#!/usr/bin/perl
-########################################################################
-# Script: convert-dmz
-# Date: 03.04.2013
-# Author: Alexander Marx (amarx@ipfire.org)
-########################################################################
-#
-# This script converts old dmz holes rules from old Firewall
-# to the new one. This is a 2-step process.
-# STEP1: read old config and normalize settings
-# STEP2: check valid ip and save valid rules to new firewall
-#
-########################################################################
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2013 #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+# Author: Alexander Marx (amarx@ipfire.org) #
+###############################################################################
+# #
+# This script converts old dmz holes rules from old firewall #
+# to the new one. This is a 2-step process. #
+# STEP1: read old config and normalize settings #
+# STEP2: check valid ip and save valid rules to new firewall #
+# #
+###############################################################################
my @current=();
my @alias=();
my %configdmz=();
my %configfwdfw=();
require '/var/ipfire/general-functions.pl';
my $dmzconfig = "${General::swroot}/dmzholes/config";
-my $fwdfwconfig = "${General::swroot}/forward/dmz";
+my $fwdfwconfig = "${General::swroot}/forward/config";
my $ifacesettings = "${General::swroot}/ethernet/settings";
my $field0 = 'ACCEPT';
my $field1 = 'FORWARDFW';
my $field16 = ''; #remark
my $field26 = '00:00';
my $field27 = '00:00';
+my $field28 = '';
+my $field29 = 'ALL';
+my $field30 = '';
+my $field31 = 'dnat';
+
+
open(FILE, $dmzconfig) or die 'Unable to open config file.';
my @current = <FILE>;
close(FILE);
my $now=localtime;
#get values from old configfile
my ($a,$b,$c,$d,$e,$f,$g,$h) = split (",",$line);
- $h =~ s/\s//gi;
- print LOG "$Now Processing A: $a B: $b C: $c D: $d E: $e F: $f G: $g H: $h\n";
+ $h =~ s/\s*\n//gi;
+ print LOG "$now Processing A: $a B: $b C: $c D: $d E: $e F: $f G: $g H: $h\n";
#Now convert values and check ip addresses
$a=uc($a);
$e=uc($e);
$field5='tgt_addr';
$field6=$c;
}else{
- print LOG "$Now ->NOT Converted, invalid Source IP $b\n\n";
+ print LOG "$now ->NOT Converted, target ip $c not part of target network $g \n\n";
next;
}
}else{
- print LOG "$now -> SOURCE IP INVALID. \n\n";
+ print LOG "$now -> TARGET IP INVALID. \n\n";
next;
}
$field12=$a;
$d =~ tr/-/:/;
$field15=$d;
$field16=$h;
- ##Ausgabe
- #print "A: $a B: $b C: $c D: $d E: $e F: $f G: $g H: $h\n";
- #print "0:$field0 1:$field1 2:$field2 3:$field3 4:$field4 5:$field5 6:$field6 11:$field11 12:$field12 13:$field13 14:$field14 15:$field15 16:$field16 26:$field26 27:$field27\n\n\n";
my $key = &General::findhasharraykey (\%configfwdfw);
foreach my $i (0 .. 27) { $configfwdfw{$key}[$i] = "";}
$configfwdfw{$key}[0] = $field0;
$configfwdfw{$key}[25] = '';
$configfwdfw{$key}[26] = $field26;
$configfwdfw{$key}[27] = $field27;
+ $configfwdfw{$key}[28] = $field28;
+ $configfwdfw{$key}[29] = $field29;
+ $configfwdfw{$key}[30] = $field30;
+ $configfwdfw{$key}[31] = $field31;
print LOG "$Now -> Converted to $field0,$field1,$field2,$field3,$field4,$field5,$field6,,,,,$field11,$field12,$field13,$field14,$field15,$field16,,,,,,,,,,$field26,$field27\n";
}
&General::writehasharray($fwdfwconfig,\%configfwdfw);