From: ms Date: Wed, 22 Aug 2007 19:58:53 +0000 (+0000) Subject: setfilters und setaliases entfernt. X-Git-Tag: v2.3-beta1~454 X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=903310c40dd5979d2d4325702e0ff7569efeb027 setfilters und setaliases entfernt. qosctrl Fix. git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@806 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8 --- diff --git a/config/rootfiles/common/apache2 b/config/rootfiles/common/apache2 index dac30e23b5..184b34c046 100644 --- a/config/rootfiles/common/apache2 +++ b/config/rootfiles/common/apache2 @@ -1254,7 +1254,6 @@ etc/httpd/conf/uid.conf #etc/httpd/conf/vhosts.d etc/httpd/conf/vhosts.d/ipfire-interface-ssl.conf etc/httpd/conf/vhosts.d/ipfire-interface.conf -srv/web/ipfire/cgi-bin/aliases.cgi srv/web/ipfire/cgi-bin/backup.cgi srv/web/ipfire/cgi-bin/chpasswd.cgi srv/web/ipfire/cgi-bin/connections.cgi diff --git a/config/rootfiles/common/initscripts b/config/rootfiles/common/initscripts index 0504eafd9b..c480585286 100644 --- a/config/rootfiles/common/initscripts +++ b/config/rootfiles/common/initscripts @@ -45,7 +45,6 @@ etc/rc.d/init.d/networking/red.down/20-RL-firewall etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq etc/rc.d/init.d/networking/red.up/10-multicast etc/rc.d/init.d/networking/red.up/20-RL-firewall -etc/rc.d/init.d/networking/red.up/21-setfilters etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl etc/rc.d/init.d/networking/red.up/23-RS-snort etc/rc.d/init.d/networking/red.up/24-RS-qos diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs index fe57e55f7f..e9cb406606 100644 --- a/config/rootfiles/common/misc-progs +++ b/config/rootfiles/common/misc-progs @@ -19,9 +19,7 @@ usr/local/bin/redctrl usr/local/bin/restartssh usr/local/bin/restartwireless #usr/local/bin/sambactrl -usr/local/bin/setaliases usr/local/bin/setdmzholes -usr/local/bin/setfilters usr/local/bin/setportfw usr/local/bin/setxtaccess usr/local/bin/smartctrl diff --git a/doc/language_issues.de b/doc/language_issues.de index 3f37f3d252..ccfd6154d6 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -35,6 +35,7 @@ WARNING: translation string unused: advproxy ssadvanced proxy WARNING: translation string unused: advproxy update notification WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload +WARNING: translation string unused: all interfaces WARNING: translation string unused: all updates installed WARNING: translation string unused: alt information WARNING: translation string unused: alt ovpn @@ -236,9 +237,11 @@ WARNING: translation string unused: not enough disk space WARNING: translation string unused: o-no WARNING: translation string unused: o-yes WARNING: translation string unused: online help en +WARNING: translation string unused: only red WARNING: translation string unused: openvpn client WARNING: translation string unused: openvpn server WARNING: translation string unused: optional data +WARNING: translation string unused: options fw WARNING: translation string unused: optionsfw portlist hint WARNING: translation string unused: optionsfw warning WARNING: translation string unused: or @@ -268,6 +271,7 @@ WARNING: translation string unused: package failed to install WARNING: translation string unused: password contains illegal characters WARNING: translation string unused: password crypting key WARNING: translation string unused: passwords must be at least 6 characters in length +WARNING: translation string unused: ping disabled WARNING: translation string unused: polfile WARNING: translation string unused: pots WARNING: translation string unused: present diff --git a/doc/language_issues.en b/doc/language_issues.en index 59f1ba9f50..3ff03b3ac9 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -36,6 +36,7 @@ WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload +WARNING: translation string unused: all interfaces WARNING: translation string unused: all updates installed WARNING: translation string unused: alt information WARNING: translation string unused: alt ovpn @@ -264,9 +265,11 @@ WARNING: translation string unused: notes WARNING: translation string unused: o-no WARNING: translation string unused: o-yes WARNING: translation string unused: online help en +WARNING: translation