]>
git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - html/cgi-bin/outgoingfw.cgi
5 # This code is distributed under the terms of the GPL
11 # enable only the following on debugging purpose
13 use CGI
:: Carp
'fatalsToBrowser' ;
15 require '/var/ipfire/general-functions.pl' ;
16 require "${General::swroot}/lang.pl" ;
17 require "${General::swroot}/header.pl" ;
19 my %outfwsettings = ();
23 my $errormessage = "" ;
31 my $configfile = "/var/ipfire/outgoing/rules" ;
32 my $p2pfile = "/var/ipfire/outgoing/p2protocols" ;
34 & General
:: readhash
( "${General::swroot}/ethernet/settings" , \
%netsettings );
36 & Header
:: showhttpheaders
();
38 ### Values that have to be initialized
39 $outfwsettings { 'ACTION' } = '' ;
40 $outfwsettings { 'VALID' } = 'yes' ;
41 $outfwsettings { 'EDIT' } = 'no' ;
42 $outfwsettings { 'NAME' } = '' ;
43 $outfwsettings { 'SNET' } = '' ;
44 $outfwsettings { 'SIP' } = '' ;
45 $outfwsettings { 'SPORT' } = '' ;
46 $outfwsettings { 'SMAC' } = '' ;
47 $outfwsettings { 'DIP' } = '' ;
48 $outfwsettings { 'DPORT' } = '' ;
49 $outfwsettings { 'PROT' } = '' ;
50 $outfwsettings { 'STATE' } = '' ;
51 $outfwsettings { 'DISPLAY_DIP' } = '' ;
52 $outfwsettings { 'DISPLAY_DPORT' } = '' ;
53 $outfwsettings { 'DISPLAY_SMAC' } = '' ;
54 $outfwsettings { 'DISPLAY_SIP' } = '' ;
56 & General
:: readhash
( "${General::swroot}/outgoing/settings" , \
%outfwsettings );
57 & Header
:: getcgihash
( \
%outfwsettings );
59 if ( $outfwsettings { 'POLICY' } eq 'MODE0' ){ $selected { 'POLICY' }{ 'MODE0' } = 'selected' ; } else { $selected { 'POLICY' }{ 'MODE0' } = '' ; }
60 if ( $outfwsettings { 'POLICY' } eq 'MODE1' ){ $selected { 'POLICY' }{ 'MODE1' } = 'selected' ; } else { $selected { 'POLICY' }{ 'MODE1' } = '' ; }
61 if ( $outfwsettings { 'POLICY' } eq 'MODE2' ){ $selected { 'POLICY' }{ 'MODE2' } = 'selected' ; } else { $selected { 'POLICY' }{ 'MODE2' } = '' ; }
63 & Header
:: openpage
( 'Ausgehende Firewall' , 1 , '' );
66 <script type="text/javascript">
68 function BorderOn (id) { id.className='btnOn' }
69 function BorderOff(id) { id.className='btnOff' }
74 border-right: #D5F0FF 2px Inset;
75 border-top: #D5F0FF 2px Inset;
76 border-left: #D5F0FF 2px Inset;
77 border-bottom: #D5F0FF 2px Inset;
79 text-decoration: None;
80 background-color: #FFFFFF;
83 border-right: #D5F0FF 2px Outset;
84 border-top: #D5F0FF 2px Outset;
85 border-left: #D5F0FF 2px Outset;
86 border-bottom: #D5F0FF 2px Outset;
88 text-decoration: None;
89 background-color: #FFFFFF;
95 & Header
:: openbigbox
( '100%' , 'left' , '' , $errormessage );
97 ############################################################################################################################
98 ############################################################################################################################
100 if ( $outfwsettings { 'ACTION' } eq $Lang :: tr
{ 'reset' })
102 $outfwsettings { 'POLICY' }= 'MODE0' ;
104 system ( "/bin/touch $configfile " );
105 & General
:: writehash
( "${General::swroot}/outgoing/settings" , \
%outfwsettings );
107 if ( $outfwsettings { 'ACTION' } eq $Lang :: tr
{ 'save' })
109 & General
:: writehash
( "${General::swroot}/outgoing/settings" , \
%outfwsettings );
