unless (-e "${General::swroot}/forward/config") { system("touch ${General::swroot}/forward/config"); }
unless (-e "${General::swroot}/forward/input") { system("touch ${General::swroot}/forward/input"); }
unless (-e "${General::swroot}/forward/outgoing") { system("touch ${General::swroot}/forward/outgoing"); }
-unless (-e "${General::swroot}/forward/nat") { system("touch ${General::swroot}/forward/nat"); }
my %fwdfwsettings=();
my %selected=() ;
my %optionsfw=();
my %ifaces=();
-my $VERSION='0.9.9.9';
+my $VERSION='0.9.9.10';
my $color;
my $confignet = "${General::swroot}/fwhosts/customnetworks";
my $confighost = "${General::swroot}/fwhosts/customhosts";
$errormessage.=$Lang::tr{'fwdfw useless rule'}."<br>";
}
#check if we try to break rules
- if( $fwdfwsettings{$fwdfwsettings{'grp1'}} eq 'IPFire' && $fwdfwsettings{'grp2'} eq 'ipfire'){
- $errormessage.=$Lang::tr{'fwdfw err same'};
+ if( $fwdfwsettings{'grp1'} eq 'ipfire_src' && $fwdfwsettings{'grp2'} eq 'ipfire'){
+ $errormessage=$Lang::tr{'fwdfw err same'};
}
#INPUT part
if($fwdfwsettings{'grp2'} eq 'ipfire' && $fwdfwsettings{$fwdfwsettings{'grp1'}} ne 'ORANGE'){
}
if ($fwdfwsettings{'oldruleremark'} eq $fwdfwsettings{'ruleremark'}){
$fwdfwsettings{'nosave'} = 'on';
- print "uzlputz neu time:$fwdfwsettings{'TIME'} alt:$configfwdfw{$key}[18]";
}
}
}
}
#check if source and target identical
if ($fwdfwsettings{$fwdfwsettings{'grp1'}} eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $fwdfwsettings{$fwdfwsettings{'grp1'}} ne 'ALL'){
- $errormessage.=$Lang::tr{'fwdfw err same'};
+ $errormessage=$Lang::tr{'fwdfw err same'};
return $errormessage;
}
#get source and targetip address if possible
}
}
}
+ if( $fwdfwsettings{'USE_SRC_PORT'} ne 'ON' && $fwdfwsettings{'USESRV'} ne 'ON'){
+ $fwdfwsettings{'PROT'}='';
+ $fwdfwsettings{'TGT_PROT'}='';
+ }
}
sub checkcounter
{
print "<option value='$defaultNetworks{$network}{'NAME'}'";
print " selected='selected'" if ($fwdfwsettings{$fwdfwsettings{$grp}} eq $defaultNetworks{$network}{'NAME'});
my $defnet="$defaultNetworks{$network}{'NAME'}_NETADDRESS";
- $ifaces{$defnet}='0.0.0.0' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
+ my $defsub="$defaultNetworks{$network}{'NAME'}_NETMASK";
+ my $defsub1=&General::subtocidr($ifaces{$defsub});
+ $ifaces{$defnet}='' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
if ($ifaces{$defnet}){
- print ">$network ($ifaces{$defnet})</option>";
+ print ">$network ($ifaces{$defnet}/$defsub1)</option>";
}else{
print ">$network</option>";
}
if($fwdfwsettings{'config'} eq ''){$fwdfwsettings{'config'}=$configfwdfw;}
my $config=$fwdfwsettings{'config'};
my %hash=();
+ #Get Red IP-ADDRESS
+ open (CONN1,"/var/ipfire/red/local-ipaddress");
+ my $redip = <CONN1>;
+ close(CONN1);
$checked{'grp1'}{$fwdfwsettings{'grp1'}} = 'CHECKED';
$checked{'grp2'}{$fwdfwsettings{'grp2'}} = 'CHECKED';
$checked{'grp3'}{$fwdfwsettings{'grp3'}} = 'CHECKED';
$selected{'TIME_FROM'}{$fwdfwsettings{'TIME_FROM'}} = 'selected';
$selected{'TIME_TO'}{$fwdfwsettings{'TIME_TO'}} = 'selected';
$selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} ='selected';
- $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} ='selected';
+ $selected{'ipfire_src'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} ='selected';
