]> git.ipfire.org Git - ipfire-2.x.git/blob - html/cgi-bin/webaccess.cgi
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
webaccess.cgi: Fix loading language
[ipfire-2.x.git] / html / cgi-bin / webaccess.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007 Michael Tremer & Christian Schmidt #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use CGI;
23
24 my $swroot = "/var/ipfire";
25 my $apdir = "$swroot/proxy/advanced";
26 my $group_def_file = "$apdir/cre/classrooms";
27 my $svhosts_file = "$apdir/cre/supervisors";
28 my $acl_src_noaccess_ips = "$apdir/acls/src_noaccess_ip.acl";
29 my $acl_src_noaccess_mac = "$apdir/acls/src_noaccess_mac.acl";
30
31 my $banner = "A D V A N C E D &nbsp; P R O X Y &nbsp; - &nbsp; W E B &nbsp; A C C E S S &nbsp; M A N A G E R";
32 my %cgiparams;
33 my %proxysettings;
34
35 my %acl=();
36 my @group_defs=();
37 my @groups=();
38
39 ### Initialize environment
40 &readhash("${swroot}/proxy/advanced/settings", \%proxysettings);
41
42 ### Initialize language
43 require "${swroot}/lang.pl";
44
45 &getcgihash(\%cgiparams);
46
47 &read_all_groups;
48 &read_acl_groups;
49
50 foreach (@groups)
51 {
52 if ($cgiparams{$_} eq $tr{'advproxy mode deny'}) { $acl{$_}='on'; }
53 if ($cgiparams{$_} eq $tr{'advproxy mode allow'}) { $acl{$_}='off'; }
54 }
55
56 &read_all_groups;
57
58 my $is_supervisor=0;
59
60 if ((-e $svhosts_file) && (!-z $svhosts_file))
61 {
62 open (FILE, $svhosts_file);
63 while (<FILE>)
64 {
65 chomp;
66 if ($ENV{'REMOTE_ADDR'} eq $_) { $is_supervisor=1; }
67 }
68 close (FILE);
69
70 } else { $is_supervisor=1; }
71
72 if (($cgiparams{'ACTION'} eq 'submit') && ($is_supervisor))
73 {
74 if ( ($cgiparams{'PASSWORD'} eq $proxysettings{'SUPERVISOR_PASSWORD'}) && (!($proxysettings{'SUPERVISOR_PASSWORD'} eq '')) ||
75 ((defined($proxysettings{'SUPERVISOR_PASSWORD'})) && ($proxysettings{'SUPERVISOR_PASSWORD'} eq '')))
76 {
77 &write_acl;
78 system("/usr/local/bin/squidctrl restart >/dev/null 2>&1");
79 }
80 }
81
82 &read_acl_groups;
83
84 #undef(%cgiparams);
85
86 # -------------------------------------------------------------------
87
88 print <<END
89 Pragma: no-cache
90 Cache-control: no-cache
91 Connection: close
92 Content-type: text/html
93
94 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'>
95 <html>
96 <head>
97 <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'>
98 <title>Advanced Proxy - Web Access Manager</title>
99 <style type='text/css'>
100 a:link { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#ffffff; }
101 a:visited { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#ffffff; }
102 a:hover { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#000000; }
103 a:active { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#000000; }
104 a:focus { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#ffffff; }
105 </style>
106 </head>
107 <body bgcolor='#FFFFFF'>
108
109 <center>
110
111 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
112
113 <table width='720' cellspacing='10' cellpadding='5' border='0'>
114
115 <tr>
116 <td bgcolor='#C0C0C0' height='20'></td>
117 </tr>
118
119 <tr>
120 <td bgcolor='#F4F4F4' align='center'>
121 <table width='100%' cellspacing='10' cellpadding='10' border='0'>
122
123 <tr>
