]>
git.ipfire.org Git - people/teissler/ipfire-2.x.git/blob - html/cgi-bin/forwardfw.cgi
a14c6791bb6a32ce8f5b5193a6fd90ae592dbea6
2 ###############################################################################
4 # IPFire.org - A linux based firewall #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 # Hi folks! I hope this code is useful for all. I needed something to handle #
23 # my VPN Connections in a comfortable way. As a prerequisite i needed #
24 # something that makes sure the vpn roadwarrior are able to have a fixed #
25 # ip-address. So i developed the ccd extension for the vpn server. #
27 # Now that the ccd extension is ready i am able to develop the main request. #
28 # Any feedback is appreciated. #
31 ###############################################################################
34 no warnings
'uninitialized' ;
35 # enable only the following on debugging purpose
37 #use CGI::Carp 'fatalsToBrowser';
39 require '/var/ipfire/general-functions.pl' ;
40 require "${General::swroot}/lang.pl" ;
41 require "${General::swroot}/header.pl" ;
42 require "${General::swroot}/forward/bin/firewall-lib.pl" ;
44 unless (- d
"${General::swroot}/forward" ) { system ( "mkdir ${General::swroot}/forward" ); }
45 unless (- e
"${General::swroot}/forward/settings" ) { system ( "touch ${General::swroot}/forward/settings" ); }
46 unless (- e
"${General::swroot}/forward/config" ) { system ( "touch ${General::swroot}/forward/config" ); }
47 unless (- e
"${General::swroot}/forward/input" ) { system ( "touch ${General::swroot}/forward/input" ); }
48 unless (- e
"${General::swroot}/forward/outgoing" ) { system ( "touch ${General::swroot}/forward/outgoing" ); }
49 unless (- e
"${General::swroot}/forward/dmz" ) { system ( "touch ${General::swroot}/forward/dmz" ); }
53 my %defaultNetworks =();
57 my %customnetworks =();
59 my %customservicegrp =();
65 my %configoutgoingfw =();
78 my $confignet = "${General::swroot}/fwhosts/customnetworks" ;
79 my $confighost = "${General::swroot}/fwhosts/customhosts" ;
80 my $configgrp = "${General::swroot}/fwhosts/customgroups" ;
81 my $configsrv = "${General::swroot}/fwhosts/customservices" ;
82 my $configsrvgrp = "${General::swroot}/fwhosts/customservicegrp" ;
83 my $configccdnet = "${General::swroot}/ovpn/ccd.conf" ;
84 my $configccdhost = "${General::swroot}/ovpn/ovpnconfig" ;
85 my $configipsec = "${General::swroot}/vpn/config" ;
86 my $configipsecrw = "${General::swroot}/vpn/settings" ;
87 my $configfwdfw = "${General::swroot}/forward/config" ;
88 my $configinput = "${General::swroot}/forward/input" ;
89 my $configoutgoing = "${General::swroot}/forward/outgoing" ;
90 my $configdmz = "${General::swroot}/forward/dmz" ;
91 my $configovpn = "${General::swroot}/ovpn/settings" ;
92 my $fwoptions = "${General::swroot}/optionsfw/settings" ;
95 my $ipgrp = "${General::swroot}/outgoing/groups" ;
99 & General
:: readhash
( "${General::swroot}/forward/settings" , \
%fwdfwsettings );
100 & General
:: readhash
( "${General::swroot}/main/settings" , \
%mainsettings );
101 & General
:: readhash
( "/srv/web/ipfire/html/themes/" . $mainsettings { 'THEME' }. "/include/colors.txt" , \
%color );
102 & General
:: readhash
( $fwoptions , \
%optionsfw );
104 & Header
:: showhttpheaders
();
105 & Header
:: getcgihash
( \
%fwdfwsettings );
106 & Header
:: openpage
( $Lang :: tr
{ 'fwdfw menu' }, 1 , '' );
107 & Header
:: openbigbox
( '100%' , 'center' , $errormessage );
110 if ( $fwdfwsettings { 'ACTION' } eq $Lang :: tr
{ 'save' })
112 my $MODE = $fwdfwsettings { 'POLICY' };
113 my $MODE1 = $fwdfwsettings { 'POLICY1' };
115 $fwdfwsettings { 'POLICY' } = " $MODE " ;
116 $fwdfwsettings { 'POLICY1' } = " $MODE1 " ;
117 & General
:: writehash
( "${General::swroot}/forward/settings" , \
%fwdfwsettings );
120 if ( $fwdfwsettings { 'ACTION' } eq 'saverule' )
122 & General
:: readhasharray
( " $configfwdfw " , \
%configfwdfw );
123 & General
:: readhasharray
( " $configinput " , \
%configinputfw );
124 & General
:: readhasharray
( " $configoutgoing " , \
%configoutgoingfw );
126 $errormessage =& checksource
;
127 if (! $errormessage ){& checktarget
;}
128 if (! $errormessage ){& checkrule
;}
129 #check if manual ip (source) is orange network
130 if ( $fwdfwsettings { 'grp1' } eq 'src_addr' ){
131 my ( $sip , $scidr ) = split ( "/" , $fwdfwsettings { $fwdfwsettings { 'grp1' }});
132 if ( & General
:: IpInSubnet
( $sip , $netsettings { 'ORANGE_ADDRESS' }, $netsettings { 'ORANGE_NETMASK' })){
137 if ( ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'ORANGE' || $checkorange eq 'on' ) && $fwdfwsettings { 'grp2' } eq 'ipfire' ){
138 $errormessage .= $Lang :: tr
{ 'fwdfw useless rule' }. "<br>" ;
141 #check if we try to break rules
142 if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'IPFire' && $fwdfwsettings { 'grp2' } eq 'ipfire' ){
143 $errormessage .= $Lang :: tr
{ 'fwdfw err same' };
145 print " save1 checkorange ist $checkorange und oldorange ist $fwdfwsettings {'oldorange'} neue grp1 ist $fwdfwsettings { $fwdfwsettings {'grp1'}} alte grp1 $fwdfwsettings {'oldgrp1b'} und altgrp2 ist $fwdfwsettings {'oldgrp2a'} und aktuell grp2 $fwdfwsettings {'grp2'} und update ist $fwdfwsettings {'updatefwrule'}<br>" ;
148 if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'ORANGE' || $checkorange eq 'on' ){
149 $fwdfwsettings { 'config' }= $configdmz ;
150 $fwdfwsettings { 'chain' } = 'FORWARDFW' ;
151 my $maxkey =& General
:: findhasharraykey
( \
%configdmzfw );
152 #check if we have an identical rule already
153 if ( $fwdfwsettings { 'oldrulenumber' } eq $fwdfwsettings { 'rulepos' }){
154 foreach my $key ( sort keys %configdmzfw ){
155 if ( " $fwdfwsettings {'RULE_ACTION'}, $fwdfwsettings {'ACTIVE'}, $fwdfwsettings {'grp1'}, $fwdfwsettings { $fwdfwsettings {'grp1'}}, $fwdfwsettings {'grp2'}, $fwdfwsettings { $fwdfwsettings {'grp2'}}, $fwdfwsettings {'USE_SRC_PORT'}, $fwdfwsettings {'PROT'}, $fwdfwsettings {'ICMP_TYPES'}, $fwdfwsettings {'SRC_PORT'}, $fwdfwsettings {'USESRV'}, $fwdfwsettings {'TGT_PROT'}, $fwdfwsettings {'ICMP_TGT'}, $fwdfwsettings {'grp3'}, $fwdfwsettings { $fwdfwsettings {'grp3'}}, $fwdfwsettings {'LOG'}, $fwdfwsettings {'TIME'}, $fwdfwsettings {'TIME_MON'}, $fwdfwsettings {'TIME_TUE'}, $fwdfwsettings {'TIME_WED'}, $fwdfwsettings {'TIME_THU'}, $fwdfwsettings {'TIME_FRI'}, $fwdfwsettings {'TIME_SAT'}, $fwdfwsettings {'TIME_SUN'}, $fwdfwsettings {'TIME_FROM'}, $fwdfwsettings {'TIME_TO'}"
156 eq " $configdmzfw { $key }[0], $configdmzfw { $key }[2], $configdmzfw { $key }[3], $configdmzfw { $key }[4], $configdmzfw { $key }[5], $configdmzfw { $key }[6], $configdmzfw { $key }[7], $configdmzfw { $key }[8], $configdmzfw { $key }[9], $configdmzfw { $key }[10], $configdmzfw { $key }[11], $configdmzfw { $key }[12], $configdmzfw { $key }[13], $configdmzfw { $key }[14], $configdmzfw { $key }[15], $configdmzfw { $key }[17], $configdmzfw { $key }[18], $configdmzfw { $key }[19], $configdmzfw { $key }[20], $configdmzfw { $key }[21], $configdmzfw { $key }[22], $configdmzfw { $key }[23], $configdmzfw { $key }[24], $configdmzfw { $key }[25], $configdmzfw { $key }[26], $configdmzfw { $key }[27]" ){
157 $errormessage .= $Lang :: tr
{ 'fwdfw err ruleexists' };
158 if ( $fwdfwsettings { 'oldruleremark' } ne $fwdfwsettings { 'ruleremark' } && $fwdfwsettings { 'updatefwrule' } eq 'on' && $fwdfwsettings { 'ruleremark' } eq '' ){
160 } elsif ( $fwdfwsettings { 'oldruleremark' } ne $fwdfwsettings { 'ruleremark' } && $fwdfwsettings { 'updatefwrule' } eq 'on' && $fwdfwsettings { 'ruleremark' } ne '' && !& validremark
( $fwdfwsettings { 'ruleremark' })){
161 $errormessage = $Lang :: tr
{ 'fwdfw err remark' }. "<br>" ;
163 if ( $fwdfwsettings { 'oldruleremark' } eq $fwdfwsettings { 'ruleremark' }){
164 $fwdfwsettings { 'nosave' } = 'on' ;
169 #check Rulepos on new Rule
170 if ( $fwdfwsettings { 'rulepos' } > 0 && ! $fwdfwsettings { 'oldrulenumber' }){
171 $fwdfwsettings { 'oldrulenumber' }= $maxkey ;
172 foreach my $key ( sort keys %configdmzfw ){
173 if ( " $fwdfwsettings {'RULE_ACTION'}, $fwdfwsettings {'ACTIVE'}, $fwdfwsettings {'grp1'}, $fwdfwsettings { $fwdfwsettings {'grp1'}}, $fwdfwsettings {'grp2'}, $fwdfwsettings { $fwdfwsettings {'grp2'}}, $fwdfwsettings {'USE_SRC_PORT'}, $fwdfwsettings {'PROT'}, $fwdfwsettings {'ICMP_TYPES'}, $fwdfwsettings {'SRC_PORT'}, $fwdfwsettings {'USESRV'}, $fwdfwsettings {'TGT_PROT'}, $fwdfwsettings {'ICMP_TGT'}, $fwdfwsettings {'grp3'}, $fwdfwsettings { $fwdfwsettings {'grp3'}}, $fwdfwsettings {'LOG'}, $fwdfwsettings {'TIME'}, $fwdfwsettings {'TIME_MON'}, $fwdfwsettings {'TIME_TUE'}, $fwdfwsettings {'TIME_WED'}, $fwdfwsettings {'TIME_THU'}, $fwdfwsettings {'TIME_FRI'}, $fwdfwsettings {'TIME_SAT'}, $fwdfwsettings {'TIME_SUN'}, $fwdfwsettings {'TIME_FROM'}, $fwdfwsettings {'TIME_TO'}"
174 eq " $configdmzfw { $key }[0], $configdmzfw { $key }[2], $configdmzfw { $key }[3], $configdmzfw { $key }[4], $configdmzfw { $key }[5], $configdmzfw { $key }[6], $configdmzfw { $key }[7], $configdmzfw { $key }[8], $configdmzfw { $key }[9], $configdmzfw { $key }[10], $configdmzfw { $key }[11], $configdmzfw { $key }[12], $configdmzfw { $key }[13], $configdmzfw { $key }[14], $configdmzfw { $key }[15], $configdmzfw { $key }[17], $configdmzfw { $key }[18], $configdmzfw { $key }[19], $configdmzfw { $key }[20], $configdmzfw { $key }[21], $configdmzfw { $key }[22], $configdmzfw { $key }[23], $configdmzfw { $key }[24], $configdmzfw { $key }[25], $configdmzfw { $key }[26], $configdmzfw { $key }[27]" ){
175 $errormessage .= $Lang :: tr
{ 'fwdfw err ruleexists' };
179 #check if we just close a rule
180 if ( $fwdfwsettings { 'oldgrp1a' } eq $fwdfwsettings { 'grp1' } && $fwdfwsettings { 'oldgrp1b' } eq $fwdfwsettings { $fwdfwsettings { 'grp1' }} && $fwdfwsettings { 'oldgrp2a' } eq $fwdfwsettings { 'grp2' } && $fwdfwsettings { 'oldgrp2b' } eq $fwdfwsettings { $fwdfwsettings { 'grp2' }} && $fwdfwsettings { 'oldgrp3a' } eq $fwdfwsettings { 'grp3' } && $fwdfwsettings { 'oldgrp3b' } eq $fwdfwsettings { $fwdfwsettings { 'grp3' }} && $fwdfwsettings { 'oldusesrv' } eq $fwdfwsettings { 'USESRV' } ) {
181 if ( $fwdfwsettings { 'nosave' } eq 'on' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
183 $fwdfwsettings { 'nosave2' } = 'on' ;
186 & checkcounter
( $fwdfwsettings { 'oldgrp1a' }, $fwdfwsettings { 'oldgrp1b' }, $fwdfwsettings { 'grp1' }, $fwdfwsettings { $fwdfwsettings { 'grp1' }});
187 if ( $fwdfwsettings { 'nobase' } ne 'on' ){
188 & checkcounter
( $fwdfwsettings { 'oldgrp2a' }, $fwdfwsettings { 'oldgrp2b' }, $fwdfwsettings { 'grp2' }, $fwdfwsettings { $fwdfwsettings { 'grp2' }});
190 if ( $fwdfwsettings { 'oldusesrv' } eq '' && $fwdfwsettings { 'USESRV' } eq 'ON' ){
191 & checkcounter
( 0 , 0 , $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
192 } elsif ( $fwdfwsettings { 'USESRV' } eq '' && $fwdfwsettings { 'oldusesrv' } eq 'ON' ) {
193 & checkcounter
( $fwdfwsettings { 'oldgrp3a' }, $fwdfwsettings { 'oldgrp3b' }, 0 , 0 );
194 } elsif ( $fwdfwsettings { 'oldusesrv' } eq $fwdfwsettings { 'USESRV' } && $fwdfwsettings { 'oldgrp3b' } ne $fwdfwsettings { $fwdfwsettings { 'grp3' }} && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
195 & checkcounter
( $fwdfwsettings { 'oldgrp3a' }, $fwdfwsettings { 'oldgrp3b' }, $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
197 if ( $fwdfwsettings { 'nosave2' } ne 'on' ){
198 & saverule
( \
%configdmzfw , $configdmz );
201 } elsif ( $fwdfwsettings { 'grp2' } eq 'ipfire' && $fwdfwsettings { $fwdfwsettings { 'grp1' }} ne 'ORANGE' ){
202 $fwdfwsettings { 'config' }= $configinput ;
203 $fwdfwsettings { 'chain' } = 'INPUTFW' ;
204 my $maxkey =& General
:: findhasharraykey
( \
%configinputfw );
205 #check if we have an identical rule already
206 if ( $fwdfwsettings { 'oldrulenumber' } eq $fwdfwsettings { 'rulepos' }){
207 foreach my $key ( sort keys %configinputfw ){
208 if ( " $fwdfwsettings {'RULE_ACTION'}, $fwdfwsettings {'ACTIVE'}, $fwdfwsettings {'grp1'}, $fwdfwsettings { $fwdfwsettings {'grp1'}}, $fwdfwsettings {'grp2'}, $fwdfwsettings { $fwdfwsettings {'grp2'}}, $fwdfwsettings {'USE_SRC_PORT'}, $fwdfwsettings {'PROT'}, $fwdfwsettings {'ICMP_TYPES'}, $fwdfwsettings {'SRC_PORT'}, $fwdfwsettings {'USESRV'}, $fwdfwsettings {'TGT_PROT'}, $fwdfwsettings {'ICMP_TGT'}, $fwdfwsettings {'grp3'}, $fwdfwsettings { $fwdfwsettings {'grp3'}}, $fwdfwsettings {'LOG'}, $fwdfwsettings {'TIME'}, $fwdfwsettings {'TIME_MON'}, $fwdfwsettings {'TIME_TUE'}, $fwdfwsettings {'TIME_WED'}, $fwdfwsettings {'TIME_THU'}, $fwdfwsettings {'TIME_FRI'}, $fwdfwsettings {'TIME_SAT'}, $fwdfwsettings {'TIME_SUN'}, $fwdfwsettings {'TIME_FROM'}, $fwdfwsettings {'TIME_TO'}"
209 eq " $configinputfw { $key }[0], $configinputfw { $key }[2], $configinputfw { $key }[3], $configinputfw { $key }[4], $configinputfw { $key }[5], $configinputfw { $key }[6], $configinputfw { $key }[7], $configinputfw { $key }[8], $configinputfw { $key }[9], $configinputfw { $key }[10], $configinputfw { $key }[11], $configinputfw { $key }[12], $configinputfw { $key }[13], $configinputfw { $key }[14], $configinputfw { $key }[15], $configinputfw { $key }[17], $configinputfw { $key }[18], $configinputfw { $key }[19], $configinputfw { $key }[20], $configinputfw { $key }[21], $configinputfw { $key }[22], $configinputfw { $key }[23], $configinputfw { $key }[24], $configinputfw { $key }[25], $configinputfw { $key }[26], $configinputfw { $key }[27]" ){
210 $errormessage .= $Lang :: tr
{ 'fwdfw err ruleexists' };
211 if ( $fwdfwsettings { 'oldruleremark' } ne $fwdfwsettings { 'ruleremark' } && $fwdfwsettings { 'updatefwrule' } eq 'on' && $fwdfwsettings { 'ruleremark' } eq '' ){
213 } elsif ( $fwdfwsettings { 'oldruleremark' } ne $fwdfwsettings { 'ruleremark' } && $fwdfwsettings { 'updatefwrule' } eq 'on' && $fwdfwsettings { 'ruleremark' } ne '' && !& validremark
( $fwdfwsettings { 'ruleremark' })){
214 $errormessage = $Lang :: tr
