]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - html/cgi-bin/iptables.cgi
projects / people / pmueller / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'core37'
[people/pmueller/ipfire-2.x.git] / html / cgi-bin / iptables.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 IPFire Team #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 require '/var/ipfire/general-functions.pl';
23 require "${General::swroot}/lang.pl";
24 require "${General::swroot}/header.pl";
25
26 #use warnings;
27 #use CGI::Carp 'fatalsToBrowser';
28
29 my $debug = 0;
30 my @iplines;
31 my $string = "";
32 my $lines = 0;
33 my @ipmanlines;
34 my $manlines = 0;
35 my @ipnatlines;
36 my $natlines = 0;
37 my %chains;
38 my %chainsman;
39 my %chainsnat;
40 my $chainname;
41 my $selectedchain;
42 my %netsettings = ();
43 my %cgiparams=();
44
45 &Header::getcgihash(\%cgiparams);
46
47 system('/usr/local/bin/getipstat');
48
49 &Header::showhttpheaders();
50 &Header::openpage($Lang::tr{'ipts'}, 1, '');
51 &Header::openbigbox('100%', 'LEFT');
52
53 # This debug is used to see what inputs are done via the cgi and
54 # what parameters are to be executed
55
56 if ( $debug ){
57 &Header::openbox('100%', 'center', 'DEBUG');
58 my $debugCount = 0;
59 foreach my $line (sort keys %cgiparams) {
60 print "$line = '$cgiparams{$line}'<br />\n";
61 $debugCount++;
62 }
63 print "&nbsp;Count: $debugCount\n";
64 &Header::closebox();
65 }
66
67 &Header::openbox('100%', 'LEFT', $Lang::tr{'ipts'}.':');
68
69 # If the cgi is called the first time the default chain is
70 # used, otherwise if user selected a chains in the selectboxes
71 # those one are displayed, it is possible to change all 3 at
72 # the same time
73
74 if ( $cgiparams{'selectedchain'} ne "" ){
75 my @multi = split(/\|/,$cgiparams{'selectedchain'});
76 $selectedchain = $multi[0];
77 } else {
78 $selectedchain = "INPUT";
79 }
80
81 print <<END
82
83 <DIV align='left'>
84 END
85 ;
86
87 # We´ll open the txt files and extract each line, if the line
88 # start with an Chain the the name, start- and endline of the
89 # chain is extracted into a hash
90
91 open (FILE, '/srv/web/ipfire/html/iptables.txt');
92 while (<FILE>){
93
94 $iplines[$lines] = $_;
95
96 if ( $_ =~ /^Chain/ ){
97
98 my @chainstring = split(/ /,$_);
99
100 if ( $chainname ne "" ){
101 $chains{$chainname."end"} = $lines-2;
102 }
103
104 $chainname = $chainstring[1];
105 $chains{$chainname."start"} = $lines;
106 }
107
108 $lines++;
109
110 }
111 close (FILE);
112
113 # now the chain hash is extracted to get the correct name of the chain
114 # all chains are displayed as a select box and can be choosen for display
115 # after this all corresponding lines for the chain are extraced and seperated
116 # into table rows, sometimes we need to handle leading blank so the offset is
117 # needed, some lines need to chomp trailing seperators. The interfaces and
118 # network addresses should be colorized by an extra function to make a nice
119 # colored gui
120
121 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
122 foreach (keys(%chains)){
123
124 if ( $_ =~ /end$/ ){
125 next;
126 } else {
127 $_ =~ s/start$//gi;
128 }
129
130 print " <option value='".$_;
131 if ( $_ eq $selectedchain ){
132 print "' selected='selected' >".$_."</option>\n";
133 } else {
134 print "'>".$_."</option>\n";
135 }
136 }
137 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
138
139 $string = $iplines[$chains{$selectedchain."start"}];
140 $string =~ s/\s$//gi;
141
142 print "<strong>".$string."</strong><br />\n\n";
143 print "<table width='100%' cellspacing='1'>\n<tr>\n";
144 foreach (split(/ +/,$iplines[$chains{$selectedchain."start"}+1])){
145 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
146 print " <th align='left'><strong>".$_."</strong></th>\n";
147 }
148
149 print "</tr>\n";
150
151 print "<tr>\n";
152 print " <td width='0'></td>\n <td width='35'></td>\n <td width='35'></td>\n";
153 print " <td width='130'></td>\n <td width='30'></td>\n";
154 print " <td width='30'></td>\n <td width='40'></td>\n";
155 print " <td width='40'></td>\n <td width='95'></td>\n";
156 print " <td width='95'></td>\n <td width='260'></td>\n";
157 print "</tr>\n";
158
159
160 for(my $i = $chains{$selectedchain."start"}+2; $i <= $chains{$selectedchain."end"}; $i++) {
161 print "<tr>\n";
162
163 my @iptablesline = split(/ +/,$iplines[$i]);
164 my $offset=0;
165
166 if ( $iptablesline[0] eq "" ){
