X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Ffwhosts.cgi;h=042fdde0c5339b1f39c7e20450d442e393ef362f;hp=8bcc61f42a3fe27497bf2b0eb2dfded2f938c915;hb=a72ae687c6779a280fe2da176550471b8b3b1771;hpb=3932f02ba33e0f0b7686db4bd6f4609ae7e3d370 diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi old mode 100755 new mode 100644 index 8bcc61f42..042fdde0c --- a/html/cgi-bin/fwhosts.cgi +++ b/html/cgi-bin/fwhosts.cgi @@ -21,7 +21,8 @@ use strict; # enable only the following on debugging purpose -use warnings; +#use warnings; + use Sort::Naturally; use CGI::Carp 'fatalsToBrowser'; no warnings 'uninitialized'; @@ -48,7 +49,7 @@ my %fwfwd=(); my %fwinp=(); my %fwout=(); my %ovpnsettings=(); - +my %netsettings=(); my $errormessage; my $hint; @@ -80,11 +81,11 @@ unless (-e $configsrvgrp) { system("touch $configsrvgrp"); } &General::readhash("$configovpn", \%ovpnsettings); &General::readhasharray("$configipsec", \%ipsecconf); &General::readhash("$configipsecrw", \%ipsecsettings); - +&General::readhash("/var/ipfire/ethernet/settings", \%netsettings); &Header::getcgihash(\%fwhostsettings); &Header::showhttpheaders(); -&Header::openpage($Lang::tr{'fwhost hosts'}, 1, ''); +&Header::openpage($Lang::tr{'fwhost menu'}, 1, ''); &Header::openbigbox('100%', 'center'); #### JAVA SCRIPT #### @@ -780,7 +781,7 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp') } #on update, we have to delete the dummy entry foreach my $key (keys %customservicegrp){ - if ($customservicegrp{$key}[2] eq 'none'){ + if ($customservicegrp{$key}[2] eq 'none' && $customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){ delete $customservicegrp{$key}; last; } @@ -893,33 +894,22 @@ if ($fwhostsettings{'ACTION'} eq 'deletegrphost') &General::readhasharray("$configgrp", \%customgrp); foreach my $key (keys %customgrp){ if($customgrp{$key}[0].",".$customgrp{$key}[1].",".$customgrp{$key}[2].",".$customgrp{$key}[3] eq $fwhostsettings{'delhost'}){ - #decrease count from source host/net - if ($customgrp{$key}[3] eq 'Custom Network'){ - &General::readhasharray("$confignet", \%customnetwork); - foreach my $key1 (keys %customnetwork){ - if ($customnetwork{$key1}[0] eq $customgrp{$key}[2]){ - $customnetwork{$key1}[4] = $customnetwork{$key1}[4]-1; - last; - } - } - &General::writehasharray("$confignet", \%customnetwork); - } - if ($customgrp{$key}[3] eq 'Custom Host'){ - &General::readhasharray("$confighost", \%customhost); - foreach my $key1 (keys %customhost){ - if ($customhost{$key1}[0] eq $customgrp{$key}[2]){ - $customhost{$key1}[4] = $customhost{$key1}[4]-1; - last; - } - } - &General::writehasharray("$confighost", \%customhost); - } $grpname=$customgrp{$key}[0]; $grpremark=$customgrp{$key}[1]; - delete $customgrp{$key}; + #check if we delete the last entry, then generate dummy + if ($fwhostsettings{'last'} eq 'on'){ + $customgrp{$key}[1] = ''; + $customgrp{$key}[2] = 'none'; + $customgrp{$key}[3] = ''; + $fwhostsettings{'last'}=''; + last; + }else{ + delete $customgrp{$key}; + } } } &General::writehasharray("$configgrp", \%customgrp); + &General::firewall_config_changed(); if ($fwhostsettings{'grpcnt'} > 0){ &General::firewall_config_changed(); } @@ -982,23 +972,20 @@ if ($fwhostsettings{'ACTION'} eq 'delgrpservice') my $grpname; my $grpremark; &General::readhasharray("$configsrvgrp", \%customservicegrp); - &General::readhasharray("$configsrv", \%customservice); foreach my $key (keys %customservicegrp){ if($customservicegrp{$key}[0].",".$customservicegrp{$key}[1].",".