#check if update and get values
if($fwdfwsettings{'updatefwrule'} eq 'on' || $fwdfwsettings{'copyfwrule'} eq 'on' && !$errormessage){
&General::readhasharray("$config", \%hash);
$selected{'TIME_FROM'}{$fwdfwsettings{'TIME_FROM'}} = 'selected';
$selected{'TIME_TO'}{$fwdfwsettings{'TIME_TO'}} = 'selected';
$selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} ='selected';
- $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} ='selected';
+ $selected{'ipfire_src'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} ='selected';
$selected{'dnat'}{$fwdfwsettings{$fwdfwsettings{'nat'}}} ='selected';
$selected{'snat'}{$fwdfwsettings{$fwdfwsettings{'nat'}}} ='selected';
}
#------SOURCE-------------------------------------------------------
print<<END;
<table width='100%' border='0'>
- <tr><td width='1%'><input type='radio' name='grp1' value='src_addr' checked></td><td width='60%'>$Lang::tr{'fwdfw sourceip'}<input type='TEXT' name='src_addr' value='$fwdfwsettings{'src_addr'}' size='16' maxlength='17'></td><td width='1%'><input type='radio' name='grp1' value='ipfire_src' $checked{'grp1'}{'ipfire'}></td><td><b>Firewall</b></td>
+ <tr><td width='1%'><input type='radio' name='grp1' value='src_addr' checked></td><td width='60%'>$Lang::tr{'fwdfw sourceip'}<input type='TEXT' name='src_addr' value='$fwdfwsettings{'src_addr'}' size='16' maxlength='17'></td><td width='1%'><input type='radio' name='grp1' value='ipfire_src' $checked{'grp1'}{'ipfire_src'}></td><td><b>Firewall</b></td>
END
print"<td align='right'><select name='ipfire_src' style='width:200px;'>";
- print "<option value='ALL' $selected{'ipfire'}{'ALL'}>$Lang::tr{'all'}</option>";
- print "<option value='GREEN' $selected{'ipfire'}{'GREEN'}>$Lang::tr{'green'} ($ifaces{'GREEN_ADDRESS'})</option>" if $ifaces{'GREEN_ADDRESS'};
- print "<option value='ORANGE' $selected{'ipfire'}{'ORANGE'}>$Lang::tr{'orange'} ($ifaces{'ORANGE_ADDRESS'})</option>" if $ifaces{'ORANGE_ADDRESS'};
- print "<option value='BLUE' $selected{'ipfire'}{'BLUE'}>$Lang::tr{'blue'} ($ifaces{'BLUE_ADDRESS'})</option>" if $ifaces{'BLUE_ADDRESS'};
- print "<option value='RED1' $selected{'ipfire'}{'RED1'}>$Lang::tr{'red1'} ($ifaces{'RED_ADDRESS'})</option>" if $ifaces{'RED_ADDRESS'};
+ print "<option value='ALL' $selected{'ipfire_src'}{'ALL'}>$Lang::tr{'all'}</option>";
+ print "<option value='GREEN' $selected{'ipfire_src'}{'GREEN'}>$Lang::tr{'green'} ($ifaces{'GREEN_ADDRESS'})</option>" if $ifaces{'GREEN_ADDRESS'};
+ print "<option value='ORANGE' $selected{'ipfire_src'}{'ORANGE'}>$Lang::tr{'orange'} ($ifaces{'ORANGE_ADDRESS'})</option>" if $ifaces{'ORANGE_ADDRESS'};
+ print "<option value='BLUE' $selected{'ipfire_src'}{'BLUE'}>$Lang::tr{'blue'} ($ifaces{'BLUE_ADDRESS'})</option>" if $ifaces{'BLUE_ADDRESS'};
+ print "<option value='RED1' $selected{'ipfire_src'}{'RED1'}>$Lang::tr{'red1'} ($redip)" if ($redip);
if (! -z "${General::swroot}/ethernet/aliases"){
foreach my $alias (sort keys %aliases)
print "<option value='GREEN' $selected{'ipfire'}{'GREEN'}>$Lang::tr{'green'} ($ifaces{'GREEN_ADDRESS'})</option>" if $ifaces{'GREEN_ADDRESS'};
print "<option value='ORANGE' $selected{'ipfire'}{'ORANGE'}>$Lang::tr{'orange'} ($ifaces{'ORANGE_ADDRESS'})</option>" if $ifaces{'ORANGE_ADDRESS'};
