X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Ffwhosts.cgi;h=90e1fb305c39fa788fe3d1ec6ca5455d4827b009;hp=6b6a5ec23c4208e42b548eda625e1854e7b44fb8;hb=d928d79566cd802f85cd38bcd8bd76f4bb112547;hpb=7772ae734e9bc926c19adfbd9333471cdf300f6f diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi index 6b6a5ec23..90e1fb305 100755 --- a/html/cgi-bin/fwhosts.cgi +++ b/html/cgi-bin/fwhosts.cgi @@ -80,6 +80,11 @@ unless (-e $configsrvgrp) { system("touch $configsrvgrp"); } &Header::openbigbox('100%', 'center'); ## ACTION #### +if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwdfw reread'}) +{ + &reread_rules; + &showmenu; +} # Update if ($fwhostsettings{'ACTION'} eq 'updatenet' ) { @@ -108,20 +113,23 @@ if ($fwhostsettings{'ACTION'} eq 'updatehost') { if($customhost{$key}[0] eq $fwhostsettings{'orgname'}) { - $fwhostsettings{'orgname'} = $customhost{$key}[0]; if ($customhost{$key}[1] eq 'ip'){ ($ip,$subnet) = split (/\//,$customhost{$key}[2]); }else{ $ip = $customhost{$key}[2]; } $fwhostsettings{'orgip'} = $ip; - $fwhostsettings{'count'} = $customhost{$key}[3]; + $fwhostsettings{'count'} = $customhost{$key}[4]; delete $customhost{$key}; + &General::writehasharray("$confighost", \%customhost); } } - &General::writehasharray("$confighost", \%customhost); $fwhostsettings{'actualize'} = 'on'; + if($fwhostsettings{'orgip'}){ $fwhostsettings{'ACTION'} = 'savehost'; + }else{ + $fwhostsettings{'ACTION'} = $Lang::tr{'fwhost newhost'}; + } } if ($fwhostsettings{'ACTION'} eq 'updateservice') { @@ -151,13 +159,41 @@ if ($fwhostsettings{'ACTION'} eq 'updateservice') $customservice{$key1}[3] = $fwhostsettings{'ICMP_TYPES'}; $customservice{$key1}[4] = $count; &General::writehasharray("$configsrv", \%customservice); - if($fwhostsettings{'updatesrv'} eq 'on'){ - if($count gt 0 && $fwhostsettings{'oldsrvport'} ne $fwhostsettings{'SRV_PORT'} ){ - $needrules='on'; + #check if we need to update firewallrules + if ($fwhostsettings{'SRV_NAME'} ne $fwhostsettings{'oldsrvname'}){ + if ( ! -z $fwconfigfwd ){ + &General::readhasharray("$fwconfigfwd", \%fwfwd); + foreach my $key (sort keys %fwfwd){ + if ($fwfwd{$key}[15] eq $fwhostsettings{'oldsrvname'}){ + $fwfwd{$key}[15] = $fwhostsettings{'SRV_NAME'}; + } + } + &General::writehasharray("$fwconfigfwd", \%fwfwd); + } + if ( ! -z $fwconfiginp ){ + &General::readhasharray("$fwconfiginp", \%fwinp); + foreach my $line (sort keys %fwinp){ + if ($fwfwd{$line}[15] eq $fwhostsettings{'oldsrvname'}){ + $fwfwd{$line}[15] = $fwhostsettings{'SRV_NAME'}; + } + } + &General::writehasharray("$fwconfiginp", \%fwinp); } - if($count gt 0 && $fwhostsettings{'oldsrvprot'} ne $fwhostsettings{'PROT'} ){ - $needrules='on'; + #check if we need to update groups + &General::readhasharray("$configsrvgrp", \%customservicegrp); + foreach my $key (sort keys %customservicegrp){ + if($customservicegrp{$key}[2] eq $fwhostsettings{'oldsrvname'}){ + $customservicegrp{$key}[2] = $fwhostsettings{'SRV_NAME'}; + } } + &General::writehasharray("$configsrvgrp", \%customservicegrp); + $needrules='on'; + } + if($count gt 0 && $fwhostsettings{'oldsrvport'} ne $fwhostsettings{'SRV_PORT'} ){ + $needrules='on'; + } + if($count gt 0 && $fwhostsettings{'oldsrvprot'} ne $fwhostsettings{'PROT'} ){ + $needrules='on'; } $fwhostsettings{'SRV_NAME'} = ''; $fwhostsettings{'SRV_PORT'} = ''; @@ -169,7 +205,6 @@ if ($fwhostsettings{'ACTION'} eq 'updateservice') $fwhostsettings{'updatesrv'}= 'on'; } if($needrules eq 'on'){ - $errormessage="reread!"; &rules; } &addservice; @@ -365,6 +400,10 @@ if ($fwhostsettings{'ACTION'} eq 'savehost') $errormessage=$Lang::tr{'fwhost err mac'}; } } + #check remark + if ($fwhostsettings{'HOSTREMARK'} ne '' && !