my %ovpnsettings=();
56 my %netsettings=();
57
58 my $errormessage;
59 my $hint;
60 my $update=0;
61 my $confignet = "${General::swroot}/fwhosts/customnetworks";
62 my $confighost = "${General::swroot}/fwhosts/customhosts";
63 my $configgrp = "${General::swroot}/fwhosts/customgroups";
64 my $configccdnet = "${General::swroot}/ovpn/ccd.conf";
65 my $configccdhost = "${General::swroot}/ovpn/ovpnconfig";
66 my $configipsec = "${General::swroot}/vpn/config";
67 my $configsrv = "${General::swroot}/fwhosts/customservices";
68 my $configsrvgrp = "${General::swroot}/fwhosts/customservicegrp";
69 my $configgeoipgrp = "${General::swroot}/fwhosts/customgeoipgrp";
70 my $fwconfigfwd = "${General::swroot}/firewall/config";
71 my $fwconfiginp = "${General::swroot}/firewall/input";
72 my $fwconfigout = "${General::swroot}/firewall/outgoing";
73 my $configovpn = "${General::swroot}/ovpn/settings";
74 my $configipsecrw = "${General::swroot}/vpn/settings";
75
76 unless (-e $confignet) { system("touch $confignet"); }
77 unless (-e $confighost) { system("touch $confighost"); }
78 unless (-e $configgrp) { system("touch $configgrp"); }
79 unless (-e $configsrv) { system("touch $configsrv"); }
80 unless (-e $configsrvgrp) { system("touch $configsrvgrp"); }
81 unless (-e $configgeoipgrp) { system("touch $configgeoipgrp"); }
82
83 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
84 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
85 &General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
86 &General::readhash("$configovpn", \%ovpnsettings);
87 &General::readhasharray("$configipsec", \%ipsecconf);
88 &General::readhash("$configipsecrw", \%ipsecsettings);
89 &General::readhash("/var/ipfire/ethernet/settings", \%netsettings);
90 &Header::getcgihash(\%fwhostsettings);
91
92 &Header::showhttpheaders();
93 &Header::openpage($Lang::tr{'fwhost menu'}, 1, '');
94 &Header::openbigbox('100%', 'center');
95
96 #### JAVA SCRIPT ####
97 print<<END;
98 <script>
99 var PROTOCOLS_WITH_PORTS = ["TCP", "UDP"];
100 var update_protocol = function() {
101 var protocol = \$("#protocol").val();
102
103 if (protocol === undefined)
104 return;
105
106 // Check if we are dealing with a protocol, that knows ports.
107 if (\$.inArray(protocol, PROTOCOLS_WITH_PORTS) >= 0) {
108 \$("#PORT").show();
109 \$("#PROTOKOLL").hide();
110 } else {
111 \$("#PORT").hide();
112 \$("#PROTOKOLL").show();
113 }
114 };
115
116 \$(document).ready(function() {
117 var protocol = \$("#protocol").val();
118 \$("#protocol").change(update_protocol);
119 update_protocol();
120 // Automatically select radio buttons when corresponding
121 // dropdown menu changes.
122 \$("select").change(function() {
123 var id = \$(this).attr("name");
124 \$('#' + id).prop("checked", true);
125 });
126 });
127 </script>
128 END
129
130 ## ACTION ####
131 # Update
132 if ($fwhostsettings{'ACTION'} eq 'updatenet' )
133 {
134 &General::readhasharray("$confignet", \%customnetwork);
135 foreach my $key (keys %customnetwork)
136 {
137 if($customnetwork{$key}[0] eq $fwhostsettings{'orgname'})
138 {
139 $fwhostsettings{'orgname'} = $customnetwork{$key}[0];
140 $fwhostsettings{'orgip'} = $customnetwork{$key}[1];
141 $fwhostsettings{'orgsub'} = $customnetwork{$key}[2];
142 $fwhostsettings{'netremark'} = $customnetwork{$key}[3];
143 $fwhostsettings{'count'} = $customnetwork{$key}[4];
144 delete $customnetwork{$key};
145
146 }
147 }
148 &General::writehasharray("$confignet", \%customnetwork);
149 $fwhostsettings{'actualize'} = 'on';
150 $fwhostsettings{'ACTION'} = 'savenet';
151 }
152 if ($fwhostsettings{'ACTION'} eq 'updatehost')
153 {
154 my ($ip,$subnet);
155 &General::readhasharray("$confighost", \%customhost);
156 foreach my $key (keys %customhost)
157 {
158 if($customhost{$key}[0] eq $fwhostsettings{'orgname'})
159 {
160 if ($customhost{$key}[1] eq 'ip'){
161 ($ip,$subnet) = split (/\//,$customhost{$key}[2]);
162 }else{
163 $ip = $customhost{$key}[2];
164 }
165 $fwhostsettings{'orgip'} = $ip;
166 $fwhostsettings{'count'} = $customhost{$key}[4];
167 delete $customhost{$key};
168 &General::writehasharray("$confighost", \%customhost);
169 }
170 }
171 $fwhostsettings{'actualize'} = 'on';
172 if($fwhostsettings{'orgip'}){
173 $fwhostsettings{'ACTION'} = 'savehost';
174 }else{
175 $fwhostsettings{'ACTION'} = $Lang::tr{'fwhost newhost'};
176 }
177 }
178 if ($fwhostsettings{'ACTION'} eq 'updateservice')
179 {
180 my $count=0;
181 my $needrules=0;
182 $errormessage=&checkports(\%customservice);
183 if ($fwhostsettings{'oldsrvname'} ne $fwhostsettings{'SRV_NAME'} && !&checkgroup($fwhostsettings{'SRV_NAME'})){
184 $errormessage=$Lang::tr{'fwhost err grpexist'};
185 }
186 if (!$errormessage){
187 &General::readhasharray("$configsrv", \%customservice);
188 foreach my $key (keys %customservice)
189 {
190 if ($customservice{$key}[0] eq $fwhostsettings{'oldsrvname'})
191 {
192 delete $customservice{$key};
193 &General::writehasharray("$configsrv", \%customservice);
194 last;
195 }
196 }
197 if ($fwhostsettings{'PROT'} ne 'ICMP'){
198 $fwhostsettings{'ICMP_TYPES'}='BLANK';
199 }
200 my $key1 = &General::findhasharraykey(\%customservice);
201 #find out short ICMP-TYPE
202 &General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
203 foreach my $key (keys %icmptypes){
204 if ("$icmptypes{$key}[0] ($icmptypes{$key}[1])" eq $fwhostsettings{'ICMP_TYPES'}){
205 $fwhostsettings{'ICMP_TYPES'}=$icmptypes{$key}[0];
206 }
207 }
208 foreach my $i (0 .. 4) { $customservice{$key1}[$i] = "";}
209 $customservice{$key1}[0] = $fwhostsettings{'SRV_NAME'};
210 $customservice{$key1}[1] = $fwhostsettings{'SRV_PORT'};
211 $customservice{$key1}[2] = $fwhostsettings{'PROT'};
212 $customservice{$key1}[3] = $fwhostsettings{'ICMP_TYPES'};
213 &General::writehasharray("$configsrv", \%customservice);
214 #check if we need to update firewallrules
215 if ($fwhostsettings{'SRV_NAME'} ne $fwhostsettings{'oldsrvname'}){
216 if ( ! -z $fwconfigfwd ){
217 &General::readhasharray("$fwconfigfwd", \%fwfwd);
218 foreach my $key (sort keys %fwfwd){
219 if ($fwfwd{$key}[15] eq $fwhostsettings{'oldsrvname'}){
220 $fwfwd{$key}[15] = $fwhostsettings{'SRV_NAME'};
221 }
222 }
223 &General::writehasharray("$fwconfigfwd", \%fwfwd);
224 }
225 if ( ! -z $fwconfiginp ){
226 &General::readhasharray("$fwconfiginp", \%fwinp);
227 foreach my $line (sort keys %fwinp){
228 if ($fwfwd{$line}[15] eq $fwhostsettings{'oldsrvname'}){
229 $fwfwd{$line}[15] = $fwhostsettings{'SRV_NAME'};
230 }
231 }
232 &General::writehasharray("$fwconfiginp", \%fwinp);
233 }
234 if ( ! -z $fwconfigout ){
235 &General::readhasharray("$fwconfigout", \%fwout);
236 foreach my $line (sort keys %fwout){
237 if ($fwout{$line}[15] eq $fwhostsettings{'oldsrvname'}){
238 $fwout{$line}[15] = $fwhostsettings{'SRV_NAME'};
239 }
240 }
241 &General::writehasharray("$fwconfigout", \%fwout);
242 }
243 #check if we need to update groups
244 &General::readhasharray("$configsrvgrp", \%customservicegrp);
245 foreach my $key (sort keys %customservicegrp){
246 if($customservicegrp{$key}[2] eq $fwhostsettings{'oldsrvname'}){
247 $customservicegrp{$key}[2] = $fwhostsettings{'SRV_NAME'};
248 &checkrulereload($customservicegrp{$key}[0]);
249 }
250 }
251 &General::writehasharray("$configsrvgrp", \%customservicegrp);
252 }
253 &checkrulereload($fwhostsettings{'SRV_NAME'});
254 $fwhostsettings{'SRV_NAME'} = '';
255 $fwhostsettings{'SRV_PORT'} = '';
256 $fwhostsettings{'PROT'} = '';
257 $fwhostsettings{'ICMP'} = '';
258 $fwhostsettings{'oldsrvicmp'} = '';
259 $fwhostsettings{'updatesrv'} = '';
260 }else{
261 $fwhostsettings{'SRV_NAME'} = $fwhostsettings{'oldsrvname'};
262 $fwhostsettings{'SRV_PORT'} = $fwhostsettings{'oldsrvport'};
263 $fwhostsettings{'PROT'} = $fwhostsettings{'oldsrvprot'};
264 $fwhostsettings{'ICMP'} = $fwhostsettings{'oldsrvicmp'};
265 $fwhostsettings{'updatesrv'}= 'on';
266 }
267 &addservice;
268 }
269 # save
270 if ($fwhostsettings{'ACTION'} eq 'savenet' )
271 {
272 my $needrules=0;
273 if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
274 #check if all fields are set
275 if ($fwhostsettings{'HOSTNAME'} eq '' || $fwhostsettings{'IP'} eq '' || $fwhostsettings{'SUBNET'} eq '')
276 {
277 $errormessage=$errormessage.$Lang::tr{'fwhost err empty'};
278 &addnet;
279 &viewtablenet;
280 }else{
281 #convert ip if leading '0' exists
282 $fwhostsettings{'IP'} = &Network::ip_remove_zero($fwhostsettings{'IP'});
283
284 #check valid ip
285 if (!&General::validipandmask($fwhostsettings{'IP'}."/".$fwhostsettings{'SUBNET'}))
286 {
287 $errormessage=$errormessage.$Lang::tr{'fwhost err addr'};
288 $fwhostsettings{'BLK_HOST'} ='readonly';
289 $fwhostsettings{'NOCHECK'} ='false';
290 $fwhostsettings{'error'} ='on';
291 }
292 #check remark
293 if ($fwhostsettings{'NETREMARK'} ne '' && !&validremark($fwhostsettings{'NETREMARK'})){
294 $errormessage=$Lang::tr{'fwhost err remark'};
295 $fwhostsettings{'error'} ='on';
296 }
297 #check if subnet is sigle host
298 if(&General::iporsubtocidr($fwhostsettings{'SUBNET'}) eq '32')
299 {
300 $errormessage=$errormessage.$Lang::tr{'fwhost err sub32'};
301 }
302 if($fwhostsettings{'error'} ne 'on'){
303 my $fullip="$fwhostsettings{'IP'}/".&General::iporsubtocidr($fwhostsettings{'SUBNET'});
304 $errormessage=$errormessage.&General::checksubnets($fwhostsettings{'HOSTNAME'},$fullip,"");
305 }
306 #only check plausi when no error till now
307 if (!$errormessage){
308 &plausicheck("editnet");
309 }
310 if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newnet'} ne 'on' && $errormessage)
311 {
312 $fwhostsettings{'actualize'} = '';
313 my $key = &General::findhasharraykey (\%customnetwork);
314 foreach my $i (0 .. 3) { $customnetwork{$key}[$i] = "";}
315 $customnetwork{$key}[0] = $fwhostsettings{'orgname'} ;
316 $customnetwork{$key}[1] = $fwhostsettings{'orgip'} ;
317 $customnetwork{$key}[2] = $fwhostsettings{'orgsub'};
318 $customnetwork{$key}[3] = $fwhostsettings{'orgnetremark'};
319 &General::writehasharray("$confignet", \%customnetwork);
320 undef %customnetwork;
321 }
322 if (!$errormessage){
323 &General::readhasharray("$confignet", \%customnetwork);
324 if ($fwhostsettings{'ACTION'} eq 'updatenet'){
325 if ($fwhostsettings{'update'} == '0'){
326 foreach my $key (keys %customnetwork) {
327 if($customnetwork{$key}[0] eq $fwhostsettings{'orgname'}){
328 delete $customnetwork{$key};
329 last;
330 }
331 }
332 }
333 }
334 #get count if actualize is 'on'
335 if($fwhostsettings{'actualize'} eq 'on'){
336 $fwhostsettings{'actualize'} = '';
337 #check if we need to reload rules
338 if($fwhostsettings{'orgip'} ne $fwhostsettings{'IP'}){
339 $needrules='on';
340 }
341 if ($fwhostsettings{'orgname'} ne $fwhostsettings{'HOSTNAME'}){
342 #check if we need to update groups
343 &General::readhasharray("$configgrp", \%customgrp);
344 foreach my $key (sort keys %customgrp){
345 if($customgrp{$key}[2] eq $fwhostsettings{'orgname'}){
346 $customgrp{$key}[2]=$fwhostsettings{'HOSTNAME'};
347 last;
348 }
349 }
350 &General::writehasharray("$configgrp", \%customgrp);
351 #check if we need to update firewallrules
352 if ( ! -z $fwconfigfwd ){
353 &General::readhasharray("$fwconfigfwd", \%fwfwd);
354 foreach my $line (sort keys %fwfwd){
355 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
356 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
357 }
358 if ($fwfwd{$line}[6] eq $fwhostsettings{'orgname'}){
359 $fwfwd{$line}[6] = $fwhostsettings{'HOSTNAME'};
360 }
361 }
362 &General::writehasharray("$fwconfigfwd", \%fwfwd);
363 }
364 if ( ! -z $fwconfiginp ){
365 &General::readhasharray("$fwconfiginp", \%fwinp);
366 foreach my $line (sort keys %fwinp){
367 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
368 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
369 }
370 }
371 &General::writehasharray("$fwconfiginp", \%fwinp);
372 }
373 }
374 }
375 my $key = &General::findhasharraykey (\%customnetwork);
376 foreach my $i (0 .. 3) { $customnetwork{$key}[$i] = "";}
