Forward Firewall: Now all customhosts are colored correctly in ruletable. Also the...

diff --git a/html/cgi-bin/forwardfw.cgi b/html/cgi-bin/forwardfw.cgi
index 0907fba9bd5591da5d3b34bb2d6055ea82f1d24d..c18f4f41c3b410a510624312acf41ec07732b709 100755 (executable)
--- a/html/cgi-bin/forwardfw.cgi
+++ b/html/cgi-bin/forwardfw.cgi
@@ -1243,6 +1243,14 @@ sub getcolor
        my $val=shift;
        my $hash=shift;
        if($optionsfw{'SHOWCOLORS'} eq 'on'){
+               #custom Hosts
+               if ($nettype eq 'cust_host_src' || $nettype eq 'cust_host_tgt'){
+                       foreach my $key (sort keys %$hash){
+                               if ($$hash{$key}[0] eq $val){
+                                       $val=$$hash{$key}[2];
+                               }
+                       }
+               }
                #standard networks
                if ($val eq 'GREEN'){
                        $tdcolor="style='background-color: $Header::colourgreen;color:white;'";
@@ -1277,8 +1285,8 @@ sub getcolor
                        $tdcolor="style='background-color: $Header::colourred;color:white;'";
                        return;
                }
-               #Check if a manual IP is part of a VPN 
-               if ($nettype eq 'src_addr' || $nettype eq 'tgt_addr'){
+               #Check if a manual IP or custom host is part of a VPN
+               if ($nettype eq 'src_addr' || $nettype eq 'tgt_addr' || $nettype eq 'cust_host_src' || $nettype eq 'cust_host_tgt'){
                        #Check if IP is part of OpenVPN dynamic subnet
                        my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'});
                        my ($c,$d) = split("/",$val);
@@ -1332,14 +1340,6 @@ sub getcolor
                        $tdcolor="style='background-color: $Header::colourvpn;color:white;'";
                        return;
                }
-               #custom Hosts
-               if ($nettype eq 'cust_host_src' || $nettype eq 'cust_host_tgt'){
-                       foreach my $key (sort keys %$hash){
-                               if ($$hash{$key}[0] eq $val){
-                                       $val=$$hash{$key}[2];
-                               }
-                       }
-               }
                #ALIASE
                foreach my $alias (sort keys %aliases)
                {

diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi
index 482ccabf5ba94a57d53a7e3076eea2438124d57b..b72cb1064b5a030f56bd8a544c23598f33000233 100755 (executable)
--- a/html/cgi-bin/fwhosts.cgi
+++ b/html/cgi-bin/fwhosts.cgi
@@ -46,6 +46,9 @@ my %ownnet=();
 my %ipsecsettings=();
 my %fwfwd=();
 my %fwinp=();
+my %ovpnsettings=();
+my %ipsecconf=();
+my %ipsecsettings=();
 
 my $errormessage;
 my $hint;
@@ -60,6 +63,10 @@ my $configsrv                = "${General::swroot}/fwhosts/customservices";
 my $configsrvgrp       = "${General::swroot}/fwhosts/customservicegrp";
 my $fwconfigfwd                = "${General::swroot}/forward/config";
 my $fwconfiginp                = "${General::swroot}/forward/input";
+my $configovpn         = "${General::swroot}/ovpn/settings";
+my $tdcolor='';
+my $configipsec                = "${General::swroot}/vpn/config";
+my $configipsecrw      = "${General::swroot}/vpn/settings";
 
 unless (-e $confignet)    { system("touch $confignet"); }
 unless (-e $confighost)   { system("touch $confighost"); }
@@ -70,6 +77,10 @@ unless (-e $configsrvgrp) { system("touch $configsrvgrp"); }
 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
 &General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
+&General::readhash("$configovpn", \%ovpnsettings);
+&General::readhasharray("$configipsec", \%ipsecconf);
+&General::readhash("$configipsecrw", \%ipsecsettings);
+
 &Header::getcgihash(\%fwhostsettings);
 
 &Header::showhttpheaders();
@@ -1429,11 +1440,61 @@ END
        }       
 
 }
+sub getcolor
+{
+               my $c=shift;
+               #Check if IP is part of OpenVPN N2N subnet
+               foreach my $key (sort keys %ccdhost){
+                       if ($ccdhost{$key}[3] eq 'net'){
+                               my ($a,$b) = split("/",$ccdhost{$key}[11]);
+                               if (&General::IpInSubnet($c,$a,$b)){
+                                       $tdcolor="style='color:$Header::colourovpn ;'";
+                                       return $tdcolor;
+                               }
+                       }
+               }
+               #Check if IP is part of OpenVPN dynamic subnet
+               my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'});
+               if (&General::IpInSubnet($c,$a,$b)){
+                       $tdcolor="style='color: $Header::colourovpn;'";
+                       return $tdcolor;
+               }
+               #Check if IP is part of OpenVPN static subnet
+               foreach my $key (sort keys %ccdnet){
+                       my ($a,$b) = split("/",$ccdnet{$key}[1]);
+                       $b =&General::iporsubtodec($b);
+                       if (&General::IpInSubnet($c,$a,$b)){
+                               $tdcolor="style='color: $Header::colourovpn;'";
+                               return $tdcolor;
+                       }
+               }
+               #Check if IP is part of IPsec RW network
+               if ($ipsecsettings{'RW_NET'} ne ''){
+                       my ($a,$b) = split("/",$ipsecsettings{'RW_NET'});
+                       $b=&General::iporsubtodec($b);
+                       if (&General::IpInSubnet($c,$a,$b)){
+                               $tdcolor="style='color: $Header::colourvpn;'";
+                               return $tdcolor;
+                       }
+               }
+               #Check if IP is part of a IPsec N2N network
+               foreach my $key (sort keys %ipsecconf){
+                       my ($a,$b) = split("/",$ipsecconf{$key}[11]);
+                       if (&General::IpInSubnet($c,$a,$b)){
+                               $tdcolor="style='color: $Header::colourvpn;'";
+                               return $tdcolor;
+                       }
+               }
+               $tdcolor='';
+               return $tdcolor;
+}
 sub viewtablehost
 {
        if (! -z $confighost){
                &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust addr'});
                &General::readhasharray("$confighost", \%customhost);
+               &General::readhasharray("$configccdnet", \%ccdnet);
+               &General::readhasharray("$configccdhost", \%ccdhost);
                if (!keys %customhost) 
                { 
                        print "<center><b>$Lang::tr{'fwhost empty'}</b>"; 
@@ -1451,7 +1512,7 @@ END
                        else{            print" <tr bgcolor='$color{'color20'}'>";}
                        my ($ip,$sub)=split(/\//,$customhost{$key}[2]);
                        $customhost{$key}[4]=~s/\s+//g;
-                       print"<td width='20%'>$customhost{$key}[0]</td><td width='20%' align='center'>".&Header::colorize($ip)."</td><td width='50%' align='left'>$customhost{$key}[3]</td><td align='center'>$customhost{$key}[4]x</td>";
+                       print"<td width='20%'>$customhost{$key}[0]</td><td width='20%' align='center' ".&getcolor($ip).">".&Header::colorize($ip)."</td><td width='50%' align='left'>$customhost{$key}[3]</td><td align='center'>$customhost{$key}[4]x</td>";
                        print<<END;
                        <td width='1%'><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} />
                        <input type='hidden' name='ACTION' value='edithost' />
@@ -1777,6 +1838,7 @@ sub get_name
                return "$network" if ($val eq $defaultNetworks{$network}{'NAME'});
        }       
 }
+
 sub deletefromgrp
 {
        my $target=shift;