{ 'fwdfw err remark' }. "<br>" ;
216 if ( $fwdfwsettings { 'oldruleremark' } eq $fwdfwsettings { 'ruleremark' }){
217 $fwdfwsettings { 'nosave' } = 'on' ;
222 #check Rulepos on new Rule
223 if ( $fwdfwsettings { 'rulepos' } > 0 && ! $fwdfwsettings { 'oldrulenumber' }){
224 $fwdfwsettings { 'oldrulenumber' }= $maxkey ;
225 foreach my $key ( sort keys %configinputfw ){
226 if ( " $fwdfwsettings {'RULE_ACTION'}, $fwdfwsettings {'ACTIVE'}, $fwdfwsettings {'grp1'}, $fwdfwsettings { $fwdfwsettings {'grp1'}}, $fwdfwsettings {'grp2'}, $fwdfwsettings { $fwdfwsettings {'grp2'}}, $fwdfwsettings {'USE_SRC_PORT'}, $fwdfwsettings {'PROT'}, $fwdfwsettings {'ICMP_TYPES'}, $fwdfwsettings {'SRC_PORT'}, $fwdfwsettings {'USESRV'}, $fwdfwsettings {'TGT_PROT'}, $fwdfwsettings {'ICMP_TGT'}, $fwdfwsettings {'grp3'}, $fwdfwsettings { $fwdfwsettings {'grp3'}}, $fwdfwsettings {'LOG'}, $fwdfwsettings {'TIME'}, $fwdfwsettings {'TIME_MON'}, $fwdfwsettings {'TIME_TUE'}, $fwdfwsettings {'TIME_WED'}, $fwdfwsettings {'TIME_THU'}, $fwdfwsettings {'TIME_FRI'}, $fwdfwsettings {'TIME_SAT'}, $fwdfwsettings {'TIME_SUN'}, $fwdfwsettings {'TIME_FROM'}, $fwdfwsettings {'TIME_TO'}"
227 eq " $configinputfw { $key }[0], $configinputfw { $key }[2], $configinputfw { $key }[3], $configinputfw { $key }[4], $configinputfw { $key }[5], $configinputfw { $key }[6], $configinputfw { $key }[7], $configinputfw { $key }[8], $configinputfw { $key }[9], $configinputfw { $key }[10], $configinputfw { $key }[11], $configinputfw { $key }[12], $configinputfw { $key }[13], $configinputfw { $key }[14], $configinputfw { $key }[15], $configinputfw { $key }[17], $configinputfw { $key }[18], $configinputfw { $key }[19], $configinputfw { $key }[20], $configinputfw { $key }[21], $configinputfw { $key }[22], $configinputfw { $key }[23], $configinputfw { $key }[24], $configinputfw { $key }[25], $configinputfw { $key }[26], $configinputfw { $key }[27]" ){
228 $errormessage .= $Lang :: tr
{ 'fwdfw err ruleexists' };
232 #check if we just close a rule
233 if ( $fwdfwsettings { 'oldgrp1a' } eq $fwdfwsettings { 'grp1' } && $fwdfwsettings { 'oldgrp1b' } eq $fwdfwsettings { $fwdfwsettings { 'grp1' }} && $fwdfwsettings { 'oldgrp2a' } eq $fwdfwsettings { 'grp2' } && $fwdfwsettings { 'oldgrp2b' } eq $fwdfwsettings { $fwdfwsettings { 'grp2' }} && $fwdfwsettings { 'oldgrp3a' } eq $fwdfwsettings { 'grp3' } && $fwdfwsettings { 'oldgrp3b' } eq $fwdfwsettings { $fwdfwsettings { 'grp3' }} && $fwdfwsettings { 'oldusesrv' } eq $fwdfwsettings { 'USESRV' } ) {
234 if ( $fwdfwsettings { 'nosave' } eq 'on' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
236 $fwdfwsettings { 'nosave2' } = 'on' ;
239 & checkcounter
( $fwdfwsettings { 'oldgrp1a' }, $fwdfwsettings { 'oldgrp1b' }, $fwdfwsettings { 'grp1' }, $fwdfwsettings { $fwdfwsettings { 'grp1' }});
240 if ( $fwdfwsettings { 'nobase' } ne 'on' ){
241 & checkcounter
( $fwdfwsettings { 'oldgrp2a' }, $fwdfwsettings { 'oldgrp2b' }, $fwdfwsettings { 'grp2' }, $fwdfwsettings { $fwdfwsettings { 'grp2' }});
243 if ( $fwdfwsettings { 'oldusesrv' } eq '' && $fwdfwsettings { 'USESRV' } eq 'ON' ){
244 & checkcounter
( 0 , 0 , $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
245 } elsif ( $fwdfwsettings { 'USESRV' } eq '' && $fwdfwsettings { 'oldusesrv' } eq 'ON' ) {
246 & checkcounter
( $fwdfwsettings { 'oldgrp3a' }, $fwdfwsettings { 'oldgrp3b' }, 0 , 0 );
247 } elsif ( $fwdfwsettings { 'oldusesrv' } eq $fwdfwsettings { 'USESRV' } && $fwdfwsettings { 'oldgrp3b' } ne $fwdfwsettings { $fwdfwsettings { 'grp3' }} && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
248 & checkcounter
( $fwdfwsettings { 'oldgrp3a' }, $fwdfwsettings { 'oldgrp3b' }, $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
250 if ( $fwdfwsettings { 'nosave2' } ne 'on' ){
251 & saverule
( \
%configinputfw , $configinput );
253 #print "Source: $fwdfwsettings{'grp1'} -> $fwdfwsettings{$fwdfwsettings{'grp1'}}<br>";
254 #print "Sourceport: $fwdfwsettings{'USE_SRC_PORT'}, $fwdfwsettings{'PROT'}, $fwdfwsettings{'ICMP_TYPES'}, $fwdfwsettings{'SRC_PORT'}<br>";
255 #print "Target: $fwdfwsettings{'grp2'} -> $fwdfwsettings{$fwdfwsettings{'grp2'}}<br>";
256 #print "Dienst: $fwdfwsettings{'USESRV'}, $fwdfwsettings{'grp3'} -> $fwdfwsettings{$fwdfwsettings{'grp3'}}<br>";
257 #print "BEMERKUNG: $fwdfwsettings{'ruleremark'}<br>";
258 #print " Regel AKTIV: $fwdfwsettings{'ACTIVE'}<br>";
259 #print " Regel LOG: $fwdfwsettings{'LOG'}<br>";
260 #print " ZEITRAHMEN: $fwdfwsettings{'TIME'}<br>";
261 #print " MO: $fwdfwsettings{'TIME_MON'}<br>";
262 #print " DI: $fwdfwsettings{'TIME_TUE'}<br>";
263 #print " MI: $fwdfwsettings{'TIME_WED'}<br>";
264 #print " DO: $fwdfwsettings{'TIME_THU'}<br>";
265 #print " FR: $fwdfwsettings{'TIME_FRI'}<br>";
266 #print " SA: $fwdfwsettings{'TIME_SAT'}<br>";
267 #print " SO: $fwdfwsettings{'TIME_SUN'}<br>";
268 #print " VON: $fwdfwsettings{'TIME_FROM'} bis $fwdfwsettings{'TIME_TO'}<br>";
270 #print"ALT: $fwdfwsettings{'oldgrp1a'} $fwdfwsettings{'oldgrp1b'} NEU: $fwdfwsettings{'grp1'} $fwdfwsettings{$fwdfwsettings{'grp1'}}<br>";
271 #print"ALT: $fwdfwsettings{'oldgrp2a'} $fwdfwsettings{'oldgrp2b'} NEU: $fwdfwsettings{'grp2'} $fwdfwsettings{$fwdfwsettings{'grp2'}}<br>";
272 #print"ALT: $fwdfwsettings{'oldgrp3a'} $fwdfwsettings{'oldgrp3b'} NEU: $fwdfwsettings{'grp3'} $fwdfwsettings{$fwdfwsettings{'grp3'}}<br>";
273 #print"DIENSTE Checkalt:$fwdfwsettings{'oldusesrv'} DIENSTE Checkneu:$fwdfwsettings{'USESRV'} DIENST ALT:$fwdfwsettings{'oldgrp3a'},$fwdfwsettings{'oldgrp3b'} DIENST NEU:$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}}<br>";
274 } elsif ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'IPFire' ){
276 $fwdfwsettings { 'config' }= $configoutgoing ;
277 $fwdfwsettings { 'chain' } = 'OUTGOINGFW' ;
278 my $maxkey =& General
:: findhasharraykey
( \
%configoutgoingfw );
279 if ( $fwdfwsettings { 'oldrulenumber' } eq $fwdfwsettings { 'rulepos' }){
280 foreach my $key ( sort keys %configoutgoingfw ){
281 if ( " $fwdfwsettings {'RULE_ACTION'}, $fwdfwsettings {'ACTIVE'}, $fwdfwsettings {'grp1'}, $fwdfwsettings { $fwdfwsettings {'grp1'}}, $fwdfwsettings {'grp2'}, $fwdfwsettings { $fwdfwsettings {'grp2'}}, $fwdfwsettings {'USE_SRC_PORT'}, $fwdfwsettings {'PROT'}, $fwdfwsettings {'ICMP_TYPES'}, $fwdfwsettings {'SRC_PORT'}, $fwdfwsettings {'USESRV'}, $fwdfwsettings {'TGT_PROT'}, $fwdfwsettings {'ICMP_TGT'}, $fwdfwsettings {'grp3'}, $fwdfwsettings { $fwdfwsettings {'grp3'}}, $fwdfwsettings {'LOG'}, $fwdfwsettings {'TIME'}, $fwdfwsettings {'TIME_MON'}, $fwdfwsettings {'TIME_TUE'}, $fwdfwsettings {'TIME_WED'}, $fwdfwsettings {'TIME_THU'}, $fwdfwsettings {'TIME_FRI'}, $fwdfwsettings {'TIME_SAT'}, $fwdfwsettings {'TIME_SUN'}, $fwdfwsettings {'TIME_FROM'}, $fwdfwsettings {'TIME_TO'}"
282 eq " $configoutgoingfw { $key }[0], $configoutgoingfw { $key }[2], $configoutgoingfw { $key }[3], $configoutgoingfw { $key }[4], $configoutgoingfw { $key }[5], $configoutgoingfw { $key }[6], $configoutgoingfw { $key }[7], $configoutgoingfw { $key }[8], $configoutgoingfw { $key }[9], $configoutgoingfw { $key }[10], $configoutgoingfw { $key }[11], $configoutgoingfw { $key }[12], $configoutgoingfw { $key }[13], $configoutgoingfw { $key }[14], $configoutgoingfw { $key }[15], $configoutgoingfw { $key }[17], $configoutgoingfw { $key }[18], $configoutgoingfw { $key }[19], $configoutgoingfw { $key }[20], $configoutgoingfw { $key }[21], $configoutgoingfw { $key }[22], $configoutgoingfw { $key }[23], $configoutgoingfw { $key }[24], $configoutgoingfw { $key }[25], $configoutgoingfw { $key }[26], $configoutgoingfw { $key }[27]" ){
283 $errormessage .= $Lang :: tr
{ 'fwdfw err ruleexists' };
284 if ( $fwdfwsettings { 'oldruleremark' } ne $fwdfwsettings { 'ruleremark' } && $fwdfwsettings { 'updatefwrule' } eq 'on' && $fwdfwsettings { 'ruleremark' } eq '' ){
286 } elsif ( $fwdfwsettings { 'oldruleremark' } ne $fwdfwsettings { 'ruleremark' } && $fwdfwsettings { 'updatefwrule' } eq 'on' && $fwdfwsettings { 'ruleremark' } ne '' && !& validremark
( $fwdfwsettings { 'ruleremark' })){
287 $errormessage = $Lang :: tr
{ 'fwdfw err remark' }. "<br>" ;
289 if ( $fwdfwsettings { 'oldruleremark' } eq $fwdfwsettings { 'ruleremark' }){
290 $fwdfwsettings { 'nosave' } = 'on' ;
295 #check Rulepos on new Rule
296 if ( $fwdfwsettings { 'rulepos' } > 0 && ! $fwdfwsettings { 'oldrulenumber' }){
297 print "CHECK OUTGOING DOPPELTE REGEL<br>" ;
298 $fwdfwsettings { 'oldrulenumber' }= $maxkey ;
299 foreach my $key ( sort keys %configoutgoingfw ){
300 if ( " $fwdfwsettings {'RULE_ACTION'}, $fwdfwsettings {'ACTIVE'}, $fwdfwsettings {'grp1'}, $fwdfwsettings { $fwdfwsettings {'grp1'}}, $fwdfwsettings {'grp2'}, $fwdfwsettings { $fwdfwsettings {'grp2'}}, $fwdfwsettings {'USE_SRC_PORT'}, $fwdfwsettings {'PROT'}, $fwdfwsettings {'ICMP_TYPES'}, $fwdfwsettings {'SRC_PORT'}, $fwdfwsettings {'USESRV'}, $fwdfwsettings {'TGT_PROT'}, $fwdfwsettings {'ICMP_TGT'}, $fwdfwsettings {'grp3'}, $fwdfwsettings { $fwdfwsettings {'grp3'}}, $fwdfwsettings {'LOG'}, $fwdfwsettings {'TIME'}, $fwdfwsettings {'TIME_MON'}, $fwdfwsettings {'TIME_TUE'}, $fwdfwsettings {'TIME_WED'}, $fwdfwsettings {'TIME_THU'}, $fwdfwsettings {'TIME_FRI'}, $fwdfwsettings {'TIME_SAT'}, $fwdfwsettings {'TIME_SUN'}, $fwdfwsettings {'TIME_FROM'}, $fwdfwsettings {'TIME_TO'}"
301 eq " $configoutgoingfw { $key }[0], $configoutgoingfw { $key }[2], $configoutgoingfw { $key }[3], $configoutgoingfw { $key }[4], $configoutgoingfw { $key }[5], $configoutgoingfw { $key }[6], $configoutgoingfw { $key }[7], $configoutgoingfw { $key }[8], $configoutgoingfw { $key }[9], $configoutgoingfw { $key }[10], $configoutgoingfw { $key }[11], $configoutgoingfw { $key }[12], $configoutgoingfw { $key }[13], $configoutgoingfw { $key }[14], $configoutgoingfw { $key }[15], $configoutgoingfw { $key }[17], $configoutgoingfw { $key }[18], $configoutgoingfw { $key }[19], $configoutgoingfw { $key }[20], $configoutgoingfw { $key }[21], $configoutgoingfw { $key }[22], $configoutgoingfw { $key }[23], $configoutgoingfw { $key }[24], $configoutgoingfw { $key }[25], $configoutgoingfw { $key }[26], $configoutgoingfw { $key }[27]" ){
302 $errormessage .= $Lang :: tr
{ 'fwdfw err ruleexists' };
306 #check if we just close a rule
307 if ( $fwdfwsettings { 'oldgrp1a' } eq $fwdfwsettings { 'grp1' } && $fwdfwsettings { 'oldgrp1b' } eq $fwdfwsettings { $fwdfwsettings { 'grp1' }} && $fwdfwsettings { 'oldgrp2a' } eq $fwdfwsettings { 'grp2' } && $fwdfwsettings { 'oldgrp2b' } eq $fwdfwsettings { $fwdfwsettings { 'grp2' }} && $fwdfwsettings { 'oldgrp3a' } eq $fwdfwsettings { 'grp3' } && $fwdfwsettings { 'oldgrp3b' } eq $fwdfwsettings { $fwdfwsettings { 'grp3' }} && $fwdfwsettings { 'oldusesrv' } eq $fwdfwsettings { 'USESRV' } && $fwdfwsettings { 'oldruleremark' } eq $fwdfwsettings { 'ruleremark' } ) {
308 if ( $fwdfwsettings { 'nosave' } eq 'on' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
309 $fwdfwsettings { 'nosave2' } = 'on' ;
314 & checkcounter
( $fwdfwsettings { 'oldgrp1a' }, $fwdfwsettings { 'oldgrp1b' }, $fwdfwsettings { 'grp1' }, $fwdfwsettings { $fwdfwsettings { 'grp1' }});
315 & checkcounter
( $fwdfwsettings { 'oldgrp2a' }, $fwdfwsettings { 'oldgrp2b' }, $fwdfwsettings { 'grp2' }, $fwdfwsettings { $fwdfwsettings { 'grp2' }});
316 if ( $fwdfwsettings { 'oldusesrv' } eq '' && $fwdfwsettings { 'USESRV' } eq 'ON' ){
317 & checkcounter
( 0 , 0 , $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
318 } elsif ( $fwdfwsettings { 'USESRV' } eq '' && $fwdfwsettings { 'oldusesrv' } eq 'ON' ) {
319 & checkcounter
( $fwdfwsettings { 'oldgrp3a' }, $fwdfwsettings { 'oldgrp3b' }, 0 , 0 );
320 } elsif ( $fwdfwsettings { 'oldusesrv' } eq $fwdfwsettings { 'USESRV' } && $fwdfwsettings { 'oldgrp3b' } ne $fwdfwsettings { $fwdfwsettings { 'grp3' }} && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
321 & checkcounter
( $fwdfwsettings { 'oldgrp3a' }, $fwdfwsettings { 'oldgrp3b' }, $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
323 if ( $fwdfwsettings { 'nobase' } eq 'on' ){
324 & checkcounter
( 0 , 0 , $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
326 if ( $fwdfwsettings { 'nosave2' } ne 'on' ){
327 & saverule
( \
%configoutgoingfw , $configoutgoing );
331 $fwdfwsettings { 'config' }= $configfwdfw ;
332 $fwdfwsettings { 'chain' } = 'FORWARDFW' ;
333 my $maxkey =& General
:: findhasharraykey
( \
%configfwdfw );
334 if ( $fwdfwsettings { 'oldrulenumber' } eq $fwdfwsettings { 'rulepos' }){
335 #check if we have an identical rule already
336 foreach my $key ( sort keys %configfwdfw ){
337 if ( " $fwdfwsettings {'RULE_ACTION'}, $fwdfwsettings {'ACTIVE'}, $fwdfwsettings {'grp1'}, $fwdfwsettings { $fwdfwsettings {'grp1'}}, $fwdfwsettings {'grp2'}, $fwdfwsettings { $fwdfwsettings {'grp2'}}, $fwdfwsettings {'USE_SRC_PORT'}, $fwdfwsettings {'PROT'}, $fwdfwsettings {'ICMP_TYPES'}, $fwdfwsettings {'SRC_PORT'}, $fwdfwsettings {'USESRV'}, $fwdfwsettings {'TGT_PROT'}, $fwdfwsettings {'ICMP_TGT'}, $fwdfwsettings {'grp3'}, $fwdfwsettings { $fwdfwsettings {'grp3'}}, $fwdfwsettings {'LOG'}, $fwdfwsettings {'TIME'}, $fwdfwsettings {'TIME_MON'}, $fwdfwsettings {'TIME_TUE'}, $fwdfwsettings {'TIME_WED'}, $fwdfwsettings {'TIME_THU'}, $fwdfwsettings {'TIME_FRI'}, $fwdfwsettings {'TIME_SAT'}, $fwdfwsettings {'TIME_SUN'}, $fwdfwsettings {'TIME_FROM'}, $fwdfwsettings {'TIME_TO'}"
338 eq " $configfwdfw { $key }[0], $configfwdfw { $key }[2], $configfwdfw { $key }[3], $configfwdfw { $key }[4], $configfwdfw { $key }[5], $configfwdfw { $key }[6], $configfwdfw { $key }[7], $configfwdfw { $key }[8], $configfwdfw { $key }[9], $configfwdfw { $key }[10], $configfwdfw { $key }[11], $configfwdfw { $key }[12], $configfwdfw { $key }[13], $configfwdfw { $key }[14], $configfwdfw { $key }[15], $configfwdfw { $key }[17], $configfwdfw { $key }[18], $configfwdfw { $key }[19], $configfwdfw { $key }[20], $configfwdfw { $key }[21], $configfwdfw { $key }[22], $configfwdfw { $key }[23], $configfwdfw { $key }[24], $configfwdfw { $key }[25], $configfwdfw { $key }[26], $configfwdfw { $key }[27]" ){