377 $fwhostsettings{'SUBNET'} = &General::iporsubtocidr($fwhostsettings{'SUBNET'});
378 $customnetwork{$key}[0] = $fwhostsettings{'HOSTNAME'};
379 $customnetwork{$key}[1] = &General::getnetworkip($fwhostsettings{'IP'},$fwhostsettings{'SUBNET'}) ;
380 $customnetwork{$key}[2] = &General::iporsubtodec($fwhostsettings{'SUBNET'}) ;
381 $customnetwork{$key}[3] = $fwhostsettings{'NETREMARK'};
382 &General::writehasharray("$confignet", \%customnetwork);
383 $fwhostsettings{'IP'}=$fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
384 undef %customnetwork;
385 $fwhostsettings{'HOSTNAME'}='';
386 $fwhostsettings{'IP'}='';
387 $fwhostsettings{'SUBNET'}='';
388 $fwhostsettings{'NETREMARK'}='';
389 #check if an edited net affected groups and need to reload rules
390 if ($needrules eq 'on'){
391 &General::firewall_config_changed();
392 }
393 &addnet;
394 &viewtablenet;
395 }else{
396 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
397 &addnet;
398 &viewtablenet;
399 }
400 }
401 }
402 if ($fwhostsettings{'ACTION'} eq 'savehost')
403 {
404 my $needrules=0;
405 if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
406 $fwhostsettings{'SUBNET'}='32';
407 #check if all fields are set
408 if ($fwhostsettings{'HOSTNAME'} eq '' || $fwhostsettings{'IP'} eq '' || $fwhostsettings{'SUBNET'} eq '')
409 {
410 $errormessage=$errormessage.$Lang::tr{'fwhost err empty'};
411 $fwhostsettings{'ACTION'} = 'edithost';
412 }else{
413 if($fwhostsettings{'IP'}=~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/){
414 $fwhostsettings{'type'} = 'mac';
415 }elsif($fwhostsettings{'IP'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
416 $fwhostsettings{'type'} = 'ip';
417 }else{
418 $fwhostsettings{'type'} = '';
419 $errormessage=$Lang::tr{'fwhost err ipmac'};
420 }
421 #check remark
422 if ($fwhostsettings{'HOSTREMARK'} ne '' && !&validremark($fwhostsettings{'HOSTREMARK'})){
423 $errormessage=$Lang::tr{'fwhost err remark'};
424 }
425 #CHECK IP-PART
426 if ($fwhostsettings{'type'} eq 'ip'){
427 #convert ip if leading '0' exists
428 $fwhostsettings{'IP'} = &Network::ip_remove_zero($fwhostsettings{'IP'});
429
430 #check for subnet
431 if (rindex($fwhostsettings{'IP'},'/') eq '-1' ){
432 if($fwhostsettings{'type'} eq 'ip' && !&General::validipandmask($fwhostsettings{'IP'}."/32"))
433 {
434 $errormessage.=$errormessage.$Lang::tr{'fwhost err ip'};
435 $fwhostsettings{'error'}='on';
436 }
437 }elsif(rindex($fwhostsettings{'IP'},'/') ne '-1' ){
438 $errormessage=$errormessage.$Lang::tr{'fwhost err ipwithsub'};
439 $fwhostsettings{'error'}='on';
440 }
441 #check if net or broadcast
442 my @tmp= split (/\./,$fwhostsettings{'IP'});
443 if (($tmp[3] eq "0") || ($tmp[3] eq "255")){
444 $errormessage=$Lang::tr{'fwhost err hostip'};
445 }
446 }
447 #only check plausi when no error till now
448 if (!$errormessage){
449 &plausicheck("edithost");
450 }
451 if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newhost'} ne 'on' && $errormessage){
452 $fwhostsettings{'actualize'} = '';
453 my $key = &General::findhasharraykey (\%customhost);
454 foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";}
455 $customhost{$key}[0] = $fwhostsettings{'orgname'} ;
456 $customhost{$key}[1] = $fwhostsettings{'type'} ;
457 if($customhost{$key}[1] eq 'ip'){
458 $customhost{$key}[2] = $fwhostsettings{'orgip'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
459 }else{
460 $customhost{$key}[2] = $fwhostsettings{'orgip'};
461 }
462 $customhost{$key}[3] = $fwhostsettings{'orgremark'};
463 &General::writehasharray("$confighost", \%customhost);
464 undef %customhost;
465 }
466 if (!$errormessage){
467 #get count if host was edited
468 if($fwhostsettings{'actualize'} eq 'on'){
469 if($fwhostsettings{'orgip'} ne $fwhostsettings{'IP'}){
470 $needrules='on';
471 }
472 if($fwhostsettings{'orgname'} ne $fwhostsettings{'HOSTNAME'}){
473 #check if we need to update groups
474 &General::readhasharray("$configgrp", \%customgrp);
475 foreach my $key (sort keys %customgrp){
476 if($customgrp{$key}[2] eq $fwhostsettings{'orgname'}){
477 $customgrp{$key}[2]=$fwhostsettings{'HOSTNAME'};
478 }
479 }
480 &General::writehasharray("$configgrp", \%customgrp);
481 #check if we need to update firewallrules
482 if ( ! -z $fwconfigfwd ){
483 &General::readhasharray("$fwconfigfwd", \%fwfwd);
484 foreach my $line (sort keys %fwfwd){
485 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
486 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
487 }
488 if ($fwfwd{$line}[6] eq $fwhostsettings{'orgname'}){
489 $fwfwd{$line}[6] = $fwhostsettings{'HOSTNAME'};
490 }
491 }
492 &General::writehasharray("$fwconfigfwd", \%fwfwd);
493 }
494 if ( ! -z $fwconfiginp ){
495 &General::readhasharray("$fwconfiginp", \%fwinp);
496 foreach my $line (sort keys %fwinp){
497 if ($fwfwd{$line}[4] eq $fwhostsettings{'orgname'}){
498 $fwfwd{$line}[4] = $fwhostsettings{'HOSTNAME'};
499 }
500 }
501 &General::writehasharray("$fwconfiginp", \%fwinp);
502 }
503 }
504 }
505 my $key = &General::findhasharraykey (\%customhost);
506 foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";}
507 $customhost{$key}[0] = $fwhostsettings{'HOSTNAME'} ;
508 $customhost{$key}[1] = $fwhostsettings{'type'} ;
509 if ($fwhostsettings{'type'} eq 'ip'){
510 $customhost{$key}[2] = $fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
511 }else{
512 $customhost{$key}[2] = $fwhostsettings{'IP'};
513 }
514 $customhost{$key}[3] = $fwhostsettings{'HOSTREMARK'};
515 &General::writehasharray("$confighost", \%customhost);
516 undef %customhost;
517 $fwhostsettings{'HOSTNAME'}='';
518 $fwhostsettings{'IP'}='';
519 $fwhostsettings{'type'}='';
520 $fwhostsettings{'HOSTREMARK'}='';
521 #check if we need to update rules while host was edited
522 if($needrules eq 'on'){
523 &General::firewall_config_changed();
524 }
525 &addhost;
526 &viewtablehost;
527 }else{
528 &addhost;
529 &viewtablehost;
530 }
531 }
532 }
533 if ($fwhostsettings{'ACTION'} eq 'savegrp')
534 {
535 my $grp=$fwhostsettings{'grp_name'};
536 my $rem=$fwhostsettings{'remark'};
537 my $count;
538 my $type;
539 my $updcounter='off';
540 my @target;
541 my @newgrp;
542 &General::readhasharray("$configgrp", \%customgrp);
543 &General::readhasharray("$confignet", \%customnetwork);
544 &General::readhasharray("$confighost", \%customhost);
545 &General::readhasharray("$fwconfigfwd", \%fwfwd);
546 &General::readhasharray("$fwconfiginp", \%fwinp);
547 &General::readhasharray("$fwconfigout", \%fwout);
548 #check name
549 if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
550 #check existing name
551 if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){$errormessage.=$Lang::tr{'fwhost err grpexist'};}
552 #check remark
553 if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){
554 $errormessage.=$Lang::tr{'fwhost err remark'};
555 }
556 if ($fwhostsettings{'update'} eq 'on'){
557 #check standard networks
558 if ($fwhostsettings{'grp2'} eq 'std_net'){
559 @target=$fwhostsettings{'DEFAULT_SRC_ADR'};
560 $type='Standard Network';
561 }
562 #check custom networks
563 if ($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} ne ''){
564 @target=$fwhostsettings{'CUST_SRC_NET'};
565 $updcounter='net';
566 $type='Custom Network';
567 }elsif($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} eq ''){
568 $errormessage=$Lang::tr{'fwhost err groupempty'}."<br>";
569 $fwhostsettings{'grp_name'}='';
570 $fwhostsettings{'remark'}='';
571 }
572 #check custom addresses
573 if ($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} ne ''){
574 @target=$fwhostsettings{'CUST_SRC_HOST'};
575 $updcounter='host';
576 $type='Custom Host';
577 }elsif($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} eq ''){
578 $errormessage=$Lang::tr{'fwhost err groupempty'}."<br>";
579 $fwhostsettings{'grp_name'}='';
580 $fwhostsettings{'remark'}='';
581 }
582 #get address from ovpn ccd static net
583 if ($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} ne ''){
584 @target=$fwhostsettings{'OVPN_CCD_NET'};
585 $type='OpenVPN static network';
586 }elsif($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} eq ''){
587 $errormessage=$Lang::tr{'fwhost err groupempty'};
588 $fwhostsettings{'grp_name'}='';
589 $fwhostsettings{'remark'}='';
590 }
591 #get address from ovpn ccd static host
592 if ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} ne ''){
593 @target=$fwhostsettings{'OVPN_CCD_HOST'};
594 $type='OpenVPN static host';
595 }elsif ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} eq ''){
596 $errormessage=$Lang::tr{'fwhost err groupempty'};
597 }
598 #get address from ovpn ccd Net-2-Net
599 if ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} ne ''){
600 @target=$fwhostsettings{'OVPN_N2N'};
601 $type='OpenVPN N-2-N';
602 }elsif ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} eq ''){
603 $errormessage=$Lang::tr{'fwhost err groupempty'};
604 $fwhostsettings{'grp_name'}='';
605 $fwhostsettings{'remark'}='';
606 }
607 #get address from IPSEC HOST
608 if ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} ne ''){
609 @target=$fwhostsettings{'IPSEC_HOST'};
610 $type='IpSec Host';
611 }elsif ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} eq ''){
612 $errormessage=$Lang::tr{'fwhost err groupempty'};
613 $fwhostsettings{'grp_name'}='';
614 $fwhostsettings{'remark'}='';
615 }
616 #get address from IPSEC NETWORK
617 if ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} ne ''){
618 @target=$fwhostsettings{'IPSEC_NET'};
619 $type='IpSec Network';
620 }elsif ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} eq ''){
621 $errormessage=$Lang::tr{'fwhost err groupempty'};
622 $fwhostsettings{'grp_name'}='';
623 $fwhostsettings{'remark'}='';
624 }
625 #check if host/net exists in grp
626
627 my $test="$grp,$fwhostsettings{'oldremark'},@target,$type";
628 foreach my $key (keys %customgrp) {
629 my $test1="$customgrp{$key}[0],$customgrp{$key}[1],$customgrp{$key}[2],$customgrp{$key}[3]";
630 if ($test1 eq $test){
631 $errormessage=$Lang::tr{'fwhost err isingrp'};
632 $fwhostsettings{'update'} = 'on';
633 }
634 }
635 }
636
637 if (!$errormessage){
638 #on first save, we have an empty @target, so fill it with nothing
639 my $targetvalues=@target;
640 if ($targetvalues == '0'){
641 @target="none";
642 }
643 #on update, we have to delete the dummy entry
644 foreach my $key (keys %customgrp){
645 if ($customgrp{$key}[0] eq $grp && $customgrp{$key}[2] eq "none"){
646 delete $customgrp{$key};
647 last;
648 }
649 }
650 &General::writehasharray("$configgrp", \%customgrp);
651 &General::readhasharray("$configgrp", \%customgrp);
652 #create array with new lines
653 foreach my $line (@target){
654 push (@newgrp,"$grp,$rem,$line");
655 }
656 #append new entries
657 my $key = &General::findhasharraykey (\%customgrp);
658 foreach my $line (@newgrp){
659 foreach my $i (0 .. 3) { $customgrp{$key}[$i] = "";}
660 my ($a,$b,$c,$d) = split (",",$line);
661 $customgrp{$key}[0] = $a;
662 $customgrp{$key}[1] = $b;
663 $customgrp{$key}[2] = $c;
664 $customgrp{$key}[3] = $type;
665 }
666 &General::writehasharray("$configgrp", \%customgrp);
667 #update counter in Host/Net
668 $fwhostsettings{'update'}='on';
669 }
670 #check if ruleupdate is needed
671 my $netgrpcount=0;
672 $netgrpcount=&getnetcount($grp);
673 if($netgrpcount > 0 )
674 {
675 &General::firewall_config_changed();
676 }
677 &addgrp;
678 &viewtablegrp;
679 }
680 if ($fwhostsettings{'ACTION'} eq 'savegeoipgrp')
681 {
682 my $grp=$fwhostsettings{'grp_name'};
683 my $rem=$fwhostsettings{'remark'};
684 my $count;
685 my $type;
686 my @target;
687 my @newgrp;
688 &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
689 &General::readhasharray("$fwconfigfwd", \%fwfwd);
690 &General::readhasharray("$fwconfiginp", \%fwinp);
691 &General::readhasharray("$fwconfigout", \%fwout);
692
693 # Check for existing group name.
694 if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){
695 $errormessage = $Lang::tr{'fwhost err grpexist'};
696 }
697
698 # Check remark.
