]>
git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - html/cgi-bin/iptables.cgi
2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 IPFire Team #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 require '/var/ipfire/general-functions.pl';
23 require "${General::swroot}/lang.pl";
24 require "${General::swroot}/header.pl";
27 #use CGI::Carp 'fatalsToBrowser';
45 &Header
::getcgihash
(\
%cgiparams);
47 &Header
::showhttpheaders
();
48 &Header
::openpage
($Lang::tr
{'ipts'}, 1, '');
49 &Header
::openbigbox
('100%', 'LEFT');
51 # This debug is used to see what inputs are done via the cgi and
52 # what parameters are to be executed
55 &Header
::openbox
('100%', 'center', 'DEBUG');
57 foreach my $line (sort keys %cgiparams) {
58 print "$line = '$cgiparams{$line}'<br />\n";
61 print " Count: $debugCount\n";
65 &Header
::openbox
('100%', 'LEFT', $Lang::tr
{'ipts'}.':');
67 # If the cgi is called the first time the default chain is
68 # used, otherwise if user selected a chains in the selectboxes
69 # those one are displayed, it is possible to change all 3 at
72 if ( $cgiparams{'selectedchain'} ne "" ){
73 my @multi = split(/\|/,$cgiparams{'selectedchain'});
74 $selectedchain = $multi[0];
76 $selectedchain = "INPUT";
85 # We´ll get iptables output and examine each line, if the line
86 # start with an Chain the the name, start- and endline of the
87 # chain is extracted into a hash
89 open (FILE
, '/usr/local/bin/getipstat | ');
92 $iplines[$lines] = $_;
94 if ( $_ =~ /^Chain/ ){
96 my @chainstring = split(/ /,$_);
98 if ( $chainname ne "" ){
99 $chains{$chainname."end"} = $lines-2;
102 $chainname = $chainstring[1];
103 $chains{$chainname."start"} = $lines;
109 $chains{$chainname."end"} = $lines-1;
112 # now the chain hash is extracted to get the correct name of the chain
113 # all chains are displayed as a select box and can be choosen for display
114 # after this all corresponding lines for the chain are extraced and seperated
115 # into table rows, sometimes we need to handle leading blank so the offset is
116 # needed, some lines need to chomp trailing seperators. The interfaces and
117 # network addresses should be colorized by an extra function to make a nice
120 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
121 foreach (sort(keys(%chains))){
129 print " <option value='".$_;
130 if ( $_ eq $selectedchain ){
131 print "' selected='selected' >".$_."</option>\n";
133 print "'>".$_."</option>\n";
136 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
138 $string = $iplines[$chains{$selectedchain."start"}];
139 $string =~ s/\s$//gi;
141 print "<strong>".$string."</strong><br />\n\n";
142 print "<table width='100%' cellspacing='1'>\n<tr>\n";
143 foreach (split(/ +/,$iplines[$chains{$selectedchain."start"}+1])){
144 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
145 print " <th align='left'><strong>".$_."</strong></th>\n";
151 print " <td width='0'></td>\n <td width='60'></td>\n <td width='60'></td>\n";
152 print " <td width='150'></td>\n <td width='30'></td>\n";
153 print " <td width='30'></td>\n <td width='40'></td>\n";
154 print " <td width='40'></td>\n <td width='95'></td>\n";
155 print " <td width='95'></td>\n <td width='260'></td>\n";
159 for(my $i = $chains{$selectedchain."start"}+2; $i <= $chains{$selectedchain."end"}; $i++) {
162 my @iptablesline = split(/ +/,$iplines[$i]);
165 if ( $iptablesline[0] eq "" ){
169 print " <td></td>\n <td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
170 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
171 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header
::colorize
($iptablesline[5+$offset])."</td>\n";
172 print " <td>".&Header