&validremark($fwhostsettings{'HOSTREMARK'})){ + $errormessage=$Lang::tr{'fwhost err remark'}; + } #CHECK IP-PART if ($fwhostsettings{'type'} eq 'ip'){ #check for subnet @@ -391,7 +430,7 @@ if ($fwhostsettings{'ACTION'} eq 'savehost') if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newhost'} ne 'on' && $errormessage){ $fwhostsettings{'actualize'} = ''; my $key = &General::findhasharraykey (\%customhost); - foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";} + foreach my $i (0 .. 4) { $customhost{$key}[$i] = "";} $customhost{$key}[0] = $fwhostsettings{'orgname'} ; $customhost{$key}[1] = $fwhostsettings{'type'} ; if($customhost{$key}[1] eq 'ip'){ @@ -399,7 +438,8 @@ if ($fwhostsettings{'ACTION'} eq 'savehost') }else{ $customhost{$key}[2] = $fwhostsettings{'orgip'}; } - $customhost{$key}[3] = $fwhostsettings{'count'}; + $customhost{$key}[3] = $fwhostsettings{'HOSTREMARK'}; + $customhost{$key}[4] = $fwhostsettings{'count'}; &General::writehasharray("$confighost", \%customhost); undef %customhost; } @@ -445,7 +485,7 @@ if ($fwhostsettings{'ACTION'} eq 'savehost') } } my $key = &General::findhasharraykey (\%customhost); - foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";} + foreach my $i (0 .. 4) { $customhost{$key}[$i] = "";} $customhost{$key}[0] = $fwhostsettings{'HOSTNAME'} ; $customhost{$key}[1] = $fwhostsettings{'type'} ; if ($fwhostsettings{'type'} eq 'ip'){ @@ -457,13 +497,14 @@ if ($fwhostsettings{'ACTION'} eq 'savehost') $customhost{$key}[2] = $fwhostsettings{'IP'}; } if($fwhostsettings{'newhost'} eq 'on'){$count=0;} - $customhost{$key}[3] = $count; + $customhost{$key}[3] = $fwhostsettings{'HOSTREMARK'}; + $customhost{$key}[4] =$count; &General::writehasharray("$confighost", \%customhost); - #$fwhostsettings{'IP'} = $fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'}); undef %customhost; $fwhostsettings{'HOSTNAME'}=''; $fwhostsettings{'IP'}=''; $fwhostsettings{'type'}=''; + $fwhostsettings{'HOSTREMARK'}=''; #check if we need to update rules while host was edited if($needrules eq 'on'){ &rules; @@ -478,7 +519,7 @@ if ($fwhostsettings{'ACTION'} eq 'savehost') } if ($fwhostsettings{'ACTION'} eq 'savegrp') { - my $grp; + my $grp=$fwhostsettings{'grp_name'};; my $rem=$fwhostsettings{'remark'}; my $count; my $type; @@ -488,94 +529,102 @@ if ($fwhostsettings{'ACTION'} eq 'savegrp') &General::readhasharray("$configgrp", \%customgrp); &General::readhasharray("$confignet", \%customnetwork); &General::readhasharray("$confighost", \%customhost); - $grp=$fwhostsettings{'grp_name'}; - if (!&validhostname($grp)){$errormessage=$errormessage.$Lang::tr{'fwhost err name'};} - ###check standard networks - if ($fwhostsettings{'grp2'} eq 'std_net'){ - @target=$fwhostsettings{'DEFAULT_SRC_ADR'}; - $type='Standard Network'; - } - ##check custom networks - if ($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} ne ''){ - @target=$fwhostsettings{'CUST_SRC_NET'}; - $updcounter='net'; - $type='Custom Network'; - }elsif($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} eq ''){ - $errormessage=$Lang::tr{'fwhost err groupempty'}."
"; - $fwhostsettings{'grp_name'}=''; - $fwhostsettings{'remark'}=''; - } - #check custom addresses - if ($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} ne ''){ - @target=$fwhostsettings{'CUST_SRC_HOST'}; - $updcounter='host'; - $type='Custom Host'; - }elsif($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} eq ''){ - $errormessage=$Lang::tr{'fwhost err groupempty'}."