699 if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){
700 $errormessage = $Lang::tr{'fwhost err remark'};
701 }
702
703 if ($fwhostsettings{'update'} eq 'on'){
704 @target=$fwhostsettings{'COUNTRY_CODE'};
705 $type='GeoIP Group';
706
707 #check if host/net exists in grp
708 my $test="$grp,$fwhostsettings{'oldremark'},@target";
709 foreach my $key (keys %customgeoipgrp) {
710 my $test1="$customgeoipgrp{$key}[0],$customgeoipgrp{$key}[1],$customgeoipgrp{$key}[2]";
711 if ($test1 eq $test){
712 $errormessage=$Lang::tr{'fwhost err isingrp'};
713 $fwhostsettings{'update'} = 'on';
714 }
715 }
716 }
717
718 if (!$errormessage){
719 #on first save, we have an empty @target, so fill it with nothing
720 my $targetvalues=@target;
721 if ($targetvalues == '0'){
722 @target="none";
723 }
724 #on update, we have to delete the dummy entry
725 foreach my $key (keys %customgeoipgrp){
726 if ($customgeoipgrp{$key}[0] eq $grp && $customgeoipgrp{$key}[2] eq "none"){
727 delete $customgeoipgrp{$key};
728 last;
729 }
730 }
731 &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
732 &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
733 #create array with new lines
734 foreach my $line (@target){
735 push (@newgrp,"$grp,$rem,$line");
736 }
737 #append new entries
738 my $key = &General::findhasharraykey (\%customgeoipgrp);
739 foreach my $line (@newgrp){
740 foreach my $i (0 .. 3) { $customgeoipgrp{$key}[$i] = "";}
741 my ($a,$b,$c,$d) = split (",",$line);
742 $customgeoipgrp{$key}[0] = $a;
743 $customgeoipgrp{$key}[1] = $b;
744 $customgeoipgrp{$key}[2] = $c;
745 $customgeoipgrp{$key}[3] = $type;
746 }
747 &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
748 #update counter in Host/Net
749 $fwhostsettings{'update'}='on';
750 }
751 #check if ruleupdate is needed
752 my $geoipgrpcount=0;
753 $geoipgrpcount=&getgeoipcount($grp);
754 if($geoipgrpcount > 0 )
755 {
756 &General::firewall_config_changed();
757 }
758 &addgeoipgrp;
759 &viewtablegeoipgrp;
760 }
761 if ($fwhostsettings{'ACTION'} eq 'saveservice')
762 {
763 my $ICMP;
764 &General::readhasharray("$configsrv", \%customservice );
765 &General::readhasharray("$configgrp", \%customgrp);
766 $errormessage=&checkports(\%customservice);
767 if ($fwhostsettings{'PROT'} eq 'ICMP'){
768 &General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
769 foreach my $key (keys %icmptypes){
770 if ("$icmptypes{$key}[0] ($icmptypes{$key}[1])" eq $fwhostsettings{'ICMP_TYPES'}){
771 $ICMP=$icmptypes{$key}[0];
772 }
773 }
774 }
775 if($ICMP eq ''){$ICMP=$fwhostsettings{'ICMP_TYPES'};}
776 if ($fwhostsettings{'PROT'} ne 'ICMP'){$ICMP='BLANK';}
777 #Check if a group with the same name already exists
778 if (!&checkgroup($fwhostsettings{'SRV_NAME'})){
779 $errormessage = $Lang::tr{'fwhost err grpexist'};
780 }
781 if (!$errormessage){
782 my $key = &General::findhasharraykey (\%customservice);
783 foreach my $i (0 .. 4) { $customservice{$key}[$i] = "";}
784 $customservice{$key}[0] = $fwhostsettings{'SRV_NAME'};
785 $customservice{$key}[1] = $fwhostsettings{'SRV_PORT'};
786 $customservice{$key}[2] = $fwhostsettings{'PROT'};
787 $customservice{$key}[3] = $ICMP;
788 &General::writehasharray("$configsrv", \%customservice );
789 #reset fields
790 $fwhostsettings{'SRV_NAME'}='';
791 $fwhostsettings{'SRV_PORT'}='';
792 $fwhostsettings{'PROT'}='';
793 $fwhostsettings{'ICMP_TYPES'}='';
794 }
795 &addservice;
796 }
797 if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
798 {
799 my $prot;
800 my $port;
801 my $tcpcounter=0;
802 my $udpcounter=0;
803 &General::readhasharray("$configsrvgrp", \%customservicegrp );
804 &General::readhasharray("$configsrv", \%customservice );
805 $errormessage=&checkservicegroup;
806 #Check if we have more than 15 services from one Protocol in the group
807 #iptables can only handle 15 ports/portranges via multiport
808 foreach my $key (keys %customservicegrp){
809 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){
810 foreach my $key1 (keys %customservice){
811 $tcpcounter++ if $customservice{$key1}[2] eq 'TCP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0];
812 $tcpcounter++ if $customservice{$key1}[2] eq 'TCP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0] && $customservice{$key1}[1] =~m/:/i;
813 $udpcounter++ if $customservice{$key1}[2] eq 'UDP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0];
814 $udpcounter++ if $customservice{$key1}[2] eq 'UDP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0] && $customservice{$key1}[1] =~m/:/i;
815 }
816 }
817 }
818 if ($tcpcounter > 14){
819 $errormessage=$Lang::tr{'fwhost err maxservicetcp'};
820 }
821 if ($udpcounter > 14){
822 $errormessage=$Lang::tr{'fwhost err maxserviceudp'};
823 }
824 $tcpcounter=0;
825 $udpcounter=0;
826 #check remark
827 if ($fwhostsettings{'SRVGRP_REMARK'} ne '' && !&validremark($fwhostsettings{'SRVGRP_REMARK'})){
828 $errormessage .= $Lang::tr{'fwhost err remark'};
829 }
830 #Check if there is already a service with the same name
831 if(!&checkservice($fwhostsettings{'SRVGRP_NAME'})){
832 $errormessage .= $Lang::tr{'fwhost err srv exists'};
833 }
834 if (!$errormessage){
835 #on first save, we have to enter a dummy value
836 if ($fwhostsettings{'CUST_SRV'} eq ''){
837 $fwhostsettings{'CUST_SRV'}='none';
838 }
839 #on update, we have to delete the dummy entry
840 foreach my $key (keys %customservicegrp){
841 if ($customservicegrp{$key}[2] eq 'none' && $customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){
842 delete $customservicegrp{$key};
843 last;
844 }
845 }
846 &General::writehasharray("$configsrvgrp", \%customservicegrp );
847 #check if remark has also changed
848 if ($fwhostsettings{'SRVGRP_REMARK'} ne $fwhostsettings{'oldsrvgrpremark'} && $fwhostsettings{'updatesrvgrp'} eq 'on')
849 {
850 foreach my $key (keys %customservicegrp)
851 {
852 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvgrpremark'})
853 {
854 $customservicegrp{$key}[1]='';
855 $customservicegrp{$key}[1]=$fwhostsettings{'SRVGRP_REMARK'};
856 }
857 }
858 }
859 my $key = &General::findhasharraykey (\%customservicegrp);
860 foreach my $i (0 .. 2) { $customservice{$key}[$i] = "";}
861 $customservicegrp{$key}[0] = $fwhostsettings{'SRVGRP_NAME'};
862 $customservicegrp{$key}[1] = $fwhostsettings{'SRVGRP_REMARK'};
863 $customservicegrp{$key}[2] = $fwhostsettings{'CUST_SRV'};
864 &General::writehasharray("$configsrvgrp", \%customservicegrp );
865 $fwhostsettings{'updatesrvgrp'}='on';
866 }
867 &checkrulereload($fwhostsettings{'SRVGRP_NAME'});
868 &addservicegrp;
869 &viewtableservicegrp;
870 }
871 # edit
872 if ($fwhostsettings{'ACTION'} eq 'editnet')
873 {
874 &addnet;
875 &viewtablenet;
876 }
877 if ($fwhostsettings{'ACTION'} eq 'edithost')
878 {
879 &addhost;
880 &viewtablehost;
881 }
882 if ($fwhostsettings{'ACTION'} eq 'editgrp')
883 {
884 $fwhostsettings{'update'}='on';
885 &addgrp;
886 &viewtablegrp;
887 }
888 if ($fwhostsettings{'ACTION'} eq 'editgeoipgrp')
889 {
890 $fwhostsettings{'update'}='on';
891 &addgeoipgrp;
892 &viewtablegeoipgrp;
893 }
894 if ($fwhostsettings{'ACTION'} eq 'editservice')
895 {
896 $fwhostsettings{'updatesrv'}='on';
897 &addservice;
898 }
899 if ($fwhostsettings{'ACTION'} eq 'editservicegrp')
900 {
901 $fwhostsettings{'updatesrvgrp'} = 'on';
902 &addservicegrp;
903 &viewtableservicegrp;
904 }
905 # reset
906 if ($fwhostsettings{'ACTION'} eq 'resetnet')
907 {
908 $fwhostsettings{'HOSTNAME'} ="";
909 $fwhostsettings{'IP'} ="";
910 $fwhostsettings{'SUBNET'} ="";
911 &showmenu;
912 }
913 if ($fwhostsettings{'ACTION'} eq 'resethost')
914 {
915 $fwhostsettings{'HOSTNAME'} ="";
916 $fwhostsettings{'IP'} ="";
917 $fwhostsettings{'type'} ="";
918 &showmenu;
919 }
920 if ($fwhostsettings{'ACTION'} eq 'resetgrp')
921 {
922 $fwhostsettings{'grp_name'} ="";
923 $fwhostsettings{'remark'} ="";
924 &showmenu;
925 }
926 if ($fwhostsettings{'ACTION'} eq 'resetgeoipgrp')
927 {
928 $fwhostsettings{'grp_name'} ="";
929 $fwhostsettings{'remark'} ="";
930 &showmenu;
931 }
932 # delete
933 if ($fwhostsettings{'ACTION'} eq 'delnet')
934 {
935 &General::readhasharray("$confignet", \%customnetwork);
936 foreach my $key (keys %customnetwork) {
937 if($fwhostsettings{'key'} eq $customnetwork{$key}[0]){
938 delete $customnetwork{$key};
939 &General::writehasharray("$confignet", \%customnetwork);
940 last;
941 }
942 }
943 &addnet;
944 &viewtablenet;
945 }
946 if ($fwhostsettings{'ACTION'} eq 'delhost')
947 {
948 &General::readhasharray("$confighost", \%customhost);
949 foreach my $key (keys %customhost) {
950 if($fwhostsettings{'key'} eq $customhost{$key}[0]){
951 delete $customhost{$key};
952 &General::writehasharray("$confighost", \%customhost);
953 last;
954 }
955 }
956 &addhost;
957 &viewtablehost;
958 }
959 if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
960 {
961 my $grpremark;
962 my $grpname;
963 &General::readhasharray("$configgrp", \%customgrp);
964 foreach my $key (keys %customgrp){
965 if($customgrp{$key}[0].",".$customgrp{$key}[1].",".$customgrp{$key}[2].",".$customgrp{$key}[3] eq $fwhostsettings{'delhost'}){
966 $grpname=$customgrp{$key}[0];
967 $grpremark=$customgrp{$key}[1];
968 #check if we delete the last entry, then generate dummy
969 if ($fwhostsettings{'last'} eq 'on'){
970 $customgrp{$key}[1] = '';
971 $customgrp{$key}[2] = 'none';
972 $customgrp{$key}[3] = '';
973 $fwhostsettings{'last'}='';
974 last;
975 }else{
976 delete $customgrp{$key};
977 }
978 }
979 }
980 &General::writehasharray("$configgrp", \%customgrp);
981 &General::firewall_config_changed();
982 if ($fwhostsettings{'update'} eq 'on'){
983 $fwhostsettings{'remark'}= $grpremark;
984 $fwhostsettings{'grp_name'}=$grpname;
985 }
986 &addgrp;
987 &viewtablegrp;
988 }
989 if ($fwhostsettings{'ACTION'} eq 'deletegeoipgrpentry')
990 {
991 my $grpremark;
992 my $grpname;
993 &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
994 foreach my $key (keys %customgeoipgrp){
995 if($customgeoipgrp{$key}[0].",".$customgeoipgrp{$key}[1].",".$customgeoipgrp{$key}[2].",".$customgeoipgrp{$key}[3] eq $fwhostsettings{'delentry'}){
996 $grpname=$customgeoipgrp{$key}[0];
997 $grpremark=$customgeoipgrp{$key}[1];
998 #check if we delete the last entry, then generate dummy
999 if ($fwhostsettings{'last'} eq 'on'){
1000 $customgeoipgrp{$key}[1] = '';
1001 $customgeoipgrp{$key}[2] = 'none';
1002 $customgeoipgrp{$key}[3] = '';
1003 $fwhostsettings{'last'}='';
1004 last;
1005 }else{
1006 delete $customgeoipgrp{$key};
1007 }
1008 }
1009 }
1010 &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
1011 &General::firewall_config_changed();
1012 if ($fwhostsettings{'update'} eq 'on'){
1013 $fwhostsettings{'remark'}= $grpremark;
1014 $fwhostsettings{'grp_name'}=$grpname;
1015 }
1016 &addgeoipgrp;
1017 &viewtablegeoipgrp;
1018 }
1019
1020 if ($fwhostsettings{'ACTION'} eq 'delgrp')
1021 {
1022 &General::readhasharray("$configgrp", \%customgrp);
1023 &decrease($fwhostsettings{'grp_name'});
1024 foreach my $key (sort keys %customgrp)
1025 {
1026 if($customgrp{$key}[0] eq $fwhostsettings{'grp_name'})
1027 {
1028 delete $customgrp{$key};
1029 }
1030 }
1031 &General::writehasharray("$configgrp", \%customgrp);
1032 $fwhostsettings{'grp_name'}='';
1033 &addgrp;
1034 &viewtablegrp;
1035 }
1036 if ($fwhostsettings{'ACTION'} eq 'delgeoipgrp')
1037 {
1038 &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
1039 &decrease($fwhostsettings{'grp_name'});
1040 foreach my $key (sort keys %customgeoipgrp)
1041 {
1042 if($customgeoipgrp{$key}[0] eq $fwhostsettings{'grp_name'})
1043 {
1044 delete $customgeoipgrp{$key};
1045 }
1046 }
1047 &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
1048 $fwhostsettings{'grp_name'}='';
1049 &addgeoipgrp;
1050 &viewtablegeoipgrp;
1051 }
1052 if ($fwhostsettings{'ACTION'} eq 'delservice')
1053 {
1054 &General::readhasharray("$configsrv", \%customservice);
1055 foreach my $key (keys %customservice) {
1056 if($customservice{$key}[0] eq $fwhostsettings{'SRV_NAME'}){
1057 delete $customservice{$key};
1058 &General::writehasharray("$configsrv", \%customservice);
1059 last;
1060 }
1061 }
1062 $fwhostsettings{'SRV_NAME'}='';
1063 $fwhostsettings{'SRV_PORT'}='';
1064 $fwhostsettings{'PROT'}='';
1065 &addservice;
1066 }
1067 if ($fwhostsettings{'ACTION'} eq 'delservicegrp')
1068 {
1069 &General::readhasharray("$configsrvgrp", \%customservicegrp);
1070 &decreaseservice($fwhostsettings{'SRVGRP_NAME'});
1071 foreach my $key (sort keys %customservicegrp)
1072 {
1073 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'})
1074 {
1075 delete $customservicegrp{$key};
1076 }
1077 }
1078 &General::writehasharray("$configsrvgrp", \%customservicegrp);
1079 $fwhostsettings{'SRVGRP_NAME'}='';
1080 &addservicegrp;
1081 &viewtableservicegrp;
1082 }
1083 if ($fwhostsettings{'ACTION'} eq 'delgrpservice')
1084 {
1085 my $grpname;
1086 my $grpremark;
1087 &General::readhasharray("$configsrvgrp", \%customservicegrp);
1088 foreach my $key (keys %customservicegrp){
1089 if($customservicegrp{$key}[0].",".$customservicegrp{$key}[1].",".$customservicegrp{$key}[2] eq $fwhostsettings{'delsrvfromgrp'})
1090 {
1091 $grpname=$customservicegrp{$key}[0];
1092 $grpremark=$customservicegrp{$key}[1];
1093 if($fwhostsettings{'last'} eq 'on'){
1094 $customservicegrp{$key}[2] = 'none';
1095 $fwhostsettings{'last'} = '';
1096 last;
1097 }else{
1098 delete $customservicegrp{$key};
1099 }
1100 }
1101 }
1102 &General::writehasharray("$configsrvgrp", \%customservicegrp);
1103 &General::firewall_config_changed();
1104 if ($fwhostsettings{'updatesrvgrp'} eq 'on'){
1105 $fwhostsettings{'SRVGRP_NAME'}=$grpname;
1106 $fwhostsettings{'SRVGRP_REMARK'}=$grpremark;
1107 }
1108 &addservicegrp;
1109 &viewtableservicegrp;
1110 }
1111 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newnet'})
1112 {
1113 &addnet;
1114 &viewtablenet;
1115 }
1116 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newhost'})
1117 {
1118 &addhost;
1119 &viewtablehost;
1120 }
1121 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newgrp'})
1122 {
1123 &addgrp;
1124 &viewtablegrp;
1125 }
1126 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newgeoipgrp'})
1127 {
1128 &addgeoipgrp;
1129 &viewtablegeoipgrp;
1130 }
1131 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservice'})
1132 {
1133 &addservice;
1134 }
1135 if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservicegrp'})
1136 {
1137 &addservicegrp;
1138 &viewtableservicegrp;
1139 }
1140 if ($fwhostsettings{'ACTION'} eq 'changegrpremark')
1141 {
1142 &General::readhasharray("$configgrp", \%customgrp);
1143 if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){
1144 foreach my $key (sort keys %customgrp)
1145 {
1146 if($customgrp{$key}[0] eq $fwhostsettings{'grp'} && $customgrp{$key}[1] eq $fwhostsettings{'oldrem'})
1147 {
1148 $customgrp{$key}[1]='';
1149 $customgrp{$key}[1]=$fwhostsettings{'newrem'};
1150 }
1151 }
1152 &General::writehasharray("$configgrp", \%customgrp);
1153 $fwhostsettings{'update'}='on';
1154 $fwhostsettings{'remark'}=$fwhostsettings{'newrem'};
1155 }else{
1156 $errormessage=$Lang::tr{'fwhost err remark'};
1157 $fwhostsettings{'remark'}=$fwhostsettings{'oldrem'};
1158 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1159 $fwhostsettings{'update'} = 'on';
1160 }
1161 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1162 &addgrp;
1163 &viewtablegrp;
1164 }
1165 if ($fwhostsettings{'ACTION'} eq 'changegeoipgrpremark')
1166 {
1167 &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
1168 if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){
1169 foreach my $key (sort keys %customgeoipgrp)
1170 {
1171 if($customgeoipgrp{$key}[0] eq $fwhostsettings{'grp'} && $customgeoipgrp{$key}[1] eq $fwhostsettings{'oldrem'})
1172 {
1173 $customgeoipgrp{$key}[1]='';
1174 $customgeoipgrp{$key}[1]=$fwhostsettings{'newrem'};
1175 }
1176 }
1177 &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
1178 $fwhostsettings{'update'}='on';
1179 $fwhostsettings{'remark'}=$fwhostsettings{'newrem'};
1180 }else{
1181 $errormessage=$Lang::tr{'fwhost err remark'};
1182 $fwhostsettings{'remark'}=$fwhostsettings{'oldrem'};
1183 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1184 $fwhostsettings{'update'} = 'on';
1185 }
1186 $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
1187 &addgeoipgrp;
1188 &viewtablegeoipgrp;
1189 }
1190 if ($fwhostsettings{'ACTION'} eq 'changesrvgrpremark')
1191 {
1192 &General::readhasharray("$configsrvgrp", \%customservicegrp );
1193 if ($fwhostsettings{'oldsrvrem'} ne $fwhostsettings{'newsrvrem'} && (&validremark($fwhostsettings{'newsrvrem'}) || $fwhostsettings{'newsrvrem'} eq '')){
1194 foreach my $key (sort keys %customservicegrp)
1195 {
1196 if($customservicegrp{$key}[0] eq $fwhostsettings{'srvgrp'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvrem'})
1197 {
1198 $customservicegrp{$key}[1]='';
1199 $customservicegrp{$key}[1]=$fwhostsettings{'newsrvrem'};
1200 }
1201 }
1202 &General::writehasharray("$configsrvgrp", \%customservicegrp);
1203 $fwhostsettings{'updatesrvgrp'}='on';
1204 $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'newsrvrem'};
1205 }elsif($fwhostsettings{'oldsrvrem'} eq $fwhostsettings{'newsrvrem'}){
1206 &addservicegrp;
1207 &viewtableservicegrp;
1208 }else{
1209 $errormessage=$Lang::tr{'fwhost err remark'};
1210 $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'oldsrvrem'};
1211 $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'};
1212 $fwhostsettings{'updatesrvgrp'} = 'on';
1213 }
1214 $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'};
1215 &addservicegrp;
1216 &viewtableservicegrp;
1217 }
1218 if ($fwhostsettings{'ACTION'} eq 'changesrvgrpname')
1219 {
1220 &General::readhasharray("$configsrvgrp", \%customservicegrp );
1221 if ($fwhostsettings{'oldsrvgrpname'} ne $fwhostsettings{'srvgrp'}){
1222 #Check new groupname
1223 if (!&validhostname($fwhostsettings{'srvgrp'})){
1224 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
1225 }
1226 if (!$errormessage){
1227 #Rename group in customservicegroup
1228 foreach my $key (keys %customservicegrp) {
1229 if($customservicegrp{$key}[0] eq $fwhostsettings{'oldsrvgrpname'}){
1230 $customservicegrp{$key}[0]=$fwhostsettings{'srvgrp'};
1231 }
1232 }
1233 &General::writehasharray("$configsrvgrp", \%customservicegrp );
1234 #change name in FW Rules
1235 &changenameinfw($fwhostsettings{'oldsrvgrpname'},$fwhostsettings{'srvgrp'},15);
1236 }
1237 }
1238 &addservicegrp;
1239 &viewtableservicegrp;
1240 }
1241 if ($fwhostsettings{'ACTION'} eq 'changegrpname')
1242 {
1243 &General::readhasharray("$configgrp", \%customgrp );
1244 if ($fwhostsettings{'oldgrpname'} ne $fwhostsettings{'grp'}){
1245 #Check new groupname
1246 if (!&validhostname($fwhostsettings{'grp'})){
1247 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
1248 }
1249 if (!$errormessage){
1250 #Rename group in customservicegroup
1251 foreach my $key (keys %customgrp) {
1252 if($customgrp{$key}[0] eq $fwhostsettings{'oldgrpname'}){
1253 $customgrp{$key}[0]=$fwhostsettings{'grp'};
1254 }
1255 }
1256 &General::writehasharray("$configgrp", \%customgrp );
1257 #change name in FW Rules
1258 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},6);
1259 }
1260 }
1261 &addgrp;
1262 &viewtablegrp;
1263 }
1264 if ($fwhostsettings{'ACTION'} eq 'changegeoipgrpname')
1265 {
1266 &General::readhasharray("$configgeoipgrp", \%customgeoipgrp );
1267 if ($fwhostsettings{'oldgrpname'} ne $fwhostsettings{'grp'}){
1268 #Check new groupname
1269 if (!&validhostname($fwhostsettings{'grp'})){
1270 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
1271 }
1272 if (!$errormessage){
1273 # Rename group.
