#etc/httpd/conf/vhosts.d
etc/httpd/conf/vhosts.d/ipfire-interface-ssl.conf
etc/httpd/conf/vhosts.d/ipfire-interface.conf
-srv/web/ipfire/cgi-bin/aliases.cgi
srv/web/ipfire/cgi-bin/backup.cgi
srv/web/ipfire/cgi-bin/chpasswd.cgi
srv/web/ipfire/cgi-bin/connections.cgi
etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
etc/rc.d/init.d/networking/red.up/10-multicast
etc/rc.d/init.d/networking/red.up/20-RL-firewall
-etc/rc.d/init.d/networking/red.up/21-setfilters
etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl
etc/rc.d/init.d/networking/red.up/23-RS-snort
etc/rc.d/init.d/networking/red.up/24-RS-qos
usr/local/bin/restartssh
usr/local/bin/restartwireless
#usr/local/bin/sambactrl
-usr/local/bin/setaliases
usr/local/bin/setdmzholes
-usr/local/bin/setfilters
usr/local/bin/setportfw
usr/local/bin/setxtaccess
usr/local/bin/smartctrl
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: alcatelusb help
WARNING: translation string unused: alcatelusb upload
+WARNING: translation string unused: all interfaces
WARNING: translation string unused: all updates installed
WARNING: translation string unused: alt information
WARNING: translation string unused: alt ovpn
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
WARNING: translation string unused: online help en
+WARNING: translation string unused: only red
WARNING: translation string unused: openvpn client
WARNING: translation string unused: openvpn server
WARNING: translation string unused: optional data
+WARNING: translation string unused: options fw
WARNING: translation string unused: optionsfw portlist hint
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: password contains illegal characters
WARNING: translation string unused: password crypting key
WARNING: translation string unused: passwords must be at least 6 characters in length
+WARNING: translation string unused: ping disabled
WARNING: translation string unused: polfile
WARNING: translation string unused: pots
WARNING: translation string unused: present
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: alcatelusb help
WARNING: translation string unused: alcatelusb upload
+WARNING: translation string unused: all interfaces
WARNING: translation string unused: all updates installed
WARNING: translation string unused: alt information
WARNING: translation string unused: alt ovpn
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
WARNING: translation string unused: online help en
+WARNING: translation string unused: only red
WARNING: translation string unused: openvpn client
WARNING: translation string unused: openvpn server
WARNING: translation string unused: optional data
+WARNING: translation string unused: options fw
WARNING: translation string unused: optionsfw portlist hint
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
WARNING: translation string unused: password contains illegal characters
WARNING: translation string unused: password crypting key
WARNING: translation string unused: passwords must be at least 6 characters in length
+WARNING: translation string unused: ping disabled
WARNING: translation string unused: polfile
WARNING: translation string unused: pots
WARNING: translation string unused: present
+++ /dev/null
-#!/usr/bin/perl
-#
-# IPFire CGI's - aliases.cgi
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) Steve Bootes 2002/04/13 - Manage IP Aliases
-#
-# $Id: aliases.cgi,v 1.5.2.14 2006/01/13 20:14:48 eoberlander Exp $
-
-
-# to fully troubleshot your code, uncomment diagnostics, Carp and cluck lines
-#use diagnostics; # need to add the file /usr/lib/perl5/5.8.x/pods/perldiag.pod before to work
-# next look at /var/log/httpd/error_log , http://www.perl.com/pub/a/2002/05/07/mod_perl.html may help
-#use warnings;
-use strict;
-#use Carp ();
-#local $SIG{__WARN__} = \&Carp::cluck;
-
-require '/var/ipfire/general-functions.pl'; # replace /var/ipfire with /var/ipfire in case of manual install
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( ${Header::colouryellow} );
- @dummy = ( ${Header::table1colour} );
- @dummy = ( ${Header::table2colour} );
-undef (@dummy);
-
-# Files used
-my $setting = "${General::swroot}/ethernet/settings";
-our $datafile = "${General::swroot}/ethernet/aliases";
-
-
-our %settings=();
-#Settings1
-
-#Settings2 for editing the multi-line list
-#Must not be saved !