339 $errormessage .= $Lang :: tr
{ 'fwdfw err ruleexists' };
340 if ( $fwdfwsettings { 'oldruleremark' } ne $fwdfwsettings { 'ruleremark' } && $fwdfwsettings { 'updatefwrule' } eq 'on' && $fwdfwsettings { 'ruleremark' } eq '' ){
342 } elsif ( $fwdfwsettings { 'oldruleremark' } ne $fwdfwsettings { 'ruleremark' } && $fwdfwsettings { 'updatefwrule' } eq 'on' && $fwdfwsettings { 'ruleremark' } ne '' && !& validremark
( $fwdfwsettings { 'ruleremark' })){
343 $errormessage = $Lang :: tr
{ 'fwdfw err remark' }. "<br>" ;
345 if ( $fwdfwsettings { 'oldruleremark' } eq $fwdfwsettings { 'ruleremark' }){
346 $fwdfwsettings { 'nosave' } = 'on' ;
351 #check Rulepos on new Rule
352 if ( $fwdfwsettings { 'rulepos' } > 0 && ! $fwdfwsettings { 'oldrulenumber' }){
353 $fwdfwsettings { 'oldrulenumber' }= $maxkey ;
354 foreach my $key ( sort keys %configfwdfw ){
355 if ( " $fwdfwsettings {'RULE_ACTION'}, $fwdfwsettings {'ACTIVE'}, $fwdfwsettings {'grp1'}, $fwdfwsettings { $fwdfwsettings {'grp1'}}, $fwdfwsettings {'grp2'}, $fwdfwsettings { $fwdfwsettings {'grp2'}}, $fwdfwsettings {'USE_SRC_PORT'}, $fwdfwsettings {'PROT'}, $fwdfwsettings {'ICMP_TYPES'}, $fwdfwsettings {'SRC_PORT'}, $fwdfwsettings {'USESRV'}, $fwdfwsettings {'TGT_PROT'}, $fwdfwsettings {'ICMP_TGT'}, $fwdfwsettings {'grp3'}, $fwdfwsettings { $fwdfwsettings {'grp3'}}, $fwdfwsettings {'LOG'}, $fwdfwsettings {'TIME'}, $fwdfwsettings {'TIME_MON'}, $fwdfwsettings {'TIME_TUE'}, $fwdfwsettings {'TIME_WED'}, $fwdfwsettings {'TIME_THU'}, $fwdfwsettings {'TIME_FRI'}, $fwdfwsettings {'TIME_SAT'}, $fwdfwsettings {'TIME_SUN'}, $fwdfwsettings {'TIME_FROM'}, $fwdfwsettings {'TIME_TO'}"
356 eq " $configfwdfw { $key }[0], $configfwdfw { $key }[2], $configfwdfw { $key }[3], $configfwdfw { $key }[4], $configfwdfw { $key }[5], $configfwdfw { $key }[6], $configfwdfw { $key }[7], $configfwdfw { $key }[8], $configfwdfw { $key }[9], $configfwdfw { $key }[10], $configfwdfw { $key }[11], $configfwdfw { $key }[12], $configfwdfw { $key }[13], $configfwdfw { $key }[14], $configfwdfw { $key }[15], $configfwdfw { $key }[17], $configfwdfw { $key }[18], $configfwdfw { $key }[19], $configfwdfw { $key }[20], $configfwdfw { $key }[21], $configfwdfw { $key }[22], $configfwdfw { $key }[23], $configfwdfw { $key }[24], $configfwdfw { $key }[25], $configfwdfw { $key }[26], $configfwdfw { $key }[27]" ){
357 $errormessage .= $Lang :: tr
{ 'fwdfw err ruleexists' };
361 #check if we just close a rule
362 if ( $fwdfwsettings { 'oldgrp1a' } eq $fwdfwsettings { 'grp1' } && $fwdfwsettings { 'oldgrp1b' } eq $fwdfwsettings { $fwdfwsettings { 'grp1' }} && $fwdfwsettings { 'oldgrp2a' } eq $fwdfwsettings { 'grp2' } && $fwdfwsettings { 'oldgrp2b' } eq $fwdfwsettings { $fwdfwsettings { 'grp2' }} && $fwdfwsettings { 'oldgrp3a' } eq $fwdfwsettings { 'grp3' } && $fwdfwsettings { 'oldgrp3b' } eq $fwdfwsettings { $fwdfwsettings { 'grp3' }} && $fwdfwsettings { 'oldusesrv' } eq $fwdfwsettings { 'USESRV' } && $fwdfwsettings { 'oldruleremark' } eq $fwdfwsettings { 'ruleremark' } ) {
363 if ( $fwdfwsettings { 'nosave' } eq 'on' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
364 $fwdfwsettings { 'nosave2' } = 'on' ;
369 & checkcounter
( $fwdfwsettings { 'oldgrp1a' }, $fwdfwsettings { 'oldgrp1b' }, $fwdfwsettings { 'grp1' }, $fwdfwsettings { $fwdfwsettings { 'grp1' }});
370 & checkcounter
( $fwdfwsettings { 'oldgrp2a' }, $fwdfwsettings { 'oldgrp2b' }, $fwdfwsettings { 'grp2' }, $fwdfwsettings { $fwdfwsettings { 'grp2' }});
371 if ( $fwdfwsettings { 'oldusesrv' } eq '' && $fwdfwsettings { 'USESRV' } eq 'ON' ){
372 & checkcounter
( 0 , 0 , $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
373 } elsif ( $fwdfwsettings { 'USESRV' } eq '' && $fwdfwsettings { 'oldusesrv' } eq 'ON' ) {
374 & checkcounter
( $fwdfwsettings { 'oldgrp3a' }, $fwdfwsettings { 'oldgrp3b' }, 0 , 0 );
375 } elsif ( $fwdfwsettings { 'oldusesrv' } eq $fwdfwsettings { 'USESRV' } && $fwdfwsettings { 'oldgrp3b' } ne $fwdfwsettings { $fwdfwsettings { 'grp3' }} && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
376 & checkcounter
( $fwdfwsettings { 'oldgrp3a' }, $fwdfwsettings { 'oldgrp3b' }, $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
378 if ( $fwdfwsettings { 'nobase' } eq 'on' ){
379 & checkcounter
( 0 , 0 , $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
381 if ( $fwdfwsettings { 'nosave2' } ne 'on' ){
382 & saverule
( \
%configfwdfw , $configfwdfw );
384 #print "Source: $fwdfwsettings{'grp1'} -> $fwdfwsettings{$fwdfwsettings{'grp1'}}<br>";
385 #print "Sourceport: $fwdfwsettings{'USE_SRC_PORT'}, $fwdfwsettings{'PROT'}, $fwdfwsettings{'ICMP_TYPES'}, $fwdfwsettings{'SRC_PORT'}<br>";
386 #print "Target: $fwdfwsettings{'grp2'} -> $fwdfwsettings{$fwdfwsettings{'grp2'}}<br>";
387 #print "Dienst: $fwdfwsettings{'USESRV'}, $fwdfwsettings{'grp3'} -> $fwdfwsettings{$fwdfwsettings{'grp3'}}<br>";
388 #print "BEMERKUNG: $fwdfwsettings{'ruleremark'}<br>";
389 #print " Regel AKTIV: $fwdfwsettings{'ACTIVE'}<br>";
390 #print " Regel LOG: $fwdfwsettings{'LOG'}<br>";
391 #print " ZEITRAHMEN: $fwdfwsettings{'TIME'}<br>";
392 #print " MO: $fwdfwsettings{'TIME_MON'}<br>";
393 #print " DI: $fwdfwsettings{'TIME_TUE'}<br>";
394 #print " MI: $fwdfwsettings{'TIME_WED'}<br>";
395 #print " DO: $fwdfwsettings{'TIME_THU'}<br>";
396 #print " FR: $fwdfwsettings{'TIME_FRI'}<br>";
397 #print " SA: $fwdfwsettings{'TIME_SAT'}<br>";
398 #print " SO: $fwdfwsettings{'TIME_SUN'}<br>";
399 #print " VON: $fwdfwsettings{'TIME_FROM'} bis $fwdfwsettings{'TIME_TO'}<br>";
401 #print"ALT: $fwdfwsettings{'oldgrp1a'} $fwdfwsettings{'oldgrp1b'} NEU: $fwdfwsettings{'grp1'} $fwdfwsettings{$fwdfwsettings{'grp1'}}<br>";
402 #print"ALT: $fwdfwsettings{'oldgrp2a'} $fwdfwsettings{'oldgrp2b'} NEU: $fwdfwsettings{'grp2'} $fwdfwsettings{$fwdfwsettings{'grp2'}}<br>";
403 #print"ALT: $fwdfwsettings{'oldgrp3a'} $fwdfwsettings{'oldgrp3b'} NEU: $fwdfwsettings{'grp3'} $fwdfwsettings{$fwdfwsettings{'grp3'}}<br>";
404 #print"DIENSTE Checkalt:$fwdfwsettings{'oldusesrv'} DIENSTE Checkneu:$fwdfwsettings{'USESRV'} DIENST ALT:$fwdfwsettings{'oldgrp3a'},$fwdfwsettings{'oldgrp3b'} DIENST NEU:$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}}<br>";
409 if ( $fwdfwsettings { 'nosave2' } ne 'on' ){
415 if ( $fwdfwsettings { 'ACTION' } eq $Lang :: tr
{ 'reset' })
417 if ( $fwdfwsettings { 'poltype' } eq 'forward' ){
418 & General
:: readhasharray
( " $configfwdfw " , \
%configfwdfw );
419 foreach my $key ( sort keys %configfwdfw ){
420 & checkcounter
( $configfwdfw { $key }[ 3 ], $configfwdfw { $key }[ 4 ],,);
421 & checkcounter
( $configfwdfw { $key }[ 5 ], $configfwdfw { $key }[ 6 ],,);
422 & checkcounter
( $configfwdfw { $key }[ 14 ], $configfwdfw { $key }[ 15 ],,);
424 & General
:: readhasharray
( " $configinput " , \
%configinputfw );
425 foreach my $key ( sort keys %configinputfw ){
426 & checkcounter
( $configinputfw { $key }[ 3 ], $configinputfw { $key }[ 4 ],,);
427 & checkcounter
( $configinputfw { $key }[ 5 ], $configinputfw { $key }[ 6 ],,);
428 & checkcounter
( $configinputfw { $key }[ 14 ], $configinputfw { $key }[ 15 ],,);
431 system ( "rm ${General::swroot}/forward/config" );
432 system ( "rm ${General::swroot}/forward/input" );
433 & General
:: writehash
( "${General::swroot}/forward/settings" , \
%fwdfwsettings );
434 unless (- e
"${General::swroot}/forward/config" ) { system ( "touch ${General::swroot}/forward/config" ); }
435 unless (- e
"${General::swroot}/forward/input" ) { system ( "touch ${General::swroot}/forward/input" ); }
436 my $MODE1 = $fwdfwsettings { 'POLICY1' };
438 $fwdfwsettings { 'POLICY' }= 'MODE2' ;
439 $fwdfwsettings { 'POLICY1' }= $MODE1 ;
440 & General
:: writehash
( "${General::swroot}/forward/settings" , \
%fwdfwsettings );
443 & General
:: readhasharray
( " $configoutgoing " , \
%configoutgoingfw );
444 foreach my $key ( sort keys %configoutgoingfw ){
445 & checkcounter
( $configoutgoingfw { $key }[ 3 ], $configoutgoingfw { $key }[ 4 ],,);
446 & checkcounter
( $configoutgoingfw { $key }[ 5 ], $configoutgoingfw { $key }[ 6 ],,);
447 & checkcounter
( $configoutgoingfw { $key }[ 14 ], $configoutgoingfw { $key }[ 15 ],,);
449 system ( "rm ${General::swroot}/forward/outgoing" );
450 & General
:: writehash
( "${General::swroot}/forward/settings" , \
%fwdfwsettings );
451 unless (- e
"${General::swroot}/forward/outgoing" ) { system ( "touch ${General::swroot}/forward/outgoing" ); }
452 my $MODE = $fwdfwsettings { 'POLICY' };
454 $fwdfwsettings { 'POLICY' }= $MODE ;
455 $fwdfwsettings { 'POLICY1' }= 'MODE2' ;
456 & General
:: writehash
( "${General::swroot}/forward/settings" , \
%fwdfwsettings );
460 if ( $fwdfwsettings { 'ACTION' } eq $Lang :: tr
{ 'fwdfw newrule' })
464 if ( $fwdfwsettings { 'ACTION' } eq $Lang :: tr
{ 'fwdfw toggle' })
467 & General
:: readhasharray
( $fwdfwsettings { 'config' }, \
%togglehash );
468 foreach my $key ( sort keys %togglehash ){
469 if ( $key eq $fwdfwsettings { 'key' }){
470 if ( $togglehash { $key }[ 2 ] eq 'ON' ){ $togglehash { $key }[ 2 ]= '' ;} else { $togglehash { $key }[ 2 ]= 'ON' ;}
473 & General
:: writehasharray
( $fwdfwsettings { 'config' }, \
%togglehash );
477 if ( $fwdfwsettings { 'ACTION' } eq $Lang :: tr
{ 'fwdfw togglelog' })
480 & General
:: readhasharray
( $fwdfwsettings { 'config' }, \
%togglehash );
481 foreach my $key ( sort keys %togglehash ){
482 if ( $key eq $fwdfwsettings { 'key' }){
483 if ( $togglehash { $key }[ 17 ] eq 'ON' ){ $togglehash { $key }[ 17 ]= '' ;} else { $togglehash { $key }[ 17 ]= 'ON' ;}
486 & General
:: writehasharray
( $fwdfwsettings { 'config' }, \
%togglehash );
490 if ( $fwdfwsettings { 'ACTION' } eq $Lang :: tr
{ 'fwdfw reread' })
495 if ( $fwdfwsettings { 'ACTION' } eq 'editrule' )
497 $fwdfwsettings { 'updatefwrule' }= 'on' ;
500 if ( $fwdfwsettings { 'ACTION' } eq 'deleterule' )
504 if ( $fwdfwsettings { 'ACTION' } eq 'moveup' )
509 if ( $fwdfwsettings { 'ACTION' } eq 'movedown' )
514 if ( $fwdfwsettings { 'ACTION' } eq 'copyrule' )
516 $fwdfwsettings { 'copyfwrule' }= 'on' ;
517 #$fwdfwsettings{'updatefwrule'}='on';
520 if ( $fwdfwsettings { 'ACTION' } eq '' )
528 $fwdfwsettings { 'updatefwrule' }= '' ;
529 $fwdfwsettings { 'config' }= $oldchain ;
530 $fwdfwsettings { 'nobase' }= 'on' ;
532 & checkcounter
( 0 , 0 , $fwdfwsettings { 'grp1' }, $fwdfwsettings { $fwdfwsettings { 'grp1' }});
533 & checkcounter
( 0 , 0 , $fwdfwsettings { 'grp3' }, $fwdfwsettings { $fwdfwsettings { 'grp3' }});
539 & General
:: readhasharray
( $fwdfwsettings { 'config' }, \
%uphash );
540 foreach my $key ( sort keys %uphash ){
541 if ( $key eq $fwdfwsettings { 'key' }) {
543 if ( exists $uphash { $last }){
545 foreach my $y ( 0 .. $ #{$uphash{$last}}) {
546 $tmp { 0 }[ $y ] = $uphash { $last }[ $y ];
548 #copy active rule to last
549 foreach my $i ( 0 .. $ #{$uphash{$last}}) {
550 $uphash { $last }[ $i ] = $uphash { $key }[ $i ];
552 #copy saved rule to actual position
553 foreach my $x ( 0 .. $ #{$tmp{0}}) {
554 $uphash { $key }[ $x ] = $tmp { 0 }[ $x ];
559 & General
:: writehasharray
( $fwdfwsettings { 'config' }, \
%uphash );
566 & General
:: readhasharray
( $fwdfwsettings { 'config' }, \
%downhash );
567 foreach my $key ( sort keys %downhash ){
568 if ( $key eq $fwdfwsettings { 'key' }) {
570 if ( exists $downhash { $next }){
572 foreach my $y ( 0 .. $ #{$downhash{$next}}) {
573 $tmp { 0 }[ $y ] = $downhash { $next }[ $y ];
575 #copy active rule to next
576 foreach my $i ( 0 .. $ #{$downhash{$next}}) {
577 $downhash { $next }[ $i ] = $downhash { $key }[ $i ];
579 #copy saved rule to actual position
580 foreach my $x ( 0 .. $ #{$tmp{0}}) {
581 $downhash { $key }[ $x ] = $tmp { 0 }[ $x ];
586 & General
:: writehasharray
( $fwdfwsettings { 'config' }, \
%downhash );
591 my ( $base1 , $val1 , $base2 , $val2 ) = @_ ;
593 if ( $base1 eq 'cust_net_src' || $base1 eq 'cust_net_tgt' ){
594 & dec_counter
( $confignet , \
%customnetwork , $val1 );
595 } elsif ( $base1 eq 'cust_host_src' || $base1 eq 'cust_host_tgt' ){
596 & dec_counter
( $confighost , \
%customhost , $val1 );
597 } elsif ( $base1 eq 'cust_grp_src' || $base1 eq 'cust_grp_tgt' ){
598 & dec_counter
( $configgrp , \
%customgrp , $val1 );
599 } elsif ( $base1 eq 'cust_srv' ){
600 & dec_counter
( $configsrv , \
%customservice , $val1 );
601 } elsif ( $base1 eq 'cust_srvgrp' ){
602 & dec_counter
( $configsrvgrp , \
%customservicegrp , $val1 );
605 if ( $base2 eq 'cust_net_src' || $base2 eq 'cust_net_tgt' ){
606 & inc_counter
( $confignet , \
%customnetwork , $val2 );
607 } elsif ( $base2 eq 'cust_host_src' || $base2 eq 'cust_host_tgt' ){
608 & inc_counter
( $confighost , \
%customhost , $val2 );
609 } elsif ( $base2 eq 'cust_grp_src' || $base2 eq 'cust_grp_tgt' ){
610 & inc_counter
( $configgrp , \
%customgrp , $val2 );
611 } elsif ( $base2 eq 'cust_srv' ){
612 & inc_counter
( $configsrv , \
%customservice , $val2 );
613 } elsif ( $base2 eq 'cust_srvgrp' ){
614 & inc_counter
( $configsrvgrp , \
%customservicegrp , $val2 );
624 & General
:: readhasharray
( $config , \
%hash );
625 foreach my $key ( sort { uc ( $hash { $a }[ 0 ]) cmp uc ( $hash { $b }[ 0 ]) } keys %hash ){
626 if ( $hash { $key }[ 0 ] eq $val ){
627 $pos =$ #{$hash{$key}};
628 $hash { $key }[ $pos ] = $hash { $key }[ $pos ]+ 1 ;
631 & General
:: writehasharray
( $config , \
%hash );
639 #$errormessage.="ALT:config: $config , verringert wird $val <br>";
640 & General
:: readhasharray
( $config , \
%hash );
641 foreach my $key ( sort { uc ( $hash { $a }[ 0 ]) cmp uc ( $hash { $b }[ 0 ]) } keys %hash ){
642 if ( $hash { $key }[ 0 ] eq $val ){
643 $pos =$ #{$hash{$key}};
644 $hash { $key }[ $pos ] = $hash { $key }[ $pos ]- 1 ;
647 & General
:: writehasharray
( $config , \
%hash );