167 $offset=1;
168 }
169
170 print " <td></td>\n <td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
171 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
172 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header::colorize($iptablesline[5+$offset])."</td>\n";
173 print " <td>".&Header::colorize($iptablesline[6+$offset])."</td>\n";
174 print " <td>".&Header::colorize($iptablesline[7+$offset])."</td>\n";
175 print " <td>".&Header::colorize($iptablesline[8+$offset])."</td>\n <td>";
176
177 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
178 $string = $iptablesline[$i];
179 $string =~ s/\s$//gi;
180 print " ".$string;
181 }
182 print "</td>\n</tr>\n";
183 }
184 print "</table></DIV><br />";
185 &Header::closebox();
186
187 ## MANGLE
188 &Header::openbox('100%', 'LEFT', $Lang::tr{'iptmangles'}.':');
189
190 # If the cgi is called the first time the default chain is
191 # used, otherwise if user selected a chains in the selectboxes
192 # those one are displayed, it is possible to change all 3 at
193 # the same time
194
195 if ( $cgiparams{'selectedchain'} ne "" ){
196 my @multi = split(/\|/,$cgiparams{'selectedchain'});
197 $selectedchain = $multi[1];
198 } else {
199 $selectedchain = "PREROUTING";
200 }
201
202 print <<END
203
204 <DIV align='left'>
205 END
206 ;
207
208 # We´ll open the txt files and extract each line, if the line
209 # start with an Chain the the name, start- and endline of the
210 # chain is extracted into a hash
211
212 open (FILE, '/srv/web/ipfire/html/iptablesmangle.txt');
213 while (<FILE>){
214
215 $ipmlines[$manlines] = $_;
216
217 if ( $_ =~ /^Chain/ ){
218
219 my @chainstring = split(/ /,$_);
220
221 if ( $chainname ne "" ){
222 $chainsman{$chainname."end"} = $manlines-2;
223 }
224
225 $chainname = $chainstring[1];
226 $chainsman{$chainname."start"} = $manlines;
227 }
228
229 $manlines++;
230
231 }
232 close (FILE);
233
234 # now the chain hash is extracted to get the correct name of the chain
235 # all chains are displayed as a select box and can be choosen for display
236 # after this all corresponding lines for the chain are extraced and seperated
237 # into table rows, sometimes we need to handle leading blank so the offset is
238 # needed, some lines need to chomp trailing seperators. The interfaces and
239 # network addresses should be colorized by an extra function to make a nice
240 # colored gui
241
242 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
243 foreach (keys(%chainsman)){
244
245 if ( $_ =~ /end$/ ){
246 next;
247 } else {
248 $_ =~ s/start$//gi;
249 }
250
251 print " <option value='".$_;
252 if ( $_ eq $selectedchain ){
253 print "' selected='selected' >".$_."</option>\n";
254 } else {
255 print "'>".$_."</option>\n";
256 }
257 }
258 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
259
260 $string = $ipmanlines[$chainsman{$selectedchain."start"}];
261 $string =~ s/\s$//gi;
262
263 print "<strong>".$string."</strong><br />\n\n";
264 print "<table width='100%' cellspacing='1'>\n<tr>\n";
265 foreach (split(/ +/,$ipmlines[$chainsman{$selectedchain."start"}+1])){
266 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
267 print " <th align='left'><strong>".$_."</strong></th>\n";
268 }
269
270 print "</tr>\n";
271
272 print "<tr>\n";
273 print " <td width='0'></td>\n <td width='35'></td>\n <td width='35'></td>\n";
274 print " <td width='130'></td>\n <td width='30'></td>\n";
275 print " <td width='30'></td>\n <td width='40'></td>\n";
276 print " <td width='40'></td>\n <td width='95'></td>\n";
277 print " <td width='95'></td>\n <td width='260'></td>\n";
278 print "</tr>\n";
279
280 for(my $i = $chainsman{$selectedchain."start"}+2; $i <= $chainsman{$selectedchain."end"}; $i++) {
281 print "<tr>\n";
282 my @iptablesline = split(/ +/,$ipmlines[$i]);
283 my $offset=0;
284
285 if ( $iptablesline[0] eq "" ){
286 $offset=1;
287 }
288
289 print " <td></td>\n <td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
290 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
291 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header::colorize($iptablesline[5+$offset])."</td>\n";
292 print " <td>".&Header::colorize($iptablesline[6+$offset])."</td>\n";
293 print " <td>".&Header::colorize($iptablesline[7+$offset])."</td>\n";
294 print " <td>".&Header::colorize($iptablesline[8+$offset])."</td>\n <td>";
295
296 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
297 $string = $iptablesline[$i];
