$errormessage=&checksource;
if(!$errormessage){&checktarget;}
if(!$errormessage){&checkrule;}
-
#check if we change an forward rule to an external access
if( $fwdfwsettings{'grp2'} eq 'ipfire' && $fwdfwsettings{'oldgrp2a'} ne 'ipfire' && $fwdfwsettings{'updatefwrule'} eq 'on'){
$fwdfwsettings{'updatefwrule'}='';
&checkcounter(0,0,$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}});
&checkcounter(0,0,$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}});
}
-
#check if we change an external access rule to an forward
if( $fwdfwsettings{'grp2'} ne 'ipfire' && $fwdfwsettings{'oldgrp2a'} eq 'ipfire' && $fwdfwsettings{'updatefwrule'} eq 'on'){
$fwdfwsettings{'updatefwrule'}='';
if($fwdfwsettings{'grp2'} eq 'ipfire'){
$fwdfwsettings{'chain'} = 'INPUTFW';
#check if we have an identical rule already
- foreach my $key (sort keys %configinputfw){
- if ("$fwdfwsettings{'RULE_ACTION'},$fwdfwsettings{'ACTIVE'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}},$fwdfwsettings{'USE_SRC_PORT'},$fwdfwsettings{'PROT'},$fwdfwsettings{'ICMP_TYPES'},$fwdfwsettings{'SRC_PORT'},$fwdfwsettings{'USESRV'},$fwdfwsettings{'TGT_PROT'},$fwdfwsettings{'ICMP_TGT'},$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}},$fwdfwsettings{'ruleremark'},$fwdfwsettings{'LOG'},$fwdfwsettings{'TIME'},$fwdfwsettings{'TIME_MON'},$fwdfwsettings{'TIME_TUE'},$fwdfwsettings{'TIME_WED'},$fwdfwsettings{'TIME_THU'},$fwdfwsettings{'TIME_FRI'},$fwdfwsettings{'TIME_SAT'},$fwdfwsettings{'TIME_SUN'},$fwdfwsettings{'TIME_FROM'},$fwdfwsettings{'TIME_TO'}"
- eq "$configinputfw{$key}[0],$configinputfw{$key}[2],$configinputfw{$key}[3],$configinputfw{$key}[4],$configinputfw{$key}[5],$configinputfw{$key}[6],$configinputfw{$key}[7],$configinputfw{$key}[8],$configinputfw{$key}[9],$configinputfw{$key}[10],$configinputfw{$key}[11],$configinputfw{$key}[12],$configinputfw{$key}[13],$configinputfw{$key}[14],$configinputfw{$key}[15],$configinputfw{$key}[16],$configinputfw{$key}[17],$configinputfw{$key}[18],$configinputfw{$key}[19],$configinputfw{$key}[20],$configinputfw{$key}[21],$configinputfw{$key}[22],$configinputfw{$key}[23],$configinputfw{$key}[24],$configinputfw{$key}[25],$configinputfw{$key}[26],$configinputfw{$key}[27]"){
- $errormessage.=$Lang::tr{'fwdfw err ruleexists'};
+ if($fwdfwsettings{'oldrulenumer'} eq $fwdfwsettings{'rulepos'}){
+ foreach my $key (sort keys %configinputfw){
+ if ("$fwdfwsettings{'RULE_ACTION'},$fwdfwsettings{'ACTIVE'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}},$fwdfwsettings{'USE_SRC_PORT'},$fwdfwsettings{'PROT'},$fwdfwsettings{'ICMP_TYPES'},$fwdfwsettings{'SRC_PORT'},$fwdfwsettings{'USESRV'},$fwdfwsettings{'TGT_PROT'},$fwdfwsettings{'ICMP_TGT'},$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}},$fwdfwsettings{'LOG'},$fwdfwsettings{'TIME'},$fwdfwsettings{'TIME_MON'},$fwdfwsettings{'TIME_TUE'},$fwdfwsettings{'TIME_WED'},$fwdfwsettings{'TIME_THU'},$fwdfwsettings{'TIME_FRI'},$fwdfwsettings{'TIME_SAT'},$fwdfwsettings{'TIME_SUN'},$fwdfwsettings{'TIME_FROM'},$fwdfwsettings{'TIME_TO'}"
