'title' => "$Lang::tr{'outgoing firewall'}",
'enabled' => 1,
};
+ $subfirewall->{'51.outgoinggrp'} = {
+ 'caption' => $Lang::tr{'outgoing firewall groups'},
+ 'uri' => '/cgi-bin/outgoinggrp.cgi',
+ 'title' => "$Lang::tr{'outgoing firewall groups'}",
+ 'enabled' => 1,
+ };
$subfirewall->{'60.upnp'} = {
'caption' => 'UPnP',
'uri' => '/cgi-bin/upnp.cgi',
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2005-2010 IPTifre Team #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
my $p2pentry = "";
my @p2ps = ();
my @p2pline = ();
-my @proto = ();
my $CMD = "";
my $P2PSTRING = "";
$outfwsettings{'DISPLAY_SIP'} = '';
$outfwsettings{'POLICY'} = 'MODE0';
+my @SOURCE = "";
my $SOURCE = "";
my $DESTINATION = "";
+my @PROTO = "";
my $PROTO = "";
my $DPORT = "";
my $DEV = "";
foreach $configentry (sort @configs)
{
- $SOURCE = "";
+ @SOURCE = "";
$DESTINATION = "";
$PROTO = "";
$DPORT = "";
$DEV = "";
$MAC = "";
@configline = split( /\;/, $configentry );
+
if ($outfwsettings{'STATE'} eq $configline[0]) {
if ($configline[2] eq 'green') {
- $SOURCE = "$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
+ @SOURCE = ("$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}");
$DEV = $netsettings{'GREEN_DEV'};
} elsif ($configline[2] eq 'red') {
- $SOURCE = "$netsettings{'RED_IP'}";
+ @SOURCE = ("$netsettings{'RED_IP'}");
$DEV = "";
} elsif ($configline[2] eq 'blue') {
- $SOURCE = "$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";
+ @SOURCE = ("$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}");
$DEV = $netsettings{'BLUE_DEV'};
} elsif ($configline[2] eq 'orange') {
- $SOURCE = "$netsettings{'ORANGE_NETADDRESS'}/$netsettings{'ORANGE_NETMASK'}";
+ @SOURCE = ("$netsettings{'ORANGE_NETADDRESS'}/$netsettings{'ORANGE_NETMASK'}");
$DEV = $netsettings{'ORANGE_DEV'};
+ } elsif ($configline[2] eq 'ipsec') {
+ @SOURCE = "";
+ $DEV = "ipsec+";
+ } elsif ($configline[2] eq 'ovpn') {
+ @SOURCE = "";
+ $DEV = "tun+";
} elsif ($configline[2] eq 'ip') {
- $SOURCE = "$configline[5]";
+ @SOURCE = ("$configline[5]");
+ $DEV = "";
+ }
+ } elsif ($configline[2] eq 'all') {
+ @SOURCE = ("0/0");
$DEV = "";
- } else {
- $SOURCE = "0/0";
+ } else {
+ if ( -e "/var/ipfire/outgoing/groups/ipgroups/$configline[2]" )
+ {
+ @SOURCE = `cat /var/ipfire/outgoing/groups/ipgroups/$configline[2]`;
+ }
$DEV = "";
}
if ($configline[7]) { $DESTINATION = "$configline[7]"; } else { $DESTINATION = "0/0"; }
if ($configline[3] eq 'tcp') {
- @proto = ("tcp");
+ @PROTO = ("tcp");
} elsif ($configline[3] eq 'udp') {
- @proto = ("udp");
+ @PROTO = ("udp");
} elsif ($configline[3] eq 'esp') {
- @proto = ("esp");
+ @PROTO = ("esp");
} elsif ($configline[3] eq 'gre') {
- @proto = ("gre");
+ @PROTO = ("gre");
} else {
- @proto = ("tcp","udp");
+ @PROTO = ("tcp","udp");
}
-
-
- foreach $PROTO (@proto) {
- $CMD = "/sbin/iptables -A OUTGOINGFW -s $SOURCE -d $DESTINATION -p $PROTO";
-
- if ($configline[8] && $configline[3] ne 'esp' && $configline[3] ne 'gre') {
- $DPORT = "$configline[8]";
- $CMD = "$CMD --dport $DPORT";
- }
-
- if ($DEV) {
- $CMD = "$CMD -i $DEV";
- }
-
- if ($configline[6]) {
- $MAC = "$configline[6]";
- $CMD = "$CMD -m mac --mac-source $MAC";
- }
-
- if ($configline[17] && $configline[18]) {
- if ($configline[10]){$DAY = "Mon,"}
- if ($configline[11]){$DAY .= "Tue,"}
- if ($configline[12]){$DAY .= "Wed,"}
- if ($configline[13]){$DAY .= "Thu,"}
- if ($configline[14]){$DAY .= "Fri,"}
- if ($configline[15]){$DAY .= "Sat,"}
- if ($configline[16]){$DAY .= "Sun"}
- $CMD = "$CMD -m time --timestart $configline[17] --timestop $configline[18] --weekdays $DAY";
- }
-
- $CMD = "$CMD -o $netsettings{'RED_DEV'}";
- if ($configline[9] eq "aktiv") {
+ foreach $PROTO (@PROTO){
+ foreach $SOURCE (@SOURCE) {