111 if ( $outfwsettings { 'ACTION' } eq 'enable' )
113 open ( FILE
, "< $p2pfile " ) or die "Unable to read $p2pfile " ;
116 open ( FILE
, "> $p2pfile " ) or die "Unable to write $p2pfile " ;
117 foreach $p2pentry ( sort @p2ps )
119 @p2pline = split ( /\;/ , $p2pentry );
120 if ( $p2pline [ 1 ] eq $outfwsettings { 'P2PROT' }) {
121 print FILE
" $p2pline [0]; $p2pline [1];on; \n " ;
123 print FILE
" $p2pline [0]; $p2pline [1]; $p2pline [2]; \n " ;
128 if ( $outfwsettings { 'ACTION' } eq 'disable' )
130 open ( FILE
, "< $p2pfile " ) or die "Unable to read $p2pfile " ;
133 open ( FILE
, "> $p2pfile " ) or die "Unable to write $p2pfile " ;
134 foreach $p2pentry ( sort @p2ps )
136 @p2pline = split ( /\;/ , $p2pentry );
137 if ( $p2pline [ 1 ] eq $outfwsettings { 'P2PROT' }) {
138 print FILE
" $p2pline [0]; $p2pline [1];off; \n " ;
140 print FILE
" $p2pline [0]; $p2pline [1]; $p2pline [2]; \n " ;
145 if ( $outfwsettings { 'ACTION' } eq $Lang :: tr
{ 'edit' })
147 open ( FILE
, "< $configfile " ) or die "Unable to read $configfile " ;
150 open ( FILE
, "> $configfile " ) or die "Unable to write $configfile " ;
151 foreach $configentry ( sort @configs )
153 @configline = split ( /\;/ , $configentry );
154 unless (( $configline [ 0 ] eq $outfwsettings { 'STATE' }) &&
155 ( $configline [ 1 ] eq $outfwsettings { 'ENABLED' }) &&
156 ( $configline [ 2 ] eq $outfwsettings { 'SNET' }) &&
157 ( $configline [ 3 ] eq $outfwsettings { 'PROT' }) &&
158 ( $configline [ 4 ] eq $outfwsettings { 'NAME' }) &&
159 ( $configline [ 5 ] eq $outfwsettings { 'SIP' }) &&
160 ( $configline [ 6 ] eq $outfwsettings { 'SMAC' }) &&
161 ( $configline [ 7 ] eq $outfwsettings { 'DIP' }) &&
162 ( $configline [ 8 ] eq $outfwsettings { 'DPORT' }))
164 print FILE
$configentry ;
169 & Header
:: closebigbox
();
170 & Header
:: closepage
();
173 if ( $outfwsettings { 'ACTION' } eq $Lang :: tr
{ 'delete' })
175 open ( FILE
, "< $configfile " ) or die "Unable to read $configfile " ;
178 open ( FILE
, "> $configfile " ) or die "Unable to write $configfile " ;
179 foreach $configentry ( sort @configs )
181 @configline = split ( /\;/ , $configentry );
182 unless (( $configline [ 0 ] eq $outfwsettings { 'STATE' }) &&
183 ( $configline [ 1 ] eq $outfwsettings { 'ENABLED' }) &&
184 ( $configline [ 2 ] eq $outfwsettings { 'SNET' }) &&
185 ( $configline [ 3 ] eq $outfwsettings { 'PROT' }) &&
186 ( $configline [ 4 ] eq $outfwsettings { 'NAME' }) &&
187 ( $configline [ 5 ] eq $outfwsettings { 'SIP' }) &&
188 ( $configline [ 6 ] eq $outfwsettings { 'SMAC' }) &&
189 ( $configline [ 7 ] eq $outfwsettings { 'DIP' }) &&
190 ( $configline [ 8 ] eq $outfwsettings { 'DPORT' }))
192 print FILE
$configentry ;
197 if ( $outfwsettings { 'ACTION' } eq $Lang :: tr
{ 'add' })
199 if ( $outfwsettings { 'VALID' } eq 'yes' ) {
200 open ( FILE
, ">> $configfile " ) or die "Unable to write $configfile " ;
202 $outfwsettings {'STATE'}; $outfwsettings {'ENABLED'}; $outfwsettings {'SNET'}; $outfwsettings {'PROT'}; $outfwsettings {'NAME'}; $outfwsettings {'SIP'}; $outfwsettings {'SMAC'}; $outfwsettings {'DIP'}; $outfwsettings {'DPORT'};
207 $outfwsettings { 'ACTION' } = 'Regel hinzufuegen' ;
210 if ( $outfwsettings { 'ACTION' } eq 'Regel hinzufuegen' )