-$settings{'IP'} = '';
-$settings{'ENABLED'} = 'off'; # Every check box must be set to off
-$settings{'NAME'} = '';
-my @nosaved=('IP','ENABLED','NAME'); # List here ALL setting2 fields. Mandatory
-
-$settings{'ACTION'} = ''; # add/edit/remove
-$settings{'KEY1'} = ''; # point record for ACTION
-
-#Define each field that can be used to sort columns
-my $sortstring='^IP|^NAME';
-my $errormessage = '';
-my $warnmessage = '';
-
-&Header::showhttpheaders();
-
-# Read needed Ipcop netsettings
-my %netsettings=();
-$netsettings{'SORT_ALIASES'} = 'NAME'; # default sort
-&General::readhash($setting, \%netsettings);
-
-#Get GUI values
-&Header::getcgihash(\%settings);
-
-# Load multiline data
-our @current = ();
-if (open(FILE, "$datafile")) {
- @current = <FILE>;
- close (FILE);
-}
-
-#
-# Check Settings1 first because they are needed before working on @current
-#
-# Remove if no Setting1 needed
-#
-if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
-
- #
- #Validate static Settings1 here
- #
-
- unless ($errormessage) { # Everything is ok, save settings
- #map (delete ($settings{$_}) ,(@nosaved,'ACTION','KEY1'));# Must never be saved
- #&General::writehash($setting, \%settings); # Save good settings
- #$settings{'ACTION'} = $Lang::tr{'save'}; # Recreate 'ACTION'
- #map ($settings{$_}= '',(@nosaved,'KEY1')); # and reinit var to empty
-
- # Rebuild configuration file if needed
- &BuildConfiguration;
- }
-
- ERROR: # Leave the faulty field untouched
-} else {
- #&General::readhash($setting, \%settings); # Get saved settings and reset to good if needed
-}
-
-## Now manipulate the multi-line list with Settings2
-# Basic actions are:
-# toggle the check box
-# add/update a new line
-# begin editing a line
-# remove a line
-
-
-# Toggle enable/disable field. Field is in second position
-if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
- #move out new line
- chomp(@current[$settings{'KEY1'}]);
- my @temp = split(/\,/,@current[$settings{'KEY1'}]);
- $temp[1] = $temp[1] eq 'on' ? '' : 'on'; # Toggle the field
- @current[$settings{'KEY1'}] = join (',',@temp)."\n";
- $settings{'KEY1'} = ''; # End edit mode
-
- &General::log($Lang::tr{'ip alias changed'});
-
- #Save current
- open(FILE, ">$datafile") or die 'Unable to open aliases file.';
- print FILE @current;
- close(FILE);
-
- # Rebuild configuration file
- &BuildConfiguration;
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
- # Validate inputs
- if (! &General::validip($settings{'IP'})) {$errormessage = "invalid ip"};
- $settings{'NAME'} = &Header::cleanhtml($settings{'NAME'});
-
- # Make sure we haven't duplicated an alias or RED
- my $spacer='';
- if ($settings{'IP'} eq $netsettings{'RED_ADDRESS'}) {
- $errormessage = $Lang::tr{'duplicate ip'} . ' (RED)';
- $spacer=" & ";
- }
- my $idx=0;
- foreach my $line (@current) {
- chomp ($line);
- my @temp = split (/\,/, $line);
- if ( ($settings{'KEY1'} eq '')||(($settings{'KEY1'} ne '') && ($settings{'KEY1'} != $idx))) { # update
- if ($temp[0] eq $settings{'IP'}) {
- $errormessage .= $spacer.$Lang::tr{'duplicate ip'};
- $spacer=" & ";
- }
- if ($temp[2] eq $settings{'NAME'} && $temp[2] ne '') {
- $errormessage .= $spacer.$Lang::tr{'duplicate name'};
- $spacer=" & ";
- }
- }
- $idx++;
- }
- unless ($errormessage) {
- if ($settings{'KEY1'} eq '') { #add or edit ?
- unshift (@current, "$settings{'IP'},$settings{'ENABLED'},$settings{'NAME'}\n");
- &General::log($Lang::tr{'ip alias added'});
- } else {
- @current[$settings{'KEY1'}] = "$settings{'IP'},$settings{'ENABLED'},$settings{'NAME'}\n";
- $settings{'KEY1'} = ''; # End edit mode
- &General::log($Lang::tr{'ip alias changed'});
- }
-
- # Write changes to config file.
- &SortDataFile; # sort newly added/modified entry
-
- &BuildConfiguration; # then re-build conf which use new data
-
-##
-## if entering data line is repetitive, choose here to not erase fields between each addition
-##
- map ($settings{$_}='' ,@nosaved); # Clear fields
- }
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
- #move out new line
- my $line = @current[$settings{'KEY1'}]; # KEY1 is the index in current
- chomp($line);
- my @temp = split(/\,/, $line);
-
-##
-## move data fields to Setting2 for edition
-##
- $settings{'IP'}=$temp[0]; # Prepare the screen for editing
- $settings{'ENABLED'}=$temp[1];
- $settings{'NAME'}=$temp[2];
-}
-
-if ($settings{'ACTION'} eq $Lang::tr{'remove'}) {
- splice (@current,$settings{'KEY1'},1); # Delete line
- open(FILE, ">$datafile") or die 'Unable to open aliases file.';
- print FILE @current;
- close(FILE);
- $settings{'KEY1'} = ''; # End remove mode
- &General::log($Lang::tr{'ip alias removed'});
-
- &BuildConfiguration; # then re-build conf which use new data
-}
-
-
-
-## Check if sorting is asked
-# If same column clicked, reverse the sort.
-if ($ENV{'QUERY_STRING'} =~ /$sortstring/ ) {
- my $newsort=$ENV{'QUERY_STRING'};
- my $actual=$netsettings{'SORT_ALIASES'};
- #Reverse actual sort ?