string unused: only red WARNING: translation string unused: openvpn client WARNING: translation string unused: openvpn server WARNING: translation string unused: optional data +WARNING: translation string unused: options fw WARNING: translation string unused: optionsfw portlist hint WARNING: translation string unused: optionsfw warning WARNING: translation string unused: or @@ -296,6 +299,7 @@ WARNING: translation string unused: package failed to install WARNING: translation string unused: password contains illegal characters WARNING: translation string unused: password crypting key WARNING: translation string unused: passwords must be at least 6 characters in length +WARNING: translation string unused: ping disabled WARNING: translation string unused: polfile WARNING: translation string unused: pots WARNING: translation string unused: present diff --git a/html/cgi-bin/aliases.cgi b/html/cgi-bin/aliases.cgi deleted file mode 100644 index 4b475c144b..0000000000 --- a/html/cgi-bin/aliases.cgi +++ /dev/null @@ -1,482 +0,0 @@ -#!/usr/bin/perl -# -# IPFire CGI's - aliases.cgi -# -# This code is distributed under the terms of the GPL -# -# (c) Steve Bootes 2002/04/13 - Manage IP Aliases -# -# $Id: aliases.cgi,v 1.5.2.14 2006/01/13 20:14:48 eoberlander Exp $ - - -# to fully troubleshot your code, uncomment diagnostics, Carp and cluck lines -#use diagnostics; # need to add the file /usr/lib/perl5/5.8.x/pods/perldiag.pod before to work -# next look at /var/log/httpd/error_log , http://www.perl.com/pub/a/2002/05/07/mod_perl.html may help -#use warnings; -use strict; -#use Carp (); -#local $SIG{__WARN__} = \&Carp::cluck; - -require '/var/ipfire/general-functions.pl'; # replace /var/ipfire with /var/ipfire in case of manual install -require "${General::swroot}/lang.pl"; -require "${General::swroot}/header.pl"; - -#workaround to suppress a warning when a variable is used only once -my @dummy = ( ${Header::colouryellow} ); - @dummy = ( ${Header::table1colour} ); - @dummy = ( ${Header::table2colour} ); -undef (@dummy); - -# Files used -my $setting = "${General::swroot}/ethernet/settings"; -our $datafile = "${General::swroot}/ethernet/aliases"; - - -our %settings=(); -#Settings1 - -#Settings2 for editing the multi-line list -#Must not be saved ! -$settings{'IP'} = ''; -$settings{'ENABLED'} = 'off'; # Every check box must be set to off -$settings{'NAME'} = ''; -my @nosaved=('IP','ENABLED','NAME'); # List here ALL setting2 fields. Mandatory - -$settings{'ACTION'} = ''; # add/edit/remove -$settings{'KEY1'} = ''; # point record for ACTION - -#Define each field that can be used to sort columns -my $sortstring='^IP|^NAME'; -my $errormessage = ''; -my $warnmessage = ''; - -&Header::showhttpheaders(); - -# Read needed Ipcop netsettings -my %netsettings=(); -$netsettings{'SORT_ALIASES'} = 'NAME'; # default sort -&General::readhash($setting, \%netsettings); - -#Get GUI values -&Header::getcgihash(\%settings); - -# Load multiline data -our @current = (); -if (open(FILE, "$datafile")) { - @current = ; - close (FILE); -} - -# -# Check Settings1 first because they are needed before working on @current -# -# Remove if no Setting1 needed -# -if ($settings{'ACTION'} eq $Lang::tr{'save'}) { - - # - #Validate static Settings1 here - # - - unless ($errormessage) { # Everything is ok, save settings - #map (delete ($settings{$_}) ,(@nosaved,'ACTION','KEY1'));# Must never be saved - #&General::writehash($setting, \%settings); # Save good settings - #$settings{'ACTION'} = $Lang::tr{'save'}; # Recreate 'ACTION' - #map ($settings{$_}= '',(@nosaved,'KEY1')); # and reinit var to empty - - # Rebuild configuration file if needed - &BuildConfiguration; - } - - ERROR: # Leave the faulty field untouched -} else { - #&General::readhash($setting, \%settings); # Get saved settings and reset to good if needed -} - -## Now manipulate the multi-line list with Settings2 -# Basic actions are: -# toggle the check box -# add/update a new line -# begin editing a line -# remove a line - - -# Toggle enable/disable field. Field is in second position -if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) { - #move out new line - chomp(@current[$settings{'KEY1'}]); - my @temp = split(/\,/,@current[$settings{'KEY1'}]); - $temp[1] = $temp[1] eq 'on' ? '' : 'on'; # Toggle the field - @current[$settings{'KEY1'}] = join (',',@temp)."