+ $SOURCE =~ s/\s//gi;
+
+ if ( $SOURCE eq "" ){next;}
+
+ $CMD = "/sbin/iptables -A OUTGOINGFW -s $SOURCE -d $DESTINATION -p $PROTO";
+
+ if ($configline[8] && ( $configline[3] ne 'esp' || $configline[3] ne 'gre') ) {
+ $DPORT = "$configline[8]";
+ $CMD = "$CMD -m multiport --destination-port $DPORT";
+ }
+
+ if ($DEV) {
+ $CMD = "$CMD -i $DEV";
+ }
+
+ if ($configline[6]) {
+ $MAC = "$configline[6]";
+ $CMD = "$CMD -m mac --mac-source $MAC";
+ }
+
+ if ($configline[17] && $configline[18]) {
+ if ($configline[10]){$DAY = "Mon,"}
+ if ($configline[11]){$DAY .= "Tue,"}
+ if ($configline[12]){$DAY .= "Wed,"}
+ if ($configline[13]){$DAY .= "Thu,"}
+ if ($configline[14]){$DAY .= "Fri,"}
+ if ($configline[15]){$DAY .= "Sat,"}
+ if ($configline[16]){$DAY .= "Sun"}
+ $CMD = "$CMD -m time --timestart $configline[17] --timestop $configline[18] --weekdays $DAY";
+ }
+
+ $CMD = "$CMD -o $netsettings{'RED_DEV'}";
+
+ if ($configline[9] eq "aktiv") {
+ if ($DEBUG) {
+ print "$CMD -m limit --limit 10/minute -j LOG --log-prefix 'DROP_OUTGOINGFW'\n";
+ } else {
+ system("$CMD -m limit --limit 10/minute -j LOG --log-prefix 'DROP_OUTGOINGFW'");
+ }
+ }
+
if ($DEBUG) {
- print "$CMD -m limit --limit 10/minute -j LOG --log-prefix 'DROP_OUTGOINGFW'\n";
+ print "$CMD -j $DO\n";
} else {
- system("$CMD -m limit --limit 10/minute -j LOG --log-prefix 'DROP_OUTGOINGFW'");
+ system("$CMD -j $DO");
}
}
-
- if ($DEBUG) {
- print "$CMD -j $DO\n";
- } else {
- system("$CMD -j $DO");
- }
- }
+ }
}
}
srv/web/ipfire/cgi-bin/netinternal.cgi
srv/web/ipfire/cgi-bin/netother.cgi
srv/web/ipfire/cgi-bin/outgoingfw.cgi
+srv/web/ipfire/cgi-bin/outgoinggrp.cgi
srv/web/ipfire/cgi-bin/optionsfw.cgi
srv/web/ipfire/cgi-bin/ovpnmain.cgi
srv/web/ipfire/cgi-bin/pakfire.cgi
#var/ipfire/outgoing/bin
#var/ipfire/outgoing/bin/outgoingfw.pl
var/ipfire/outgoing/defaultservices
+#var/ipfire/outgoing/groups
+#var/ipfire/outgoing/ipgroups
#var/ipfire/outgoing/p2protocols
#var/ipfire/outgoing/rules
#var/ipfire/outgoing/settings
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2005-2010 IPTifre Team #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
my @p2pline = ();
my $configfile = "/var/ipfire/outgoing/rules";
+my $configpath = "/var/ipfire/outgoing/groups/";
my $p2pfile = "/var/ipfire/outgoing/p2protocols";
my $servicefile = "/var/ipfire/outgoing/defaultservices";
$outfwsettings{'TIME_SUN'} = "on";
}
-&Header::openpage('Ausgehende Firewall', 1, '');
+&Header::openpage($Lang::tr{'outgoing firewall'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
############################################################################################################################
;
&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
############################################################################################################################
############################################################################################################################
sub addrule
{
- &Header::openbox('100%', 'center', 'Rules hinzufuegen');
+ &Header::openbox('100%', 'center', $Lang::tr{'Add Rule'});
if ($outfwsettings{'EDIT'} eq 'no') { $selected{'ENABLED'} = 'checked'; }
$selected{'TIME_FROM'}{$outfwsettings{'TIME_FROM'}} = "selected='selected'";
$selected{'TIME_TO'}{$outfwsettings{'TIME_TO'}} = "selected='selected'";
- print <<END
+print <<END
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<table width='80%'>
- <tr><td width='20%' align='right'>$Lang::tr{'description'}: <img src='/blob.gif' />
- <td width='30%' align='left'><input type='text' name='NAME' maxlength='30' value='$outfwsettings{'NAME'}' />
- <td width='20%' align='right' colspan='2'>$Lang::tr{'active'}:
