Forward Firewall: moved p2p-block to a seperate cgi and deleted it from forwardfw.cgi
authorAlexander Marx <amarx@ipfire.org>
Thu, 21 Feb 2013 09:26:55 +0000 (10:26 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 9 Aug 2013 12:08:22 +0000 (14:08 +0200)
config/menu/50-firewall.menu
html/cgi-bin/forwardfw.cgi
html/cgi-bin/fwhosts.cgi
html/cgi-bin/p2p-block.cgi [new file with mode: 0755]

index 90baa65b2f9ce59686b034848241083cf1771350..0295343237171aef424beb6cae582ea2da468127 100644 (file)
                                'title' => "Universal Plug and Play",
                                'enabled' => 0,
                                };
-       $subfirewall->{'80.optingsfw'} = {
+       $subfirewall->{'80.optionsfw'} = {
                                'caption' => $Lang::tr{'options fw'},
                                'uri' => '/cgi-bin/optionsfw.cgi',
                                'title' => "$Lang::tr{'options fw'}",
                                'enabled' => 1,
                                };
+       $subfirewall->{'81.p2p'} = {
+                               'caption' => 'P2P-Block',
+                               'uri' => '/cgi-bin/p2p-block.cgi',
+                               'title' => "P2P-Block",
+                               'enabled' => 1,
+                               };                                      
        $subfirewall->{'90.iptables'} = {
                                'caption' => $Lang::tr{'ipts'},
                                'uri' => '/cgi-bin/iptables.cgi',
index 6bcfdc7d97378ab786f19a2b9a96c5e3adc43744..738c387868c0d7a92c8d22f5cb5dec29b46e9d0b 100755 (executable)
@@ -70,7 +70,6 @@ my %icmptypes=();
 my %ovpnsettings=();
 my %ipsecsettings=();
 my %aliases=();
-my @p2ps = ();
 
 my $color;
 my $confignet          = "${General::swroot}/fwhosts/customnetworks";
@@ -86,7 +85,6 @@ my $configfwdfw               = "${General::swroot}/forward/config";
 my $configinput                = "${General::swroot}/forward/input";
 my $configoutgoing     = "${General::swroot}/forward/outgoing";
 my $configovpn         = "${General::swroot}/ovpn/settings";
-my $p2pfile                    = "${General::swroot}/forward/p2protocols";
 my $errormessage='';
 my $hint='';
 my $ipgrp="${General::swroot}/outgoing/groups";
@@ -446,29 +444,6 @@ if ($fwdfwsettings{'ACTION'} eq 'copyrule')
        #$fwdfwsettings{'updatefwrule'}='on';
        &newrule;
 }
-if ($fwdfwsettings{'ACTION'} eq 'togglep2p')
-{
-       #$errormessage="Toggle $fwdfwsettings{'P2PROT'}<br>";
-       open( FILE, "< $p2pfile" ) or die "Unable to read $p2pfile";
-       @p2ps = <FILE>;
-       close FILE;
-       open( FILE, "> $p2pfile" ) or die "Unable to write $p2pfile";
-       foreach my $p2pentry (sort @p2ps)
-       {
-               my @p2pline = split( /\;/, $p2pentry );
-               if ($p2pline[1] eq $fwdfwsettings{'P2PROT'}) {
-                       if($p2pline[2] eq 'on'){
-                               $p2pline[2]='off';
-                       }else{
-                               $p2pline[2]='on';
-                       }
-               }
-               print FILE "$p2pline[0];$p2pline[1];$p2pline[2];\n";
-       }
-       close FILE;
-       &rules;
-       &base;
-}
 if ($fwdfwsettings{'ACTION'} eq '')
 {
        &base;
@@ -606,7 +581,7 @@ sub base
        if ($fwdfwsettings{'POLICY1'} eq 'MODE2'){ $selected{'POLICY1'}{'MODE2'} = 'selected'; } else { $selected{'POLICY1'}{'MODE2'} = ''; }
        &hint;
        &addrule;
-       &p2pblock;
+       print "<br><hr><br><br>";
        &Header::openbox('100%', 'center', $Lang::tr{'fwdfw pol title'});
 print <<END;
        <form method='post' action='$ENV{'SCRIPT_NAME'}'>
@@ -642,16 +617,14 @@ END
 sub addrule
 {
        &error;
+       if (-f "${General::swroot}/forward/reread"){
+               print "<table border='0'><form method='post'><td><input type='submit' name='ACTION' value='$Lang::tr{'fwdfw reread'}' style='font-face: Comic Sans MS; color: red; font-weight: bold;'>$Lang::tr{'fwhost reread'}</td></tr></table></form><hr><br>";
+       }
        &Header::openbox('100%', 'left', $Lang::tr{'fwdfw addrule'});
-
        print "<form method='post'>";
        print "<table border='0'>";
        print "<tr><td><input type='submit' name='ACTION' value='$Lang::tr{'fwdfw newrule'}'></td>";
-       if (-f "${General::swroot}/forward/reread"){
-               print "<td><input type='submit' name='ACTION' value='$Lang::tr{'fwdfw reread'}' style='font-face: Comic Sans MS; color: red; font-weight: bold;'>$Lang::tr{'fwhost reread'}</td>";
-       }
