X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Ffwhosts.cgi;h=91ed3228bae001fa7a33fed46b751aea29f3cb45;hp=a46777a584ba7b207a96751c0f6afca5cfff5bfb;hb=d526a95bf105e787d8432af4bf9d4ba1f165d781;hpb=fb70d3d54035db1c7427f8d42570980199455190
diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi
index a46777a58..91ed3228b 100755
--- a/html/cgi-bin/fwhosts.cgi
+++ b/html/cgi-bin/fwhosts.cgi
@@ -80,6 +80,11 @@ unless (-e $configsrvgrp) { system("touch $configsrvgrp"); }
&Header::openbigbox('100%', 'center');
## ACTION ####
+if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwdfw reread'})
+{
+ &reread_rules;
+ &showmenu;
+}
# Update
if ($fwhostsettings{'ACTION'} eq 'updatenet' )
{
@@ -91,7 +96,8 @@ if ($fwhostsettings{'ACTION'} eq 'updatenet' )
$fwhostsettings{'orgname'} = $customnetwork{$key}[0];
$fwhostsettings{'orgip'} = $customnetwork{$key}[1];
$fwhostsettings{'orgsub'} = $customnetwork{$key}[2];
- $fwhostsettings{'count'} = $customnetwork{$key}[3];
+ $fwhostsettings{'netremark'} = $customnetwork{$key}[3];
+ $fwhostsettings{'count'} = $customnetwork{$key}[4];
delete $customnetwork{$key};
}
@@ -108,30 +114,29 @@ if ($fwhostsettings{'ACTION'} eq 'updatehost')
{
if($customhost{$key}[0] eq $fwhostsettings{'orgname'})
{
- $fwhostsettings{'orgname'} = $customhost{$key}[0];
if ($customhost{$key}[1] eq 'ip'){
($ip,$subnet) = split (/\//,$customhost{$key}[2]);
}else{
$ip = $customhost{$key}[2];
}
$fwhostsettings{'orgip'} = $ip;
- $fwhostsettings{'count'} = $customhost{$key}[3];
+ $fwhostsettings{'count'} = $customhost{$key}[4];
delete $customhost{$key};
+ &General::writehasharray("$confighost", \%customhost);
}
}
- &General::writehasharray("$confighost", \%customhost);
-
-
-
$fwhostsettings{'actualize'} = 'on';
+ if($fwhostsettings{'orgip'}){
$fwhostsettings{'ACTION'} = 'savehost';
+ }else{
+ $fwhostsettings{'ACTION'} = $Lang::tr{'fwhost newhost'};
+ }
}
if ($fwhostsettings{'ACTION'} eq 'updateservice')
{
my $count=0;
my $needrules=0;
$errormessage=&checkports(\%customservice);
-
if (!$errormessage){
&General::readhasharray("$configsrv", \%customservice);
foreach my $key (keys %customservice)
@@ -155,30 +160,54 @@ if ($fwhostsettings{'ACTION'} eq 'updateservice')
$customservice{$key1}[3] = $fwhostsettings{'ICMP_TYPES'};
$customservice{$key1}[4] = $count;
&General::writehasharray("$configsrv", \%customservice);
- if($fwhostsettings{'updatesrv'} eq 'on'){
- if($count gt 0 && $fwhostsettings{'oldsrvport'} ne $fwhostsettings{'SRV_PORT'} ){
- $needrules='on';
+ #check if we need to update firewallrules
+ if ($fwhostsettings{'SRV_NAME'} ne $fwhostsettings{'oldsrvname'}){
+ if ( ! -z $fwconfigfwd ){
+ &General::readhasharray("$fwconfigfwd", \%fwfwd);
+ foreach my $key (sort keys %fwfwd){
+ if ($fwfwd{$key}[15] eq $fwhostsettings{'oldsrvname'}){
+ $fwfwd{$key}[15] = $fwhostsettings{'SRV_NAME'};
+ }
+ }
+ &General::writehasharray("$fwconfigfwd", \%fwfwd);
+ }
+ if ( ! -z $fwconfiginp ){
+ &General::readhasharray("$fwconfiginp", \%fwinp);
+ foreach my $line (sort keys %fwinp){
+ if ($fwfwd{$line}[15] eq $fwhostsettings{'oldsrvname'}){
+ $fwfwd{$line}[15] = $fwhostsettings{'SRV_NAME'};
+ }
+ }
+ &General::writehasharray("$fwconfiginp", \%fwinp);
}
- if($count gt 0 && $fwhostsettings{'oldsrvprot'} ne $fwhostsettings{'PROT'} ){
- $needrules='on';
+ #check if we need to update groups
+ &General::readhasharray("$configsrvgrp", \%customservicegrp);
+ foreach my $key (sort keys %customservicegrp){
+ if($customservicegrp{$key}[2] eq $fwhostsettings{'oldsrvname'}){
+ $customservicegrp{$key}[2] = $fwhostsettings{'SRV_NAME'};
+ }
}
+ &General::writehasharray("$configsrvgrp", \%customservicegrp);
+ $needrules='on';
+ }
+ if($count gt 0 && $fwhostsettings{'oldsrvport'} ne $fwhostsettings{'SRV_PORT'} ){
+ $needrules='on';
+ }
+ if($count gt 0 && $fwhostsettings{'oldsrvprot'} ne $fwhostsettings{'PROT'} ){
+ $needrules='on';
}
$fwhostsettings{'SRV_NAME'} = '';
$fwhostsettings{'SRV_PORT'} = '';
$fwhostsettings{'PROT'} = '';
-
}else{
$fwhostsettings{'SRV_NAME'} = $fwhostsettings{'oldsrvname'};
$fwhostsettings{'SRV_PORT'} = $fwhostsettings{'oldsrvport'};
$fwhostsettings{'PROT'} = $fwhostsettings{'oldsrvprot'};
$fwhostsettings{'updatesrv'}= 'on';
}
-
if($needrules eq 'on'){
- $errormessage="reread!";
&rules;
}
-
&addservice;
}
# save
@@ -187,7 +216,6 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
my $count=0;
my $needrules=0;
if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
-
#check if all fields are set
if ($fwhostsettings{'HOSTNAME'} eq '' || $fwhostsettings{'IP'} eq '' || $fwhostsettings{'SUBNET'} eq '')
{
@@ -203,11 +231,15 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
$fwhostsettings{'NOCHECK'} ='false';
$fwhostsettings{'error'} ='on';
}
+ #check remark
+ if ($fwhostsettings{'NETREMARK'} ne '' && !&validremark($fwhostsettings{'NETREMARK'})){
+ $errormessage=$Lang::tr{'fwhost err remark'};
+ $fwhostsettings{'error'} ='on';
+ }
#check if subnet is sigle host
if(&General::iporsubtocidr($fwhostsettings{'SUBNET'}) eq '32')
{