print "<option value='BLUE' $selected{'ipfire'}{'BLUE'}>$Lang::tr{'blue'} ($ifaces{'BLUE_ADDRESS'})</option>" if $ifaces{'BLUE_ADDRESS'};
- print "<option value='RED1' $selected{'ipfire'}{'RED1'}>$Lang::tr{'red1'} ($ifaces{'RED_ADDRESS'})</option>" if $ifaces{'RED_ADDRESS'};
-
+ print "<option value='RED1' $selected{'ipfire'}{'RED1'}>$Lang::tr{'red1'} ($redip)" if ($redip);
if (! -z "${General::swroot}/ethernet/aliases"){
foreach my $alias (sort keys %aliases)
{
}
print<<END;
</select></td></tr>
- <tr><td colspan='2'></td><td><input type='radio' name='grp3' value='cust_srvgrp' $checked{'grp3'}{'cust_srvgrp'}></td><td nowrap='nowrap'>$Lang::tr{'fwhost cust srvgrp'}:</td><td colspan='2'><select name='cust_srvgrp' style='min-width:230px;' >
+ <tr><td colspan='2'></td><td><input type='radio' name='grp3' value='cust_srvgrp' $checked{'grp3'}{'cust_srvgrp'}></td><td nowrap='nowrap'>$Lang::tr{'fwhost cust srvgrp'}</td><td colspan='2'><select name='cust_srvgrp' style='min-width:230px;' >
END
&General::readhasharray("$configsrvgrp", \%customservicegrp);
my $helper;
#SNAT
print"<tr><td colspan='2'></td><td width='1%'><input type='radio' name='nat' value='snat' $checked{'nat'}{'snat'}></td><td width='20%'>$Lang::tr{'fwdfw snat'}</td>";
print"<td width='8%'>IPFire: </td><td width='20%' align='right'><select name='snat' style='width:140px;'>";
- print "<option value='Default IP' $selected{'snat'}{'Default IP'}>Default IP</option>";
foreach my $alias (sort keys %aliases)
{
print "<option value='$alias' $selected{'snat'}{$alias}>$alias</option>";
}
foreach my $network (sort keys %defaultNetworks)
{
- next if($defaultNetworks{$network}{'NAME'} eq "RED");
next if($defaultNetworks{$network}{'NAME'} eq "IPFire");
next if($defaultNetworks{$network}{'NAME'} eq "ALL");
next if($defaultNetworks{$network}{'NAME'} =~ /OpenVPN/i);
}
}
print"</select></td></tr>";
- print"<tr><td width='100%'>$Lang::tr{'remark'}:</td><td align='left'><input type='text' name='ruleremark' size='78' maxlength='255' value='$fwdfwsettings{'ruleremark'}'></td></tr>";
+ print"<tr><td width='12%'>$Lang::tr{'remark'}:</td><td width='88%' align='left'><input type='text' name='ruleremark' maxlength='255' value='$fwdfwsettings{'ruleremark'}' style='width:99%':></td></tr>";
#print"<tr><td width='100%'>$Lang::tr{'remark'}:</td><td align='left'><textarea name='ruleremark' cols='70' rows='3' value='$fwdfwsettings{'ruleremark'}'></textarea></td></tr>";
if($fwdfwsettings{'updatefwrule'} eq 'on' || $fwdfwsettings{'copyfwrule'} eq 'on'){
print "<tr><td width='12%'>$Lang::tr{'fwdfw rulepos'}:</td><td><select name='rulepos' >";
print"<td align='center'>$protz</td>";
@protocols=();
#SOURCE
+ my $ipfireiface;
&getcolor($$hash{$key}[3],$$hash{$key}[4],\%customhost);
print"<td align='center' width='160' $tdcolor>";
+ if ($$hash{$key}[3] eq 'ipfire_src'){
+ $ipfireiface='Interface ';
+ }
if ($$hash{$key}[3] eq 'std_net_src'){
print &get_name($$hash{$key}[4]);
}elsif ($$hash{$key}[3] eq 'src_addr'){
}else{
print $$hash{$key}[4];
}
+ }elsif ($$hash{$key}[4] eq 'RED1'){
+ print "$ipfireiface $Lang::tr{'fwdfw red'}";
}else{
- print $$hash{$key}[4];
+ print "$$hash{$key}[4]";
}
$tdcolor='';
#SOURCEPORT
&getsrcport(\%$hash,$key);
#Is this a SNAT rule?
