]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - html/cgi-bin/fwhosts.cgi
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge remote-tracking branch 'amarx/firewall-dnat' into next
[ipfire-2.x.git] / html / cgi-bin / fwhosts.cgi
diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi
index 2d128f55df616cd95799286acff580b1cce4090a..ddf1e39d6acca4c1bcfd37ae08ed80400a5d3360 100644 (file)
--- a/html/cgi-bin/fwhosts.cgi
+++ b/html/cgi-bin/fwhosts.cgi
@@ -66,7 +66,6 @@ my $fwconfigfwd               = "${General::swroot}/firewall/config";
 my $fwconfiginp                = "${General::swroot}/firewall/input";
 my $fwconfigout                = "${General::swroot}/firewall/outgoing";
 my $configovpn         = "${General::swroot}/ovpn/settings";
-my $tdcolor='';
 my $configipsecrw      = "${General::swroot}/vpn/settings";
 
 unless (-e $confignet)    { system("touch $confignet"); }
@@ -293,25 +292,25 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
                }
                if($fwhostsettings{'error'} ne 'on'){
                        #check if we use one of ipfire's networks (green,orange,blue)
-                       if (($ownnet{'GREEN_NETADDRESS'}        ne '' && $ownnet{'GREEN_NETADDRESS'}    ne '0.0.0.0') && &General::IpInSubnet($fwhostsettings{'IP'},$ownnet{'GREEN_NETADDRESS'},$ownnet{'GREEN_NETMASK'}))
+                       if (($ownnet{'GREEN_NETADDRESS'}        ne '' && $ownnet{'GREEN_NETADDRESS'}    ne '0.0.0.0') && ($fwhostsettings{'IP'} eq $ownnet{'GREEN_NETADDRESS'} && $fwhostsettings{'SUBNET'} eq $ownnet{'GREEN_NETMASK'}))
                        { 
                                $errormessage=$errormessage.$Lang::tr{'ccd err green'}."<br>";
                                $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
                                if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}='editnet';}
                        }
-                       if (($ownnet{'ORANGE_NETADDRESS'}       ne '' && $ownnet{'ORANGE_NETADDRESS'}   ne '0.0.0.0') && &General::IpInSubnet($fwhostsettings{'IP'},$ownnet{'ORANGE_NETADDRESS'},$ownnet{'ORANGE_NETMASK'}))
+                       if (($ownnet{'ORANGE_NETADDRESS'}       ne '' && $ownnet{'ORANGE_NETADDRESS'}   ne '0.0.0.0') && ($fwhostsettings{'IP'} eq $ownnet{'ORANGE_NETADDRESS'} && $fwhostsettings{'SUBNET'} eq $ownnet{'ORANGE_NETMASK'}))
                        { 
                                $errormessage=$errormessage.$Lang::tr{'ccd err orange'}."<br>";
                                $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
                                if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}='editnet';}
                        }
-                       if (($ownnet{'BLUE_NETADDRESS'}         ne '' && $ownnet{'BLUE_NETADDRESS'}     ne '0.0.0.0') && &General::IpInSubnet($fwhostsettings{'IP'},$ownnet{'BLUE_NETADDRESS'},$ownnet{'BLUE_NETMASK'}))
+                       if (($ownnet{'BLUE_NETADDRESS'}         ne '' && $ownnet{'BLUE_NETADDRESS'}     ne '0.0.0.0') && ($fwhostsettings{'IP'} eq $ownnet{'BLUE_NETADDRESS'} && $fwhostsettings{'SUBNET'} eq $ownnet{'BLUE_NETMASK'}))
                        { 
                                $errormessage=$errormessage.$Lang::tr{'ccd err blue'}."<br>";
                                $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
                                if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}='editnet';}
                        }
-                       if (($ownnet{'RED_NETADDRESS'}  ne '' && $ownnet{'RED_NETADDRESS'}              ne '0.0.0.0') && &General::IpInSubnet($fwhostsettings{'IP'},$ownnet{'RED_NETADDRESS'},$ownnet{'RED_NETMASK'}))
+                       if (($ownnet{'RED_NETADDRESS'}  ne '' && $ownnet{'RED_NETADDRESS'}              ne '0.0.0.0') && ($fwhostsettings{'IP'} eq $ownnet{'RED_NETADDRESS'} && $fwhostsettings{'SUBNET'} eq $ownnet{'RED_NETMASK'}))
                        { 
                                $errormessage=$errormessage.$Lang::tr{'ccd err red'}."<br>";
                                $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
@@ -910,9 +909,6 @@ if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
        }
        &General::writehasharray("$configgrp", \%customgrp);
        &General::firewall_config_changed();
-       if ($fwhostsettings{'grpcnt'} > 0){
-               &General::firewall_config_changed();
-       }
        if ($fwhostsettings{'update'} eq 'on'){
                $fwhostsettings{'remark'}= $grpremark;
                $fwhostsettings{'grp_name'}=$grpname;
@@ -1236,7 +1232,7 @@ END
                                <tr><form method='post' style='display:inline'>
                                        <td>$Lang::tr{'remark'}:</td>
                                        <td colspan='2' style='width:98%;'><input type='TEXT' name='newrem' value='$fwhostsettings{'remark'}' style='width:98%;'></td>
-                                       <td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='ACTION' value='changegrpremark' ></td>