$errormessage=$errormessage.$Lang::tr{'fwhost err sub32'};
-
}
if($fwhostsettings{'error'} ne 'on'){
#check if we use one of ipfire's networks (green,orange,blue)
@@ -240,14 +272,12 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
if (!$errormessage){
&plausicheck("editnet");
}
-
#check if network ip is part of an already used one
if(&checksubnet(\%customnetwork))
{
$errormessage=$errormessage.$Lang::tr{'fwhost err partofnet'};
$fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
}
-
if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newnet'} ne 'on' && $errormessage)
{
$fwhostsettings{'actualize'} = '';
@@ -256,18 +286,19 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
$customnetwork{$key}[0] = $fwhostsettings{'orgname'} ;
$customnetwork{$key}[1] = $fwhostsettings{'orgip'} ;
$customnetwork{$key}[2] = $fwhostsettings{'orgsub'};
- $customnetwork{$key}[3] = $fwhostsettings{'count'};
+ $customnetwork{$key}[3] = $fwhostsettings{'orgnetremark'};
+ $customnetwork{$key}[4] = $fwhostsettings{'count'};
&General::writehasharray("$confignet", \%customnetwork);
undef %customnetwork;
}
-
if (!$errormessage){
+
&General::readhasharray("$confignet", \%customnetwork);
if ($fwhostsettings{'ACTION'} eq 'updatenet'){
if ($fwhostsettings{'update'} == '0'){
foreach my $key (keys %customnetwork) {
if($customnetwork{$key}[0] eq $fwhostsettings{'orgname'}){
- $count=$customnetwork{$key}[3];
+ $count=$customnetwork{$key}[4];
delete $customnetwork{$key};
last;
}
@@ -317,22 +348,24 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
}
}
my $key = &General::findhasharraykey (\%customnetwork);
- foreach my $i (0 .. 3) { $customnetwork{$key}[$i] = "";}
+ foreach my $i (0 .. 4) { $customnetwork{$key}[$i] = "";}
$fwhostsettings{'SUBNET'} = &General::iporsubtocidr($fwhostsettings{'SUBNET'});
$customnetwork{$key}[0] = $fwhostsettings{'HOSTNAME'};
#convert ip when leading '0' in byte
- $fwhostsettings{'IP'}=&General::ip2dec($fwhostsettings{'IP'});
- $fwhostsettings{'IP'}=&General::dec2ip($fwhostsettings{'IP'});
+ $fwhostsettings{'IP'} =&General::ip2dec($fwhostsettings{'IP'});
+ $fwhostsettings{'IP'} =&General::dec2ip($fwhostsettings{'IP'});
$customnetwork{$key}[1] = &General::getnetworkip($fwhostsettings{'IP'},$fwhostsettings{'SUBNET'}) ;
$customnetwork{$key}[2] = &General::iporsubtodec($fwhostsettings{'SUBNET'}) ;
if($fwhostsettings{'newnet'} eq 'on'){$count=0;}
- $customnetwork{$key}[3] = $count;
+ $customnetwork{$key}[3] = $fwhostsettings{'NETREMARK'};
+ $customnetwork{$key}[4] = $count;
&General::writehasharray("$confignet", \%customnetwork);
$fwhostsettings{'IP'}=$fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
undef %customnetwork;
$fwhostsettings{'HOSTNAME'}='';
$fwhostsettings{'IP'}='';
$fwhostsettings{'SUBNET'}='';
+ $fwhostsettings{'NETREMARK'}='';
#check if an edited net affected groups and need to reload rules
if ($needrules eq 'on'){
&rules;
@@ -345,43 +378,30 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
&viewtablenet;
}
}
-
}
if ($fwhostsettings{'ACTION'} eq 'savehost')
{
my $count=0;
my $needrules=0;
if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
-
$fwhostsettings{'SUBNET'}='32';
-
#check if all fields are set
if ($fwhostsettings{'HOSTNAME'} eq '' || $fwhostsettings{'IP'} eq '' || $fwhostsettings{'SUBNET'} eq '')
{
$errormessage=$errormessage.$Lang::tr{'fwhost err empty'};
$fwhostsettings{'ACTION'} = 'edithost';
}else{
-
- if($fwhostsettings{'type'} eq 'ip' && $fwhostsettings{'IP'}=~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/){
- $fwhostsettings{'type'} = 'mac';
- }elsif($fwhostsettings{'type'} eq 'mac' && $fwhostsettings{'IP'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
- $fwhostsettings{'type'} = 'ip';
- }elsif($fwhostsettings{'type'} eq 'mac' && $fwhostsettings{'IP'}=~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/){
+ if($fwhostsettings{'IP'}=~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/){
$fwhostsettings{'type'} = 'mac';
- }elsif($fwhostsettings{'type'} eq 'ip' && $fwhostsettings{'IP'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
+ }elsif($fwhostsettings{'IP'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
$fwhostsettings{'type'} = 'ip';
}else{
$fwhostsettings{'type'} = '';
$errormessage=$Lang::tr{'fwhost err ipmac'};
}
-
- if($fwhostsettings{'type'} eq 'mac' )
- {
- if ($fwhostsettings{'IP'}!~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/ )
- {
- $errormessage=$Lang::tr{'fwhost err mac'};
-
- }
+ #check remark
+ if ($fwhostsettings{'HOSTREMARK'} ne '' && !&validremark($fwhostsettings{'HOSTREMARK'})){
+ $errormessage=$Lang::tr{'fwhost err remark'};
}
#CHECK IP-PART
if ($fwhostsettings{'type'} eq 'ip'){
@@ -392,7 +412,6 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
$errormessage.=$errormessage.$Lang::tr{'fwhost err ip'};
$fwhostsettings{'error'}='on';
}
-
}elsif(rindex($fwhostsettings{'IP'},'/') ne '-1' ){
$errormessage=$errormessage.$Lang::tr{'fwhost err ipwithsub'};
$fwhostsettings{'error'}='on';
@@ -403,18 +422,14 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