+ eq "$configinputfw{$key}[0],$configinputfw{$key}[2],$configinputfw{$key}[3],$configinputfw{$key}[4],$configinputfw{$key}[5],$configinputfw{$key}[6],$configinputfw{$key}[7],$configinputfw{$key}[8],$configinputfw{$key}[9],$configinputfw{$key}[10],$configinputfw{$key}[11],$configinputfw{$key}[12],$configinputfw{$key}[13],$configinputfw{$key}[14],$configinputfw{$key}[15],$configinputfw{$key}[17],$configinputfw{$key}[18],$configinputfw{$key}[19],$configinputfw{$key}[20],$configinputfw{$key}[21],$configinputfw{$key}[22],$configinputfw{$key}[23],$configinputfw{$key}[24],$configinputfw{$key}[25],$configinputfw{$key}[26],$configinputfw{$key}[27]"){
+ $errormessage.=$Lang::tr{'fwdfw err ruleexists'};
+ if ($fwdfwsettings{'oldruleremark'} ne $fwdfwsettings{'ruleremark'} && $fwdfwsettings{'updatefwrule'} eq 'on'){
+ $errormessage='';
+ }
+ if ($fwdfwsettings{'oldruleremark'} eq $fwdfwsettings{'ruleremark'}){
+ $fwdfwsettings{'nosave'} = 'on';
+ }
+ }
}
- }
-
+ }
+ #check if we just close a rule
+ if( $fwdfwsettings{'oldgrp1a'} eq $fwdfwsettings{'grp1'} && $fwdfwsettings{'oldgrp1b'} eq $fwdfwsettings{$fwdfwsettings{'grp1'}} && $fwdfwsettings{'oldgrp2a'} eq $fwdfwsettings{'grp2'} && $fwdfwsettings{'oldgrp2b'} eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $fwdfwsettings{'oldgrp3a'} eq $fwdfwsettings{'grp3'} && $fwdfwsettings{'oldgrp3b'} eq $fwdfwsettings{$fwdfwsettings{'grp3'}} && $fwdfwsettings{'oldusesrv'} eq $fwdfwsettings{'USESRV'} ) {
+ if($fwdfwsettings{'nosave'} eq 'on' && $fwdfwsettings{'updatefwrule'} eq 'on'){
+ $errormessage='';
+ $fwdfwsettings{'nosave2'} = 'on';
+ }
+ }
&checkcounter($fwdfwsettings{'oldgrp1a'},$fwdfwsettings{'oldgrp1b'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}});
if ($fwdfwsettings{'nobase'} ne 'on'){
&checkcounter($fwdfwsettings{'oldgrp2a'},$fwdfwsettings{'oldgrp2b'},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}});
}elsif ($fwdfwsettings{'oldusesrv'} eq $fwdfwsettings{'USESRV'} && $fwdfwsettings{'oldgrp3b'} ne $fwdfwsettings{$fwdfwsettings{'grp3'}} && $fwdfwsettings{'updatefwrule'} eq 'on'){
&checkcounter($fwdfwsettings{'oldgrp3a'},$fwdfwsettings{'oldgrp3b'},$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}});
}
-
- &saverule(\%configinputfw,$configinput);
+ if($fwdfwsettings{'nosave2'} ne 'on'){
+ &saverule(\%configinputfw,$configinput);
+ }
#print "Source: $fwdfwsettings{'grp1'} -> $fwdfwsettings{$fwdfwsettings{'grp1'}}<br>";
#print "Sourceport: $fwdfwsettings{'USE_SRC_PORT'}, $fwdfwsettings{'PROT'}, $fwdfwsettings{'ICMP_TYPES'}, $fwdfwsettings{'SRC_PORT'}<br>";
#print "Target: $fwdfwsettings{'grp2'} -> $fwdfwsettings{$fwdfwsettings{'grp2'}}<br>";
