]>
Commit | Line | Data |
---|---|---|
cd1a2927 MT |
1 | #!/usr/bin/perl\r |
2 | #\r | |
3 | # SmoothWall CGIs\r | |
4 | #\r | |
5 | # This code is distributed under the terms of the GPL\r | |
6 | #\r | |
7 | # (c) The SmoothWall Team\r | |
8 | # Copyright (c) 2002/04/13 Steve Bootes - Add destination IP support\r | |
9 | #\r | |
10 | # $Id: xtaccess.cgi,v 1.6.2.15 2005/03/05 08:44:32 eoberlander Exp $\r | |
11 | #\r | |
12 | \r | |
13 | use strict;\r | |
14 | \r | |
15 | # enable only the following on debugging purpose\r | |
16 | #use warnings;\r | |
17 | #use CGI::Carp 'fatalsToBrowser';\r | |
18 | \r | |
19 | require 'CONFIG_ROOT/general-functions.pl';\r | |
20 | require "${General::swroot}/lang.pl";\r | |
21 | require "${General::swroot}/header.pl";\r | |
22 | \r | |
23 | #workaround to suppress a warning when a variable is used only once\r | |
24 | my @dummy = ( ${Header::colouryellow} );\r | |
25 | undef (@dummy);\r | |
26 | \r | |
27 | my %cgiparams=();\r | |
28 | my %checked=();\r | |
29 | my %selected=();\r | |
30 | my $errormessage = '';\r | |
31 | my $filename = "${General::swroot}/xtaccess/config";\r | |
32 | my $aliasfile = "${General::swroot}/ethernet/aliases";\r | |
33 | my $changed = 'no';\r | |
34 | \r | |
35 | &Header::showhttpheaders();\r | |
36 | \r | |
37 | $cgiparams{'ENABLED'} = 'off';\r | |
38 | $cgiparams{'ACTION'} = '';\r | |
39 | $cgiparams{'SRC'} = '';\r | |
40 | $cgiparams{'DEST_PORT'} = '';\r | |
41 | $cgiparams{'REMARK'} ='';\r | |
42 | &Header::getcgihash(\%cgiparams);\r | |
43 | open(FILE, $filename) or die 'Unable to open config file.';\r | |
44 | my @current = <FILE>;\r | |
45 | close(FILE);\r | |
46 | \r | |
47 | if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})\r | |
48 | {\r | |
49 | unless($cgiparams{'PROTOCOL'} =~ /^(tcp|udp)$/) { $errormessage = $Lang::tr{'invalid input'}; }\r | |
50 | unless(&General::validipormask($cgiparams{'SRC'}))\r | |
51 | {\r | |
52 | if ($cgiparams{'SRC'} ne '') {\r | |
53 | $errormessage = $Lang::tr{'source ip bad'}; }\r | |
54 | else {\r | |
55 | $cgiparams{'SRC'} = '0.0.0.0/0'; }\r | |
56 | }\r | |
57 | unless($errormessage){ $errormessage = &General::validportrange($cgiparams{'DEST_PORT'},'dst'); }\r | |
58 | if ( ! $errormessage)\r | |
59 | {\r | |
60 | $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});\r | |
61 | \r | |
62 | if($cgiparams{'EDITING'} eq 'no') {\r | |
63 | open(FILE,">>$filename") or die 'Unable to open config file.';\r | |
64 | flock FILE, 2;\r | |
65 | print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";\r | |
66 | } else {\r | |
67 | open(FILE, ">$filename") or die 'Unable to open config file.';\r | |
68 | flock FILE, 2;\r | |
69 | my $id = 0;\r | |
70 | foreach my $line (@current)\r | |
71 | {\r | |
72 | $id++;\r | |
73 | if ($cgiparams{'EDITING'} eq $id) {\r | |
74 | print FILE "$cgiparams{'PROTOCOL'},$cgiparams{'SRC'},$cgiparams{'DEST_PORT'},$cgiparams{'ENABLED'},$cgiparams{'DEST'},$cgiparams{'REMARK'}\n";\r | |
75 | } else { print FILE "$line"; }\r | |
76 | }\r | |
77 | }\r | |
78 | close(FILE);\r | |
79 | undef %cgiparams;\r | |
80 | $changed = 'yes';\r | |
81 | &General::log($Lang::tr{'external access rule added'});\r | |
82 | system('/usr/local/bin/setxtaccess');\r | |
83 | } else {\r | |
84 | # stay on edit mode if an error occur\r | |
85 | if ($cgiparams{'EDITING'} ne 'no')\r | |
86 | {\r | |
87 | $cgiparams{'ACTION'} = $Lang::tr{'edit'};\r | |
88 | $cgiparams{'ID'} = $cgiparams{'EDITING'};\r | |
89 | }\r | |
90 | }\r | |
91 | }\r | |
92 | if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'})\r | |
93 | {\r | |
94 | my $id = 0;\r | |