\n"; - $settings{'KEY1'} = ''; # End edit mode - - &General::log($Lang::tr{'ip alias changed'}); - - #Save current - open(FILE, ">$datafile") or die 'Unable to open aliases file.'; - print FILE @current; - close(FILE); - - # Rebuild configuration file - &BuildConfiguration; -} - -if ($settings{'ACTION'} eq $Lang::tr{'add'}) { - # Validate inputs - if (! &General::validip($settings{'IP'})) {$errormessage = "invalid ip"}; - $settings{'NAME'} = &Header::cleanhtml($settings{'NAME'}); - - # Make sure we haven't duplicated an alias or RED - my $spacer=''; - if ($settings{'IP'} eq $netsettings{'RED_ADDRESS'}) { - $errormessage = $Lang::tr{'duplicate ip'} . ' (RED)'; - $spacer=" & "; - } - my $idx=0; - foreach my $line (@current) { - chomp ($line); - my @temp = split (/\,/, $line); - if ( ($settings{'KEY1'} eq '')||(($settings{'KEY1'} ne '') && ($settings{'KEY1'} != $idx))) { # update - if ($temp[0] eq $settings{'IP'}) { - $errormessage .= $spacer.$Lang::tr{'duplicate ip'}; - $spacer=" & "; - } - if ($temp[2] eq $settings{'NAME'} && $temp[2] ne '') { - $errormessage .= $spacer.$Lang::tr{'duplicate name'}; - $spacer=" & "; - } - } - $idx++; - } - unless ($errormessage) { - if ($settings{'KEY1'} eq '') { #add or edit ? - unshift (@current, "$settings{'IP'},$settings{'ENABLED'},$settings{'NAME'}\n"); - &General::log($Lang::tr{'ip alias added'}); - } else { - @current[$settings{'KEY1'}] = "$settings{'IP'},$settings{'ENABLED'},$settings{'NAME'}\n"; - $settings{'KEY1'} = ''; # End edit mode - &General::log($Lang::tr{'ip alias changed'}); - } - - # Write changes to config file. - &SortDataFile; # sort newly added/modified entry - - &BuildConfiguration; # then re-build conf which use new data - -## -## if entering data line is repetitive, choose here to not erase fields between each addition -## - map ($settings{$_}='' ,@nosaved); # Clear fields - } -} - -if ($settings{'ACTION'} eq $Lang::tr{'edit'}) { - #move out new line - my $line = @current[$settings{'KEY1'}]; # KEY1 is the index in current - chomp($line); - my @temp = split(/\,/, $line); - -## -## move data fields to Setting2 for edition -## - $settings{'IP'}=$temp[0]; # Prepare the screen for editing - $settings{'ENABLED'}=$temp[1]; - $settings{'NAME'}=$temp[2]; -} - -if ($settings{'ACTION'} eq $Lang::tr{'remove'}) { - splice (@current,$settings{'KEY1'},1); # Delete line - open(FILE, ">$datafile") or die 'Unable to open aliases file.'; - print FILE @current; - close(FILE); - $settings{'KEY1'} = ''; # End remove mode - &General::log($Lang::tr{'ip alias removed'}); - - &BuildConfiguration; # then re-build conf which use new data -} - - - -## Check if sorting is asked -# If same column clicked, reverse the sort. -if ($ENV{'QUERY_STRING'} =~ /$sortstring/ ) { - my $newsort=$ENV{'QUERY_STRING'}; - my $actual=$netsettings{'SORT_ALIASES'}; - #Reverse actual sort ? - if ($actual =~ $newsort) { - my $Rev=''; - if ($actual !~ 'Rev') { - $Rev='Rev'; - } - $newsort.=$Rev; - } - $netsettings{'SORT_ALIASES'}=$newsort; - &General::writehash($setting, \%netsettings); - &SortDataFile; - $settings{'ACTION'} = 'SORT'; # Recreate 'ACTION' -} - -# Default initial value -if ($settings{'ACTION'} eq '' ) { # First launch from GUI - $settings{'ENABLED'} ='on'; -} - -&Header::openpage($Lang::tr{'external aliases configuration'}, 1, ''); -&Header::openbigbox('100%', 'left', '', $errormessage); -my %checked =(); # Checkbox manipulations - -if ($errormessage) { - &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); - print "$errormessage "; - &Header::closebox(); -} -unless (( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ ) && ($netsettings{'RED_TYPE'} eq 'STATIC')) -{ - &Header::openbox('100%', 'left', $Lang::tr{'capswarning'}); - print < - - $Lang::tr{'aliases not active'} - - -END -; - &Header::closebox(); -} - -# -# Second check box is for editing the list -# -$checked{'ENABLED'}{'on'} = ($settings{'ENABLED'} eq '') ? '' : "checked='checked'"; - -my $buttontext = $Lang::tr{'add'}; -if ($settings{'KEY1'} ne '') { - $buttontext = $Lang::tr{'update'}; - &Header::openbox('100%', 'left', $Lang::tr{'edit an existing alias'}); -} else { - &Header::openbox('100%', 'left', $Lang::tr{'add new alias'}); -} - -#Edited line number (KEY1) passed until cleared by 'save' or 'remove' or 'new sort order' -print < - - - - - - - - - - -