- <td width='30%' align='left' colspan='2'><input type='checkbox' name='ENABLED' $selected{'ENABLED'} />
- <tr><td width='20%' align='right'>$Lang::tr{'protocol'}:
- <td width='30%' align='left'>
- <select name='PROT'>
- <option value='all' $selected{'PROT'}{'all'}>All</option>
- <option value='tcp' $selected{'PROT'}{'tcp'}>TCP</option>
- <option value='udp' $selected{'PROT'}{'udp'}>UDP</option>
- <option value='gre' $selected{'PROT'}{'gre'}>GRE</option>
- <option value='esp' $selected{'PROT'}{'esp'}>ESP</option>
- </select>
- <td width='20%' align='right' colspan='2'>$Lang::tr{'policy'}:
- <td width='30%' align='left' colspan='2'>
+ <tr>
+ <td width='20%' align='right'>$Lang::tr{'description'}: <img src='/blob.gif' /></td>
+ <td width='30%' align='left'><input type='text' name='NAME' maxlength='30' value='$outfwsettings{'NAME'}' /></td>
+ <td width='20%' align='right' colspan='2'>$Lang::tr{'active'}:</td>
+ <td width='30%' align='left' colspan='2'><input type='checkbox' name='ENABLED' $selected{'ENABLED'} /></td>
+ </tr>
+ <tr>
+ <td width='20%' align='right'>$Lang::tr{'protocol'}:</td>
+ <td width='30%' align='left'>
+ <select name='PROT'>
+ <option value='all' $selected{'PROT'}{'all'}>All</option>
+ <option value='tcp' $selected{'PROT'}{'tcp'}>TCP</option>
+ <option value='udp' $selected{'PROT'}{'udp'}>UDP</option>
+ <option value='gre' $selected{'PROT'}{'gre'}>GRE</option>
+ <option value='esp' $selected{'PROT'}{'esp'}>ESP</option>
+ </select>
+ </td>
+ <td width='20%' align='right' colspan='2'>$Lang::tr{'policy'}:</td>
+ <td width='30%' align='left' colspan='2'>
END
;
if ($outfwsettings{'POLICY'} eq 'MODE1'){
- print "\t\t\tALLOW<input type='hidden' name='STATE' value='ALLOW' />\n";
+ print "\t\t\t\tALLOW<input type='hidden' name='STATE' value='ALLOW' />\n";
} elsif ($outfwsettings{'POLICY'} eq 'MODE2'){
- print "\t\t\tDENY<input type='hidden' name='STATE' value='DENY' />\n";
+ print "\t\t\t\tDENY<input type='hidden' name='STATE' value='DENY' />\n";
}
print <<END
- <tr><td width='20%' align='right'>$Lang::tr{'source net'}:
- <td width='30%' align='left'><select name='SNET'>
- <option value='all' $selected{'SNET'}{'ALL'}>$Lang::tr{'all'}</option>
- <option value='ip' $selected{'SNET'}{'ip'}>$Lang::tr{'source ip'}</option>
- <option value='red' $selected{'SNET'}{'red'}>$Lang::tr{'red'} IP</option>
- <option value='green' $selected{'SNET'}{'green'}>$Lang::tr{'green'}</option>
+ </td>
+ </tr>
+ <tr>
+ <td width='20%' align='right'>$Lang::tr{'source'}:</td>
+ <td width='30%' align='left'>
+ <select name='SNET'>
+ <optgroup label='---'>
+ <option value='all' $selected{'SNET'}{'ALL'}>$Lang::tr{'all'}</option>
+ <optgroup label='$Lang::tr{'ip address'}'>
+ <option value='ip' $selected{'SNET'}{'ip'}>IPSEC $Lang::tr{'interface'}</option>
+ <option value='red' $selected{'SNET'}{'red'}>OpenVPN $Lang::tr{'interface'}</option>
+ </optgroup>
+ </optgroup>
+ <option value='ipsec' $selected{'SNET'}{'ipsec'}>$Lang::tr{'source ip'}</option>
+ <option value='ovpn' $selected{'SNET'}{'ovpn'}>$Lang::tr{'red'} IP</option>
+ <optgroup label='$Lang::tr{'network'}'>
+ <optgroup label='$Lang::tr{'network'}'>
+ <option value='green' $selected{'SNET'}{'green'}>$Lang::tr{'green'}</option>
END
;
if (&Header::blue_used()){
- print "\t\t\t<option value='blue' $selected{'SNET'}{'blue'}>$Lang::tr{'wireless'}</option>\n";
+ print "\t\t\t\t\t<option value='blue' $selected{'SNET'}{'blue'}>$Lang::tr{'wireless'}</option>\n";
}
if (&Header::orange_used()){
- print "\t\t\t<option value='orange' $selected{'SNET'}{'orange'}>$Lang::tr{'dmz'}</option>\n";
+ print "\t\t\t\t\t<option value='orange' $selected{'SNET'}{'orange'}>$Lang::tr{'dmz'}</option>\n";
+ }
+ print <<END
+ </optgroup>
