]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - html/cgi-bin/xtaccess.cgi
projects / people / pmueller / ipfire-2.x.git / blob
? search:


f5963330d1f9c949c32689190a159c672dc8be67
[people/pmueller/ipfire-2.x.git] / html / cgi-bin / xtaccess.cgi
1 #!/usr/bin/perl
2 #
3 # SmoothWall CGIs
4 #
5 # This code is distributed under the terms of the GPL
6 #
7 # (c) The SmoothWall Team
8 # Copyright (c) 2002/04/13 Steve Bootes - Add destination IP support
9 #
10 # $Id: xtaccess.cgi,v 1.6.2.15 2005/03/05 08:44:32 eoberlander Exp $
11 #
12
13 use strict;
14
15 # enable only the following on debugging purpose
16 #use warnings;
17 #use CGI::Carp 'fatalsToBrowser';
18
19 require '/var/ipfire/general-functions.pl';
20 require "${General::swroot}/lang.pl";
21 require "${General::swroot}/header.pl";
22
23 #workaround to suppress a warning when a variable is used only once
24 my @dummy = ( ${Header::colouryellow} );
25 undef (@dummy);
26
27 my %cgiparams=();
28 my %checked=();
29 my %selected=();
30 my $errormessage = '';
31 my $filename = "${General::swroot}/xtaccess/config";
32 my $aliasfile = "${General::swroot}/ethernet/aliases";
33 my $changed = 'no';
34
35 my %color = ();
36 my %mainsettings = ();
37 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
38 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
39
40 &Header::showhttpheaders();
41
42 $cgiparams{'ENABLED'} = 'off';
43 $cgiparams{'ACTION'} = '';
44 $cgiparams{'SRC'} = '';
45 $cgiparams{'DEST_PORT'} = '';
46 $cgiparams{'REMARK'} ='';
47 &Header::getcgihash(\%cgiparams);
48 open(FILE, $filename) or die 'Unable to open config file.';
49 my @current = <FILE>;
50 close(FILE);
51
52 if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
53 {
54 unless($cgiparams{'PROTOCOL'} =~ /^(tcp|udp)$/) { $errormessage = $Lang::tr{'invalid input'}; }
55 unless(&General::validipormask($cgiparams{'SRC'}))
56 {
57 if ($cgiparams{'SRC'} ne '') {
58 $errormessage = $Lang::tr{'source ip bad'}; }
59 else {
60 $cgiparams{'SRC'} = '0.0.0.0/0'; }
61 }
62 unless($errormessage){ $errormessage = &General::validportrange($cgiparams{'DEST_PORT'},'dst'); }
63 if ( ! $errormessage)
64 {
65 $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
66
67 if($cgiparams{'EDITING'} eq 'no') {
68 open(FILE,">>$filename") or die 'Unable to open config file.';
69 flock FILE, 2;
70 print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";
71 } else {
72 open(FILE, ">$filename") or die 'Unable to open config file.';
73 flock FILE, 2;
74 my $id = 0;
75 foreach my $line (@current)
76 {
77 $id++;
78 if ($cgiparams{'EDITING'} eq $id) {
79 print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";
80 } else { print FILE "$line"; }
81 }
82 }
83 close(FILE);
84 undef %cgiparams;
85 $changed = 'yes';
86 &General::log($Lang::tr{'external access rule added'});
87 system('/usr/local/bin/setxtaccess');
88 } else {
89 # stay on edit mode if an error occur
90 if ($cgiparams{'EDITING'} ne 'no')
91 {
92 $cgiparams{'ACTION'} = $Lang::tr{'edit'};
93 $cgiparams{'ID'} = $cgiparams{'EDITING'};
94 }
95 }
96 }
97 if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'})
98 {
99 my $id = 0;
100 open(FILE, ">$filename") or die 'Unable to open config file.';
101 flock FILE, 2;
102 foreach my $line (@current)
103 {
104 $id++;
105 unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }
106 }
107 close(FILE);
108 system('/usr/local/bin/setxtaccess');
109 &General::log($Lang::tr{'external access rule removed'});
110 }
111 if ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'})
112 {
113 open(FILE, ">$filename") or die 'Unable to open config file.';
114 flock FILE, 2;
115 my $id = 0;
116 foreach my $line (@current)
117 {
118 $id++;
119 unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }
120 else
121 {
122 chomp($line);
123 my @temp = split(/\,/,$line);
124 print FILE "$temp[0],$temp[1],$temp[2],$cgiparams{'ENABLE'},$temp[4],$temp[5]\n";
125 }
126 }
127 close(FILE);