#print"DIENSTE Checkalt:$fwdfwsettings{'oldusesrv'} DIENSTE Checkneu:$fwdfwsettings{'USESRV'} DIENST ALT:$fwdfwsettings{'oldgrp3a'},$fwdfwsettings{'oldgrp3b'} DIENST NEU:$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}}<br>";
}else{
$fwdfwsettings{'chain'} = 'FORWARDFW';
- #check if we have an identical rule already
- foreach my $key (sort keys %configfwdfw){
-
- if ("$fwdfwsettings{'RULE_ACTION'},$fwdfwsettings{'ACTIVE'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}},$fwdfwsettings{'USE_SRC_PORT'},$fwdfwsettings{'PROT'},$fwdfwsettings{'ICMP_TYPES'},$fwdfwsettings{'SRC_PORT'},$fwdfwsettings{'USESRV'},$fwdfwsettings{'TGT_PROT'},$fwdfwsettings{'ICMP_TGT'},$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}},$fwdfwsettings{'ruleremark'},$fwdfwsettings{'LOG'},$fwdfwsettings{'TIME'},$fwdfwsettings{'TIME_MON'},$fwdfwsettings{'TIME_TUE'},$fwdfwsettings{'TIME_WED'},$fwdfwsettings{'TIME_THU'},$fwdfwsettings{'TIME_FRI'},$fwdfwsettings{'TIME_SAT'},$fwdfwsettings{'TIME_SUN'},$fwdfwsettings{'TIME_FROM'},$fwdfwsettings{'TIME_TO'}"
- eq "$configfwdfw{$key}[0],$configfwdfw{$key}[2],$configfwdfw{$key}[3],$configfwdfw{$key}[4],$configfwdfw{$key}[5],$configfwdfw{$key}[6],$configfwdfw{$key}[7],$configfwdfw{$key}[8],$configfwdfw{$key}[9],$configfwdfw{$key}[10],$configfwdfw{$key}[11],$configfwdfw{$key}[12],$configfwdfw{$key}[13],$configfwdfw{$key}[14],$configfwdfw{$key}[15],$configfwdfw{$key}[16],$configfwdfw{$key}[17],$configfwdfw{$key}[18],$configfwdfw{$key}[19],$configfwdfw{$key}[20],$configfwdfw{$key}[21],$configfwdfw{$key}[22],$configfwdfw{$key}[23],$configfwdfw{$key}[24],$configfwdfw{$key}[25],$configfwdfw{$key}[26],$configfwdfw{$key}[27]"){
- $errormessage.=$Lang::tr{'fwdfw err ruleexists'};
- }
+ if($fwdfwsettings{'oldrulenumber'} eq $fwdfwsettings{'rulepos'}){
+ #check if we have an identical rule already
+ foreach my $key (sort keys %configfwdfw){
+ if ("$fwdfwsettings{'RULE_ACTION'},$fwdfwsettings{'ACTIVE'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}},$fwdfwsettings{'USE_SRC_PORT'},$fwdfwsettings{'PROT'},$fwdfwsettings{'ICMP_TYPES'},$fwdfwsettings{'SRC_PORT'},$fwdfwsettings{'USESRV'},$fwdfwsettings{'TGT_PROT'},$fwdfwsettings{'ICMP_TGT'},$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}},$fwdfwsettings{'LOG'},$fwdfwsettings{'TIME'},$fwdfwsettings{'TIME_MON'},$fwdfwsettings{'TIME_TUE'},$fwdfwsettings{'TIME_WED'},$fwdfwsettings{'TIME_THU'},$fwdfwsettings{'TIME_FRI'},$fwdfwsettings{'TIME_SAT'},$fwdfwsettings{'TIME_SUN'},$fwdfwsettings{'TIME_FROM'},$fwdfwsettings{'TIME_TO'}"
+ eq "$configfwdfw{$key}[0],$configfwdfw{$key}[2],$configfwdfw{$key}[3],$configfwdfw{$key}[4],$configfwdfw{$key}[5],$configfwdfw{$key}[6],$configfwdfw{$key}[7],$configfwdfw{$key}[8],$configfwdfw{$key}[9],$configfwdfw{$key}[10],$configfwdfw{$key}[11],$configfwdfw{$key}[12],$configfwdfw{$key}[13],$configfwdfw{$key}[14],$configfwdfw{$key}[15],$configfwdfw{$key}[17],$configfwdfw{$key}[18],$configfwdfw{$key}[19],$configfwdfw{$key}[20],$configfwdfw{$key}[21],$configfwdfw{$key}[22],$configfwdfw{$key}[23],$configfwdfw{$key}[24],$configfwdfw{$key}[25],$configfwdfw{$key}[26],$configfwdfw{$key}[27]"){