651 if ( $fwdfwsettings { 'POLICY' } eq 'MODE1' ){ $selected { 'POLICY' }{ 'MODE1' } = 'selected' ; } else { $selected { 'POLICY' }{ 'MODE1' } = '' ; }
652 if ( $fwdfwsettings { 'POLICY' } eq 'MODE2' ){ $selected { 'POLICY' }{ 'MODE2' } = 'selected' ; } else { $selected { 'POLICY' }{ 'MODE2' } = '' ; }
653 if ( $fwdfwsettings { 'POLICY1' } eq 'MODE1' ){ $selected { 'POLICY1' }{ 'MODE1' } = 'selected' ; } else { $selected { 'POLICY1' }{ 'MODE1' } = '' ; }
654 if ( $fwdfwsettings { 'POLICY1' } eq 'MODE2' ){ $selected { 'POLICY1' }{ 'MODE2' } = 'selected' ; } else { $selected { 'POLICY1' }{ 'MODE2' } = '' ; }
658 & Header
:: openbox
( '100%' , 'center' , $Lang :: tr
{ 'fwdfw pol title' });
660 <form method='post' action=' $ENV {'SCRIPT_NAME'}'>
661 <table width='100%' border='0'>
662 <tr><td colspan='3' style='font-weight:bold;color:red;' align='left'>FORWARD </td></tr>
663 <tr><td colspan='3' align='left'> $Lang ::tr{'fwdfw pol text'}</td></tr>
664 <tr><td colspan='3'><hr /></td></tr>
665 <tr><td width='15%' align='left'> <select name='POLICY' style="width: 100px">
666 <option value='MODE1' $selected {'POLICY'}{'MODE1'}> $Lang ::tr{'fwdfw pol block'}</option>
667 <option value='MODE2' $selected {'POLICY'}{'MODE2'}> $Lang ::tr{'fwdfw pol allow'}</option></select>
668 <input type='submit' name='ACTION' value= $Lang ::tr{'save'} /></td><td width='45%' align='right'>
671 print " $Lang ::tr{'outgoing firewall reset'}: <input type='submit' name='ACTION' value=' $Lang ::tr{'reset'}' /><input type='hidden' name='poltype' value='forward' /></td></tr>" ;
672 print "</table></form>" ;
675 <form method='post' action=' $ENV {'SCRIPT_NAME'}'>
676 <table width='100%' border='0'>
677 <tr><td colspan='3' style='font-weight:bold;color:red;' align='left'>OUTGOING </td></tr>
678 <tr><td colspan='3' align='left'> $Lang ::tr{'fwdfw pol text1'}</td></tr>
679 <tr><td colspan='3'><hr /></td></tr>
680 <tr><td width='15%' align='left'> <select name='POLICY1' style="width: 100px">
681 <option value='MODE1' $selected {'POLICY1'}{'MODE1'}> $Lang ::tr{'fwdfw pol block'}</option>
682 <option value='MODE2' $selected {'POLICY1'}{'MODE2'}> $Lang ::tr{'fwdfw pol allow'}</option></select>
683 <input type='submit' name='ACTION' value=' $Lang ::tr{'save'}' /></td><td width='45%' align='right'>
686 print " $Lang ::tr{'outgoing firewall reset'}: <input type='submit' name='ACTION' value=' $Lang ::tr{'reset'}' /><input type='hidden' name='poltype' value='outgoing' /></tr>" ;
687 print "</table></form>" ;
693 if (- f
"${General::swroot}/forward/reread" ){
694 print "<table border='0'><form method='post'><td><input type='submit' name='ACTION' value=' $Lang ::tr{'fwdfw reread'}' style='font-face: Comic Sans MS; color: red; font-weight: bold;'> $Lang ::tr{'fwhost reread'}</td></tr></table></form><hr><br>" ;
696 & Header
:: openbox
( '100%' , 'left' , $Lang :: tr
{ 'fwdfw addrule' });
697 print "<form method='post'>" ;
698 print "<table border='0'>" ;
699 print "<tr><td><input type='submit' name='ACTION' value=' $Lang ::tr{'fwdfw newrule'}'></td>" ;
700 print "</tr></table></form><hr>" ;
707 & General
:: readhasharray
( $fwdfwsettings { 'config' }, \
%delhash );
708 foreach my $key ( sort { $a <=> $b } keys %delhash ){
709 if ( $key == $fwdfwsettings { 'key' }){
710 #check hosts/net and groups
711 & checkcounter
( $delhash { $key }[ 3 ], $delhash { $key }[ 4 ],,);
712 & checkcounter
( $delhash { $key }[ 5 ], $delhash { $key }[ 6 ],,);
713 #check services and groups
714 if ( $delhash { $key }[ 11 ] eq 'ON' ){
715 & checkcounter
( $delhash { $key }[ 14 ], $delhash { $key }[ 15 ],,);
718 if ( $key >= $fwdfwsettings { 'key' }) {
720 if ( exists $delhash { $next }) {
721 foreach my $i ( 0 .. $ #{$delhash{$next}}) {
722 $delhash { $key }[ $i ] = $delhash { $next }[ $i ];
727 # Remove the very last entry.
728 my $last_key = ( sort { $a <=> $b } keys %delhash )[- 1 ];
729 delete $delhash { $last_key };
731 & General
:: writehasharray
( $fwdfwsettings { 'config' }, \
%delhash );
734 if ( $fwdfwsettings { 'nobase' } ne 'on' ){
741 & General
:: readhasharray
( " $configfwdfw " , \
%configfwdfw );
742 foreach my $key ( sort keys %configfwdfw ){
744 if ( $configfwdfw { $key }[ 2 ] eq 'ON' ){ $configfwdfw { $key }[ 2 ]= '' ;}
747 & General
:: writehasharray
( " $configfwdfw " , \
%configfwdfw );
754 #check ip-address if manual
755 if ( $fwdfwsettings { 'src_addr' } eq $fwdfwsettings { $fwdfwsettings { 'grp1' }} && $fwdfwsettings { 'src_addr' } ne '' ){
756 #check if ip with subnet
757 if ( $fwdfwsettings { 'src_addr' } =~ /^(.*?)\/ (.* ?
)$/) {
758 ( $ip , $subnet )= split ( /\/ /, $fwdfwsettings { 'src_addr' });
759 $subnet = & General
:: iporsubtocidr
( $subnet );
760 $fwdfwsettings { 'isip' }= 'on' ;
763 if ( $fwdfwsettings { 'src_addr' }=~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/ ){
764 $ip = $fwdfwsettings { 'src_addr' };
766 $fwdfwsettings { 'isip' }= 'on' ;
769 if ( $fwdfwsettings { 'isip' } ne 'on' ){
770 if (& General
:: validmac
( $fwdfwsettings { 'src_addr' })){ $fwdfwsettings { 'ismac' }= 'on' ;}
772 if ( $fwdfwsettings { 'isip' } eq 'on' ){
773 #check and form valid IP
774 $ip =& General
:: ip2dec
( $ip );
775 $ip =& General
:: dec2ip
( $ip );
776 #check if net or broadcast
777 my @tmp = split ( /\./ , $ip );
778 if (( $tmp [ 3 ] eq "0" ) || ( $tmp [ 3 ] eq "255" ))
780 $errormessage = $Lang :: tr
{ 'fwhost err hostip' }. "<br>" ;
782 $fwdfwsettings { 'src_addr' }= " $ip / $subnet " ;
784 if (!& General
:: validipandmask
( $fwdfwsettings { 'src_addr' })){
785 $errormessage .= $Lang :: tr
{ 'fwdfw err src_addr' }. "<br>" ;
788 if ( $fwdfwsettings { 'isip' } ne 'on' && $fwdfwsettings { 'ismac' } ne 'on' ){
789 $errormessage .= $Lang :: tr
{ 'fwdfw err src_addr' }. "<br>" ;
791 } elsif ( $fwdfwsettings { 'src_addr' } eq $fwdfwsettings { $fwdfwsettings { 'grp1' }} && $fwdfwsettings { 'src_addr' } eq '' ){
792 $errormessage .= $Lang :: tr
{ 'fwdfw err nosrcip' };
793 return $errormessage ;
797 if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq '' ){ $errormessage .= $Lang :: tr
{ 'fwdfw err nosrc' }. "<br>" ;}
799 if ( $fwdfwsettings { 'USE_SRC_PORT' } eq 'ON' && $fwdfwsettings { 'PROT' } eq 'ICMP' ){
800 $fwdfwsettings { 'SRC_PORT' }= '' ;
801 & General
:: readhasharray
( "${General::swroot}/fwhosts/icmp-types" , \
%icmptypes );
802 foreach my $key ( keys %icmptypes ){
803 if ( $fwdfwsettings { 'ICMP_TYPES' } eq " $icmptypes { $key }[0] ( $icmptypes { $key }[1])" ){
804 $fwdfwsettings { 'ICMP_TYPES' }= " $icmptypes { $key }[0]" ;
807 } elsif ( $fwdfwsettings { 'USE_SRC_PORT' } eq 'ON' && $fwdfwsettings { 'PROT' } eq 'GRE' ){
808 $fwdfwsettings { 'SRC_PORT' }= '' ;
809 $fwdfwsettings { 'ICMP_TYPES' }= '' ;
810 } elsif ( $fwdfwsettings { 'USE_SRC_PORT' } eq 'ON' && $fwdfwsettings { 'PROT' } eq 'ESP' ){
811 $fwdfwsettings { 'SRC_PORT' }= '' ;
812 $fwdfwsettings { 'ICMP_TYPES' }= '' ;
813 } elsif ( $fwdfwsettings { 'USE_SRC_PORT' } eq 'ON' && $fwdfwsettings { 'PROT' } eq 'AH' ){
814 $fwdfwsettings { 'SRC_PORT' }= '' ;
815 $fwdfwsettings { 'ICMP_TYPES' }= '' ;
816 } elsif ( $fwdfwsettings { 'USE_SRC_PORT' } eq 'ON' && $fwdfwsettings { 'PROT' } ne 'ICMP' ){
817 $fwdfwsettings { 'ICMP_TYPES' }= '' ;
819 $fwdfwsettings { 'ICMP_TYPES' }= '' ;
820 $fwdfwsettings { 'SRC_PORT' }= '' ;
821 $fwdfwsettings { 'PROT' }= '' ;
824 if ( $fwdfwsettings { 'USE_SRC_PORT' } eq 'ON' && ( $fwdfwsettings { 'PROT' } eq 'TCP' || $fwdfwsettings { 'PROT' } eq 'UDP' ) && $fwdfwsettings { 'SRC_PORT' } ne '' ){
825 my @parts = split ( "," , $fwdfwsettings { 'SRC_PORT' });
829 if ( $_ =~ /^(\d+)\:(\d+)$/ ) {
831 #change dashes with :
834 push ( @values , "1:65535" );
837 if ( $_ =~ /^(\D)\:(\d+)$/ ) {
838 push ( @values , "1: $2 " );
841 if ( $_ =~ /^(\d+)\:(\D)$/ ) {
842 push ( @values , " $1 :65535" );
845 $errormessage .= & General
:: validportrange
( $_ , 'destination' );
850 if (& General
:: validport
( $_ )){
857 $fwdfwsettings { 'SRC_PORT' }= join ( "|" , @values );
858 return $errormessage ;
865 if ( $fwdfwsettings { 'tgt_addr' } eq $fwdfwsettings { $fwdfwsettings { 'grp2' }} && $fwdfwsettings { 'tgt_addr' } ne '' ){
866 #check if ip with subnet
867 if ( $fwdfwsettings { 'tgt_addr' } =~ /^(.*?)\/ (.* ?
)$/) {
868 ( $ip , $subnet )= split ( /\/ /, $fwdfwsettings { 'tgt_addr' });
869 $subnet = & General
:: iporsubtocidr
( $subnet );
872 if ( $fwdfwsettings { 'tgt_addr' }=~ /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/ ){
873 $ip = $fwdfwsettings { 'tgt_addr' };
876 #check and form valid IP
877 $ip =& General
:: ip2dec
( $ip );
878 $ip =& General
:: dec2ip
( $ip );
880 ##check if net or broadcast
881 #my @tmp= split (/\./,$ip);
882 #if ($tmp[3] eq "0" || ($tmp[3] eq "255"))
884 #$errormessage=$Lang::tr{'fwhost err hostip'}."<br>";
886 $fwdfwsettings { 'tgt_addr' }= " $ip / $subnet " ;
888 if (!& General
:: validipandmask
( $fwdfwsettings { 'tgt_addr' })){
889 $errormessage .= $Lang :: tr
{ 'fwdfw err tgt_addr' }. "<br>" ;
892 } elsif ( $fwdfwsettings { 'tgt_addr' } eq $fwdfwsettings { $fwdfwsettings { 'grp2' }} && $fwdfwsettings { 'tgt_addr' } eq '' ){
893 $errormessage .= $Lang :: tr
{ 'fwdfw err notgtip' };
894 return $errormessage ;
898 if ( $fwdfwsettings { $fwdfwsettings { 'grp2' }} eq '' ){ $errormessage .= $Lang :: tr
{ 'fwdfw err notgt' }. "<br>" ;}
901 if ( $fwdfwsettings { 'USESRV' } eq 'ON' ){
902 if ( $fwdfwsettings { 'grp3' } eq 'cust_srv' ){
903 $fwdfwsettings { 'TGT_PROT' }= '' ;
904 $fwdfwsettings { 'ICMP_TGT' }= '' ;
906 if ( $fwdfwsettings { 'grp3' } eq 'cust_srvgrp' ){
907 $fwdfwsettings { 'TGT_PROT' }= '' ;
908 $fwdfwsettings { 'ICMP_TGT' }= '' ;
909 #check target service
910 if ( $fwdfwsettings { $fwdfwsettings { 'grp3' }} eq '' ){
911 $errormessage .= $Lang :: tr
{ 'fwdfw err tgt_grp' };
914 if ( $fwdfwsettings { 'grp3' } eq 'TGT_PORT' ){
915 if ( $fwdfwsettings { 'TGT_PROT' } eq 'TCP' || $fwdfwsettings { 'TGT_PROT' } eq 'UDP' ){
916 if ( $fwdfwsettings { 'TGT_PORT' } ne '' ){
917 my @parts = split ( "," , $fwdfwsettings { 'TGT_PORT' });
921 if ( $_ =~ /^(\d+)\:(\d+)$/ ) {
923 #change dashes with :
926 push ( @values , "1:65535" );
929 if ( $_ =~ /^(\D)\:(\d+)$/ ) {
930 push ( @values , "1: $2 " );
933 if ( $_ =~ /^(\d+)\:(\D)$/ ) {
934 push ( @values , " $1 :65535" );
937 $errormessage .= & General
:: validportrange
( $_ , 'destination' );
942 if (& General
:: validport
( $_ )){
949 $fwdfwsettings { 'TGT_PORT' }= join ( "|" , @values );
951 } elsif ( $fwdfwsettings { 'TGT_PROT' } eq 'GRE' ){
952 $fwdfwsettings { $fwdfwsettings { 'grp3' }} = '' ;
953 $fwdfwsettings { 'TGT_PORT' } = '' ;
954 $fwdfwsettings { 'ICMP_TGT' } = '' ;
955 } elsif ( $fwdfwsettings { 'TGT_PROT' } eq 'ESP' ){
956 $fwdfwsettings { $fwdfwsettings { 'grp3' }} = '' ;
957 $fwdfwsettings { 'TGT_PORT' } = '' ;
958 $fwdfwsettings { 'ICMP_TGT' }= '' ;
959 } elsif ( $fwdfwsettings { 'TGT_PROT' } eq 'AH' ){
960 $fwdfwsettings { $fwdfwsettings { 'grp3' }} = '' ;
961 $fwdfwsettings { 'TGT_PORT' } = '' ;
962 $fwdfwsettings { 'ICMP_TGT' }= '' ;
963 } elsif ( $fwdfwsettings { 'TGT_PROT' } eq 'ICMP' ){
964 $fwdfwsettings { $fwdfwsettings { 'grp3' }} = '' ;
965 $fwdfwsettings { 'TGT_PORT' } = '' ;
966 & General
:: readhasharray
( "${General::swroot}/fwhosts/icmp-types" , \
%icmptypes );
967 foreach my $key ( keys %icmptypes ){
969 if ( " $icmptypes { $key }[0] ( $icmptypes { $key }[1])" eq $fwdfwsettings { 'ICMP_TGT' }){
970 $fwdfwsettings { 'ICMP_TGT' }= $icmptypes { $key }[ 0 ];
978 if ( $fwdfwsettings { 'USESRV' } ne 'ON' ){
979 $fwdfwsettings { 'grp3' }= '' ;
980 $fwdfwsettings { $fwdfwsettings { 'grp3' }}= '' ;
981 $fwdfwsettings { 'TGT_PROT' }= '' ;
982 $fwdfwsettings { 'ICMP_TGT' }= '' ;
985 if ( $fwdfwsettings { 'TIME' } eq 'ON' ){
986 if ( $fwdfwsettings { 'TIME_MON' } eq '' && $fwdfwsettings { 'TIME_TUE' } eq '' && $fwdfwsettings { 'TIME_WED' } eq '' && $fwdfwsettings { 'TIME_THU' } eq '' && $fwdfwsettings { 'TIME_FRI' } eq '' && $fwdfwsettings { 'TIME_SAT' } eq '' && $fwdfwsettings { 'TIME_SUN' } eq '' ){
987 $errormessage = $Lang :: tr
{ 'fwdfw err time' };
990 return $errormessage ;
995 if ( $fwdfwsettings { 'ruleremark' } ne '' && !& validremark
( $fwdfwsettings { 'ruleremark' })){
996 $errormessage .= $Lang :: tr
{ 'fwdfw err remark' }. "<br>" ;
998 #check if source and target identical
999 if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq $fwdfwsettings { $fwdfwsettings { 'grp2' }} && $fwdfwsettings { $fwdfwsettings { 'grp1' }} ne 'ALL' ){
1000 $errormessage .= $Lang :: tr
{ 'fwdfw err same' };
1001 return $errormessage ;
1004 #get source and targetip address if possible
1005 my ( $sip , $scidr , $tip , $tcidr );
1006 ( $sip , $scidr )=& get_ip
( "src" , "grp1" );
1007 ( $tip , $tcidr )=& get_ip
( "tgt" , "grp2" );
1009 #check same iprange in source and target
1010 if ( $sip ne '' && $scidr ne '' && $tip ne '' && $tcidr ne '' ){
1011 my $networkip1 =& General
:: getnetworkip
( $sip , $scidr );
1012 my $networkip2 =& General
:: getnetworkip
( $tip , $tcidr );
1013 if ( $scidr gt $tcidr ){
1014 if ( & General
:: IpInSubnet
( $networkip1 , $tip ,& General
:: iporsubtodec
( $tcidr ))){
1015 $errormessage .= $Lang :: tr
{ 'fwdfw err samesub' };
1017 } elsif ( $scidr eq $tcidr && $scidr eq '32' ){
1018 my ( $sbyte1 , $sbyte2 , $sbyte3 , $sbyte4 )= split ( /\./ , $networkip1 );
1019 my ( $tbyte1 , $tbyte2 , $tbyte3 , $tbyte4 )= split ( /\./ , $networkip2 );
1020 if ( $sbyte1 eq $tbyte1 && $sbyte2 eq $tbyte2 && $sbyte3 eq $tbyte3 ){
1021 $hint = $Lang :: tr
{ 'fwdfw hint ip1' }. "<br>" ;
1022 $hint .= $Lang :: tr
{ 'fwdfw hint ip2' }. " Source: $networkip1 / $scidr Target: $networkip2 / $tcidr <br>" ;
1025 if ( & General
:: IpInSubnet
( $networkip2 , $sip ,& General
:: iporsubtodec
( $scidr )) ){
1026 $errormessage .= $Lang :: tr
{ 'fwdfw err samesub' };
1031 #check source and destination protocol if manual