216 & General
:: readhash
( "${General::swroot}/outgoing/settings" , \
%outfwsettings );
219 & Header
:: openbox
( '100%' , 'left' , $Lang :: tr
{ 'error messages' });
220 print "<class name='base'> $errormessage \n " ;
221 print " </class> \n " ;
225 ############################################################################################################################
226 ############################################################################################################################
228 if ( $outfwsettings { 'POLICY' } ne 'MODE0' ){
229 & Header
:: openbox
( '100%' , 'center' , 'Rules' );
231 <form method='post' action=' $ENV {'SCRIPT_NAME'}'>
232 <input type='submit' name='ACTION' class='btnOff' onmouseover='BorderOn(this)' onmouseout='BorderOff(this)' value='Regel hinzufuegen'>
235 open ( FILE
, "< $configfile " ) or die "Unable to read $configfile " ;
241 <table border='0' width='100%' cellspacing='0'>
242 <tr><td bgcolor='lightgrey' width='14%'>Protokoll
243 <td bgcolor='lightgrey' width='14%'>Netzwerk
244 <td bgcolor='lightgrey' width='14%'>Ziel
245 <td bgcolor='lightgrey' width='14%'>Anmerkung
246 <td bgcolor='lightgrey' width='14%'>Politik
247 <td bgcolor='lightgrey' width='30%'>Aktionen
250 foreach $configentry ( sort @configs )
252 @configline = split ( /\;/ , $configentry );
253 $outfwsettings { 'STATE' } = $configline [ 0 ];
254 $outfwsettings { 'ENABLED' } = $configline [ 1 ];
255 $outfwsettings { 'SNET' } = $configline [ 2 ];
256 $outfwsettings { 'PROT' } = $configline [ 3 ];
257 $outfwsettings { 'NAME' } = $configline [ 4 ];
258 $outfwsettings { 'SIP' } = $configline [ 5 ];
259 $outfwsettings { 'SMAC' } = $configline [ 6 ];
260 $outfwsettings { 'DIP' } = $configline [ 7 ];
261 $outfwsettings { 'DPORT' } = $configline [ 8 ];
262 if ( $outfwsettings { 'DIP' } eq '' ){ $outfwsettings { 'DISPLAY_DIP' } = 'ALL' ; } else { $outfwsettings { 'DISPLAY_DIP' } = $outfwsettings { 'DIP' }; }
263 if ( $outfwsettings { 'DPORT' } eq '' ){ $outfwsettings { 'DISPLAY_DPORT' } = 'ALL' ; } else { $outfwsettings { 'DISPLAY_DPORT' } = $outfwsettings { 'DPORT' }; }
264 if ( $outfwsettings { 'STATE' } eq 'DENY' ){ $outfwsettings { 'DISPLAY_STATE' } = "<img src='/images/stock_stop.png' alt='DENY'>" ; }
265 if ( $outfwsettings { 'STATE' } eq 'ALLOW' ){ $outfwsettings { 'DISPLAY_STATE' } = "<img src='/images/stock_ok.png' alt='ALLOW'>" ; }
266 if ((( $outfwsettings { 'POLICY' } eq 'MODE1' ) && ( $outfwsettings { 'STATE' } eq 'ALLOW' )) || (( $outfwsettings { 'POLICY' } eq 'MODE2' ) && ( $outfwsettings { 'STATE' } eq 'DENY' ))){
268 <form method='post' action=' $ENV {'SCRIPT_NAME'}'>
269 <input type='hidden' name='PROT' value= $outfwsettings {'PROT'}>
270 <input type='hidden' name='STATE' value= $outfwsettings {'STATE'}>
271 <input type='hidden' name='SNET' value= $outfwsettings {'SNET'}>
272 <input type='hidden' name='DPORT' value= $outfwsettings {'DPORT'}>
273 <input type='hidden' name='DIP' value= $outfwsettings {'DIP'}>
274 <input type='hidden' name='SIP' value= $outfwsettings {'SIP'}>
275 <input type='hidden' name='NAME' value= $outfwsettings {'NAME'}>
276 <input type='hidden' name='SMAC' value= $outfwsettings {'SMAC'}>