1274 foreach my $key (keys %customgeoipgrp) {
1275 if($customgeoipgrp{$key}[0] eq $fwhostsettings{'oldgrpname'}){
1276 $customgeoipgrp{$key}[0]=$fwhostsettings{'grp'};
1277 }
1278 }
1279 &General::writehasharray("$configgeoipgrp", \%customgeoipgrp );
1280 #change name in FW Rules
1281 &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},6);
1282 }
1283 }
1284 &addgeoipgrp;
1285 &viewtablegeoipgrp;
1286 }
1287 ### VIEW ###
1288 if($fwhostsettings{'ACTION'} eq '')
1289 {
1290 &showmenu;
1291 }
1292 ### FUNCTIONS ###
1293 sub showmenu {
1294 &Header::openbox('100%', 'left',);
1295 print "$Lang::tr{'fwhost welcome'}";
1296 print<<END;
1297 <br><br><table border='0' width='100%'>
1298 <tr><td><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newnet'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newhost'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgrp'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgeoipgrp'}' ></form></td>
1299 <td align='right'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservice'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservicegrp'}' ></form></td></tr>
1300 <tr><td colspan='6'></td></tr></table>
1301 END
1302 &Header::closebox();
1303
1304 }
1305 # Add
1306 sub addnet
1307 {
1308 &error;
1309 &showmenu;
1310 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addnet'});
1311 $fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};
1312 $fwhostsettings{'orgnetremark'}=$fwhostsettings{'NETREMARK'};
1313 print<<END;
1314 <table border='0' width='100%' >
1315 <tr><td width='15%'>$Lang::tr{'name'}:</td><td><form method='post'><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'} size='20'><script>document.getElementById('textbox1').focus()</script></td></tr>
1316 <tr><td>$Lang::tr{'fwhost netaddress'}:</td><td><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='15'></td></tr>
1317 <tr><td>$Lang::tr{'netmask'}:</td><td><input type='TEXT' name='SUBNET' value='$fwhostsettings{'SUBNET'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='15'></td></tr>
1318 <tr><td>$Lang::tr{'remark'}:</td><td><input type='TEXT' name='NETREMARK' value='$fwhostsettings{'NETREMARK'}' style='width: 98.5%;'></td></tr>
1319 <tr><td colspan='6'><br></td></tr><tr>
1320 END
1321 if ($fwhostsettings{'ACTION'} eq 'editnet' || $fwhostsettings{'error'} eq 'on')
1322 {
1323 print "<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='updatenet'><input type='hidden' name='orgnetremark' value='$fwhostsettings{'orgnetremark'}' ><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newnet' value='$fwhostsettings{'newnet'}'>";
1324 }else{
1325 print "<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'save'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='savenet'><input type='hidden' name='newnet' value='on'>";
1326 }
1327 print "</form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resetnet'></form></td></tr></table>";
1328 &Header::closebox();
1329 }
1330 sub addhost
1331 {
1332 &error;
1333 &showmenu;
1334 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addhost'});
1335 $fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};
1336 $fwhostsettings{'orgremark'}=$fwhostsettings{'HOSTREMARK'};
1337 print<<END;
1338 <table width='100%'>
1339 <tr><td>$Lang::tr{'name'}:</td><td><form method='post' style='display:inline;'><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'} size='20'><script>document.getElementById('textbox1').focus()</script></td></tr>
1340 <tr><td>IP/MAC:</td><td><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='17'></td></tr>
1341 <tr><td width='10%'>$Lang::tr{'remark'}:</td><td><input type='TEXT' name='HOSTREMARK' value='$fwhostsettings{'HOSTREMARK'}' style='width:98%;'></td></tr>
1342 <tr><td colspan='5'><br></td></tr><tr>
1343 END
1344
1345 if ($fwhostsettings{'ACTION'} eq 'edithost' || $fwhostsettings{'error'} eq 'on')
1346 {
1347
1348 print " <td colspan='4' align='right'><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'/><input type='hidden' name='ACTION' value='updatehost'><input type='hidden' name='orgremark' value='$fwhostsettings{'orgremark'}' ><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newhost' value='$fwhostsettings{'newhost'}'></form>";
1349 }else{
1350 print " <td colspan='4' align='right'><input type='submit' name='savehost' value='$Lang::tr{'save'}' style='min-width:100px;' /><input type='hidden' name='ACTION' value='savehost' /><input type='hidden' name='newhost' value='on'>";
1351 }
1352 print " </form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resethost'></form></td></tr></table>";
1353 &Header::closebox();
1354 }
1355 sub addgrp
1356 {
1357 &hint;
1358 &error;
1359 &showmenu;
1360 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addgrp'});
1361 &General::setup_default_networks(\%defaultNetworks);
1362 &General::readhasharray("$configccdnet", \%ccdnet);
1363 &General::readhasharray("$confignet", \%customnetwork);
1364 &General::readhasharray("$configccdhost", \%ccdhost);
1365 &General::readhasharray("$confighost", \%customhost);
1366 &General::readhasharray("$configipsec", \%ipsecconf);
1367
1368 my %checked=();
1369 my $show='';
1370 $checked{'check1'}{'off'} = '';
1371 $checked{'check1'}{'on'} = '';
1372 $checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED';
1373 $fwhostsettings{'oldremark'}=$fwhostsettings{'remark'};
1374 $fwhostsettings{'oldgrpname'}=$fwhostsettings{'grp_name'};
1375 my $grp=$fwhostsettings{'grp_name'};
1376 my $rem=$fwhostsettings{'remark'};
1377 if ($fwhostsettings{'update'} eq ''){
1378 print<<END;
1379 <table width='100%' border='0'>
1380 <tr>
1381 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1382 <td><form method='post'><input type='TEXT' name='grp_name' value='$fwhostsettings{'grp_name'}' size='30'></td>
1383 </tr>
1384 <tr>
1385 <td>$Lang::tr{'remark'}:</td>
1386 <td ><input type='TEXT' name='remark' value='$fwhostsettings{'remark'}' style='width: 99%;'></td>
1387 </tr>
1388 <tr>
1389 <td colspan='2'><br></td>
1390 </tr>
1391 </table>
1392 END
1393 }else{
1394 print<<END;
1395 <table width='100%' border='0'><form method='post'>
1396 <tr>
1397 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1398 <td style='width:30%;'><input type='TEXT' name='grp' value='$fwhostsettings{'grp_name'}' size='30'></td>
1399 <td><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldgrpname' value='$fwhostsettings{'oldgrpname'}'><input type='hidden' name='ACTION' value='changegrpname'></td>
1400 <td></td></form>
1401 </tr>
1402 <tr><form method='post' style='display:inline'>
1403 <td>$Lang::tr{'remark'}:</td>
1404 <td colspan='2' style='width:98%;'><input type='TEXT' name='newrem' value='$fwhostsettings{'remark'}' style='width:98%;'></td>
1405 <td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='grp' value='$fwhostsettings{'grp_name'}'><input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='ACTION' value='changegrpremark' ></td>
1406 </tr>
1407 </table></form>
1408 <br><br>
1409 END
1410 }
1411 if ($fwhostsettings{'update'} eq 'on'){
1412 print<<END;
1413 <form method='post'><input type='hidden' name='remark' value='$rem'><input type='hidden' name='grp_name' value='$grp'>
1414 <table width='100%' border='0'>
1415 <tr><td width=50% valign='top'>
1416 <table width='90%' border='0'>
1417 <tr>
1418 <td style='width:15em;'>
1419 <label>
1420 <input type='radio' name='grp2' value='std_net' id='DEFAULT_SRC_ADR' checked>
1421 $Lang::tr{'fwhost stdnet'}
1422 </label>
1423 </td>
1424 <td style='text-align:right;'>
1425 <select name='DEFAULT_SRC_ADR' style='width:16em;'>
1426 END
1427 foreach my $network (sort keys %defaultNetworks)
1428 {
1429 next if($defaultNetworks{$network}{'LOCATION'} eq "IPCOP");
1430 next if($defaultNetworks{$network}{'NAME'} eq "IPFire");
1431 print "<option value='$defaultNetworks{$network}{'NAME'}'";
1432 print " selected='selected'" if ($fwhostsettings{'DEFAULT_SRC_ADR'} eq $defaultNetworks{$network}{'NAME'});
1433 my $defnet="$defaultNetworks{$network}{'NAME'}_NETADDRESS";
1434 my $defsub="$defaultNetworks{$network}{'NAME'}_NETMASK";
1435 my $defsub1=&General::subtocidr($ownnet{$defsub});
1436 $ownnet{$defnet}='' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
1437 if ($ownnet{$defnet}){
1438 print ">$network ($ownnet{$defnet}/$defsub1)</option>";
1439 }else{
1440 print ">$network</option>";
1441 }
1442 }
1443 print"</select></td></tr>";
1444 if (! -z $confignet){
1445 print<<END;
1446 <tr>
1447 <td>
1448 <label>
1449 <input type='radio' name='grp2' id='CUST_SRC_NET' value='cust_net' $checked{'grp2'}{'cust_net'}>
1450 $Lang::tr{'fwhost cust net'}:
1451 </label>
1452 </td>
1453 <td style='text-align:right;'>
1454 <select name='CUST_SRC_NET' style='width:16em;'>";
1455 END
1456 foreach my $key (sort { ncmp($customnetwork{$a}[0],$customnetwork{$b}[0]) } keys %customnetwork) {
1457 print"<option>$customnetwork{$key}[0]</option>";
1458 }
1459 print"</select></td></tr>";
1460 }
1461 if (! -z $confighost){
1462 print<<END;
1463 <tr>
1464 <td valign='top'>
1465 <label>
1466 <input type='radio' name='grp2' id='CUST_SRC_HOST' value='cust_host' $checked{'grp2'}{'cust_host'}>
1467 $Lang::tr{'fwhost cust addr'}:
1468 </label>
1469 </td>
1470 <td style='text-align:right;'>
1471 <select name='CUST_SRC_HOST' style='width:16em;'>";
1472 END
1473 foreach my $key (sort { ncmp($customhost{$a}[0],$customhost{$b}[0]) } keys %customhost) {
1474 print"<option>$customhost{$key}[0]</option>";
1475 }
1476 print"</select></td></tr>";
1477 }
1478 print"</table>";
1479 #Inner table right
1480 print"</td><td align='right' style='vertical-align:top;'><table width='90%' border='0'>";
1481 #OVPN networks
1482 if (! -z $configccdnet){
1483 print<<END;
1484 <td style='width:15em;'>
1485 <label>
1486 <input type='radio' name='grp2' id='OVPN_CCD_NET' value='ovpn_net' $checked{'grp2'}{'ovpn_net'}>
1487 $Lang::tr{'fwhost ccdnet'}
1488 </label>
1489 </td>
1490 <td style='text-align:right;'>
1491 <select name='OVPN_CCD_NET' style='width:16em;'>";
1492 END
1493 foreach my $key (sort { ncmp($ccdnet{$a}[0],$ccdnet{$b}[0]) } keys %ccdnet)
1494 {
1495 print"<option value='$ccdnet{$key}[0]'>$ccdnet{$key}[0]</option>";
1496 }
1497 print"</select></td></tr>";
1498 }
1499 #OVPN clients
1500 my @ovpn_clients=();
1501 foreach my $key (sort { ncmp($ccdhost{$a}[0],$ccdhost{$b}[0]) } keys %ccdhost)
1502 {
1503 if ($ccdhost{$key}[33] ne ''){
1504 $show='1';
1505 push (@ovpn_clients,$ccdhost{$key}[1]);
1506 }
1507 }
1508 if ($show eq '1'){
1509 $show='';
1510 print<<END;
1511 <td style='width:15em;'>
1512 <label>
1513 <input type='radio' name='grp2' value='ovpn_host' $checked{'grp2'}{'ovpn_host'}>
1514 $Lang::tr{'fwhost ccdhost'}
1515 </label>
1516 </td>
1517 <td style='text-align:right;'>
1518 <select name='OVPN_CCD_HOST' style='width:16em;'>" if ($show eq '');
1519 END
1520 foreach(@ovpn_clients){
1521 print"<option value='$_'>$_</option>";
1522 }
1523 print"</select></td></tr>";
1524 }
1525 #OVPN n2n networks
1526 my @OVPN_N2N=();
1527 foreach my $key (sort { ncmp($ccdhost{$a}[1],$ccdhost{$b}[1]) } keys %ccdhost) {
1528 if($ccdhost{$key}[3] eq 'net'){
1529 $show='1';
1530 push (@OVPN_N2N,$ccdhost{$key}[1]);
1531 }
1532 }
1533 if ($show eq '1'){
1534 $show='';
1535 print<<END;
1536 <td style='width:15em;'>
1537 <label>
1538 <input type='radio' name='grp2' id='OVPN_N2N' value='ovpn_n2n' $checked{'grp2'}{'ovpn_n2n'}>
1539 $Lang::tr{'fwhost ovpn_n2n'}:
1540 </label>
1541 </td>
1542 <td style='text-align:right;'>
1543 <select name='OVPN_N2N' style='width:16em;'>"
1544 END
1545 foreach(@OVPN_N2N){
1546 print"<option>$_</option>";
1547 }
1548 print"</select></td></tr>";
1549 }
1550 #IPsec networks
1551 my @IPSEC_N2N=();
1552 foreach my $key (sort { ncmp($ipsecconf{$a}[0],$ipsecconf{$b}[0]) } keys %ipsecconf) {
1553 if ($ipsecconf{$key}[3] eq 'net'){
1554 $show='1';
1555 push (@IPSEC_N2N,$ipsecconf{$key}[1]);
1556 }
1557 }
1558 if ($show eq '1'){
1559 $show='';
1560 print<<END;
1561 <td style='width:15em;'>
1562 <label>
1563 <input type='radio' name='grp2' id='IPSEC_NET' value='ipsec_net' $checked{'grp2'}{'ipsec_net'}>
1564 $Lang::tr{'fwhost ipsec net'}
1565 </label>
1566 </td>
1567 <td style='text-align:right;'>
1568 <select name='IPSEC_NET' style='width:16em;'>"
1569 END
1570 foreach(@IPSEC_N2N){
1571 print"<option value='$_'>$_</option>";
1572 }
1573 }
1574 print"</select></td></tr>";
1575 print"</table>";
1576 print"</td></tr></table>";
1577 print"<br><br>";
1578 }
1579 print"<table width='100%'>";
1580 print"<tr><td style='text-align:right;'><input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' /><input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='update' value=\"$fwhostsettings{'update'}\"><input type='hidden' name='ACTION' value='savegrp' ></form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='resetgrp'></form></td></table>";
1581 &Header::closebox();
1582 }
1583 sub addgeoipgrp
1584 {
1585 &hint;
1586 &error;
1587 &showmenu;
1588 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addgeoipgrp'});
1589
1590 my %checked=();
1591 my $show='';
1592 $checked{'check1'}{'off'} = '';
1593 $checked{'check1'}{'on'} = '';
1594 $checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED';
1595 $fwhostsettings{'oldremark'}=$fwhostsettings{'remark'};
1596 $fwhostsettings{'oldgrpname'}=$fwhostsettings{'grp_name'};
1597 my $grp=$fwhostsettings{'grp_name'};
1598 my $rem=$fwhostsettings{'remark'};
1599 if ($fwhostsettings{'update'} eq ''){
1600 print<<END;
1601 <table width='100%' border='0'>
1602 <tr>
1603 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1604 <td><form method='post'><input type='TEXT' name='grp_name' value='$fwhostsettings{'grp_name'}' size='30'></td>
1605 </tr>
1606 <tr>
1607 <td>$Lang::tr{'remark'}:</td>
1608 <td ><input type='TEXT' name='remark' value='$fwhostsettings{'remark'}' style='width: 99%;'></td>
1609 </tr>
1610 <tr>
1611 <td colspan='2'><br></td>
1612 </tr>
1613 </table>
1614 END
1615 } else {
1616 print<<END;
1617 <table width='100%' border='0'>
1618 <form method='post'><tr>
1619 <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
1620 <td style='width:30%;'><input type='TEXT' name='grp' value='$fwhostsettings{'grp_name'}' size='30'></td>
1621 <td>
1622 <input type='submit' value='$Lang::tr{'fwhost change'}'>
1623 <input type='hidden' name='oldgrpname' value='$fwhostsettings{'oldgrpname'}'>
1624 <input type='hidden' name='ACTION' value='changegeoipgrpname'>
1625 </td>
1626 <td></td>
1627 </tr></form>
1628 <tr><form method='post' style='display:inline'>
1629 <td>$Lang::tr{'remark'}:</td>
1630 <td colspan='2' style='width:98%;'>
1631 <input type='TEXT' name='newrem' value='$fwhostsettings{'remark'}' style='width:98%;'>
1632 </td>
1633 <td align='right'>
1634 <input type='submit' value='$Lang::tr{'fwhost change'}'>
1635 <input type='hidden' name='grp' value='$fwhostsettings{'grp_name'}'>
1636 <input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'>
1637 <input type='hidden' name='ACTION' value='changegeoipgrpremark'>
1638 </td>
1639 </tr></form>
1640 </table>
1641 <br><br>
1642 END
1643 }
1644 if ($fwhostsettings{'update'} eq 'on') {
1645 my @geoip_locations = &fwlib::get_geoip_locations();
1646
1647 print<<END;
1648 <form method='post'>
1649 <input type='hidden' name='remark' value='$rem'>
1650 <input type='hidden' name='grp_name' value='$grp'>
1651
1652 <table width='100%' border='0'>
1653 <tr>
1654 <td style='text-align:left;'>
1655 <select name='COUNTRY_CODE' style='width:16em;'>";
1656 END
1657 foreach my $location (@geoip_locations) {
1658 # Get full country name.
