]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blobdiff - html/cgi-bin/guardian.cgi
projects / people / pmueller / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
suricata: Change midstream policy to "pass-flow"
[people/pmueller/ipfire-2.x.git] / html / cgi-bin / guardian.cgi
diff --git a/html/cgi-bin/guardian.cgi b/html/cgi-bin/guardian.cgi
index 7dc6b014928e7e66806b43dc347c02eb24ea89e6..8ffe57f113e131c7cac2c02d989e50a8e1bd2898 100644 (file)
--- a/html/cgi-bin/guardian.cgi
+++ b/html/cgi-bin/guardian.cgi
@@ -60,15 +60,15 @@ our %netsettings = ();
 our %color = ();
 our %mainsettings = ();
 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
 
 # File declarations.
 my $settingsfile = "${General::swroot}/guardian/settings";
 my $ignoredfile = "${General::swroot}/guardian/ignored";
 
 # Create empty settings and ignoredfile if they do not exist yet.
-unless (-e "$settingsfile") { system("touch $settingsfile"); }
-unless (-e "$ignoredfile") { system("touch $ignoredfile"); }
+unless (-e "$settingsfile") { &General::system("touch", "$settingsfile"); }
+unless (-e "$ignoredfile") { &General::system("touch", "$ignoredfile"); }
 
 our %settings = ();
 our %ignored  = ();
@@ -829,12 +829,9 @@ sub GetBlockedHosts() {
        my @hosts;
 
        # Launch helper to get chains from iptables.
-       system('/usr/local/bin/getipstat');
+       open (FILE, '/usr/local/bin/getipstat | ');
 
-       # Open temporary file which contains the chains and rules.
-       open (FILE, '/var/tmp/iptables.txt');
-
-       # Loop through the entire file.
+       # Loop through the entire output.
        while (<FILE>) {
                my $line = $_;
 
@@ -864,11 +861,6 @@ sub GetBlockedHosts() {
        # Close filehandle.
        close(FILE);
 
-       # Remove recently created temporary files of the "getipstat" binary.
-       system("rm -f /var/tmp/iptables.txt");
-       system("rm -f /var/tmp/iptablesmangle.txt");
-       system("rm -f /var/tmp/iptablesnat.txt");
-
        # Convert entries, sort them, write back and store the sorted entries into new array.
        my @sorted = map  { $_->[0] }
              sort { $a->[1] <=> $b->[1] }
@@ -886,7 +878,7 @@ sub BuildConfiguration() {
        my $configfile = "${General::swroot}/guardian/guardian.conf";
 
        # Create the configfile if none exists yet.
-       unless (-e "$configfile") { system("touch $configfile"); }
+       unless (-e "$configfile") { &General::system("touch", "$configfile"); }
 
        # Open configfile for writing.
        open(FILE, ">$configfile");
@@ -948,11 +940,11 @@ sub BuildConfiguration() {
                        &Guardian::Socket::Client("reload");
                } else {
                        # Launch guardian.
-                       system("/usr/local/bin/addonctrl guardian start &>/dev/null");
+                       &General::system("/usr/local/bin/addonctrl", "guardian", "start");
                }
        } else {
                # Stop the daemon.
-               system("/usr/local/bin/addonctrl guardian stop &>/dev/null");
+               &General::system("/usr/local/bin/addonctrl", "guardian", "stop");
        }
 }
 
@@ -963,7 +955,7 @@ sub GenerateIgnoreFile() {
        &General::readhasharray($ignoredfile, \%ignored);
 
        # Create the guardian.ignore file if not exist yet.
-       unless (-e "$ignorefile") { system("touch $ignorefile"); }
+       unless (-e "$ignorefile") { &General::system("touch", "$ignorefile"); }
 
        # Open ignorefile for writing.
        open(FILE, ">$ignorefile");
Peter's tree of IPFire 2.x