32,rsync,873,TCP,BLANK,0
+33,DNS (UDP),53,UDP,,0
21,IMAPS,993,TCP,BLANK,0
7,WINS,42,TCP,BLANK,0
26,LPD,515,TCP,BLANK,0
-17,IRC,194,TCP,BLANK,0
2,FTP-control,21,TCP,BLANK,0
+17,IRC,194,TCP,BLANK,0
1,FTP-data,20,TCP,BLANK,0
18,HTTPS,443,TCP,BLANK,0
30,NFS,2049,TCP,BLANK,0
16,SNMP,161,UDP,BLANK,0
-25,IPP (UDP),631,UDP,BLANK,0
27,JetDirect,9100,TCP,BLANK,0
+25,IPP (UDP),631,UDP,BLANK,0
28,LDAP,389,TCP,BLANK,0
14,NetBIOS Session Service,139,TCP,BLANK,0
20,FTPS control,990,TCP,BLANK,0
31,Radius,1812,TCP,BLANK,0
11,NTP,123,UDP,BLANK,0
22,POP3S,995,TCP,BLANK,0
-13,NetBIOS Datagram Service,138,TCP,BLANK,0
23,RDP,3389,TCP,BLANK,0
+13,NetBIOS Datagram Service,138,TCP,BLANK,0
29,LDAPS,636,TCP,BLANK,0
6,Time,37,TCP,BLANK,0
3,SSH,22,TCP,BLANK,0
15,IMAP,143,TCP,BLANK,0
8,HTTP,80,TCP,BLANK,0
4,Telnet,23,UDP,BLANK,0
+34,DNS (TCP),53,TCP,,0
19,FTPS data,989,TCP,BLANK,0
5,SMTP,25,TCP,BLANK,0
&General::readhasharray("$configsrvgrp", \%customservicegrp );
&General::readhasharray("$configsrv", \%customservice );
$errormessage=&checkservicegroup;
- #Check if we have more than 13 services from one Protocol in the group
- #iptables can only handle 13 ports/portranges via multiport
+ #Check if we have more than 15 services from one Protocol in the group
+ #iptables can only handle 15 ports/portranges via multiport
foreach my $key (keys %customservicegrp){
if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){
foreach my $key1 (keys %customservice){
last;
}
}
- &General::writehasharray("$configsrv", \%customservice);
$grpname=$customservicegrp{$key}[0];
$grpremark=$customservicegrp{$key}[1];
delete $customservicegrp{$key};
}
}
+ &General::writehasharray("$configsrv", \%customservice);
&General::writehasharray("$configsrvgrp", \%customservicegrp);
&General::firewall_config_changed();
if ($fwhostsettings{'updatesrvgrp'} eq 'on'){
&General::writehasharray("$configsrvgrp", \%customservicegrp);
$fwhostsettings{'updatesrvgrp'}='on';
$fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'newsrvrem'};
+ }elsif($fwhostsettings{'oldsrvrem'} eq $fwhostsettings{'newsrvrem'}){
+ &addservicegrp;
+ &viewtableservicegrp;
}else{
$errormessage=$Lang::tr{'fwhost err remark'};
$fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'oldsrvrem'};
if($fwhostsettings{'updatesrvgrp'} eq 'on'){
print<<END;
<form method='post'><input type='hidden' name='SRVGRP_REMARK' value='$fwhostsettings{'SRVGRP_REMARK'}'><input type='hidden' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}'><table border='0' width='100%'>
- <tr><td width='1%' nowrap='nowrap'>$Lang::tr{'fwhost cust service'}</td><td><select name='CUST_SRV' style='min-width:185px;'>
+ <tr><td width='1%' nowrap='nowrap'>$Lang::tr{'add'}</td><td><select name='CUST_SRV' style='min-width:185px;'>
END
&General::readhasharray("$configsrv", \%customservice);
+ #Protocols for use in servicegroups
+ print "<optgroup label='$Lang::tr{'fwhost cust service'}'>";
foreach my $key (sort { ncmp($customservice{$a}[0],$customservice{$b}[0]) } keys %customservice)
{
print "<option>$customservice{$key}[0]</option>";
}
+ print "</optgroup>";
+ print "<optgroup label='$Lang::tr{'protocol'}'>";
+ print "<option>GRE</option>";
+ print "<option>AH</option>";
+ print "<option>ESP</option>";
+ print "<option>IGMP</option>";