1659 my $fullname = &GeoIP::get_full_country_name($location);
1660
1661 print"<option value='$location'>$location - $fullname</option>\n";
1662 }
1663 print <<END;
1664 </select>
1665 </td>
1666 </tr>
1667 </table>
1668 <br><br>
1669 END
1670 }
1671 print <<END;
1672 <table width='100%'>
1673 <tr><td style='text-align:right;'>
1674 <input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' />
1675 <input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'>
1676 <input type='hidden' name='update' value=\"$fwhostsettings{'update'}\">
1677 <input type='hidden' name='ACTION' value='savegeoipgrp' >
1678 </form>
1679
1680 <form method='post' style='display:inline'>
1681
1682 <input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'>
1683 <input type='hidden' name='ACTION' value='resetgeoipgrp'>
1684
1685 </form>
1686 </td></tr></table>
1687 END
1688 &Header::closebox();
1689 }
1690 sub addservice
1691 {
1692 &error;
1693 &showmenu;
1694 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addservice'});
1695 if ($fwhostsettings{'updatesrv'} eq 'on')
1696 {
1697 $fwhostsettings{'oldsrvname'} = $fwhostsettings{'SRV_NAME'};
1698 $fwhostsettings{'oldsrvport'} = $fwhostsettings{'SRV_PORT'};
1699 $fwhostsettings{'oldsrvprot'} = $fwhostsettings{'PROT'};
1700 $fwhostsettings{'oldsrvicmp'} = $fwhostsettings{'ICMP'};
1701 }
1702 print<<END;
1703 <table width='100%' border='0'><form method='post'>
1704 <tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost srv_name'}:</td><td><input type='text' name='SRV_NAME' id='textbox1' value='$fwhostsettings{'SRV_NAME'}' size='24'><script>document.getElementById('textbox1').focus()</script></td></tr>
1705 <tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost prot'}:</td><td><select name='PROT' id='protocol' >
1706 END
1707 foreach ("TCP","UDP","ICMP")
1708 {
1709 if ($_ eq $fwhostsettings{'PROT'})
1710 {
1711 print"<option selected>$_</option>";
1712 }else{
1713 print"<option>$_</option>";
1714 }
1715 }
1716 print<<END;
1717 </select></td></tr></table>
1718 <div id='PROTOKOLL' class='noscript'><table width=100%' border='0'><tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost icmptype'}</td><td><select name='ICMP_TYPES'>
1719 END
1720 &General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
1721 print"<option value='All ICMP-Types'>$Lang::tr{'fwdfw all icmp'}</option>";
1722 foreach my $key (sort { ncmp($icmptypes{$a}[0],$icmptypes{$b}[0]) }keys %icmptypes){
1723 if ($icmptypes{$key}[0] eq $fwhostsettings{'oldsrvicmp'}){
1724 print"<option selected>$icmptypes{$key}[0] ($icmptypes{$key}[1])</option>";
1725 }else{
1726 print"<option>$icmptypes{$key}[0] ($icmptypes{$key}[1])</option>";
1727 }
1728 }
1729 print<<END;
1730 </select></td></tr></table></div>
1731 <div id='PORT' class='noscript'><table width='100%' border='0'><tr><td width='10%'>$Lang::tr{'fwhost port'}:</td><td><input type='text' name='SRV_PORT' value='$fwhostsettings{'SRV_PORT'}' maxlength='11' size='24'></td></tr></table></div>
1732 <table width='100%' border='0'><tr><td colspan='6'><br></td></tr>
1733 <tr><td colspan='6' align='right'>
1734 END
1735 if ($fwhostsettings{'updatesrv'} eq 'on')
1736 {
1737 print<<END;
1738 <input type='submit' value='$Lang::tr{'update'}'style='min-width:100px;' >
1739 <input type='hidden' name='ACTION' value='updateservice'>
1740 <input type='hidden' name='oldsrvname' value='$fwhostsettings{'oldsrvname'}'>
1741 <input type='hidden' name='oldsrvport' value='$fwhostsettings{'oldsrvport'}'>
1742 <input type='hidden' name='oldsrvprot' value='$fwhostsettings{'oldsrvprot'}'>
1743 <input type='hidden' name='oldsrvicmp' value='$fwhostsettings{'oldsrvicmp'}'>
1744 </form>
1745 END
1746 }else{
1747 print"<input type='submit' value='$Lang::tr{'save'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='saveservice'></form>";
1748 }
1749 print<<END;
1750 <form style='display:inline;' method='post'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'></form></td></tr>
1751 </table></form>
1752 END
1753 &Header::closebox();
1754 &viewtableservice;
1755 }
1756 sub addservicegrp
1757 {
1758 &hint;
1759 &error;
1760 &showmenu;
1761 &Header::openbox('100%', 'left', $Lang::tr{'fwhost addservicegrp'});
1762 $fwhostsettings{'oldsrvgrpremark'}=$fwhostsettings{'SRVGRP_REMARK'};
1763 $fwhostsettings{'oldsrvgrpname'}=$fwhostsettings{'SRVGRP_NAME'};
1764 if ($fwhostsettings{'updatesrvgrp'} eq ''){
1765 print<<END;
1766 <table width='100%' border='0'><form method='post'>
1767 <tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td><input type='text' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}' size='24'></td></tr>
1768 <tr><td width='10%'>$Lang::tr{'remark'}:</td><td><input type='text' name='SRVGRP_REMARK' value='$fwhostsettings{'SRVGRP_REMARK'}' style='width: 98%;'></td></tr>
1769 <tr><td colspan='2'><br></tr>
1770 </table>
1771 END
1772 }else{
1773 print<<END;
1774 <table width='100%'><form method='post' style='display:inline'>
1775 <tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td width='20%'><input type='text' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}' size='14'></td><td align='left'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvgrpname' value='$fwhostsettings{'oldsrvgrpname'}'><input type='hidden' name='ACTION' value='changesrvgrpname'></td><td width='3%'></td></form></tr>
1776 <tr>
1777 <form method='post'>
1778 <td width='10%'>
1779 $Lang::tr{'remark'}:
1780 </td>
1781 <td colspan='2'>
1782 <input type='text' name='newsrvrem' value='$fwhostsettings{'SRVGRP_REMARK'}' style='width:98%;'>
1783 </td>
1784 <td align='right'>
1785 <input type='submit' value='$Lang::tr{'fwhost change'}'>
1786 <input type='hidden' name='oldsrvrem' value='$fwhostsettings{'oldsrvgrpremark'}'>
1787 <input type='hidden' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}'>
1788 <input type='hidden' name='ACTION' value='changesrvgrpremark' >
1789 </td>
1790 </tr>
1791 <tr>
1792 <td colspan='4'>
1793 <br>
1794 </td>
1795 </tr>
1796 </table>
1797 </form>
1798 END
1799 }
1800 if($fwhostsettings{'updatesrvgrp'} eq 'on'){
1801 print<<END;
1802 <form method='post'><input type='hidden' name='SRVGRP_REMARK' value='$fwhostsettings{'SRVGRP_REMARK'}'><input type='hidden' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}'><table border='0' width='100%'>
1803 <tr><td width='10%' nowrap='nowrap'>$Lang::tr{'add'}: </td><td><select name='CUST_SRV' style='min-width:185px;'>
1804 END
1805 &General::readhasharray("$configsrv", \%customservice);
1806 #Protocols for use in servicegroups
1807 print "<optgroup label='$Lang::tr{'fwhost cust service'}'>";
1808 foreach my $key (sort { ncmp($customservice{$a}[0],$customservice{$b}[0]) } keys %customservice)
1809 {
1810 print "<option>$customservice{$key}[0]</option>";
1811 }
1812 print "</optgroup>";
1813 print "<optgroup label='$Lang::tr{'protocol'}'>";
1814 print "<option>GRE</option>";
1815 print "<option>AH</option>";
1816 print "<option>ESP</option>";
1817 print "<option>IGMP</option>";
1818 print "<option>IPIP</option>";
1819 print "<option value='IPV6'>IPv6 encap</option>";
1820 print "</optgroup>";
1821 print<<END;
1822 </select></td></tr>
1823 <tr><td colspan='4'><br><br></td></tr>
1824 <tr><td colspan='4'></td></tr>
1825 </table>
1826 END
1827 }
1828 print<<END;
1829 <table width='100%'>
1830 <tr><td align='right'><input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' /><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'><input type='hidden' name='oldsrvgrpremark' value='$fwhostsettings{'oldsrvgrpremark'}'><input type='hidden' name='ACTION' value='saveservicegrp' ></form><form style='display:inline;' method='post'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'></td></tr>
1831 </table></form>
1832 END
1833 &Header::closebox();
1834 }
1835 # View
1836 sub viewtablenet
1837 {
1838 if(! -z $confignet){
1839 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust net'});
1840 &General::readhasharray("$confignet", \%customnetwork);
1841 &General::readhasharray("$configgrp", \%customgrp);
1842 &General::readhasharray("$fwconfigfwd", \%fwfwd);
1843 &General::readhasharray("$fwconfiginp", \%fwinp);
1844 &General::readhasharray("$fwconfigout", \%fwout);
1845
1846 if (!keys %customnetwork)
1847 {
1848 print "<center><b>$Lang::tr{'fwhost empty'}</b>";
1849 }else{
1850 print<<END;
1851 <table width='100%' cellspacing='0' class='tbl'>
1852 <tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost netaddress'}</b></th><th align='center'><b>$Lang::tr{'remark'}</b></th><th align='center'><b>$Lang::tr{'used'}</b></th><th></th><th width='3%'></th></tr>
1853 END
1854 }
1855 my $count=0;
1856 my $col='';
1857 foreach my $key (sort {ncmp($a,$b)} keys %customnetwork) {
1858 if ($fwhostsettings{'ACTION'} eq 'editnet' && $fwhostsettings{'HOSTNAME'} eq $customnetwork{$key}[0]) {
1859 print" <tr>";
1860 $col="bgcolor='${Header::colouryellow}'";
1861 }elsif ($count % 2)
1862 {
1863 $col="bgcolor='$color{'color20'}'";
1864 print" <tr>";
1865 }else
1866 {
1867 $col="bgcolor='$color{'color22'}'";
1868 print" <tr>";
1869 }
1870 my $colnet="$customnetwork{$key}[1]/".&General::subtocidr($customnetwork{$key}[2]);
1871 my $netcount=&getnetcount($customnetwork{$key}[0]);
1872 print"<td width='20%' $col><form method='post'>$customnetwork{$key}[0]</td><td width='15%' align='center' $col>".&getcolor($colnet)."</td><td width='40%' $col>$customnetwork{$key}[3]</td><td align='center' $col>$netcount x</td>";
1873 print<<END;
1874 <td width='1%' $col><input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
1875 <input type='hidden' name='ACTION' value='editnet'>
1876 <input type='hidden' name='HOSTNAME' value='$customnetwork{$key}[0]' />
1877 <input type='hidden' name='IP' value='$customnetwork{$key}[1]' />
1878 <input type='hidden' name='SUBNET' value='$customnetwork{$key}[2]' />
1879 <input type='hidden' name='NETREMARK' value='$customnetwork{$key}[3]' />
1880 </td></form>
1881 END
1882 if($netcount == '0')
1883 {
1884 print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' /><input type='hidden' name='ACTION' value='delnet' /><input type='hidden' name='key' value='$customnetwork{$key}[0]' /></td></form></tr>";
1885 }else{
1886 print"<td $col></td></tr>";
1887 }
1888 $count++;
1889 }
1890 print"</table>";
1891 &Header::closebox();
1892 }
1893
1894 }
1895 sub getcolor
1896 {
1897 my $c=shift;
1898 my $sip;
1899 my $scidr;
1900 my $tdcolor='';
1901 #Check if MAC
1902 if (&General::validmac($c)){ return $c;}
1903
1904 #Check if we got a full IP with subnet then split it
1905 if($c =~ /^(.*?)\/(.*?)$/){
1906 ($sip,$scidr) = split ("/",$c);
1907 }else{
1908 $sip=$c;
1909 }
1910
1911 #Now check if IP is part of ORANGE,BLUE or GREEN
1912 if ( &Header::orange_used() && &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){
1913 $tdcolor="<font style='color: $Header::colourorange;'>$c</font>";
1914 return $tdcolor;
1915 }
1916 if ( &General::IpInSubnet($sip,$netsettings{'GREEN_ADDRESS'},$netsettings{'GREEN_NETMASK'})){
1917 $tdcolor="<font style='color: $Header::colourgreen;'>$c</font>";
1918 return $tdcolor;
1919 }
1920 if ( &Header::blue_used() && &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){
1921 $tdcolor="<font style='color: $Header::colourblue;'>$c</font>";
1922 return $tdcolor;
1923 }
1924 if ("$sip/$scidr" eq "0.0.0.0/0"){
1925 $tdcolor="<font style='color: $Header::colourred;'>$c</font>";
1926 return $tdcolor;
1927 }
1928 #Check if IP is part of OpenVPN N2N subnet
1929 foreach my $key (sort keys %ccdhost){
1930 if ($ccdhost{$key}[3] eq 'net'){
1931 my ($a,$b) = split("/",$ccdhost{$key}[11]);
1932 if (&General::IpInSubnet($sip,$a,$b)){
1933 $tdcolor="<font style='color:$Header::colourovpn ;'>$c</font>";
1934 return $tdcolor;
1935 }
1936 }
1937 }
1938
1939 #Check if IP is part of OpenVPN dynamic subnet
1940 my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'});
1941 if (&General::IpInSubnet($sip,$a,$b)){
1942 $tdcolor="<font style='color: $Header::colourovpn;'>$c</font>";
1943 return $tdcolor;
1944 }
1945
1946 #Check if IP is part of OpenVPN static subnet
1947 foreach my $key (sort keys %ccdnet){
1948 my ($a,$b) = split("/",$ccdnet{$key}[1]);
1949 $b =&General::iporsubtodec($b);
1950 if (&General::IpInSubnet($sip,$a,$b)){
1951 $tdcolor="<font style='color: $Header::colourovpn;'>$c</font>";
1952 return $tdcolor;
1953 }
1954 }
1955
1956 #Check if IP is part of IPsec RW network
1957 if ($ipsecsettings{'RW_NET'} ne ''){
1958 my ($a,$b) = split("/",$ipsecsettings{'RW_NET'});
1959 $b=&General::iporsubtodec($b);
1960 if (&General::IpInSubnet($sip,$a,$b)){
1961 $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
