]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/blobdiff - config/cfgroot/general-functions.pl
projects / people / teissler / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Firewall: Fixed portfw-converter (rules where not converted correctly) And Standard...
[people/teissler/ipfire-2.x.git] / config / cfgroot / general-functions.pl
diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index f94cdbf16c49b31054125ff12c6fea9119b2cfbd..9d9ee5d900cd9f6833caa87c501405f6b53f7427 100644 (file)
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -39,6 +39,96 @@ sub log
        $logmessage = $1;
        system('logger', '-t', $tag, $logmessage);
 }
+sub setup_default_networks
+{
+       my %netsettings=();
+       my $defaultNetworks = shift;
+       
+       &readhash("/var/ipfire/ethernet/settings", \%netsettings);
+       
+       # Get current defined networks (Red, Green, Blue, Orange)
+       $defaultNetworks->{$Lang::tr{'fwhost any'}}{'IPT'} = "0.0.0.0/0.0.0.0";
+       $defaultNetworks->{$Lang::tr{'fwhost any'}}{'NAME'} = "ALL";
+               
+       $defaultNetworks->{$Lang::tr{'green'}}{'IPT'} = "$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
+       $defaultNetworks->{$Lang::tr{'green'}}{'NET'} = "$netsettings{'GREEN_ADDRESS'}";
+       $defaultNetworks->{$Lang::tr{'green'}}{'NAME'} = "GREEN";
+
+       if ($netsettings{'RED_DEV'} ne ''){
+               $defaultNetworks->{$Lang::tr{'fwdfw red'}}{'IPT'} = "$netsettings{'RED_NETADDRESS'}/$netsettings{'RED_NETMASK'}";
+               $defaultNetworks->{$Lang::tr{'fwdfw red'}}{'NET'} = "$netsettings{'RED_ADDRESS'}";
+               $defaultNetworks->{$Lang::tr{'fwdfw red'}}{'NAME'} = "RED";
+       }
+       if ($netsettings{'ORANGE_DEV'} ne ''){
+               $defaultNetworks->{$Lang::tr{'orange'}}{'IPT'} = "$netsettings{'ORANGE_NETADDRESS'}/$netsettings{'ORANGE_NETMASK'}";
+               $defaultNetworks->{$Lang::tr{'orange'}}{'NET'} = "$netsettings{'ORANGE_ADDRESS'}";
+               $defaultNetworks->{$Lang::tr{'orange'}}{'NAME'} = "ORANGE";
+       }
+
+       if ($netsettings{'BLUE_DEV'} ne ''){
+               $defaultNetworks->{$Lang::tr{'blue'}}{'IPT'} = "$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";
+               $defaultNetworks->{$Lang::tr{'blue'}}{'NET'} = "$netsettings{'BLUE_ADDRESS'}";
+               $defaultNetworks->{$Lang::tr{'blue'}}{'NAME'} = "BLUE";
+       }
+       
+       #IPFire himself
+       $defaultNetworks->{'IPFire'}{'NAME'} = "IPFire";
+
+       # OpenVPN
+       if(-e "${General::swroot}/ovpn/settings")
+       {
+               my %ovpnSettings = ();
+               &readhash("${General::swroot}/ovpn/settings", \%ovpnSettings);
+
+               # OpenVPN on Red?
+               if(defined($ovpnSettings{'DOVPN_SUBNET'}))
+               {
+                       my ($ip,$sub) = split(/\//,$ovpnSettings{'DOVPN_SUBNET'});
+                       $sub=&General::iporsubtocidr($sub);
+                       my @tempovpnsubnet = split("\/", $ovpnSettings{'DOVPN_SUBNET'});
+                       $defaultNetworks->{'OpenVPN ' ."($ip/$sub)"}{'ADR'} = $tempovpnsubnet[0];
+                       $defaultNetworks->{'OpenVPN ' ."($ip/$sub)"}{'NAME'} = "OpenVPN-Dyn";
+               }
+       } # end OpenVPN
+       # IPsec RW NET
+       if(-e "${General::swroot}/vpn/settings")
+       {
+               my %ipsecsettings = ();
+               &readhash("${General::swroot}/vpn/settings", \%ipsecsettings);
+               if($ipsecsettings{'RW_NET'} ne '')
+               {
+                       my ($ip,$sub) = split(/\//,$ipsecsettings{'RW_NET'});
+                       $sub=&General::iporsubtocidr($sub);
+                       my @tempipsecsubnet = split("\/", $ipsecsettings{'RW_NET'});
+                       $defaultNetworks->{'IPsec RW (' .$ip."/".$sub.")"}{'ADR'} = $tempipsecsubnet[0];
+                       $defaultNetworks->{'IPsec RW (' .$ip."/".$sub.")"}{'NAME'} = "IPsec RW";
+                       $defaultNetworks->{'IPsec RW (' .$ip."/".$sub.")"}{'NET'} = &getnextip($ip);
+               }
+       }
+}
+sub get_aliases
+{
+       
+       my $defaultNetworks = shift;
+       open(FILE, "${General::swroot}/ethernet/aliases") or die 'Unable to open aliases file.';
+       my @current = <FILE>;
+       close(FILE);
+       my $ctr = 0;
+       foreach my $line (@current)
+       {
+               if ($line ne ''){
+                       chomp($line);
+                       my @temp = split(/\,/,$line);
+                       if ($temp[2] eq '') {
+                               $temp[2] = "Alias $ctr : $temp[0]";
+                       }
+                       $defaultNetworks->{$temp[2]}{'IPT'} = "$temp[0]";
+                       $defaultNetworks->{$temp[2]}{'NET'} = "$temp[0]";
+                       
+                       $ctr++;
+               }
+       }
+}
 