+                                       <td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='grp' value='$fwhostsettings{'grp_name'}'><input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='ACTION' value='changegrpremark' ></td>
                                </tr>
                        </table></form>
                        <br><br>
@@ -1256,7 +1252,7 @@ END
                                        </label>
                                </td>
                                <td style='text-align:right;'>
-                                       <select name='DEFAULT_SRC_ADR' style='min-width:16em;'>
+                                       <select name='DEFAULT_SRC_ADR' style='width:16em;'>
 END
                        foreach my $network (sort keys %defaultNetworks)
                        {
@@ -1285,7 +1281,7 @@ END
                                                </label>
                                        </td>
                                        <td style='text-align:right;'>
-                                               <select name='CUST_SRC_NET' style='min-width:16em;'>";
+                                               <select name='CUST_SRC_NET' style='width:16em;'>";
 END
                                foreach my $key (sort { ncmp($customnetwork{$a}[0],$customnetwork{$b}[0]) } keys  %customnetwork) {
                                        print"<option>$customnetwork{$key}[0]</option>";
@@ -1302,7 +1298,7 @@ END
                                                </label>
                                        </td>
                                        <td style='text-align:right;'>
-                                               <select name='CUST_SRC_HOST' style='min-width:16em;'>";
+                                               <select name='CUST_SRC_HOST' style='width:16em;'>";
 END
                                foreach my $key (sort { ncmp($customhost{$a}[0],$customhost{$b}[0]) } keys %customhost) {
                                        print"<option>$customhost{$key}[0]</option>";
@@ -1322,7 +1318,7 @@ END
                                        </label>
                                </td>
                                <td style='text-align:right;'>
-                                       <select name='OVPN_CCD_NET' style='min-width:16em;'>";
+                                       <select name='OVPN_CCD_NET' style='width:16em;'>";
 END
                                foreach my $key (sort { ncmp($ccdnet{$a}[0],$ccdnet{$b}[0]) }  keys %ccdnet)
                                {
@@ -1331,10 +1327,17 @@ END
                                print"</select></td></tr>";
                        }
                        #OVPN clients
+                       my @ovpn_clients=();
                        foreach my $key (sort { ncmp($ccdhost{$a}[0],$ccdhost{$b}[0]) } keys %ccdhost)
                        {
                                if ($ccdhost{$key}[33] ne ''){
-                                       print<<END;
+                                       $show='1';
+                                       push (@ovpn_clients,$ccdhost{$key}[1]);
+                               }
+                       }
+                       if ($show eq '1'){
+                               $show='';
+                               print<<END;
                                        <td style='width:15em;'>
                                                <label>
                                                        <input type='radio' name='grp2' value='ovpn_host' $checked{'grp2'}{'ovpn_host'}>
@@ -1342,17 +1345,24 @@ END
                                                </label>
                                        </td>
                                        <td style='text-align:right;'>
-                                               <select name='OVPN_CCD_HOST' style='min-width:16em;'>" if ($show eq '');
+                                               <select name='OVPN_CCD_HOST' style='width:16em;'>" if ($show eq '');
 END
-                                       $show='1';
-                                       print"<option value='$ccdhost{$key}[1]'>$ccdhost{$key}[1]</option>";
+                               foreach(@ovpn_clients){
+                                       print"<option value='$_'>$_</option>";
                                }
+                               print"</select></td></tr>";
                        }
-                       if ($show eq '1'){$show='';print"</select></td></tr>";}
                        #OVPN n2n networks
+                       my @OVPN_N2N=();
                        foreach my $key (sort { ncmp($ccdhost{$a}[1],$ccdhost{$b}[1]) } keys %ccdhost) {
                                if($ccdhost{$key}[3] eq 'net'){
-                                       print<<END;
+                                       $show='1';
+                                       push (@OVPN_N2N,$ccdhost{$key}[1]);
+                               }
+                       }
+                       if ($show eq '1'){