- if ($actual =~ $newsort) {
- my $Rev='';
- if ($actual !~ 'Rev') {
- $Rev='Rev';
- }
- $newsort.=$Rev;
- }
- $netsettings{'SORT_ALIASES'}=$newsort;
- &General::writehash($setting, \%netsettings);
- &SortDataFile;
- $settings{'ACTION'} = 'SORT'; # Recreate 'ACTION'
-}
-
-# Default initial value
-if ($settings{'ACTION'} eq '' ) { # First launch from GUI
- $settings{'ENABLED'} ='on';
-}
-
-&Header::openpage($Lang::tr{'external aliases configuration'}, 1, '');
-&Header::openbigbox('100%', 'left', '', $errormessage);
-my %checked =(); # Checkbox manipulations
-
-if ($errormessage) {
- &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
- print "<font class='base'>$errormessage </font>";
- &Header::closebox();
-}
-unless (( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ ) && ($netsettings{'RED_TYPE'} eq 'STATIC'))
-{
- &Header::openbox('100%', 'left', $Lang::tr{'capswarning'});
- print <<END
- <table width='100%'>
- <tr>
- <td width='100%' class='boldbase' align='center'><font color='${Header::colourred}'><b>$Lang::tr{'aliases not active'}</b></font></td>
- </tr>
- </table>
-END
-;
- &Header::closebox();
-}
-
-#
-# Second check box is for editing the list
-#
-$checked{'ENABLED'}{'on'} = ($settings{'ENABLED'} eq '') ? '' : "checked='checked'";
-
-my $buttontext = $Lang::tr{'add'};
-if ($settings{'KEY1'} ne '') {
- $buttontext = $Lang::tr{'update'};
- &Header::openbox('100%', 'left', $Lang::tr{'edit an existing alias'});
-} else {
- &Header::openbox('100%', 'left', $Lang::tr{'add new alias'});
-}
-
-#Edited line number (KEY1) passed until cleared by 'save' or 'remove' or 'new sort order'
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='KEY1' value='$settings{'KEY1'}' />
-<table width='100%'>
-<tr>
-<td class='base'><font color='${Header::colourred}'>$Lang::tr{'name'}: <img src='/blob.gif' alt='*' /></font></td>
-<td><input type='text' name='NAME' value='$settings{'NAME'}' size='32' /></td>
-<td class='base' align='right'><font color='${Header::colourred}'>$Lang::tr{'alias ip'}: </font></td>
-<td><input type='text' name='IP' value='$settings{'IP'}' size='16' /></td>
-<td class='base' align='right'>$Lang::tr{'enabled'} </td>
-<td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
-</tr>
-</table>
-<hr />
-<table width='100%'>
-<tr>
- <td class='base' width='50%'><img src='/blob.gif' align='top' alt='*' /> $Lang::tr{'this field may be blank'}</td>
- <td width='50%' align='center'><input type='hidden' name='ACTION' value='$Lang::tr{'add'}' /><input type='submit' name='SUBMIT' value='$buttontext' /></td>
-</tr>
-</table>
-</form>
-END
-;
-&Header::closebox();
-
-#
-# Third box shows the list, in columns
-#
-# Columns headers may content a link. In this case it must be named in $sortstring
-#
-&Header::openbox('100%', 'left', $Lang::tr{'current aliases'});
-print <<END
-<table width='100%'>
-<tr>
- <td width='50%' align='center'><a href='$ENV{'SCRIPT_NAME'}?NAME'><b>$Lang::tr{'name'}</b></a></td>
- <td width='40%' align='center'><a href='$ENV{'SCRIPT_NAME'}?IP'><b>$Lang::tr{'alias ip'}</b></a></td>
- <td width='10%' colspan='3' class='boldbase' align='center'><b>$Lang::tr{'action'}</b></td>
-</tr>
-END
-;
-
-#
-# Print each line of @current list
-#
-# each data line is splitted into @temp.
-#
-
-my $key = 0;
-foreach my $line (@current) {
- chomp($line);
- my @temp = split(/\,/,$line);
-
- #Choose icon for checkbox
- my $gif = '';
- my $gdesc = '';
- if ($temp[1] eq "on") {
- $gif = 'on.gif';
- $gdesc = $Lang::tr{'click to disable'};
- } else {
- $gif = 'off.gif';
- $gdesc = $Lang::tr{'click to enable'};
- }
-
- #Colorize each line
- if ($settings{'KEY1'} eq $key) {
- print "<tr bgcolor='${Header::colouryellow}'>";
- } elsif ($key % 2) {
- print "<tr bgcolor='${Header::table2colour}'>";
- } else {
- print "<tr bgcolor='${Header::table1colour}'>";
- }
-
- print <<END
-<td align='center'>$temp[2]</td>
-<td align='center'>$temp[0]</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
-<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
-<input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-
-<td align='center'>
-<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-<input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
-<input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
-<input type='hidden' name='KEY1' value='$key' />
-</form>
-</td>
-</tr>
-END
-;
- $key++;
-}
-print "</table>";
-
-# If table contains entries, print 'Key to action icons'
-if ($key) {
-print <<END
-<table>
-<tr>
- <td class='boldbase'> <b>$Lang::tr{'legend'}: </b></td>
- <td><img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
- <td class='base'>$Lang::tr{'click to disable'}</td>
- <td> </td>
- <td><img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
- <td class='base'>$Lang::tr{'click to enable'}</td>
- <td> </td>
- <td><img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
- <td class='base'>$Lang::tr{'edit'}</td>
- <td> </td>
- <td><img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
- <td class='base'>$Lang::tr{'remove'}</td>
-</tr>
-</table>
-END
-;
-}
-
-&Header::closebox();
-&Header::closebigbox();
-&Header::closepage();
-
-## Ouf it's the end !