298 $string =~ s/\s$//gi;
299
300 # mangles with marks need to be converted from hex to number to show the correct qos class
301
302 if ( $string =~ /^0x/){
303 $string = hex($string);
304 }
305
306 print " ".$string;
307 }
308 print "</td>\n</tr>\n";
309 }
310 print "</table></DIV><br />";
311 &Header::closebox();
312
313 ## NAT
314 &Header::openbox('100%', 'LEFT', $Lang::tr{'iptnats'}.':');
315
316 # If the cgi is called the first time the default chain is
317 # used, otherwise if user selected a chains in the selectboxes
318 # those one are displayed, it is possible to change all 3 at
319 # the same time
320
321 if ( $cgiparams{'selectedchain'} ne "" ){
322 my @multi = split(/\|/,$cgiparams{'selectedchain'});
323 $selectedchain = $multi[2];
324 } else {
325 $selectedchain = "PREROUTING";
326 }
327
328 print <<END
329
330 <DIV align='left'>
331 END
332 ;
333
334 # We´ll open the txt files and extract each line, if the line
335 # start with an Chain the the name, start- and endline of the
336 # chain is extracted into a hash
337
338 open (FILE, '/srv/web/ipfire/html/iptablesnat.txt');
339 while (<FILE>){
340
341 $ipnatlines[$natlines] = $_;
342
343 if ( $_ =~ /^Chain/ ){
344
345 my @chainstring = split(/ /,$_);
346
347 if ( $chainname ne "" ){
348 $chainsnat{$chainname."end"} = $natlines-2;
349 }
350
351 $chainname = $chainstring[1];
352 $chainsnat{$chainname."start"} = $natlines;
353 }
354
355 $natlines++;
356
357 }
358 close (FILE);
359
360 # now the chain hash is extracted to get the correct name of the chain
361 # all chains are displayed as a select box and can be choosen for display
362 # after this all corresponding lines for the chain are extraced and seperated
363 # into table rows, sometimes we need to handle leading blank so the offset is
364 # needed, some lines need to chomp trailing seperators. The interfaces and
365 # network addresses should be colorized by an extra function to make a nice
366 # colored gui
367
368 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
369 foreach (keys(%chainsnat)){
370
371 if ( $_ =~ /end$/ ){
372 next;
373 } else {
374 $_ =~ s/start$//gi;
375 }
376
377 print " <option value='".$_;
378 if ( $_ eq $selectedchain ){
379 print "' selected='selected' >".$_."</option>\n";
380 } else {
381 print "'>".$_."</option>\n";
382 }
383 }
384 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
385
386 $string = $ipnatlines[$chainsnat{$selectedchain."start"}];
387 $string =~ s/\s$//gi;
388
389 print "<strong>".$string."</strong><br />\n\n";
390 print "<table width='100%' cellspacing='1'>\n<tr>\n";
391 foreach (split(/ +/,$ipnatlines[$chainsnat{$selectedchain."start"}+1])){
392 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
393 print "<th align='left'><strong>".$_."</strong></th>\n";
394 }
395
396 print "</tr>\n";
397
398 print "<tr>\n";
399 print " <td width='0'></td>\n <td width='35'></td>\n <td width='35'></td>\n";
400 print " <td width='130'></td>\n <td width='30'></td>\n";
401 print " <td width='30'></td>\n <td width='40'></td>\n";
402 print " <td width='40'></td>\n <td width='95'></td>\n";
403 print " <td width='95'></td>\n <td width='260'></td>\n";
404 print "</tr>\n";
405
406 for(my $i = $chainsnat{$selectedchain."start"}+2; $i <= $chainsnat{$selectedchain."end"}; $i++) {
407 print "<tr>\n";
408 my @iptablesline = split(/ +/,$ipnatlines[$i]);
409 my $offset=0;
410
411 if ( $iptablesline[0] eq "" ){
412 $offset=1;
413 }
414
415 print " <td></td>\n<td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
416 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
417 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header::colorize($iptablesline[5+$offset])."</td>\n";
418 print " <td>".&Header::colorize($iptablesline[6+$offset])."</td>\n";
419 print " <td>".&Header::colorize($iptablesline[7+$offset])."</td>\n";
420 print " <td>".&Header::colorize($iptablesline[8+$offset])."</td>\n <td>";
421
422 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
423 $string = $iptablesline[$i];
424 $string =~ s/\s$//gi;
425 print " ".$string;
426 }
427 print "</td>\n</tr>\n";
428 }
429 print "</table></DIV><br />";
430 &Header::closebox();
431 &Header::closebigbox();
432 &Header::closepage();
433
434 system(rm -f "/srv/web/ipfire/html/iptables.txt");
435 system(rm -f "/srv/web/ipfire/html/iptablesmangle.txt");
436 system(rm -f "/srv/web/ipfire/html/iptablesnat.txt");
Peter's tree of IPFire 2.x