$customservicegrp{$key}[2] eq $fwhostsettings{'delsrvfromgrp'}) { - #decrease count from source service - foreach my $key1 (sort keys %customservice){ - if($customservice{$key1}[0] eq $customservicegrp{$key}[2]){ - $customservice{$key1}[4]--; - last; - } - } $grpname=$customservicegrp{$key}[0]; $grpremark=$customservicegrp{$key}[1]; - delete $customservicegrp{$key}; + if($fwhostsettings{'last'} eq 'on'){ + $customservicegrp{$key}[2] = 'none'; + $fwhostsettings{'last'} = ''; + last; + }else{ + delete $customservicegrp{$key}; + } } } - &General::writehasharray("$configsrv", \%customservice); &General::writehasharray("$configsrvgrp", \%customservicegrp); &General::firewall_config_changed(); if ($fwhostsettings{'updatesrvgrp'} eq 'on'){ @@ -1007,7 +994,6 @@ if ($fwhostsettings{'ACTION'} eq 'delgrpservice') } &addservicegrp; &viewtableservicegrp; - } if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newnet'}) { @@ -1139,7 +1125,7 @@ if($fwhostsettings{'ACTION'} eq '') } ### FUNCTIONS ### sub showmenu { - &Header::openbox('100%', 'left',$Lang::tr{'fwhost menu'}); + &Header::openbox('100%', 'left',); print "$Lang::tr{'fwhost welcome'}"; print<
@@ -1226,12 +1212,12 @@ sub addgrp print< - - + + - - + + @@ -1240,17 +1226,17 @@ sub addgrp END }else{ print< +
$Lang::tr{'fwhost addgrpname'}
$Lang::tr{'fwhost addgrpname'}
$Lang::tr{'remark'}:$Lang::tr{'remark'}:

- - + + - - + +
$Lang::tr{'fwhost addgrpname'}$Lang::tr{'fwhost addgrpname'}
$Lang::tr{'remark'}:


@@ -1261,8 +1247,16 @@ END
- - -
- -
$Lang::tr{'fwhost stdnet'} + + + "; if (! -z $confignet){ - print" + "; } if (! -z $confighost){ - print" +
+ + +
$Lang::tr{'fwhost cust net'}: + + +
$Lang::tr{'fwhost cust addr'}: + + +
"; #Inner table right - print"		"; + print"
"; #OVPN networks if (! -z $configccdnet){ - print" + "; } #OVPN clients + my @ovpn_clients=(); foreach my $key (sort { ncmp($ccdhost{$a}[0],$ccdhost{$b}[0]) } keys %ccdhost) { if ($ccdhost{$key}[33] ne ''){ - print" + "; } - if ($show eq '1'){$show='';print"";} #OVPN n2n networks + my @OVPN_N2N=(); foreach my $key (sort { ncmp($ccdhost{$a}[1],$ccdhost{$b}[1]) } keys %ccdhost) { if($ccdhost{$key}[3] eq 'net'){ - print"";} + if ($show eq '1'){ + $show=''; + print< + + + "; + } #IPsec networks + my @IPSEC_N2N=(); foreach my $key (sort { ncmp($ipsecconf{$a}[0],$ipsecconf{$b}[0]) } keys %ipsecconf) { if ($ipsecconf{$key}[3] eq 'net'){ - print"";} + if ($show eq '1'){ + $show=''; + print< + + + "; print"
$Lang::tr{'fwhost ccdnet'} + $Lang::tr{'fwhost ccdnet'} + + +
$Lang::tr{'fwhost ccdhost'} + $Lang::tr{'fwhost ccdhost'} + + +
$Lang::tr{'fwhost ovpn_n2n'}:
+
$Lang::tr{'fwhost ipsec net'}
+
"; print"
"; print"

"; } print""; - print"
"; + print"
"; &Header::closebox(); } sub addservice @@ -1429,9 +1500,28 @@ END print<
$Lang::tr{'fwhost addgrpname'}
$Lang::tr{'remark'}:

+ +
+ + $Lang::tr{'remark'}: + + + + + + + + + + + + + +
+ + + +
END } if($fwhostsettings{'updatesrvgrp'} eq 'on'){ @@ -1479,6 +1569,7 @@ sub viewtablenet &General::readhasharray("$fwconfigfwd", \%fwfwd); &General::readhasharray("$fwconfiginp", \%fwinp); &General::readhasharray("$fwconfigout", \%fwout); + if (!keys %customnetwork) { print "
$Lang::tr{'fwhost empty'}"; @@ -1497,17 +1588,17 @@ END }elsif ($count % 2) { $col="bgcolor='$color{'color20'}'"; - print" ";# bgcolor='$color{'color20'}'>"; + print" "; }else { $col="bgcolor='$color{'color22'}'"; - print" ";# bgcolor='$color{'color22'}'>"; + print" "; } my $colnet="$customnetwork{$key}[1]/".&General::subtocidr($customnetwork{$key}[2]); my $netcount=&getnetcount($customnetwork{$key}[0]); - print"
$customnetwork{$key}[0]".&Header::colorize($colnet)."$customnetwork{$key}[3]$netcount x"; + print"$customnetwork{$key}[0]".&getcolor($colnet)."$customnetwork{$key}[3]$netcount x"; print< + @@ -1517,7 +1608,7 @@ END END if($netcount == '0') { - print""; + print"