::colorize
($iptablesline[6+$offset])."</td>\n";
173 print " <td>".&Header
::colorize
($iptablesline[7+$offset])."</td>\n";
174 print " <td>".&Header
::colorize
($iptablesline[8+$offset])."</td>\n <td>";
176 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
177 $string = $iptablesline[$i];
178 $string =~ s/\s$//gi;
181 print "</td>\n</tr>\n";
183 print "</table></div><br />";
187 &Header
::openbox
('100%', 'LEFT', $Lang::tr
{'iptmangles'}.':');
189 # If the cgi is called the first time the default chain is
190 # used, otherwise if user selected a chains in the selectboxes
191 # those one are displayed, it is possible to change all 3 at
194 if ( $cgiparams{'selectedchain'} ne "" ){
195 my @multi = split(/\|/,$cgiparams{'selectedchain'});
196 $selectedchain = $multi[1];
198 $selectedchain = "PREROUTING";
207 # We´ll get iptables output and examine each line, if the line
208 # start with an Chain the the name, start- and endline of the
209 # chain is extracted into a hash
211 open (FILE
, '/usr/local/bin/getipstat -m | ');
214 $ipmlines[$manlines] = $_;
216 if ( $_ =~ /^Chain/ ){
218 my @chainstring = split(/ /,$_);
220 if ( $chainname ne "" ){
221 $chainsman{$chainname."end"} = $manlines-2;
224 $chainname = $chainstring[1];
225 $chainsman{$chainname."start"} = $manlines;
231 $chainsman{$chainname."end"} = $manlines-1;
234 # now the chain hash is extracted to get the correct name of the chain
235 # all chains are displayed as a select box and can be choosen for display
236 # after this all corresponding lines for the chain are extraced and seperated
237 # into table rows, sometimes we need to handle leading blank so the offset is
238 # needed, some lines need to chomp trailing seperators. The interfaces and
239 # network addresses should be colorized by an extra function to make a nice
242 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
243 foreach (sort(keys(%chainsman))){
251 print " <option value='".$_;
252 if ( $_ eq $selectedchain ){
253 print "' selected='selected' >".$_."</option>\n";
255 print "'>".$_."</option>\n";
258 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
260 $string = $ipmanlines[$chainsman{$selectedchain."start"}];
261 $string =~ s/\s$//gi;
263 print "<strong>".$string."</strong><br />\n\n";
264 print "<table width='100%' cellspacing='1'>\n<tr>\n";
265 foreach (split(/ +/,$ipmlines[$chainsman{$selectedchain."start"}+1])){
266 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
267 print " <th align='left'><strong>".$_."</strong></th>\n";
273 print " <td width='0'></td>\n <td width='60'></td>\n <td width='60'></td>\n";
274 print " <td width='150'></td>\n <td width='30'></td>\n";
275 print " <td width='30'></td>\n <td width='40'></td>\n";
276 print " <td width='40'></td>\n <td width='95'></td>\n";
277 print " <td width='95'></td>\n <td width='260'></td>\n";
280 for(my $i = $chainsman{$selectedchain."start"}+2; $i <= $chainsman{$selectedchain."end"}; $i++) {
282 my @iptablesline = split(/ +/,$ipmlines[$i]);
285 if ( $iptablesline[0] eq "" ){
289 print " <td></td>\n <td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
290 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
291 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header
::colorize
($iptablesline[5+$offset])."</td>\n";
292 print " <td>".&Header
::colorize
($iptablesline[6+$offset])."</td>\n";
293 print " <td>".&Header
::colorize
($iptablesline[7+$offset])."</td>\n";
294 print " <td>".&Header
::colorize
($iptablesline[8+$offset])."</td>\n <td>";
296 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
297 $string = $iptablesline[$i];
298 $string =~ s/\s$//gi;