+ <optgroup label='$Lang::tr{'advproxy NCSA group'}'>
+END
+;
+ my @ipgroups = qx(ls $configpath/ipgroups/);
+ foreach (sort @ipgroups){
+ print "\t\t\t\t\t<option value='$_' $selected{'SNET'}{'$_'}>$_</option>\n";
}
print <<END
- </select>
- <td width='20%' align='right' colspan='2'>$Lang::tr{'source ip'}: <img src='/blob.gif' />
- <td width='30%' align='left' colspan='2'><input type='text' name='SIP' maxlength='15' value='$outfwsettings{'SIP'}' />
- <tr><td width='20%' align='right'>$Lang::tr{'logging'}:
- <td width='30%' align='left'><select name='LOG'>
- <option value='$Lang::tr{'active'}' $selected{'LOG'}{$Lang::tr{'active'}}>$Lang::tr{'active'}</option>
- <option value='$Lang::tr{'inactive'}' $selected{'LOG'}{$Lang::tr{'inactive'}}>$Lang::tr{'inactive'}</option>
- </select></td>
- <td width='20%' align='right' colspan='2' />
- <td width='30%' align='left' colspan='2' />
- <tr><td width='20%' align='right'>$Lang::tr{'destination ip'}: <img src='/blob.gif' />
- <td width='30%' align='left'><input type='text' name='DIP' maxlength='15' value='$outfwsettings{'DIP'}' />
- <td width='20%' align='right' colspan='2'>$Lang::tr{'destination port'}: <img src='/blob.gif' />
- <td width='30%' align='left' colspan='2'><input type='text' name='DPORT' maxlength='11' value='$outfwsettings{'DPORT'}' />
- <tr><td width='20%' align='right'>$Lang::tr{'time'}:</td>
+ </optgroup>
+ </select>
+ </td>
+ <td width='20%' align='right' colspan='2'>$Lang::tr{'source ip'}: <img src='/blob.gif' /></td>
+ <td width='30%' align='left' colspan='2'><input type='text' name='SIP' maxlength='15' value='$outfwsettings{'SIP'}' /></td>
+ </tr>
+ <tr>
+ <td width='20%' align='right'>$Lang::tr{'logging'}:</td>
+ <td width='30%' align='left'>
+ <select name='LOG'>
+ <option value='$Lang::tr{'active'}' $selected{'LOG'}{$Lang::tr{'active'}}>$Lang::tr{'active'}</option>
+ <option value='$Lang::tr{'inactive'}' $selected{'LOG'}{$Lang::tr{'inactive'}}>$Lang::tr{'inactive'}</option>
+ </select>
+ </td>
+ <td width='20%' align='right' colspan='2' />
+ <td width='30%' align='left' colspan='2' />
+ <tr>
+ <td width='20%' align='right'>$Lang::tr{'destination ip'}: <img src='/blob.gif' /></td>
+ <td width='30%' align='left'><input type='text' name='DIP' maxlength='15' value='$outfwsettings{'DIP'}' /></td>
+ <td width='20%' align='right' colspan='2'>$Lang::tr{'destination port'}: <img src='/blob.gif' /></td>
+ <td width='30%' align='left' colspan='2'><input type='text' name='DPORT' maxlength='11' value='$outfwsettings{'DPORT'}' /></td>
+ </tr>
+ <tr>
+ <td width='20%' align='right'>$Lang::tr{'time'}:</td>
<td width='30%' align='left'>$Lang::tr{'advproxy monday'} $Lang::tr{'advproxy tuesday'} $Lang::tr{'advproxy wednesday'} $Lang::tr{'advproxy thursday'} $Lang::tr{'advproxy friday'} $Lang::tr{'advproxy saturday'} $Lang::tr{'advproxy sunday'}</td>
<td width='20%' align='right' colspan='2' />
<td width='15%' align='left'>$Lang::tr{'advproxy from'}</td>
- <td width='15%' align='left'>$Lang::tr{'advproxy to'}</td></tr>
- <tr><td width='20%' align='right'></td>
- <td width='30%' align='left'><input type='checkbox' name='TIME_MON' $checked{'TIME_MON'}{'on'} />
- <input type='checkbox' name='TIME_TUE' $checked{'TIME_TUE'}{'on'} />
- <input type='checkbox' name='TIME_WED' $checked{'TIME_WED'}{'on'} />
- <input type='checkbox' name='TIME_THU' $checked{'TIME_THU'}{'on'} />
- <input type='checkbox' name='TIME_FRI' $checked{'TIME_FRI'}{'on'} />
- <input type='checkbox' name='TIME_SAT' $checked{'TIME_SAT'}{'on'} />
- <input type='checkbox' name='TIME_SUN' $checked{'TIME_SUN'}{'on'} /></td>
+ <td width='15%' align='left'>$Lang::tr{'advproxy to'}</td>
+ </tr>
+ <tr>
+ <td width='20%' align='right'></td>
+ <td width='30%' align='left'>
