]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/blob - config/forwardfw/convert-xtaccess
projects / people / teissler / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Forward Firewall: added GPL header to all files
[people/teissler/ipfire-2.x.git] / config / forwardfw / convert-xtaccess
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21 # Author: Alexander Marx (amarx@ipfire.org) #
22 ###############################################################################
23 # #
24 #This script converts old xtaccess rules to new firewall #
25 #Logfiles are created under /var/log/converters #
26 # #
27 ###############################################################################
28 my @current=();
29 my @alias=();
30 my %configinputfw=();
31 require '/var/ipfire/general-functions.pl';
32 my $xtaccessconfig = "${General::swroot}/xtaccess/config";
33 my $inputfwconfig = "${General::swroot}/forward/input";
34 my $aliasconfig = "${General::swroot}/ethernet/aliases";
35 my $field0='ACCEPT';
36 my $field1='INPUTFW';
37 my $field2=''; #ON or emtpy
38 my $field3=''; #std_net_src or src_addr
39 my $field4=''; #ALL or IP-Address with /32
40 my $field5='ipfire';
41 my $field6=''; #Default IP or alias name
42 my $field11='ON'; #use target port
43 my $field12=''; #TCP or UDP
44 my $field13='All ICMP-Types';
45 my $field14='TGT_PORT';
46 my $field15=''; #Port Number
47 my $field16=''; #remark
48 my $field26='00:00';
49 my $field27='00:00';
50 my $field28 = '';
51 my $field29 = 'ALL';
52 my $field30 = '';
53 my $field31 = 'dnat';
54 open(FILE, $xtaccessconfig) or die 'Unable to open config file.';
55 my @current = <FILE>;
56 close(FILE);
57 open(FILE1, $aliasconfig) or die 'Unable to open config file.';
58 my @alias = <FILE1>;
59 close(FILE1);
60 &General::readhasharray($inputfwconfig,\%configinputfw);
61
62 foreach my $line (@current){
63 my ($a,$b,$c,$d,$e,$f) = split (",",$line);
64 $e =~ s/\R//g;
65 if ($f gt ''){
66 $f =~ s/\R//g;
67 $field16=$f;
68 }
69 #active or not
70 $field2=uc($d);
71 #get protocol
72 if ($a eq 'tcp'){ $field12 ='TCP';}else{$field12='UDP';}
73 #check source address
74 if ($b eq '0.0.0.0/0'){
75 $field3='std_net_src';
76 $field4='ALL';
77 }elsif($b =~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
78 $field3='src_addr';
79 $field4=$b."/32";
80 }elsif ($b =~ /^(.*?)\/(.*?)$/) {
81 $field3='src_addr';
82 $field4=$b;
83 }else{
84 print "Regel konnte nicht konvertiert werden!\n";
85 }
86 #check ipfire address
87 if ($e eq '0.0.0.0'){
88 $field6 = 'RED1';
89 }else{
90 foreach my $line (@alias){
91 my ($ip,$state,$aliasname) = split (",",$line);
92 if ($ip eq $e){
93 $aliasname =~ s/\R//g;
94 $field6 = $aliasname;
95 }
96 }
97 }
98 #get target port
99 $c=~ s/\R//g;
100 $c=~ tr/-/:/;
101 if ($c =~ /^(\D)\:(\d+)$/) {
102 $c = "1:$2";
103 }
104 if ($c =~ /^(\d+)\:(\D)$/) {
105 $c = "$1:65535";
106 }
107 $field15=$c;
108 my $key = &General::findhasharraykey (\%configinputfw);
109 foreach my $i (0 .. 31) { $configinputfw{$key}[$i] = "";}
110 $configinputfw{$key}[0] = $field0;
111 $configinputfw{$key}[1] = $field1;
112 $configinputfw{$key}[2] = $field2;
113 $configinputfw{$key}[3] = $field3;
114 $configinputfw{$key}[4] = $field4;
115 $configinputfw{$key}[5] = $field5;
116 $configinputfw{$key}[6] = $field6;
117 $configinputfw{$key}[7] = '';
118 $configinputfw{$key}[8] = '';
119 $configinputfw{$key}[9] = '';
120 $configinputfw{$key}[10] = '';
121 $configinputfw{$key}[11] = $field11;
122 $configinputfw{$key}[12] = $field12;
123 $configinputfw{$key}[13] = $field13;
124 $configinputfw{$key}[14] = $field14;
125 $configinputfw{$key}[15] = $field15;
126 $configinputfw{$key}[16] = $field16;
127 $configinputfw{$key}[17] = '';
128 $configinputfw{$key}[18] = '';
129 $configinputfw{$key}[19] = '';
130 $configinputfw{$key}[20] = '';
131 $configinputfw{$key}[21] = '';
132 $configinputfw{$key}[22] = '';
133 $configinputfw{$key}[23] = '';
134 $configinputfw{$key}[24] = '';
135 $configinputfw{$key}[25] = '';
136 $configinputfw{$key}[26] = $field26;
137 $configinputfw{$key}[27] = $field27;
138 $configinputfw{$key}[28] = $field28;
139 $configinputfw{$key}[29] = $field29;
140 $configinputfw{$key}[30] = $field30;
141 $configinputfw{$key}[31] = $field31;
142 &General::writehasharray($inputfwconfig,\%configinputfw);
143 }
Timo's tree of IPFire 2.x