if ($$hash{$key}[31] eq 'snat' && $$hash{$key}[28] eq 'ON'){
- print"<br>->$$hash{$key}[29]";
+ my $net=&get_name($$hash{$key}[29]);
+ if ( ! $net){ $net=$$hash{$key}[29];}
+ print"<br>->$net";
if ($$hash{$key}[30] ne ''){
print": $$hash{$key}[30]";
}
}
print"<br>->";
}
- if ($$hash{$key}[5] eq 'std_net_tgt' || $$hash{$key}[5] eq 'ipfire' && $$hash{$key}[6] eq 'RED' || $$hash{$key}[6] eq 'RED1' || $$hash{$key}[6] eq 'GREEN' || $$hash{$key}[6] eq 'ORANGE' || $$hash{$key}[6] eq 'BLUE' ){
- if ($$hash{$key}[6] eq 'RED1')
+ if ($$hash{$key}[5] eq 'ipfire'){
+ $ipfireiface='Interface';
+ }
+ if ($$hash{$key}[5] eq 'std_net_tgt' || $$hash{$key}[5] eq 'ipfire' || $$hash{$key}[6] eq 'RED1' || $$hash{$key}[6] eq 'GREEN' || $$hash{$key}[6] eq 'ORANGE' || $$hash{$key}[6] eq 'BLUE' ){
+ if ($$hash{$key}[6] eq 'RED1'){
+ print "$ipfireiface $Lang::tr{'red1'}";
+ }elsif ($$hash{$key}[6] eq 'GREEN' || $$hash{$key}[6] eq 'ORANGE' || $$hash{$key}[6] eq 'BLUE'|| $$hash{$key}[6] eq 'ALL')
{
- print $Lang::tr{'red1'};
+ print "$ipfireiface ".&get_name($$hash{$key}[6]);
}else{
- print &get_name($$hash{$key}[6]);
+ print $$hash{$key}[6];
}
}elsif ($$hash{$key}[5] eq 'tgt_addr'){
my ($split1,$split2) = split("/",$$hash{$key}[6]);
print $$hash{$key}[6];
}
}else{
- print $$hash{$key}[6];
+ print "$$hash{$key}[6]";
}
$tdcolor='';
#TARGETPORT
}
print"<tr bgcolor='FFFFFF'><td colspan='13' height='1'></td></tr>";
}
+ print"</table>";
+ print "<table width='100%'rules='cols' border='1'>";
my $col;
if ($config eq '/var/ipfire/forward/config'){
my $pol='fwdfw '.$fwdfwsettings{'POLICY'};
}else{
$col="bgcolor='green'";
}
- print"<tr><td colspan='13' $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}</font></td></tr>";
+ &show_defaultrules($col,$pol);
}elsif ($config eq '/var/ipfire/forward/outgoing'){
my $pol='fwdfw '.$fwdfwsettings{'POLICY1'};
if ($fwdfwsettings{'POLICY1'} eq 'MODE1'){
}else{
$col="bgcolor='green'";
}
- print"<tr><td colspan='13' $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}</font></td></tr>";
+ print"<tr><td $col width='20%' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td $col><font color='#FFFFFF' align='center'>$Lang::tr{$pol}</font></td></tr>";
}else{
- print"<tr><td colspan='13' bgcolor='darkred' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{'fwdfw MODE1'}</font></td></tr>";
+ print"<tr><td bgcolor='darkred' width='20%' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td bgcolor='darkred' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw MODE1'}</font></td></tr>";
}
print"</table>";
print "<hr>";
}else{
if ($optionsfw{'SHOWTABLES'} eq 'on'){
print "<b>$title1</b><br>";
- print"<table width='100%' border='0' rules='none'><tr><td height='30' bgcolor=$color{'color22'} align='center'>$Lang::tr{'fwhost empty'}</td></tr>";
+ print"<table width='100%' border='0' rules='none'><tr><td height='30' bgcolor=$color{'color22'} align='center'>$Lang::tr{'fwhost empty'}</td></tr></table>";
my $col;
if ($config eq '/var/ipfire/forward/config'){
my $pol='fwdfw '.$fwdfwsettings{'POLICY'};
}else{
$col="bgcolor='green'";
}