128 system('/usr/local/bin/setxtaccess');
129 }
130 if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'})
131 {
132 my $id = 0;
133 foreach my $line (@current)
134 {
135 $id++;
136 if ($cgiparams{'ID'} eq $id)
137 {
138 chomp($line);
139 my @temp = split(/\,/,$line);
140 $cgiparams{'PROTOCOL'} = $temp[0];
141 $cgiparams{'SRC'} = $temp[1];
142 $cgiparams{'DEST_PORT'} = $temp[2];
143 $cgiparams{'ENABLED'} = $temp[3];
144 $cgiparams{'DEST'} = $temp[4];
145 $cgiparams{'REMARK'} = $temp[5];
146 }
147 }
148 }
149
150 if ($cgiparams{'ACTION'} eq '')
151 {
152 $cgiparams{'PROTOCOL'} = 'tcp';
153 $cgiparams{'DEST'} = '0.0.0.0';
154 $cgiparams{'ENABLED'} = 'on';
155 }
156
157 $selected{'PROTOCOL'}{'udp'} = '';
158 $selected{'PROTOCOL'}{'tcp'} = '';
159 $selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = "selected='selected'";
160
161 $selected{'DEST'}{$cgiparams{'DEST'}} = "selected='selected'";
162
163 $checked{'ENABLED'}{'off'} = '';
164 $checked{'ENABLED'}{'on'} = '';
165 $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";
166
167 &Header::openpage($Lang::tr{'external access configuration'}, 1, '');
168
169 &Header::openbigbox('100%', 'left', '', $errormessage);
170
171 if ($errormessage) {
172 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
173 print "<class name='base'>$errormessage\n";
174 print "&nbsp;</class>\n";
175 &Header::closebox();
176 }
177
178 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
179
180 my $buttontext = $Lang::tr{'add'};
181 if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
182 &Header::openbox('100%', 'left', $Lang::tr{'edit a rule'});
183 $buttontext = $Lang::tr{'update'};
184 } else {
185 &Header::openbox('100%', 'left', $Lang::tr{'add a new rule'});
186 }
187 print <<END
188 <table width='100%'>
189 <tr>
190 <td width='10%'>
191 <select name='PROTOCOL'>
192 <option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>
193 <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option>
194 </select>
195 </td>
196 <td class='base'><font color='${Header::colourred}'>$Lang::tr{'source network'}</font></td>
197 <td><input type='text' name='SRC' value='$cgiparams{'SRC'}' size='32' /></td>
198 <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination port'}:</font></td>
199 <td><input type='text' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td>
200 </tr>
201 </table>
202 <table width='100%'>
203 <tr>
204 <td width='10%' class='base'>$Lang::tr{'enabled'}<input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
205 <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination ip'}:&nbsp;</font>
206 <select name='DEST'>
207 <option value='0.0.0.0' $selected{'DEST'}{'0.0.0.0'}>DEFAULT IP</option>
208 END
209 ;
210
211 open(ALIASES, "$aliasfile") or die 'Unable to open aliases file.';
212 while (<ALIASES>)
213 {
214 chomp($_);
215 my @temp = split(/\,/,$_);
216 if ($temp[1] eq 'on') {
217 print "<option value='$temp[0]' $selected{'DEST'}{$temp[0]}>$temp[0]";
218 if (defined $temp[2] and ($temp[2] ne '')) { print " ($temp[2])"; }
219 print "</option>\n";
220 }
221 }
222 close(ALIASES);
223 print <<END
224 </select>
225 </td>
226 </tr>
227 </table>
228 <table width='100%'>
229 <tr>
230 <td width ='10%' class='base'>
231 <font class='boldbase'>$Lang::tr{'remark'}:</font>&nbsp;<img src='/blob.gif' alt='*' />
232 </td>
233 <td width='65%'>
234 <input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' />
235 </td>
236 <td width='25%' align='center'>
237 <input type='hidden' name='ACTION' value='$Lang::tr{'add'}' />
238 <input type='submit' name='SUBMIT' value='$buttontext' />
239 </td>
240 </tr>
241 </table>
242 <table width='100%'>
243 <tr>
244 <td class='base' width='30%'><img src='/blob.gif' alt ='*' align='top' />&nbsp;<font class='base'>$Lang::tr{'this field may be blank'}</font>
245 </td>
246 </tr>
247 </table>
248 END
249 ;
250 if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {
251 print "<input type='hidden' name='EDITING' value='$cgiparams{'ID'}' />\n";