"; - $fwhostsettings{'grp_name'}=''; - $fwhostsettings{'remark'}=''; - } - #get address from ovpn ccd static net - if ($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} ne ''){ - @target=$fwhostsettings{'OVPN_CCD_NET'}; - $type='OpenVPN static network'; - }elsif($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} eq ''){ - $errormessage=$Lang::tr{'fwhost err groupempty'}; - $fwhostsettings{'grp_name'}=''; - $fwhostsettings{'remark'}=''; - } - #get address from ovpn ccd static host - if ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} ne ''){ - @target=$fwhostsettings{'OVPN_CCD_HOST'}; - $type='OpenVPN static host'; - }elsif ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} eq ''){ - $errormessage=$Lang::tr{'fwhost err groupempty'}; - } - #get address from ovpn ccd Net-2-Net - if ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} ne ''){ - @target=$fwhostsettings{'OVPN_N2N'}; - $type='OpenVPN N-2-N'; - }elsif ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} eq ''){ - $errormessage=$Lang::tr{'fwhost err groupempty'}; - $fwhostsettings{'grp_name'}=''; - $fwhostsettings{'remark'}=''; - } - #get address from IPSEC HOST - if ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} ne ''){ - @target=$fwhostsettings{'IPSEC_HOST'}; - $type='IpSec Host'; - }elsif ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} eq ''){ - $errormessage=$Lang::tr{'fwhost err groupempty'}; - $fwhostsettings{'grp_name'}=''; - $fwhostsettings{'remark'}=''; - } - #get address from IPSEC NETWORK - if ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} ne ''){ - @target=$fwhostsettings{'IPSEC_NET'}; - $type='IpSec Network'; - }elsif ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} eq ''){ - $errormessage=$Lang::tr{'fwhost err groupempty'}; - $fwhostsettings{'grp_name'}=''; - $fwhostsettings{'remark'}=''; - } - #check if host/net exists in grp - my $test="$grp,$fwhostsettings{'oldremark'},@target"; - foreach my $key (keys %customgrp) { - my $test1="$customgrp{$key}[0],$customgrp{$key}[1],$customgrp{$key}[2]"; - if ($test1 eq $test){ - $errormessage=$Lang::tr{'fwhost err isingrp'}; - $fwhostsettings{'update'} = 'on'; + #check name + if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};} + #check remark + if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){ + $errormessage.=$Lang::tr{'fwhost err remark'}; + } + if ($fwhostsettings{'update'} eq 'on'){ + #check standard networks + if ($fwhostsettings{'grp2'} eq 'std_net'){ + @target=$fwhostsettings{'DEFAULT_SRC_ADR'}; + $type='Standard Network'; + } + #check custom networks + if ($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} ne ''){ + @target=$fwhostsettings{'CUST_SRC_NET'}; + $updcounter='net'; + $type='Custom Network'; + }elsif($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} eq ''){ + $errormessage=$Lang::tr{'fwhost err groupempty'}."
"; + $fwhostsettings{'grp_name'}=''; + $fwhostsettings{'remark'}=''; + } + #check custom addresses + if ($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} ne ''){ + @target=$fwhostsettings{'CUST_SRC_HOST'}; + $updcounter='host'; + $type='Custom Host'; + }elsif($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} eq ''){ + $errormessage=$Lang::tr{'fwhost err groupempty'}."