+ print "<option>IPIP</option>";
+ print "<option value='IPV6'>IPv6 encap</option>";
+ print "</optgroup>";
print<<END;
</select></td></tr>
<tr><td colspan='4'><br><br></td></tr>
&General::readhasharray("$configsrvgrp", \%customservicegrp);
&General::readhasharray("$configsrv", \%customservice);
my $number= keys %customservicegrp;
- foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } keys %customservicegrp){
+ foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
$count++;
if ($helper ne $customservicegrp{$key}[0]){
$delflag=0;
}else{
print"<tr bgcolor='$color{'color20'}'>";
}
+ #Set fields if we use protocols in servicegroups
+ if ($customservicegrp{$key}[2] ne 'TCP' || $customservicegrp{$key}[2] ne 'UDP' || $customservicegrp{$key}[2] ne 'ICMP'){
+ $port='-';
+ }
+ if ($customservicegrp{$key}[2] eq 'GRE'){$protocol='GRE';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} GRE";}
+ if ($customservicegrp{$key}[2] eq 'ESP'){$protocol='ESP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} ESP";}
+ if ($customservicegrp{$key}[2] eq 'AH'){$protocol='AH';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} AH";}
+ if ($customservicegrp{$key}[2] eq 'IGMP'){$protocol='IGMP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IGMP";}
+ if ($customservicegrp{$key}[2] eq 'IPIP'){$protocol='IPIP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPIP";}
+ if ($customservicegrp{$key}[2] eq 'IPV6'){$protocol='IPV6';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPv6 encapsulation";}
print "<td width='39%'>$customservicegrp{$key}[2]</td>";
foreach my $srv (sort keys %customservice){
if ($customservicegrp{$key}[2] eq $customservice{$srv}[0]){
if ($delflag gt '1'){
print"<input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} />";
}
- print"<input type='hidden' name='ACTION' value='delgrpservice'><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'><input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$customservicegrp{$key}[2],$customservicegrp{$key}[3]'></form></td></tr>";
+ print"<input type='hidden' name='ACTION' value='delgrpservice'><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'>";
+ if($protocol eq 'TCP' || $protocol eq 'UDP' || $protocol eq 'ICMP'){
+ print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$customservicegrp{$key}[2],$customservicegrp{$key}[3]'></form></td></tr>";
+ }else{
+ print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$protocol,$customservicegrp{$key}[3]'></form></td></tr>";
+ }
$helper=$customservicegrp{$key}[0];
}
print"</table>";
sub checkservicegroup
{
&General::readhasharray("$configsrvgrp", \%customservicegrp);
-
-
#check name
if ( ! &validhostname($fwhostsettings{'SRVGRP_NAME'}))
{
return "$network" if ($val eq $defaultNetworks{$network}{'NAME'});
}
}
-
sub deletefromgrp
{
my $target=shift;
my %hash=();
&General::readhasharray("$config",\%hash);
foreach my $key (keys %hash) {
- $errormessage.="lese $hash{$key}[2] und $target<br>";
if($hash{$key}[2] eq $target){
-
delete $hash{$key};
- $errormessage.="Habe $target aus Gruppe gelöscht!<br>";
}
}
&General::writehasharray("$config",\%hash);
}
}
}
-
-sub decrease {
+sub decrease
+{
my $grp=$_[0];
&General::readhasharray("$confignet", \%customnetwork);
&General::readhasharray("$confighost", \%customhost);