]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/blob - html/cgi-bin/webaccess.cgi
projects / people / teissler / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Re-add missing language string "DNS Servers".
[people/teissler/ipfire-2.x.git] / html / cgi-bin / webaccess.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007 Michael Tremer & Christian Schmidt #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use CGI;
23
24 my $swroot = "/var/ipfire";
25 my $apdir = "$swroot/proxy/advanced";
26 my $group_def_file = "$apdir/cre/classrooms";
27 my $svhosts_file = "$apdir/cre/supervisors";
28 my $acl_src_noaccess_ips = "$apdir/acls/src_noaccess_ip.acl";
29 my $acl_src_noaccess_mac = "$apdir/acls/src_noaccess_mac.acl";
30
31 my $banner = "A D V A N C E D &nbsp; P R O X Y &nbsp; - &nbsp; W E B &nbsp; A C C E S S &nbsp; M A N A G E R";
32 my %cgiparams;
33 my %mainsettings;
34 my %proxysettings;
35
36 my %acl=();
37 my @group_defs=();
38 my @groups=();
39
40 ### Initialize environment
41 &readhash("${swroot}/main/settings", \%mainsettings);
42 &readhash("${swroot}/proxy/advanced/settings", \%proxysettings);
43 $language = $mainsettings{'LANGUAGE'};
44
45 ### Initialize language
46 if ($language =~ /^(\w+)$/) {$language = $1;}
47 #
48 # Uncomment this to force a certain language:
49 # $language='en';
50 #
51 require "${swroot}/langs/en.pl";
52 require "${swroot}/langs/${language}.pl";
53
54 &getcgihash(\%cgiparams);
55
56 &read_all_groups;
57 &read_acl_groups;
58
59 foreach (@groups)
60 {
61 if ($cgiparams{$_} eq $tr{'advproxy mode deny'}) { $acl{$_}='on'; }
62 if ($cgiparams{$_} eq $tr{'advproxy mode allow'}) { $acl{$_}='off'; }
63 }
64
65 &read_all_groups;
66
67 my $is_supervisor=0;
68
69 if ((-e $svhosts_file) && (!-z $svhosts_file))
70 {
71 open (FILE, $svhosts_file);
72 while (<FILE>)
73 {
74 chomp;
75 if ($ENV{'REMOTE_ADDR'} eq $_) { $is_supervisor=1; }
76 }
77 close (FILE);
78
79 } else { $is_supervisor=1; }
80
81 if (($cgiparams{'ACTION'} eq 'submit') && ($is_supervisor))
82 {
83 if ( ($cgiparams{'PASSWORD'} eq $proxysettings{'SUPERVISOR_PASSWORD'}) && (!($proxysettings{'SUPERVISOR_PASSWORD'} eq '')) ||
84 ((defined($proxysettings{'SUPERVISOR_PASSWORD'})) && ($proxysettings{'SUPERVISOR_PASSWORD'} eq '')))
85 {
86 &write_acl;
87 system("/usr/local/bin/squidctrl restart >/dev/null 2>&1");
88 }
89 }
90
91 &read_acl_groups;
92
93 #undef(%cgiparams);
94
95 # -------------------------------------------------------------------
96
97 print <<END
98 Pragma: no-cache
99 Cache-control: no-cache
100 Connection: close
101 Content-type: text/html
102
103 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'>
104 <html>
105 <head>
106 <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'>
107 <title>Advanced Proxy - Web Access Manager</title>
108 <style type='text/css'>
109 a:link { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#ffffff; }
110 a:visited { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#ffffff; }
111 a:hover { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#000000; }
112 a:active { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#000000; }
113 a:focus { text-decoration:none; font-family:verdana,arial,helvetica; font-weight:bold; color:#ffffff; }
114 </style>
115 </head>
116 <body bgcolor='#FFFFFF'>
117
118 <center>
119
120 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
