Forward Firewall: Implemented INPUT Firewall (extended external access)
authorAlexander Marx <amarx@ipfire.org>
Tue, 11 Jun 2013 13:53:31 +0000 (15:53 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 9 Aug 2013 12:15:27 +0000 (14:15 +0200)
Now you are able to define INPUT Rules on every interface ip

config/forwardfw/rules.pl
html/cgi-bin/forwardfw.cgi
langs/de/cgi-bin/de.pl
langs/en/cgi-bin/en.pl

index 529943f8170d4ad3e62950eec6c1f065f6759453..12397037e9f34099c89444b18220e290ceb62c7e 100755 (executable)
@@ -215,7 +215,16 @@ sub buildrules
                                        }
                                }
                        }elsif($$hash{$key}[5] eq 'ipfire'){
-                               if($$hash{$key}[6] eq 'Default IP'){
+                               if($$hash{$key}[6] eq 'GREEN'){
+                                       $targethash{$key}[0]=$defaultNetworks{'GREEN_ADDRESS'};
+                               }
+                               if($$hash{$key}[6] eq 'BLUE'){
+                                       $targethash{$key}[0]=$defaultNetworks{'BLUE_ADDRESS'};
+                               }
+                               if($$hash{$key}[6] eq 'ORANGE'){
+                                       $targethash{$key}[0]=$defaultNetworks{'ORANGE_ADDRESS'};
+                               }
+                               if($$hash{$key}[6] eq 'RED'){
                                        open(FILE, "/var/ipfire/red/local-ipaddress") or die 'Unable to open config file.';
                                        $targethash{$key}[0]= <FILE>;
                                        close(FILE);
index 35d0bc56380007de6209e8bda0cc68ce00902c60..22b0d407c4e6358a1826bba68f093b59be625a3b 100755 (executable)
@@ -78,7 +78,7 @@ my %aliases=();
 my %optionsfw=();
 my %ifaces=();
 
-my $VERSION='0.9.9.6a';
+my $VERSION='0.9.9.7';
 my $color;
 my $confignet          = "${General::swroot}/fwhosts/customnetworks";
 my $confighost         = "${General::swroot}/fwhosts/customhosts";
@@ -1501,7 +1501,7 @@ sub getcolor
                }elsif ($val eq 'BLUE'){
                        $tdcolor="style='border: 1px solid $Header::colourblue;'";
                        return;
-               }elsif ($val eq 'RED'){
+               }elsif ($val eq 'RED' ||$val eq 'RED1' ){
                        $tdcolor="style='border: 1px solid $Header::colourred;'";
                        return;
                }elsif ($val eq 'IPFire' ){
@@ -1802,17 +1802,18 @@ END
                <table width='100%' border='0'> 
                <tr><td width='1%'><input type='radio' name='grp2' value='tgt_addr'  checked></td><td width='57%' nowrap='nowrap'>$Lang::tr{'fwdfw targetip'}<input type='TEXT' name='tgt_addr' value='$fwdfwsettings{'tgt_addr'}' size='16' maxlength='17'><td width='1%'><input type='radio' name='grp2' value='ipfire'  $checked{'grp2'}{'ipfire'}></td><td><b>IPFire</b></td>
 END
-               if (! -z "${General::swroot}/ethernet/aliases"){
-                       print"<td align='right'><select name='ipfire' style='width:200px;'>";
-                       print "<option value='Default IP' $selected{'ipfire'}{'Default IP'}>Default IP</option>";
+               print"<td align='right'><select name='ipfire' style='width:200px;'>";
+               print "<option value='ALL' $selected{'ipfire'}{'ALL'}>$Lang::tr{'all'}</option>";
+               print "<option value='GREEN' $selected{'ipfire'}{'GREEN'}>$Lang::tr{'green'} ($ifaces{'GREEN_ADDRESS'})</option>" if $ifaces{'GREEN_ADDRESS'};
+               print "<option value='ORANGE' $selected{'ipfire'}{'ORANGE'}>$Lang::tr{'orange'} ($ifaces{'ORANGE_ADDRESS'})</option>" if $ifaces{'ORANGE_ADDRESS'};
+               print "<option value='BLUE' $selected{'ipfire'}{'BLUE'}>$Lang::tr{'blue'} ($ifaces{'BLUE_ADDRESS'})</option>" if $ifaces{'BLUE_ADDRESS'};
+               print "<option value='RED1' $selected{'ipfire'}{'RED1'}>$Lang::tr{'red1'} (Default IP)</option>" if $ifaces{'RED_ADDRESS'};
 
+               if (! -z "${General::swroot}/ethernet/aliases"){
                        foreach my $alias (sort keys %aliases)
                        {
                                print "<option value='$alias' $selected{'ipfire'}{$alias}>$alias</option>";
                        }
-                       
-               }else{
-                       print"<td style='width:200px;'><input type='hidden' name ='ipfire' value='Default IP'>";
                }
                print<<END;
                </td></tr>
@@ -2506,8 +2507,13 @@ END
                                }
                                print"<br> DNAT->";
                        }
-                       if ($$hash{$key}[5] eq 'std_net_tgt'){
-                               print &get_name($$hash{$key}[6]);
+                       if ($$hash{$key}[5] eq 'std_net_tgt' || $$hash{$key}[5] eq 'ipfire' && $$hash{$key}[6] eq 'RED' || $$hash{$key}[6] eq 'RED1' || $$hash{$key}[6] eq 'GREEN' || $$hash{$key}[6] eq 'ORANGE' || $$hash{$key}[6] eq 'BLUE' ){
+                               if ($$hash{$key}[6] eq 'RED1')
+                               {
+                                       print $Lang::tr{'red1'};
+                               }else{
+                                       print &get_name($$hash{$key}[6]);
+                               }
                        }else{
                                print $$hash{$key}[6];
                        }
index 40f6c45996b9169b712b61e1361249cb54bfce13..311b096be9887b048331fe0c5bc82236197b73f7 100644 (file)
 'reconnect' => 'Neu Verbinden',
 'reconnection' => 'Wiederverbindung',
 'red' => 'Internet',
+'red1' => 'ROT',
 'references' => 'Referenzen',
 'refresh' => 'Aktualisieren',
 'refresh index page while connected' => 'Aktualisere index.cgi Seite w√§hrend der Verbindung',
index 2f3ec67e5620fc9af40cafef9621d9a81260fd7c..5713d66d5579be841092067805b88e022fe15603 100644 (file)
 'reconnect' => 'Reconnect',
 'reconnection' => 'Reconnection',
 'red' => 'Internet',
+'red1' => 'RED',
 'references' => 'References',
 'refresh' => 'Refresh',
 'refresh index page while connected' => 'Refresh index.cgi page while connected',