1032 if ( $fwdfwsettings { 'USE_SRC_PORT' } eq 'ON' && $fwdfwsettings { 'USESRV' } eq 'ON' ){
1033 if ( $fwdfwsettings { 'PROT' } ne $fwdfwsettings { 'TGT_PROT' } && $fwdfwsettings { 'grp3' } eq 'TGT_PORT' ){
1034 $errormessage .= $Lang :: tr
{ 'fwdfw err prot' };
1036 #check source and destination protocol if source manual and dest servicegrp
1037 if ( $fwdfwsettings { 'grp3' } eq 'cust_srv' ){
1038 & General
:: readhasharray
( " $configsrv " , \
%customservice );
1039 foreach my $key ( sort keys %customservice ){
1040 if ( $customservice { $key }[ 0 ] eq $fwdfwsettings { $fwdfwsettings { 'grp3' }}){
1041 if ( $customservice { $key }[ 2 ] ne $fwdfwsettings { 'PROT' }){
1042 $errormessage .= $Lang :: tr
{ 'fwdfw err prot' };
1056 & General
:: readhash
( "/var/ipfire/ethernet/settings" , \
%netsettings );
1057 if ( $fwdfwsettings { $grp } ne $Lang :: tr
{ 'fwhost any' }){
1058 if ( $fwdfwsettings { $grp } eq $val . '_addr' ){
1059 ( $a , $b ) = split ( /\/ /, $fwdfwsettings { $fwdfwsettings { $grp }});
1060 } elsif ( $fwdfwsettings { $grp } eq 'std_net_' . $val ){
1061 if ( $fwdfwsettings { $fwdfwsettings { $grp }} =~ /Gr/i ){
1062 $a = $netsettings { 'GREEN_NETADDRESS' };
1063 $b =& General
:: iporsubtocidr
( $netsettings { 'GREEN_NETMASK' });
1064 } elsif ( $fwdfwsettings { $fwdfwsettings { $grp }} =~ /Ora/i ){
1065 $a = $netsettings { 'ORANGE_NETADDRESS' };
1066 $b =& General
:: iporsubtocidr
( $netsettings { 'ORANGE_NETMASK' });
1067 } elsif ( $fwdfwsettings { $fwdfwsettings { $grp }} =~ /Bl/i ){
1068 $a = $netsettings { 'BLUE_NETADDRESS' };
1069 $b =& General
:: iporsubtocidr
( $netsettings { 'BLUE_NETMASK' });
1070 } elsif ( $fwdfwsettings { $fwdfwsettings { $grp }} =~ /OpenVPN/i ){
1071 & General
:: readhash
( " $configovpn " , \
%ovpnsettings );
1072 ( $a , $b ) = split ( /\/ /, $ovpnsettings { 'DOVPN_SUBNET' });
1073 $b =& General
:: iporsubtocidr
( $b );
1075 } elsif ( $fwdfwsettings { $grp } eq 'cust_net_' . $val ){
1076 & General
:: readhasharray
( " $confignet " , \
%customnetwork );
1077 foreach my $key ( keys %customnetwork ){
1078 if ( $customnetwork { $key }[ 0 ] eq $fwdfwsettings { $fwdfwsettings { $grp }}){
1079 $a = $customnetwork { $key }[ 1 ];
1080 $b =& General
:: iporsubtocidr
( $customnetwork { $key }[ 2 ]);
1083 } elsif ( $fwdfwsettings { $grp } eq 'cust_host_' . $val ){
1084 & General
:: readhasharray
( " $confighost " , \
%customhost );
1085 foreach my $key ( keys %customhost ){
1086 if ( $customhost { $key }[ 0 ] eq $fwdfwsettings { $fwdfwsettings { $grp }}){
1087 if ( $customhost { $key }[ 1 ] eq 'ip' ){
1088 ( $a , $b )= split ( /\/ /, $customhost { $key }[ 2 ]);
1089 $b =& General
:: iporsubtocidr
( $b );
1091 if ( $grp eq 'grp2' ){
1092 $errormessage = $Lang :: tr
{ 'fwdfw err tgt_mac' };
1104 & General
:: setup_default_networks
( \
%defaultNetworks );
1105 & General
:: readhash
( "/var/ipfire/ethernet/settings" , \
%netsettings );
1106 #read all configfiles
1107 & General
:: readhasharray
( " $configccdnet " , \
%ccdnet );
1108 & General
:: readhasharray
( " $confignet " , \
%customnetwork );
1109 & General
:: readhasharray
( " $configccdhost " , \
%ccdhost );
1110 & General
:: readhasharray
( " $confighost " , \
%customhost );
1111 & General
:: readhasharray
( " $configccdhost " , \
%ccdhost );
1112 & General
:: readhasharray
( " $configgrp " , \
%customgrp );
1113 & General
:: readhasharray
( " $configipsec " , \
%ipsecconf );
1114 & General
:: get_aliases
( \
%aliases );
1118 if ( $fwdfwsettings { 'config' } eq '' ){ $fwdfwsettings { 'config' }= $configfwdfw ;}
1119 my $config = $fwdfwsettings { 'config' };
1121 $checked { 'grp1' }{ $fwdfwsettings { 'grp1' }} = 'CHECKED' ;
1122 $checked { 'grp2' }{ $fwdfwsettings { 'grp2' }} = 'CHECKED' ;
1123 $checked { 'grp3' }{ $fwdfwsettings { 'grp3' }} = 'CHECKED' ;
1124 $checked { 'USE_SRC_PORT' }{ $fwdfwsettings { 'USE_SRC_PORT' }} = 'CHECKED' ;
1125 $checked { 'USESRV' }{ $fwdfwsettings { 'USESRV' }} = 'CHECKED' ;
1126 $checked { 'ACTIVE' }{ $fwdfwsettings { 'ACTIVE' }} = 'CHECKED' ;
1127 $checked { 'LOG' }{ $fwdfwsettings { 'LOG' }} = 'CHECKED' ;
1128 $checked { 'TIME' }{ $fwdfwsettings { 'TIME' }} = 'CHECKED' ;
1129 $checked { 'TIME_MON' }{ $fwdfwsettings { 'TIME_MON' }} = 'CHECKED' ;
1130 $checked { 'TIME_TUE' }{ $fwdfwsettings { 'TIME_TUE' }} = 'CHECKED' ;
1131 $checked { 'TIME_WED' }{ $fwdfwsettings { 'TIME_WED' }} = 'CHECKED' ;
1132 $checked { 'TIME_THU' }{ $fwdfwsettings { 'TIME_THU' }} = 'CHECKED' ;
1133 $checked { 'TIME_FRI' }{ $fwdfwsettings { 'TIME_FRI' }} = 'CHECKED' ;
1134 $checked { 'TIME_SAT' }{ $fwdfwsettings { 'TIME_SAT' }} = 'CHECKED' ;
1135 $checked { 'TIME_SUN' }{ $fwdfwsettings { 'TIME_SUN' }} = 'CHECKED' ;
1136 $selected { 'TIME_FROM' }{ $fwdfwsettings { 'TIME_FROM' }} = 'selected' ;
1137 $selected { 'TIME_TO' }{ $fwdfwsettings { 'TIME_TO' }} = 'selected' ;
1138 $selected { 'ipfire' }{ $fwdfwsettings { $fwdfwsettings { 'grp2' }}} = 'selected' ;
1139 #check if update and get values
1140 if ( $fwdfwsettings { 'updatefwrule' } eq 'on' || $fwdfwsettings { 'copyfwrule' } eq 'on' && ! $errormessage ){
1141 & General
:: readhasharray
( " $config " , \
%hash );
1142 foreach my $key ( sort keys %hash ){
1144 if ( $key eq $fwdfwsettings { 'key' }){
1145 $fwdfwsettings { 'oldrulenumber' } = $fwdfwsettings { 'key' };
1146 $fwdfwsettings { 'RULE_ACTION' } = $hash { $key }[ 0 ];
1147 $fwdfwsettings { 'ACTIVE' } = $hash { $key }[ 2 ];
1148 $fwdfwsettings { 'grp1' } = $hash { $key }[ 3 ];
1149 $fwdfwsettings { $fwdfwsettings { 'grp1' }} = $hash { $key }[ 4 ];
1150 $fwdfwsettings { 'grp2' } = $hash { $key }[ 5 ];
1151 $fwdfwsettings { $fwdfwsettings { 'grp2' }} = $hash { $key }[ 6 ];
1152 $fwdfwsettings { 'USE_SRC_PORT' } = $hash { $key }[ 7 ];
1153 $fwdfwsettings { 'PROT' } = $hash { $key }[ 8 ];
1154 $fwdfwsettings { 'ICMP_TYPES' } = $hash { $key }[ 9 ];
1155 $fwdfwsettings { 'SRC_PORT' } = $hash { $key }[ 10 ];
1156 $fwdfwsettings { 'USESRV' } = $hash { $key }[ 11 ];
1157 $fwdfwsettings { 'TGT_PROT' } = $hash { $key }[ 12 ];
1158 $fwdfwsettings { 'ICMP_TGT' } = $hash { $key }[ 13 ];
1159 $fwdfwsettings { 'grp3' } = $hash { $key }[ 14 ];
1160 $fwdfwsettings { $fwdfwsettings { 'grp3' }} = $hash { $key }[ 15 ];
1161 $fwdfwsettings { 'ruleremark' } = $hash { $key }[ 16 ];
1162 $fwdfwsettings { 'LOG' } = $hash { $key }[ 17 ];
1163 $fwdfwsettings { 'TIME' } = $hash { $key }[ 18 ];
1164 $fwdfwsettings { 'TIME_MON' } = $hash { $key }[ 19 ];
1165 $fwdfwsettings { 'TIME_TUE' } = $hash { $key }[ 20 ];
1166 $fwdfwsettings { 'TIME_WED' } = $hash { $key }[ 21 ];
1167 $fwdfwsettings { 'TIME_THU' } = $hash { $key }[ 22 ];
1168 $fwdfwsettings { 'TIME_FRI' } = $hash { $key }[ 23 ];
1169 $fwdfwsettings { 'TIME_SAT' } = $hash { $key }[ 24 ];
1170 $fwdfwsettings { 'TIME_SUN' } = $hash { $key }[ 25 ];
1171 $fwdfwsettings { 'TIME_FROM' } = $hash { $key }[ 26 ];
1172 $fwdfwsettings { 'TIME_TO' } = $hash { $key }[ 27 ];
1173 $checked { 'grp1' }{ $fwdfwsettings { 'grp1' }} = 'CHECKED' ;
1174 $checked { 'grp2' }{ $fwdfwsettings { 'grp2' }} = 'CHECKED' ;
1175 $checked { 'grp3' }{ $fwdfwsettings { 'grp3' }} = 'CHECKED' ;
1176 $checked { 'USE_SRC_PORT' }{ $fwdfwsettings { 'USE_SRC_PORT' }} = 'CHECKED' ;
1177 $checked { 'USESRV' }{ $fwdfwsettings { 'USESRV' }} = 'CHECKED' ;
1178 $checked { 'ACTIVE' }{ $fwdfwsettings { 'ACTIVE' }} = 'CHECKED' ;
1179 $checked { 'LOG' }{ $fwdfwsettings { 'LOG' }} = 'CHECKED' ;
1180 $checked { 'TIME' }{ $fwdfwsettings { 'TIME' }} = 'CHECKED' ;
1181 $checked { 'TIME_MON' }{ $fwdfwsettings { 'TIME_MON' }} = 'CHECKED' ;
1182 $checked { 'TIME_TUE' }{ $fwdfwsettings { 'TIME_TUE' }} = 'CHECKED' ;
1183 $checked { 'TIME_WED' }{ $fwdfwsettings { 'TIME_WED' }} = 'CHECKED' ;
1184 $checked { 'TIME_THU' }{ $fwdfwsettings { 'TIME_THU' }} = 'CHECKED' ;
1185 $checked { 'TIME_FRI' }{ $fwdfwsettings { 'TIME_FRI' }} = 'CHECKED' ;
1186 $checked { 'TIME_SAT' }{ $fwdfwsettings { 'TIME_SAT' }} = 'CHECKED' ;
1187 $checked { 'TIME_SUN' }{ $fwdfwsettings { 'TIME_SUN' }} = 'CHECKED' ;
1188 $selected { 'TIME_FROM' }{ $fwdfwsettings { 'TIME_FROM' }} = 'selected' ;
1189 $selected { 'TIME_TO' }{ $fwdfwsettings { 'TIME_TO' }} = 'selected' ;
1190 $selected { 'ipfire' }{ $fwdfwsettings { $fwdfwsettings { 'grp2' }}} = 'selected' ;
1193 $fwdfwsettings { 'oldgrp1a' }= $fwdfwsettings { 'grp1' };
1194 $fwdfwsettings { 'oldgrp1b' }= $fwdfwsettings { $fwdfwsettings { 'grp1' }};
1195 $fwdfwsettings { 'oldgrp2a' }= $fwdfwsettings { 'grp2' };
1196 $fwdfwsettings { 'oldgrp2b' }= $fwdfwsettings { $fwdfwsettings { 'grp2' }};
1197 $fwdfwsettings { 'oldgrp3a' }= $fwdfwsettings { 'grp3' };
1198 $fwdfwsettings { 'oldgrp3b' }= $fwdfwsettings { $fwdfwsettings { 'grp3' }};
1199 $fwdfwsettings { 'oldusesrv' }= $fwdfwsettings { 'USESRV' };
1200 $fwdfwsettings { 'oldruleremark' }= $fwdfwsettings { 'ruleremark' };
1201 #check if manual ip (source) is orange network
1202 if ( $fwdfwsettings { 'grp1' } eq 'src_addr' ){
1203 my ( $sip , $scidr ) = split ( "/" , $fwdfwsettings { $fwdfwsettings { 'grp1' }});
1204 if ( & General
:: IpInSubnet
( $sip , $netsettings { 'ORANGE_ADDRESS' }, $netsettings { 'ORANGE_NETMASK' })){
1205 $fwdfwsettings { 'oldorange' } = 'on' ;
1209 $fwdfwsettings { 'ACTIVE' }= 'ON' ;
1210 $checked { 'ACTIVE' }{ $fwdfwsettings { 'ACTIVE' }} = 'CHECKED' ;
1211 $fwdfwsettings { 'oldgrp1a' }= $fwdfwsettings { 'grp1' };
1212 $fwdfwsettings { 'oldgrp1b' }= $fwdfwsettings { $fwdfwsettings { 'grp1' }};
1213 $fwdfwsettings { 'oldgrp2a' }= $fwdfwsettings { 'grp2' };
1214 $fwdfwsettings { 'oldgrp2b' }= $fwdfwsettings { $fwdfwsettings { 'grp2' }};
1215 $fwdfwsettings { 'oldgrp3a' }= $fwdfwsettings { 'grp3' };
1216 $fwdfwsettings { 'oldgrp3b' }= $fwdfwsettings { $fwdfwsettings { 'grp3' }};
1217 $fwdfwsettings { 'oldusesrv' }= $fwdfwsettings { 'USESRV' };
1218 $fwdfwsettings { 'oldruleremark' }= $fwdfwsettings { 'ruleremark' };
1219 #check if manual ip (source) is orange network
1220 if ( $fwdfwsettings { 'grp1' } eq 'src_addr' ){
1221 my ( $sip , $scidr ) = split ( "/" , $fwdfwsettings { $fwdfwsettings { 'grp1' }});
1222 if ( & General
:: IpInSubnet
( $sip , $netsettings { 'ORANGE_ADDRESS' }, $netsettings { 'ORANGE_NETMASK' })){
1223 $fwdfwsettings { 'oldorange' } = 'on' ;
1227 & Header
:: openbox
( '100%' , 'left' , $Lang :: tr
{ 'fwdfw addrule' });
1230 <form method="post">
1232 <tr><td nowrap> $Lang ::tr{'fwdfw rule action'}</td><td><select name='RULE_ACTION'>
1234 foreach ( "ACCEPT" , "DROP" , "REJECT" )
1236 if ( $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1238 print "selected='selected'" if ( $fwdfwsettings { 'RULE_ACTION' } eq $_ );
1239 print "> $_ </option>" ;
1241 if ( $fwdfwsettings { 'POLICY' } eq 'MODE2' ){
1242 $fwdfwsettings { 'RULE_ACTION' } = 'DROP' ;
1245 if ( $_ eq $fwdfwsettings { 'RULE_ACTION' })
1247 print "<option selected> $_ </option>" ;
1249 print "<option> $_ </option>" ;
1253 print "</select></td></tr></table><hr>" ;
1255 & Header
:: closebox
();
1256 & Header
:: openbox
( '100%' , 'left' , $Lang :: tr
{ 'fwdfw source' });
1257 #------SOURCE-------------------------------------------------------
1259 <table width='100%' border='0'>
1260 <tr><td width='1%'><input type='radio' name='grp1' value='src_addr' checked></td><td colspan='5'> $Lang ::tr{'fwdfw sourceip'}<input type='TEXT' name='src_addr' value=' $fwdfwsettings {'src_addr'}' ></td></tr>
1261 <tr><td colspan='7'><hr style='border:dotted #BFBFBF; border-width:1px 0 0 0 ; ' /></td></tr>
1262 <tr><td width='1%'><input type='radio' name='grp1' value='std_net_src' $checked {'grp1'}{'std_net_src'}></td><td nowrap='nowrap' width='12%'> $Lang ::tr{'fwhost stdnet'}</td><td width='13%'><select name='std_net_src' style='min-width:185px;'>
1264 foreach my $network ( sort keys %defaultNetworks )
1266 next if ( $defaultNetworks { $network }{ 'LOCATION' } eq "IPCOP" );
1267 next if ( $defaultNetworks { $network }{ 'NAME' } eq "RED" );
1268 print "<option value=' $defaultNetworks { $network }{'NAME'}'" ;
1269 print " selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq $defaultNetworks { $network }{ 'NAME' });
1270 print "> $network </option>" ;
1273 </select></td><td width='1%'><input type='radio' name='grp1' value='ovpn_net_src' $checked {'grp1'}{'ovpn_net_src'}></td><td nowrap='nowrap' width='16%'> $Lang ::tr{'fwhost ccdnet'}</td><td nowrap='nowrap' width='1%'><select name='ovpn_net_src' style='min-width:185px;'>
1275 & fillselect
( \
%ccdnet , $fwdfwsettings { $fwdfwsettings { 'grp1' }});
1278 <tr><td><input type='radio' name='grp1' value='cust_net_src' $checked {'grp1'}{'cust_net_src'}></td><td> $Lang ::tr{'fwhost cust net'}</td><td><select name='cust_net_src' style='min-width:185px;'>
1280 & fillselect
( \
%customnetwork , $fwdfwsettings { $fwdfwsettings { 'grp1' }});
1282 </select></td><td width='1%'><input type='radio' name='grp1' value='ovpn_host_src' $checked {'grp1'}{'ovpn_host_src'}></td><td nowrap='nowrap' width='16%'> $Lang ::tr{'fwhost ccdhost'}</td><td nowrap='nowrap' width='1%'><select name='ovpn_host_src' style='min-width:185px;'>
1284 foreach my $key ( sort { uc ( $ccdhost { $a }[ 0 ]) cmp uc ( $ccdhost { $b }[ 0 ]) } keys %ccdhost )
1286 if ( $ccdhost { $key }[ 33 ] ne '' ){
1288 print "<option value=' $ccdhost { $key }[1]'" ;
1289 print "selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq $ccdhost { $key }[ 1 ]);
1290 print "> $ccdhost { $key }[1]</option>" ;
1295 <tr><td valign='top'><input type='radio' name='grp1' value='cust_host_src' $checked {'grp1'}{'cust_host_src'}></td><td> $Lang ::tr{'fwhost cust addr'}</td><td><select name='cust_host_src' style='min-width:185px;'>
1297 & fillselect
( \
%customhost , $fwdfwsettings { $fwdfwsettings { 'grp1' }});
1299 </select></td><td width='1%'><input type='radio' name='grp1' value='ovpn_n2n_src' $checked {'grp1'}{'ovpn_n2n_src'}></td><td > $Lang ::tr{'fwhost ovpn_n2n'}</td><td colspan='3'><select name='ovpn_n2n_src' style='min-width:185px;'>