+                               $show='';
+                               print<<END;
                                        <td style='width:15em;'>
                                                <label>
                                                        <input type='radio' name='grp2' id='OVPN_N2N' value='ovpn_n2n' $checked{'grp2'}{'ovpn_n2n'}>
@@ -1360,17 +1370,24 @@ END
                                                </label>
                                        </td>
                                        <td style='text-align:right;'>
-                                               <select name='OVPN_N2N' style='min-width:16em;'>"
+                                               <select name='OVPN_N2N' style='width:16em;'>"
 END
-                                       $show='1';
-                                       print"<option>$ccdhost{$key}[1]</option>";
+                               foreach(@OVPN_N2N){
+                                       print"<option>$_</option>";
                                }
+                               print"</select></td></tr>";
                        }
-                       if ($show eq '1'){$show='';print"</select></td></tr>";}
                        #IPsec networks
+                       my @IPSEC_N2N=();
                        foreach my $key (sort { ncmp($ipsecconf{$a}[0],$ipsecconf{$b}[0]) } keys %ipsecconf) {
                                if ($ipsecconf{$key}[3] eq 'net'){
-                                       print<<END;
+                                       $show='1';
+                                       push (@IPSEC_N2N,$ipsecconf{$key}[1]);
+                               }
+                       }
+                       if ($show eq '1'){
+                               $show='';
+                               print<<END;
                                        <td style='width:15em;'>
                                                <label>
                                                        <input type='radio' name='grp2' id='IPSEC_NET' value='ipsec_net' $checked{'grp2'}{'ipsec_net'}>
@@ -1378,13 +1395,13 @@ END
                                                </label>
                                        </td>
                                        <td style='text-align:right;'>
-                                       <select name='IPSEC_NET' style='min-width:16em;'>"
+                                       <select name='IPSEC_NET' style='width:16em;'>"
 END
-                                       $show='1';
-                                       print"<option value='$ipsecconf{$key}[1]'>$ipsecconf{$key}[1]</option>";
+                               foreach(@IPSEC_N2N){
+                                       print"<option value='$_'>$_</option>";
                                }
                        }
-                       if ($show eq '1'){$show='';print"</select></td></tr>";}
+                       print"</select></td></tr>";
                        print"</table>";
                        print"</td></tr></table>";
                        print"<br><br>";
@@ -1479,9 +1496,28 @@ END
                print<<END;
                <table width='100%'><form method='post' style='display:inline'>
                <tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td width='20%'><input type='text' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}' size='14'></td><td align='left'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvgrpname' value='$fwhostsettings{'oldsrvgrpname'}'><input type='hidden' name='ACTION' value='changesrvgrpname'></td><td width='3%'></td></form></tr>
-               <tr><form method='post'><td width='10%'>$Lang::tr{'remark'}:</td><td colspan='2'><input type='text' name='newsrvrem'  value='$fwhostsettings{'SRVGRP_REMARK'}' style='width:98%;'></td><td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvrem' value='$fwhostsettings{'oldsrvgrpremark'}'><input type='hidden' name='ACTION' value='changesrvgrpremark' ></td></tr>
-               <tr><td colspan='4'><br></td></td></tr>
-               </table></form>
+               <tr>
+                       <form method='post'>
+                               <td width='10%'>
+                                       $Lang::tr{'remark'}:
+                               </td>
+                               <td colspan='2'>
+                                       <input type='text' name='newsrvrem'  value='$fwhostsettings{'SRVGRP_REMARK'}' style='width:98%;'>
+                               </td>
+                               <td align='right'>
+                                       <input type='submit' value='$Lang::tr{'fwhost change'}'>
+                                       <input type='hidden' name='oldsrvrem' value='$fwhostsettings{'oldsrvgrpremark'}'>
+                                       <input type='hidden' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}'>
+                                       <input type='hidden' name='ACTION' value='changesrvgrpremark' >
+                               </td>