$errormessage=$Lang::tr{'fwhost err hostip'};
}
}
-
-
-
#only check plausi when no error till now
if (!$errormessage){
&plausicheck("edithost");
}
-
if($fwhostsettings{'actualize'} eq 'on' && $fwhostsettings{'newhost'} ne 'on' && $errormessage){
$fwhostsettings{'actualize'} = '';
my $key = &General::findhasharraykey (\%customhost);
- foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";}
+ foreach my $i (0 .. 4) { $customhost{$key}[$i] = "";}
$customhost{$key}[0] = $fwhostsettings{'orgname'} ;
$customhost{$key}[1] = $fwhostsettings{'type'} ;
if($customhost{$key}[1] eq 'ip'){
@@ -422,12 +437,11 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
}else{
$customhost{$key}[2] = $fwhostsettings{'orgip'};
}
- $customhost{$key}[3] = $fwhostsettings{'count'};
+ $customhost{$key}[3] = $fwhostsettings{'orgremark'};
+ $customhost{$key}[4] = $fwhostsettings{'count'};
&General::writehasharray("$confighost", \%customhost);
undef %customhost;
-
}
-
if (!$errormessage){
#get count if host was edited
if($fwhostsettings{'actualize'} eq 'on'){
@@ -441,7 +455,6 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
foreach my $key (sort keys %customgrp){
if($customgrp{$key}[2] eq $fwhostsettings{'orgname'}){
$customgrp{$key}[2]=$fwhostsettings{'HOSTNAME'};
- last;
}
}
&General::writehasharray("$configgrp", \%customgrp);
@@ -470,7 +483,7 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
}
}
my $key = &General::findhasharraykey (\%customhost);
- foreach my $i (0 .. 3) { $customhost{$key}[$i] = "";}
+ foreach my $i (0 .. 4) { $customhost{$key}[$i] = "";}
$customhost{$key}[0] = $fwhostsettings{'HOSTNAME'} ;
$customhost{$key}[1] = $fwhostsettings{'type'} ;
if ($fwhostsettings{'type'} eq 'ip'){
@@ -482,14 +495,14 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
$customhost{$key}[2] = $fwhostsettings{'IP'};
}
if($fwhostsettings{'newhost'} eq 'on'){$count=0;}
- $customhost{$key}[3] = $count;
+ $customhost{$key}[3] = $fwhostsettings{'HOSTREMARK'};
+ $customhost{$key}[4] =$count;
&General::writehasharray("$confighost", \%customhost);
-
- #$fwhostsettings{'IP'} = $fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
undef %customhost;
$fwhostsettings{'HOSTNAME'}='';
$fwhostsettings{'IP'}='';
$fwhostsettings{'type'}='';
+ $fwhostsettings{'HOSTREMARK'}='';
#check if we need to update rules while host was edited
if($needrules eq 'on'){
&rules;
@@ -500,13 +513,11 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
&addhost;
&viewtablehost;
}
-
}
-
}
if ($fwhostsettings{'ACTION'} eq 'savegrp')
{
- my $grp;
+ my $grp=$fwhostsettings{'grp_name'};;
my $rem=$fwhostsettings{'remark'};
my $count;
my $type;
@@ -516,95 +527,102 @@ if ($fwhostsettings{'ACTION'} eq 'savegrp')
&General::readhasharray("$configgrp", \%customgrp);
&General::readhasharray("$confignet", \%customnetwork);
&General::readhasharray("$confighost", \%customhost);
- $grp=$fwhostsettings{'grp_name'};
-
- if (!&General::validhostname($grp)){$errormessage=$errormessage.$Lang::tr{'fwhost err name'};}
- ###check standard networks
- if ($fwhostsettings{'grp2'} eq 'std_net'){
- @target=$fwhostsettings{'DEFAULT_SRC_ADR'};
- $type='Standard Network';
- }
- ##check custom networks
- if ($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} ne ''){
- @target=$fwhostsettings{'CUST_SRC_NET'};
- $updcounter='net';
- $type='Custom Network';
- }elsif($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} eq ''){
- $errormessage=$Lang::tr{'fwhost err groupempty'}." ";
- $fwhostsettings{'grp_name'}='';
- $fwhostsettings{'remark'}='';
- }
- #check custom addresses
- if ($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} ne ''){
- @target=$fwhostsettings{'CUST_SRC_HOST'};
- $updcounter='host';
- $type='Custom Host';
- }elsif($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} eq ''){
- $errormessage=$Lang::tr{'fwhost err groupempty'}." ";
- $fwhostsettings{'grp_name'}='';
- $fwhostsettings{'remark'}='';
- }
- #get address from ovpn ccd static net
- if ($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} ne ''){
- @target=$fwhostsettings{'OVPN_CCD_NET'};
- $type='OpenVPN static network';
- }elsif($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} eq ''){
- $errormessage=$Lang::tr{'fwhost err groupempty'};
- $fwhostsettings{'grp_name'}='';
- $fwhostsettings{'remark'}='';
- }
- #get address from ovpn ccd static host
- if ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} ne ''){
- @target=$fwhostsettings{'OVPN_CCD_HOST'};
- $type='OpenVPN static host';
- }elsif ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} eq ''){
- $errormessage=$Lang::tr{'fwhost err groupempty'};
- }
- #get address from ovpn ccd Net-2-Net
- if ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} ne ''){
- @target=$fwhostsettings{'OVPN_N2N'};
- $type='OpenVPN N-2-N';
- }elsif ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} eq ''){
- $errormessage=$Lang::tr{'fwhost err groupempty'};
- $fwhostsettings{'grp_name'}='';
- $fwhostsettings{'remark'}='';
- }
- #get address from IPSEC HOST