124 <td nowrap bgcolor='#FFFFFF' align='center'>
125 <font face='verdana,arial,helvetica' color='#000000' size='3'>$banner</font>
126 </td>
127 </tr>
128
129 END
130 ;
131 if ($proxysettings{'CLASSROOM_EXT'} eq 'on')
132 {
133 if (@groups)
134 {
135 print <<END
136 <tr>
137 <td>
138 <table width='70%' cellspacing='2' cellpadding='2' border='0' align='center'>
139 <tr><td><input type='hidden' name='ACTION' value='submit'></td></tr>
140 <tr>
141 END
142 ;
143 if (($is_supervisor) && ((defined($proxysettings{'SUPERVISOR_PASSWORD'})) && (!($proxysettings{'SUPERVISOR_PASSWORD'} eq ''))))
144 {
145 print <<END
146 <td align='center'>
147 <font face='verdana,arial,helvetica' color='#000000' size='2'>$tr{'advproxy supervisor password'}:</font>
148 </td>
149 <td align='center'><input type='password' name='PASSWORD' size='15'></td>
150 END
151 ;
152 }
153 print <<END
154 </tr>
155
156 </table>
157
158 <p>
159
160 END
161 ;
162 foreach (@groups) {
163 if ($is_supervisor)
164 {
165 print"<table width='65%' cellspacing='2' cellpadding='2' border='0' align='center' rules='groups'>";
166 } else {
167 print"<table width='50%' cellspacing='2' cellpadding='6' border='0' align='center' rules='groups'>";
168 }
169 print "<tr>\n";
170 if ((defined($acl{$_})) && ($acl{$_} eq 'on'))
171 {
172 print " <td bgcolor='#D00000' align='center'><font face='verdana,arial,helvetica' color='#FFFFFF' size='2'>$_</font>";
173 } else { print " <td bgcolor='#00A000' align='center'><font face='verdana,arial,helvetica' color='#FFFFFF' size='2'>$_</font>"; }
174 if ($is_supervisor)
175 {
176 if ((defined($acl{$_})) && ($acl{$_} eq 'on'))
177 {
178 print "</td><td width='120' align='center'>";
179 print "<input type='submit' name='$_' value=' $tr{'advproxy mode allow'} '>";
180 print "</td><td width='16' bgcolor='#D00000'>&nbsp;</td>\n";
181 } else {
182 print "</td><td width='120' align='center'>";
183 print "<input type='submit' name='$_' value=' $tr{'advproxy mode deny'} '>";
184 print "</td><td width='16' bgcolor='#00A000'>&nbsp;</td>\n";
185 }
186 }
187 print "</tr>\n";
188 print "</table>\n";
189 print"<table width='65%' cellspacing='2' cellpadding='2' border='0' align='center'>";
190 print "<tr><td></td></tr>\n";
191 print "</table>\n";
192 }
193
194 print <<END
195 </td>
196 </tr>
197 END
198 ;
199 } else {
200 print " <tr>\n";
201 print " <td align='center'>\n";
202 print " <font face='verdana,arial,helvetica' color='#000000' size='2'>$tr{'advproxy no cre groups'}</font>\n";
203 print " </td>\n";
204 print " </tr>\n";
205 }
206 } else {
207 print " <tr>\n";
208 print " <td align='center'>\n";
209 print " <font face='verdana,arial,helvetica' color='#000000' size='2'>$tr{'advproxy cre disabled'}</font>\n";
210 print " </td>\n";
211 print " </tr>\n";
212 }
213
214 print <<END
215
216 </table>
217 </td>
218 </tr>
219
220
221 <tr>
222 <td bgcolor='#C0C0C0' align='right'>
223 <font face='verdana,arial,helvetica' color='#FFFFFF' size='1'>
224 <a href='http://www.advproxy.net' target='_blank'>Advanced Proxy</a> running on
225 <a href='http://www.ipfire.org' target='_blank'>IPFire</a>
226 </font>
227 </td>
228 </tr>
229
230 </table>
231
232 </form>
233
234 </center>
235
236 </body>
237
238 </html>
239 END
240 ;
241