$Lang::tr{'name'}: *$Lang::tr{'alias ip'}: $Lang::tr{'enabled'} 
-
- - - - - -
* $Lang::tr{'this field may be blank'}
- -END -; -&Header::closebox(); - -# -# Third box shows the list, in columns -# -# Columns headers may content a link. In this case it must be named in $sortstring -# -&Header::openbox('100%', 'left', $Lang::tr{'current aliases'}); -print < - - $Lang::tr{'name'} - $Lang::tr{'alias ip'} - $Lang::tr{'action'} - -END -; - -# -# Print each line of @current list -# -# each data line is splitted into @temp. -# - -my $key = 0; -foreach my $line (@current) { - chomp($line); - my @temp = split(/\,/,$line); - - #Choose icon for checkbox - my $gif = ''; - my $gdesc = ''; - if ($temp[1] eq "on") { - $gif = 'on.gif'; - $gdesc = $Lang::tr{'click to disable'}; - } else { - $gif = 'off.gif'; - $gdesc = $Lang::tr{'click to enable'}; - } - - #Colorize each line - if ($settings{'KEY1'} eq $key) { - print ""; - } elsif ($key % 2) { - print ""; - } else { - print ""; - } - - print <$temp[2] -$temp[0] - - -
- - - -
- - - -
- - - -
- - - -
- - - -
- - -END -; - $key++; -} -print ""; - -# If table contains entries, print 'Key to action icons' -if ($key) { -print < - -  $Lang::tr{'legend'}:  - $Lang::tr{ - $Lang::tr{'click to disable'} -    - $Lang::tr{ - $Lang::tr{'click to enable'} -    - $Lang::tr{ - $Lang::tr{'edit'} -    - $Lang::tr{ - $Lang::tr{'remove'} - - -END -; -} - -&Header::closebox(); -&Header::closebigbox(); -&Header::closepage(); - -## Ouf it's the end ! - - - -# Sort the "current" array according to choices -sub SortDataFile -{ - our %entries = (); - - # Sort pair of record received in $a $b special vars. - # When IP is specified use numeric sort else alpha. - # If sortname ends with 'Rev', do reverse sort. - # - sub fixedleasesort { - my $qs=''; # The sort field specified minus 'Rev' - if (rindex ($netsettings{'SORT_ALIASES'},'Rev') != -1) { - $qs=substr ($netsettings{'SORT_ALIASES'},0,length($netsettings{'SORT_ALIASES'})-3); - if ($qs eq 'IP') { - my @a = split(/\./,$entries{$a}->{$qs}); - my @b = split(/\./,$entries{$b}->{$qs}); - ($b[0]<=>$a[0]) || - ($b[1]<=>$a[1]) || - ($b[2]<=>$a[2]) || - ($b[3]<=>$a[3]); - } else { - $entries{$b}->{$qs} cmp $entries{$a}->{$qs}; - } - } else { #not reverse - $qs=$netsettings{'SORT_ALIASES'}; - if ($qs eq 'IP') { - my @a = split(/\./,$entries{$a}->{$qs}); - my @b = split(/\./,$entries{$b}->{$qs}); - ($a[0]<=>$b[0]) || - ($a[1]<=>$b[1]) || - ($a[2]<=>$b[2]) || - ($a[3]<=>$b[3]); - } else { - $entries{$a}->{$qs} cmp $entries{$b}->{$qs}; - } - } - } - - #Use an associative array (%entries) - my $key = 0; - foreach my $line (@current) { - chomp( $line); #remove newline because can be on field 5 or 6 (addition of REMARK) - my @temp = split (',',$line); - - # Build a pair 'Field Name',value for each of the data dataline. - # Each SORTABLE field must have is pair. - # Other data fields (non sortable) can be grouped in one - - # Exemple - # F1,F2,F3,F4,F5 only F1 F2 for sorting - # my @record = ('KEY',$key++, - # 'F1',$temp[0], - # 'F2',$temp[1], - # 'DATA',join(',',@temp[2..4]) ); #group remainning values, with separator (,) - - # The KEY,key record permits doublons. If removed, then F1 becomes the key without doublon permitted. - - - my @record = ('KEY',$key++,'IP',$temp[0],'ENABLED',$temp[1],'NAME',$temp[2]); - my $record = {}; # create a reference to empty hash - %{$record} = @record; # populate that hash with @record - $entries{$record->{KEY}} = $record; # add this to a hash of hashes - } - - open(FILE, ">$datafile") or die 'Unable to open aliases file.'; - - # Each field value is printed , with the newline ! Don't forget separator and order of them. - foreach my $entry (sort fixedleasesort keys %entries) { - print FILE "$entries{$entry}->{IP},$entries{$entry}->{ENABLED},$entries{$entry}->{NAME}\n"; - } - - close(FILE); - # Reload sorted @current - open (FILE, "$datafile"); - @current = ; - close (FILE); -} - -# -# Build the configuration file for application aliases -# -sub BuildConfiguration { - # Restart service associated with this - system '/usr/local/bin/setaliases'; -} diff --git a/lfs/initscripts b/lfs/initscripts index 60b23edc0a..53d839ea0d 100644 --- a/lfs/initscripts +++ b/lfs/initscripts @@ -135,8 +135,6 @@ $(TARGET) : ln -sf ../../dnsmasq /etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq ln -sf ../../firewall /etc/rc.d/init.d/networking/red.up/20-RL-firewall - ln -sf ../../../../../usr/local/bin/setfilters \ - /etc/rc.d/init.d/networking/red.up/21-setfilters ln -sf ../../../../../usr/local/bin/outgoingfwctrl \ /etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl ln -sf ../../../../../usr/local/bin/snortctrl \ diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile index 96791ad062..178099819c 100644 --- a/src/misc-progs/Makefile +++ b/src/misc-progs/Makefile @@ -4,8 +4,8 @@ CFLAGS=-O2 -Wall COMPILE=$(CC) $(CFLAGS) PROGS = iowrap -SUID_PROGS = setdmzholes setportfw setfilters setxtaccess \ - squidctrl restartssh ipfirereboot setaliases \ +SUID_PROGS = setdmzholes setportfw setxtaccess \ + squidctrl restartssh ipfirereboot \ ipsecctrl timectrl dhcpctrl snortctrl \ applejuicectrl rebuildhosts backupctrl \ logwatch openvpnctrl outgoingfwctrl \ @@ -61,9 +61,6 @@ tripwirectrl: tripwirectrl.c setuid.o ../install+setup/libsmooth/varval.o smartctrl: smartctrl.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ smartctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@ -monitorTraff: monitorTraff.c setuid.o ../install+setup/libsmooth/varval.o - $(COMPILE) -I../install+setup/libsmooth/ monitorTraff.c setuid.o ../install+setup/libsmooth/varval.o -o $@ - clamavctrl: clamavctrl.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ clamavctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@ @@ -76,18 +73,12 @@ timectrl: timectrl.c setuid.o ../install+setup/libsmooth/varval.o launch-ether-wake: launch-ether-wake.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ launch-ether-wake.c setuid.o ../install+setup/libsmooth/varval.o -o $@ -setaliases: setaliases.c setuid.o ../install+setup/libsmooth/varval.o - $(COMPILE) -I../install+setup/libsmooth/ setaliases.c setuid.o ../install+setup/libsmooth/varval.o -o $@ - setdmzholes: setdmzholes.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ setdmzholes.c setuid.o ../install+setup/libsmooth/varval.o -o $@ setportfw: setportfw.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ setportfw.c setuid.o ../install+setup/libsmooth/varval.o -o $@ -setfilters: setfilters.c setuid.o ../install+setup/libsmooth/varval.o - $(COMPILE) -I../install+setup/libsmooth/ setfilters.c setuid.o ../install+setup/libsmooth/varval.o -o $@ - rebuildhosts: rebuildhosts.c setuid.o ../install+setup/libsmooth/varval.o $(COMPILE) -I../install+setup/libsmooth/ rebuildhosts.c setuid.o ../install+setup/libsmooth/varval.o -o $@ diff --git a/src/misc-progs/qosctrl.c b/src/misc-progs/qosctrl.c index 023655715e..8a8f07ebc0 100644 --- a/src/misc-progs/qosctrl.c +++ b/src/misc-progs/qosctrl.c @@ -16,7 +16,6 @@ int main(int argc, char *argv[]) { int fd = -1; - int enable = 0; if (!(initsetuid())) exit(1); @@ -25,18 +24,17 @@ int main(int argc, char *argv[]) { fprintf(stderr, "\nNo argument given.\n\nqosctrl (start|stop|restart|status|generate)\n\n"); exit(1); } - + + if ((fd = open("/var/ipfire/qos/bin/qos.sh", O_RDONLY)) != -1) { + close(fd); + } else { + // If there is no qos.sh do nothing. + exit(0); + } + safe_system("chmod 755 /var/ipfire/qos/bin/qos.sh &>/dev/null"); if (strcmp(argv[1], "start") == 0) { - if ((fd = open("/var/ipfire/qos/bin/qos.sh", O_RDONLY)) != -1) - { - close(fd); - enable = 1; - } - if (enable) - { - safe_system("/var/ipfire/qos/bin/qos.sh start"); - } + safe_system("/var/ipfire/qos/bin/qos.sh start"); } else if (strcmp(argv[1], "stop") == 0) { safe_system("/var/ipfire/qos/bin/qos.sh clear"); } else if (strcmp(argv[1], "status") == 0) { diff --git a/src/misc-progs/setaliases.c b/src/misc-progs/setaliases.c deleted file mode 100644 index be6251ee00..0000000000 --- a/src/misc-progs/setaliases.c +++ /dev/null @@ -1,186 +0,0 @@ -/* - * setaliases - configure red aliased interfaces - * - * This program is distributed under the terms of the GNU General Public - * Licence. See the file COPYING for details. - * - * (c) Steve Bootes, 2002/04/15 - * - * 21/04/03 Robert Kerr Changed to link