1962 return $tdcolor;
1963 }
1964 }
1965
1966 #Check if IP is part of a IPsec N2N network
1967 foreach my $key (sort keys %ipsecconf){
1968 if ($ipsecconf{$key}[11]){
1969 my ($a,$b) = split("/",$ipsecconf{$key}[11]);
1970 $b=&General::iporsubtodec($b);
1971 if (&General::IpInSubnet($sip,$a,$b)){
1972 $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
1973 return $tdcolor;
1974 }
1975 }
1976 }
1977 return "$c";
1978 }
1979 sub viewtablehost
1980 {
1981 if (! -z $confighost){
1982 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust addr'});
1983 &General::readhasharray("$confighost", \%customhost);
1984 &General::readhasharray("$configccdnet", \%ccdnet);
1985 &General::readhasharray("$configccdhost", \%ccdhost);
1986 &General::readhasharray("$fwconfigfwd", \%fwfwd);
1987 &General::readhasharray("$fwconfiginp", \%fwinp);
1988 &General::readhasharray("$fwconfigout", \%fwout);
1989 &General::readhasharray("$configgrp", \%customgrp);
1990 if (!keys %customhost)
1991 {
1992 print "<center><b>$Lang::tr{'fwhost empty'}</b>";
1993 }else{
1994 print<<END;
1995 <table width='100%' cellspacing='0' class='tbl'>
1996 <tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost ip_mac'}</b></th><th align='center'><b>$Lang::tr{'remark'}</b></th><th align='center'><b>$Lang::tr{'used'}</b></th><th></th><th width='3%'></th></tr>
1997 END
1998 }
1999 my $count=0;
2000 my $col='';
2001 foreach my $key (sort { ncmp ($customhost{$a}[0],$customhost{$b}[0])} keys %customhost) {
2002 if ( ($fwhostsettings{'ACTION'} eq 'edithost' || $fwhostsettings{'error'}) && $fwhostsettings{'HOSTNAME'} eq $customhost{$key}[0]) {
2003 print" <tr>";
2004 $col="bgcolor='${Header::colouryellow}'";
2005 }elsif ($count % 2){
2006 print" <tr>";
2007 $col="bgcolor='$color{'color20'}'";
2008 }else{
2009 $col="bgcolor='$color{'color22'}'";
2010 print" <tr>";
2011 }
2012 my ($ip,$sub)=split(/\//,$customhost{$key}[2]);
2013 $customhost{$key}[4]=~s/\s+//g;
2014 my $hostcount=0;
2015 $hostcount=&gethostcount($customhost{$key}[0]);
2016 print"<td width='20%' $col>$customhost{$key}[0]</td><td width='20%' align='center' $col >".&getcolor($ip)."</td><td width='50%' align='left' $col>$customhost{$key}[3]</td><td align='center' $col>$hostcount x</td>";
2017 print<<END;
2018 <td width='1%' $col><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
2019 <input type='hidden' name='ACTION' value='edithost' />
2020 <input type='hidden' name='HOSTNAME' value='$customhost{$key}[0]' />
2021 <input type='hidden' name='IP' value='$ip' />
2022 <input type='hidden' name='type' value='$customhost{$key}[1]' />
2023 <input type='hidden' name='HOSTREMARK' value='$customhost{$key}[3]' />
2024 </form></td>
2025 END
2026 if($hostcount == '0')
2027 {
2028 print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' /><input type='hidden' name='ACTION' value='delhost' /><input type='hidden' name='key' value='$customhost{$key}[0]' /></td></form></tr>";
2029 }else{
2030 print"<td width='1%' $col></td></tr>";
2031 }
2032 $count++;
2033 }
2034 print"</table>";
2035 &Header::closebox();
2036 }
2037 }
2038 sub viewtablegrp
2039 {
2040 if(! -z "$configgrp"){
2041 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust grp'});
2042 &General::readhasharray("$configgrp", \%customgrp);
2043 &General::readhasharray("$configipsec", \%ipsecconf);
2044 &General::readhasharray("$configccdhost", \%ccdhost);
2045 &General::readhasharray("$configccdnet", \%ccdnet);
2046 &General::readhasharray("$confighost", \%customhost);
2047 &General::readhasharray("$confignet", \%customnetwork);
2048 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2049 &General::readhasharray("$fwconfiginp", \%fwinp);
2050 &General::readhasharray("$fwconfigout", \%fwout);
2051 my @grp=();
2052 my $helper='';
2053 my $count=1;
2054 my $grpname;
2055 my $remark;
2056 my $number;
2057 my $delflag;
2058 my @counter;
2059 my %hash;
2060 if (!keys %customgrp)
2061 {
2062 print "<center><b>$Lang::tr{'fwhost err emptytable'}</b>";
2063 }else{
2064 #get all groups in a hash
2065 foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
2066 push (@counter,$customgrp{$key}[0]);
2067 }
2068 foreach my $key1 (@counter) {
2069 $hash{$key1}++ ;
2070 }
2071 foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
2072 $count++;
2073 if ($helper ne $customgrp{$key}[0]){
2074 $delflag='0';
2075 foreach my $key1 (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
2076 if ($customgrp{$key}[0] eq $customgrp{$key1}[0])
2077 {
2078 $delflag++;
2079 }
2080 if($delflag > 1){
2081 last;
2082 }
2083 }
2084 $number=1;
2085 if ($customgrp{$key}[2] eq "none"){$customgrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};}
2086 $grpname=$customgrp{$key}[0];
2087 $remark="$customgrp{$key}[1]";
2088 if($count gt 1){ print"</table>";$count=1;}
2089 print "<br><b><u>$grpname</u></b>&nbsp; &nbsp;";
2090 print " <b>$Lang::tr{'remark'}:</b>&nbsp $remark &nbsp " if ($remark ne '');
2091 my $netgrpcount=&getnetcount($grpname);
2092 print "<b>$Lang::tr{'used'}:</b> $netgrpcount x";
2093 if($netgrpcount == '0')
2094 {
2095 print"<form method='post' style='display:inline'><input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='ACTION' value='delgrp'></form>";
2096 }
2097 print"<form method='post' style='display:inline'><input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='remark' value='$remark' ><input type='hidden' name='ACTION' value='editgrp'></form>";
2098 print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost ip_mac'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost type'}</th><th></th></tr>";
2099 }
2100 my $col='';
2101 if ( ($fwhostsettings{'ACTION'} eq 'editgrp' || $fwhostsettings{'update'} ne '') && $fwhostsettings{'grp_name'} eq $customgrp{$key}[0]) {
2102 print" <tr>";
2103 $col="bgcolor='${Header::colouryellow}'";
2104 }elsif ($count %2 == 0){
2105 print"<tr>";
2106 $col="bgcolor='$color{'color20'}'";
2107 }else{
2108 print"<tr>";
2109 $col="bgcolor='$color{'color22'}'";
2110 }
2111 my $ip=&getipforgroup($customgrp{$key}[2],$customgrp{$key}[3]);
2112 if ($ip eq ''){
2113 print"<tr>";
2114 $col="bgcolor='${Header::colouryellow}'";
2115 }
2116 print "<td width='39%' align='left' $col>";
2117 if($customgrp{$key}[3] eq 'Standard Network'){
2118 print &get_name($customgrp{$key}[2])."</td>";
2119 }else{
2120 print "$customgrp{$key}[2]</td>";
2121 }
2122 if ($ip eq '' && $customgrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
2123 print "<td align='center' $col>$Lang::tr{'fwhost deleted'}</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
2124 }else{
2125 my ($colip,$colsub) = split("/",$ip);
2126 $ip="$colip/".&General::iporsubtocidr($colsub) if ($colsub);
2127 print"<td align='center' $col>".&getcolor($ip)."</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
2128 }
2129 if ($delflag > 0 && $ip ne ''){
2130 print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' />";
2131 #check if this group has only one entry
2132 foreach my $key2 (keys %hash) {
2133 if ($hash{$key2}<2 && $key2 eq $customgrp{$key}[0]){
2134 print "<input type='hidden' name='last' value='on'>" ;
2135 }
2136 }
2137 }
2138 print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
2139 $helper=$customgrp{$key}[0];
2140 $number++;
2141 }
2142 print"</table>";
2143 }
2144 &Header::closebox();
2145 }
2146
2147 }
2148 sub viewtablegeoipgrp
2149 {
2150 # If our filesize is "zero" there is nothing to read-in.
2151 if (-z "$configgeoipgrp") {
2152 return;
2153 }
2154
2155 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust geoipgrp'});
2156 &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
2157 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2158 &General::readhasharray("$fwconfiginp", \%fwinp);
2159 &General::readhasharray("$fwconfigout", \%fwout);
2160 my @grp=();
2161 my $helper='';
2162 my $count=1;
2163 my $country_code;
2164 my $grpname;
2165 my $remark;
2166 my $number;
2167 my $delflag;
2168 my @counter;
2169 my %hash;
2170
2171 # If there are no groups we are finished here.
2172 if (!keys %customgeoipgrp) {
2173 print "<center><b>$Lang::tr{'fwhost err emptytable'}</b>";
2174 return;
2175 }
2176
2177 # Put all groups in a hash.
2178 foreach my $key (sort { ncmp($customgeoipgrp{$a}[0],$customgeoipgrp{$b}[0]) }
2179 sort { ncmp($customgeoipgrp{$a}[2],$customgeoipgrp{$b}[2]) } keys %customgeoipgrp) {
2180 push (@counter,$customgeoipgrp{$key}[0]);
2181 }
2182
2183 # Increase current used key.
2184 foreach my $key1 (@counter) {
2185 $hash{$key1}++ ;
2186 }
2187
2188 # Sort hash.
2189 foreach my $key (sort { ncmp($customgeoipgrp{$a}[0],$customgeoipgrp{$b}[0]) }
2190 sort { ncmp($customgeoipgrp{$a}[2],$customgeoipgrp{$b}[2]) } keys %customgeoipgrp) {
2191 $count++;
2192 if ($helper ne $customgeoipgrp{$key}[0]) {
2193 $delflag='0';
2194
2195 foreach my $key1 (sort { ncmp($customgeoipgrp{$a}[0],$customgeoipgrp{$b}[0]) }
2196 sort { ncmp($customgeoipgrp{$a}[2],$customgeoipgrp{$b}[2]) } keys %customgeoipgrp) {
2197
2198 if ($customgeoipgrp{$key}[0] eq $customgeoipgrp{$key1}[0])
2199 {
2200 $delflag++;
2201 }
2202 if($delflag > 1){
2203 last;
2204 }
2205 }
2206
2207 $number=1;
2208
2209 # Groupname.
2210 $grpname=$customgeoipgrp{$key}[0];
2211
2212 # Group remark.
2213 $remark="$customgeoipgrp{$key}[1]";
2214
2215 # Country code.
2216 $country_code="$customgeoipgrp{$key}[2]";
2217
2218 if ($count gt 1){
2219 print"</table>";
2220 $count=1;
2221 }
2222
2223 # Display groups header.
2224 print "<br><b><u>$grpname</u></b>&nbsp; &nbsp;\n";
2225 print "<b>$Lang::tr{'remark'}:</b>&nbsp $remark &nbsp\n" if ($remark ne '');
2226
2227 # Get group count.
2228 my $geoipgrpcount=&getgeoipcount($grpname);
2229 print "<b>$Lang::tr{'used'}:</b> $geoipgrpcount x";
2230
2231 # Only display delete icon, if the group is not used by a firewall rule.
2232 if($geoipgrpcount == '0') {
2233 print"<form method='post' style='display:inline'>\n";
2234 print"<input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' />\n";
2235 print"<input type='hidden' name='grp_name' value='$grpname' >\n";
2236 print"<input type='hidden' name='ACTION' value='delgeoipgrp'>\n";
2237 print"</form>";
2238 }
2239
2240 # Icon for group editing.
2241 print <<END;
2242 <form method='post' style='display:inline'>
2243 <input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right'/>
2244 <input type='hidden' name='grp_name' value='$grpname' >
2245 <input type='hidden' name='remark' value='$remark' >
2246 <input type='hidden' name='ACTION' value='editgeoipgrp'>
2247 </form>
2248
2249 <table width='100%' cellspacing='0' class='tbl'>
2250 END
2251 # Display headlines if the group contains any entries.
2252 if ($country_code ne "none") {
2253 print <<END;
2254 <tr>
2255 <td width='10%' align='center'>
2256 <b>$Lang::tr{'flag'}</b>
2257 </td>
2258
2259 <td width='10%'align='center'>
2260 <b>$Lang::tr{'countrycode'}</b>
2261 </td>
2262
2263 <td width='70%'align='left'>
2264 <b>$Lang::tr{'country'}</b>
2265 </td>
2266
2267 <td width='10%' align='right'></td>
2268 </tr>
2269 END
2270 }
2271 }
2272
2273 # Check if our group contains any entries.
2274 if ($country_code eq "none") {
2275 print "<tr><td>$Lang::tr{'fwhost err emptytable'}</td></tr>\n";
2276 } else {
2277 # Check if we are currently editing a group and assign column backgound colors.
2278 my $col='';
2279 if ( ($fwhostsettings{'ACTION'} eq 'editgeoipgrp' || $fwhostsettings{'update'} ne '')
2280 && $fwhostsettings{'grp_name'} eq $customgeoipgrp{$key}[0]) {
2281 $col="bgcolor='${Header::colouryellow}'";
2282 } elsif ($count %2 == 0){
2283 $col="bgcolor='$color{'color20'}'";
2284 } else {
2285 $col="bgcolor='$color{'color22'}'";
2286 }
2287
2288 # Get country flag.
2289 my $icon = &GeoIP::get_flag_icon($customgeoipgrp{$key}[2]);
2290
2291 # Print column with flag icon.
2292 my $col_content;
2293 if ($icon) {
2294 $col_content = "<img src='$icon' alt='$customgeoipgrp{$key}[2]' title='$customgeoipgrp{$key}[2]'>";
2295 } else {
2296 $col_content = "<b>N/A</b>";
2297 }
2298
2299 print "<td align='center' $col>$col_content</td>\n";
2300
2301 # Print column with country code.
2302 print "<td align='center' $col>$customgeoipgrp{$key}[2]</td>\n";
2303
2304 # Print column with full country name.
2305 my $country_name = &GeoIP::get_full_country_name($customgeoipgrp{$key}[2]);
2306 print "<td align='left' $col>$country_name</td>\n";
2307
2308 # Generate from for removing entries from a group.
2309 print "<td align='right' width='1%' $col><form method='post'>\n";
2310
2311 if ($delflag > 0){
2312 print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}'/>\n";
2313
2314 # Check if this group only has a single entry.