-               print"</tr></table></form><hr>";        
-
+       print"</tr></table></form><hr>";        
        &Header::closebox();
        &viewtablerule;
 }
@@ -2064,35 +2037,6 @@ END
                &Header::closebox();
        }
 }
-sub p2pblock
-{
-       my $gif;
-       open( FILE, "< $p2pfile" ) or die "Unable to read $p2pfile";
-       @p2ps = <FILE>;
-       close FILE;
-       &Header::openbox('100%', 'center', 'P2P-Block');
-       print <<END;
-       <table width='35%' border='0'>
-       <tr bgcolor='$color{'color22'}'><td align=center colspan='2' ><b>$Lang::tr{'protocol'}</b></td><td align='center'><b>$Lang::tr{'status'}</b></td></tr>
-END
-       foreach my $p2pentry (sort @p2ps)
-       {
-               my @p2pline = split( /\;/, $p2pentry );
-               if($p2pline[2] eq 'on'){
-                       $gif="/images/on.gif"
-               }else{
-                       $gif="/images/off.gif"
-               }
-               print <<END;
-               <form method='post' action='$ENV{'SCRIPT_NAME'}'>
-               <tr bgcolor='$color{'color20'}'>
-               <td align='center' colspan='2' >$p2pline[0]:</td><td align='center'><input type='hidden' name='P2PROT' value='$p2pline[1]' /><input type='image' img src='$gif' alt='$Lang::tr{'click to disable'}' title='$Lang::tr{'fwdfw toggle'}' style='padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;display: block;' ><input type='hidden' name='ACTION' value='togglep2p'></td></tr></form>
-END
-       }
-       print"<tr><td><img src='/images/on.gif'></td><td  align='left'>$Lang::tr{'outgoing firewall p2p allow'}</td></tr>";
-       print"<tr><td><img src='/images/off.gif'></td><td align='left'>$Lang::tr{'outgoing firewall p2p deny'}</td></tr></table>";
-       &Header::closebox();
-}
 sub fillselect
 {
        my %hash=%{(shift)};
index dc06996729fd9575bedd67acc8d8cd6fb7694165..ae018d697796aca182393b3d2f6f1735d7af31e3 100755 (executable)
@@ -1074,21 +1074,16 @@ if($fwhostsettings{'ACTION'} eq '')
 ###  FUNCTIONS  ###
 sub showmenu
 {
-       
+       if (-f "${General::swroot}/forward/reread"){
+               print "<table border='0'><form method='post'><td><input type='submit' name='ACTION' value='$Lang::tr{'fwdfw reread'}' style='font-face: Comic Sans MS; color: red; font-weight: bold;'>$Lang::tr{'fwhost reread'}</td></tr></table></form><hr><br>";
+       }
        &Header::openbox('100%', 'left',$Lang::tr{'fwhost menu'});
        print<<END;
        <table border='0' width='100%'><form method='post'>
        <tr><td><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newnet'}' /><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newhost'}' /><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgrp'}' /></td>
        <td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservice'}' /><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservicegrp'}' /></td></tr>
-       <tr><td colspan='6'><hr></hr></td>
+       <tr><td colspan='6'><hr></hr></td></tr></table></form>
 END
-       
-               
-       if (-f "${General::swroot}/fwhosts/reread"){
-               print "</tr><tr><td colspan='6'><input type='submit' name='ACTION' value='$Lang::tr{'fwdfw reread'}' style='font-face: Comic Sans MS; color: red; font-weight: bold;' >$Lang::tr{'fwhost reread'}</td>";
-       }
-               print"</tr></table></form>";    
-
        &Header::closebox();
        
 }
diff --git a/html/cgi-bin/p2p-block.cgi b/html/cgi-bin/p2p-block.cgi
new file mode 100755 (executable)
index 0000000..1c69a0e
--- /dev/null
@@ -0,0 +1,142 @@
+#!/usr/bin/perl
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2012                                                                                                 #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+#                                                                                                                                                        #
+# Hi folks! I hope this code is useful for all. I needed something to handle  #
+# my VPN Connections in a comfortable way. As a prerequisite i needed            #
+# something that makes sure the vpn roadwarrior are able to have a fixed         #
+# ip-address. So i developed the ccd extension for the vpn server.                       #
+#                                                                                                                                                        #
+# Now that the ccd extension is ready i am able to develop the main request.  #
+# Any feedback is appreciated.                                                                                           #