directly to libsmooth rather than - * using a copy & paste - * - * $Id: setaliases.c,v 1.2.2.4 2004/08/22 22:01:44 alanh Exp $ - * - */ - -#include "libsmooth.h" -#include "setuid.h" -#include -#include -#include -#include -#include -#include -#include - -struct keyvalue *kv = NULL; -FILE *file = NULL; - -void exithandler(void) -{ - if (kv) freekeyvalues(kv); - if (file) fclose(file); -} - -int main(void) -{ - char s[STRING_SIZE]; - char command[STRING_SIZE]; - char red_netmask[STRING_SIZE]; - char red_broadcast[STRING_SIZE]; - char red_dev[STRING_SIZE]; - char default_gateway[STRING_SIZE]; - char *aliasip; - char *enabled; - char *sptr; - char *comment; - int alias; - int count; - - if (!(initsetuid())) - { - fprintf(stderr, "Cannot run setuid\n"); - exit(1); - } - - atexit(exithandler); - - /* Init the keyvalue structure */ - kv=initkeyvalues(); - - /* Read in the current values */ - if (!readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings")) - { - fprintf(stderr, "Cannot read ethernet settings\n"); - exit(1); - } - - /* Find the CONFIG_TYPE value */ - if (!findkey(kv, "CONFIG_TYPE", s)) - { - fprintf(stderr, "Cannot read CONFIG_TYPE\n"); - exit(1); - } - - /* Check for CONFIG_TYPE=2 or 3 i.e. RED ethernet present. If not, - * exit gracefully. This is not an error... */ - if (!((strcmp(s, "2")==0) || (strcmp(s, "3")==0) || (strcmp(s, "6")==0) || (strcmp(s, "7")==0))) - exit(0); - - /* Now check the RED_TYPE - aliases only work with STATIC. - * At least, that's what /etc/rc.d/rc.netaddress.up thinks.. */ - - /* Find the RED_TYPE value */ - if (!findkey(kv, "RED_TYPE", s)) - { - fprintf(stderr, "Cannot read RED_TYPE\n"); - exit(1); - } - - /* Make sure it's the right type */ - if (!(strcmp(s, "STATIC")==0)) - exit(0); - - /* Get the RED interface details */ - if((!findkey(kv, "RED_NETMASK", red_netmask)) || (!findkey(kv, "RED_BROADCAST", red_broadcast)) || - (!findkey(kv, "RED_DEV", red_dev)) || (!findkey(kv, "DEFAULT_GATEWAY", default_gateway))) - { - fprintf(stderr, "Cannot read RED settings\n"); - exit(1); - } - - if (!VALID_DEVICE(red_dev)) - { - fprintf(stderr, "Bad red_dev: %s\n", red_dev); - exit(1); - } - - if (!VALID_IP(red_netmask)) - { - fprintf(stderr, "Bad red_netmask : %s\n", red_netmask); - exit(1); - } - - if (!VALID_IP(red_broadcast)) - { - fprintf(stderr, "Bad red_broadcast : %s\n", red_broadcast); - exit(1); - } - - if (!VALID_IP(default_gateway)) - { - fprintf(stderr, "Bad default_gateway : %s\n", default_gateway); - exit(1); - } - - /* down the aliases in turn until ifconfig complains */ - alias=0; - do - { - memset(command, 0, STRING_SIZE); - snprintf(command, STRING_SIZE-1, "/sbin/ifconfig %s:%d down 2>/dev/null", red_dev, alias++); - } while (safe_system(command)==0); - - /* Now set up the new aliases from the config file */ - if (!(file = fopen(CONFIG_ROOT "/ethernet/aliases", "r"))) - { - fprintf(stderr, "Unable to open aliases configuration file\n"); - exit(1); - } - - alias=0; - while (fgets(s, STRING_SIZE, file) != NULL) - { - if (s[strlen(s) - 1] == '\n') - s[strlen(s) - 1] = '\0'; - sptr = strtok(s, ","); - count = 0; - aliasip = NULL; - enabled = NULL; - comment = NULL; - while (sptr) - { - if (count == 0) - aliasip = sptr; - if (count == 1) - enabled = sptr; - else - comment = sptr; - count++; - sptr = strtok(NULL, ","); - } - - if (!(aliasip && enabled)) - continue; - - if (!VALID_IP(aliasip)) - { - fprintf(stderr, "Bad alias : %s\n", aliasip); - exit(1); - } - - if (strcmp(enabled, "on") == 0) - { - memset(command, 0, STRING_SIZE); - snprintf(command, STRING_SIZE-1, "/sbin/ifconfig %s:%d %s netmask %s broadcast %s up", red_dev, alias, aliasip, red_netmask, red_broadcast); - safe_system(command); - memset(command, 0, STRING_SIZE); - snprintf(command, STRING_SIZE-1, "/usr/sbin/arping -q -c 1 -w 1 -i %s -S %s %s", red_dev, aliasip, default_gateway); - safe_system(command); - alias++; - } - } - - return 0; -} - diff --git a/src/misc-progs/setfilters.c b/src/misc-progs/setfilters.c deleted file mode 100644 index 21bea84023..0000000000 --- a/src/misc-progs/setfilters.c +++ /dev/null @@ -1,100 +0,0 @@ -/* Derivated from SmoothWall helper programs - * - * This program is distributed under the terms of the GNU General Public - * Licence. See