]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - html/cgi-bin/xtaccess.cgi
projects / people / pmueller / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
"All connection fine" message now only showed one time.
[people/pmueller/ipfire-2.x.git] / html / cgi-bin / xtaccess.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007 Michael Tremer & Christian Schmidt #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use strict;
23
24 # enable only the following on debugging purpose
25 #use warnings;
26 #use CGI::Carp 'fatalsToBrowser';
27
28 require '/var/ipfire/general-functions.pl';
29 require "${General::swroot}/lang.pl";
30 require "${General::swroot}/header.pl";
31
32 #workaround to suppress a warning when a variable is used only once
33 my @dummy = ( ${Header::colouryellow} );
34 undef (@dummy);
35
36 my %cgiparams=();
37 my %checked=();
38 my %selected=();
39 my $errormessage = '';
40 my $filename = "${General::swroot}/xtaccess/config";
41 my $aliasfile = "${General::swroot}/ethernet/aliases";
42 my $changed = 'no';
43
44 my %color = ();
45 my %mainsettings = ();
46 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
47 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
48
49 &Header::showhttpheaders();
50
51 $cgiparams{'ENABLED'} = 'off';
52 $cgiparams{'ACTION'} = '';
53 $cgiparams{'SRC'} = '';
54 $cgiparams{'DEST_PORT'} = '';
55 $cgiparams{'REMARK'} ='';
56 &Header::getcgihash(\%cgiparams);
57 open(FILE, $filename) or die 'Unable to open config file.';
58 my @current = <FILE>;
59 close(FILE);
60
61 if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
62 {
63 unless($cgiparams{'PROTOCOL'} =~ /^(tcp|udp)$/) { $errormessage = $Lang::tr{'invalid input'}; }
64 unless(&General::validipormask($cgiparams{'SRC'}))
65 {
66 if ($cgiparams{'SRC'} ne '') {
67 $errormessage = $Lang::tr{'source ip bad'}; }
68 else {
69 $cgiparams{'SRC'} = '0.0.0.0/0'; }
70 }
71 unless($errormessage){ $errormessage = &General::validportrange($cgiparams{'DEST_PORT'},'dst'); }
72 if ( ! $errormessage)
73 {
74 $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
75
76 if($cgiparams{'EDITING'} eq 'no') {
77 open(FILE,">>$filename") or die 'Unable to open config file.';
78 flock FILE, 2;
79 print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";
80 } else {
81 open(FILE, ">$filename") or die 'Unable to open config file.';
82 flock FILE, 2;
83 my $id = 0;
84 foreach my $line (@current)
85 {
86 $id++;
87 if ($cgiparams{'EDITING'} eq $id) {
88 print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";
89 } else { print FILE "$line"; }
90 }
91 }
92 close(FILE);
93 undef %cgiparams;
94 $changed = 'yes';
95 &General::log($Lang::tr{'external access rule added'});
96 system('/usr/local/bin/setxtaccess');
97 } else {
98 # stay on edit mode if an error occur
99 if ($cgiparams{'EDITING'} ne 'no')
100 {
101 $cgiparams{'ACTION'} = $Lang::tr{'edit'};
102 $cgiparams{'ID'} = $cgiparams{'EDITING'};
103 }
104 }
105 }
106 if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'})
107 {
108 my $id = 0;
109 open(FILE, ">$filename") or die 'Unable to open config file.';
110 flock FILE, 2;
111 foreach my $line (@current)
112 {
113 $id++;
114 unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }
115 }
116 close(FILE);
117 system('/usr/local/bin/setxtaccess');
118 &General::log($Lang::tr{'external access rule removed'});
119 }
120 if ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'})
121 {
122 open(FILE, ">$filename") or die 'Unable to open config file.';
123 flock FILE, 2;
124 my $id = 0;
125 foreach my $line (@current)
126 {
127 $id++;
128 unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }
129 else
130 {
131 chomp($line);
132 my @temp = split(/\,/,$line);
133 print FILE "$temp[0],$temp[1],$temp[2],$cgiparams{'ENABLE'},$temp[4],$temp[5]\n";
134 }
135 }
136 close(FILE);
137 system('/usr/local/bin/setxtaccess');
138 }
139 if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'})