+#                                                                                                                                                        #
+#Copymaster                                                                                                                                      #
+###############################################################################
+
+use strict;
+no warnings 'uninitialized';
+# enable only the following on debugging purpose
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
+
+require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/lang.pl";
+require "${General::swroot}/header.pl";
+
+my $errormessage='';
+my $p2pfile                    = "${General::swroot}/forward/p2protocols";
+
+my @p2ps = ();
+my %fwdfwsettings=();
+my %color=();
+my %mainsettings=();
+
+&General::readhash("${General::swroot}/forward/settings", \%fwdfwsettings);
+&General::readhash("${General::swroot}/main/settings", \%mainsettings);
+&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+
+
+
+&Header::showhttpheaders();
+&Header::getcgihash(\%fwdfwsettings);
+&Header::openpage($Lang::tr{'fwdfw menu'}, 1, '');
+&Header::openbigbox('100%', 'center',$errormessage);
+
+if ($fwdfwsettings{'ACTION'} eq ''){
+&p2pblock;
+}
+if ($fwdfwsettings{'ACTION'} eq 'togglep2p')
+{
+       open( FILE, "< $p2pfile" ) or die "Unable to read $p2pfile";
+       @p2ps = <FILE>;
+       close FILE;
+       open( FILE, "> $p2pfile" ) or die "Unable to write $p2pfile";
+       foreach my $p2pentry (sort @p2ps)
+       {
+               my @p2pline = split( /\;/, $p2pentry );
+               if ($p2pline[1] eq $fwdfwsettings{'P2PROT'}) {
+                       if($p2pline[2] eq 'on'){
+                               $p2pline[2]='off';
+                       }else{
+                               $p2pline[2]='on';
+                       }
+               }
+               print FILE "$p2pline[0];$p2pline[1];$p2pline[2];\n";
+       }
+       close FILE;
+       &rules;
+       &p2pblock;
+}
+if ($fwdfwsettings{'ACTION'} eq $Lang::tr{'fwdfw reread'})
+{
+       &reread_rules;
+       &p2pblock;
+}
+
+
+sub p2pblock
+{
+       if (-f "${General::swroot}/forward/reread"){
+               print "<table border='0'><form method='post'><td><input type='submit' name='ACTION' value='$Lang::tr{'fwdfw reread'}' style='font-face: Comic Sans MS; color: red; font-weight: bold;'>$Lang::tr{'fwhost reread'}</td></tr></table></form><hr><br>";
+       }
+       my $gif;
+       open( FILE, "< $p2pfile" ) or die "Unable to read $p2pfile";
+       @p2ps = <FILE>;
+       close FILE;
+       &Header::openbox('100%', 'center', 'P2P-Block');
+       print <<END;
+       <table width='35%' border='0'>
+       <tr bgcolor='$color{'color22'}'><td align=center colspan='2' ><b>$Lang::tr{'protocol'}</b></td><td align='center'><b>$Lang::tr{'status'}</b></td></tr>
+END
+       foreach my $p2pentry (sort @p2ps)
+       {
+               my @p2pline = split( /\;/, $p2pentry );
+               if($p2pline[2] eq 'on'){
+                       $gif="/images/on.gif"
+               }else{
+                       $gif="/images/off.gif"
+               }
+               print <<END;
+               <form method='post' action='$ENV{'SCRIPT_NAME'}'>
+               <tr bgcolor='$color{'color20'}'>
+               <td align='center' colspan='2' >$p2pline[0]:</td><td align='center'><input type='hidden' name='P2PROT' value='$p2pline[1]' /><input type='image' img src='$gif' alt='$Lang::tr{'click to disable'}' title='$Lang::tr{'fwdfw toggle'}' style='padding-top: 0px; padding-left: 0px; padding-bottom: 0px ;padding-right: 0px ;display: block;' ><input type='hidden' name='ACTION' value='togglep2p'></td></tr></form>
+END
+       }
+       print"<tr><td><img src='/images/on.gif'></td><td  align='left'>$Lang::tr{'outgoing firewall p2p allow'}</td></tr>";
+       print"<tr><td><img src='/images/off.gif'></td><td align='left'>$Lang::tr{'outgoing firewall p2p deny'}</td></tr></table>";
+       &Header::closebox();
+}
+sub rules
+{
+       if (!-f "${General::swroot}/forward/reread"){
+               system("touch ${General::swroot}/forward/reread");
+               system("touch ${General::swroot}/fwhosts/reread");
+       }
+}
+sub reread_rules
+{
+       system("/usr/local/bin/forwardfwctrl");
+       if ( -f "${General::swroot}/forward/reread"){
+               system("rm ${General::swroot}/forward/reread");
+               system("rm ${General::swroot}/fwhosts/reread");
+       }
+}
+&Header::closebigbox();
+&Header::closepage();