252 } else {
253 print "<input type='hidden' name='EDITING' value='no' />\n";
254 }
255
256 &Header::closebox();
257 print "</form>\n";
258
259 &Header::openbox('100%', 'left', $Lang::tr{'current rules'});
260 print <<END
261 <table width='100%'>
262 <tr>
263 <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'proto'}</b></td>
264 <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'source ip'}</b></td>
265 <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'destination ip'}</b></td>
266 <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'destination port'}</b></td>
267 <td width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></td>
268 <td width='5%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>
269 </tr>
270 END
271 ;
272
273 # If something has happened re-read config
274 if($cgiparams{'ACTION'} ne '' or $changed ne 'no')
275 {
276 open(FILE, $filename) or die 'Unable to open config file.';
277 @current = <FILE>;
278 close(FILE);
279 }
280 my $id = 0;
281 foreach my $line (@current)
282 {
283 $id++;
284 chomp($line);
285 my @temp = split(/\,/,$line);
286 my $protocol = '';
287 my $gif = '';
288 my $gdesc = '';
289 my $toggle = '';
290 if ($temp[0] eq 'udp') {
291 $protocol = 'UDP'; }
292 else {
293 $protocol = 'TCP' }
294 if($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'ID'} eq $id) {
295 print "<tr bgcolor='${Header::colouryellow}'>\n"; }
296 elsif ($id % 2) {
297 print "<tr bgcolor='$color{'color22'}'>\n"; }
298 else {
299 print "<tr bgcolor='$color{'color20'}'>\n"; }
300 if ($temp[3] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
301 else { $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; }
302 if ($temp[1] eq '0.0.0.0/0') {
303 $temp[1] = $Lang::tr{'caps all'}; }
304 # catch for 'old-style' rules file - assume default ip if
305 # none exists
306 if (!&General::validip($temp[4]) || $temp[4] eq '0.0.0.0') {
307 $temp[4] = 'DEFAULT IP'; }
308 $temp[5] = '' unless defined $temp[5];
309 print <<END
310 <td align='center'>$protocol</td>
311 <td align='center'>$temp[1]</td>
312 <td align='center'>$temp[4]</td>
313 <td align='center'>$temp[2]</td>
314 <td align='left'>&nbsp;$temp[5]</td>
315 <td align='center'>
316 <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
317 <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' />
318 <input type='hidden' name='ID' value='$id' />
319 <input type='hidden' name='ENABLE' value='$toggle' />
320 <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
321 </form>
322 </td>
323 <td align='center'>
324 <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
325 <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' />
326 <input type='hidden' name='ID' value='$id' />
327 <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
328 </form>
329 </td>
330 <td align='center'>
331 <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
332 <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
333 <input type='hidden' name='ID' value='$id' />
334 <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
335 </form>
336 </td>
337
338 </tr>
339 END
340 ;
341 }
342 print "</table>\n";
343
344 # If the xt access file contains entries, print Key to action icons
345 if ( ! -z "$filename") {
346 print <<END
347 <table>
348 <tr>
349 <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
350 <td>&nbsp; <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
351 <td class='base'>$Lang::tr{'click to disable'}</td>
352 <td>&nbsp; &nbsp; <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
353 <td class='base'>$Lang::tr{'click to enable'}</td>
354 <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
355 <td class='base'>$Lang::tr{'edit'}</td>
356 <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
357 <td class='base'>$Lang::tr{'remove'}</td>
358 </tr>
359 </table>
360 END
361 ;
362 }
363
364 &Header::closebox();
365
366 &Header::closebigbox();
367
368 &Header::closepage();
Peter's tree of IPFire 2.x