140 {
141 my $id = 0;
142 foreach my $line (@current)
143 {
144 $id++;
145 if ($cgiparams{'ID'} eq $id)
146 {
147 chomp($line);
148 my @temp = split(/\,/,$line);
149 $cgiparams{'PROTOCOL'} = $temp[0];
150 $cgiparams{'SRC'} = $temp[1];
151 $cgiparams{'DEST_PORT'} = $temp[2];
152 $cgiparams{'ENABLED'} = $temp[3];
153 $cgiparams{'DEST'} = $temp[4];
154 $cgiparams{'REMARK'} = $temp[5];
155 }
156 }
157 }
158
159 if ($cgiparams{'ACTION'} eq '')
160 {
161 $cgiparams{'PROTOCOL'} = 'tcp';
162 $cgiparams{'DEST'} = '0.0.0.0';
163 $cgiparams{'ENABLED'} = 'on';
164 }
165
166 $selected{'PROTOCOL'}{'udp'} = '';
167 $selected{'PROTOCOL'}{'tcp'} = '';
168 $selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = "selected='selected'";
169
170 $selected{'DEST'}{$cgiparams{'DEST'}} = "selected='selected'";
171
172 $checked{'ENABLED'}{'off'} = '';
173 $checked{'ENABLED'}{'on'} = '';
174 $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";
175
176 &Header::openpage($Lang::tr{'external access configuration'}, 1, '');
177
178 &Header::openbigbox('100%', 'left', '', $errormessage);
179
180 if ($errormessage) {
181 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
182 print "<class name='base'>$errormessage\n";
183 print "&nbsp;</class>\n";
184 &Header::closebox();
185 }
186
187 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
188
189 my $buttontext = $Lang::tr{'add'};
190 if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
191 &Header::openbox('100%', 'left', $Lang::tr{'edit a rule'});
192 $buttontext = $Lang::tr{'update'};
193 } else {
194 &Header::openbox('100%', 'left', $Lang::tr{'add a new rule'});
195 }
196 print <<END
197 <table width='100%'>
198 <tr>
199 <td width='10%'>
200 <select name='PROTOCOL'>
201 <option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
202 <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option>
203 </select>
204 </td>
205 <td class='base'><font color='${Header::colourred}'>$Lang::tr{'source network'}</font></td>
206 <td><input type='text' name='SRC' value='$cgiparams{'SRC'}' size='32' /></td>
207 <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination port'}:</font></td>
208 <td><input type='text' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td>
209 </tr>
210 </table>
211 <table width='100%'>
212 <tr>
213 <td width='10%' class='base'>$Lang::tr{'enabled'}<input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
214 <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination ip'}:&nbsp;</font>
215 <select name='DEST'>
216 <option value='0.0.0.0' $selected{'DEST'}{'0.0.0.0'}>DEFAULT IP</option>
217 END
218 ;
219
220 open(ALIASES, "$aliasfile") or die 'Unable to open aliases file.';
221 while (<ALIASES>)
222 {
223 chomp($_);
224 my @temp = split(/\,/,$_);
225 if ($temp[1] eq 'on') {
226 print "<option value='$temp[0]' $selected{'DEST'}{$temp[0]}>$temp[0]";
227 if (defined $temp[2] and ($temp[2] ne '')) { print " ($temp[2])"; }
228 print "</option>\n";
229 }
230 }
231 close(ALIASES);
232 print <<END
233 </select>
234 </td>
235 </tr>
236 </table>
237 <table width='100%'>
238 <tr>
239 <td width ='10%' class='base'>
240 <font class='boldbase'>$Lang::tr{'remark'}:</font>&nbsp;<img src='/blob.gif' alt='*' />
241 </td>
242 <td width='65%'>
243 <input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' />
244 </td>
245 <td width='25%' align='center'>
246 <input type='hidden' name='ACTION' value='$Lang::tr{'add'}' />
247 <input type='submit' name='SUBMIT' value='$buttontext' />
248 </td>
249 </tr>
250 </table>
251 <table width='100%'>
252 <tr>
253 <td class='base' width='30%'><img src='/blob.gif' alt ='*' align='top' />&nbsp;<font class='base'>$Lang::tr{'this field may be blank'}</font>
254 </td>
255 </tr>
256 </table>
257 END
258 ;
259 if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
260 print "<input type='hidden' name='EDITING' value='$cgiparams{'ID'}' />\n";
261 } else {