- if ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} ne ''){
- @target=$fwhostsettings{'IPSEC_HOST'};
- $type='IpSec Host';
- }elsif ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} eq ''){
- $errormessage=$Lang::tr{'fwhost err groupempty'};
- $fwhostsettings{'grp_name'}='';
- $fwhostsettings{'remark'}='';
- }
- #get address from IPSEC NETWORK
- if ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} ne ''){
- @target=$fwhostsettings{'IPSEC_NET'};
- $type='IpSec Network';
- }elsif ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} eq ''){
- $errormessage=$Lang::tr{'fwhost err groupempty'};
- $fwhostsettings{'grp_name'}='';
- $fwhostsettings{'remark'}='';
- }
- #check if host/net exists in grp
- my $test="$grp,$fwhostsettings{'oldremark'},@target";
- foreach my $key (keys %customgrp) {
- my $test1="$customgrp{$key}[0],$customgrp{$key}[1],$customgrp{$key}[2]";
- if ($test1 eq $test){
- $errormessage=$Lang::tr{'fwhost err isingrp'};
- $fwhostsettings{'update'} = 'on';
+ #check name
+ if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
+ #check remark
+ if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){
+ $errormessage.=$Lang::tr{'fwhost err remark'};
+ }
+ if ($fwhostsettings{'update'} eq 'on'){
+ #check standard networks
+ if ($fwhostsettings{'grp2'} eq 'std_net'){
+ @target=$fwhostsettings{'DEFAULT_SRC_ADR'};
+ $type='Standard Network';
+ }
+ #check custom networks
+ if ($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} ne ''){
+ @target=$fwhostsettings{'CUST_SRC_NET'};
+ $updcounter='net';
+ $type='Custom Network';
+ }elsif($fwhostsettings{'grp2'} eq 'cust_net' && $fwhostsettings{'CUST_SRC_NET'} eq ''){
+ $errormessage=$Lang::tr{'fwhost err groupempty'}." ";
+ $fwhostsettings{'grp_name'}='';
+ $fwhostsettings{'remark'}='';
+ }
+ #check custom addresses
+ if ($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} ne ''){
+ @target=$fwhostsettings{'CUST_SRC_HOST'};
+ $updcounter='host';
+ $type='Custom Host';
+ }elsif($fwhostsettings{'grp2'} eq 'cust_host' && $fwhostsettings{'CUST_SRC_HOST'} eq ''){
+ $errormessage=$Lang::tr{'fwhost err groupempty'}." ";
+ $fwhostsettings{'grp_name'}='';
+ $fwhostsettings{'remark'}='';
+ }
+ #get address from ovpn ccd static net
+ if ($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} ne ''){
+ @target=$fwhostsettings{'OVPN_CCD_NET'};
+ $type='OpenVPN static network';
+ }elsif($fwhostsettings{'grp2'} eq 'ovpn_net' && $fwhostsettings{'OVPN_CCD_NET'} eq ''){
+ $errormessage=$Lang::tr{'fwhost err groupempty'};
+ $fwhostsettings{'grp_name'}='';
+ $fwhostsettings{'remark'}='';
+ }
+ #get address from ovpn ccd static host
+ if ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} ne ''){
+ @target=$fwhostsettings{'OVPN_CCD_HOST'};
+ $type='OpenVPN static host';
+ }elsif ($fwhostsettings{'grp2'} eq 'ovpn_host' && $fwhostsettings{'OVPN_CCD_HOST'} eq ''){
+ $errormessage=$Lang::tr{'fwhost err groupempty'};
+ }
+ #get address from ovpn ccd Net-2-Net
+ if ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} ne ''){
+ @target=$fwhostsettings{'OVPN_N2N'};
+ $type='OpenVPN N-2-N';
+ }elsif ($fwhostsettings{'grp2'} eq 'ovpn_n2n' && $fwhostsettings{'OVPN_N2N'} eq ''){
+ $errormessage=$Lang::tr{'fwhost err groupempty'};
+ $fwhostsettings{'grp_name'}='';
+ $fwhostsettings{'remark'}='';
+ }
+ #get address from IPSEC HOST
+ if ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} ne ''){
+ @target=$fwhostsettings{'IPSEC_HOST'};
+ $type='IpSec Host';
+ }elsif ($fwhostsettings{'grp2'} eq 'ipsec_host' && $fwhostsettings{'IPSEC_HOST'} eq ''){
+ $errormessage=$Lang::tr{'fwhost err groupempty'};
+ $fwhostsettings{'grp_name'}='';
+ $fwhostsettings{'remark'}='';
+ }
+ #get address from IPSEC NETWORK
+ if ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} ne ''){
+ @target=$fwhostsettings{'IPSEC_NET'};
+ $type='IpSec Network';
+ }elsif ($fwhostsettings{'grp2'} eq 'ipsec_net' && $fwhostsettings{'IPSEC_NET'} eq ''){
+ $errormessage=$Lang::tr{'fwhost err groupempty'};
+ $fwhostsettings{'grp_name'}='';
+ $fwhostsettings{'remark'}='';
+ }
+ #check if host/net exists in grp
+
+ my $test="$grp,$fwhostsettings{'oldremark'},@target";
+ foreach my $key (keys %customgrp) {
+ my $test1="$customgrp{$key}[0],$customgrp{$key}[1],$customgrp{$key}[2]";
+ if ($test1 eq $test){
+ $errormessage=$Lang::tr{'fwhost err isingrp'};
+ $fwhostsettings{'update'} = 'on';
+ }
}
}
+
if (!$errormessage){
#on first save, we have an empty @target, so fill it with nothing
my $targetvalues=@target;
if ($targetvalues == '0'){
- @target=$Lang::tr{'fwhost empty'};
+ @target="none";
}
#on update, we have to delete the dummy entry
foreach my $key (keys %customgrp){
- if ($customgrp{$key}[0] eq $grp && $customgrp{$key}[2] eq $Lang::tr{'fwhost empty'}){
+ if ($customgrp{$key}[0] eq $grp && $customgrp{$key}[2] eq "none"){
delete $customgrp{$key};
last;
}
@@ -638,12 +656,11 @@ if ($fwhostsettings{'ACTION'} eq 'savegrp')
$customgrp{$key}[4] = $count;
}
&General::writehasharray("$configgrp", \%customgrp);
-
#update counter in Host/Net
if($updcounter eq 'net'){