+ <input type='checkbox' name='TIME_MON' $checked{'TIME_MON'}{'on'} />
+ <input type='checkbox' name='TIME_TUE' $checked{'TIME_TUE'}{'on'} />
+ <input type='checkbox' name='TIME_WED' $checked{'TIME_WED'}{'on'} />
+ <input type='checkbox' name='TIME_THU' $checked{'TIME_THU'}{'on'} />
+ <input type='checkbox' name='TIME_FRI' $checked{'TIME_FRI'}{'on'} />
+ <input type='checkbox' name='TIME_SAT' $checked{'TIME_SAT'}{'on'} />
+ <input type='checkbox' name='TIME_SUN' $checked{'TIME_SUN'}{'on'} />
+ </td>
<td width='20%' align='right' colspan='2' />
- <td width='15%' align='left'><select name='TIME_FROM'>
+ <td width='15%' align='left'>
+ <select name='TIME_FROM'>
END
;
for (my $i=0;$i<=23;$i++) {
for (my $j=0;$j<=45;$j+=15) {
$j = sprintf("%02s",$j);
my $time = $i.":".$j;
- print "<option $selected{'TIME_FROM'}{$time}>$i:$j</option>\n";
+ print "\t\t\t\t\t<option $selected{'TIME_FROM'}{$time}>$i:$j</option>\n";
}
}
print <<END
- </select></td>
+ </select>
+ </td>
<td width='15%' align='left'><select name='TIME_TO'>
END
;
for (my $j=0;$j<=45;$j+=15) {
$j = sprintf("%02s",$j);
my $time = $i.":".$j;
- print "<option $selected{'TIME_TO'}{$time}>$i:$j</option>\n";
+ print "\t\t\t\t\t<option $selected{'TIME_TO'}{$time}>$i:$j</option>\n";
}
}
print <<END
- </select></td></tr>
- <tr><td colspan='6'>
- <tr><td width='40%' align='right' colspan='2'><img src='/blob.gif' />$Lang::tr{'this field may be blank'}
- <td width='60%' align='left' colspan='4'><input type='submit' name='ACTION' value=$Lang::tr{'add'} />
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td colspan='6' />
+ <tr>
+ <tr>
+ <td width='40%' align='right' colspan='2'><img src='/blob.gif' />$Lang::tr{'this field may be blank'}</td>
+ <td width='60%' align='left' colspan='4'><input type='submit' name='ACTION' value=$Lang::tr{'add'} /></td>
</table></form>
END
;
print "</table>";
&Header::closebox();
}
-}
\ No newline at end of file
+}
+
+&Header::closebigbox();
+&Header::closepage();
\ No newline at end of file
--- /dev/null
+#!/usr/bin/perl
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2005-2010 IPTifre Team #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+use strict;
+# enable only the following on debugging purpose
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
+
+require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/lang.pl";
+require "${General::swroot}/header.pl";
+
+my %outgrpsettings = ();
+my %netsettings = ();
+my %selected= () ;
+my $errormessage = "";
+
+my $configpath = "/var/ipfire/outgoing/groups/";
+my $servicefile = "/var/ipfire/outgoing/defaultservices";
+
+my %color = ();
+my %mainsettings = ();
+&General::readhash("${General::swroot}/main/settings", \%mainsettings);
+&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+
+&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
+
+&Header::showhttpheaders();
+
+### Values that have to be initialized
+$outgrpsettings{'ACTION'} = '';
+$outgrpsettings{'ipgroup'} = 'none';
+$outgrpsettings{'portgroup'} = 'none';
+
+&Header::getcgihash(\%outgrpsettings);
+delete $outgrpsettings{'__CGI__'};delete $outgrpsettings{'x'};delete $outgrpsettings{'y'};
+
+$selected{'ipgroup'}{$outgrpsettings{'ipgroup'}} = "selected='selected'";
+$selected{'portgroup'}{$outgrpsettings{'portgroup'}} = "selected='selected'";
+
+&Header::openpage($Lang::tr{'outgoing firewall groups'}, 1, '');
+&Header::openbigbox('100%', 'left', '', $errormessage);
+
+###############
+# DEBUG DEBUG
+# &Header::openbox('100%', 'left', 'DEBUG');
+# my $debugCount = 0;
+# foreach my $line (sort keys %outgrpsettings) {
+# print "$line = $outgrpsettings{$line}<br />\n";
+ # $debugCount++;
+# }
+# print " Count: $debugCount\n";
+# &Header::closebox();
+# DEBUG DEBUG