95 | open(FILE, ">$filename") or die 'Unable to open config file.';\r | |
96 | flock FILE, 2;\r | |
97 | foreach my $line (@current)\r | |
98 | {\r | |
99 | $id++;\r | |
100 | unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }\r | |
101 | }\r | |
102 | close(FILE);\r | |
103 | system('/usr/local/bin/setxtaccess');\r | |
104 | &General::log($Lang::tr{'external access rule removed'});\r | |
105 | }\r | |
106 | if ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'})\r | |
107 | {\r | |
108 | open(FILE, ">$filename") or die 'Unable to open config file.';\r | |
109 | flock FILE, 2;\r | |
110 | my $id = 0;\r | |
111 | foreach my $line (@current)\r | |
112 | {\r | |
113 | $id++;\r | |
114 | unless ($cgiparams{'ID'} eq $id) { print FILE "$line"; }\r | |
115 | else\r | |
116 | {\r | |
117 | chomp($line);\r | |
118 | my @temp = split(/\,/,$line);\r | |
119 | print FILE "$temp[0],$temp[1],$temp[2],$cgiparams{'ENABLE'},$temp[4],$temp[5]\n";\r | |
120 | }\r | |
121 | }\r | |
122 | close(FILE);\r | |
123 | system('/usr/local/bin/setxtaccess');\r | |
124 | }\r | |
125 | if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'})\r | |
126 | {\r | |
127 | my $id = 0;\r | |
128 | foreach my $line (@current)\r | |
129 | {\r | |
130 | $id++;\r | |
131 | if ($cgiparams{'ID'} eq $id)\r | |
132 | {\r | |
133 | chomp($line);\r | |
134 | my @temp = split(/\,/,$line);\r | |
135 | $cgiparams{'PROTOCOL'} = $temp[0];\r | |
136 | $cgiparams{'SRC'} = $temp[1];\r | |
137 | $cgiparams{'DEST_PORT'} = $temp[2];\r | |
138 | $cgiparams{'ENABLED'} = $temp[3];\r | |
139 | $cgiparams{'DEST'} = $temp[4];\r | |
140 | $cgiparams{'REMARK'} = $temp[5];\r | |
141 | }\r | |
142 | }\r | |
143 | }\r | |
144 | \r | |
145 | if ($cgiparams{'ACTION'} eq '')\r | |
146 | {\r | |
147 | $cgiparams{'PROTOCOL'} = 'tcp';\r | |
148 | $cgiparams{'DEST'} = '0.0.0.0';\r | |
149 | $cgiparams{'ENABLED'} = 'on';\r | |
150 | }\r | |
151 | \r | |
152 | $selected{'PROTOCOL'}{'udp'} = '';\r | |
153 | $selected{'PROTOCOL'}{'tcp'} = '';\r | |
154 | $selected{'PROTOCOL'}{$cgiparams{'PROTOCOL'}} = "selected='selected'";\r | |
155 | \r | |
156 | $selected{'DEST'}{$cgiparams{'DEST'}} = "selected='selected'";\r | |
157 | \r | |
158 | $checked{'ENABLED'}{'off'} = '';\r | |
159 | $checked{'ENABLED'}{'on'} = '';\r | |
160 | $checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";\r | |
161 | \r | |
162 | &Header::openpage($Lang::tr{'external access configuration'}, 1, '');\r | |
163 | \r | |
164 | &Header::openbigbox('100%', 'left', '', $errormessage);\r | |
165 | \r | |
166 | if ($errormessage) {\r | |
167 | &Header::openbox('100%', 'left', $Lang::tr{'error messages'});\r | |
168 | print "<class name='base'>$errormessage\n";\r | |
169 | print " </class>\n";\r | |
170 | &Header::closebox();\r | |
171 | }\r | |
172 | \r | |
173 | print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";\r | |
174 | \r | |
175 | my $buttontext = $Lang::tr{'add'};\r | |
176 | if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {\r | |
177 | &Header::openbox('100%', 'left', $Lang::tr{'edit a rule'});\r | |
178 | $buttontext = $Lang::tr{'update'};\r | |
179 | } else {\r | |
180 | &Header::openbox('100%', 'left', $Lang::tr{'add a new rule'});\r | |
181 | }\r | |
182 | print <<END\r | |
183 | <table width='100%'>\r | |
184 | <tr>\r | |
185 | <td width='10%'>\r | |
186 | <select name='PROTOCOL'>\r | |
187 | <option value='udp' $selected{'PROTOCOL'}{'udp'}>UDP</option>\r | |
188 | <option value='tcp' $selected{'PROTOCOL'}{'tcp'}>TCP</option>\r | |
189 | </select>\r | |
190 | </td>\r | |
191 | <td class='base'><font color='${Header::colourred}'>$Lang::tr{'source network'}</font></td>\r | |