-
-
-
-# Sort the "current" array according to choices
-sub SortDataFile
-{
- our %entries = ();
-
- # Sort pair of record received in $a $b special vars.
- # When IP is specified use numeric sort else alpha.
- # If sortname ends with 'Rev', do reverse sort.
- #
- sub fixedleasesort {
- my $qs=''; # The sort field specified minus 'Rev'
- if (rindex ($netsettings{'SORT_ALIASES'},'Rev') != -1) {
- $qs=substr ($netsettings{'SORT_ALIASES'},0,length($netsettings{'SORT_ALIASES'})-3);
- if ($qs eq 'IP') {
- my @a = split(/\./,$entries{$a}->{$qs});
- my @b = split(/\./,$entries{$b}->{$qs});
- ($b[0]<=>$a[0]) ||
- ($b[1]<=>$a[1]) ||
- ($b[2]<=>$a[2]) ||
- ($b[3]<=>$a[3]);
- } else {
- $entries{$b}->{$qs} cmp $entries{$a}->{$qs};
- }
- } else { #not reverse
- $qs=$netsettings{'SORT_ALIASES'};
- if ($qs eq 'IP') {
- my @a = split(/\./,$entries{$a}->{$qs});
- my @b = split(/\./,$entries{$b}->{$qs});
- ($a[0]<=>$b[0]) ||
- ($a[1]<=>$b[1]) ||
- ($a[2]<=>$b[2]) ||
- ($a[3]<=>$b[3]);
- } else {
- $entries{$a}->{$qs} cmp $entries{$b}->{$qs};
- }
- }
- }
-
- #Use an associative array (%entries)
- my $key = 0;
- foreach my $line (@current) {
- chomp( $line); #remove newline because can be on field 5 or 6 (addition of REMARK)
- my @temp = split (',',$line);
-
- # Build a pair 'Field Name',value for each of the data dataline.
- # Each SORTABLE field must have is pair.
- # Other data fields (non sortable) can be grouped in one
-
- # Exemple
- # F1,F2,F3,F4,F5 only F1 F2 for sorting
- # my @record = ('KEY',$key++,
- # 'F1',$temp[0],
- # 'F2',$temp[1],
- # 'DATA',join(',',@temp[2..4]) ); #group remainning values, with separator (,)
-
- # The KEY,key record permits doublons. If removed, then F1 becomes the key without doublon permitted.
-
-
- my @record = ('KEY',$key++,'IP',$temp[0],'ENABLED',$temp[1],'NAME',$temp[2]);
- my $record = {}; # create a reference to empty hash
- %{$record} = @record; # populate that hash with @record
- $entries{$record->{KEY}} = $record; # add this to a hash of hashes
- }
-
- open(FILE, ">$datafile") or die 'Unable to open aliases file.';
-
- # Each field value is printed , with the newline ! Don't forget separator and order of them.
- foreach my $entry (sort fixedleasesort keys %entries) {
- print FILE "$entries{$entry}->{IP},$entries{$entry}->{ENABLED},$entries{$entry}->{NAME}\n";
- }
-
- close(FILE);
- # Reload sorted @current
- open (FILE, "$datafile");
- @current = <FILE>;
- close (FILE);
-}
-
-#
-# Build the configuration file for application aliases
-#
-sub BuildConfiguration {
- # Restart service associated with this
- system '/usr/local/bin/setaliases';
-}
ln -sf ../../dnsmasq /etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
ln -sf ../../firewall /etc/rc.d/init.d/networking/red.up/20-RL-firewall
- ln -sf ../../../../../usr/local/bin/setfilters \
- /etc/rc.d/init.d/networking/red.up/21-setfilters
ln -sf ../../../../../usr/local/bin/outgoingfwctrl \
/etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl
ln -sf ../../../../../usr/local/bin/snortctrl \
COMPILE=$(CC) $(CFLAGS)
PROGS = iowrap
-SUID_PROGS = setdmzholes setportfw setfilters setxtaccess \
- squidctrl restartssh ipfirereboot setaliases \
+SUID_PROGS = setdmzholes setportfw setxtaccess \
+ squidctrl restartssh ipfirereboot \
ipsecctrl timectrl dhcpctrl snortctrl \
applejuicectrl rebuildhosts backupctrl \
logwatch openvpnctrl outgoingfwctrl \
smartctrl: smartctrl.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ smartctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@
-monitorTraff: monitorTraff.c setuid.o ../install+setup/libsmooth/varval.o
- $(COMPILE) -I../install+setup/libsmooth/ monitorTraff.c setuid.o ../install+setup/libsmooth/varval.o -o $@
-
clamavctrl: clamavctrl.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ clamavctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@
launch-ether-wake: launch-ether-wake.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ launch-ether-wake.c setuid.o ../install+setup/libsmooth/varval.o -o $@
-setaliases: setaliases.c setuid.o ../install+setup/libsmooth/varval.o
- $(COMPILE) -I../install+setup/libsmooth/ setaliases.c setuid.o ../install+setup/libsmooth/varval.o -o $@
-
setdmzholes: setdmzholes.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ setdmzholes.c setuid.o ../install+setup/libsmooth/varval.o -o $@
setportfw: setportfw.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ setportfw.c setuid.o ../install+setup/libsmooth/varval.o -o $@
-setfilters: setfilters.c setuid.o ../install+setup/libsmooth/varval.o
- $(COMPILE) -I../install+setup/libsmooth/ setfilters.c setuid.o ../install+setup/libsmooth/varval.o -o $@
-
rebuildhosts: rebuildhosts.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ rebuildhosts.c setuid.o ../install+setup/libsmooth/varval.o -o $@
int main(int argc, char *argv[]) {
int fd = -1;
- int enable = 0;
if (!(initsetuid()))
exit(1);
fprintf(stderr, "\nNo argument given.\n\nqosctrl (start|stop|restart|status|generate)\n\n");
exit(1);
}
-
+
+ if ((fd = open("/var/ipfire/qos/bin/qos.sh", O_RDONLY)) != -1) {
+ close(fd);
+ } else {
+ // If there is no qos.sh do nothing.