1301 foreach my $key ( sort { uc ( $ccdhost { $a }[ 0 ]) cmp uc ( $ccdhost { $b }[ 0 ]) } keys %ccdhost ) {
1302 if ( $ccdhost { $key }[ 3 ] eq 'net' ){
1304 print " selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq $ccdhost { $key }[ 1 ]);
1305 print "> $ccdhost { $key }[1]</option>" ;
1311 <tr><td valign='top'><input type='radio' name='grp1' value='cust_grp_src' $checked {'grp1'}{'cust_grp_src'}></td><td > $Lang ::tr{'fwhost cust grp'}</td><td><select name='cust_grp_src' style='min-width:185px;'>
1313 foreach my $key ( sort { uc ( $customgrp { $a }[ 0 ]) cmp uc ( $customgrp { $b }[ 0 ]) } keys %customgrp ) {
1314 if ( $helper ne $customgrp { $key }[ 0 ]){
1316 print "selected='selected' " if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq $customgrp { $key }[ 0 ]);
1317 print "> $customgrp { $key }[0]</option>" ;
1319 $helper = $customgrp { $key }[ 0 ];
1323 <td valign='top'><input type='radio' name='grp1' value='ipsec_net_src' $checked {'grp1'}{'ipsec_net_src'}></td><td > $Lang ::tr{'fwhost ipsec net'}</td><td><select name='ipsec_net_src' style='min-width:185px;'>
1325 foreach my $key ( sort { uc ( $ipsecconf { $a }[ 1 ]) cmp uc ( $ipsecconf { $b }[ 1 ]) } keys %ipsecconf ) {
1326 if ( $ipsecconf { $key }[ 3 ] eq 'net' ){
1328 print "selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq $ipsecconf { $key }[ 1 ]);
1329 print "> $ipsecconf { $key }[1]</option>" ;
1337 # <td valign='top'><input type='radio' name='grp1' value='ipsec_host_src' $checked{'grp1'}{'ipsec_host_src'}></td><td >$Lang::tr{'fwhost ipsec host'}</td><td><select name='ipsec_host_src' style='min-width:185px;'>
1339 # foreach my $key (sort { uc($ipsecconf{$a}[1]) cmp uc($ipsecconf{$b}[1]) } keys %ipsecconf) {
1340 # if ($ipsecconf{$key}[3] eq 'host'){
1342 # print "selected='selected'" if($fwdfwsettings{$fwdfwsettings{'grp1'}} eq $ipsecconf{$key}[1]);
1343 # print ">$ipsecconf{$key}[1]</option>";
1347 <tr><td colspan='8'><hr style='border:dotted #BFBFBF; border-width:1px 0 0 0 ; ' /></td></tr></table>
1348 <table width='100%' border='0'>
1349 <tr><td width='1%'><input type='checkbox' name='USE_SRC_PORT' value='ON' $checked {'USE_SRC_PORT'}{'ON'}></td><td width='51%' colspan='3'> $Lang ::tr{'fwdfw use srcport'}</td>
1350 <td width='15%' nowrap='nowrap'> $Lang ::tr{'fwdfw man port'}</td><td><select name='PROT'>
1352 foreach ( "TCP" , "UDP" , "GRE" , "ESP" , "AH" , "ICMP" )
1354 if ( $_ eq $fwdfwsettings { 'PROT' })
1356 print "<option selected> $_ </option>" ;
1358 print "<option> $_ </option>" ;
1361 $fwdfwsettings { 'SRC_PORT' }=~ s/\|/,/g ;
1363 </select></td><td align='right'><input type='text' name='SRC_PORT' value=' $fwdfwsettings {'SRC_PORT'}' maxlength='20' size='18' ></td></tr>
1364 <tr><td></td><td></td><td></td><td></td><td nowrap='nowrap'> $Lang ::tr{'fwhost icmptype'}</td><td colspan='2'><select name='ICMP_TYPES' style='width:230px;'>
1366 & General
:: readhasharray
( "${General::swroot}/fwhosts/icmp-types" , \
%icmptypes );
1367 print "<option>All ICMP-Types</option>" ;
1368 foreach my $key ( sort { uc ( $icmptypes { $a }[ 0 ]) cmp uc ( $icmptypes { $b }[ 0 ]) } keys %icmptypes ){
1369 if ( $fwdfwsettings { 'ICMP_TYPES' } eq " $icmptypes { $key }[0]" ){
1370 print "<option selected> $icmptypes { $key }[0] ( $icmptypes { $key }[1])</option>" ;
1372 print "<option> $icmptypes { $key }[0] ( $icmptypes { $key }[1])</option>" ;
1376 </select></td></tr></table><br><hr>
1378 & Header
:: closebox
();
1380 #---TARGET------------------------------------------------------
1381 & Header
:: openbox
( '100%' , 'left' , $Lang :: tr
{ 'fwdfw target' });
1383 <table width='100%' border='0'>
1384 <tr><td width='1%'><input type='radio' name='grp2' value='tgt_addr' checked></td><td colspan='2'> $Lang ::tr{'fwdfw targetip'}<input type='TEXT' name='tgt_addr' value=' $fwdfwsettings {'tgt_addr'}' size='16'><td><input type='radio' name='grp2' value='ipfire' $checked {'grp2'}{'ipfire'}></td><td><b>IPFire ( $Lang ::tr{'external access'})</b></td><td><select name='ipfire' style='min-width:185px;'>
1386 print "<option value='Default IP' $selected {'ipfire'}{'Default IP'}>Default IP</option>" ;
1388 foreach my $alias ( sort keys %aliases )
1390 print "<option value=' $alias ' $selected {'ipfire'}{ $alias }> $alias </option>" ;
1395 <tr><td colspan='7'><hr style='border:dotted #BFBFBF; border-width:1px 0 0 0 ; ' /></td></tr>
1396 <tr><td width='1%'><input type='radio' name='grp2' value='std_net_tgt' $checked {'grp2'}{'std_net_tgt'}></td><td nowrap='nowrap' width='12%'> $Lang ::tr{'fwhost stdnet'}</td><td width='13%'><select name='std_net_tgt' style='min-width:185px;'>
1398 foreach my $network ( sort keys %defaultNetworks )
1400 next if ( $defaultNetworks { $network }{ 'NAME' } eq "IPFire" );
1401 print "<option value=' $defaultNetworks { $network }{'NAME'}'" ;
1402 print " selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp2' }} eq $defaultNetworks { $network }{ 'NAME' });
1403 print "> $network </option>" ;
1406 </select></td><td width='1%'><input type='radio' name='grp2' value='ovpn_net_tgt' $checked {'grp2'}{'ovpn_net_tgt'}></td><td nowrap='nowrap' width='16%'> $Lang ::tr{'fwhost ccdnet'}</td><td nowrap='nowrap' width='1%'><select name='ovpn_net_tgt' style='min-width:185px;'>
1408 & fillselect
( \
%ccdnet , $fwdfwsettings { $fwdfwsettings { 'grp2' }});
1411 <tr><td><input type='radio' name='grp2' value='cust_net_tgt' $checked {'grp2'}{'cust_net_tgt'}></td><td> $Lang ::tr{'fwhost cust net'}</td><td><select name='cust_net_tgt' style='min-width:185px;'>
1413 & fillselect
( \
%customnetwork , $fwdfwsettings { $fwdfwsettings { 'grp2' }});
1415 </select></td><td width='1%'><input type='radio' name='grp2' value='ovpn_host_tgt' $checked {'grp2'}{'ovpn_host_tgt'}></td><td nowrap='nowrap' width='16%'> $Lang ::tr{'fwhost ccdhost'}</td><td nowrap='nowrap' width='1%'><select name='ovpn_host_tgt' style='min-width:185px;'>
1417 foreach my $key ( sort { uc ( $ccdhost { $a }[ 0 ]) cmp uc ( $ccdhost { $b }[ 0 ]) } keys %ccdhost )
1419 if ( $ccdhost { $key }[ 33 ] ne '' ){
1420 print "<option value=' $ccdhost { $key }[1]' " ;
1421 print "selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp2' }} eq $ccdhost { $key }[ 33 ]);
1422 print "> $ccdhost { $key }[1]</option>" ;
1427 <tr><td valign='top'><input type='radio' name='grp2' value='cust_host_tgt' $checked {'grp2'}{'cust_host_tgt'}></td><td> $Lang ::tr{'fwhost cust addr'}</td><td><select name='cust_host_tgt' style='min-width:185px;'>
1429 & fillselect
( \
%customhost , $fwdfwsettings { $fwdfwsettings { 'grp2' }});
1431 </select></td><td width='1%'><input type='radio' name='grp2' value='ovpn_n2n_tgt' $checked {'grp2'}{'ovpn_n2n_tgt'}></td><td > $Lang ::tr{'fwhost ovpn_n2n'}</td><td colspan='3'><select name='ovpn_n2n_tgt' style='min-width:185px;'>
1433 foreach my $key ( sort { uc ( $ccdhost { $a }[ 0 ]) cmp uc ( $ccdhost { $b }[ 0 ]) } keys %ccdhost ) {
1434 if ( $ccdhost { $key }[ 3 ] eq 'net' ){
1436 print "selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp2' }} eq $ccdhost { $key }[ 1 ]);
1437 print "> $ccdhost { $key }[1]</option>" ;
1442 <tr><td valign='top'><input type='radio' name='grp2' value='cust_grp_tgt' $checked {'grp2'}{'cust_grp_tgt'}></td><td > $Lang ::tr{'fwhost cust grp'}</td><td><select name='cust_grp_tgt' style='min-width:185px;'>
1445 foreach my $key ( sort { uc ( $customgrp { $a }[ 0 ]) cmp uc ( $customgrp { $b }[ 0 ]) } keys %customgrp ) {
1446 if ( $helper ne $customgrp { $key }[ 0 ]){
1448 print "selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp2' }} eq $customgrp { $key }[ 0 ]);
1449 print "> $customgrp { $key }[0]</option>" ;
1451 $helper = $customgrp { $key }[ 0 ];
1455 <td valign='top'><input type='radio' name='grp2' value='ipsec_net_tgt' $checked {'grp2'}{'ipsec_net_tgt'}></td><td > $Lang ::tr{'fwhost ipsec net'}</td><td><select name='ipsec_net_tgt' style='min-width:185px;'>
1457 foreach my $key ( sort { uc ( $ipsecconf { $a }[ 1 ]) cmp uc ( $ipsecconf { $b }[ 1 ]) } keys %ipsecconf ) {
1458 if ( $ipsecconf { $key }[ 3 ] eq 'net' ){
1460 print "selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp2' }} eq $ipsecconf { $key }[ 1 ]);
1461 print "> $ipsecconf { $key }[1]</option>" ;
1467 # <td valign='top'><input type='radio' name='grp2' value='ipsec_host_tgt' $checked{'grp2'}{'ipsec_host_tgt'}></td><td >$Lang::tr{'fwhost ipsec host'}</td><td><select name='ipsec_host_tgt' style='min-width:185px;'>
1469 # foreach my $key (sort { uc($ipsecconf{$a}[1]) cmp uc($ipsecconf{$b}[1]) } keys %ipsecconf) {
1470 # if ($ipsecconf{$key}[3] eq 'host'){
1472 # print"selected='Selected'" if ($fwdfwsettings{$fwdfwsettings{'grp2'}} eq $ipsecconf{$key}[1]);
1473 # print">$ipsecconf{$key}[1]</option>";
1478 <b> $Lang ::tr{'fwhost attention'}:</b><br>
1479 $Lang ::tr{'fwhost macwarn'}<br><hr style='border:dotted #BFBFBF; border-width:1px 0 0 0 ; '></hr><br>
1481 <table width='100%' border='0'>
1482 <tr><td width='1%'><input type='checkbox' name='USESRV' value='ON' $checked {'USESRV'}{'ON'} ></td><td width='48%'> $Lang ::tr{'fwdfw use srv'}</td><td width='1%'><input type='radio' name='grp3' value='cust_srv' checked></td><td nowrap='nowrap'> $Lang ::tr{'fwhost cust service'}</td><td width='1%' colspan='2'><select name='cust_srv'style='min-width:230px;' >
1484 & General
:: readhasharray
( " $configsrv " , \
%customservice );
1485 foreach my $key ( sort { uc ( $customservice { $a }[ 0 ]) cmp uc ( $customservice { $b }[ 0 ]) } keys %customservice ){
1487 print "selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp3' }} eq $customservice { $key }[ 0 ]);
1488 print "value=' $customservice { $key }[0]'> $customservice { $key }[0]</option>" ;
1492 <tr><td colspan='2'></td><td><input type='radio' name='grp3' value='cust_srvgrp' $checked {'grp3'}{'cust_srvgrp'}></td><td nowrap='nowrap'> $Lang ::tr{'fwhost cust srvgrp'}:</td><td colspan='2'><select name='cust_srvgrp' style='min-width:230px;' >
1494 & General
:: readhasharray
( " $configsrvgrp " , \
%customservicegrp );
1496 foreach my $key ( sort { uc ( $customservicegrp { $a }[ 0 ]) cmp uc ( $customservicegrp { $b }[ 0 ]) } keys %customservicegrp ){
1497 if ( $helper ne $customservicegrp { $key }[ 0 ]){
1499 print "selected='selected'" if ( $fwdfwsettings { $fwdfwsettings { 'grp3' }} eq $customservicegrp { $key }[ 0 ]);
1500 print "> $customservicegrp { $key }[0]</option>" ;
1502 $helper = $customservicegrp { $key }[ 0 ];
1506 <tr><td colspan='2'></td><td><input type='radio' name='grp3' value='TGT_PORT' $checked {'grp3'}{'TGT_PORT'}></td><td> $Lang ::tr{'fwdfw man port'}</td><td><select name='TGT_PROT'>
1508 foreach ( "TCP" , "UDP" , "GRE" , "ESP" , "AH" , "ICMP" )
1510 if ( $_ eq $fwdfwsettings { 'TGT_PROT' })
1512 print "<option selected> $_ </option>" ;
1514 print "<option> $_ </option>" ;
1517 $fwdfwsettings { 'TGT_PORT' } =~ s/\|/,/g ;
1519 </select></td><td align='right'><input type='text' name='TGT_PORT' value=' $fwdfwsettings {'TGT_PORT'}' maxlength='20' size='18' ></td></tr>
1520 <tr><td colspan='2'></td><td></td><td> $Lang ::tr{'fwhost icmptype'}</td><td colspan='2'><select name='ICMP_TGT' style='min-width:230px;'>
1522 & General
:: readhasharray
( "${General::swroot}/fwhosts/icmp-types" , \
%icmptypes );
1523 print "<option>All ICMP-Types</option>" ;
1524 foreach my $key ( sort { uc ( $icmptypes { $a }[ 0 ]) cmp uc ( $icmptypes { $b }[ 0 ]) } keys %icmptypes ){
1525 if ( $fwdfwsettings { 'ICMP_TGT' } eq " $icmptypes { $key }[0]" ){
1526 print "<option selected> $icmptypes { $key }[0] ( $icmptypes { $key }[1])</option>" ;
1528 print "<option> $icmptypes { $key }[0] ( $icmptypes { $key }[1])</option>" ;
1537 #---Activate/logging/remark-------------------------------------
1538 & Header
:: openbox
( '100%' , 'left' , $Lang :: tr
{ 'fwdfw additional' });
1540 <table width='100%' border='0'>
1541 <tr><td width='12%'> $Lang ::tr{'remark'}:</td><td align='left'><input type='text' name='ruleremark' size='40' maxlength='255' value=' $fwdfwsettings {'ruleremark'}'></td></tr>
1543 if ( $fwdfwsettings { 'updatefwrule' } eq 'on' || $fwdfwsettings { 'copyfwrule' } eq 'on' ){
1544 print "<tr><td width='12%'> $Lang ::tr{'fwdfw rulepos'}:</td><td><select name='rulepos' >" ;
1545 for ( my $count = 1 ; $count <= $sum ; $count ++){
1546 print "<option value=' $count ' " ;
1547 print "selected='selected'" if ( $fwdfwsettings { 'oldrulenumber' } eq $count );
1548 print "> $count </option>" ;
1550 print "</select></td></tr>" ;
1552 print "<tr><td width='12%'> $Lang ::tr{'fwdfw rulepos'}:</td><td><input type='text' name='rulepos' size='2'></td></tr>" ;
1556 </table><table width='100%'>
1557 <tr><td width='1%'><input type='checkbox' name='ACTIVE' value='ON' $checked {'ACTIVE'}{'ON'}></td><td> $Lang ::tr{'fwdfw rule activate'}</td></tr>
1558 <tr><td width='1%'><input type='checkbox' name='LOG' value='ON' $checked {'LOG'}{'ON'} ></td><td> $Lang ::tr{'fwdfw log rule'}</td></tr>
1561 & Header
:: closebox
();
1562 #---ADD TIMEFRAME-----------------------------------------------
1563 & Header
:: openbox
( '100%' , 'left' , $Lang :: tr
{ 'fwdfw timeframe' });
1565 <table width='70%' border='0'>
1566 <tr><td width='1%'><input type='checkbox' name='TIME' value='ON' $checked {'TIME'}{'ON'}></td><td colspan='4'> $Lang ::tr{'fwdfw timeframe'}</td></tr>
1567 <tr><td colspan='7'> </td></tr>
1569 <td align='left'> $Lang ::tr{'time'}:</td>
1570 <td width='30%' align='left'> $Lang ::tr{'advproxy monday'} $Lang ::tr{'advproxy tuesday'} $Lang ::tr{'advproxy wednesday'} $Lang ::tr{'advproxy thursday'} $Lang ::tr{'advproxy friday'} $Lang ::tr{'advproxy saturday'} $Lang ::tr{'advproxy sunday'}</td>
1571 <td width='15%' align='left'> $Lang ::tr{'advproxy from'}</td>
1572 <td width='15%' align='left'> $Lang ::tr{'advproxy to'}</td>
1575 <td align='right'></td>
1576 <td width='30%' align='left'>