262 print "<input type='hidden' name='EDITING' value='no' />\n";
263 }
264
265 &Header::closebox();
266 print "</form>\n";
267
268 &Header::openbox('100%', 'left', $Lang::tr{'current rules'});
269 print <<END
270 <table width='100%'>
271 <tr>
272 <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'proto'}</b></td>
273 <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'source ip'}</b></td>
274 <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'destination ip'}</b></td>
275 <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'destination port'}</b></td>
276 <td width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></td>
277 <td width='5%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
278 </tr>
279 END
280 ;
281
282 # If something has happened re-read config
283 if($cgiparams{'ACTION'} ne '' or $changed ne 'no')
284 {
285 open(FILE, $filename) or die 'Unable to open config file.';
286 @current = <FILE>;
287 close(FILE);
288 }
289 my $id = 0;
290 foreach my $line (@current)
291 {
292 $id++;
293 chomp($line);
294 my @temp = split(/\,/,$line);
295 my $protocol = '';
296 my $gif = '';
297 my $gdesc = '';
298 my $toggle = '';
299 if ($temp[0] eq 'udp') {
300 $protocol = 'UDP'; }
301 else {
302 $protocol = 'TCP' }
303 if($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'ID'} eq $id) {
304 print "<tr bgcolor='${Header::colouryellow}'>\n"; }
305 elsif ($id % 2) {
306 print "<tr bgcolor='$color{'color22'}'>\n"; }
307 else {
308 print "<tr bgcolor='$color{'color20'}'>\n"; }
309 if ($temp[3] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
310 else { $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; }
311 if ($temp[1] eq '0.0.0.0/0') {
312 $temp[1] = $Lang::tr{'caps all'}; }
313 # catch for 'old-style' rules file - assume default ip if
314 # none exists
315 if (!&General::validip($temp[4]) || $temp[4] eq '0.0.0.0') {
316 $temp[4] = 'DEFAULT IP'; }
317 $temp[5] = '' unless defined $temp[5];
318 print <<END
319 <td align='center'>$protocol</td>
320 <td align='center'>$temp[1]</td>
321 <td align='center'>$temp[4]</td>
322 <td align='center'>$temp[2]</td>
323 <td align='left'>&nbsp;$temp[5]</td>
324 <td align='center'>
325 <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
326 <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' />
327 <input type='hidden' name='ID' value='$id' />
328 <input type='hidden' name='ENABLE' value='$toggle' />
329 <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
330 </form>
331 </td>
332 <td align='center'>
333 <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
334 <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' />
335 <input type='hidden' name='ID' value='$id' />
336 <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
337 </form>
338 </td>
339 <td align='center'>
340 <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
341 <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
342 <input type='hidden' name='ID' value='$id' />
343 <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
344 </form>
345 </td>
346
347 </tr>
348 END
349 ;
350 }
351 print "</table>\n";
352
353 # If the xt access file contains entries, print Key to action icons
354 if ( ! -z "$filename") {
355 print <<END
356 <table>
357 <tr>
358 <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
359 <td>&nbsp; <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
360 <td class='base'>$Lang::tr{'click to disable'}</td>
361 <td>&nbsp; &nbsp; <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
362 <td class='base'>$Lang::tr{'click to enable'}</td>
363 <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
364 <td class='base'>$Lang::tr{'edit'}</td>
365 <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
366 <td class='base'>$Lang::tr{'remove'}</td>
367 </tr>
368 </table>
369 END
370 ;
371 }
372
373 &Header::closebox();
374
375 &Header::closebigbox();
376
377 &Header::closepage();
Peter's tree of IPFire 2.x