+ exit(0);
+ }
+
safe_system("chmod 755 /var/ipfire/qos/bin/qos.sh &>/dev/null");
if (strcmp(argv[1], "start") == 0) {
- if ((fd = open("/var/ipfire/qos/bin/qos.sh", O_RDONLY)) != -1)
- {
- close(fd);
- enable = 1;
- }
- if (enable)
- {
- safe_system("/var/ipfire/qos/bin/qos.sh start");
- }
+ safe_system("/var/ipfire/qos/bin/qos.sh start");
} else if (strcmp(argv[1], "stop") == 0) {
safe_system("/var/ipfire/qos/bin/qos.sh clear");
} else if (strcmp(argv[1], "status") == 0) {
+++ /dev/null
-/*\r
- * setaliases - configure red aliased interfaces\r
- *\r
- * This program is distributed under the terms of the GNU General Public\r
- * Licence. See the file COPYING for details.\r
- *\r
- * (c) Steve Bootes, 2002/04/15\r
- *\r
- * 21/04/03 Robert Kerr Changed to link directly to libsmooth rather than\r
- * using a copy & paste\r
- *\r
- * $Id: setaliases.c,v 1.2.2.4 2004/08/22 22:01:44 alanh Exp $\r
- *\r
- */\r
-\r
-#include "libsmooth.h"\r
-#include "setuid.h"\r
-#include <stdio.h>\r
-#include <stdlib.h>\r
-#include <string.h>\r
-#include <unistd.h>\r
-#include <sys/types.h>\r
-#include <sys/stat.h>\r
-#include <fcntl.h>\r
-\r
-struct keyvalue *kv = NULL;\r
-FILE *file = NULL;\r
-\r
-void exithandler(void)\r
-{\r
- if (kv) freekeyvalues(kv);\r
- if (file) fclose(file);\r
-}\r
-\r
-int main(void)\r
-{\r
- char s[STRING_SIZE];\r
- char command[STRING_SIZE];\r
- char red_netmask[STRING_SIZE];\r
- char red_broadcast[STRING_SIZE];\r
- char red_dev[STRING_SIZE];\r
- char default_gateway[STRING_SIZE];\r
- char *aliasip;\r
- char *enabled;\r
- char *sptr;\r
- char *comment;\r
- int alias;\r
- int count;\r
-\r
- if (!(initsetuid()))\r
- {\r
- fprintf(stderr, "Cannot run setuid\n");\r
- exit(1);\r
- }\r
-\r
- atexit(exithandler);\r
-\r
- /* Init the keyvalue structure */\r
- kv=initkeyvalues();\r
-\r
- /* Read in the current values */\r
- if (!readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings"))\r
- {\r
- fprintf(stderr, "Cannot read ethernet settings\n");\r
- exit(1);\r
- }\r
-\r
- /* Find the CONFIG_TYPE value */\r
- if (!findkey(kv, "CONFIG_TYPE", s))\r
- {\r
- fprintf(stderr, "Cannot read CONFIG_TYPE\n");\r
- exit(1);\r
- }\r
-\r
- /* Check for CONFIG_TYPE=2 or 3 i.e. RED ethernet present. If not,\r
- * exit gracefully. This is not an error... */\r
- if (!((strcmp(s, "2")==0) || (strcmp(s, "3")==0) || (strcmp(s, "6")==0) || (strcmp(s, "7")==0)))\r
- exit(0);\r
-\r
- /* Now check the RED_TYPE - aliases only work with STATIC.\r
- * At least, that's what /etc/rc.d/rc.netaddress.up thinks.. */\r
-\r
- /* Find the RED_TYPE value */\r
- if (!findkey(kv, "RED_TYPE", s))\r
- {\r
- fprintf(stderr, "Cannot read RED_TYPE\n");\r
- exit(1);\r
- }\r
- \r
- /* Make sure it's the right type */\r
- if (!(strcmp(s, "STATIC")==0)) \r
- exit(0);\r
-\r
- /* Get the RED interface details */\r
- if((!findkey(kv, "RED_NETMASK", red_netmask)) || (!findkey(kv, "RED_BROADCAST", red_broadcast)) || \r
- (!findkey(kv, "RED_DEV", red_dev)) || (!findkey(kv, "DEFAULT_GATEWAY", default_gateway)))\r
- {\r
- fprintf(stderr, "Cannot read RED settings\n");\r
- exit(1);\r
- }\r
- \r
- if (!VALID_DEVICE(red_dev))\r
- {\r
- fprintf(stderr, "Bad red_dev: %s\n", red_dev);\r
- exit(1);\r
- }\r
-\r
- if (!VALID_IP(red_netmask))\r
- {\r
- fprintf(stderr, "Bad red_netmask : %s\n", red_netmask);\r
- exit(1);\r
- }\r
-\r
- if (!VALID_IP(red_broadcast))\r
- {\r
- fprintf(stderr, "Bad red_broadcast : %s\n", red_broadcast);\r
- exit(1);\r
- }\r
-\r
- if (!VALID_IP(default_gateway))\r
- {\r