192 | <td><input type='text' name='SRC' value='$cgiparams{'SRC'}' size='32' /></td>\r | |
193 | <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination port'}:</font></td>\r | |
194 | <td><input type='text' name='DEST_PORT' value='$cgiparams{'DEST_PORT'}' size='5' /></td>\r | |
195 | </tr>\r | |
196 | </table>\r | |
197 | <table width='100%'>\r | |
198 | <tr>\r | |
199 | <td width='10%' class='base'>$Lang::tr{'enabled'}<input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>\r | |
200 | <td class='base'><font color='${Header::colourred}'>$Lang::tr{'destination ip'}: </font>\r | |
201 | <select name='DEST'>\r | |
202 | <option value='0.0.0.0' $selected{'DEST'}{'0.0.0.0'}>DEFAULT IP</option>\r | |
203 | END\r | |
204 | ;\r | |
205 | \r | |
206 | open(ALIASES, "$aliasfile") or die 'Unable to open aliases file.';\r | |
207 | while (<ALIASES>)\r | |
208 | {\r | |
209 | chomp($_);\r | |
210 | my @temp = split(/\,/,$_);\r | |
211 | if ($temp[1] eq 'on') {\r | |
212 | print "<option value='$temp[0]' $selected{'DEST'}{$temp[0]}>$temp[0]";\r | |
213 | if (defined $temp[2] and ($temp[2] ne '')) { print " ($temp[2])"; }\r | |
214 | print "</option>\n";\r | |
215 | }\r | |
216 | }\r | |
217 | close(ALIASES);\r | |
218 | print <<END\r | |
219 | </select>\r | |
220 | </td>\r | |
221 | </tr>\r | |
222 | </table>\r | |
223 | <table width='100%'>\r | |
224 | <tr>\r | |
225 | <td width ='10%' class='base'>\r | |
226 | <font class='boldbase'>$Lang::tr{'remark'}:</font> <img src='/blob.gif' alt='*' />\r | |
227 | </td>\r | |
228 | <td width='65%'>\r | |
229 | <input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='55' maxlength='50' />\r | |
230 | </td>\r | |
231 | <td width='25%' align='center'>\r | |
232 | <input type='hidden' name='ACTION' value='$Lang::tr{'add'}' />\r | |
233 | <input type='submit' name='SUBMIT' value='$buttontext' />\r | |
234 | </td>\r | |
235 | </tr>\r | |
236 | </table>\r | |
237 | <table width='100%'>\r | |
238 | <tr>\r | |
239 | <td class='base' width='30%'><img src='/blob.gif' alt ='*' align='top' /> <font class='base'>$Lang::tr{'this field may be blank'}</font>\r | |
240 | </td>\r | |
241 | </tr>\r | |
242 | </table>\r | |
243 | END\r | |
244 | ;\r | |
245 | if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) {\r | |
246 | print "<input type='hidden' name='EDITING' value='$cgiparams{'ID'}' />\n";\r | |
247 | } else {\r | |
248 | print "<input type='hidden' name='EDITING' value='no' />\n";\r | |
249 | }\r | |
250 | \r | |
251 | &Header::closebox();\r | |
252 | print "</form>\n";\r | |
253 | \r | |
254 | &Header::openbox('100%', 'left', $Lang::tr{'current rules'});\r | |
255 | print <<END\r | |
256 | <table width='100%'>\r | |
257 | <tr>\r | |
258 | <td width='10%' class='boldbase' align='center'><b>$Lang::tr{'proto'}</b></td>\r | |
259 | <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'source ip'}</b></td>\r | |
260 | <td width='20%' class='boldbase' align='center'><b>$Lang::tr{'destination ip'}</b></td>\r | |
261 | <td width='15%' class='boldbase' align='center'><b>$Lang::tr{'destination port'}</b></td>\r | |
262 | <td width='30%' class='boldbase' align='center'><b>$Lang::tr{'remark'}</b></td>\r | |
263 | <td width='5%' class='boldbase' colspan='3' align='center'><b>$Lang::tr{'action'}</b></td>\r | |
264 | </tr>\r | |
265 | END\r | |
266 | ;\r | |
267 | \r | |
268 | # If something has happened re-read config\r | |
269 | if($cgiparams{'ACTION'} ne '' or $changed ne 'no')\r | |
270 | {\r | |
271 | open(FILE, $filename) or die 'Unable to open config file.';\r | |
272 | @current = <FILE>;\r | |
273 | close(FILE);\r | |
274 | }\r | |
275 | my $id = 0;\r | |