277 <input type='hidden' name='ENABLED' value= $outfwsettings {'ENABLED'}>
278 <tr><td align='center' bgcolor='#EAEAEA'> $outfwsettings {'PROT'}
279 <td align='center' bgcolor='#EAEAEA'> $outfwsettings {'SNET'}
280 <td align='center' bgcolor='#EAEAEA'> $outfwsettings {'DISPLAY_DIP'}: $outfwsettings {'DISPLAY_DPORT'}
281 <td align='center' bgcolor='#EAEAEA'> $outfwsettings {'NAME'}
282 <td align='center' bgcolor='#EAEAEA'> $outfwsettings {'DISPLAY_STATE'}
283 <td align='right' bgcolor='#EAEAEA'>
284 <button type='submit' name='ACTION' value= $Lang ::tr{'edit'} class='btnOff' onmouseover='BorderOn(this)' onmouseout='BorderOff(this)'><img src='/images/edit.gif' width="20" height="20" alt= $Lang ::tr{'edit'}></button>
285 <button type='submit' name='ACTION' value= $Lang ::tr{'delete'} class='btnOff' onmouseover='BorderOn(this)' onmouseout='BorderOff(this)'><img src='/images/delete.gif' width="20" height="20" alt= $Lang ::tr{'delete'}></button>
288 if (( $outfwsettings { 'SIP' }) || ( $outfwsettings { 'SMAC' })) {
289 unless ( $outfwsettings { 'SIP' }) { $outfwsettings { 'DISPLAY_SIP' } = '---' ; } else { $outfwsettings { 'DISPLAY_SIP' } = $outfwsettings { 'SIP' }; }
290 unless ( $outfwsettings { 'SMAC' }) { $outfwsettings { 'DISPLAY_SMAC' } = '---' ; } else { $outfwsettings { 'DISPLAY_SMAC' } = $outfwsettings { 'SMAC' }; }
292 <tr><td width='14%' align='right' bgcolor='#FAFAFA'>Quell-IP-Adresse:
293 <td width='14%' align='left' bgcolor='#FAFAFA'> $outfwsettings {'DISPLAY_SIP'}
294 <td width='14%' align='right' bgcolor='#FAFAFA'>Quell-MAC-Adresse:
295 <td width='14%' align='left' bgcolor='#FAFAFA'> $outfwsettings {'DISPLAY_SMAC'}
296 <td width='44%' colspan='2' align='center' bgcolor='#FAFAFA'>
319 if ( $outfwsettings { 'POLICY' } eq 'MODE2' ){
320 open ( FILE
, "< $p2pfile " ) or die "Unable to read $p2pfile " ;
323 & Header
:: openbox
( '100%' , 'center' , 'P2P-Block' );
326 <tr><td bgcolor='lightgrey' width='66%'>Protokoll
327 <td bgcolor='lightgrey' width='33%'>Status
330 foreach $p2pentry ( sort @p2ps )
332 @p2pline = split ( /\;/ , $p2pentry );
334 <form method='post' action=' $ENV {'SCRIPT_NAME'}'>
335 <tr><td width='66%' align='center'> $p2pline [0]:
336 <td width='33%' align='center'><input type='hidden' name='P2PROT' value= $p2pline [1]>
339 if ( $p2pline [ 2 ] eq 'on' ) {
341 <input type='hidden' name='ACTION' value='disable'>
342 <input type='image' name='submit' src='/images/stock_ok.png' alt=''>
347 <input type='hidden' name='ACTION' value='enable'>
348 <input type='image' name='submit' src='/images/stock_stop.png' alt=''>
358 <tr><td colspan='2' align='center'>Klicken Sie auf die Symbole um das entsprechende P2P-Netz zu (de-)aktivieren.
365 & Header
:: openbox
( '100%' , 'center' , 'Policy' );
367 <form method='post' action=' $ENV {'SCRIPT_NAME'}'>
369 <tr><td width='10%' align='right'><b>Modus 0:</b><td width='90%' align='left' colspan='2'>In diesem Modus ist es allen Rechnern im Netzwerk uneingeschraenkt moeglich Verbindungen ins Internet aufzubauen.
370 <tr><td width='10%' align='right'><b>Modus 1:</b><td width='90%' align='left' colspan='2'>In diesem Modus werden nur Verbindungen nach den oben definierten Regeln zugelassen.
