From 90c2e1641eca21f1edbcf95aa21ee78b1c2f2d6a Mon Sep 17 00:00:00 2001
From: Christian Schmidt <christian.schmidt@ipfire.org>
Date: Fri, 21 May 2010 12:05:41 +0200
Subject: [PATCH] Fixed Guardian unable to change the config.

I have added a new function to replace some particular vars in the
settings files without knowing or deleting all existing ones.
---
 config/cfgroot/general-functions.pl      | 35 ++++++++++++++++++++++++
 config/rootfiles/core/38/filelists/files |  1 +
 html/cgi-bin/ids.cgi                     | 35 ++++++++++++++++++------
 3 files changed, 63 insertions(+), 8 deletions(-)
diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index a5862e8d00..84aa8aaa64 100644
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -103,6 +103,41 @@ sub writehash
 	close FILE;
 }
 
+sub writehashpart
+{
+	# This function replaces the given hash in the original hash by keeping the old
+	# content and just replacing the new content
+
+	my $filename = $_[0];
+	my $newhash = $_[1];
+	my %oldhash;
+	my ($var, $val);
+
+	readhash("${filename}", \%oldhash);
+
+	foreach $var (keys %$newhash){
+		$oldhash{$var}=$newhash->{$var};
+	}
+
+	# write cgi vars to the file.
+	open(FILE, ">${filename}") or die "Unable to write file $filename";
+	flock FILE, 2;
+	foreach $var (keys %oldhash) 
+	{
+		if ( $var eq "__CGI__"){next;}
+		$val = $oldhash{$var};
+		# Darren Critchley Jan 17, 2003 added the following because when submitting with a graphic, the x and y
+		# location of the mouse are submitted as well, this was being written to the settings file causing
+		# some serious grief! This skips the variable.x and variable.y
+		if (!($var =~ /(.x|.y)$/)) {
+			if ($val =~ / /) {
+				$val = "\'$val\'"; }
+			if (!($var =~ /^ACTION/)) {
+				print FILE "${var}=${val}\n"; }
+		}
+	}
+	close FILE;
+}
 
 sub age
 {
diff --git a/config/rootfiles/core/38/filelists/files b/config/rootfiles/core/38/filelists/files
index 4c5d019ba9..aad801010a 100644
--- a/config/rootfiles/core/38/filelists/files
+++ b/config/rootfiles/core/38/filelists/files
@@ -4,6 +4,7 @@ var/ipfire/header.pl
 var/ipfire/menu.d/50-firewall.menu
 var/ipfire/outgoing/bin/outgoingfw.pl
 var/ipfire/graphs.pl
+var/ipfire/general-functions.pl
 etc/modprobe.d/cfg80211
 etc/modprobe.d/pcspeaker
 var/ipfire/qos/bin/makeqosscripts.pl
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 75514091d7..dc31c48504 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -26,8 +26,8 @@ use File::Temp qw/ tempfile tempdir /;
 use strict;
 
 # enable only the following on debugging purpose
-use warnings;
-use CGI::Carp 'fatalsToBrowser';
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
 
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
@@ -318,8 +318,14 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} e
 	system('/usr/local/bin/snortctrl restart >/dev/null');
 
 } elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){
+			foreach my $key (keys %snortsettings){
+				if ( $key !~ /^GUARDIAN/ ){
+					delete $snortsettings{$key};
+				}
+			}
+			&General::writehashpart("${General::swroot}/snort/settings", \%snortsettings);
 			open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}";
-				print IGNOREFILE $snortsettings{'IGNOREFILE_CONTENT'};
+				print IGNOREFILE $snortsettings{'GUARDIAN_IGNOREFILE_CONTENT'};
 			close(IGNOREFILE);
 			open(GUARDIAN, ">/var/ipfire/guardian/guardian.conf") or die "Unable to write guardian conf /var/ipfire/guardian/guardian.conf";
 				print GUARDIAN <<END
@@ -416,6 +422,19 @@ END
 
 &Header::openbigbox('100%', 'left', '', $errormessage);
 
