Forward Firewall: Updated outgoingfw-converter. redesign of the ruletable's defaultrules
authorAlexander Marx <amarx@ipfire.org>
Fri, 5 Jul 2013 10:15:05 +0000 (12:15 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 9 Aug 2013 12:15:32 +0000 (14:15 +0200)
config/forwardfw/convert-outgoingfw
html/cgi-bin/forwardfw.cgi
html/cgi-bin/fwhosts.cgi
html/cgi-bin/optionsfw.cgi

index ef2f7e1b98098c282286f455c90bccc932546329..05bf13dada3fc2557a27b1c797342a31e60266a4 100755 (executable)
@@ -46,7 +46,11 @@ my %ccdconf=();
 my %fwconfig=();
 my %fwconfigout=();
 my %fwdsettings=();
+my %ownnet=();
+my %ovpnSettings = ();
+&General::readhash("${General::swroot}/ovpn/settings", \%ovpnSettings);
 &General::readhash($outfwsettings,\%outsettings);
+&General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
 #ONLY RUN if /var/ipfire/outgoing exists
 if ( -d "/var/ipfire/outgoing"){
        &process_groups;
@@ -179,16 +183,39 @@ sub new_hostgrp
                        }elsif($byte4 < '255'){
                                print LOG "Processing NETWORK $ippart/$subnet from Group $grp\n";
                                if(!&check_net($ippart,$subnet)){
-                                       my $netkey      =  &General::findhasharraykey(\%nets);
-                                       $name="net ";
-                                       $name2=$name.$ippart;
-                                       $name3="Custom Network";
-                                       $nets{$netkey}[0] = $name2;
-                                       $nets{$netkey}[1] = $ippart;
-                                       $nets{$netkey}[2] = $subnet;
-                                       $nets{$netkey}[3] = '';
-                                       $nets{$netkey}[4] = 1;
-                                       print LOG "->Network $ippart/$subnet added to custom networks\n";
+                                       #Check if this network is one one of IPFire internal networks
+                                       if (($ownnet{'GREEN_NETADDRESS'}                ne '' && $ownnet{'GREEN_NETADDRESS'}    ne '0.0.0.0') && &General::IpInSubnet($ippart,$ownnet{'GREEN_NETADDRESS'},$ownnet{'GREEN_NETMASK'}))
+                                       {
+                                               $name2='GREEN';
+                                               $name3='Standard Network';
+                                       }elsif (($ownnet{'ORANGE_NETADDRESS'}   ne '' && $ownnet{'ORANGE_NETADDRESS'}   ne '0.0.0.0') && &General::IpInSubnet($ippart,$ownnet{'ORANGE_NETADDRESS'},$ownnet{'ORANGE_NETMASK'}))
+                                       {
+                                               $name2='ORANGE';
+                                               $name3='Standard Network';
+                                       }elsif (($ownnet{'BLUE_NETADDRESS'}     ne '' && $ownnet{'BLUE_NETADDRESS'}     ne '0.0.0.0') && &General::IpInSubnet($ippart,$ownnet{'BLUE_NETADDRESS'},$ownnet{'BLUE_NETMASK'}))
+                                       {
+                                               $name2='BLUE';
+                                               $name3='Standard Network';
+                                       }elsif ($ippart eq '0.0.0.0')
+                                       {
+                                               $name2='ALL';
+                                               $name3='Standard Network';
+                                       }elsif(defined($ovpnSettings{'DOVPN_SUBNET'}) && "$ippart/".&General::iporsubtodec($subnet) eq $ovpnSettings{'DOVPN_SUBNET'})
+                                       {
+                                               $name2='OpenVPN-Dyn';
+                                               $name3='Standard Network';
+                                       }else{
+                                               my $netkey      =  &General::findhasharraykey(\%nets);
+                                               $name="net ";
+                                               $name2=$name.$ippart;
+                                               $name3="Custom Network";
+                                               $nets{$netkey}[0] = $name2;
+                                               $nets{$netkey}[1] = $ippart;
+                                               $nets{$netkey}[2] = $subnet;
+                                               $nets{$netkey}[3] = '';
+                                               $nets{$netkey}[4] = 1;
+                                               print LOG "->Network $ippart/$subnet added to custom networks\n";
+                                       }
                                }else{
                                        print LOG "Network $ippart already exists in custom networks\n";