1577 <input type='checkbox' name='TIME_MON' value='on' $checked {'TIME_MON'}{'on'} />
1578 <input type='checkbox' name='TIME_TUE' value='on' $checked {'TIME_TUE'}{'on'} />
1579 <input type='checkbox' name='TIME_WED' value='on' $checked {'TIME_WED'}{'on'} />
1580 <input type='checkbox' name='TIME_THU' value='on' $checked {'TIME_THU'}{'on'} />
1581 <input type='checkbox' name='TIME_FRI' value='on' $checked {'TIME_FRI'}{'on'} />
1582 <input type='checkbox' name='TIME_SAT' value='on' $checked {'TIME_SAT'}{'on'} />
1583 <input type='checkbox' name='TIME_SUN' value='on' $checked {'TIME_SUN'}{'on'} />
1585 <td><select name='TIME_FROM'>
1587 for ( my $i = 0 ; $i <= 23 ; $i ++) {
1588 $i = sprintf ( " %02s " , $i );
1589 for ( my $j = 0 ; $j <= 45 ; $j += 15 ) {
1590 $j = sprintf ( " %02s " , $j );
1591 my $time = $i . ":" . $j ;
1592 print " \t\t\t\t\t <option $selected {'TIME_FROM'}{ $time }> $i : $j </option> \n " ;
1597 <td><select name='TIME_TO'>
1599 for ( my $i = 0 ; $i <= 23 ; $i ++) {
1600 $i = sprintf ( " %02s " , $i );
1601 for ( my $j = 0 ; $j <= 45 ; $j += 15 ) {
1602 $j = sprintf ( " %02s " , $j );
1603 my $time = $i . ":" . $j ;
1604 print " \t\t\t\t\t <option $selected {'TIME_TO'}{ $time }> $i : $j </option> \n " ;
1612 #---ACTION------------------------------------------------------
1613 if ( $fwdfwsettings { 'updatefwrule' } ne 'on' ){
1615 <table border='0' width='100%'>
1616 <tr><td align='right'><input type='submit' value=' $Lang ::tr{'add'}' style='min-width:100px;' />
1617 <input type='hidden' name='config' value=' $config ' >
1618 <input type='hidden' name='ACTION' value='saverule' >
1619 </form><form method='post' style='display:inline'><input type='submit' value=' $Lang ::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value'reset'></td></td>
1624 <table border='0' width='100%'>
1625 <tr><td align='right'><input type='submit' value=' $Lang ::tr{'fwdfw change'}' style='min-width:100px;' /><input type='hidden' name='updatefwrule' value=' $fwdfwsettings {'updatefwrule'}'><input type='hidden' name='key' value=' $fwdfwsettings {'key'}'>
1626 <input type='hidden' name='oldgrp1a' value=' $fwdfwsettings {'oldgrp1a'}' />
1627 <input type='hidden' name='oldgrp1b' value=' $fwdfwsettings {'oldgrp1b'}' />
1628 <input type='hidden' name='oldgrp2a' value=' $fwdfwsettings {'oldgrp2a'}' />
1629 <input type='hidden' name='oldgrp2b' value=' $fwdfwsettings {'oldgrp2b'}' />
1630 <input type='hidden' name='oldgrp3a' value=' $fwdfwsettings {'oldgrp3a'}' />
1631 <input type='hidden' name='oldgrp3b' value=' $fwdfwsettings {'oldgrp3b'}' />
1632 <input type='hidden' name='oldusesrv' value=' $fwdfwsettings {'oldusesrv'}' />
1633 <input type='hidden' name='oldrulenumber' value=' $fwdfwsettings {'oldrulenumber'}' />
1634 <input type='hidden' name='rulenumber' value=' $fwdfwsettings {'rulepos'}' />
1635 <input type='hidden' name='oldruleremark' value=' $fwdfwsettings {'oldruleremark'}' />
1636 <input type='hidden' name='oldorange' value=' $fwdfwsettings {'oldorange'}' />
1637 <input type='hidden' name='ACTION' value='saverule' ></form><form method='post' style='display:inline'><input type='submit' value=' $Lang ::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value'reset'></td></td>
1641 & Header
:: closebox
();
1647 & General
:: readhasharray
( " $config " , $hash );
1648 print " save1 checkorange ist $checkorange und oldorange ist $fwdfwsettings {'oldorange'}<br>" ;
1650 if (! $errormessage ){
1651 #check if we change a DMZ to an outgoing
1652 if ( ( $fwdfwsettings { 'oldgrp1b' } eq 'ORANGE' || $fwdfwsettings { 'oldorange' } eq 'on' ) && $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'IPFire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1653 & changerule
( $configdmz );
1656 #check if we change a DMZ to an external access
1657 elsif ( $fwdfwsettings { 'oldgrp1b' } eq 'ORANGE' && $fwdfwsettings { $fwdfwsettings { 'grp1' }} ne 'ORANGE' && $fwdfwsettings { 'grp2' } eq 'ipfire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1658 & changerule
( $configdmz );
1661 #check if we change an external access rule to a outgoing
1662 elsif ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'IPFire' && $fwdfwsettings { 'oldgrp1b' } ne 'IPFire' && $fwdfwsettings { 'grp2' } ne 'ipfire' && $fwdfwsettings { 'oldgrp2a' } eq 'ipfire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1663 & changerule
( $configinput );
1666 #check if we change an external access rule to a DMZ
1667 elsif ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'ORANGE' && $fwdfwsettings { 'grp2' } ne 'ipfire' && $fwdfwsettings { 'oldgrp2a' } eq 'ipfire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1668 & changerule
( $configinput );
1671 #check if we change an outgoing rule to a external access
1672 if ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} ne 'IPFire' && $fwdfwsettings { 'oldgrp1b' } eq 'IPFire' && $fwdfwsettings { 'grp2' } eq 'ipfire' && $fwdfwsettings { 'oldgrp2a' } ne 'ipfire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1673 & changerule
( $configoutgoing );
1676 #check if we change an outgoing rule to a DMZ
1677 if ( ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'ORANGE' || $checkorange eq 'on' ) && $fwdfwsettings { 'oldgrp1b' } eq 'IPFire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1678 & changerule
( $configoutgoing );
1681 #check if we change an forward rule to an external access
1682 elsif ( $fwdfwsettings { 'grp2' } eq 'ipfire' && $fwdfwsettings { 'oldgrp2a' } ne 'ipfire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1683 & changerule
( $configfwdfw );
1686 #check if we change an forward rule to an DMZ
1687 if ( ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'ORANGE' || $checkorange eq 'on' ) && ( $fwdfwsettings { 'oldgrp1b' } ne 'ORANGE' && $fwdfwsettings { 'oldorange' } ne 'on' ) && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1688 & changerule
( $configfwdfw );
1691 #check if we change an forward rule to an outgoing
1692 elsif ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} eq 'IPFire' && $fwdfwsettings { 'oldgrp1b' } ne 'IPFire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1693 & changerule
( $configfwdfw );
1696 #check if we change a DMZ to a forward
1697 elsif ( ( $fwdfwsettings { 'oldgrp1b' } eq 'ORANGE' || $fwdfwsettings { 'oldorange' } eq 'on' ) && ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} ne 'ORANGE' && $checkorange ne 'on' ) && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1698 & changerule
( $configdmz );
1701 #check if we change an external access rule to a forward
1702 elsif ( $fwdfwsettings { 'grp2' } ne 'ipfire' && $fwdfwsettings { 'oldgrp2a' } eq 'ipfire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1703 & changerule
( $configinput );
1706 #check if we change an outgoing rule to a forward
1707 elsif ( $fwdfwsettings { $fwdfwsettings { 'grp1' }} ne 'IPFire' && $fwdfwsettings { 'oldgrp1b' } eq 'IPFire' && $fwdfwsettings { 'grp2' } ne 'ipfire' && $fwdfwsettings { 'updatefwrule' } eq 'on' ){
1708 & changerule
( $configoutgoing );
1711 if ( $fwdfwsettings { 'updatefwrule' } ne 'on' ){
1712 my $key = & General
:: findhasharraykey
( $hash );
1713 $ $hash { $key }[ 0 ] = $fwdfwsettings { 'RULE_ACTION' };
1714 $ $hash { $key }[ 1 ] = $fwdfwsettings { 'chain' };
1715 $ $hash { $key }[ 2 ] = $fwdfwsettings { 'ACTIVE' };
1716 $ $hash { $key }[ 3 ] = $fwdfwsettings { 'grp1' };
1717 $ $hash { $key }[ 4 ] = $fwdfwsettings { $fwdfwsettings { 'grp1' }};
1718 $ $hash { $key }[ 5 ] = $fwdfwsettings { 'grp2' };
1719 $ $hash { $key }[ 6 ] = $fwdfwsettings { $fwdfwsettings { 'grp2' }};
1720 $ $hash { $key }[ 7 ] = $fwdfwsettings { 'USE_SRC_PORT' };
1721 $ $hash { $key }[ 8 ] = $fwdfwsettings { 'PROT' };
1722 $ $hash { $key }[ 9 ] = $fwdfwsettings { 'ICMP_TYPES' };
1723 $ $hash { $key }[ 10 ] = $fwdfwsettings { 'SRC_PORT' };
1724 $ $hash { $key }[ 11 ] = $fwdfwsettings { 'USESRV' };
1725 $ $hash { $key }[ 12 ] = $fwdfwsettings { 'TGT_PROT' };
1726 $ $hash { $key }[ 13 ] = $fwdfwsettings { 'ICMP_TGT' };
1727 $ $hash { $key }[ 14 ] = $fwdfwsettings { 'grp3' };
1728 $ $hash { $key }[ 15 ] = $fwdfwsettings { $fwdfwsettings { 'grp3' }};
1729 $ $hash { $key }[ 16 ] = $fwdfwsettings { 'ruleremark' };
1730 $ $hash { $key }[ 17 ] = $fwdfwsettings { 'LOG' };
1731 $ $hash { $key }[ 18 ] = $fwdfwsettings { 'TIME' };
1732 $ $hash { $key }[ 19 ] = $fwdfwsettings { 'TIME_MON' };
1733 $ $hash { $key }[ 20 ] = $fwdfwsettings { 'TIME_TUE' };
1734 $ $hash { $key }[ 21 ] = $fwdfwsettings { 'TIME_WED' };
1735 $ $hash { $key }[ 22 ] = $fwdfwsettings { 'TIME_THU' };
1736 $ $hash { $key }[ 23 ] = $fwdfwsettings { 'TIME_FRI' };
1737 $ $hash { $key }[ 24 ] = $fwdfwsettings { 'TIME_SAT' };
1738 $ $hash { $key }[ 25 ] = $fwdfwsettings { 'TIME_SUN' };
1739 $ $hash { $key }[ 26 ] = $fwdfwsettings { 'TIME_FROM' };
1740 $ $hash { $key }[ 27 ] = $fwdfwsettings { 'TIME_TO' };
1741 & General
:: writehasharray
( " $config " , $hash );
1743 foreach my $key ( sort { $a <=> $b } keys % $hash ){
1744 if ( $key eq $fwdfwsettings { 'key' }){
1745 $ $hash { $key }[ 0 ] = $fwdfwsettings { 'RULE_ACTION' };
1746 $ $hash { $key }[ 1 ] = $fwdfwsettings { 'chain' };
1747 $ $hash { $key }[ 2 ] = $fwdfwsettings { 'ACTIVE' };
1748 $ $hash { $key }[ 3 ] = $fwdfwsettings { 'grp1' };
1749 $ $hash { $key }[ 4 ] = $fwdfwsettings { $fwdfwsettings { 'grp1' }};
1750 $ $hash { $key }[ 5 ] = $fwdfwsettings { 'grp2' };
1751 $ $hash { $key }[ 6 ] = $fwdfwsettings { $fwdfwsettings { 'grp2' }};
1752 $ $hash { $key }[ 7 ] = $fwdfwsettings { 'USE_SRC_PORT' };
1753 $ $hash { $key }[ 8 ] = $fwdfwsettings { 'PROT' };
1754 $ $hash { $key }[ 9 ] = $fwdfwsettings { 'ICMP_TYPES' };
1755 $ $hash { $key }[ 10 ] = $fwdfwsettings { 'SRC_PORT' };
1756 $ $hash { $key }[ 11 ] = $fwdfwsettings { 'USESRV' };
1757 $ $hash { $key }[ 12 ] = $fwdfwsettings { 'TGT_PROT' };
1758 $ $hash { $key }[ 13 ] = $fwdfwsettings { 'ICMP_TGT' };
1759 $ $hash { $key }[ 14 ] = $fwdfwsettings { 'grp3' };
1760 $ $hash { $key }[ 15 ] = $fwdfwsettings { $fwdfwsettings { 'grp3' }};
1761 $ $hash { $key }[ 16 ] = $fwdfwsettings { 'ruleremark' };
1762 $ $hash { $key }[ 17 ] = $fwdfwsettings { 'LOG' };
1763 $ $hash { $key }[ 18 ] = $fwdfwsettings { 'TIME' };
1764 $ $hash { $key }[ 19 ] = $fwdfwsettings { 'TIME_MON' };
1765 $ $hash { $key }[ 20 ] = $fwdfwsettings { 'TIME_TUE' };
1766 $ $hash { $key }[ 21 ] = $fwdfwsettings { 'TIME_WED' };
1767 $ $hash { $key }[ 22 ] = $fwdfwsettings { 'TIME_THU' };
1768 $ $hash { $key }[ 23 ] = $fwdfwsettings { 'TIME_FRI' };
1769 $ $hash { $key }[ 24 ] = $fwdfwsettings { 'TIME_SAT' };
1770 $ $hash { $key }[ 25 ] = $fwdfwsettings { 'TIME_SUN' };
1771 $ $hash { $key }[ 26 ] = $fwdfwsettings { 'TIME_FROM' };
1772 $ $hash { $key }[ 27 ] = $fwdfwsettings { 'TIME_TO' };
1777 & General
:: writehasharray
( " $config " , $hash );
1778 if ( $fwdfwsettings { 'oldrulenumber' } > $fwdfwsettings { 'rulepos' }){
1780 my $val = $fwdfwsettings { 'oldrulenumber' }- $fwdfwsettings { 'rulepos' };
1781 for ( my $z = 0 ; $z < $val ; $z ++){
1782 foreach my $key ( sort { $a <=> $b } keys % $hash ){
1783 if ( $key eq $fwdfwsettings { 'oldrulenumber' }) {
1785 if ( exists $ $hash { $last }){
1787 foreach my $y ( 0 .. $ #{$$hash{$last}}) {
1788 $tmp { 0 }[ $y ] = $ $hash { $last }[ $y ];
1790 #copy active rule to last
1791 foreach my $i ( 0 .. $ #{$$hash{$last}}) {
1792 $ $hash { $last }[ $i ] = $ $hash { $key }[ $i ];
1794 #copy saved rule to actual position
1795 foreach my $x ( 0 .. $ #{$tmp{0}}) {
1796 $ $hash { $key }[ $x ] = $tmp { 0 }[ $x ];
1801 $fwdfwsettings { 'oldrulenumber' }--;
1803 & General
:: writehasharray
( " $config " , $hash );
1805 } elsif ( $fwdfwsettings { 'rulepos' } > $fwdfwsettings { 'oldrulenumber' }){
1807 my $val = $fwdfwsettings { 'rulepos' }- $fwdfwsettings { 'oldrulenumber' };
1808 for ( my $z = 0 ; $z < $val ; $z ++){
1809 foreach my $key ( sort { $a <=> $b } keys % $hash ){
1810 if ( $key eq $fwdfwsettings { 'oldrulenumber' }) {
1811 my $next = $key + 1 ;
1812 if ( exists $ $hash { $next }){
1814 foreach my $y ( 0 .. $ #{$$hash{$next}}) {
1815 $tmp { 0 }[ $y ] = $ $hash { $next }[ $y ];
1817 #copy active rule to next
1818 foreach my $i ( 0 .. $ #{$$hash{$next}}) {
1819 $ $hash { $next }[ $i ] = $ $hash { $key }[ $i ];
1821 #copy saved rule to actual position
1822 foreach my $x ( 0 .. $ #{$tmp{0}}) {
1823 $ $hash { $key }[ $x ] = $tmp { 0 }[ $x ];
1828 $fwdfwsettings { 'oldrulenumber' }++;
1830 & General
:: writehasharray
( " $config " , $hash );
1837 if ( $errormessage ) {
1838 & Header
:: openbox
( '100%' , 'left' , $Lang :: tr
{ 'error messages' });
1839 print "<class name='base'> $errormessage \n " ;
1840 print " </class> \n " ;
1841 & Header
:: closebox
();
1848 & Header
:: openbox
( '100%' , 'left' , $Lang :: tr
{ 'fwhost hint' });
1849 print "<class name='base'> $hint \n " ;
1850 print " </class> \n " ;
1851 & Header
:: closebox
();
1858 & General
:: setup_default_networks
( \
%defaultNetworks );
1859 foreach my $network ( sort keys %defaultNetworks )
1861 return " $network " if ( $val eq $defaultNetworks { $network }{ 'NAME' });
1866 # Checks a hostname against RFC1035
1869 # Each part should be at least two characters in length
1870 # but no more than 63 characters
1871 if ( length ( $remark ) < 1 || length ( $remark ) > 255 ) {
1873 # Only valid characters are a-z, A-Z, 0-9 and -
1874 if ( $remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:;\|_()\/ \s
]*$/) {
1876 # First character can only be a letter or a digit
1877 if ( substr ( $remark , 0 , 1 ) !~ /^[a-zäöüA-ZÖÄÜ0-9]*$/ ) {
1879 # Last character can only be a letter or a digit
1880 if ( substr ( $remark , - 1 , 1 ) !~ /^[a-zöäüA-ZÖÄÜ0-9.:;_)]*$/ ) {
1886 my %hash =%{( shift )};
1888 if ( $hash { $key }[ 7 ] eq 'ON' && $hash { $key }[ 8 ] ne '' && $hash { $key }[ 10 ]){
1889 $hash { $key }[ 10 ]=~ s/\|/,/g ;