371 <tr><td width='10%' align='right'><b>Modus 2:</b><td width='90%' align='left' colspan='2'>In diesem Modus werden saemtliche Verbindungen erlaubt, bis auf die oben definierten Block-Regeln.<br>Hier ist eine Besonderheit der P2P-Filter.
372 <tr><td colspan='3'><hr>
373 <tr><td width='10%' align='right'> <select name='POLICY'><option value='MODE0' $selected {'POLICY'}{'MODE0'}>Modus 0</option><option value='MODE1' $selected {'POLICY'}{'MODE1'}>Modus 1</option><option value='MODE2' $selected {'POLICY'}{'MODE2'}>Modus 2</option></select>
374 <td width='45%' align='left'><input type='submit' name='ACTION' value= $Lang ::tr{'save'}>
375 <td width='45%' align='right'>
378 if ( $outfwsettings { 'POLICY' } ne 'MODE0' ) {
380 Alle Regeln loeschen: <input type='submit' name='ACTION' value= $Lang ::tr{'reset'}>
391 & Header
:: closebigbox
();
392 & Header
:: closepage
();
394 ############################################################################################################################
395 ############################################################################################################################
399 & Header
:: openbox
( '100%' , 'center' , 'Rules hinzufuegen' );
400 if ( $outfwsettings { 'EDIT' } eq 'no' ) { $selected { 'ENABLED' } = 'checked' ; }
402 <form method='post' action=' $ENV {'SCRIPT_NAME'}'>
404 <tr><td width='20%' align='right'>Anmerkung: <img src='/blob.gif'>
405 <td width='30%' align='left'><input type='text' name='NAME' maxlength='30' value=' $outfwsettings {'NAME'}'>
406 <td width='20%' align='right'>Aktiviert:
407 <td width='30%' align='left'><input type='checkbox' name='ENABLED' $selected {'ENABLED'}>
408 <tr><td width='20%' align='right'>Protokoll:
409 <td width='30%' align='left'><select name='PROT'><option value='tcp' $selected {'PROT'}{'TCP'}>TCP</option><option value='udp' $selected {'PROT'}{'UDP'}>UDP</option></select>
410 <td width='20%' align='right'>Sicherheitspolitik:
411 <td width='30%' align='left'>
414 if ( $outfwsettings { 'POLICY' } eq 'MODE1' ){
415 print " \t\t\t ALLOW<input type='hidden' name='STATE' value='ALLOW'> \n " ;
416 } elsif ( $outfwsettings { 'POLICY' } eq 'MODE2' ){
417 print " \t\t\t DENY<input type='hidden' name='STATE' value='DENY'> \n " ;
420 <tr><td width='20%' align='right'>Quellnetz:
421 <td width='30%' align='left'><select name='SNET'>
422 <option value='all' $selected {'SNET'}{'ALL'}>alle</option>
423 <option value='green' $selected {'SNET'}{'GREEN'}>Gruen</option>
426 if (& Header
:: blue_used
()){
427 print " \t\t\t <option value='blue' $selected {'SNET'}{'BLUE'}>Blau</option> \n " ;
429 if (& Header
:: orange_used
()){
430 print " \t\t\t <option value='orange' $selected {'SNET'}{'ORANGE'}>Orange</option> \n " ;
434 <td width='20%' align='right'>Quell-IP-Adresse: <img src='/blob.gif'>
435 <td width='30%' align='left'><input type='text' name='SIP' maxlength='15' value=' $outfwsettings {'SIP'}'>
436 <tr><td width='50%' colspan='2'>
437 <td width='20%' align='right'>Quell-MAC-Adresse: <img src='/blob.gif'>
438 <td width='30%' align='left'><input type='text' name='SMAC' maxlength='23' value=' $outfwsettings {'SMAC'}'>
439 <tr><td width='20%' align='right'>Ziel-IP-Adresse: <img src='/blob.gif'>
440 <td width='30%' align='left'><input type='text' name='DIP' maxlength='15' value=' $outfwsettings {'DIP'}'>
441 <td width='20%' align='right'>Ziel-Port: <img src='/blob.gif'>
442 <td width='30%' align='left'><input type='text' name='DPORT' maxlength='5' value=' $outfwsettings {'DPORT'}'>
444 <tr><td width='40%' align='right' colspan='2'><img src='/blob.gif'> $Lang ::tr{'this field may be blank'}
445 <td width='60%' align='left' colspan='2'><input type='submit' name='ACTION' value= $Lang ::tr{'add'}>