+###############
+# DEBUG DEBUG
+# &Header::openbox('100%', 'left', 'DEBUG');
+# my $debugCount = 0;
+# foreach my $line (sort keys %snortsettings) {
+# print "$line = $snortsettings{$line}<br />\n";
+# $debugCount++;
+# }
+# print "&nbsp;Count: $debugCount\n";
+# &Header::closebox();
+# DEBUG DEBUG
+###############
+
 if ($errormessage) {
 	&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
 	print "<class name='base'>$errormessage\n";
@@ -501,11 +520,11 @@ if ( -e "/var/ipfire/guardian/guardian.conf" ) {
 	&Header::openbox('100%', 'LEFT', $Lang::tr{'guardian configuration'});
 print <<END
 <form method='post' action='$ENV{'SCRIPT_NAME'}'><table width='100%'>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian interface'}</td><td align='left'><input type='text' name='INTERFACE' value='$snortsettings{'GUARDIAN_INTERFACE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian timelimit'}</td><td align='left'><input type='text' name='TIMELIMIT' value='$snortsettings{'GUARDIAN_TIMELIMIT'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian logfile'}</td><td align='left'><input type='text' name='LOGFILE' value='$snortsettings{'GUARDIAN_LOGFILE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian alertfile'}</td><td align='left'><input type='text' name='ALERTFILE' value='$snortsettings{'GUARDIAN_ALERTFILE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian ignorefile'}</td><td align='left'><textarea name='IGNOREFILE_CONTENT' cols='32' rows='6' wrap='off'>
+<tr><td align='left' width='40%'>$Lang::tr{'guardian interface'}</td><td align='left'><input type='text' name='GUARDIAN_INTERFACE' value='$snortsettings{'GUARDIAN_INTERFACE'}' size="30" /></td></tr>
+<tr><td align='left' width='40%'>$Lang::tr{'guardian timelimit'}</td><td align='left'><input type='text' name='GUARDIAN_TIMELIMIT' value='$snortsettings{'GUARDIAN_TIMELIMIT'}' size="30" /></td></tr>
+<tr><td align='left' width='40%'>$Lang::tr{'guardian logfile'}</td><td align='left'><input type='text' name='GUARDIAN_LOGFILE' value='$snortsettings{'GUARDIAN_LOGFILE'}' size="30" /></td></tr>
+<tr><td align='left' width='40%'>$Lang::tr{'guardian alertfile'}</td><td align='left'><input type='text' name='GUARDIAN_ALERTFILE' value='$snortsettings{'GUARDIAN_ALERTFILE'}' size="30" /></td></tr>
+<tr><td align='left' width='40%'>$Lang::tr{'guardian ignorefile'}</td><td align='left'><textarea name='GUARDIAN_IGNOREFILE_CONTENT' cols='32' rows='6' wrap='off'>
 END
 ;
 	print `cat /var/ipfire/guardian/guardian.ignore`;
-- 
2.39.2


$Lang::tr{'guardian interface'}
$Lang::tr{'guardian timelimit'}
$Lang::tr{'guardian logfile'}
$Lang::tr{'guardian alertfile'}
$Lang::tr{'guardian ignorefile'}	+<tr><td align='left' width='40%'>$Lang::tr{'guardian interface'}</td><td align='left'><input type='text' name='GUARDIAN_INTERFACE' value='$snortsettings{'GUARDIAN_INTERFACE'}' size="30" /></td></tr> +<tr><td align='left' width='40%'>$Lang::tr{'guardian timelimit'}</td><td align='left'><input type='text' name='GUARDIAN_TIMELIMIT' value='$snortsettings{'GUARDIAN_TIMELIMIT'}' size="30" /></td></tr> +<tr><td align='left' width='40%'>$Lang::tr{'guardian logfile'}</td><td align='left'><input type='text' name='GUARDIAN_LOGFILE' value='$snortsettings{'GUARDIAN_LOGFILE'}' size="30" /></td></tr> +<tr><td align='left' width='40%'>$Lang::tr{'guardian alertfile'}</td><td align='left'><input type='text' name='GUARDIAN_ALERTFILE' value='$snortsettings{'GUARDIAN_ALERTFILE'}' size="30" /></td></tr> +<tr><td align='left' width='40%'>$Lang::tr{'guardian ignorefile'}</td><td align='left'><textarea name='GUARDIAN_IGNOREFILE_CONTENT' cols='32' rows='6' wrap='off'> END ; print `cat /var/ipfire/guardian/guardian.ignore`; -- 2.39.2