foreach my $key (keys %customnetwork) {
if($customnetwork{$key}[0] eq $fwhostsettings{'CUST_SRC_NET'}){
- $customnetwork{$key}[3] = $customnetwork{$key}[3]+1;
+ $customnetwork{$key}[4] = $customnetwork{$key}[4]+1;
last;
}
}
@@ -651,27 +668,13 @@ if ($fwhostsettings{'ACTION'} eq 'savegrp')
}elsif($updcounter eq 'host'){
foreach my $key (keys %customhost) {
if ($customhost{$key}[0] eq $fwhostsettings{'CUST_SRC_HOST'}){
- $customhost{$key}[3]=$customhost{$key}[3]+1;
+ $customhost{$key}[4]=$customhost{$key}[3]+1;
}
}
&General::writehasharray("$confighost", \%customhost);
}
$fwhostsettings{'update'}='on';
}
- if ($fwhostsettings{'remark'} ne $fwhostsettings{'oldremark'} )
- {
- foreach my $key (sort keys %customgrp)
- {
- if($customgrp{$key}[0] eq $grp && $customgrp{$key}[1] eq $fwhostsettings{'oldremark'})
- {
- $customgrp{$key}[1]='';
- $customgrp{$key}[1]=$rem;
- }
- }
- &General::writehasharray("$configgrp", \%customgrp);
- $errormessage='';
- $fwhostsettings{'update'}='on';
- }
#check if ruleupdate is needed
if($count > 0 )
{
@@ -683,10 +686,8 @@ if ($fwhostsettings{'ACTION'} eq 'savegrp')
if ($fwhostsettings{'ACTION'} eq 'saveservice')
{
my $ICMP;
-
&General::readhasharray("$configsrv", \%customservice );
$errormessage=&checkports(\%customservice);
-
if ($fwhostsettings{'PROT'} eq 'ICMP'){
&General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
foreach my $key (keys %icmptypes){
@@ -697,7 +698,6 @@ if ($fwhostsettings{'ACTION'} eq 'saveservice')
}
if($ICMP eq ''){$ICMP='BLANK';}
if (!$errormessage){
-
my $key = &General::findhasharraykey (\%customservice);
foreach my $i (0 .. 4) { $customservice{$key}[$i] = "";}
$customservice{$key}[0] = $fwhostsettings{'SRV_NAME'};
@@ -711,11 +711,8 @@ if ($fwhostsettings{'ACTION'} eq 'saveservice')
$fwhostsettings{'SRV_PORT'}='';
$fwhostsettings{'PROT'}='';
$fwhostsettings{'ICMP_TYPES'}='';
-
}
-
&addservice;
-
}
if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
{
@@ -724,16 +721,19 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
my $count=0;
&General::readhasharray("$configsrvgrp", \%customservicegrp );
&General::readhasharray("$configsrv", \%customservice );
-
$errormessage=&checkservicegroup;
-
+ #check remark
+ if ($fwhostsettings{'SRVGRP_REMARK'} ne '' && !&validremark($fwhostsettings{'SRVGRP_REMARK'})){
+ $errormessage=$Lang::tr{'fwhost err remark'};
+ }
if (!$errormessage){
#on first save, we have to enter a dummy value
- if ($fwhostsettings{'CUST_SRV'} eq ''){$fwhostsettings{'CUST_SRV'}=$Lang::tr{'fwhost empty'};}
-
+ if ($fwhostsettings{'CUST_SRV'} eq ''){
+ $fwhostsettings{'CUST_SRV'}='none';
+ }
#on update, we have to delete the dummy entry
foreach my $key (keys %customservicegrp){
- if ($customservicegrp{$key}[2] eq $Lang::tr{'fwhost empty'}){
+ if ($customservicegrp{$key}[2] eq 'none'){
delete $customservicegrp{$key};
last;
}
@@ -756,7 +756,7 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
{
if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'})
{
- $count=$customservicegrp{$key}[5];
+ $count=$customservicegrp{$key}[3];
last;
}
}
@@ -770,31 +770,15 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
}
}
&General::writehasharray("$configsrv", \%customservice );
-
my $key = &General::findhasharraykey (\%customservicegrp);
foreach my $i (0 .. 3) { $customservice{$key}[$i] = "";}
$customservicegrp{$key}[0] = $fwhostsettings{'SRVGRP_NAME'};
$customservicegrp{$key}[1] = $fwhostsettings{'SRVGRP_REMARK'};
$customservicegrp{$key}[2] = $fwhostsettings{'CUST_SRV'};
$customservicegrp{$key}[3] = $count;
-
&General::writehasharray("$configsrvgrp", \%customservicegrp );
$fwhostsettings{'updatesrvgrp'}='on';
}
- if ($fwhostsettings{'SRVGRP_REMARK'} ne $fwhostsettings{'oldsrvgrpremark'} && $errormessage){
- foreach my $key (keys %customservicegrp)
- {
- if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvgrpremark'})
- {
- $customservicegrp{$key}[1]='';
- $customservicegrp{$key}[1]=$fwhostsettings{'SRVGRP_REMARK'};
- }
- }
- &General::writehasharray("$configsrvgrp", \%customservicegrp);
- $errormessage='';
- $hint=$Lang::tr{'fwhost changeremark'};
- $fwhostsettings{'update'}='on';
- }
if ($count gt 0){
&rules;
}
@@ -870,10 +854,11 @@ if ($fwhostsettings{'ACTION'} eq 'delhost')
}
&addhost;
&viewtablehost;
-
}
if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
{
+ my $grpremark;
+ my $grpname;
&General::readhasharray("$configgrp", \%customgrp);
foreach my $key (keys %customgrp){
if($customgrp{$key}[0].",".$customgrp{$key}[1].",".$customgrp{$key}[2].",".$customgrp{$key}[3] eq $fwhostsettings{'delhost'}){
@@ -882,7 +867,7 @@ if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
&General::readhasharray("$confignet", \%customnetwork);
foreach my $key1 (keys %customnetwork){
if ($customnetwork{$key1}[0] eq $customgrp{$key}[2]){
- $customnetwork{$key1}[3] = $customnetwork{$key1}[3]-1;
+ $customnetwork{$key1}[4] = $customnetwork{$key1}[4]-1;
last;
}
}
@@ -892,17 +877,23 @@ if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
&General::readhasharray("$confighost", \%customhost);
