X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Fiptables.cgi;h=886330d0e2a6ab3b7b36b8c163871ae7254f42ae;hp=25baef072f3e7bcfa611ad7ca170824b235209f2;hb=bed16d4f435080044546380850b27ede31355ff5;hpb=483f59cd335706e8311bf70b55d7d537cf173aff diff --git a/html/cgi-bin/iptables.cgi b/html/cgi-bin/iptables.cgi index 25baef072f..886330d0e2 100644 --- a/html/cgi-bin/iptables.cgi +++ b/html/cgi-bin/iptables.cgi @@ -1,108 +1,439 @@ #!/usr/bin/perl -# -# IPFire CGIs -# -# This code is distributed under the terms of the GPL -# +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2010 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### require '/var/ipfire/general-functions.pl'; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; +#use warnings; +#use CGI::Carp 'fatalsToBrowser'; + +my $debug = 0; my @iplines; +my $string = ""; my $lines = 0; my @ipmanlines; my $manlines = 0; my @ipnatlines; my $natlines = 0; +my %chains; +my %chainsman; +my %chainsnat; +my $chainname; +my $selectedchain; +my %netsettings = (); +my %cgiparams=(); + +&Header::getcgihash(\%cgiparams); system('/usr/local/bin/getipstat'); &Header::showhttpheaders(); &Header::openpage($Lang::tr{'ipts'}, 1, ''); &Header::openbigbox('100%', 'LEFT'); + +# This debug is used to see what inputs are done via the cgi and +# what parameters are to be executed + +if ( $debug ){ + &Header::openbox('100%', 'center', 'DEBUG'); + my $debugCount = 0; + foreach my $line (sort keys %cgiparams) { + print "$line = '$cgiparams{$line}'
\n"; + $debugCount++; + } + print " Count: $debugCount\n"; + &Header::closebox(); +} + &Header::openbox('100%', 'LEFT', $Lang::tr{'ipts'}.':'); + +# If the cgi is called the first time the default chain is +# used, otherwise if user selected a chains in the selectboxes +# those one are displayed, it is possible to change all 3 at +# the same time + +if ( $cgiparams{'selectedchain'} ne "" ){ + my @multi = split(/\|/,$cgiparams{'selectedchain'}); + $selectedchain = $multi[0]; +} else { + $selectedchain = "INPUT"; +} + print < - 
+

 END
 ;
-	open (FILE, '/home/httpd/html/iptables.txt');
-	while ()
-       {
-         	$iplines[$lines] = $_;
+
+# We´ll open the txt files and extract each line, if the line
+# start with an Chain the the name, start- and endline of the
+# chain is extracted into a hash
+
+	open (FILE, '/srv/web/ipfire/html/iptables.txt');
+	while (){
+
+		$iplines[$lines] = $_;
+
+		if ( $_ =~ /^Chain/  ){
+
+			my @chainstring = split(/ /,$_);
+
+			if ( $chainname ne "" ){
+				$chains{$chainname."end"} = $lines-2;
+			}
+
+			$chainname = $chainstring[1];
+			$chains{$chainname."start"} = $lines; 
+		}
+
 		$lines++;
-       }
+
+	}
+	$chains{$chainname."end"} = $lines-1;
 	close (FILE);
-	foreach $_ (@iplines) {
-		print "$_"; }
 
-print <
-    

-    
 
+# now the chain hash is extracted to get the correct name of the chain
+# all chains are displayed as a select box and can be choosen for display
+# after this all corresponding lines for the chain are extraced and seperated
+# into table rows, sometimes we need to handle leading blank so the offset is
+# needed, some lines need to chomp trailing seperators. The interfaces and
+# network addresses should be colorized by an extra function to make a nice
+# colored gui
 
-END
-;
+	print "
\n

\n\n";
+
+	$string = $iplines[$chains{$selectedchain."start"}];
+	$string =~ s/\s$//gi;
+
+	print "".$string."
\n\n";
+	print "\n\n";
+	foreach (split(/ +/,$iplines[$chains{$selectedchain."start"}+1])){
+		if ( $_  =~ /[^a-zA-Z]/ ){chomp($_);}
+		print "   \n";
+	}
+
+	print "\n";
+
+	print "\n";
+	print "   \n   \n   \n";
+	print "   \n   \n";
+	print "   \n   \n";
+	print "   \n   \n";
+	print "   \n   \n";
+	print "\n";
+
+
+	for(my $i = $chains{$selectedchain."start"}+2; $i <= $chains{$selectedchain."end"}; $i++) {
+		print "\n";
+
+		my @iptablesline = split(/ +/,$iplines[$i]);
+		my $offset=0;
+
+		 if ( $iptablesline[0] eq "" ){
+			$offset=1;
+		 }
+
+		print "   \n   \n   \n";
+		print "   \n   \n";
+		print "   \n   \n";
+		print "   \n";
+		print "   \n";
+		print "   \n   \n\n";
+	}
+print "
".$_."
".$iptablesline[0+$offset]."".$iptablesline[1+$offset]."".$iptablesline[2+$offset]."".$iptablesline[3+$offset]."".$iptablesline[4+$offset]."".&Header::colorize($iptablesline[5+$offset])."".&Header::colorize($iptablesline[6+$offset])."".&Header::colorize($iptablesline[7+$offset])."".&Header::colorize($iptablesline[8+$offset])."";
+
+		for (my $i=9+$offset; $i <= $#iptablesline; $i++){
+			$string = $iptablesline[$i];
+			$string =~ s/\s$//gi;
+			print " ".$string;
+		}
+		print "