+               </tr>
+               <tr>
+                               <td colspan='4'>
+                                       <br>
+                               </td>
+               </tr>
+               </table>
+                       </form>
 END
        }
        if($fwhostsettings{'updatesrvgrp'} eq 'on'){
@@ -1584,6 +1620,7 @@ sub getcolor
                my $c=shift;
                my $sip;
                my $scidr;
+               my $tdcolor='';
                #Check if MAC
                if (&General::validmac($c)){ return $c;}
 
@@ -1595,7 +1632,7 @@ sub getcolor
                }
 
                #Now check if IP is part of ORANGE,BLUE or GREEN
-               if ( &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){
+               if ( &Header::orange_used() && &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){
                        $tdcolor="<font style='color: $Header::colourorange;'>$c</font>";
                        return $tdcolor;
                }
@@ -1603,11 +1640,14 @@ sub getcolor
                        $tdcolor="<font style='color: $Header::colourgreen;'>$c</font>";
                        return $tdcolor;
                }
-               if ( &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){
+               if ( &Header::blue_used() && &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){
                        $tdcolor="<font style='color: $Header::colourblue;'>$c</font>";
                        return $tdcolor;
                }
-
+               if ("$sip/$scidr" eq "0.0.0.0/0"){
+                       $tdcolor="<font style='color: $Header::colourred;'>$c</font>";
+                       return $tdcolor;
+               }
                #Check if IP is part of OpenVPN N2N subnet
                foreach my $key (sort keys %ccdhost){
                        if ($ccdhost{$key}[3] eq 'net'){
@@ -1648,10 +1688,13 @@ sub getcolor
 
                #Check if IP is part of a IPsec N2N network
                foreach my $key (sort keys %ipsecconf){
-                       my ($a,$b) = split("/",$ipsecconf{$key}[11]);
-                       if (&General::IpInSubnet($sip,$a,$b)){
-                               $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
-                               return $tdcolor;
+                       if ($ipsecconf{$key}[11]){
+                               my ($a,$b) = split("/",$ipsecconf{$key}[11]);
+                               $b=&General::iporsubtodec($b);
+                               if (&General::IpInSubnet($sip,$a,$b)){
+                                       $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
+                                       return $tdcolor;
+                               }
                        }
                }
                return "$c";
@@ -1800,11 +1843,11 @@ sub viewtablegrp
                                print "$customgrp{$key}[2]</td>";
                        }
                        if ($ip eq '' && $customgrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
-                               print "<td align='center' $col>$Lang::tr{'fwhost deleted'}</td><td align='center' $col>$customgrp{$key}[3]</td><td width='1%' $col><form method='post'>";
+                               print "<td align='center' $col>$Lang::tr{'fwhost deleted'}</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
                        }else{
                                my ($colip,$colsub) = split("/",$ip);
-                               $ip="$colip/".&General::subtocidr($colsub) if ($colsub);
-                               print"<td align='center' $col>".&getcolor($ip)."</td><td align='center' $col>$customgrp{$key}[3]</td><td width='1%' $col><form method='post'>";
+                               $ip="$colip/".&General::iporsubtocidr($colsub) if ($colsub);
+                               print"<td align='center' $col>".&getcolor($ip)."</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
                        }
                        if ($delflag > 0 && $ip ne ''){
                                print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' />";
@@ -1815,8 +1858,7 @@ sub viewtablegrp
                                        }
                                }
                        }
-                       print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='grpcnt' value='$customgrp{$key}[4]'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
-                       
+                       print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
                        $helper=$customgrp{$key}[0];
                        $number++;
                }
@@ -2462,6 +2504,9 @@ sub getipforgroup
                        &General::readhash("${General::swroot}/vpn/settings",\%hash);
                        return $hash{'RW_NET'};
                }
+               if ($name eq 'RED'){
+                       return "0.0.0.0/0";
+               }
        }
 }
 sub decrease
IPFire 2.x development tree