- print"<tr><td colspan='13' $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}</font></td></tr>";
+ &show_defaultrules($col,$pol);
}elsif ($config eq '/var/ipfire/forward/outgoing'){
+ print "<table width='100%' rules='cols' border='1'>";
my $pol='fwdfw '.$fwdfwsettings{'POLICY1'};
if ($fwdfwsettings{'POLICY1'} eq 'MODE1'){
$col="bgcolor='darkred'";
}else{
$col="bgcolor='green'";
}
- print"<tr><td colspan='13' $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}</font></td></tr>";
+ print"<tr><td $col align='center' width='20%'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td $col align='center'><font color='#FFFFFF'>$Lang::tr{$pol}</font></td></tr>";
}else{
- print"<tr><td colspan='13' bgcolor='darkred' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{'fwdfw MODE1'}</font></td></tr>";
+ print"<tr><td bgcolor='darkred' align='center' width='20%'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td align='center'>$Lang::tr{'fwdfw MODE1'}</font></td></tr>";
}
print"</table><br><br>";
}
}
&Header::closebigbox();
&Header::closepage();
+
+sub show_defaultrules
+{
+ my $col=shift;
+ my $pol=shift;
+ #STANDARD RULES (From WIKI)
+ print"</table><br>";
+ print "<table width='100%' rules='cols' border='1' >";
+ if ($col eq "bgcolor='green'"){
+ my $blue = "<font color=$Header::colourblue> $Lang::tr{'blue'}</font> ($Lang::tr{'fwdfw pol block'})" if $ifaces{'BLUE_DEV'};
+ my $orange = "<font color=$Header::colourorange> $Lang::tr{'orange'}</font> ($Lang::tr{'fwdfw pol block'})" if $ifaces{'ORANGE_DEV'};
+ my $blue1 = "<font color=$Header::colourblue> $Lang::tr{'blue'}</font> ($Lang::tr{'fwdfw pol allow'})" if $ifaces{'BLUE_DEV'};
+ my $orange1 = "<font color=$Header::colourorange> $Lang::tr{'orange'}</font> ($Lang::tr{'fwdfw pol allow'})" if $ifaces{'ORANGE_DEV'};
+ print"<tr><td align='center'><font color='#000000'>$Lang::tr{'green'}</td><td align='center'> <font color=$Header::colourred> $Lang::tr{'red'}</font> ($Lang::tr{'fwdfw pol allow'})</td><td align='center'>$orange1</td><td align='center'>$blue1</td></tr>";
+ print"<tr><td align='center' width='20%'><font color='#000000'>$Lang::tr{'orange'}</td><td align='center'> <font color=$Header::colourred> $Lang::tr{'red'}</font> ($Lang::tr{'fwdfw pol allow'})</td><td align='center'><font color=$Header::colourgreen> $Lang::tr{'green'}</font> ($Lang::tr{'fwdfw pol block'})</td><td align='center'>$blue</td></tr>";
+ print"<tr><td align='center'><font color='#000000'>$Lang::tr{'blue'}</td><td align='center'> <font color=$Header::colourred> $Lang::tr{'red'}</font> ($Lang::tr{'fwdfw pol allow'})</td><td align='center'>$orange</td><td align='center'><font color=$Header::colourgreen> $Lang::tr{'green'}</font> ($Lang::tr{'fwdfw pol block'})</td></tr>" if $ifaces{'BLUE_DEV'};
+ print"<tr><td $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} </font></td><td $col colspan='3' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw pol allow'}</font></td></tr>";
+ }elsif($col eq "bgcolor='darkred'"){
+ print"<tr><td $col width='20%' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td $col align='center'><font color='#FFFFFF'>$Lang::tr{$pol}</font></td></tr>";
+ }
+}