300 # mangles with marks need to be converted from hex to number to show the correct qos class
302 if ( $string =~ /^0x/){
303 $string = hex($string);
308 print "</td>\n</tr>\n";
310 print "</table></div><br />";
314 &Header
::openbox
('100%', 'LEFT', $Lang::tr
{'iptnats'}.':');
316 # If the cgi is called the first time the default chain is
317 # used, otherwise if user selected a chains in the selectboxes
318 # those one are displayed, it is possible to change all 3 at
321 if ( $cgiparams{'selectedchain'} ne "" ){
322 my @multi = split(/\|/,$cgiparams{'selectedchain'});
323 $selectedchain = $multi[2];
325 $selectedchain = "PREROUTING";
334 # We´ll get iptables output and examine each line, if the line
335 # start with an Chain the the name, start- and endline of the
336 # chain is extracted into a hash
338 open (FILE
, '/usr/local/bin/getipstat -n | ');
341 $ipnatlines[$natlines] = $_;
343 if ( $_ =~ /^Chain/ ){
345 my @chainstring = split(/ /,$_);
347 if ( $chainname ne "" ){
348 $chainsnat{$chainname."end"} = $natlines-2;
351 $chainname = $chainstring[1];
352 $chainsnat{$chainname."start"} = $natlines;
358 $chainsnat{$chainname."end"} = $natlines-1;
361 # now the chain hash is extracted to get the correct name of the chain
362 # all chains are displayed as a select box and can be choosen for display
363 # after this all corresponding lines for the chain are extraced and seperated
364 # into table rows, sometimes we need to handle leading blank so the offset is
365 # needed, some lines need to chomp trailing seperators. The interfaces and
366 # network addresses should be colorized by an extra function to make a nice
369 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n<select name='selectedchain' style='width: 250px'>\n";
370 foreach (sort(keys(%chainsnat))){
378 print " <option value='".$_;
379 if ( $_ eq $selectedchain ){
380 print "' selected='selected' >".$_."</option>\n";
382 print "'>".$_."</option>\n";
385 print "</select><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /><form><br /><br />\n\n";
387 $string = $ipnatlines[$chainsnat{$selectedchain."start"}];
388 $string =~ s/\s$//gi;
390 print "<strong>".$string."</strong><br />\n\n";
391 print "<table width='100%' cellspacing='1'>\n<tr>\n";
392 foreach (split(/ +/,$ipnatlines[$chainsnat{$selectedchain."start"}+1])){
393 if ( $_ =~ /[^a-zA-Z]/ ){chomp($_);}
394 print "<th align='left'><strong>".$_."</strong></th>\n";
400 print " <td width='0'></td>\n <td width='60'></td>\n <td width='60'></td>\n";
401 print " <td width='150'></td>\n <td width='30'></td>\n";
402 print " <td width='30'></td>\n <td width='40'></td>\n";
403 print " <td width='40'></td>\n <td width='95'></td>\n";
404 print " <td width='95'></td>\n <td width='260'></td>\n";
407 for(my $i = $chainsnat{$selectedchain."start"}+2; $i <= $chainsnat{$selectedchain."end"}; $i++) {
409 my @iptablesline = split(/ +/,$ipnatlines[$i]);
412 if ( $iptablesline[0] eq "" ){
416 print " <td></td>\n<td>".$iptablesline[0+$offset]."</td>\n <td>".$iptablesline[1+$offset]."</td>\n";
417 print " <td>".$iptablesline[2+$offset]."</td>\n <td>".$iptablesline[3+$offset]."</td>\n";
418 print " <td>".$iptablesline[4+$offset]."</td>\n <td>".&Header
::colorize
($iptablesline[5+$offset])."</td>\n";
419 print " <td>".&Header
::colorize
($iptablesline[6+$offset])."</td>\n";
420 print " <td>".&Header
::colorize
($iptablesline[7+$offset])."</td>\n";
421 print " <td>".&Header
::colorize
($iptablesline[8+$offset])."</td>\n <td>";
423 for (my $i=9+$offset; $i <= $#iptablesline; $i++){
424 $string = $iptablesline[$i];
425 $string =~ s/\s$//gi;
428 print "</td>\n</tr>\n";
430 print "</table></div><br />";
432 &Header
::closebigbox
();
433 &Header
::closepage
();