- fprintf(stderr, "Bad default_gateway : %s\n", default_gateway);\r
- exit(1);\r
- }\r
-\r
- /* down the aliases in turn until ifconfig complains */\r
- alias=0;\r
- do\r
- {\r
- memset(command, 0, STRING_SIZE);\r
- snprintf(command, STRING_SIZE-1, "/sbin/ifconfig %s:%d down 2>/dev/null", red_dev, alias++);\r
- } while (safe_system(command)==0);\r
-\r
- /* Now set up the new aliases from the config file */\r
- if (!(file = fopen(CONFIG_ROOT "/ethernet/aliases", "r")))\r
- {\r
- fprintf(stderr, "Unable to open aliases configuration file\n");\r
- exit(1);\r
- }\r
-\r
- alias=0;\r
- while (fgets(s, STRING_SIZE, file) != NULL)\r
- {\r
- if (s[strlen(s) - 1] == '\n')\r
- s[strlen(s) - 1] = '\0';\r
- sptr = strtok(s, ",");\r
- count = 0;\r
- aliasip = NULL;\r
- enabled = NULL;\r
- comment = NULL;\r
- while (sptr)\r
- {\r
- if (count == 0)\r
- aliasip = sptr;\r
- if (count == 1)\r
- enabled = sptr;\r
- else\r
- comment = sptr;\r
- count++;\r
- sptr = strtok(NULL, ",");\r
- }\r
-\r
- if (!(aliasip && enabled))\r
- continue;\r
-\r
- if (!VALID_IP(aliasip))\r
- {\r
- fprintf(stderr, "Bad alias : %s\n", aliasip);\r
- exit(1);\r
- }\r
-\r
- if (strcmp(enabled, "on") == 0)\r
- {\r
- memset(command, 0, STRING_SIZE);\r
- snprintf(command, STRING_SIZE-1, "/sbin/ifconfig %s:%d %s netmask %s broadcast %s up", red_dev, alias, aliasip, red_netmask, red_broadcast);\r
- safe_system(command);\r
- memset(command, 0, STRING_SIZE);\r
- snprintf(command, STRING_SIZE-1, "/usr/sbin/arping -q -c 1 -w 1 -i %s -S %s %s", red_dev, aliasip, default_gateway);\r
- safe_system(command);\r
- alias++;\r
- }\r
- }\r
-\r
- return 0;\r
-}\r
-\r
+++ /dev/null
-/* Derivated from SmoothWall helper programs\r
- *\r
- * This program is distributed under the terms of the GNU General Public\r
- * Licence. See the file COPYING for details.\r
- *\r
- * (c) Daniel Goscomb, 2001\r
- *\r
- * Modifications and improvements by Lawrence Manning.\r
- *\r
- * 19/04/03 Robert Kerr Fixed root exploit\r
- *\r
- * 20/08/05 Achim Weber 20 Modified to have a binary for the new firewall options page in IPCop 1.4.8\r
- *\r
- * 02/10/05 Gilles Espinasse treat only ping actually\r
- *\r
- * $Id: setfilters.c,v 1.1.2.2 2006/02/07 20:54:16 gespinasse Exp $\r
- *\r
- */\r
-\r
-#include <stdio.h>\r
-#include <stdlib.h>\r
-#include <string.h>\r
-#include "libsmooth.h"\r
-#include "setuid.h"\r
-\r
-struct keyvalue *kv = NULL;\r
-FILE *ifacefile = NULL;\r
-\r
-void exithandler(void)\r
-{\r
- if(kv)\r
- freekeyvalues(kv);\r
-}\r
-\r
-int main(void)\r
-{\r
- char iface[STRING_SIZE] = "";\r
- char command[STRING_SIZE];\r
- char disableping[STRING_SIZE];\r
- int redAvailable = 1;\r
-\r
- if (!(initsetuid()))\r
- exit(1);\r
-\r
- atexit(exithandler);\r
-\r
- /* Read in and verify config */\r
- kv=initkeyvalues();\r
-\r
- if (!readkeyvalues(kv, CONFIG_ROOT "/optionsfw/settings")) {\r
- fprintf(stderr, "Cannot read firewall option settings\n");\r
- exit(1);\r
- }\r
-\r
- if (!findkey(kv, "DISABLEPING", disableping)) {\r
- fprintf(stderr, "Cannot read DISABLEPING\n");\r
- exit(1);\r
- }\r
-\r
- if (strcmp(disableping, "NO") != 0 && strcmp(disableping, "ONLYRED") != 0 && strcmp(disableping, "ALL") != 0) {\r
- fprintf(stderr, "Bad DISABLEPING: %s\n", disableping);\r
- exit(1);\r
- }\r
-\r
- if (!(ifacefile = fopen(CONFIG_ROOT "/red/iface", "r"))) {\r
- redAvailable = 0;\r
- } else {\r
- if (fgets(iface, STRING_SIZE, ifacefile)) {\r
- if (iface[strlen(iface) - 1] == '\n')\r
- iface[strlen(iface) - 1] = '\0';\r
- }\r
- fclose (ifacefile);\r