 sub readhash
 {
@@ -144,6 +234,10 @@ sub age
        my ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size,
                $atime, $mtime, $ctime, $blksize, $blocks) = stat $_[0];
        my $now = time;
+       my $timestring = '';
+       my $dset = 0;           # Day is set, when > 0
+       my $hset = 0;           # Hour is set, when > 0
+       my $mset = 0;           # Minute is set, when > 0
 
        my $totalsecs = $now - $mtime;
        my $days = int($totalsecs / 86400);
@@ -153,7 +247,50 @@ sub age
        my $mins = $totalmins % 60;
        my $secs = $totalsecs % 60;
 
-       return "${days}d ${hours}h ${mins}m ${secs}s";
+       if      ($days > 1) { 
+               ${timestring} .= ${days}.' '.$Lang::tr{'days'}.', ';
+               $dset = 1; 
+       }
+       elsif   ($days == 1) { 
+               ${timestring} .= ${days}.' '.$Lang::tr{'day'}.', ';
+               $dset = 1; 
+       }
+
+       if      (($hours > 1) && !($dset)) { 
+               ${timestring} .= ${hours}.' '.$Lang::tr{'hours'}.', ';
+               $hset = 1;
+       }
+       elsif   (($hours == 1) && !($dset)) { 
+               ${timestring} .= ${hours}.' '.$Lang::tr{'hour'}.', ';
+               $hset = 1;
+       }
+       elsif ($dset) {
+               ${timestring} .= ${hours}.' '.$Lang::tr{'age shour'}.', ';
+               $hset = 1;
+       }
+
+       if      ((($mins > 1) || ($mins == 0)) && !($dset || $hset)) { 
+               ${timestring} .= ${mins}.' '.$Lang::tr{'minutes'}.', ';
+               $mset = 1;
+       }
+       elsif   (($mins == 1) && !($dset || $hset)) { 
+               ${timestring} .= ${mins}.' '.$Lang::tr{'minute'}.', ';
+               $mset = 1;
+       }
+       else {
+               ${timestring} .= ${mins}.' '.$Lang::tr{'age sminute'}.', '; 
+               $mset = 1;
+       }
+
+       if      ((($secs > 1) || ($secs == 0)) && !($dset || $hset || $mset)) { 
+               ${timestring} .= ${secs}.' '.$Lang::tr{'age seconds'};
+       }
+       elsif   (($secs == 1) && !($dset || $hset || $mset)) { 
+               ${timestring} .= $secs.' '.$Lang::tr{'age second'};
+       }
+       else    { ${timestring} .= $secs.' '.$Lang::tr{'age ssecond'}; }
+
+       return ${timestring};
 }
 