the file COPYING for details. - * - * (c) Daniel Goscomb, 2001 - * - * Modifications and improvements by Lawrence Manning. - * - * 19/04/03 Robert Kerr Fixed root exploit - * - * 20/08/05 Achim Weber 20 Modified to have a binary for the new firewall options page in IPCop 1.4.8 - * - * 02/10/05 Gilles Espinasse treat only ping actually - * - * $Id: setfilters.c,v 1.1.2.2 2006/02/07 20:54:16 gespinasse Exp $ - * - */ - -#include -#include -#include -#include "libsmooth.h" -#include "setuid.h" - -struct keyvalue *kv = NULL; -FILE *ifacefile = NULL; - -void exithandler(void) -{ - if(kv) - freekeyvalues(kv); -} - -int main(void) -{ - char iface[STRING_SIZE] = ""; - char command[STRING_SIZE]; - char disableping[STRING_SIZE]; - int redAvailable = 1; - - if (!(initsetuid())) - exit(1); - - atexit(exithandler); - - /* Read in and verify config */ - kv=initkeyvalues(); - - if (!readkeyvalues(kv, CONFIG_ROOT "/optionsfw/settings")) { - fprintf(stderr, "Cannot read firewall option settings\n"); - exit(1); - } - - if (!findkey(kv, "DISABLEPING", disableping)) { - fprintf(stderr, "Cannot read DISABLEPING\n"); - exit(1); - } - - if (strcmp(disableping, "NO") != 0 && strcmp(disableping, "ONLYRED") != 0 && strcmp(disableping, "ALL") != 0) { - fprintf(stderr, "Bad DISABLEPING: %s\n", disableping); - exit(1); - } - - if (!(ifacefile = fopen(CONFIG_ROOT "/red/iface", "r"))) { - redAvailable = 0; - } else { - if (fgets(iface, STRING_SIZE, ifacefile)) { - if (iface[strlen(iface) - 1] == '\n') - iface[strlen(iface) - 1] = '\0'; - } - fclose (ifacefile); - if (!VALID_DEVICE(iface)) { - fprintf(stderr, "Bad iface: %s\n", iface); - exit(1); - } - redAvailable = 1; - } - - safe_system("/sbin/iptables -F GUIINPUT"); - - /* don't need to do anything if ping is disabled, so treat only other cases */ - if (strcmp(disableping, "NO") == 0 - || (strcmp(disableping, "ONLYRED") == 0 && redAvailable == 0)) { - // We allow ping (icmp type 8) on every interfaces - // or RED is not available, so we can enable it on all (available) Interfaces - memset(command, 0, STRING_SIZE); - snprintf(command, STRING_SIZE - 1, "/sbin/iptables -A GUIINPUT -p icmp --icmp-type 8 -j ACCEPT"); - safe_system(command); - } else { - // Allow ping only on internal interfaces - if(strcmp(disableping, "ONLYRED") == 0) { - memset(command, 0, STRING_SIZE); - snprintf(command, STRING_SIZE - 1, - "/sbin/iptables -A GUIINPUT -i ! %s -p icmp --icmp-type 8 -j ACCEPT", iface); - safe_system(command); - } - } - return 0; -} diff --git a/src/misc-progs/setuid.h b/src/misc-progs/setuid.h index 86e260319e..e253a76570 100644 --- a/src/misc-progs/setuid.h +++ b/src/misc-progs/setuid.h @@ -1,91 +1,74 @@ -/* SmoothWall helper program - header file - * - * This program is distributed under the terms of the GNU General Public - * Licence. See the file COPYING for details. - * Simple header file for all setuid progs. - * - * $Id: setuid.h,v 1.4.2.4 2005/11/20 23:20:13 franck78 Exp $ - * - */ - -#ifndef SETUID_H -#define SETUID_H 1 - -#include -#include - -/* As nothing in setuid.c uses STRING_SIZE specifically there's no real reason - * to redefine it if it already is set */ -#ifndef STRING_SIZE -#define STRING_SIZE 256 -#endif -#define LETTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" -#define NUMBERS "0123456789" -#define LETTERS_NUMBERS LETTERS NUMBERS -#define IP_NUMBERS "./" NUMBERS -#define PORT_NUMBERS ":-" NUMBERS -#define VALID_FQDN LETTERS_NUMBERS ".-" - - -#define VALID_IP(ip) (strlen(ip) > 6 \ - && strlen(ip) < 16 \ - && strspn(ip, NUMBERS ".") == strlen(ip)) - -#define VALID_IP_AND_MASK(ip) (strlen(ip) > 6 \ - && strlen(ip) < 32 \ - && strspn(ip, IP_NUMBERS) == strlen(ip)) - -#define VALID_PORT(port) (strlen(port) \ - && strlen(port) < 6 \ - && strspn(port, NUMBERS) == strlen(port)) - -#define VALID_PORT_RANGE(port) (strlen(port) \ - && strlen(port) < 12 \ - && strspn(port, PORT_NUMBERS) == strlen(port)) - -#define VALID_SHORT_MASK(ip) (strlen(ip) > 1 \ - && strlen(ip) < 3 \ - && strspn(ip, NUMBERS) == strlen(ip)) - -/* Can't find any info on valid characters/length hopefully these are - * reasonable guesses */ -#define VALID_DEVICE(dev) (strlen(dev) \ - && strlen(dev) < 16 \ - && strspn(dev, LETTERS_NUMBERS ":.") == strlen(dev)) - -/* Again, can't