+ $errormessage.=$Lang::tr{'fwdfw err ruleexists'};
+ if ($fwdfwsettings{'oldruleremark'} ne $fwdfwsettings{'ruleremark'} && $fwdfwsettings{'updatefwrule'} eq 'on'){
+ $errormessage='';
+ }
+ if ($fwdfwsettings{'oldruleremark'} eq $fwdfwsettings{'ruleremark'}){
+ $fwdfwsettings{'nosave'} = 'on';
+ }
+ }
+ }
}
+ #check if we just close a rule
+ if( $fwdfwsettings{'oldgrp1a'} eq $fwdfwsettings{'grp1'} && $fwdfwsettings{'oldgrp1b'} eq $fwdfwsettings{$fwdfwsettings{'grp1'}} && $fwdfwsettings{'oldgrp2a'} eq $fwdfwsettings{'grp2'} && $fwdfwsettings{'oldgrp2b'} eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $fwdfwsettings{'oldgrp3a'} eq $fwdfwsettings{'grp3'} && $fwdfwsettings{'oldgrp3b'} eq $fwdfwsettings{$fwdfwsettings{'grp3'}} && $fwdfwsettings{'oldusesrv'} eq $fwdfwsettings{'USESRV'} ) {
+ if($fwdfwsettings{'nosave'} eq 'on' && $fwdfwsettings{'updatefwrule'} eq 'on'){
+ $fwdfwsettings{'nosave2'} = 'on';
+ $errormessage='';
+ }
+ }
#increase counters
&checkcounter($fwdfwsettings{'oldgrp1a'},$fwdfwsettings{'oldgrp1b'},$fwdfwsettings{'grp1'},$fwdfwsettings{$fwdfwsettings{'grp1'}});
-
&checkcounter($fwdfwsettings{'oldgrp2a'},$fwdfwsettings{'oldgrp2b'},$fwdfwsettings{'grp2'},$fwdfwsettings{$fwdfwsettings{'grp2'}});
-
if($fwdfwsettings{'oldusesrv'} eq '' && $fwdfwsettings{'USESRV'} eq 'ON'){
&checkcounter(0,0,$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}});
}elsif ($fwdfwsettings{'USESRV'} eq '' && $fwdfwsettings{'oldusesrv'} eq 'ON') {
if ($fwdfwsettings{'nobase'} eq 'on'){
&checkcounter(0,0,$fwdfwsettings{'grp3'},$fwdfwsettings{$fwdfwsettings{'grp3'}});
}
- &saverule(\%configfwdfw,$configfwdfw);
-
+ if ($fwdfwsettings{'nosave2'} ne 'on'){
+ &saverule(\%configfwdfw,$configfwdfw);
+ }
#print "Source: $fwdfwsettings{'grp1'} -> $fwdfwsettings{$fwdfwsettings{'grp1'}}<br>";
#print "Sourceport: $fwdfwsettings{'USE_SRC_PORT'}, $fwdfwsettings{'PROT'}, $fwdfwsettings{'ICMP_TYPES'}, $fwdfwsettings{'SRC_PORT'}<br>";
#print "Target: $fwdfwsettings{'grp2'} -> $fwdfwsettings{$fwdfwsettings{'grp2'}}<br>";
if ($errormessage){
&newrule;
}else{
- &rules;
+ if($fwdfwsettings{'nosave2'} ne 'on'){
+ &rules;
+ }
&base;
}
}
{
my %delhash=();
&General::readhasharray($fwdfwsettings{'config'}, \%delhash);
- foreach my $key (sort keys %delhash){
-
- if ($key eq $fwdfwsettings{'key'}){
+ foreach my $key (sort {$a <=> $b} keys %delhash){
+ if ($key == $fwdfwsettings{'key'}){
#check hosts/net and groups
&checkcounter($delhash{$key}[3],$delhash{$key}[4],,);
&checkcounter($delhash{$key}[5],$delhash{$key}[6],,);
&checkcounter($delhash{$key}[14],$delhash{$key}[15],,);
}
}
- if ($key ge $fwdfwsettings{'key'}) {
+ if ($key >= $fwdfwsettings{'key'}) {
my $next = $key + 1;