"; }else{ print""; } @@ -1531,50 +1622,79 @@ END sub getcolor { my $c=shift; + my $sip; + my $scidr; + #Check if MAC + if (&General::validmac($c)){ return $c;} + + #Check if we got a full IP with subnet then split it + if($c =~ /^(.*?)\/(.*?)$/){ + ($sip,$scidr) = split ("/",$c); + }else{ + $sip=$c; + } + + #Now check if IP is part of ORANGE,BLUE or GREEN + if ( &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){ + $tdcolor="$c"; + return $tdcolor; + } + if ( &General::IpInSubnet($sip,$netsettings{'GREEN_ADDRESS'},$netsettings{'GREEN_NETMASK'})){ + $tdcolor="$c"; + return $tdcolor; + } + if ( &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){ + $tdcolor="$c"; + return $tdcolor; + } + #Check if IP is part of OpenVPN N2N subnet foreach my $key (sort keys %ccdhost){ if ($ccdhost{$key}[3] eq 'net'){ my ($a,$b) = split("/",$ccdhost{$key}[11]); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color:$Header::colourovpn ;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } } } + #Check if IP is part of OpenVPN dynamic subnet my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'}); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color: $Header::colourovpn;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } + #Check if IP is part of OpenVPN static subnet foreach my $key (sort keys %ccdnet){ my ($a,$b) = split("/",$ccdnet{$key}[1]); $b =&General::iporsubtodec($b); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color: $Header::colourovpn;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } } + #Check if IP is part of IPsec RW network if ($ipsecsettings{'RW_NET'} ne ''){ my ($a,$b) = split("/",$ipsecsettings{'RW_NET'}); $b=&General::iporsubtodec($b); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color: $Header::colourvpn;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } } + #Check if IP is part of a IPsec N2N network foreach my $key (sort keys %ipsecconf){ my ($a,$b) = split("/",$ipsecconf{$key}[11]); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color: $Header::colourvpn;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } } - $tdcolor=''; - return $tdcolor; + return "$c"; } sub viewtablehost { @@ -1613,9 +1733,9 @@ END $customhost{$key}[4]=~s/\s+//g; my $hostcount=0; $hostcount=&gethostcount($customhost{$key}[0]); - print"$customhost{$key}[0]".&Header::colorize($ip)."$customhost{$key}[3]$hostcount x"; + print"$customhost{$key}[0]".&getcolor($ip)."$customhost{$key}[3]$hostcount x"; print<
+ @@ -1625,7 +1745,7 @@ END END if($hostcount == '0') { - print"
"; + print"
"; }else{ print""; } @@ -1655,10 +1775,19 @@ sub viewtablegrp my $remark; my $number; my $delflag; + my @counter; + my %hash; if (!keys %customgrp) { print "
$Lang::tr{'fwhost err emptytable'}"; }else{ + #get all groups in a hash + foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){ + push (@counter,$customgrp{$key}[0]); + } + foreach my $key1 (@counter) { + $hash{$key1}++ ; + } foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){ $count++; if ($helper ne $customgrp{$key}[0]){ @@ -1676,17 +1805,17 @@ sub viewtablegrp if ($customgrp{$key}[2] eq "none"){$customgrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};} $grpname=$customgrp{$key}[0]; $remark="$customgrp{$key}[1]"; - if($count gt 1){ print"";} + if($count gt 1){ print"";$count=1;} print "
$grpname   "; print " $Lang::tr{'remark'}:  $remark   " if ($remark ne ''); my $netgrpcount=&getnetcount($grpname); print "$Lang::tr{'used'}: $netgrpcount x"; if($netgrpcount == '0') { - print"
"; + print"
"; } - print"
"; - print""; + print""; + print"
Name$Lang::tr{'ip address'}$Lang::tr{'fwhost type'}