find any hard and fast rules for protocol names, these - * restrictions are based on the keywords currently listed in - * - * though currently the ipcop cgis will only pass tcp, udp or gre anyway */ -#define VALID_PROTOCOL(prot) (strlen(prot) \ - && strlen(prot) <16 \ - && strspn(prot, LETTERS_NUMBERS "-") == strlen(prot)) - -extern char * trusted_env[4]; - -int system_core(char* command, uid_t uid, gid_t gid, char *error); -int safe_system(char* command); -int unpriv_system(char* command, uid_t uid, gid_t gid); -size_t strlcat(char *dst, const char *src, size_t len); -int initsetuid(void); - -/* check whether a file exists */ -int file_exists(const char *fname); -int file_exists_w(const char *fname); //wildcard filename test - -// Backup restore -#define MOUNTPOINT "/home/httpd/html/backup" -#define BACKUP_KEY CONFIG_ROOT"/backup/backup.key" - -/* defines for config create/restore return status*/ -#define ERR_ANY 1 // unspecified error -#define ERR_KEY 2 // error creating key file -#define ERR_TAR 3 // error creating .tar -#define ERR_GZ 4 // error creating .tar.gz -#define ERR_ENCRYPT 5 // error creating .dat -#define ERR_DECRYPT 6 // error decrypting .dat file -#define ERR_UNTARTST 7 // error (test) untarring .tar.gz -#define ERR_UNTAR 8 // error (real) untarring .tar.gz -#define ERR_DAT 9 // missing .dat file - -#endif +/* SmoothWall helper program - header file + * + * This program is distributed under the terms of the GNU General Public + * Licence. See the file COPYING for details. + * Simple header file for all setuid progs. + * + */ + +#ifndef SETUID_H +#define SETUID_H 1 + +#include +#include + +/* As nothing in setuid.c uses STRING_SIZE specifically there's no real reason + * to redefine it if it already is set */ +#ifndef STRING_SIZE +#define STRING_SIZE 256 +#endif +#define LETTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" +#define NUMBERS "0123456789" +#define LETTERS_NUMBERS LETTERS NUMBERS +#define IP_NUMBERS "./" NUMBERS +#define PORT_NUMBERS ":-" NUMBERS +#define VALID_FQDN LETTERS_NUMBERS ".-" + + +#define VALID_IP(ip) (strlen(ip) > 6 \ + && strlen(ip) < 16 \ + && strspn(ip, NUMBERS ".") == strlen(ip)) + +#define VALID_IP_AND_MASK(ip) (strlen(ip) > 6 \ + && strlen(ip) < 32 \ + && strspn(ip, IP_NUMBERS) == strlen(ip)) + +#define VALID_PORT(port) (strlen(port) \ + && strlen(port) < 6 \ + && strspn(port, NUMBERS) == strlen(port)) + +#define VALID_PORT_RANGE(port) (strlen(port) \ + && strlen(port) < 12 \ + && strspn(port, PORT_NUMBERS) == strlen(port)) + +#define VALID_SHORT_MASK(ip) (strlen(ip) > 1 \ + && strlen(ip) < 3 \ + && strspn(ip, NUMBERS) == strlen(ip)) + +/* Can't find any info on valid characters/length hopefully these are + * reasonable guesses */ +#define VALID_DEVICE(dev) (strlen(dev) \ + && strlen(dev) < 16 \ + && strspn(dev, LETTERS_NUMBERS ":.") == strlen(dev)) + +/* Again, can't find any hard and fast rules for protocol names, these + * restrictions are based on the keywords currently listed in + * + * though currently the ipcop cgis will only pass tcp, udp or gre anyway */ +#define VALID_PROTOCOL(prot) (strlen(prot) \ + && strlen(prot) <16 \ + && strspn(prot, LETTERS_NUMBERS "-") == strlen(prot)) + +extern char * trusted_env[4]; + +int system_core(char* command, uid_t uid, gid_t gid, char *error); +int safe_system(char* command); +int unpriv_system(char* command, uid_t uid, gid_t gid); +size_t strlcat(char *dst, const char *src, size_t len); +int initsetuid(void); + +/* check whether a file exists */ +int file_exists(const char *fname); +int file_exists_w(const char *fname); //wildcard filename test + +#endif diff --git a/tools/finder.sh b/tools/finder.sh new file mode 100644 index 0000000000..8022cb0a49 --- /dev/null +++ b/tools/finder.sh @@ -0,0 +1,20 @@ +#!/bin/sh +# Verson 0.1 by linuxadmin +# sucht in allen regulären Files nach dem eingegebenen Wert +# ACHTUNG DAS KANN EINIGE MINUTEN DAUERN !!! + +name=finder.log +echo -n "Where: " ;read wo +echo -n "String: " ;read was +echo -n "Output to file? (y/n): " ;read jn + +if [ "$jn" = "y" ]; then + echo "Creating log file $name" + find $wo -type f | xargs grep -in "$was" > $name +else + find $wo -type f | xargs grep -in "$was" +fi + +if [ -d $name ]; then + cat $name +fi