foreach my $key1 (keys %customhost){
if ($customhost{$key1}[0] eq $customgrp{$key}[2]){
- $customhost{$key1}[3] = $customhost{$key1}[3]-1;
+ $customhost{$key1}[4] = $customhost{$key1}[4]-1;
last;
}
}
&General::writehasharray("$confighost", \%customhost);
}
+ $grpname=$customgrp{$key}[0];
+ $grpremark=$customgrp{$key}[1];
delete $customgrp{$key};
}
}
&General::writehasharray("$configgrp", \%customgrp);
- &rules;
+ if ($fwhostsettings{'grpcnt'} > 0){&rules;}
+ if ($fwhostsettings{'update'} eq 'on'){
+ $fwhostsettings{'remark'}= $grpremark;
+ $fwhostsettings{'grp_name'}=$grpname;
+ }
&addgrp;
&viewtablegrp;
}
@@ -956,6 +947,8 @@ if ($fwhostsettings{'ACTION'} eq 'delservicegrp')
}
if ($fwhostsettings{'ACTION'} eq 'delgrpservice')
{
+ my $grpname;
+ my $grpremark;
&General::readhasharray("$configsrvgrp", \%customservicegrp);
&General::readhasharray("$configsrv", \%customservice);
foreach my $key (keys %customservicegrp){
@@ -969,11 +962,18 @@ if ($fwhostsettings{'ACTION'} eq 'delgrpservice')
}
}
&General::writehasharray("$configsrv", \%customservice);
- delete $customservicegrp{$key}
+ $grpname=$customservicegrp{$key}[0];
+ $grpremark=$customservicegrp{$key}[1];
+ delete $customservicegrp{$key};
}
}
&General::writehasharray("$configsrvgrp", \%customservicegrp);
&rules;
+ if ($fwhostsettings{'updatesrvgrp'} eq 'on'){
+ #$fwhostsettings{'updatesrvgrp'}='on';
+ $fwhostsettings{'SRVGRP_NAME'}=$grpname;
+ $fwhostsettings{'SRVGRP_REMARK'}=$grpremark;
+ }
&addservicegrp;
&viewtableservicegrp;
@@ -1002,6 +1002,62 @@ if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservicegrp'})
&addservicegrp;
&viewtableservicegrp;
}
+if ($fwhostsettings{'ACTION'} eq 'changegrpremark')
+{
+ &General::readhasharray("$configgrp", \%customgrp);
+ if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){
+ foreach my $key (sort keys %customgrp)
+ {
+ #$customgrp{$key}[1]=~ s/\|/,/g;
+ if($customgrp{$key}[0] eq $fwhostsettings{'grp'} && $customgrp{$key}[1] eq $fwhostsettings{'oldrem'})
+ {
+ #$fwhostsettings{'newrem'}=~ s/,/\|/g;
+ $customgrp{$key}[1]='';
+ $customgrp{$key}[1]=$fwhostsettings{'newrem'};
+ }
+ }
+ &General::writehasharray("$configgrp", \%customgrp);
+ $fwhostsettings{'update'}='on';
+ #$fwhostsettings{'newrem'}=~ s/\|/,/g;
+ $fwhostsettings{'remark'}=$fwhostsettings{'newrem'};
+ }else{
+ $errormessage=$Lang::tr{'fwhost err remark'};
+ $fwhostsettings{'remark'}=$fwhostsettings{'oldrem'};
+ $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
+ $fwhostsettings{'update'} = 'on';
+ }
+ $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
+ &addgrp;
+ &viewtablegrp;
+}
+if ($fwhostsettings{'ACTION'} eq 'changesrvgrpremark')
+{
+ &General::readhasharray("$configsrvgrp", \%customservicegrp );
+ if ($fwhostsettings{'oldsrvrem'} ne $fwhostsettings{'newsrvrem'} && (&validremark($fwhostsettings{'newsrvrem'}) || $fwhostsettings{'newsrvrem'} eq '')){
+ foreach my $key (sort keys %customservicegrp)
+ {
+ #$customservicegrp{$key}[1]=~ s/\|/,/g;
+ if($customservicegrp{$key}[0] eq $fwhostsettings{'srvgrp'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvrem'})
+ {
+ #$fwhostsettings{'newsrvrem'}=~ s/,/|/g;
+ $customservicegrp{$key}[1]='';
+ $customservicegrp{$key}[1]=$fwhostsettings{'newsrvrem'};
+ }
+ }
+ &General::writehasharray("$configsrvgrp", \%customservicegrp);
+ $fwhostsettings{'updatesrvgrp'}='on';
+ #$fwhostsettings{'newsrvrem'}=~ s/\|/,/g;
+ $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'newsrvrem'};
+ }else{
+ $errormessage=$Lang::tr{'fwhost err remark'};
+ $fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'oldsrvrem'};
+ $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'};
+ $fwhostsettings{'updatesrvgrp'} = 'on';
+ }
+ $fwhostsettings{'SRVGRP_NAME'}=$fwhostsettings{'srvgrp'};
+ &addservicegrp;
+ &viewtableservicegrp;
+}
### VIEW ###
if($fwhostsettings{'ACTION'} eq '')
{
@@ -1010,7 +1066,9 @@ if($fwhostsettings{'ACTION'} eq '')
### FUNCTIONS ###
sub showmenu
{
-
+ if (-f "${General::swroot}/forward/reread"){
+ print "
";
+ }
&Header::openbox('100%', 'left',$Lang::tr{'fwhost menu'});
print<
END
-
&Header::closebox();
}
@@ -1029,14 +1086,18 @@ sub addnet
&showmenu;
&Header::openbox('100%', 'left', $Lang::tr{'fwhost addnet'});
$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};
+ $fwhostsettings{'orgnetremark'}=$fwhostsettings{'NETREMARK'};
print<";
&Header::closebox();
@@ -1078,32 +1137,42 @@ sub addgrp
&showmenu;
&Header::openbox('100%', 'left', $Lang::tr{'fwhost addgrp'});
&General::setup_default_networks(\%defaultNetworks);
+ &General::readhasharray("$configccdnet", \%ccdnet);
+ &General::readhasharray("$confignet", \%customnetwork);
+ &General::readhasharray("$configccdhost", \%ccdhost);
+ &General::readhasharray("$confighost", \%customhost);
+ &General::readhasharray("$configipsec", \%ipsecconf);
+
my %checked=();
+ my $show='';
$checked{'check1'}{'off'} = '';
$checked{'check1'}{'on'} = '';
$checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED';
$fwhostsettings{'oldremark'}=$fwhostsettings{'remark'};
-