- if (!VALID_DEVICE(iface)) {\r
- fprintf(stderr, "Bad iface: %s\n", iface);\r
- exit(1);\r
- }\r
- redAvailable = 1;\r
- }\r
-\r
- safe_system("/sbin/iptables -F GUIINPUT");\r
-\r
- /* don't need to do anything if ping is disabled, so treat only other cases */\r
- if (strcmp(disableping, "NO") == 0\r
- || (strcmp(disableping, "ONLYRED") == 0 && redAvailable == 0)) {\r
- // We allow ping (icmp type 8) on every interfaces\r
- // or RED is not available, so we can enable it on all (available) Interfaces\r
- memset(command, 0, STRING_SIZE);\r
- snprintf(command, STRING_SIZE - 1, "/sbin/iptables -A GUIINPUT -p icmp --icmp-type 8 -j ACCEPT");\r
- safe_system(command);\r
- } else {\r
- // Allow ping only on internal interfaces\r
- if(strcmp(disableping, "ONLYRED") == 0) {\r
- memset(command, 0, STRING_SIZE);\r
- snprintf(command, STRING_SIZE - 1,\r
- "/sbin/iptables -A GUIINPUT -i ! %s -p icmp --icmp-type 8 -j ACCEPT", iface);\r
- safe_system(command);\r
- }\r
- }\r
- return 0;\r
-}\r
-/* SmoothWall helper program - header file\r
- *\r
- * This program is distributed under the terms of the GNU General Public\r
- * Licence. See the file COPYING for details.\r
- * Simple header file for all setuid progs.\r
- * \r
- * $Id: setuid.h,v 1.4.2.4 2005/11/20 23:20:13 franck78 Exp $\r
- * \r
- */\r
-\r
-#ifndef SETUID_H\r
-#define SETUID_H 1\r
-\r
-#include <stdlib.h>\r
-#include <sys/types.h>\r
-\r
-/* As nothing in setuid.c uses STRING_SIZE specifically there's no real reason\r
- * to redefine it if it already is set */\r
-#ifndef STRING_SIZE\r
-#define STRING_SIZE 256\r
-#endif\r
-#define LETTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"\r
-#define NUMBERS "0123456789"\r
-#define LETTERS_NUMBERS LETTERS NUMBERS\r
-#define IP_NUMBERS "./" NUMBERS\r
-#define PORT_NUMBERS ":-" NUMBERS\r
-#define VALID_FQDN LETTERS_NUMBERS ".-"\r
-\r
-\r
-#define VALID_IP(ip) (strlen(ip) > 6 \\r
- && strlen(ip) < 16 \\r
- && strspn(ip, NUMBERS ".") == strlen(ip))\r
-\r
-#define VALID_IP_AND_MASK(ip) (strlen(ip) > 6 \\r
- && strlen(ip) < 32 \\r
- && strspn(ip, IP_NUMBERS) == strlen(ip))\r
-\r
-#define VALID_PORT(port) (strlen(port) \\r
- && strlen(port) < 6 \\r
- && strspn(port, NUMBERS) == strlen(port))\r
-\r
-#define VALID_PORT_RANGE(port) (strlen(port) \\r
- && strlen(port) < 12 \\r
- && strspn(port, PORT_NUMBERS) == strlen(port))\r
-\r
-#define VALID_SHORT_MASK(ip) (strlen(ip) > 1 \\r
- && strlen(ip) < 3 \\r
- && strspn(ip, NUMBERS) == strlen(ip))\r
-\r
-/* Can't find any info on valid characters/length hopefully these are\r
- * reasonable guesses */\r
-#define VALID_DEVICE(dev) (strlen(dev) \\r
- && strlen(dev) < 16 \\r
- && strspn(dev, LETTERS_NUMBERS ":.") == strlen(dev))\r
-\r
-/* Again, can't find any hard and fast rules for protocol names, these\r
- * restrictions are based on the keywords currently listed in\r
- * <http://www.iana.org/assignments/protocol-numbers>\r
- * though currently the ipcop cgis will only pass tcp, udp or gre anyway */\r
-#define VALID_PROTOCOL(prot) (strlen(prot) \\r
- && strlen(prot) <16 \\r
- && strspn(prot, LETTERS_NUMBERS "-") == strlen(prot))\r
-\r
-extern char * trusted_env[4];\r
-\r
-int system_core(char* command, uid_t uid, gid_t gid, char *error);\r
-int safe_system(char* command);\r
-int unpriv_system(char* command, uid_t uid, gid_t gid);\r
-size_t strlcat(char *dst, const char *src, size_t len);\r
-int initsetuid(void);\r
-\r
-/* check whether a file exists */\r
-int file_exists(const char *fname); \r