+###############
+
+############################################################################################################################
+############################################################################################################################
+
+if ($errormessage)
+{
+ &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
+ print "<class name='base'>$errormessage\n";
+ print " </class>\n";
+ &Header::closebox();
+}
+
+if ($outgrpsettings{'ACTION'} eq 'newipgroup')
+{
+ &newipgroup();
+} elsif ($outgrpsettings{'ACTION'} eq 'deleteipgroup' ) {
+ unlink("$configpath/ipgroups/$outgrpsettings{'ipgroup'}");
+} elsif ($outgrpsettings{'ACTION'} eq 'addipgroup') {
+ open (FILE, ">$configpath/ipgroups/$outgrpsettings{'ipgroup'}") or die "Can't save $outgrpsettings{'ipgroup'} settings $!";
+ flock (FILE, 2);
+ print FILE $outgrpsettings{'ipgroupcontent'}."\n";
+ close FILE;
+}
+
+############################################################################################################################
+############################################################################################################################
+
+my @ipgroups = qx(ls $configpath/ipgroups/);
+if ($outgrpsettings{'ipgroup'} eq "none" and $#ipgroups >= 0 ){ $outgrpsettings{'ipgroup'} = $ipgroups[0];}
+
+my $ipgroupcontent = `cat $configpath/ipgroups/$outgrpsettings{'ipgroup'} 2>/dev/null`;
+$ipgroupcontent =~ s/\n/<br \/>/g;
+
+&Header::openbox('100%', 'center', $Lang::tr{'outgoing firewall ip groups'});
+
+print <<END
+<a name="outgoing showipgroup"</a>
+<br />
+<form method='post' action='$ENV{'SCRIPT_NAME'}#outgoing showipgroup'>
+<table width='95%' cellspacing='0'>
+ <tr>
+ <td bgcolor='$color{'color20'}' colspan='3' align='left'><b>$Lang::tr{'outgoing firewall ip groups'}</b></td>
+ </tr>
+ <tr>
+ <td colspan='3' align='left'><br /></td>
+ </tr>
+ <tr>
+ <td align='left' colspan='2'><select name='ipgroup' style="width: 200px">
+END
+;
+foreach my $member (@ipgroups) {chomp $member;print" <option value='$member' $selected{'ipgroup'}{$member}>$member</option>\n";}
+print <<END
+ </select></td>
+ <td align='left'>
+ <input type='hidden' name='ACTION' value='showipgroup' />
+ <input type='image' alt='$Lang::tr{'outgoing firewall view group'}' title='$Lang::tr{'outgoing firewall view group'}' src='/images/format-justify-fill.png' />
+ </td>
+ </tr>
+ <tr>
+ <td colspan='3' align='left'><br /></td>
+ </tr>
+ <tr>
+ <td colspan='3' align='left'><font size=1>$ipgroupcontent</font></td>
+ </tr>
+ <tr>
+ <td colspan='3' align='left'><br /></td>
+ </tr>
+ <tr>
+ <td colspan='3' align='center'><font size=1>$Lang::tr{'outgoing firewall ip groups'} - $outgrpsettings{'ipgroup'}</font></td>
+ </tr>
+</table>
+</form>
+<table width='10%' cellspacing='0'>
+<tr>
+ <td align='center'>
+ <form method='post' action='$ENV{'SCRIPT_NAME'}#outgoing showipgroup'>
+ <input type='hidden' name='ACTION' value='newipgroup' />
+ <input type='image' alt='$Lang::tr{'new'}' title='$Lang::tr{'new'}' src='/images/list-add.png' />
+ </form>
+ </td>
+ <td align='center'>
+ <form method='post' action='$ENV{'SCRIPT_NAME'}#outgoing showipgroup'>
+ <input type='hidden' name='ACTION' value='saveipgroup' />
+ <input type='hidden' name='ipgroup' value='$outgrpsettings{'ipgroup'}' />
+ <input type='image' alt='$Lang::tr{'save'}' title='$Lang::tr{'save'}' src='/images/media-floppy.png' />
+ </form>
+ </td>
+ <td align='center'>
+ <form method='post' action='$ENV{'SCRIPT_NAME'}#outgoing showipgroup'>
+ <input type='hidden' name='ACTION' value='deleteipgroup' />
+ <input type='hidden' name='ipgroup' value='$outgrpsettings{'ipgroup'}' />
+ <input type='image' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' src='/images/user-trash.png' />