if (exists $delhash{$next}) {
foreach my $i (0 .. $#{$delhash{$next}}) {
}
}
# Remove the very last entry.
- my $last_key = (sort keys %delhash)[-1];
+ my $last_key = (sort {$a <=> $b} keys %delhash)[-1];
delete $delhash{$last_key};
&General::writehasharray($fwdfwsettings{'config'}, \%delhash);
if ($fwdfwsettings{'src_addr'} =~ /^(.*?)\/(.*?)$/) {
($ip,$subnet)=split (/\//,$fwdfwsettings{'src_addr'});
$subnet = &General::iporsubtocidr($subnet);
+ $fwdfwsettings{'isip'}='on';
}
#check if only ip
if($fwdfwsettings{'src_addr'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
$ip=$fwdfwsettings{'src_addr'};
$subnet = '32';
+ $fwdfwsettings{'isip'}='on';
}
- #check and form valid IP
- $ip=&General::ip2dec($ip);
- $ip=&General::dec2ip($ip);
- #check if net or broadcast
- my @tmp= split (/\./,$ip);
- if (($tmp[3] eq "0") || ($tmp[3] eq "255"))
- {
- $errormessage=$Lang::tr{'fwhost err hostip'}."<br>";
- }
- $fwdfwsettings{'src_addr'}="$ip/$subnet";
- if(!&General::validipandmask($fwdfwsettings{'src_addr'})){
+ if ($fwdfwsettings{'isip'} ne 'on'){
+ if (&General::validmac($fwdfwsettings{'src_addr'})){$fwdfwsettings{'ismac'}='on';}
+ }
+ if ($fwdfwsettings{'isip'} eq 'on'){
+ #check and form valid IP
+ $ip=&General::ip2dec($ip);
+ $ip=&General::dec2ip($ip);
+ #check if net or broadcast
+ my @tmp= split (/\./,$ip);
+ if (($tmp[3] eq "0") || ($tmp[3] eq "255"))
+ {
+ $errormessage=$Lang::tr{'fwhost err hostip'}."<br>";
+ }
+ $fwdfwsettings{'src_addr'}="$ip/$subnet";
+
+ if(!&General::validipandmask($fwdfwsettings{'src_addr'})){
+ $errormessage.=$Lang::tr{'fwdfw err src_addr'}."<br>";
+ }
+ }
+ if ($fwdfwsettings{'isip'} ne 'on' && $fwdfwsettings{'ismac'} ne 'on'){
$errormessage.=$Lang::tr{'fwdfw err src_addr'}."<br>";
}
}elsif($fwdfwsettings{'src_addr'} eq $fwdfwsettings{$fwdfwsettings{'grp1'}} && $fwdfwsettings{'src_addr'} eq ''){
}elsif($fwdfwsettings{'USE_SRC_PORT'} eq 'ON' && $fwdfwsettings{'PROT'} eq 'ESP'){
$fwdfwsettings{'SRC_PORT'}='';
$fwdfwsettings{'ICMP_TYPES'}='';
+ }elsif($fwdfwsettings{'USE_SRC_PORT'} eq 'ON' && $fwdfwsettings{'PROT'} eq 'AH'){
+ $fwdfwsettings{'SRC_PORT'}='';
+ $fwdfwsettings{'ICMP_TYPES'}='';
}elsif($fwdfwsettings{'USE_SRC_PORT'} eq 'ON' && $fwdfwsettings{'PROT'} ne 'ICMP'){
$fwdfwsettings{'ICMP_TYPES'}='';
}else{
$errormessage .= &General::validportrange($fwdfwsettings{'TGT_PORT'}, 'destination');
}
}elsif ($fwdfwsettings{'TGT_PROT'} eq 'GRE'){
- $fwdfwsettings{'TGT_PORT'} = '';
+ $fwdfwsettings{$fwdfwsettings{'grp3'}} = '';
$fwdfwsettings{'ICMP_TGT'} = '';
}elsif($fwdfwsettings{'TGT_PORT'} eq 'ESP'){
- $fwdfwsettings{'TGT_PORT'}='';
+ $fwdfwsettings{$fwdfwsettings{'grp3'}} = '';
+ $fwdfwsettings{'ICMP_TGT'}='';
+ }elsif($fwdfwsettings{'TGT_PORT'} eq 'AH'){
+ $fwdfwsettings{$fwdfwsettings{'grp3'}} = '';
$fwdfwsettings{'ICMP_TGT'}='';
}elsif ($fwdfwsettings{'TGT_PROT'} eq 'ICMP'){
- $fwdfwsettings{'TGT_PORT'} = '';
+ $fwdfwsettings{$fwdfwsettings{'grp3'}} = '';
&General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