"; } my $col=''; if ( ($fwhostsettings{'ACTION'} eq 'editgrp' || $fwhostsettings{'update'} ne '') && $fwhostsettings{'grp_name'} eq $customgrp{$key}[0]) { @@ -1694,10 +1823,10 @@ sub viewtablegrp $col="bgcolor='${Header::colouryellow}'"; }elsif ($count %2 == 0){ print""; - $col="bgcolor='$color{'color22'}'"; + $col="bgcolor='$color{'color20'}'"; }else{ print""; - $col="bgcolor='$color{'color20'}'"; + $col="bgcolor='$color{'color22'}'"; } my $ip=&getipforgroup($customgrp{$key}[2],$customgrp{$key}[3]); if ($ip eq ''){ @@ -1715,10 +1844,16 @@ sub viewtablegrp }else{ my ($colip,$colsub) = split("/",$ip); $ip="$colip/".&General::subtocidr($colsub) if ($colsub); - print""; @@ -1770,7 +1905,7 @@ END elsif($customservice{$key}[3] ne 'BLANK'){print $customservice{$key}[3];} print< - "; + print""; }else{ print""; } @@ -1793,11 +1928,15 @@ sub viewtableservicegrp my $grpname; my $remark; my $helper; + my $helper1; my $port; my $protocol; my $delflag; my $grpcount=0; my $col=''; + my $lastentry=0; + my @counter; + my %hash; if (! -z $configsrvgrp){ &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust srvgrp'}); &General::readhasharray("$configsrvgrp", \%customservicegrp); @@ -1806,6 +1945,12 @@ sub viewtableservicegrp &General::readhasharray("$fwconfiginp", \%fwinp); &General::readhasharray("$fwconfigout", \%fwout); my $number= keys %customservicegrp; + foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){ + push (@counter,$customservicegrp{$key}[0]); + } + foreach my $key1 (@counter) { + $hash{$key1}++ ; + } foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){ $count++; if ($helper ne $customservicegrp{$key}[0]){ @@ -1823,20 +1968,20 @@ sub viewtableservicegrp } $grpname=$customservicegrp{$key}[0]; if ($customservicegrp{$key}[2] eq "none"){ - $customservicegrp{$key}[2]=$Lang::tr{'fwhost empty'}; + $customservicegrp{$key}[2]=$Lang::tr{'fwhost err emptytable'}; $port=''; $protocol=''; } $remark="$customservicegrp{$key}[1]"; - if($count >=2){print"
$Lang::tr{'name'}$Lang::tr{'fwhost ip_mac'}$Lang::tr{'fwhost type'}
".&Header::colorize($ip)."$customgrp{$key}[3]
"; - } - if ($delflag > 1 && $ip ne ''){ - print""; + print"
".&getcolor($ip)."$customgrp{$key}[3]"; + } + if ($delflag > 0 && $ip ne ''){ + print""; + #check if this group has only one entry + foreach my $key2 (keys %hash) { + if ($hash{$key2}<2 && $key2 eq $customgrp{$key}[0]){ + print "" ; + } + } } print"
$srvcount x
+
@@ -1778,7 +1913,7 @@ END END if ($srvcount eq '0') { - print"
";} + if($count >0){print"";$count=1;} print "
$grpname    "; print "$Lang::tr{'remark'}:  $remark " if ($remark ne ''); print "  $Lang::tr{'used'}: $grpcount x"; if($grpcount == '0') { - print"
"; + print"
"; } - print"
"; + print"
"; print""; } if( $fwhostsettings{'SRVGRP_NAME'} eq $customservicegrp{$key}[0]) { @@ -1849,6 +1994,11 @@ sub viewtableservicegrp print""; $col="bgcolor='$color{'color22'}'"; } + #make lines yellow if it is a dummy entry + if ($customservicegrp{$key}[2] eq $Lang::tr{'fwhost err emptytable'}){ + print""; + $col="bgcolor='${Header::colouryellow}'"; + } #Set fields if we use protocols in servicegroups if ($customservicegrp{$key}[2] ne 'TCP' || $customservicegrp{$key}[2] ne 'UDP' || $customservicegrp{$key}[2] ne 'ICMP'){ $port='-'; @@ -1868,8 +2018,16 @@ sub viewtableservicegrp } } print"
Name$Lang::tr{'port'}$Lang::tr{'fwhost prot'}
$port$protocol
"; - if ($delflag gt '1'){ - print""; + if ($delflag gt '0'){ + if ($customservicegrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){ + print""; + } + #check if this group has only one entry + foreach my $key2 (keys %hash) { + if ($hash{$key2}<2 && $key2 eq $customservicegrp{$key}[0]){ + print "" ; + } + } } print""; if($protocol eq 'TCP' || $protocol eq 'UDP' || $protocol eq 'ICMP'){ @@ -1897,7 +2055,7 @@ sub checkname } sub checkgroup { - &General::readhasharray("$configsrvgrp", \%customservicegrp ); + &General::readhasharray("$configgrp", \%customgrp ); my $name=shift; foreach my $key (keys %customservicegrp) { if($customservicegrp{$key}[0] eq $name){