";
 &Header::closebox();
 
 ## MANGLE
 &Header::openbox('100%', 'LEFT', $Lang::tr{'iptmangles'}.':');
+
+# If the cgi is called the first time the default chain is
+# used, otherwise if user selected a chains in the selectboxes
+# those one are displayed, it is possible to change all 3 at
+# the same time
+
+if ( $cgiparams{'selectedchain'} ne "" ){
+	my @multi = split(/\|/,$cgiparams{'selectedchain'});
+	$selectedchain = $multi[1];
+} else {
+	$selectedchain = "PREROUTING";
+}
+
 print <
-    
+

 END
 ;
-	open (FILEMAN, '/home/httpd/html/iptablesmangle.txt');
-	while ()
-       {
-         	$ipmanlines[$manlines] = $_;
+
+# We´ll open the txt files and extract each line, if the line
+# start with an Chain the the name, start- and endline of the
+# chain is extracted into a hash
+
+	open (FILE, '/srv/web/ipfire/html/iptablesmangle.txt');
+	while (){
+
+		$ipmlines[$manlines] = $_;
+
+		if ( $_ =~ /^Chain/  ){
+
+			my @chainstring = split(/ /,$_);
+
+			if ( $chainname ne "" ){
+				$chainsman{$chainname."end"} = $manlines-2;
+			}
+
+			$chainname = $chainstring[1];
+			$chainsman{$chainname."start"} = $manlines; 
+		}
+
 		$manlines++;
-       }
-	close (FILEMAN);
-	foreach $_ (@ipmanlines) {
-		print "$_"; }
+	   
+	}
+	$chainsman{$chainname."end"} = $manlines-1;
+	close (FILE);
 
-print <
-    

-    
 
+# now the chain hash is extracted to get the correct name of the chain
+# all chains are displayed as a select box and can be choosen for display
+# after this all corresponding lines for the chain are extraced and seperated
+# into table rows, sometimes we need to handle leading blank so the offset is
+# needed, some lines need to chomp trailing seperators. The interfaces and
+# network addresses should be colorized by an extra function to make a nice
+# colored gui
 
-END
-;
+	print "\n

\n\n";
+
+	$string = $ipmanlines[$chainsman{$selectedchain."start"}];
+	$string =~ s/\s$//gi;
+
+	print "".$string."
\n\n";
+	print "\n\n";
+	foreach (split(/ +/,$ipmlines[$chainsman{$selectedchain."start"}+1])){
+		if ( $_  =~ /[^a-zA-Z]/ ){chomp($_);}
+		print "   \n";
+	}
+
+	print "\n";
+
+	print "\n";
+	print "   \n   \n   \n";
+	print "   \n   \n";
+	print "   \n   \n";
+	print "   \n   \n";
+	print "   \n   \n";
+	print "\n";
+
+	for(my $i = $chainsman{$selectedchain."start"}+2; $i <= $chainsman{$selectedchain."end"}; $i++) {
+		print "\n";
+		my @iptablesline = split(/ +/,$ipmlines[$i]);
+		my $offset=0;
+
+		 if ( $iptablesline[0] eq "" ){
+			$offset=1;
+		}
+
+		print "   \n   \n   \n";
+		print "   \n   \n";
+		print "   \n   \n";
+		print "   \n";
+		print "   \n";
+		print "   \n   \n\n";
+	}
+print "
".$_."
".$iptablesline[0+$offset]."".$iptablesline[1+$offset]."".$iptablesline[2+$offset]."".$iptablesline[3+$offset]."".$iptablesline[4+$offset]."".&Header::colorize($iptablesline[5+$offset])."".&Header::colorize($iptablesline[6+$offset])."".&Header::colorize($iptablesline[7+$offset])."".&Header::colorize($iptablesline[8+$offset])."";
+
+		for (my $i=9+$offset; $i <= $#iptablesline; $i++){
+			$string = $iptablesline[$i];
+			$string =~ s/\s$//gi;
+
+# mangles with marks need to be converted from hex to number to show the correct qos class
+
+			if ( $string =~ /^0x/){
+				$string = hex($string);
+			}
+
+			print " ".$string;
+		}
+		print "