"; + $fwhostsettings{'grp_name'}=''; + $fwhostsettings{'remark'}=''; + } + #get address from ovpn ccd static net + if ($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} ne ''){ + @target=$fwhostsettings{'OVPN_CCD_NET'}; + $type='OpenVPN static network'; + }elsif($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} eq ''){ + $errormessage=$Lang::tr{'fwhost err groupempty'}; + $fwhostsettings{'grp_name'}=''; + $fwhostsettings{'remark'}=''; + } + #get address from ovpn ccd static host + if ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} ne ''){ + @target=$fwhostsettings{'OVPN_CCD_HOST'}; + $type='OpenVPN static host'; + }elsif ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} eq ''){ + $errormessage=$Lang::tr{'fwhost err groupempty'}; + } + #get address from ovpn ccd Net-2-Net + if ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} ne ''){ + @target=$fwhostsettings{'OVPN_N2N'}; + $type='OpenVPN N-2-N'; + }elsif ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} eq ''){ + $errormessage=$Lang::tr{'fwhost err groupempty'}; + $fwhostsettings{'grp_name'}=''; + $fwhostsettings{'remark'}=''; + } + #get address from IPSEC HOST + if ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} ne ''){ + @target=$fwhostsettings{'IPSEC_HOST'}; + $type='IpSec Host'; + }elsif ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} eq ''){ + $errormessage=$Lang::tr{'fwhost err groupempty'}; + $fwhostsettings{'grp_name'}=''; + $fwhostsettings{'remark'}=''; + } + #get address from IPSEC NETWORK + if ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} ne ''){ + @target=$fwhostsettings{'IPSEC_NET'}; + $type='IpSec Network'; + }elsif ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} eq ''){ + $errormessage=$Lang::tr{'fwhost err groupempty'}; + $fwhostsettings{'grp_name'}=''; + $fwhostsettings{'remark'}=''; + } + #check if host/net exists in grp + + my $test="$grp,$fwhostsettings{'oldremark'},@target"; + foreach my $key (keys %customgrp) { + my $test1="$customgrp{$key}[0],$customgrp{$key}[1],$customgrp{$key}[2]"; + if ($test1 eq $test){ + $errormessage=$Lang::tr{'fwhost err isingrp'}; + $fwhostsettings{'update'} = 'on'; + } } } + if (!$errormessage){ #on first save, we have an empty @target, so fill it with nothing my $targetvalues=@target; if ($targetvalues == '0'){ - @target=$Lang::tr{'fwhost empty'}; + @target="none"; } #on update, we have to delete the dummy entry foreach my $key (keys %customgrp){ - if ($customgrp{$key}[0] eq $grp && $customgrp{$key}[2] eq $Lang::tr{'fwhost empty'}){ + if ($customgrp{$key}[0] eq $grp && $customgrp{$key}[2] eq "none"){ delete $customgrp{$key}; last; } @@ -621,27 +670,13 @@ if ($fwhostsettings{'ACTION'} eq 'savegrp') }elsif($updcounter eq 'host'){ foreach my $key (keys %customhost) { if ($customhost{$key}[0] eq $fwhostsettings{'CUST_SRC_HOST'}){ - $customhost{$key}[3]=$customhost{$key}[3]+1; + $customhost{$key}[4]=$customhost{$key}[3]+1; } } &General::writehasharray("$confighost", \%customhost); } $fwhostsettings{'update'}='on'; } - if ($fwhostsettings{'remark'} ne $fwhostsettings{'oldremark'} ) - { - foreach my $key (sort keys %customgrp) - { - if($customgrp{$key}[0] eq $grp && $customgrp{$key}[1] eq $fwhostsettings{'oldremark'}) - { - $customgrp{$key}[1]=''; - $customgrp{$key}[1]=$rem; - } - } - &General::writehasharray("$configgrp", \%customgrp); - $errormessage=''; - $fwhostsettings{'update'}='on'; - } #check if ruleupdate is needed if($count > 0 ) { @@ -691,10 +726,12 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp') $errormessage=&checkservicegroup; if (!