+ </form>
+ </td>
+</tr>
+</table>
+
+END
+;
+&Header::closebox();
+
+&Header::closebigbox();
+&Header::closepage();
+
+sub newipgroup
+{
+ &Header::openbox('100%', 'center', $Lang::tr{'outgoing firewall add ip group'});
+
+print <<END
+ <form method='post' action='$ENV{'SCRIPT_NAME'}#outgoing showipgroup'>
+ <table width='95%' cellspacing='0'>
+ <tr>
+ <td bgcolor='$color{'color20'}' colspan='3' align='left'><b>$Lang::tr{'outgoing firewall add ip group'}</b></td>
+ </tr>
+ <tr>
+ <td colspan='3' align='left'><br /></td>
+ </tr>
+ <tr>
+ <td align='left' colspan='2'>
+ <input type='text' name='ipgroup' value='newgroup' size="30" />
+ </td>
+ <td align='left'>
+ <input type='hidden' name='ACTION' value='addipgroup' />
+ <input type='image' alt='$Lang::tr{'save'}' title='$Lang::tr{'save'}' src='/images/media-floppy.png' />
+ </td>
+ </tr>
+ <tr>
+ <td align='left' colspan='3'>
+ <textarea name="ipgroupcontent" cols="20" rows="5" Wrap="off">192.168.1.0/14\n192.168.0.1\n192.168.0.2\n</textarea>
+ </td>
+ </tr>
+ </table>
+ </form>
+END
+;
+ &Header::closebox();
+ &Header::closebigbox();
+ &Header::closepage();
+ exit 0;
+}
\ No newline at end of file
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2010 IPFire Team #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
$timesettings{'UPDATE_VALUE'} = '0';
$timesettings{'UPDATE_PERIOD'} = '';
$timesettings{'ENABLECLNTP'} = 'off';
+$timesettings{'ENABLESETONBOOT'} = 'off';
&Header::getcgihash(\%timesettings);
$timesettings{'UPDATE_PERIOD'} = 'daily';
$timesettings{'NTP_ADDR_1'} = 'de.pool.ntp.org';
$timesettings{'NTP_ADDR_2'} = 'pool.ntp.org';
+ $timesettings{'ENABLESETONBOOT'} = 'off';
}
unless ($errormessage) {
$checked{'ENABLECLNTP'}{'on'} = '';
$checked{'ENABLECLNTP'}{$timesettings{'ENABLECLNTP'}} = "checked='checked'";
+$checked{'ENABLESETONBOOT'}{'off'} = '';
+$checked{'ENABLESETONBOOT'}{'on'} = '';
+$checked{'ENABLESETONBOOT'}{$timesettings{'ENABLESETONBOOT'}} = "checked='checked'";
+
$checked{'UPDATE_METHOD'}{'manually'} = '';
$checked{'UPDATE_METHOD'}{'periodically'} = '';
$checked{'UPDATE_METHOD'}{$timesettings{'UPDATE_METHOD'}} = "checked='checked'";
</tr>
<tr>
<td> </td>
- <td class='base' colspan='2'>$Lang::tr{'set time now help'}</td>
+ <td class='base' colspan='3'>$Lang::tr{'set time now help'}</td>
+</tr>
+<tr>
+ <td class='base' colspan='4'><input type='checkbox' name='ENABLESETONBOOT' $checked{'ENABLESETONBOOT'}{'on'} /> $Lang::tr{'Set time on boot'}</td>
</tr>
<tr>
<td class='base'><input type='radio' name='UPDATE_METHOD' value='periodically' $checked{'UPDATE_METHOD'}{'periodically'} /></td>
'ConnSched add action' => 'Aktion hinzufügen',
'ConnSched change profile title' => 'Wechsle zu Profil:',
'ConnSched days' => 'Tage:',
+'Set time on boot' => 'Erzwinge das Setzen der Systemzeit im Bootvorgang',
'ConnSched down' => 'Runter',
'ConnSched ipsecstart' => 'IPSec (neu)starten',
'ConnSched ipsecstop' => 'IPSec stop',
'out' => 'Aus',
'outgoing' => 'ausgehend',
'outgoing firewall' => 'Ausgehende Firewall',
+'outgoing firewall groups' => 'Ausgehende Firewall Gruppen',
+'outgoing firewall add ip group' => 'IP Adressgruppen hinzufügen',
+'outgoing firewall ip groups' => 'Ausgehende Firewall IP Adressgruppen',
+'outgoing firewall view group' => 'Gruppe anzeigen',
'outgoing traffic in bytes per second' => 'Abgehender Verkehr',
'outgoingfw mode0' => 'In diesem Modus ist es allen Rechnern im Netzwerk uneingeschränkt möglich Verbindungen ins Internet aufzubauen.',
'outgoingfw mode1' => 'In diesem Modus werden nur Verbindungen nach den oben definierten Regeln zugelassen.',
'mpfire search' => 'MPFire Search',
'repeat' => 'Repeat',
'shuffle' => 'Shuffle',