";
 &Header::closebox();
 
 ## NAT
 &Header::openbox('100%', 'LEFT', $Lang::tr{'iptnats'}.':');
+
+# If the cgi is called the first time the default chain is
+# used, otherwise if user selected a chains in the selectboxes
+# those one are displayed, it is possible to change all 3 at
+# the same time
+
+if ( $cgiparams{'selectedchain'} ne "" ){
+	my @multi = split(/\|/,$cgiparams{'selectedchain'});
+	$selectedchain = $multi[2];
+} else {
+	$selectedchain = "PREROUTING";
+}
+
 print <
-    
+

 END
 ;
-	open (FILENAT, '/home/httpd/html/iptablesnat.txt');
-	while ()
-       {
-         	$ipnatlines[$natlines] = $_;
+
+# We´ll open the txt files and extract each line, if the line
+# start with an Chain the the name, start- and endline of the
+# chain is extracted into a hash
+
+	open (FILE, '/srv/web/ipfire/html/iptablesnat.txt');
+	while (){
+
+		$ipnatlines[$natlines] = $_;
+
+		if ( $_ =~ /^Chain/  ){
+
+			my @chainstring = split(/ /,$_);
+
+			if ( $chainname ne "" ){
+				$chainsnat{$chainname."end"} = $natlines-2;
+			}
+
+			$chainname = $chainstring[1];
+			$chainsnat{$chainname."start"} = $natlines; 
+		}
+
 		$natlines++;
-       }
-	close (FILENAT);
-	foreach $_ (@ipnatlines) {
-		print "$_"; }
+	   
+	}
+	$chainsnat{$chainname."end"} = $natlines-1;
+	close (FILE);
 
-print <
-    

-    
 
+# now the chain hash is extracted to get the correct name of the chain
+# all chains are displayed as a select box and can be choosen for display
+# after this all corresponding lines for the chain are extraced and seperated
+# into table rows, sometimes we need to handle leading blank so the offset is
+# needed, some lines need to chomp trailing seperators. The interfaces and
+# network addresses should be colorized by an extra function to make a nice
+# colored gui
 
-END
-;
+	print "\n

\n\n";
+
+	$string = $ipnatlines[$chainsnat{$selectedchain."start"}];
+	$string =~ s/\s$//gi;
+
+	print "".$string."
\n\n";
+	print "\n\n";
+	foreach (split(/ +/,$ipnatlines[$chainsnat{$selectedchain."start"}+1])){
+		if ( $_  =~ /[^a-zA-Z]/ ){chomp($_);}
+		print "\n";
+	}
+
+	print "\n";
+
+	print "\n";
+	print "   \n   \n   \n";
+	print "   \n   \n";
+	print "   \n   \n";
+	print "   \n   \n";
+	print "   \n   \n";
+	print "\n";
+
+	for(my $i = $chainsnat{$selectedchain."start"}+2; $i <= $chainsnat{$selectedchain."end"}; $i++) {
+		print "\n";
+		my @iptablesline = split(/ +/,$ipnatlines[$i]);
+		my $offset=0;
+
+		 if ( $iptablesline[0] eq "" ){
+			$offset=1;
+		}
+
+		print "   \n\n   \n";
+		print "   \n   \n";
+		print "   \n   \n";
+		print "   \n";
+		print "   \n";
+		print "   \n   \n\n";
+	}
+print "
".$_."
".$iptablesline[0+$offset]."".$iptablesline[1+$offset]."".$iptablesline[2+$offset]."".$iptablesline[3+$offset]."".$iptablesline[4+$offset]."".&Header::colorize($iptablesline[5+$offset])."".&Header::colorize($iptablesline[6+$offset])."".&Header::colorize($iptablesline[7+$offset])."".&Header::colorize($iptablesline[8+$offset])."";
+
+		for (my $i=9+$offset; $i <= $#iptablesline; $i++){
+			$string = $iptablesline[$i];
+			$string =~ s/\s$//gi;
+			print " ".$string;
+		}
+		print "

";
 &Header::closebox();
 &Header::closebigbox();
 &Header::closepage();
 
-unlink /home/httpd/html/iptables.txt;
-unlink /home/httpd/html/iptablesmangle.txt;
-unlink /home/httpd/html/iptablesnat.txt;
+system(rm -f "/srv/web/ipfire/html/iptables.txt");
+system(rm -f "/srv/web/ipfire/html/iptablesmangle.txt");
+system(rm -f "/srv/web/ipfire/html/iptablesnat.txt");
\ No newline at end of file