$errormessage){ #on first save, we have to enter a dummy value - if ($fwhostsettings{'CUST_SRV'} eq ''){$fwhostsettings{'CUST_SRV'}=$Lang::tr{'fwhost empty'};} + if ($fwhostsettings{'CUST_SRV'} eq ''){ + $fwhostsettings{'CUST_SRV'}='none'; + } #on update, we have to delete the dummy entry foreach my $key (keys %customservicegrp){ - if ($customservicegrp{$key}[2] eq $Lang::tr{'fwhost empty'}){ + if ($customservicegrp{$key}[2] eq 'none'){ delete $customservicegrp{$key}; last; } @@ -717,7 +754,7 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp') { if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}) { - $count=$customservicegrp{$key}[5]; + $count=$customservicegrp{$key}[3]; last; } } @@ -740,20 +777,6 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp') &General::writehasharray("$configsrvgrp", \%customservicegrp ); $fwhostsettings{'updatesrvgrp'}='on'; } - if ($fwhostsettings{'SRVGRP_REMARK'} ne $fwhostsettings{'oldsrvgrpremark'} && $errormessage){ - foreach my $key (keys %customservicegrp) - { - if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvgrpremark'}) - { - $customservicegrp{$key}[1]=''; - $customservicegrp{$key}[1]=$fwhostsettings{'SRVGRP_REMARK'}; - } - } - &General::writehasharray("$configsrvgrp", \%customservicegrp); - $errormessage=''; - $hint=$Lang::tr{'fwhost changeremark'}; - $fwhostsettings{'update'}='on'; - } if ($count gt 0){ &rules; } @@ -832,6 +855,8 @@ if ($fwhostsettings{'ACTION'} eq 'delhost') } if ($fwhostsettings{'ACTION'} eq 'deletegrphost') { + my $grpremark; + my $grpname; &General::readhasharray("$configgrp", \%customgrp); foreach my $key (keys %customgrp){ if($customgrp{$key}[0].",".$customgrp{$key}[1].",".$customgrp{$key}[2].",".$customgrp{$key}[3] eq $fwhostsettings{'delhost'}){ @@ -850,17 +875,23 @@ if ($fwhostsettings{'ACTION'} eq 'deletegrphost') &General::readhasharray("$confighost", \%customhost); foreach my $key1 (keys %customhost){ if ($customhost{$key1}[0] eq $customgrp{$key}[2]){ - $customhost{$key1}[3] = $customhost{$key1}[3]-1; + $customhost{$key1}[4] = $customhost{$key1}[4]-1; last; } } &General::writehasharray("$confighost", \%customhost); } + $grpname=$customgrp{$key}[0]; + $grpremark=$customgrp{$key}[1]; delete $customgrp{$key}; } } &General::writehasharray("$configgrp", \%customgrp); - &rules; + if ($fwhostsettings{'grpcnt'} > 0){&rules;} + if ($fwhostsettings{'update'} eq 'on'){ + $fwhostsettings{'remark'}= $grpremark; + $fwhostsettings{'grp_name'}=$grpname; + } &addgrp; &viewtablegrp; } @@ -914,6 +945,8 @@ if ($fwhostsettings{'ACTION'} eq 'delservicegrp') } if ($fwhostsettings{'ACTION'} eq 'delgrpservice') { + my $grpname; + my $grpremark; &General::readhasharray("$configsrvgrp", \%customservicegrp); &General::readhasharray("$configsrv", \%customservice); foreach my $key (keys %customservicegrp){ @@ -927,11 +960,18 @@ if ($fwhostsettings{'ACTION'} eq 'delgrpservice') } } &General::writehasharray("$configsrv", \%customservice); - delete $customservicegrp{$key} + $grpname=$customservicegrp{$key}[0]; + $grpremark=$customservicegrp{$key}[1]; + delete $customservicegrp{$key}; } } &General::writehasharray("$configsrvgrp", \%customservicegrp); &rules; + if ($fwhostsettings{'updatesrvgrp'} eq 'on'){ + #$fwhostsettings{'updatesrvgrp'}='on'; + $fwhostsettings{'SRVGRP_NAME'}=$grpname; + $fwhostsettings{'SRVGRP_REMARK'}=$grpremark; + } &addservicegrp; &viewtableservicegrp; @@ -960,6 +1000,62 @@ if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservicegrp'}) &addservicegrp; &viewtableservicegrp; } +if ($fwhostsettings{'ACTION'} eq 'changegrpremark') +{ + &General::readhasharray("$configgrp", \%customgrp); + if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){ + foreach my $key (sort keys %customgrp) + { + #$customgrp{$key}[1]=~ s/\|/,/g; + if($customgrp{$key}[0] eq $fwhostsettings{'grp'} && $customgrp{$key}[1] eq $fwhostsettings{'oldrem'}) + { + #$fwhostsettings{'newrem'}=~ s/,/\|/g; + $customgrp{$key}[1]=''; + $customgrp{$key}[1]=$fwhostsettings{'newrem'}; + } + } + &General::writehasharray("$configgrp", \%customgrp); + $fwhostsettings{'update'}='on'; + #$fwhostsettings{'newrem'}=~ s/\|/,/g; + $fwhostsettings{'remark'}=$fwhostsettings{'newrem'}; + }else{ + $errormessage=$Lang::tr{'fwhost err remark'}; + $fwhostsettings{'remark'}=$fwhostsettings{'oldrem'}; + $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'}; + $fwhostsettings{'update'} = 'on'; + } + $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'}; + &addgrp; + &viewtablegrp; +} +if ($fwhostsettings{'ACTION'} eq 'changesrvgrpremark') +{ + &General::readhasharray("$configsrvgrp", \%customservicegrp ); + if ($fwhostsettings{'oldsrvrem'} ne $fwhostsettings{'newsrvrem'} && (&validremark($fwhostsettings{'newsrvrem'}) || $fwhostsettings{'newsrvrem'} eq '')){ + foreach my $key (sort keys %customservicegrp) + { + #$customservicegrp{$key}[1]=~ s/\|/,/g; + if($customservicegrp{$key}[0] eq $fwhostsettings{'srvgrp'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvrem'}) + { + #$fwhostsettings{'newsrvrem'}=~ s/,/|/g; + $customservicegrp{$key}[1]=''; + $customservicegrp{$key}[1]=$fwhostsettings{'newsrvrem'}; + } + } + &General::writehasharray("$configsrvgrp", \%customservicegrp); + $fwhostsettings{'updatesrvgrp'}='on'; + #$fwhostsettings{'newsrvrem'}=~ s/\|/,/g; + $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'newsrvrem'}; + }else{ + $errormessage=$Lang::tr{'fwhost err remark'}; + $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'oldsrvrem'}; + $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'}; + $fwhostsettings{'updatesrvgrp'} = 'on'; + } + $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'}; + &addservicegrp; + &viewtableservicegrp; +} ### VIEW ### if($fwhostsettings{'ACTION'} eq '') { @@ -974,9 +1070,15 @@ sub showmenu -
+
END + + if (-f "${General::swroot}/fwhosts/reread"){ + print "$Lang::tr{'fwhost reread'}"; + } + print""; + &Header::closebox(); } @@ -1015,6 +1117,7 @@ END if ($fwhostsettings{'type'} eq 'mac'){print "";}else{print "";} print<IP/MAC: + $Lang::tr{'remark'}:

$Lang::tr{'fwhost attention'}
$Lang::tr{'fwhost macwarn'}
END @@ -1041,7 +1144,8 @@ sub addgrp $checked{'check1'}{'on'} = ''; $checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED'; $fwhostsettings{'oldremark'}=$fwhostsettings{'remark'}; - + my $grp=$fwhostsettings{'grp_name'}; + my $rem=$fwhostsettings{'remark'}; if ($fwhostsettings{'update'} eq ''){ print<
@@ -1050,18 +1154,14 @@ sub addgrp END }else{ print< - $Lang::tr{'fwhost addgrpname'}$Lang::tr{'remark'}: -
+ +
$Lang::tr{'fwhost addgrpname'}$Lang::tr{'remark'}:
+
END - } if ($fwhostsettings{'update'} eq 'on'){ - - print<$Lang::tr{'fwhost stdnet'} # - print<

- $Lang::tr{'fwhost attention'}:
- $Lang::tr{'fwhost macwarn'}
-END + print"

$Lang::tr{'fwhost attention'}:
$Lang::tr{'fwhost macwarn'}
"; } - print< - -
$Lang::tr{'fwhost stdnet'}$Lang::tr{'fwhost ccdnet'}
$Lang::tr{'fwhost cust net'}$Lang::tr{'fwhost ccdhost'}
$Lang::tr{'fwhost cust addr'}
-END - + print""; + print"
"; &Header::closebox(); } sub addservice @@ -1224,7 +1312,6 @@ sub addservicegrp &showmenu; &Header::openbox('100%', 'left', $Lang::tr{'fwhost newservicegrp'}); $fwhostsettings{'oldsrvgrpremark'}=$fwhostsettings{'SRVGRP_REMARK'}; - if ($fwhostsettings{'updatesrvgrp'} eq ''){ print<
@@ -1234,19 +1321,19 @@ sub addservicegrp END }else{ print< - $Lang::tr{'fwhost addgrpname'}$Lang::tr{'remark'}: -
- + + + +
$Lang::tr{'fwhost addgrpname'}$Lang::tr{'remark'}:
END } if($fwhostsettings{'updatesrvgrp'} eq 'on'){ print< +
$Lang::tr{'fwhost cust service'}
END - &Header::closebox(); } # View @@ -1324,7 +1410,7 @@ sub viewtablehost }else{ print< - $Lang::tr{'name'}$Lang::tr{'fwhost ip_mac'}$Lang::tr{'used'} + $Lang::tr{'name'}$Lang::tr{'fwhost ip_mac'}$Lang::tr{'remark'}$Lang::tr{'used'} END } my $count=0; @@ -1334,16 +1420,18 @@ END }elsif ($count % 2){ print" ";} else{ print" ";} my ($ip,$sub)=split(/\//,$customhost{$key}[2]); + $customhost{$key}[4]=~s/\s+//g; print<