2315 foreach my $key2 (keys %hash) {
2316 if ($hash{$key2}<2 && $key2 eq $customgeoipgrp{$key}[0]){
2317 print "<input type='hidden' name='last' value='on'>" ;
2318 }
2319 }
2320 }
2321
2322 print "<input type='hidden' name='ACTION' value='deletegeoipgrpentry'>\n";
2323 print "<input type='hidden' name='update' value='$fwhostsettings{'update'}'>\n";
2324 print "<input type='hidden' name='delentry' value='$grpname,$remark,$customgeoipgrp{$key}[2],$customgeoipgrp{$key}[3]'>\n";
2325 print "</form>\n";
2326 print "</td>\n";
2327 print "</tr>\n";
2328 }
2329
2330 $helper=$customgeoipgrp{$key}[0];
2331 $number++;
2332 }
2333
2334 print"</table>\n";
2335 &Header::closebox();
2336 }
2337 sub viewtableservice
2338 {
2339 my $count=0;
2340 my $srvcount;
2341 if(! -z "$configsrv")
2342 {
2343 &Header::openbox('100%', 'left', $Lang::tr{'fwhost services'});
2344 &General::readhasharray("$configsrv", \%customservice);
2345 &General::readhasharray("$configsrvgrp", \%customservicegrp);
2346 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2347 &General::readhasharray("$fwconfiginp", \%fwinp);
2348 &General::readhasharray("$fwconfigout", \%fwout);
2349 print<<END;
2350 <table width='100%' cellspacing='0' class='tbl'>
2351 <tr><th align='center'><b>$Lang::tr{'fwhost srv_name'}</b></th><th align='center'><b>$Lang::tr{'fwhost prot'}</b></th><th align='center'><b>$Lang::tr{'fwhost port'}</b></th><th align='center'><b>ICMP</b></th><th align='center'><b>$Lang::tr{'fwhost used'}</b></th><th></th><th width='3%'></th></tr>
2352 END
2353 my $col='';
2354 foreach my $key (sort { ncmp($customservice{$a}[0],$customservice{$b}[0])} keys %customservice)
2355 {
2356 $count++;
2357 if ( ($fwhostsettings{'updatesrv'} eq 'on' || $fwhostsettings{'error'}) && $fwhostsettings{'SRV_NAME'} eq $customservice{$key}[0]) {
2358 print" <tr>";
2359 $col="bgcolor='${Header::colouryellow}'";
2360 }elsif ($count % 2){
2361 print" <tr>";
2362 $col="bgcolor='$color{'color22'}'";
2363 }else{
2364 print" <tr>";
2365 $col="bgcolor='$color{'color20'}'";
2366 }
2367 print<<END;
2368 <td $col>$customservice{$key}[0]</td><td align='center' $col>$customservice{$key}[2]</td><td align='center' $col>$customservice{$key}[1]</td><td align='center' $col>
2369 END
2370 #Neuer count
2371 $srvcount=&getsrvcount($customservice{$key}[0]);
2372 if($customservice{$key}[3] eq 'All ICMP-Types'){print $Lang::tr{'fwdfw all icmp'};}
2373 elsif($customservice{$key}[3] ne 'BLANK'){print $customservice{$key}[3];}
2374 print<<END;
2375 </td><td align='center' $col>$srvcount x</td>
2376 <td width='1%' $col><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' /><input type='hidden' name='ACTION' value='editservice' />
2377 <input type='hidden' name='SRV_NAME' value='$customservice{$key}[0]' />
2378 <input type='hidden' name='SRV_PORT' value='$customservice{$key}[1]' />
2379 <input type='hidden' name='PROT' value='$customservice{$key}[2]' />
2380 <input type='hidden' name='ICMP' value='$customservice{$key}[3]' /></form></td>
2381 END
2382 if ($srvcount eq '0')
2383 {
2384 print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' /><input type='hidden' name='ACTION' value='delservice' /><input type='hidden' name='SRV_NAME' value='$customservice{$key}[0]'></td></tr></form>";
2385 }else{
2386 print"<td $col></td></tr>";
2387 }
2388 }
2389 print"</table>";
2390 &Header::closebox();
2391 }
2392 }
2393 sub viewtableservicegrp
2394 {
2395 my $count=0;
2396 my $grpname;
2397 my $remark;
2398 my $helper;
2399 my $helper1;
2400 my $port;
2401 my $protocol;
2402 my $delflag;
2403 my $grpcount=0;
2404 my $col='';
2405 my $lastentry=0;
2406 my @counter;
2407 my %hash;
2408 if (! -z $configsrvgrp){
2409 &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust srvgrp'});
2410 &General::readhasharray("$configsrvgrp", \%customservicegrp);
2411 &General::readhasharray("$configsrv", \%customservice);
2412 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2413 &General::readhasharray("$fwconfiginp", \%fwinp);
2414 &General::readhasharray("$fwconfigout", \%fwout);
2415 my $number= keys %customservicegrp;
2416 foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
2417 push (@counter,$customservicegrp{$key}[0]);
2418 }
2419 foreach my $key1 (@counter) {
2420 $hash{$key1}++ ;
2421 }
2422 foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
2423 $count++;
2424 if ($helper ne $customservicegrp{$key}[0]){
2425 #Get used groupcounter
2426 $grpcount=&getsrvcount($customservicegrp{$key}[0]);
2427 $delflag=0;
2428 foreach my $key1 (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) } keys %customservicegrp){
2429 if ($customservicegrp{$key}[0] eq $customservicegrp{$key1}[0])
2430 {
2431 $delflag++;
2432 }
2433 if($delflag > 1){
2434 last;
2435 }
2436 }
2437 $grpname=$customservicegrp{$key}[0];
2438 if ($customservicegrp{$key}[2] eq "none"){
2439 $customservicegrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};
2440 $port='';
2441 $protocol='';
2442 }
2443 $remark="$customservicegrp{$key}[1]";
2444 if($count >0){print"</table>";$count=1;}
2445 print "<br><b><u>$grpname</u></b>&nbsp; &nbsp; ";
2446 print "<b>$Lang::tr{'remark'}:</b>&nbsp; $remark " if ($remark ne '');
2447 print "&nbsp; <b>$Lang::tr{'used'}:</b> $grpcount x";
2448 if($grpcount == '0')
2449 {
2450 print"<form method='post' style='display:inline'><input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' /><input type='hidden' name='SRVGRP_NAME' value='$grpname' ><input type='hidden' name='ACTION' value='delservicegrp'></form>";
2451 }
2452 print"<form method='post' style='display:inline'><input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right' /><input type='hidden' name='SRVGRP_NAME' value='$grpname' ><input type='hidden' name='SRVGRP_REMARK' value='$remark' ><input type='hidden' name='ACTION' value='editservicegrp'></form>";
2453 print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>Name</b></th><th align='center'><b>$Lang::tr{'port'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost prot'}</th><th></th></tr>";
2454 }
2455 if( $fwhostsettings{'SRVGRP_NAME'} eq $customservicegrp{$key}[0]) {
2456 print"<tr>";
2457 $col="bgcolor='${Header::colouryellow}'";
2458 }elsif ($count %2 == 0){
2459 print"<tr>";
2460 $col="bgcolor='$color{'color20'}'";
2461 }else{
2462 print"<tr>";
2463 $col="bgcolor='$color{'color22'}'";
2464 }
2465 #make lines yellow if it is a dummy entry
2466 if ($customservicegrp{$key}[2] eq $Lang::tr{'fwhost err emptytable'}){
2467 print"<tr>";
2468 $col="bgcolor='${Header::colouryellow}'";
2469 }
2470 #Set fields if we use protocols in servicegroups
2471 if ($customservicegrp{$key}[2] ne 'TCP' || $customservicegrp{$key}[2] ne 'UDP' || $customservicegrp{$key}[2] ne 'ICMP'){
2472 $port='-';
2473 }
2474 if ($customservicegrp{$key}[2] eq 'GRE'){$protocol='GRE';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} GRE";}
2475 if ($customservicegrp{$key}[2] eq 'ESP'){$protocol='ESP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} ESP";}
2476 if ($customservicegrp{$key}[2] eq 'AH'){$protocol='AH';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} AH";}
2477 if ($customservicegrp{$key}[2] eq 'IGMP'){$protocol='IGMP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IGMP";}
2478 if ($customservicegrp{$key}[2] eq 'IPIP'){$protocol='IPIP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPIP";}
2479 if ($customservicegrp{$key}[2] eq 'IPV6'){$protocol='IPV6';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPv6 encapsulation";}
2480 print "<td width='39%' $col>$customservicegrp{$key}[2]</td>";
2481 foreach my $srv (sort keys %customservice){
2482 if ($customservicegrp{$key}[2] eq $customservice{$srv}[0]){
2483 $protocol=$customservice{$srv}[2];
2484 $port=$customservice{$srv}[1];
2485 last;
2486 }
2487 }
2488 print"<td align='center' $col>$port</td><td align='center' $col>$protocol</td><td width='1%' $col><form method='post'>";
2489 if ($delflag gt '0'){
2490 if ($customservicegrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
2491 print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title=$Lang::tr{'delete'} />";
2492 }
2493 #check if this group has only one entry
2494 foreach my $key2 (keys %hash) {
2495 if ($hash{$key2}<2 && $key2 eq $customservicegrp{$key}[0]){
2496 print "<input type='hidden' name='last' value='on'>" ;
2497 }
2498 }
2499 }
2500 print"<input type='hidden' name='ACTION' value='delgrpservice'><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'>";
2501 if($protocol eq 'TCP' || $protocol eq 'UDP' || $protocol eq 'ICMP'){
2502 print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$customservicegrp{$key}[2]'></form></td></tr>";
2503 }else{
2504 print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$protocol'></form></td></tr>";
2505 }
2506 $helper=$customservicegrp{$key}[0];
2507 }
2508 print"</table>";
2509 &Header::closebox();
2510 }
2511 }
2512 # Check
2513 sub checkname
2514 {
2515 my %hash=%{(shift)};
2516 foreach my $key (keys %hash) {
2517 if($hash{$key}[0] eq $fwhostsettings{'HOSTNAME'}){
2518 return 0;
2519 }
2520 }
2521 return 1;
2522
2523 }
2524 sub checkgroup
2525 {
2526 &General::readhasharray("$configgrp", \%customgrp );
2527 my $name=shift;
2528 foreach my $key (keys %customservicegrp) {
2529 if($customservicegrp{$key}[0] eq $name){
2530 return 0;
2531 }
2532 }
2533 return 1;
2534 }
2535 sub checkservice
2536 {
2537 &General::readhasharray("$configsrv", \%customservice );
2538 my $name=shift;
2539 foreach my $key (keys %customservice) {
2540 if($customservice{$key}[0] eq $name){
2541 return 0;
2542 }
2543 }
2544 return 1;
2545 }
2546 sub checkip
2547 {
2548
2549 my %hash=%{(shift)};
2550 my $a=shift;
2551 foreach my $key (keys %hash) {
2552 if($hash{$key}[$a] eq $fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'})){
2553 return 0;
2554 }
2555 }
2556 return 1;
2557 }
2558 sub checksubnet
2559 {
2560 my %hash=%{(shift)};
2561 &General::readhasharray("$confignet", \%hash);
2562 foreach my $key (keys %hash) {
2563 if(&General::IpInSubnet($fwhostsettings{'IP'},$hash{$key}[1],$hash{$key}[2]))
2564 {
2565 return 1;
2566 }
2567 }
2568 return 0;
2569 }
2570 sub checkservicegroup
2571 {
2572 &General::readhasharray("$configsrvgrp", \%customservicegrp);
2573 #check name
2574 if ( ! &validhostname($fwhostsettings{'SRVGRP_NAME'}))
2575 {
2576 $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
2577 return $errormessage;
2578 }
2579 #check empty selectbox
2580 if (keys %customservice lt 1)
2581 {
2582 $errormessage.=$Lang::tr{'fwhost err groupempty'}."<br>";
2583 }
2584 #check if name already exists
2585 if ($fwhostsettings{'updatesrvgrp'} ne 'on'){
2586 foreach my $key (keys %customservicegrp) {
2587 if( $customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} ){
2588 $errormessage.=$Lang::tr{'fwhost err grpexist'}."<br>";
2589
2590 }
2591 }
2592 }
2593 #check if service already exists in group
2594 foreach my $key (keys %customservicegrp) {
2595 if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[2] eq $fwhostsettings{'CUST_SRV'} ){
2596 $errormessage.=$Lang::tr{'fwhost err srvexist'}."<br>";
2597 }
2598 }
2599 return $errormessage;
2600 }
2601 sub checkrulereload
2602 {
2603 my $search=shift;
2604 &General::readhasharray("$fwconfigfwd", \%fwfwd);
2605 &General::readhasharray("$fwconfiginp", \%fwinp);
2606 &General::readhasharray("$fwconfigout", \%fwout);
2607
2608 #check if service or servicegroup is used in rules
2609 foreach my $key (keys %fwfwd){
2610 if($search eq $fwfwd{$key}[15]){
2611 &General::firewall_config_changed();
2612 return;
2613 }
2614 }
2615 foreach my $key (keys %fwinp){
2616 if($search eq $fwinp{$key}[15]){
2617 &General::firewall_config_changed();
2618 return;
2619 }
2620 }
2621 foreach my $key (keys %fwout){
2622 if($search eq $fwout{$key}[15]){
2623 &General::firewall_config_changed();
2624 return;
2625 }
2626 }
2627 }
2628 sub error
2629 {
2630 if ($errormessage) {
2631 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
2632 print "<class name='base'>$errormessage\n";
2633 print "&nbsp;</class>\n";
2634 &Header::closebox();
2635 }
2636 }
2637 sub hint
2638 {
2639 if ($hint) {
2640 &Header::openbox('100%', 'left', $Lang::tr{'fwhost hint'});
2641 print "<class name='base'>$hint\n";
2642 print "&nbsp;</class>\n";
2643 &Header::closebox();
2644 }
2645 }
2646 sub get_name
2647 {
2648 my $val=shift;
2649 &General::setup_default_networks(\%defaultNetworks);
2650 foreach my $network (sort keys %defaultNetworks)
2651 {
2652 return "$network" if ($val eq $defaultNetworks{$network}{'NAME'});
2653 }
2654 }
2655 sub gethostcount
2656 {
2657 my $searchstring=shift;
2658 my $srvcounter=0;
2659 #Count services used in servicegroups
2660 foreach my $key (keys %customgrp) {
2661 if($customgrp{$key}[2] eq $searchstring){
2662 $srvcounter++;
2663 }
2664 }
2665 #Count services used in firewall - config
2666 foreach my $key1 (keys %fwfwd) {
2667 if($fwfwd{$key1}[4] eq $searchstring){
2668 $srvcounter++;
2669 }
2670 if($fwfwd{$key1}[6] eq $searchstring){
2671 $srvcounter++;
2672 }
2673 }
2674 #Count services used in firewall - input
2675 foreach my $key2 (keys %fwinp) {
2676 if($fwinp{$key2}[4] eq $searchstring){
2677 $srvcounter++;
2678 }
2679 if($fwinp{$key2}[6] eq $searchstring){
2680 $srvcounter++;
2681 }
2682 }
2683 #Count services used in firewall - outgoing
2684 foreach my $key3 (keys %fwout) {
2685 if($fwout{$key3}[4] eq $searchstring){
2686 $srvcounter++;
2687 }
2688 if($fwout{$key3}[6] eq $searchstring){
2689 $srvcounter++;
2690 }
2691 }
2692 return $srvcounter;
2693 }
2694 sub getgeoipcount
2695 {
2696 my $groupname=shift;
2697 my $counter=0;
2698
2699 # GeoIP groups are stored as "group:groupname" in the
2700 # firewall settings files.