121
122 <table width='720' cellspacing='10' cellpadding='5' border='0'>
123
124 <tr>
125 <td bgcolor='#C0C0C0' height='20'></td>
126 </tr>
127
128 <tr>
129 <td bgcolor='#F4F4F4' align='center'>
130 <table width='100%' cellspacing='10' cellpadding='10' border='0'>
131
132 <tr>
133 <td nowrap bgcolor='#FFFFFF' align='center'>
134 <font face='verdana,arial,helvetica' color='#000000' size='3'>$banner</font>
135 </td>
136 </tr>
137
138 END
139 ;
140 if ($proxysettings{'CLASSROOM_EXT'} eq 'on')
141 {
142 if (@groups)
143 {
144 print <<END
145 <tr>
146 <td>
147 <table width='70%' cellspacing='2' cellpadding='2' border='0' align='center'>
148 <tr><td><input type='hidden' name='ACTION' value='submit'></td></tr>
149 <tr>
150 END
151 ;
152 if (($is_supervisor) && ((defined($proxysettings{'SUPERVISOR_PASSWORD'})) && (!($proxysettings{'SUPERVISOR_PASSWORD'} eq ''))))
153 {
154 print <<END
155 <td align='center'>
156 <font face='verdana,arial,helvetica' color='#000000' size='2'>$tr{'advproxy supervisor password'}:</font>
157 </td>
158 <td align='center'><input type='password' name='PASSWORD' size='15'></td>
159 END
160 ;
161 }
162 print <<END
163 </tr>
164
165 </table>
166
167 <p>
168
169 END
170 ;
171 foreach (@groups) {
172 if ($is_supervisor)
173 {
174 print"<table width='65%' cellspacing='2' cellpadding='2' border='0' align='center' rules='groups'>";
175 } else {
176 print"<table width='50%' cellspacing='2' cellpadding='6' border='0' align='center' rules='groups'>";
177 }
178 print "<tr>\n";
179 if ((defined($acl{$_})) && ($acl{$_} eq 'on'))
180 {
181 print " <td bgcolor='#D00000' align='center'><font face='verdana,arial,helvetica' color='#FFFFFF' size='2'>$_</font>";
182 } else { print " <td bgcolor='#00A000' align='center'><font face='verdana,arial,helvetica' color='#FFFFFF' size='2'>$_</font>"; }
183 if ($is_supervisor)
184 {
185 if ((defined($acl{$_})) && ($acl{$_} eq 'on'))
186 {
187 print "</td><td width='120' align='center'>";
188 print "<input type='submit' name='$_' value=' $tr{'advproxy mode allow'} '>";
189 print "</td><td width='16' bgcolor='#D00000'>&nbsp;</td>\n";
190 } else {
191 print "</td><td width='120' align='center'>";
192 print "<input type='submit' name='$_' value=' $tr{'advproxy mode deny'} '>";
193 print "</td><td width='16' bgcolor='#00A000'>&nbsp;</td>\n";
194 }
195 }
196 print "</tr>\n";
197 print "</table>\n";
198 print"<table width='65%' cellspacing='2' cellpadding='2' border='0' align='center'>";
199 print "<tr><td></td></tr>\n";
200 print "</table>\n";
201 }
202
203 print <<END
204 </td>
205 </tr>
206 END
207 ;
208 } else {
209 print " <tr>\n";
210 print " <td align='center'>\n";
211 print " <font face='verdana,arial,helvetica' color='#000000' size='2'>$tr{'advproxy no cre groups'}</font>\n";
212 print " </td>\n";
213 print " </tr>\n";
214 }
215 } else {
216 print " <tr>\n";
217 print " <td align='center'>\n";
218 print " <font face='verdana,arial,helvetica' color='#000000' size='2'>$tr{'advproxy cre disabled'}</font>\n";
219 print " </td>\n";
220 print " </tr>\n";
221 }
222
223 print <<END
224
225 </table>
226 </td>
227 </tr>
228
229
230 <tr>
231 <td bgcolor='#C0C0C0' align='right'>
232 <font face='verdana,arial,helvetica' color='#FFFFFF' size='1'>
233 <a href='http://www.advproxy.net' target='_blank'>Advanced Proxy</a> running on
234 <a href='http://www.ipfire.org' target='_blank'>IPFire</a>