+'Set time on boot' => 'Force setting the system clock on boot',
'Port Rule' => 'Port-Rule',
'qos add subclass' => 'Add subclass',
'The source IP address is invalid.' => 'The source IP address is invalid.',
'invalid vpi vpci' => 'Invalid VPI/VPCI settings',
'invalid wins address' => 'Invalid WINS server address.',
'invert' => 'Invert',
-'ip address' => 'IP address:',
+'ip address' => 'IP address',
'ip address in use' => 'IP address already in use',
'ip address outside subnets' => 'IP Address outside subnets',
'ip alias added' => 'External IP alias added',
'out' => 'Out',
'outgoing' => 'outgoing',
'outgoing firewall' => 'Outgoing Firewall',
+'outgoing firewall groups' => 'Outgoing Firewall Groups',
+'outgoing firewall add ip group' => 'Add IP Address Group',
+'outgoing firewall ip groups' => 'Outgoing Firewall IP Adress Groups',
+'outgoing firewall view group' => 'View group',
'outgoing traffic in bytes per second' => 'Outgoing Traffic',
'outgoingfw mode0' => 'Using this mode, all clients are able to access the internet without any restrictions.',
'outgoingfw mode1' => 'Using this mode, only connections based on the defined rules are allowed.',
'ConnSched change profile title' => 'Change to profile:',
'ConnSched days' => 'Days:',
'ConnSched down' => 'Down',
+'Set time on boot' => 'Fixé l'heure en botte',
'ConnSched ipsecstart' => 'IPSec (re)start',
'ConnSched ipsecstop' => 'IPSec stop',
'ConnSched reconnect' => 'Reconnect',
'invalid vpi vpci' => 'Invalid VPI/VPCI settings',
'invalid wins address' => 'Invalid WINS server address.',
'invert' => 'Invert',
-'ip address' => 'IP address:',
+'ip address' => 'IP address',
'ip address in use' => 'IP address already in use',
'ip address outside subnets' => 'IP Address outside subnets',
'ip alias added' => 'External IP alias added',
'otherip' => 'other IP',
'otherport' => 'other Port',
'out' => 'Out',
-'outgoing' => 'outgoing',
-'outgoing firewall' => 'Outgoing Firewall',
+'outgoing' => 'sortant',
+'outgoing firewall' => 'Sortant Firewall',
+'outgoing firewall groups' => 'Sortant Firewall Groupe',
+'outgoing firewall add ip group' => 'Ajouter IP Address Group',
+'outgoing firewall ip groups' => 'Sortant Firewall IP Groupe',
+'outgoing firewall view group' => 'Montrer groupe',
'outgoing traffic in bytes per second' => 'Outgoing Traffic',
'outgoingfw mode0' => 'Using this mode, all clients are able to access the internet without any restrictions.',
'outgoingfw mode1' => 'Using this mode, only connections based on the defined rules are allowed.',
# Create all directories
for i in addon-lang auth backup ca certs connscheduler crls ddns dhcp dhcpc dmzholes dns \
ethernet extrahd/bin fwlogs isdn key langs logging mac main menu.d modem net-traffic \
- net-traffic/templates nfs optionsfw outgoing/bin patches pakfire portfw \
- ppp private proxy/advanced/cre proxy/calamaris/bin qos/bin red remote sensors snort time tripwire/report \
- updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/bin upnp vpn \
+ net-traffic/templates nfs optionsfw outgoing/bin outgoing/groups outgoing/groups/ipgroups \
+ patches pakfire portfw ppp private proxy/advanced/cre proxy/calamaris/bin qos/bin red \
+ remote sensors snort time tripwire/report updatexlrator/bin updatexlrator/autocheck \
+ urlfilter/autoupdate urlfilter/bin upnp vpn \
wakeonlan wireless xtaccess ; do \
mkdir -p $(CONFIG_ROOT)/$$i; \
done
. /etc/sysconfig/rc
. $rc_functions
+eval $(/usr/local/bin/readhash /var/ipfire/time/settings)
+
case "$1" in
start)
+ if [ "$ENABLESETONBOOT" == "on" ]; then
+ boot_mesg "Setting time on booot..."
+ loadproc /usr/local/bin/settime $(cat /var/ipfire/time/settime.conf)
+ fi
+
boot_mesg "Starting ntpd..."
loadproc /usr/bin/ntpd -Ap /var/run/ntpd.pid
;;