$customhost{$key}[0]$customhost{$key}[2]$customhost{$key}[3]x + $customhost{$key}[0]$ip$customhost{$key}[3]$customhost{$key}[4]x +
END - if($customhost{$key}[3] == '0') + if($customhost{$key}[4] == '0') { print"
"; }else{ @@ -1367,20 +1455,32 @@ sub viewtablegrp &General::readhasharray("$confignet", \%customnetwork); my @grp=(); my $helper=''; - my $count=0; + my $count=1; my $grpname; my $remark; - my $number=keys %customgrp; + my $number; + my $delflag; if (!keys %customgrp) { print "
$Lang::tr{'fwhost empty'}"; }else{ foreach my $key (sort { uc($customgrp{$a}[0]) cmp uc($customgrp{$b}[0]) } sort { uc($customgrp{$a}[2]) cmp uc($customgrp{$b}[2]) } keys %customgrp){ - $count++; if ($helper ne $customgrp{$key}[0]){ + $delflag='0'; + foreach my $key1 (sort { uc($customgrp{$a}[0]) cmp uc($customgrp{$b}[0]) } sort { uc($customgrp{$a}[2]) cmp uc($customgrp{$b}[2]) } keys %customgrp){ + if ($customgrp{$key}[0] eq $customgrp{$key1}[0]) + { + $delflag++; + } + if($delflag > 1){ + last; + } + } + $number=1; + if ($customgrp{$key}[2] eq "none"){$customgrp{$key}[2]=$Lang::tr{'fwhost empty'};} $grpname=$customgrp{$key}[0]; - $remark=$customgrp{$key}[1]; + $remark="$customgrp{$key}[1]"; if($count >=2){print"";} print "
$grpname    "; print " $Lang::tr{'remark'}:  $remark   " if ($remark ne ''); @@ -1392,13 +1492,16 @@ sub viewtablegrp print"
"; print""; } + if ( ($fwhostsettings{'ACTION'} eq 'editgrp' || $fwhostsettings{'update'} ne '') && $fwhostsettings{'grp_name'} eq $customgrp{$key}[0]) { print" "; - }elsif ($count %2 == 0){print"";}else{print"";} + }elsif ($count %2 == 0){ + print""; + }else{ + print""; + } my $ip=&getipforgroup($customgrp{$key}[2],$customgrp{$key}[3]); if ($ip eq ''){print"";} - - print ""; @@ -1410,12 +1513,13 @@ sub viewtablegrp }else{ print""; + print""; $helper=$customgrp{$key}[0]; + $number++; } print"
Name$Lang::tr{'ip address'}$Lang::tr{'fwhost type'}
"; if($customgrp{$key}[3] eq 'Standard Network'){ print &get_name($customgrp{$key}[2])."$ip$customgrp{$key}[3]
"; } - if ($number gt '1' && $ip ne ''){ + if ($delflag > '1' && $ip ne ''){ print""; } - print"
"; @@ -1472,6 +1576,7 @@ sub viewtableservicegrp my $helper; my $port; my $protocol; + my $delflag; if (! -z $configsrvgrp){ &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust srvgrp'}); &General::readhasharray("$configsrvgrp", \%customservicegrp); @@ -1480,8 +1585,23 @@ sub viewtableservicegrp foreach my $key (sort { uc($customservicegrp{$a}[0]) cmp uc($customservicegrp{$b}[0])|| $a <=> $b } keys %customservicegrp){ $count++; if ($helper ne $customservicegrp{$key}[0]){ + $delflag=0; + foreach my $key1 (sort { uc($customservicegrp{$a}[0]) cmp uc($customservicegrp{$b}[0]) } sort { uc($customservicegrp{$a}[2]) cmp uc($customservicegrp{$b}[2]) } keys %customservicegrp){ + if ($customservicegrp{$key}[0] eq $customservicegrp{$key1}[0]) + { + $delflag++; + } + if($delflag > 1){ + last; + } + } $grpname=$customservicegrp{$key}[0]; - $remark=$customservicegrp{$key}[1]; + if ($customservicegrp{$key}[2] eq "none"){ + $customservicegrp{$key}[2]=$Lang::tr{'fwhost empty'}; + $port=''; + $protocol=''; + } + $remark="$customservicegrp{$key}[1]"; if($count >=2){print"";} print "
$grpname     "; print "$Lang::tr{'remark'}:  $remark " if ($remark ne ''); @@ -1495,8 +1615,7 @@ sub viewtableservicegrp } if( $fwhostsettings{'SRVGRP_NAME'} eq $customservicegrp{$key}[0]) { print" "; - } - if ($count %2 == 0){ + }elsif ($count %2 == 0){ print""; }else{ print""; @@ -1513,7 +1632,7 @@ sub viewtableservicegrp if ($number gt '1'){ print""; } - print""; + print""; $helper=$customservicegrp{$key}[0]; } print""; @@ -1568,17 +1687,11 @@ sub checkservicegroup $errormessage.=$Lang::tr{'fwhost err name'}."
"; return $errormessage; } - #check remark - if ( ($fwhostsettings{'SRVGRP_REMARK'} ne '') && (! &validhostname($fwhostsettings{'SRVGRP_REMARK'}))) - { - $errormessage.=$Lang::tr{'fwhost err remark'}."