276 | foreach my $line (@current)\r | |
277 | {\r | |
278 | $id++;\r | |
279 | chomp($line);\r | |
280 | my @temp = split(/\,/,$line);\r | |
281 | my $protocol = '';\r | |
282 | my $gif = '';\r | |
283 | my $gdesc = '';\r | |
284 | my $toggle = '';\r | |
285 | if ($temp[0] eq 'udp') {\r | |
286 | $protocol = 'UDP'; }\r | |
287 | else {\r | |
288 | $protocol = 'TCP' }\r | |
289 | if($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'ID'} eq $id) {\r | |
290 | print "<tr bgcolor='${Header::colouryellow}'>\n"; }\r | |
291 | elsif ($id % 2) {\r | |
292 | print "<tr bgcolor='${Header::table1colour}'>\n"; }\r | |
293 | else {\r | |
294 | print "<tr bgcolor='${Header::table2colour}'>\n"; }\r | |
295 | if ($temp[3] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}\r | |
296 | else { $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; }\r | |
297 | if ($temp[1] eq '0.0.0.0/0') {\r | |
298 | $temp[1] = $Lang::tr{'caps all'}; }\r | |
299 | # catch for 'old-style' rules file - assume default ip if\r | |
300 | # none exists\r | |
301 | if (!&General::validip($temp[4]) || $temp[4] eq '0.0.0.0') {\r | |
302 | $temp[4] = 'DEFAULT IP'; }\r | |
303 | $temp[5] = '' unless defined $temp[5];\r | |
304 | print <<END\r | |
305 | <td align='center'>$protocol</td>\r | |
306 | <td align='center'>$temp[1]</td>\r | |
307 | <td align='center'>$temp[4]</td>\r | |
308 | <td align='center'>$temp[2]</td>\r | |
309 | <td align='left'> $temp[5]</td>\r | |
310 | <td align='center'>\r | |
311 | <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>\r | |
312 | <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' />\r | |
313 | <input type='hidden' name='ID' value='$id' />\r | |
314 | <input type='hidden' name='ENABLE' value='$toggle' />\r | |
315 | <input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />\r | |
316 | </form>\r | |
317 | </td>\r | |
318 | <td align='center'>\r | |
319 | <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>\r | |
320 | <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' />\r | |
321 | <input type='hidden' name='ID' value='$id' />\r | |
322 | <input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />\r | |
323 | </form>\r | |
324 | </td>\r | |
325 | <td align='center'>\r | |
326 | <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>\r | |
327 | <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />\r | |
328 | <input type='hidden' name='ID' value='$id' />\r | |
329 | <input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />\r | |
330 | </form>\r | |
331 | </td>\r | |
332 | \r | |
333 | </tr>\r | |
334 | END\r | |
335 | ;\r | |
336 | }\r | |
337 | print "</table>\n";\r | |
338 | \r | |
339 | # If the xt access file contains entries, print Key to action icons\r | |
340 | if ( ! -z "$filename") {\r | |
341 | print <<END\r | |
342 | <table>\r | |
343 | <tr>\r | |
344 | <td class='boldbase'> <b>$Lang::tr{'legend'}:</b></td>\r | |
345 | <td> <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>\r | |
346 | <td class='base'>$Lang::tr{'click to disable'}</td>\r | |
347 | <td> <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>\r | |
348 | <td class='base'>$Lang::tr{'click to enable'}</td>\r | |
349 | <td> <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>\r | |
350 | <td class='base'>$Lang::tr{'edit'}</td>\r | |
351 | <td> <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>\r | |
352 | <td class='base'>$Lang::tr{'remove'}</td>\r | |
353 | </tr>\r | |
354 | </table>\r | |
355 | END\r | |
356 | ;\r | |
357 | }\r | |
358 | \r | |
359 | &Header::closebox();\r | |
360 | \r | |
361 | &Header::closebigbox();\r | |
362 | \r | |
363 | &Header::closepage();\r |