 sub validip
@@ -810,13 +947,14 @@ sub FetchPublicIp {
         my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
         Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
     }
-    my ($out, $response) = Net::SSLeay::get_http(  'checkip.dyndns.org',
+    my $user_agent = &MakeUserAgent();
+    my ($out, $response) = Net::SSLeay::get_http(  'checkip4.dns.lightningwirelabs.com',
                                                    80,
                                                    "/",
-                                                   Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
+                                                   Net::SSLeay::make_headers('User-Agent' => $user_agent )
                                                );
     if ($response =~ m%HTTP/1\.. 200 OK%) {
-       $out =~ /Current IP Address: (\d+.\d+.\d+.\d+)/;
+       $out =~ /Your IP address is: (\d+.\d+.\d+.\d+)/;
        return $1;
     }
     return '';
@@ -872,9 +1010,11 @@ sub GetDyndnsRedIP {
     close(IP);
     chomp $ip;
 
+    # 100.64.0.0/10 is reserved for dual-stack lite (http://tools.ietf.org/html/rfc6598).
     if (&General::IpInSubnet ($ip,'10.0.0.0','255.0.0.0') ||
         &General::IpInSubnet ($ip,'172.16.0.0.','255.240.0.0') ||
-        &General::IpInSubnet ($ip,'192.168.0.0','255.255.0.0'))
+        &General::IpInSubnet ($ip,'192.168.0.0','255.255.0.0') ||
+        &General::IpInSubnet ($ip,'100.64.0.0', '255.192.0.0'))
     {
        if ($settings{'BEHINDROUTER'} eq 'FETCH_IP') {
            my $RealIP = &General::FetchPublicIp;
@@ -933,4 +1073,93 @@ sub GetIcmpDescription ($) {
     'Experimental');
     if ($index>41) {return 'unknown'} else {return @icmp_description[$index]};
 }
+
+sub GetCoreUpdateVersion() {
+       my $core_update;
+
+       open(FILE, "/opt/pakfire/db/core/mine");
+       while (<FILE>) {
+               $core_update = $_;
+               last;
+       }
+       close(FILE);
+
+       return $core_update;
+}
+
+sub MakeUserAgent() {
+       my $user_agent = "IPFire/$General::version";
+
+       my $core_update = &GetCoreUpdateVersion();
+       if ($core_update ne "") {
+               $user_agent .= "/$core_update";
+       }
+
+       return $user_agent;
+}
+
+sub RedIsWireless() {
+       # This function checks if a network device is a wireless device.
+
+       my %settings = ();
+       &readhash("${General::swroot}/ethernet/settings", \%settings);
+
+       # Find the name of the network device.
+       my $device = $settings{'RED_DEV'};
+
+       # Exit, if no device is configured.
+       return 0 if ($device eq "");
+
+       # Return 1 if the device is a wireless one.
+       my $path = "/sys/class/net/$device/wireless";
+       if (-d $path) {
+               return 1;
+       }
+
+       # Otherwise return zero.
+       return 0;
+}
+
+# Function to read a file with UTF-8 charset.
+sub read_file_utf8 ($) {
+       my ($file) = @_;
+
+       open my $in, '<:encoding(UTF-8)', $file or die "Could not open '$file' for reading $!";
+       local $/ = undef;
+       my $all = <$in>;
+       close $in;
+
+       return $all;
+}
+
+# Function to write a file with UTF-8 charset.
+sub write_file_utf8 ($) {
+       my ($file, $content) = @_;
+
+       open my $out, '>:encoding(UTF-8)', $file or die "Could not open '$file' for writing $!";;           
+       print $out $content;
+       close $out;
+
+       return; 
+}
+
+my $FIREWALL_RELOAD_INDICATOR = "${General::swroot}/firewall/reread";
+
+sub firewall_config_changed() {
+       open FILE, ">$FIREWALL_RELOAD_INDICATOR" or die "Could not open $FIREWALL_RELOAD_INDICATOR";
+       close FILE;
+}
+
+sub firewall_needs_reload() {
+       if (-e "$FIREWALL_RELOAD_INDICATOR") {
+               return 1;
+       }
+
+       return 0;
+}
+
+sub firewall_reload() {
+       system("/usr/local/bin/firewallctrl");
+}
+
 1;
Timo's tree of IPFire 2.x