                                        $name="net ";
index 1800095df3f618e2cbe97ab7209ed6571acc4000..4a49f2ed9e0b12d3a1eb38e19e32ce3fbf677e45 100755 (executable)
@@ -998,8 +998,7 @@ END
                        my $defnet="$defaultNetworks{$network}{'NAME'}_NETADDRESS";
                        my $defsub="$defaultNetworks{$network}{'NAME'}_NETMASK";
                        my $defsub1=&General::subtocidr($ifaces{$defsub});
-                       $ifaces{$defnet}='0.0.0.0' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
-                       $defsub1 ='0' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
+                       $ifaces{$defnet}='' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
                        if ($ifaces{$defnet}){
                                print ">$network ($ifaces{$defnet}/$defsub1)</option>";
                        }else{
@@ -2382,7 +2381,7 @@ END
                        }else{
                                $col="bgcolor='green'";
                        }
-                       &show_default_rules($col,$pol);
+                       &show_defaultrules($col,$pol);
                }elsif ($config eq '/var/ipfire/forward/outgoing'){
                        my $pol='fwdfw '.$fwdfwsettings{'POLICY1'};
                        if ($fwdfwsettings{'POLICY1'} eq 'MODE1'){
@@ -2390,9 +2389,9 @@ END
                        }else{
                                $col="bgcolor='green'";
                        }
-                       print"<tr><td $col width='20%' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td $col><font color='#FFFFFF'>$Lang::tr{$pol}</font></td></tr>";
+                       print"<tr><td $col width='20%' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td $col><font color='#FFFFFF' align='center'>$Lang::tr{$pol}</font></td></tr>";
                }else{
-                       print"<tr><td bgcolor='darkred' width='20%' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td bgcolor='darkred'><font color='#FFFFFF'>$Lang::tr{'fwdfw MODE1'}</font></td></tr>";
+                       print"<tr><td bgcolor='darkred' width='20%' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td bgcolor='darkred' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw MODE1'}</font></td></tr>";
                }
                print"</table>";
                print "<hr>";
@@ -2419,9 +2418,9 @@ END
                                }else{
                                        $col="bgcolor='green'";
                                }
-                               print"<tr><td $col align='center' width='20%'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td $col><font color='#FFFFFF'>$Lang::tr{$pol}</font></td></tr>";
+                               print"<tr><td $col align='center' width='20%'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td $col align='center'><font color='#FFFFFF'>$Lang::tr{$pol}</font></td></tr>";
                        }else{
-                               print"<tr><td bgcolor='darkred' align='center' width='20%'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td>$Lang::tr{'fwdfw MODE1'}</font></td></tr>";
+                               print"<tr><td bgcolor='darkred' align='center' width='20%'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td align='center'>$Lang::tr{'fwdfw MODE1'}</font></td></tr>";
                        }
                        print"</table><br><br>";
                }
@@ -2435,15 +2434,18 @@ sub show_defaultrules
        my $col=shift;
        my $pol=shift;
        #STANDARD RULES (From WIKI)
-                       print"</table>";
-                       print "<table width='100%'rules='cols' border='1'>";
+                       print"</table><br>";
+                       print "<table width='100%' rules='cols' border='1' >";
                        if ($col eq "bgcolor='green'"){
-                               my $blue   = ", <font color=$Header::colourblue>    $Lang::tr{'blue'}</font> ($Lang::tr{'fwdfw pol block'})" if $ifaces{'BLUE_DEV'};
-                               my $orange = ", <font color=$Header::colourorange>  $Lang::tr{'orange'}</font> ($Lang::tr{'fwdfw pol block'})" if $ifaces{'ORANGE_DEV'};
-                               print"<tr><td align='center' width='20%'><font color='#000000'>$Lang::tr{'orange'}</td><td><font color=$Header::colourgreen>  $Lang::tr{'green'}</font> ($Lang::tr{'fwdfw pol block'}), <font color=$Header::colourred>  $Lang::tr{'red'}</font> ($Lang::tr{'fwdfw pol allow'})$blue</td></tr>";
-                               print"<tr><td align='center'><font color='#000000'>$Lang::tr{'blue'}</td><td><font color=$Header::colourgreen>  $Lang::tr{'green'}</font> ($Lang::tr{'fwdfw pol block'}), <font color=$Header::colourred>  $Lang::tr{'red'}</font> ($Lang::tr{'fwdfw pol allow'})$orange</td></tr>" if $ifaces{'BLUE_DEV'};