foreach my $key (keys %icmptypes){
&General::get_aliases(\%aliases);
my %checked=();
my $helper;
+ my $sum=0;
if($fwdfwsettings{'config'} eq ''){$fwdfwsettings{'config'}=$configfwdfw;}
my $config=$fwdfwsettings{'config'};
my %hash=();
if($fwdfwsettings{'updatefwrule'} eq 'on' || $fwdfwsettings{'copyfwrule'} eq 'on' && !$errormessage){
&General::readhasharray("$config", \%hash);
foreach my $key (sort keys %hash){
+ $sum++;
if ($key eq $fwdfwsettings{'key'}){
+ $fwdfwsettings{'oldrulenumber'} = $key;
$fwdfwsettings{'RULE_ACTION'} = $hash{$key}[0];
$fwdfwsettings{'ACTIVE'} = $hash{$key}[2];
$fwdfwsettings{'grp1'} = $hash{$key}[3];
$fwdfwsettings{'oldgrp3a'}=$fwdfwsettings{'grp3'};
$fwdfwsettings{'oldgrp3b'}=$fwdfwsettings{$fwdfwsettings{'grp3'}};
$fwdfwsettings{'oldusesrv'}=$fwdfwsettings{'USESRV'};
+ $fwdfwsettings{'oldruleremark'}=$fwdfwsettings{'ruleremark'};
}else{
$fwdfwsettings{'ACTIVE'}='ON';
$checked{'ACTIVE'}{$fwdfwsettings{'ACTIVE'}} = 'CHECKED';
<tr><td width='1%'><input type='checkbox' name='USE_SRC_PORT' value='ON' $checked{'USE_SRC_PORT'}{'ON'}></td><td width='51%' colspan='3'>$Lang::tr{'fwdfw use srcport'}</td>
<td width='15%' nowrap='nowrap'>$Lang::tr{'fwdfw man port'}</td><td><select name='PROT'>
END
- foreach ("TCP","UDP","GRE","ESP","ICMP")
+ foreach ("TCP","UDP","GRE","ESP","AH","ICMP")
{
if ($_ eq $fwdfwsettings{'PROT'})
{
</select></td></tr>
<tr><td colspan='2'></td><td><input type='radio' name='grp3' value='TGT_PORT' $checked{'grp3'}{'TGT_PORT'}></td><td>$Lang::tr{'fwdfw man port'}</td><td><select name='TGT_PROT'>
END
- foreach ("TCP","UDP","GRE","ESP","ICMP")
+ foreach ("TCP","UDP","GRE","ESP","AH","ICMP")
{
if ($_ eq $fwdfwsettings{'TGT_PROT'})
{
&Header::openbox('100%', 'left', $Lang::tr{'fwdfw additional'});
print<<END;
<table width='100%' border='0'>
- <tr><td colspan='2' >$Lang::tr{'remark'}:<input type='text' name='ruleremark' size='40' maxlength='255' value='$fwdfwsettings{'ruleremark'}'></td></tr>
+ <tr><td width='12%'>$Lang::tr{'remark'}:</td><td align='left'><input type='text' name='ruleremark' size='40' maxlength='255' value='$fwdfwsettings{'ruleremark'}'></td></tr>
+END
+ if($fwdfwsettings{'updatefwrule'} eq 'on' || $fwdfwsettings{'copyfwrule'} eq 'on'){
+ print "<tr><td width='12%'>$Lang::tr{'fwdfw rulepos'}:</td><td><select name='rulepos' >";
+ for (my $count =1; $count <= $sum; $count++){
+ print"<option value='$count' ";
+ print"selected='selected'" if($fwdfwsettings{'oldrulenumber'} eq $count);
+ print">$count</option>";
+ }
+ print"</select></td></tr>";
+ }
+
+ print<<END;
+ </table><table width='100%'>
<tr><td width='1%'><input type='checkbox' name='ACTIVE' value='ON' $checked{'ACTIVE'}{'ON'}></td><td>$Lang::tr{'fwdfw rule activate'}</td></tr>
<tr><td width='1%'><input type='checkbox' name='LOG' value='ON' $checked{'LOG'}{'ON'} ></td><td>$Lang::tr{'fwdfw log rule'}</td></tr>
</table><hr><br>
<input type='hidden' name='oldgrp3a' value='$fwdfwsettings{'oldgrp3a'}' />
<input type='hidden' name='oldgrp3b' value='$fwdfwsettings{'oldgrp3b'}' />