"; - } #check empty selectbox if (keys %customservice lt 1) { $errormessage.=$Lang::tr{'fwhost err groupempty'}."
"; } - #check if name already exists if ($fwhostsettings{'updatesrvgrp'} ne 'on'){ foreach my $key (keys %customservicegrp) { @@ -1590,14 +1703,10 @@ sub checkservicegroup } #check if service already exists in group foreach my $key (keys %customservicegrp) { - if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[2] eq $fwhostsettings{'CUST_SRV'} ){ - $errormessage.=$Lang::tr{'fwhost err srvexist'}."
"; - - } + if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[2] eq $fwhostsettings{'CUST_SRV'} ){ + $errormessage.=$Lang::tr{'fwhost err srvexist'}."
"; } - - - + } return $errormessage; } sub error @@ -1646,10 +1755,9 @@ sub deletefromgrp } sub plausicheck { - my $edit=shift; #check hostname - if (!&General::validhostname($fwhostsettings{'HOSTNAME'})) + if (!&validhostname($fwhostsettings{'HOSTNAME'})) { $errormessage=$errormessage.$Lang::tr{'fwhost err name'}; $fwhostsettings{'BLK_IP'}='readonly'; @@ -1657,7 +1765,6 @@ sub plausicheck if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;} } #check if name collides with CCD Netname - &General::readhasharray("$configccdnet", \%ccdnet); foreach my $key (keys %ccdnet) { if($ccdnet{$key}[0] eq $fwhostsettings{'HOSTNAME'}){ @@ -1667,7 +1774,6 @@ sub plausicheck last; } } - #check if IP collides with CCD NetIP if ($fwhostsettings{'type'} ne 'mac'){ &General::readhasharray("$configccdnet", \%ccdnet); @@ -1682,9 +1788,6 @@ sub plausicheck } } } - - - #check if name collides with CCD Hostname &General::readhasharray("$configccdhost", \%ccdhost); foreach my $key (keys %ccdhost) { @@ -1725,7 +1828,7 @@ sub plausicheck &General::readhasharray("$confighost", \%customhost); if (!&checkname(\%customhost)) { - $errormessage=$errormessage."
".$Lang::tr{'fwhost err hostexist'}; + $errormessage.="
".$Lang::tr{'fwhost err hostexist'}; $fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'}; if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;} } @@ -1733,10 +1836,7 @@ sub plausicheck if (!&checkip(\%customhost,2)) { $errormessage=$errormessage."
".$Lang::tr{'fwhost err ipcheck'}; - } - - return; } sub getipforgroup @@ -1851,9 +1951,20 @@ sub getipforgroup } } sub rules +{ + if (!-f "${General::swroot}/fwhosts/reread"){ + system("touch ${General::swroot}/fwhosts/reread"); + system("touch ${General::swroot}/forward/reread"); + } +} +sub reread_rules { system ("/usr/local/bin/forwardfwctrl"); - system("rm ${General::swroot}/forward/reread"); + if ( -f "${General::swroot}/fwhosts/reread"){ + system("rm ${General::swroot}/fwhosts/reread"); + system("rm ${General::swroot}/forward/reread"); + } + } sub decrease { @@ -1950,7 +2061,7 @@ sub validhostname if (length ($hostname) < 1 || length ($hostname) > 63) { return 0;} # Only valid characters are a-z, A-Z, 0-9 and - - if ($hostname !~ /^[a-zA-ZäöüÖÄÜ0-9-_()\/\s]*$/) { + if ($hostname !~ /^[a-zA-ZäöüÖÄÜ0-9-_.;()\/\s]*$/) { return 0;} # First character can only be a letter or a digit if (substr ($hostname, 0, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/) { @@ -1960,6 +2071,24 @@ sub validhostname return 0;} return 1; } - +sub validremark +{ + # Checks a hostname against RFC1035 + my $remark = $_[0]; + # Each part should be at least two characters in length + # but no more than 63 characters + if (length ($remark) < 1 || length ($remark) > 255) { + return 0;} + # Only valid characters are a-z, A-Z, 0-9 and - + if ($remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:;\|_()\/\s]*$/) { + return 0;} + # First character can only be a letter or a digit + if (substr ($remark, 0, 1) !~ /^[a-zäöüA-ZÖÄÜ0-9]*$/) { + return 0;} + # Last character can only be a letter or a digit + if (substr ($remark, -1, 1) !~ /^[a-zöäüA-ZÖÄÜ0-9.:;_)]*$/) { + return 0;} + return 1; +} &Header::closebigbox(); &Header::closepage();