1890 print ": $hash { $key }[10]" ;
1891 } elsif ( $hash { $key }[ 7 ] eq 'ON' && $hash { $key }[ 8 ] eq 'ICMP' ){
1892 print ": <br> $hash { $key }[9] " ;
1897 my %hash =%{( shift )};
1901 if ( $hash { $key }[ 11 ] eq 'ON' && $hash { $key }[ 12 ] ne 'ICMP' ){
1902 if ( $hash { $key }[ 14 ] eq 'cust_srv' ){
1903 & General
:: readhasharray
( " $configsrv " , \
%customservice );
1904 foreach my $i ( sort keys %customservice ){
1905 if ( $customservice { $i }[ 0 ] eq $hash { $key }[ 15 ]){
1906 $service = $customservice { $i }[ 0 ];
1909 } elsif ( $hash { $key }[ 14 ] eq 'cust_srvgrp' ){
1910 $service = $hash { $key }[ 15 ];
1911 } elsif ( $hash { $key }[ 14 ] eq 'TGT_PORT' ){
1912 $hash { $key }[ 15 ]=~ s/\|/,/g ;
1913 $service = $hash { $key }[ 15 ];
1918 } elsif ( $hash { $key }[ 11 ] eq 'ON' && $hash { $key }[ 12 ] eq 'ICMP' ){
1919 print ":<br> $hash { $key }[13]" ;
1922 sub get_serviceports
1926 & General
:: readhasharray
( " $configsrv " , \
%customservice );
1927 & General
:: readhasharray
( " $configsrvgrp " , \
%customservicegrp );
1931 if ( $type eq 'service' ){
1932 foreach my $key ( sort { uc ( $customservice { $a }[ 0 ]) cmp uc ( $customservice { $b }[ 0 ]) } keys %customservice ){
1933 if ( $customservice { $key }[ 0 ] eq $name ){
1934 $protocols = $customservice { $key }[ 2 ];
1937 } elsif ( $type eq 'group' ){
1938 foreach my $key ( sort { uc ( $customservicegrp { $a }[ 0 ]) cmp uc ( $customservicegrp { $b }[ 0 ]) } keys %customservicegrp ){
1939 if ( $customservicegrp { $key }[ 0 ] eq $name ){
1940 foreach my $key1 ( sort { uc ( $customservice { $a }[ 0 ]) cmp uc ( $customservice { $b }[ 0 ]) } keys %customservice ){
1941 if ( $customservice { $key1 }[ 0 ] eq $customservicegrp { $key }[ 2 ]){
1942 if ( $customservice { $key1 }[ 2 ] eq 'TCP' ){ $tcp = 'TCP' ;} else { $udp = 'UDP' ;}
1948 if ( $tcp && $udp ){ $protocols = "TCP,UDP" ;
1949 } elsif ( $tcp ){ $protocols .= "TCP" ;
1950 } elsif ( $udp ){ $protocols .= "UDP" ;}
1955 & General
:: readhash
( "/var/ipfire/ethernet/settings" , \
%netsettings );
1956 & viewtablenew
( \
%configdmzfw , $configdmz , $Lang :: tr
{ 'fwdfw rules' }, "DMZ" );
1957 & viewtablenew
( \
%configfwdfw , $configfwdfw , "" , "Forward" );
1958 & viewtablenew
( \
%configinputfw , $configinput , "" , $Lang :: tr
{ 'external access' } );
1959 & viewtablenew
( \
%configoutgoingfw , $configoutgoing , "" , "Outgoing" );
1968 & General
:: get_aliases
( \
%aliases );
1969 & General
:: readhasharray
( " $confighost " , \
%customhost );
1970 & General
:: readhasharray
( " $config " , $hash );
1972 & Header
:: openbox
( '100%' , 'left' , $title );
1980 print "<b> $title1 </b><br>" ;
1981 print "<table width='100%' cellspacing='0' style=' padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;'>" ;
1982 print "<tr><td align='center'><b>#</td><td ></td><td align='center'><b> $Lang ::tr{'fwdfw source'}</td><td><b>Log</td><td align='center'><b> $Lang ::tr{'fwdfw target'}</td><td align='center'><b> $Lang ::tr{'protocol'}</b></td><td align='center'><b> $Lang ::tr{'fwdfw time'}</td><td align='center' colspan='6'><b> $Lang ::tr{'fwdfw action'}</td></tr>" ;
1983 foreach my $key ( sort { $a <=> $b } keys % $hash ){
1986 #check if vpn hosts/nets have been deleted
1987 if ($ $hash { $key }[ 3 ] =~ /ipsec/i || $ $hash { $key }[ 3 ] =~ /ovpn/i ){
1988 push ( @tmpsrc ,$ $hash { $key }[ 4 ]);
1990 if ($ $hash { $key }[ 5 ] =~ /ipsec/i || $ $hash { $key }[ 5 ] =~ /ovpn/i ){
1991 push ( @tmpsrc ,$ $hash { $key }[ 6 ]);
1993 foreach my $host ( @tmpsrc ){
1994 if ($ $hash { $key }[ 3 ] eq 'ipsec_net_src' || $ $hash { $key }[ 5 ] eq 'ipsec_net_tgt' ){
1995 if (& fwlib
:: get_ipsec_net_ip
( $host , 11 ) eq '' ){
1997 & disable_rule
( $key );
2000 } elsif ($ $hash { $key }[ 3 ] eq 'ovpn_net_src' || $ $hash { $key }[ 5 ] eq 'ovpn_net_tgt' ){
2001 if (& fwlib
:: get_ovpn_net_ip
( $host , 1 ) eq '' ){
2003 & disable_rule
( $key );
2006 } elsif ($ $hash { $key }[ 3 ] eq 'ovpn_n2n_src' || $ $hash { $key }[ 5 ] eq 'ovpn_n2n_tgt' ){
2007 if (& fwlib
:: get_ovpn_n2n_ip
( $host , 27 ) eq '' ){
2009 & disable_rule
( $key );
2012 } elsif ($ $hash { $key }[ 3 ] eq 'ovpn_host_src' || $ $hash { $key }[ 5 ] eq 'ovpn_host_tgt' ){
2013 if (& fwlib
:: get_ovpn_host_ip
( $host , 33 ) eq '' ){
2015 & disable_rule
( $key );
2019 #$$hash{$key}[3]='';
2020 #$$hash{$key}[5]='';
2022 $ $hash { 'ACTIVE' }=$ $hash { $key }[ 2 ];
2024 if ( $coloryellow eq 'on' ){
2025 print "<tr bgcolor=' $color {'color14'}' >" ;
2027 } elsif ( $coloryellow eq '' ){
2029 $color = " $color {'color22'}" ;
2032 $color = " $color {'color20'}" ;
2035 print "<tr bgcolor=' $color ' >" ;
2037 <td align='right' width='15'><b> $key </b></td>
2039 if ($ $hash { $key }[ 0 ] eq 'ACCEPT' ){
2042 $rulecolor = $color { 'color17' };
2043 } elsif ($ $hash { $key }[ 0 ] eq 'DROP' ){
2046 $rulecolor = $color { 'color25' };
2047 } elsif ($ $hash { $key }[ 0 ] eq 'REJECT' ){
2050 $rulecolor = $color { 'color16' };
2052 print "<td bgcolor=' $rulecolor ' align='center' width='20'><span title=' $tooltip '><b> $ruletype </b></span></td>" ;
2053 & getcolor
($ $hash { $key }[ 3 ],$ $hash { $key }[ 4 ], \
%customhost );
2054 print "<td align='center' width='160' $tdcolor >" ;
2055 if ($ $hash { $key }[ 3 ] eq 'std_net_src' ){
2056 print & get_name
($ $hash { $key }[ 4 ]);
2058 print $ $hash { $key }[ 4 ];
2061 & getsrcport
( \
% $hash , $key );
2062 if ($ $hash { $key }[ 17 ] eq 'ON' ){
2063 $log = "/images/on.gif" ;
2065 $log = "/images/off.gif" ;
2069 <form method='post'>
2070 <td align='left' width='25'><input type='image' img src=' $log ' alt=' $Lang ::tr{'click to disable'}' title=' $Lang ::tr{'fwdfw togglelog'}' style='padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;'/>
2071 <input type='hidden' name='key' value=' $key ' />
2072 <input type='hidden' name='config' value=' $config ' />
2073 <input type='hidden' name='ACTION' value=' $Lang ::tr{'fwdfw togglelog'}' />
2076 & getcolor
($ $hash { $key }[ 5 ],$ $hash { $key }[ 6 ], \
%customhost );
2078 <td align='center' width='160' $tdcolor >
2080 if ($ $hash { $key }[ 5 ] eq 'std_net_tgt' ){
2081 print & get_name
($ $hash { $key }[ 6 ]);
2083 print $ $hash { $key }[ 6 ];
2086 & gettgtport
( \
% $hash , $key );
2090 if ($ $hash { $key }[ 12 ]){ #target prot if manual
2091 $prot =$ $hash { $key }[ 12 ];
2092 } elsif ($ $hash { $key }[ 8 ]){ #source prot if manual
2093 $prot =$ $hash { $key }[ 8 ];
2094 } elsif ($ $hash { $key }[ 14 ] eq 'cust_srv' ){
2095 $prot =& get_serviceports
( "service" ,$ $hash { $key }[ 15 ]);
2096 } elsif ($ $hash { $key }[ 14 ] eq 'cust_srvgrp' ){
2097 $prot =& get_serviceports
( "group" ,$ $hash { $key }[ 15 ]);
2099 $prot = $Lang :: tr
{ 'all' };
2101 print "<td align='center'> $prot </td>" ;
2102 if ($ $hash { $key }[ 18 ] eq 'ON' ){
2104 if ($ $hash { $key }[ 19 ] ne '' ){ push ( @days , $Lang :: tr
{ 'fwdfw wd_mon' });}
2105 if ($ $hash { $key }[ 20 ] ne '' ){ push ( @days , $Lang :: tr
{ 'fwdfw wd_tue' });}
2106 if ($ $hash { $key }[ 21 ] ne '' ){ push ( @days , $Lang :: tr
{ 'fwdfw wd_wed' });}
2107 if ($ $hash { $key }[ 22 ] ne '' ){ push ( @days , $Lang :: tr
{ 'fwdfw wd_thu' });}
2108 if ($ $hash { $key }[ 23 ] ne '' ){ push ( @days , $Lang :: tr
{ 'fwdfw wd_fri' });}
2109 if ($ $hash { $key }[ 24 ] ne '' ){ push ( @days , $Lang :: tr
{ 'fwdfw wd_sat' });}
2110 if ($ $hash { $key }[ 25 ] ne '' ){ push ( @days , $Lang :: tr
{ 'fwdfw wd_sun' });}
2111 my $weekdays = join ( "," , @days );
2113 print "<td align='center' width='100'> $weekdays   $ $hash { $key }[26] - $ $hash { $key }[27]</td>" ;
2116 print "<td align='center'>24/7</td>" ;
2118 if ($ $hash { $key }[ 2 ] eq 'ON' ){
2119 $gif = "/images/on.gif"
2122 $gif = "/images/off.gif"
2125 <form method='post'>
2126 <td width='25'><input type='image' img src=' $gif ' alt=' $Lang ::tr{'click to disable'}' title=' $Lang ::tr{'fwdfw toggle'}' style='padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;display: block;' />
2127 <input type='hidden' name='key' value=' $key ' />
2128 <input type='hidden' name='config' value=' $config ' />
2129 <input type='hidden' name='ACTION' value=' $Lang ::tr{'fwdfw toggle'}' />
2131 <form method='post'>
2132 <td width='25' ><input type='image' img src='/images/edit.gif' alt=' $Lang ::tr{'edit'}' title=' $Lang ::tr{'fwdfw edit'}' style='padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;display: block;' />
2133 <input type='hidden' name='key' value=' $key ' />
2134 <input type='hidden' name='config' value=' $config ' />
2135 <input type='hidden' name='ACTION' value='editrule' />
2137 <form method='post'>
2138 <td width='25'><input type='image' img src='/images/addblue.gif' alt=' $Lang ::tr{'fwdfw copy'}' title=' $Lang ::tr{'fwdfw copy'}' style='padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;display: block;' />
2139 <input type='hidden' name='key' value=' $key ' />
2140 <input type='hidden' name='config' value=' $config ' />
2141 <input type='hidden' name='ACTION' value='copyrule' />
2143 <form method='post'>
2144 <td width='25' ><input type='image' img src='/images/delete.gif' alt=' $Lang ::tr{'delete'}' title=' $Lang ::tr{'fwdfw delete'}' style='padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;display: block;' />
2145 <input type='hidden' name='key' value=' $key ' />
2146 <input type='hidden' name='config' value=' $config ' />
2147 <input type='hidden' name='ACTION' value='deleterule' />
2150 if ( exists $ $hash { $key - 1 }){
2152 <form method='post'>
2153 <td width='25'><input type='image' img src='/images/up.gif' alt=' $Lang ::tr{'fwdfw moveup'}' title=' $Lang ::tr{'fwdfw moveup'}' style='padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;display: block;' />
2154 <input type='hidden' name='key' value=' $key ' />
2155 <input type='hidden' name='config' value=' $config ' />
2156 <input type='hidden' name='ACTION' value='moveup' />
2160 print "<td width='25'><input type='image' img src='/images/up.gif' style='visibility:hidden;'></td>" ;
2162 if ( exists $ $hash { $key + 1 }){
2164 <form method='post'>
2165 <td width='25' ><input type='image' img src='/images/down.gif' alt=' $Lang ::tr{'fwdfw movedown'}' title=' $Lang ::tr{'fwdfw movedown'}' style='padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;display: block;' />
2166 <input type='hidden' name='key' value=' $key ' />
2167 <input type='hidden' name='config' value=' $config ' />
2168 <input type='hidden' name='ACTION' value='movedown' />
2169 </td></form></td></tr>
2172 print "<td width='25'><input type='image' img src='/images/down.gif' style='visibility:hidden;'></td></tr>" ;
2175 if ( $optionsfw { 'SHOWREMARK' } eq 'on' ){
2176 print "<tr bgcolor=' $color '>" ;
2177 print "<td> </td><td bgcolor=' $rulecolor '></td><td colspan='11'>$ $hash { $key }[16]</td></tr>" ;
2181 & Header
:: closebox
();
2185 if ( $optionsfw { 'SHOWTABLES' } eq 'on' ){
2186 print "<b> $title1 </b><br>" ;
2187 print "<table width='100%' border='0' rules='none'><tr><td height='30' bgcolor= $color {'color22'} align='center'> $Lang ::tr{'fwhost empty'}</td></tr></table><br><br>" ;
2196 if ( $optionsfw { 'SHOWCOLORS' } eq 'on' ){
2198 if ( $nettype eq 'ovpn_n2n_src' || $nettype eq 'ovpn_n2n_tgt' || $nettype eq 'ovpn_net_src' || $nettype eq 'ovpn_net_tgt' || $nettype eq 'ovpn_host_src' || $nettype eq 'ovpn_host_tgt' ){
2199 $tdcolor = "style='border: 1px solid $Header ::colourovpn;'" ;
2202 if ( $nettype eq 'ipsec_net_src' || $nettype eq 'ipsec_net_tgt' ){
2203 $tdcolor = "style='border: 1px solid $Header ::colourvpn;'" ;
2207 if ( $nettype eq 'cust_host_src' || $nettype eq 'cust_host_tgt' ){
2208 foreach my $key ( sort keys % $hash ){
2209 if ($ $hash { $key }[ 0 ] eq $val ){
2210 $val =$ $hash { $key }[ 2 ];
2215 foreach my $alias ( sort keys %aliases )
2217 if ( $val eq $alias ){
2218 $tdcolor = "style='border: 2px solid red;'" ;
2223 if ( $val eq 'GREEN' ){
2224 $tdcolor = "style='border: 1px solid $Header ::colourgreen;'" ;
2225 } elsif ( $val eq 'ORANGE' ){
2226 $tdcolor = "style='border: 1px solid $Header ::colourorange;'" ;
2227 } elsif ( $val eq 'BLUE' ){
2228 $tdcolor = "style='border: 1px solid $Header ::colourblue;'" ;
2229 } elsif ( $val eq 'RED' ){
2230 $tdcolor = "style='border: 1px solid $Header ::colourred;'" ;
2231 } elsif ( $val eq 'IPFire' ){
2232 $tdcolor = "style='border: 1px solid $Header ::colourred;'" ;
2233 } elsif ( $val =~ /^(.*?)\/ (.* ?
)$/){
2234 my ( $sip , $scidr ) = split ( "/" , $val );
2235 if ( & General
:: IpInSubnet
( $sip , $netsettings { 'ORANGE_ADDRESS' }, $netsettings { 'ORANGE_NETMASK' })){
2236 $tdcolor = "style='border: 1px solid $Header ::colourorange;'" ;
2238 if ( & General
:: IpInSubnet
( $sip , $netsettings { 'GREEN_ADDRESS' }, $netsettings { 'GREEN_NETMASK' })){
2239 $tdcolor = "style='border: 1px solid $Header ::colourgreen;'" ;
2241 if ( & General
:: IpInSubnet
( $sip , $netsettings { 'BLUE_ADDRESS' }, $netsettings { 'BLUE_NETMASK' })){
2242 $tdcolor = "style='border: 1px solid $Header ::colourblue;'" ;
2244 } elsif ( $val eq 'Default IP' ){
2245 $tdcolor = "style='border: 1px solid red;'" ;
2253 my %hash =%{( shift )};
2256 foreach my $key ( sort { uc ( $hash { $a }[ 0 ]) cmp uc ( $hash { $b }[ 0 ]) } keys %hash ){
2257 if ( $hash { $key }[ 0 ] eq $val ){
2258 print "<option value=' $hash { $key }[0]' selected> $hash { $key }[0]</option>" ;
2260 print "<option value=' $hash { $key }[0]'> $hash { $key }[0]</option>" ;
2266 if (!- f
"${General::swroot}/forward/reread" ){
2267 system ( "touch ${General::swroot}/forward/reread" );
2268 system ( "touch ${General::swroot}/fwhosts/reread" );
2273 system ( "/usr/local/bin/forwardfwctrl" );
2274 if ( - f
"${General::swroot}/forward/reread" ){
2275 system ( "rm ${General::swroot}/forward/reread" );
2276 system ( "rm ${General::swroot}/fwhosts/reread" );
2279 & Header
:: closebigbox
();
2280 & Header
:: closepage
();