242 # -------------------------------------------------------------------
243
244 sub readhash
245 {
246 my $filename = $_[0];
247 my $hash = $_[1];
248 my ($var, $val);
249
250 if (-e $filename)
251 {
252 open(FILE, $filename) or die "Unable to read file $filename";
253 while (<FILE>)
254 {
255 chop;
256 ($var, $val) = split /=/, $_, 2;
257 if ($var)
258 {
259 $val =~ s/^\'//g;
260 $val =~ s/\'$//g;
261
262 # Untaint variables read from hash
263 $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
264 $val =~ /([\w\W]*)/; $val = $1;
265 $hash->{$var} = $val;
266 }
267 }
268 close FILE;
269 }
270 }
271
272 # -------------------------------------------------------------------
273
274 sub getcgihash
275 {
276 my ($hash, $params) = @_;
277 my $cgi = CGI->new ();
278 return if ($ENV{'REQUEST_METHOD'} ne 'POST');
279 if (!$params->{'wantfile'}) {
280 $CGI::DISABLE_UPLOADS = 1;
281 $CGI::POST_MAX = 512 * 1024;
282 } else {
283 $CGI::POST_MAX = 10 * 1024 * 1024;
284 }
285
286 $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/;
287 my $referer = $1;
288 $cgi->url() =~ m/^https?\:\/\/([^\/]+)/;
289 my $servername = $1;
290 return if ($referer ne $servername);
291
292 ### Modified for getting multi-vars, split by |
293 %temp = $cgi->Vars();
294 foreach my $key (keys %temp) {
295 $hash->{$key} = $temp{$key};
296 $hash->{$key} =~ s/\0/|/g;
297 $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/;
298 }
299
300 if (($params->{'wantfile'})&&($params->{'filevar'})) {
301 $hash->{$params->{'filevar'}} = $cgi->upload
302 ($params->{'filevar'});
303 }
304 return;
305 }
306
307 # -------------------------------------------------------------------
308
309 sub read_acl_groups
310 {
311 undef(%acl);
312 open (FILE,"$acl_src_noaccess_ips");
313 my @aclgroups = <FILE>;
314 close (FILE);
315 foreach (@aclgroups)
316 {
317 chomp;
318 if (/^\#/)
319 {
320 s/^\# //;
321 $acl{$_}='on';
322 }
323 }
324 }
325
326 # -------------------------------------------------------------------
327
328 sub read_all_groups
329 {
330 my $grpstr;
331
332 open (FILE,"$group_def_file");
333 @group_defs = <FILE>;
334 close (FILE);
335
336 undef(@groups);
337 foreach (@group_defs)
338 {
339 chomp;
340 if (/^\s*\[.*\]\s*$/)
341 {
342 $grpstr=$_;
343 $grpstr =~ s/^\s*\[\s*//;
344 $grpstr =~ s/\s*\]\s*$//;
345 push(@groups,$grpstr);
346 }
347 }
348 }
349
350 # -------------------------------------------------------------------
351
352 sub write_acl
353 {
354 my $is_blocked=0;
355
356 open (FILE_IPS,">$acl_src_noaccess_ips");
357 open (FILE_MAC,">$acl_src_noaccess_mac");
358 flock (FILE_IPS, 2);
359 flock (FILE_MAC, 2);
360 foreach (@group_defs)
361 {
362 if (/^\s*\[.*\]\s*$/)
363 {
364 s/^\s*\[\s*//;
365 s/\s*\]\s*$//;
366 if ((defined($acl{$_})) && ($acl{$_} eq 'on'))
367 {
368 print FILE_IPS "# $_\n";
369 print FILE_MAC "# $_\n";
370 $is_blocked=1;
371 } else { $is_blocked=0; }
372 } elsif (($is_blocked) && ($_))
373 {
374 s/^\s+//g; s/\s+$//g;
375 /^[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}$/i ? print FILE_MAC "$_\n" : print FILE_IPS "$_\n";
376 }
377 }
378
379 close (FILE_IPS);
380 close (FILE_MAC);
381 }
382
383 # -------------------------------------------------------------------
IPFire 2.x development tree