-                               print"<tr><td $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} </font></td><td $col><font color='#FFFFFF'>$Lang::tr{$pol}</font></td></tr>";
+                               my $blue   = "<font color=$Header::colourblue>    $Lang::tr{'blue'}</font> ($Lang::tr{'fwdfw pol block'})" if $ifaces{'BLUE_DEV'};
+                               my $orange = "<font color=$Header::colourorange>  $Lang::tr{'orange'}</font> ($Lang::tr{'fwdfw pol block'})" if $ifaces{'ORANGE_DEV'};
+                               my $blue1   = "<font color=$Header::colourblue>    $Lang::tr{'blue'}</font> ($Lang::tr{'fwdfw pol allow'})" if $ifaces{'BLUE_DEV'};
+                               my $orange1 = "<font color=$Header::colourorange>  $Lang::tr{'orange'}</font> ($Lang::tr{'fwdfw pol allow'})" if $ifaces{'ORANGE_DEV'};
+                               print"<tr><td align='center'><font color='#000000'>$Lang::tr{'green'}</td><td align='center'> <font color=$Header::colourred>  $Lang::tr{'red'}</font> ($Lang::tr{'fwdfw pol allow'})</td><td align='center'>$orange1</td><td align='center'>$blue1</td></tr>";
+                               print"<tr><td align='center' width='20%'><font color='#000000'>$Lang::tr{'orange'}</td><td align='center'> <font color=$Header::colourred>  $Lang::tr{'red'}</font> ($Lang::tr{'fwdfw pol allow'})</td><td align='center'><font color=$Header::colourgreen>  $Lang::tr{'green'}</font> ($Lang::tr{'fwdfw pol block'})</td><td align='center'>$blue</td></tr>";
+                               print"<tr><td align='center'><font color='#000000'>$Lang::tr{'blue'}</td><td align='center'> <font color=$Header::colourred>  $Lang::tr{'red'}</font> ($Lang::tr{'fwdfw pol allow'})</td><td align='center'>$orange</td><td align='center'><font color=$Header::colourgreen>  $Lang::tr{'green'}</font> ($Lang::tr{'fwdfw pol block'})</td></tr>" if $ifaces{'BLUE_DEV'};
+                               print"<tr><td $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} </font></td><td $col colspan='3' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw pol allow'}</font></td></tr>";
                        }elsif($col eq "bgcolor='darkred'"){
-                               print"<tr><td $col width='20%' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td $col><font color='#FFFFFF'>$Lang::tr{$pol}</font></td></tr>";
+                               print"<tr><td $col width='20%' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'}</td><td $col align='center'><font color='#FFFFFF'>$Lang::tr{$pol}</font></td></tr>";
                        }
 }
index c854e9f5cf581024a1d1e1b16fed3163b46035e2..73dabaadbc7232e987fba89208393b8de625747d 100755 (executable)
@@ -1171,10 +1171,18 @@ END
                        foreach my $network (sort keys %defaultNetworks)
                        {
                                next if($defaultNetworks{$network}{'LOCATION'} eq "IPCOP");
-                               next if($defaultNetworks{$network}{'NAME'} eq "RED");
+                               next if($defaultNetworks{$network}{'NAME'} eq "IPFire");
                                print "<option value='$defaultNetworks{$network}{'NAME'}'";
                                print " selected='selected'" if ($fwhostsettings{'DEFAULT_SRC_ADR'} eq $defaultNetworks{$network}{'NAME'});
-                               print ">$network</option>";
+                               my $defnet="$defaultNetworks{$network}{'NAME'}_NETADDRESS";
+                               my $defsub="$defaultNetworks{$network}{'NAME'}_NETMASK";
+                               my $defsub1=&General::subtocidr($ownnet{$defsub});
+                               $ownnet{$defnet}='' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
+                               if ($ownnet{$defnet}){
+                                       print ">$network ($ownnet{$defnet}/$defsub1)</option>";
+                               }else{
+                                       print ">$network</option>";
+                               }
                        }
                        print"</select></td></tr>";
                        if (! -z $confignet){
index 616f52964538f52415f19b0de0dd78d94b8f87f1..61441e4706194499c5557d8cb7e60df83ea6a3cc 100644 (file)
@@ -51,12 +51,11 @@ my $errormessage = '';
 my $warnmessage = '';
 
 &General::readhash("${General::swroot}/forward/settings", \%fwdfwsettings);
-
 &Header::showhttpheaders();
 
 #Get GUI values
 &Header::getcgihash(\%settings);
-
+&General::readhash("${General::swroot}/optionsfw/settings", \%settings);
 
 
 if ($settings{'ACTION'} eq $Lang::tr{'save'}) {