my $fwconfiginp = "${General::swroot}/firewall/input";
my $fwconfigout = "${General::swroot}/firewall/outgoing";
my $configovpn = "${General::swroot}/ovpn/settings";
-my $tdcolor='';
my $configipsecrw = "${General::swroot}/vpn/settings";
unless (-e $confignet) { system("touch $confignet"); }
$errormessage=$errormessage.$Lang::tr{'fwhost err sub32'};
}
if($fwhostsettings{'error'} ne 'on'){
- #check if we use one of ipfire's networks (green,orange,blue)
- if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($fwhostsettings{'IP'},$ownnet{'GREEN_NETADDRESS'},$ownnet{'GREEN_NETMASK'}))
- {
- $errormessage=$errormessage.$Lang::tr{'ccd err green'}."<br>";
- $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
- if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}='editnet';}
- }
- if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($fwhostsettings{'IP'},$ownnet{'ORANGE_NETADDRESS'},$ownnet{'ORANGE_NETMASK'}))
- {
- $errormessage=$errormessage.$Lang::tr{'ccd err orange'}."<br>";
- $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
- if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}='editnet';}
- }
- if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($fwhostsettings{'IP'},$ownnet{'BLUE_NETADDRESS'},$ownnet{'BLUE_NETMASK'}))
- {
- $errormessage=$errormessage.$Lang::tr{'ccd err blue'}."<br>";
- $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
- if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}='editnet';}
- }
- if (($ownnet{'RED_NETADDRESS'} ne '' && $ownnet{'RED_NETADDRESS'} ne '0.0.0.0') && &General::IpInSubnet($fwhostsettings{'IP'},$ownnet{'RED_NETADDRESS'},$ownnet{'RED_NETMASK'}))
- {
- $errormessage=$errormessage.$Lang::tr{'ccd err red'}."<br>";
- $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
- if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}='editnet';}
- }
+ my $fullip="$fwhostsettings{'IP'}/".&General::iporsubtocidr($fwhostsettings{'SUBNET'});
+ $errormessage=$errormessage.&General::checksubnets($fwhostsettings{'HOSTNAME'},$fullip,"");
}
#only check plausi when no error till now
if (!$errormessage){
&plausicheck("editnet");
}
- #check if network ip is part of an already used one
- if(&checksubnet(\%customnetwork))
- {
- $errormessage=$errormessage.$Lang::tr{'fwhost err partofnet'};
- $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
- }
if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newnet'} ne 'on' && $errormessage)
{
$fwhostsettings{'actualize'} = '';
$customnetwork{$key}[3] = $fwhostsettings{'orgnetremark'};
&General::writehasharray("$confignet", \%customnetwork);
undef %customnetwork;
- }
+ }
if (!$errormessage){
-
&General::readhasharray("$confignet", \%customnetwork);
if ($fwhostsettings{'ACTION'} eq 'updatenet'){
if ($fwhostsettings{'update'} == '0'){
&General::writehasharray("$fwconfiginp", \%fwinp);
}
}
- }
+ }
my $key = &General::findhasharraykey (\%customnetwork);
foreach my $i (0 .. 3) { $customnetwork{$key}[$i] = "";}
$fwhostsettings{'SUBNET'} = &General::iporsubtocidr($fwhostsettings{'SUBNET'});
}
&addnet;
&viewtablenet;
- }else {
+ }else{
+ $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
&addnet;
&viewtablenet;
}
}
}
}
- if ($tcpcounter > 15){
+ if ($tcpcounter > 14){
$errormessage=$Lang::tr{'fwhost err maxservicetcp'};
}
- if ($udpcounter > 15){
+ if ($udpcounter > 14){
$errormessage=$Lang::tr{'fwhost err maxserviceudp'};
}
$tcpcounter=0;
}
&General::writehasharray("$configgrp", \%customgrp);
&General::firewall_config_changed();
- if ($fwhostsettings{'grpcnt'} > 0){
- &General::firewall_config_changed();
- }
if ($fwhostsettings{'update'} eq 'on'){
$fwhostsettings{'remark'}= $grpremark;
$fwhostsettings{'grp_name'}=$grpname;
my $c=shift;
my $sip;
my $scidr;
+ my $tdcolor='';
#Check if MAC
if (&General::validmac($c)){ return $c;}
}
#Now check if IP is part of ORANGE,BLUE or GREEN
- if ( &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){
+ if ( &Header::orange_used() && &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){
$tdcolor="<font style='color: $Header::colourorange;'>$c</font>";
return $tdcolor;
}
$tdcolor="<font style='color: $Header::colourgreen;'>$c</font>";
return $tdcolor;
}
- if ( &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){
+ if ( &Header::blue_used() && &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){
$tdcolor="<font style='color: $Header::colourblue;'>$c</font>";
return $tdcolor;
}
-
+ if ("$sip/$scidr" eq "0.0.0.0/0"){
+ $tdcolor="<font style='color: $Header::colourred;'>$c</font>";
+ return $tdcolor;
+ }
#Check if IP is part of OpenVPN N2N subnet
foreach my $key (sort keys %ccdhost){
if ($ccdhost{$key}[3] eq 'net'){
#Check if IP is part of a IPsec N2N network
foreach my $key (sort keys %ipsecconf){
- my ($a,$b) = split("/",$ipsecconf{$key}[11]);
- if (&General::IpInSubnet($sip,$a,$b)){
- $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
- return $tdcolor;
+ if ($ipsecconf{$key}[11]){
+ my ($a,$b) = split("/",$ipsecconf{$key}[11]);
+ $b=&General::iporsubtodec($b);
+ if (&General::IpInSubnet($sip,$a,$b)){
+ $tdcolor="<font style='color: $Header::colourvpn;'>$c</font>";
+ return $tdcolor;
+ }
}
}
return "$c";
print "$customgrp{$key}[2]</td>";
}
if ($ip eq '' && $customgrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
- print "<td align='center' $col>$Lang::tr{'fwhost deleted'}</td><td align='center' $col>$customgrp{$key}[3]</td><td width='1%' $col><form method='post'>";
+ print "<td align='center' $col>$Lang::tr{'fwhost deleted'}</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
}else{
my ($colip,$colsub) = split("/",$ip);
- $ip="$colip/".&General::subtocidr($colsub) if ($colsub);
- print"<td align='center' $col>".&getcolor($ip)."</td><td align='center' $col>$customgrp{$key}[3]</td><td width='1%' $col><form method='post'>";
+ $ip="$colip/".&General::iporsubtocidr($colsub) if ($colsub);
+ print"<td align='center' $col>".&getcolor($ip)."</td><td align='center' $col>$Lang::tr{'fwhost '.$customgrp{$key}[3]}</td><td width='1%' $col><form method='post'>";
}
if ($delflag > 0 && $ip ne ''){
print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' />";
}
}
}
- print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='grpcnt' value='$customgrp{$key}[4]'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
-
+ print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
$helper=$customgrp{$key}[0];
$number++;
}
&General::readhash("${General::swroot}/vpn/settings",\%hash);
return $hash{'RW_NET'};
}
+ if ($name eq 'RED'){
+ return "0.0.0.0/0";
+ }
}
}
sub decrease
projects / ipfire-2.x.git / blobdiff