2701 my $searchstring = join(':', "group",$groupname);
2702
2703 # Count services used in firewall - forward
2704 foreach my $key1 (keys %fwfwd) {
2705 if($fwfwd{$key1}[4] eq $searchstring){
2706 $counter++;
2707 }
2708 if($fwfwd{$key1}[6] eq $searchstring){
2709 $counter++;
2710 }
2711 }
2712 #Count services used in firewall - input
2713 foreach my $key2 (keys %fwinp) {
2714 if($fwinp{$key2}[4] eq $searchstring){
2715 $counter++;
2716 }
2717 if($fwinp{$key2}[6] eq $searchstring){
2718 $counter++;
2719 }
2720 }
2721 #Count services used in firewall - outgoing
2722 foreach my $key3 (keys %fwout) {
2723 if($fwout{$key3}[4] eq $searchstring){
2724 $counter++;
2725 }
2726 if($fwout{$key3}[6] eq $searchstring){
2727 $counter++;
2728 }
2729 }
2730 return $counter;
2731 }
2732 sub getnetcount
2733 {
2734 my $searchstring=shift;
2735 my $srvcounter=0;
2736 #Count services used in servicegroups
2737 foreach my $key (keys %customgrp) {
2738 if($customgrp{$key}[2] eq $searchstring){
2739 $srvcounter++;
2740 }
2741 }
2742 #Count services used in firewall - config
2743 foreach my $key1 (keys %fwfwd) {
2744 if($fwfwd{$key1}[4] eq $searchstring){
2745 $srvcounter++;
2746 }
2747 if($fwfwd{$key1}[6] eq $searchstring){
2748 $srvcounter++;
2749 }
2750 }
2751 #Count services used in firewall - input
2752 foreach my $key2 (keys %fwinp) {
2753 if($fwinp{$key2}[4] eq $searchstring){
2754 $srvcounter++;
2755 }
2756 if($fwinp{$key2}[6] eq $searchstring){
2757 $srvcounter++;
2758 }
2759 }
2760 #Count services used in firewall - outgoing
2761 foreach my $key3 (keys %fwout) {
2762 if($fwout{$key3}[4] eq $searchstring){
2763 $srvcounter++;
2764 }
2765 if($fwout{$key3}[6] eq $searchstring){
2766 $srvcounter++;
2767 }
2768 }
2769 return $srvcounter;
2770 }
2771 sub getsrvcount
2772 {
2773 my $searchstring=shift;
2774 my $srvcounter=0;
2775 #Count services used in servicegroups
2776 foreach my $key (keys %customservicegrp) {
2777 if($customservicegrp{$key}[2] eq $searchstring){
2778 $srvcounter++;
2779 }
2780 }
2781 #Count services used in firewall - config
2782 foreach my $key1 (keys %fwfwd) {
2783 if($fwfwd{$key1}[15] eq $searchstring){
2784 $srvcounter++;
2785 }
2786 }
2787 #Count services used in firewall - input
2788 foreach my $key2 (keys %fwinp) {
2789 if($fwinp{$key2}[15] eq $searchstring){
2790 $srvcounter++;
2791 }
2792 }
2793 #Count services used in firewall - outgoing
2794 foreach my $key3 (keys %fwout) {
2795 if($fwout{$key3}[15] eq $searchstring){
2796 $srvcounter++;
2797 }
2798 }
2799 return $srvcounter;
2800 }
2801 sub deletefromgrp
2802 {
2803 my $target=shift;
2804 my $config=shift;
2805 my %hash=();
2806 &General::readhasharray("$config",\%hash);
2807 foreach my $key (keys %hash) {
2808 if($hash{$key}[2] eq $target){
2809 delete $hash{$key};
2810 }
2811 }
2812 &General::writehasharray("$config",\%hash);
2813
2814 }
2815 sub plausicheck
2816 {
2817 my $edit=shift;
2818 #check hostname
2819 if (!&validhostname($fwhostsettings{'HOSTNAME'}))
2820 {
2821 $errormessage=$errormessage.$Lang::tr{'fwhost err name'};
2822 $fwhostsettings{'BLK_IP'}='readonly';
2823 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
2824 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
2825 }
2826 #check if name collides with CCD Netname
2827 &General::readhasharray("$configccdnet", \%ccdnet);
2828 foreach my $key (keys %ccdnet) {
2829 if($ccdnet{$key}[0] eq $fwhostsettings{'HOSTNAME'}){
2830 $errormessage=$errormessage.$Lang::tr{'fwhost err isccdnet'};;
2831 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
2832 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
2833 last;
2834 }
2835 }
2836 #check if IP collides with CCD NetIP
2837 if ($fwhostsettings{'type'} ne 'mac'){
2838 &General::readhasharray("$configccdnet", \%ccdnet);
2839 foreach my $key (keys %ccdnet) {
2840 my $test=(&General::getnetworkip($fwhostsettings{'IP'},&General::iporsubtocidr($fwhostsettings{'SUBNET'})))."/".$fwhostsettings{'SUBNET'};
2841 if($ccdnet{$key}[1] eq $test){
2842 $errormessage=$errormessage.$Lang::tr{'fwhost err isccdipnet'};
2843 $fwhostsettings{'IP'} = $fwhostsettings{'orgip'};
2844 $fwhostsettings{'SUBNET'} = $fwhostsettings{'orgsubnet'};
2845 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
2846 last;
2847 }
2848 }
2849 }
2850 #check if name collides with CCD Hostname
2851 &General::readhasharray("$configccdhost", \%ccdhost);
2852 foreach my $key (keys %ccdhost) {
2853 my ($ip,$sub)=split(/\//,$ccdhost{$key}[33]);
2854 if($ip eq $fwhostsettings{'IP'}){
2855 $errormessage=$Lang::tr{'fwhost err isccdiphost'};
2856 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
2857 last;
2858 }
2859 }
2860 #check if IP collides with CCD HostIP (only hosts)
2861 if ($edit eq 'edithost')
2862 {
2863 foreach my $key (keys %ccdhost) {
2864 if($ccdhost{$key}[1] eq $fwhostsettings{'HOSTNAME'}){
2865 $errormessage=$Lang::tr{'fwhost err isccdhost'};
2866 $fwhostsettings{'IP'} = $fwhostsettings{'orgname'};
2867 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
2868 last;
2869 }
2870 }
2871 }
2872 #check if network with this name already exists
2873 &General::readhasharray("$confignet", \%customnetwork);
2874 if (!&checkname(\%customnetwork))
2875 {
2876 $errormessage=$errormessage."<br>".$Lang::tr{'fwhost err netexist'};
2877 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
2878 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
2879 }
2880 #check if network ip already exists
2881 if (!&checkip(\%customnetwork,1))
2882 {
2883 $errormessage=$errormessage."<br>".$Lang::tr{'fwhost err net'};
2884 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
2885 }
2886 #check if host with this name already exists
2887 &General::readhasharray("$confighost", \%customhost);
2888 if (!&checkname(\%customhost))
2889 {
2890 $errormessage.="<br>".$Lang::tr{'fwhost err hostexist'};
2891 $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
2892 if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
2893 }
2894 #check if host with this ip already exists
2895 if (!&checkip(\%customhost,2))
2896 {
2897 $errormessage=$errormessage."<br>".$Lang::tr{'fwhost err ipcheck'};
2898 }
2899 return;
2900 }
2901 sub getipforgroup
2902 {
2903 my $name=$_[0],
2904 my $type=$_[1];
2905 my $value;
2906
2907 #get address from IPSEC NETWORK
2908 if ($type eq 'IpSec Network'){
2909 foreach my $key (keys %ipsecconf) {
2910 if ($ipsecconf{$key}[1] eq $name){
2911 return $ipsecconf{$key}[11];
2912 }
2913 }
2914 &deletefromgrp($name,$configgrp);
2915 }
2916
2917 #get address from IPSEC HOST
2918 if ($type eq 'IpSec Host'){
2919 foreach my $key (keys %ipsecconf) {
2920 if ($ipsecconf{$key}[1] eq $name){
2921 return $ipsecconf{$key}[10];
2922 }
2923 }
2924 &deletefromgrp($name,$configgrp);
2925 }
2926
2927 #get address from ovpn ccd Net-2-Net
2928 if ($type eq 'OpenVPN N-2-N'){
2929 foreach my $key (keys %ccdhost) {
2930 if($ccdhost{$key}[1] eq $name){
2931 my ($a,$b) = split ("/",$ccdhost{$key}[11]);
2932 $b=&General::iporsubtodec($b);
2933 return "$a/$b";
2934 }
2935 }
2936 &deletefromgrp($name,$configgrp);
2937 }
2938
2939 #get address from ovpn ccd static host
2940 if ($type eq 'OpenVPN static host'){
2941 foreach my $key (keys %ccdhost) {
2942 if($ccdhost{$key}[1] eq $name){
2943 my ($a,$b) = split (/\//,$ccdhost{$key}[33]);
2944 $b=&General::iporsubtodec($b);
2945 return "$a/$b";
2946 }
2947 }
2948 &deletefromgrp($name,$configgrp);
2949 }
2950
2951 #get address from ovpn ccd static net
2952 if ($type eq 'OpenVPN static network'){
2953 foreach my $key (keys %ccdnet) {
2954 if ($ccdnet{$key}[0] eq $name){
2955 my ($a,$b) = split (/\//,$ccdnet{$key}[1]);
2956 $b=&General::iporsubtodec($b);
2957 return "$a/$b";
2958 }
2959 }
2960 }
2961
2962 #check custom addresses
2963 if ($type eq 'Custom Host'){
2964 foreach my $key (keys %customhost) {
2965 if ($customhost{$key}[0] eq $name){
2966 my ($ip,$sub) = split("/",$customhost{$key}[2]);
2967 return $ip;
2968 }
2969 }
2970 }
2971
2972 ##check custom networks
2973 if ($type eq 'Custom Network'){
2974 foreach my $key (keys %customnetwork) {
2975 if($customnetwork{$key}[0] eq $name){
2976 return $customnetwork{$key}[1]."/".$customnetwork{$key}[2];
2977 }
2978 }
2979 }
2980
2981 #check standard networks
2982 if ($type eq 'Standard Network'){
2983 if ($name =~ /OpenVPN/i){
2984 my %ovpn=();
2985 &General::readhash("${General::swroot}/ovpn/settings",\%ovpn);
2986 return $ovpn{'DOVPN_SUBNET'};
2987 }
2988 if ($name eq 'GREEN'){
2989 my %hash=();
2990 &General::readhash("${General::swroot}/ethernet/settings",\%hash);
2991 return $hash{'GREEN_NETADDRESS'}."/".$hash{'GREEN_NETMASK'};
2992 }
2993 if ($name eq 'BLUE'){
2994 my %hash=();
2995 &General::readhash("${General::swroot}/ethernet/settings",\%hash);
2996 return $hash{'BLUE_NETADDRESS'}."/".$hash{'BLUE_NETMASK'};
2997 }
2998 if ($name eq 'ORANGE'){
2999 my %hash=();
3000 &General::readhash("${General::swroot}/ethernet/settings",\%hash);
3001 return $hash{'ORANGE_NETADDRESS'}."/".$hash{'ORANGE_NETMASK'};
3002 }
3003 if ($name eq 'ALL'){
3004 return "0.0.0.0/0.0.0.0";
3005 }
3006 if ($name =~ /IPsec/i){
3007 my %hash=();
3008 &General::readhash("${General::swroot}/vpn/settings",\%hash);
3009 return $hash{'RW_NET'};
3010 }
3011 if ($name eq 'RED'){
3012 return "0.0.0.0/0";
3013 }
3014 }
3015 }
3016 sub decrease
3017 {
3018 my $grp=$_[0];
3019 &General::readhasharray("$confignet", \%customnetwork);
3020 &General::readhasharray("$confighost", \%customhost);
3021 foreach my $key (sort keys %customgrp ){
3022 if ( ($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Network')){
3023 foreach my $key1 (sort keys %customnetwork){
3024 if ($customnetwork{$key1}[0] eq $customgrp{$key}[2]){
3025 $customnetwork{$key1}[4]=$customnetwork{$key1}[4]-1;
3026 last;
3027 }
3028 }
3029 }
3030
3031 if (($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Host')){
3032 foreach my $key2 (sort keys %customhost){
3033 if ($customhost{$key2}[0] eq $customgrp{$key}[2]){
3034 $customhost{$key2}[4]=$customhost{$key2}[4]-1;
3035 last;
3036 }
3037 }
3038
3039 }
3040 }
3041 &General::writehasharray("$confignet", \%customnetwork);
3042 &General::writehasharray("$confighost", \%customhost);
3043 }
3044 sub decreaseservice
3045 {
3046 my $grp=$_[0];
3047 &General::readhasharray("$configsrv", \%customservice);
3048 &General::readhasharray("$configsrvgrp", \%customservicegrp);
3049
3050 foreach my $key (sort keys %customservicegrp){
3051 if ($customservicegrp{$key}[0] eq $grp ){
3052 foreach my $key2 (sort keys %customservice){
3053 if ($customservice{$key2}[0] eq $customservicegrp{$key}[2]){
3054 $customservice{$key2}[4]--;
3055 }
3056 }
3057 }
3058 }
3059 &General::writehasharray("$configsrv", \%customservice);
3060
3061 }
3062 sub changenameinfw
3063 {
3064 my $old=shift;
3065 my $new=shift;
3066 my $fld=shift;
3067 &General::readhasharray("$fwconfigfwd", \%fwfwd);
3068 &General::readhasharray("$fwconfiginp", \%fwinp);
3069 &General::readhasharray("$fwconfigout", \%fwout);
3070 #Rename group in Firewall-CONFIG
3071 foreach my $key1 (keys %fwfwd) {
3072 if($fwfwd{$key1}[$fld] eq $old){
3073 $fwfwd{$key1}[$fld]=$new;
3074 }
3075 }
3076 &General::writehasharray("$fwconfigfwd", \%fwfwd );
3077 #Rename group in Firewall-INPUT
3078 foreach my $key2 (keys %fwinp) {
3079 if($fwinp{$key2}[$fld] eq $old){
3080 $fwinp{$key2}[$fld]=$new;
3081 }
3082 }
3083 &General::writehasharray("$fwconfiginp", \%fwinp );
3084 #Rename group in Firewall-OUTGOING
3085 foreach my $key3 (keys %fwout) {
3086 if($fwout{$key3}[$fld] eq $old){
3087 $fwout{$key3}[$fld]=$new;
3088 }
3089 }
3090 &General::writehasharray("$fwconfigout", \%fwout );
3091 }
3092 sub checkports
3093 {
3094
3095 my %hash=%{(shift)};
3096 #check empty fields
3097 if ($fwhostsettings{'SRV_NAME'} eq '' ){
3098 $errormessage=$Lang::tr{'fwhost err name1'};
3099 }
3100 if ($fwhostsettings{'SRV_PORT'} eq '' && $fwhostsettings{'PROT'} ne 'ICMP'){
3101 $errormessage=$Lang::tr{'fwhost err port'};
3102 }
3103 #check valid name
3104 if (! &validhostname($fwhostsettings{'SRV_NAME'})){
3105 $errormessage="<br>".$Lang::tr{'fwhost err name'};
3106 }
3107 #change dashes with :
3108 $fwhostsettings{'SRV_PORT'}=~ tr/-/:/;
3109
3110 if ($fwhostsettings{'SRV_PORT'} eq "*") {
3111 $fwhostsettings{'SRV_PORT'} = "1:65535";
3112 }
3113 if ($fwhostsettings{'SRV_PORT'} =~ /^(\D)\:(\d+)$/) {
3114 $fwhostsettings{'SRV_PORT'} = "1:$2";
3115 }
3116 if ($fwhostsettings{'SRV_PORT'} =~ /^(\d+)\:(\D)$/) {
3117 $fwhostsettings{'SRV_PORT'} = "$1:65535";
3118 }
3119 if($fwhostsettings{'PROT'} ne 'ICMP'){
3120 $errormessage = $errormessage.&General::validportrange($fwhostsettings{'SRV_PORT'}, 'src');
3121 }
3122 # a new service has to have a different name
3123 foreach my $key (keys %hash){
3124 if ($hash{$key}[0] eq $fwhostsettings{'SRV_NAME'}){
3125 $errormessage = "<br>".$Lang::tr{'fwhost err srv exists'};
3126 last;
3127 }
3128 }
3129 return $errormessage;
3130 }
3131 sub validhostname
3132 {
3133 # Checks a hostname against RFC1035
3134 my $hostname = $_[0];
3135
3136 # Each part should be at least two characters in length
3137 # but no more than 63 characters
3138 if (length ($hostname) < 1 || length ($hostname) > 63) {
3139 return 0;}
3140 # Only valid characters are a-z, A-Z, 0-9 and -
3141 if ($hostname !~ /^[a-zA-ZäöüÖÄÜ0-9-_.;()\/\s]*$/) {
3142 return 0;}
3143 # First character can only be a letter or a digit
3144 if (substr ($hostname, 0, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/) {
3145 return 0;}
3146 # Last character can only be a letter or a digit
3147 if (substr ($hostname, -1, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9()]*$/) {
3148 return 0;}
3149 return 1;
3150 }
3151 sub validremark
3152 {
3153 # Checks a hostname against RFC1035
3154 my $remark = $_[0];
3155 # Each part should be at least two characters in length
3156 # but no more than 63 characters
3157 if (length ($remark) < 1 || length ($remark) > 255) {
3158 return 0;}
3159 # Only valid characters are a-z, A-Z, 0-9 and -
3160 if ($remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:;\|_()\/\s]*$/) {
3161 return 0;}
3162 # First character can only be a letter or a digit
3163 if (substr ($remark, 0, 1) !~ /^[a-zäöüA-ZÖÄÜ0-9]*$/) {
3164 return 0;}
3165 # Last character can only be a letter or a digit
3166 if (substr ($remark, -1, 1) !~ /^[a-zöäüA-ZÖÄÜ0-9.:;_)]*$/) {
3167 return 0;}
3168 return 1;
3169 }
3170 &Header::closebigbox();
3171 &Header::closepage();
IPFire 2.x development tree