+ my $grp=$fwhostsettings{'grp_name'};
+ my $rem=$fwhostsettings{'remark'};
if ($fwhostsettings{'update'} eq ''){
print<
- $Lang::tr{'fwhost addgrpname'} $Lang::tr{'remark'}:
-
+ $Lang::tr{'fwhost addgrpname'}
+ $Lang::tr{'remark'}:
+
END
}else{
print<
- $Lang::tr{'fwhost addgrpname'} $Lang::tr{'remark'}:
-
+
+
END
-
}
if ($fwhostsettings{'update'} eq 'on'){
-
-
print<$Lang::tr{'fwhost stdnet'}
-
+
+ ";
+ print" ";
+ print"$Lang::tr{'fwhost attention'}: $Lang::tr{'fwhost macwarn'} ";
}
- print<
-
-
-END
-
+ print"";
&Header::closebox();
}
sub addservice
@@ -1211,7 +1258,8 @@ sub addservice
}
print<
- $Lang::tr{'fwhost srv_name'}: $Lang::tr{'fwhost prot'}:
+ $Lang::tr{'fwhost srv_name'}:
+ $Lang::tr{'fwhost prot'}:
END
foreach ("TCP","UDP","ICMP")
{
@@ -1223,8 +1271,8 @@ END
}
}
print< $Lang::tr{'fwhost port'}:
- $Lang::tr{'fwhost icmptype'}
+
+ $Lang::tr{'fwhost icmptype'}
END
&General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
print"All ICMP-Types ";
@@ -1233,8 +1281,9 @@ END
}
print<
-
+
+ $Lang::tr{'fwhost port'}:
+
END
if ($fwhostsettings{'updatesrv'} eq 'on')
@@ -1266,35 +1315,36 @@ sub addservicegrp
&showmenu;
&Header::openbox('100%', 'left', $Lang::tr{'fwhost newservicegrp'});
$fwhostsettings{'oldsrvgrpremark'}=$fwhostsettings{'SRVGRP_REMARK'};
-
if ($fwhostsettings{'updatesrvgrp'} eq ''){
print<
- $Lang::tr{'fwhost addgrpname'} $Lang::tr{'remark'}:
-
+ $Lang::tr{'fwhost addgrpname'}
+ $Lang::tr{'remark'}:
+
END
}else{
print<
- $Lang::tr{'fwhost addgrpname'} $Lang::tr{'remark'}:
-
-
+
END
}
if($fwhostsettings{'updatesrvgrp'} eq 'on'){
print<
+
$Lang::tr{'fwhost cust service'}
END
&General::readhasharray("$configsrv", \%customservice);
- foreach my $key (sort {$a <=> $b} keys %customservice)
+ foreach my $key (sort { uc($customservice{$a}[0]) cmp uc($customservice{$b}[0])|| $a <=> $b } keys %customservice)
{
print "$customservice{$key}[0] ";
}
print<
-
+
END
@@ -1304,7 +1354,6 @@ END
END
-
&Header::closebox();
}
# View
@@ -1318,8 +1367,8 @@ sub viewtablenet
print "$Lang::tr{'fwhost empty'} ";
}else{
print<
- $Lang::tr{'name'} $Lang::tr{'fwhost netaddress'} $Lang::tr{'netmask'} $Lang::tr{'used'}
+
+ $Lang::tr{'name'} $Lang::tr{'fwhost netaddress'} $Lang::tr{'netmask'} $Lang::tr{'remark'} $Lang::tr{'used'}
END
}
my $count=0;
@@ -1334,15 +1383,16 @@ END
print" ";
}
print<$customnetwork{$key}[0]$customnetwork{$key}[1] $customnetwork{$key}[2] $customnetwork{$key}[3]x
+ $customnetwork{$key}[0] $customnetwork{$key}[1] $customnetwork{$key}[2] $customnetwork{$key}[3] $customnetwork{$key}[4]x
+
END
- if($customnetwork{$key}[3] == '0')
+ if($customnetwork{$key}[4] == '0')
{
print" ";
}else{
@@ -1365,8 +1415,8 @@ sub viewtablehost
print "$Lang::tr{'fwhost empty'} ";
}else{
print<
- $Lang::tr{'name'} $Lang::tr{'fwhost ip_mac'} $Lang::tr{'used'}
+ ";}
print "$grpname    ";
print " $Lang::tr{'remark'}:   $remark   " if ($remark ne '');
@@ -1432,32 +1496,36 @@ sub viewtablegrp
print" ";
}
print" ";
- print"Name $Lang::tr{'ip address'} $Lang::tr{'fwhost type'} ";
+ print"";
@@ -1474,7 +1542,7 @@ sub viewtableservice
&Header::openbox('100%', 'left', $Lang::tr{'fwhost services'});
&General::readhasharray("$configsrv", \%customservice);
print<
+
$Lang::tr{'fwhost srv_name'} $Lang::tr{'fwhost prot'} $Lang::tr{'fwhost port'} ICMP $Lang::tr{'fwhost used'}
END
foreach my $key (sort { uc($customservice{$a}[0]) cmp uc($customservice{$b}[0])|| $a <=> $b } keys %customservice)
@@ -1514,6 +1582,7 @@ sub viewtableservicegrp
my $helper;
my $port;
my $protocol;
+ my $delflag;
if (! -z $configsrvgrp){
&Header::openbox('100%', 'left', $Lang::tr{'fwhost cust srvgrp'});
&General::readhasharray("$configsrvgrp", \%customservicegrp);
@@ -1522,8 +1591,23 @@ sub viewtableservicegrp
foreach my $key (sort { uc($customservicegrp{$a}[0]) cmp uc($customservicegrp{$b}[0])|| $a <=> $b } keys %customservicegrp){
$count++;
if ($helper ne $customservicegrp{$key}[0]){
+ $delflag=0;
+ foreach my $key1 (sort { uc($customservicegrp{$a}[0]) cmp uc($customservicegrp{$b}[0]) } sort { uc($customservicegrp{$a}[2]) cmp uc($customservicegrp{$b}[2]) } keys %customservicegrp){
+ if ($customservicegrp{$key}[0] eq $customservicegrp{$key1}[0])
+ {
+ $delflag++;
+ }
+ if($delflag > 1){
+ last;
+ }
+ }
$grpname=$customservicegrp{$key}[0];
- $remark=$customservicegrp{$key}[1];
+ if ($customservicegrp{$key}[2] eq "none"){
+ $customservicegrp{$key}[2]=$Lang::tr{'fwhost empty'};
+ $port='';
+ $protocol='';
+ }
+ $remark="$customservicegrp{$key}[1]";
if($count >=2){print"
";}
print "$grpname     ";
print "$Lang::tr{'remark'}:   $remark " if ($remark ne '');
@@ -1533,12 +1617,11 @@ sub viewtableservicegrp
print" ";
}
print" ";
- print"Name $Lang::tr{'port'} $Lang::tr{'fwhost prot'} ";
+ print"";
@@ -1605,22 +1688,16 @@ sub checkservicegroup
#check name
- if ( ! &General::validhostname($fwhostsettings{'SRVGRP_NAME'}))
+ if ( ! &validhostname($fwhostsettings{'SRVGRP_NAME'}))
{
$errormessage.=$Lang::tr{'fwhost err name'}." ";
return $errormessage;
}
- #check remark