-int file_exists_w(const char *fname); //wildcard filename test \r
-\r
-// Backup restore\r
-#define MOUNTPOINT "/home/httpd/html/backup"\r
-#define BACKUP_KEY CONFIG_ROOT"/backup/backup.key"\r
-\r
-/* defines for config create/restore return status*/\r
-#define ERR_ANY 1 // unspecified error\r
-#define ERR_KEY 2 // error creating key file\r
-#define ERR_TAR 3 // error creating .tar\r
-#define ERR_GZ 4 // error creating .tar.gz\r
-#define ERR_ENCRYPT 5 // error creating .dat\r
-#define ERR_DECRYPT 6 // error decrypting .dat file\r
-#define ERR_UNTARTST 7 // error (test) untarring .tar.gz\r
-#define ERR_UNTAR 8 // error (real) untarring .tar.gz\r
-#define ERR_DAT 9 // missing .dat file\r
-\r
-#endif\r
+/* SmoothWall helper program - header file
+ *
+ * This program is distributed under the terms of the GNU General Public
+ * Licence. See the file COPYING for details.
+ * Simple header file for all setuid progs.
+ *
+ */
+
+#ifndef SETUID_H
+#define SETUID_H 1
+
+#include <stdlib.h>
+#include <sys/types.h>
+
+/* As nothing in setuid.c uses STRING_SIZE specifically there's no real reason
+ * to redefine it if it already is set */
+#ifndef STRING_SIZE
+#define STRING_SIZE 256
+#endif
+#define LETTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+#define NUMBERS "0123456789"
+#define LETTERS_NUMBERS LETTERS NUMBERS
+#define IP_NUMBERS "./" NUMBERS
+#define PORT_NUMBERS ":-" NUMBERS
+#define VALID_FQDN LETTERS_NUMBERS ".-"
+
+
+#define VALID_IP(ip) (strlen(ip) > 6 \
+ && strlen(ip) < 16 \
+ && strspn(ip, NUMBERS ".") == strlen(ip))
+
+#define VALID_IP_AND_MASK(ip) (strlen(ip) > 6 \
+ && strlen(ip) < 32 \
+ && strspn(ip, IP_NUMBERS) == strlen(ip))
+
+#define VALID_PORT(port) (strlen(port) \
+ && strlen(port) < 6 \
+ && strspn(port, NUMBERS) == strlen(port))
+
+#define VALID_PORT_RANGE(port) (strlen(port) \
+ && strlen(port) < 12 \
+ && strspn(port, PORT_NUMBERS) == strlen(port))
+
+#define VALID_SHORT_MASK(ip) (strlen(ip) > 1 \
+ && strlen(ip) < 3 \
+ && strspn(ip, NUMBERS) == strlen(ip))
+
+/* Can't find any info on valid characters/length hopefully these are
+ * reasonable guesses */
+#define VALID_DEVICE(dev) (strlen(dev) \
+ && strlen(dev) < 16 \
+ && strspn(dev, LETTERS_NUMBERS ":.") == strlen(dev))
+
+/* Again, can't find any hard and fast rules for protocol names, these
+ * restrictions are based on the keywords currently listed in
+ * <http://www.iana.org/assignments/protocol-numbers>
+ * though currently the ipcop cgis will only pass tcp, udp or gre anyway */
+#define VALID_PROTOCOL(prot) (strlen(prot) \
+ && strlen(prot) <16 \
+ && strspn(prot, LETTERS_NUMBERS "-") == strlen(prot))
+
+extern char * trusted_env[4];
+
+int system_core(char* command, uid_t uid, gid_t gid, char *error);
+int safe_system(char* command);
+int unpriv_system(char* command, uid_t uid, gid_t gid);
+size_t strlcat(char *dst, const char *src, size_t len);
+int initsetuid(void);
+
+/* check whether a file exists */
+int file_exists(const char *fname);
+int file_exists_w(const char *fname); //wildcard filename test
+
+#endif
--- /dev/null
+#!/bin/sh
+# Verson 0.1 by linuxadmin
+# sucht in allen regulären Files nach dem eingegebenen Wert
+# ACHTUNG DAS KANN EINIGE MINUTEN DAUERN !!!
+
+name=finder.log
+echo -n "Where: " ;read wo
+echo -n "String: " ;read was
+echo -n "Output to file? (y/n): " ;read jn
+
+if [ "$jn" = "y" ]; then
+ echo "Creating log file $name"
+ find $wo -type f | xargs grep -in "$was" > $name
+else
+ find $wo -type f | xargs grep -in "$was"
+fi
+
+if [ -d $name ]; then
+ cat $name
+fi