<input type='hidden' name='oldusesrv' value='$fwdfwsettings{'oldusesrv'}' />
+ <input type='hidden' name='oldrulenumber' value='$fwdfwsettings{'oldrulenumber'}' />
+ <input type='hidden' name='rulenumber' value='$fwdfwsettings{'rulepos'}' />
<input type='hidden' name='ACTION' value='saverule' ></form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value'reset'></td></td>
</table></form>
END
my $config=shift;
&General::readhasharray("$config", $hash);
if (!$errormessage){
- if ($fwdfwsettings{'updatefwrule'} ne 'on' ){
+ if ($fwdfwsettings{'updatefwrule'} ne 'on'){
my $key = &General::findhasharraykey ($hash);
$$hash{$key}[0] = $fwdfwsettings{'RULE_ACTION'};
$$hash{$key}[1] = $fwdfwsettings{'chain'};
$$hash{$key}[27] = $fwdfwsettings{'TIME_TO'};
&General::writehasharray("$config", $hash);
}else{
- foreach my $key (sort keys %$hash){
+ foreach my $key (sort {$a <=> $b} keys %$hash){
if($key eq $fwdfwsettings{'key'}){
$$hash{$key}[0] = $fwdfwsettings{'RULE_ACTION'};
$$hash{$key}[1] = $fwdfwsettings{'chain'};
last;
}
}
+ }
+ &General::writehasharray("$config", $hash);
+ if($fwdfwsettings{'oldrulenumber'} gt $fwdfwsettings{'rulepos'}){
+ my %tmp=();
+ my $val=$fwdfwsettings{'oldrulenumber'}-$fwdfwsettings{'rulepos'};
+ for (my $z=0;$z<$val;$z++){
+ foreach my $key (sort {$a <=> $b} keys %$hash){
+ if ($key eq $fwdfwsettings{'oldrulenumber'}) {
+ my $last = $key -1;
+ if (exists $$hash{$last}){
+ #save rule last
+ foreach my $y (0 .. $#{$$hash{$last}}) {
+ $tmp{0}[$y] = $$hash{$last}[$y];
+ }
+ #copy active rule to last
+ foreach my $i (0 .. $#{$$hash{$last}}) {
+ $$hash{$last}[$i] = $$hash{$key}[$i];
+ }
+ #copy saved rule to actual position
+ foreach my $x (0 .. $#{$tmp{0}}) {
+ $$hash{$key}[$x] = $tmp{0}[$x];
+ }
+ }
+ }
+ }
+ $fwdfwsettings{'oldrulenumber'}--;
+ }
+ &General::writehasharray("$config", $hash);
+ &rules;
+ }elsif($fwdfwsettings{'rulepos'} gt $fwdfwsettings{'oldrulenumber'}){
+ my %tmp=();
+ my $val=$fwdfwsettings{'rulepos'}-$fwdfwsettings{'oldrulenumber'};
+ for (my $z=0;$z<$val;$z++){
+ foreach my $key (sort {$a <=> $b} keys %$hash){
+ if ($key eq $fwdfwsettings{'oldrulenumber'}) {
+ my $next = $key + 1;
+ if (exists $$hash{$next}){
+ #save rule next
+ foreach my $y (0 .. $#{$$hash{$next}}) {
+ $tmp{0}[$y] = $$hash{$next}[$y];
+ }
+ #copy active rule to next
+ foreach my $i (0 .. $#{$$hash{$next}}) {
+ $$hash{$next}[$i] = $$hash{$key}[$i];
+ }
+ #copy saved rule to actual position
+ foreach my $x (0 .. $#{$tmp{0}}) {
+ $$hash{$key}[$x] = $tmp{0}[$x];
+ }
+ }
+ }
+ }
+ $fwdfwsettings{'oldrulenumber'}++;
+ }
&General::writehasharray("$config", $hash);
+ &rules;
}
}
}
if (length ($remark) < 1 || length ($remark) > 255) {
return 0;}
# Only valid characters are a-z, A-Z, 0-9 and -
- if ($remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:\/\s]*$/) {
+ if ($remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:_\/\s]*$/) {
return 0;}
# First character can only be a letter or a digit
if (substr ($remark, 0, 1) !~ /^[a-zäöüA-ZÖÄÜ0-9]*$/) {