- if ( ($fwhostsettings{'SRVGRP_REMARK'} ne '') && (! &validhostname($fwhostsettings{'SRVGRP_REMARK'})))
- {
- $errormessage.=$Lang::tr{'fwhost err remark'}." ";
- }
#check empty selectbox
if (keys %customservice lt 1)
{
$errormessage.=$Lang::tr{'fwhost err groupempty'}." ";
}
-
#check if name already exists
if ($fwhostsettings{'updatesrvgrp'} ne 'on'){
foreach my $key (keys %customservicegrp) {
@@ -1632,14 +1709,10 @@ sub checkservicegroup
}
#check if service already exists in group
foreach my $key (keys %customservicegrp) {
- if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[2] eq $fwhostsettings{'CUST_SRV'} ){
- $errormessage.=$Lang::tr{'fwhost err srvexist'}." ";
-
- }
+ if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'} && $customservicegrp{$key}[2] eq $fwhostsettings{'CUST_SRV'} ){
+ $errormessage.=$Lang::tr{'fwhost err srvexist'}." ";
}
-
-
-
+ }
return $errormessage;
}
sub error
@@ -1688,10 +1761,9 @@ sub deletefromgrp
}
sub plausicheck
{
-
my $edit=shift;
#check hostname
- if (!&General::validhostname($fwhostsettings{'HOSTNAME'}))
+ if (!&validhostname($fwhostsettings{'HOSTNAME'}))
{
$errormessage=$errormessage.$Lang::tr{'fwhost err name'};
$fwhostsettings{'BLK_IP'}='readonly';
@@ -1699,7 +1771,6 @@ sub plausicheck
if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
}
#check if name collides with CCD Netname
-
&General::readhasharray("$configccdnet", \%ccdnet);
foreach my $key (keys %ccdnet) {
if($ccdnet{$key}[0] eq $fwhostsettings{'HOSTNAME'}){
@@ -1709,7 +1780,6 @@ sub plausicheck
last;
}
}
-
#check if IP collides with CCD NetIP
if ($fwhostsettings{'type'} ne 'mac'){
&General::readhasharray("$configccdnet", \%ccdnet);
@@ -1724,9 +1794,6 @@ sub plausicheck
}
}
}
-
-
-
#check if name collides with CCD Hostname
&General::readhasharray("$configccdhost", \%ccdhost);
foreach my $key (keys %ccdhost) {
@@ -1767,7 +1834,7 @@ sub plausicheck
&General::readhasharray("$confighost", \%customhost);
if (!&checkname(\%customhost))
{
- $errormessage=$errormessage." ".$Lang::tr{'fwhost err hostexist'};
+ $errormessage.=" ".$Lang::tr{'fwhost err hostexist'};
$fwhostsettings{'HOSTNAME'} = $fwhostsettings{'orgname'};
if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
}
@@ -1775,10 +1842,7 @@ sub plausicheck
if (!&checkip(\%customhost,2))
{
$errormessage=$errormessage." ".$Lang::tr{'fwhost err ipcheck'};
-
}
-
-
return;
}
sub getipforgroup
@@ -1893,9 +1957,20 @@ sub getipforgroup
}
}
sub rules
+{
+ if (!-f "${General::swroot}/fwhosts/reread"){
+ system("touch ${General::swroot}/fwhosts/reread");
+ system("touch ${General::swroot}/forward/reread");
+ }
+}
+sub reread_rules
{
system ("/usr/local/bin/forwardfwctrl");
- system("rm ${General::swroot}/forward/reread");
+ if ( -f "${General::swroot}/fwhosts/reread"){
+ system("rm ${General::swroot}/fwhosts/reread");
+ system("rm ${General::swroot}/forward/reread");
+ }
+
}
sub decrease
{
@@ -1906,7 +1981,7 @@ sub decrease
if ( ($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Network')){
foreach my $key1 (sort keys %customnetwork){
if ($customnetwork{$key1}[0] eq $customgrp{$key}[2]){
- $customnetwork{$key1}[3]=$customnetwork{$key1}[3]-1;
+ $customnetwork{$key1}[4]=$customnetwork{$key1}[4]-1;
last;
}
}
@@ -1915,7 +1990,7 @@ sub decrease
if (($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Host')){
foreach my $key2 (sort keys %customhost){
if ($customhost{$key2}[0] eq $customgrp{$key}[2]){
- $customhost{$key2}[3]=$customhost{$key2}[3]-1;
+ $customhost{$key2}[4]=$customhost{$key2}[4]-1;
last;
}
}
@@ -1955,7 +2030,7 @@ sub checkports
$errormessage=$Lang::tr{'fwhost err port'};
}
#check valid name
- if (! &General::validhostname($fwhostsettings{'SRV_NAME'})){
+ if (! &validhostname($fwhostsettings{'SRV_NAME'})){
$errormessage=" ".$Lang::tr{'fwhost err name'};
}
#change dashes with :
@@ -1992,16 +2067,34 @@ sub validhostname
if (length ($hostname) < 1 || length ($hostname) > 63) {
return 0;}
# Only valid characters are a-z, A-Z, 0-9 and -
- if ($hostname !~ /^[a-zA-ZäöüÃÃÃ0-9-\s]*$/) {
+ if ($hostname !~ /^[a-zA-ZäöüÃÃÃ0-9-_.;()\/\s]*$/) {
return 0;}
# First character can only be a letter or a digit
if (substr ($hostname, 0, 1) !~ /^[a-zA-ZöäüÃÃÃ0-9]*$/) {
return 0;}
# Last character can only be a letter or a digit
- if (substr ($hostname, -1, 1) !~ /^[a-zA-ZöäüÃÃÃ0-9]*$/) {
+ if (substr ($hostname, -1, 1) !~ /^[a-zA-ZöäüÃÃÃ0-9()]*$/) {
+ return 0;}
+ return 1;
+}
+sub validremark
+{
+ # Checks a hostname against RFC1035
+ my $remark = $_[0];
+ # Each part should be at least two characters in length
+ # but no more than 63 characters
+ if (length ($remark) < 1 || length ($remark) > 255) {
+ return 0;}
+ # Only valid characters are a-z, A-Z, 0-9 and -
+ if ($remark !~ /^[a-zäöüA-ZÃÃÃ0-9-.:;\|_()\/\s]*$/) {
+ return 0;}
+ # First character can only be a letter or a digit
+ if (substr ($remark, 0, 1) !~ /^[a-zäöüA-ZÃÃÃ0-9]*$/) {
+ return 0;}
+ # Last character can only be a letter or a digit
+ if (substr ($remark, -1, 1) !~ /^[a-zöäüA-ZÃÃÃ0-9.:;_)]*$/) {
return 0;}
return 1;
}
-
&Header::closebigbox();
&Header::closepage();