235 </font>
236 </td>
237 </tr>
238
239 </table>
240
241 </form>
242
243 </center>
244
245 </body>
246
247 </html>
248 END
249 ;
250
251 # -------------------------------------------------------------------
252
253 sub readhash
254 {
255 my $filename = $_[0];
256 my $hash = $_[1];
257 my ($var, $val);
258
259 if (-e $filename)
260 {
261 open(FILE, $filename) or die "Unable to read file $filename";
262 while (<FILE>)
263 {
264 chop;
265 ($var, $val) = split /=/, $_, 2;
266 if ($var)
267 {
268 $val =~ s/^\'//g;
269 $val =~ s/\'$//g;
270
271 # Untaint variables read from hash
272 $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
273 $val =~ /([\w\W]*)/; $val = $1;
274 $hash->{$var} = $val;
275 }
276 }
277 close FILE;
278 }
279 }
280
281 # -------------------------------------------------------------------
282
283 sub getcgihash
284 {
285 my ($hash, $params) = @_;
286 my $cgi = CGI->new ();
287 return if ($ENV{'REQUEST_METHOD'} ne 'POST');
288 if (!$params->{'wantfile'}) {
289 $CGI::DISABLE_UPLOADS = 1;
290 $CGI::POST_MAX = 512 * 1024;
291 } else {
292 $CGI::POST_MAX = 10 * 1024 * 1024;
293 }
294
295 $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/;
296 my $referer = $1;
297 $cgi->url() =~ m/^https?\:\/\/([^\/]+)/;
298 my $servername = $1;
299 return if ($referer ne $servername);
300
301 ### Modified for getting multi-vars, split by |
302 %temp = $cgi->Vars();
303 foreach my $key (keys %temp) {
304 $hash->{$key} = $temp{$key};
305 $hash->{$key} =~ s/\0/|/g;
306 $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/;
307 }
308
309 if (($params->{'wantfile'})&&($params->{'filevar'})) {
310 $hash->{$params->{'filevar'}} = $cgi->upload
311 ($params->{'filevar'});
312 }
313 return;
314 }
315
316 # -------------------------------------------------------------------
317
318 sub read_acl_groups
319 {
320 undef(%acl);
321 open (FILE,"$acl_src_noaccess_ips");
322 my @aclgroups = <FILE>;
323 close (FILE);
324 foreach (@aclgroups)
325 {
326 chomp;
327 if (/^\#/)
328 {
329 s/^\# //;
330 $acl{$_}='on';
331 }
332 }
333 }
334
335 # -------------------------------------------------------------------
336
337 sub read_all_groups
338 {
339 my $grpstr;
340
341 open (FILE,"$group_def_file");
342 @group_defs = <FILE>;
343 close (FILE);
344
345 undef(@groups);
346 foreach (@group_defs)
347 {
348 chomp;
349 if (/^\s*\[.*\]\s*$/)
350 {
351 $grpstr=$_;
352 $grpstr =~ s/^\s*\[\s*//;
353 $grpstr =~ s/\s*\]\s*$//;
354 push(@groups,$grpstr);
355 }
356 }
357 }
358
359 # -------------------------------------------------------------------
360
361 sub write_acl
362 {
363 my $is_blocked=0;
364
365 open (FILE_IPS,">$acl_src_noaccess_ips");
366 open (FILE_MAC,">$acl_src_noaccess_mac");
367 flock (FILE_IPS, 2);
368 flock (FILE_MAC, 2);
369 foreach (@group_defs)
370 {
371 if (/^\s*\[.*\]\s*$/)
372 {
373 s/^\s*\[\s*//;
374 s/\s*\]\s*$//;
375 if ((defined($acl{$_})) && ($acl{$_} eq 'on'))
376 {
377 print FILE_IPS "# $_\n";
378 print FILE_MAC "# $_\n";
379 $is_blocked=1;
380 } else { $is_blocked=0; }
381 } elsif (($is_blocked) && ($_))
382 {
383 s/^\s+//g; s/\s+$//g;
384 /^[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}$/i ? print FILE_MAC "$_\n" : print FILE_IPS "$_\n";
385 }
386 }
387
388 close (FILE_IPS);
389 close (FILE_MAC);
390 }
391
392 # -------------------------------------------------------------------
Timo's tree of IPFire 2.x