From: Alexander Marx Date: Thu, 4 Jul 2013 10:19:50 +0000 (+0200) Subject: Forward Firewall: added "default-rules-table" at the end of forward ruletable X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=commitdiff_plain;h=a648546338f22138b5fe26c19b25a5686d23b0b9 Forward Firewall: added "default-rules-table" at the end of forward ruletable --- diff --git a/config/forwardfw/firewall-policy b/config/forwardfw/firewall-policy index 459c1a554..e142f2d3f 100755 --- a/config/forwardfw/firewall-policy +++ b/config/forwardfw/firewall-policy @@ -30,8 +30,7 @@ else if [ "$BLUE_DEV" ] && [ "$IFACE" ]; then /sbin/iptables -A POLICYFWD -i blue0 ! -o $IFACE -j DROP fi - /sbin/iptables -A POLICYFWD -s "$ORANGE_NETADDRESS"/"$ORANGE_NETMASK" -d "$BLUE_NETADDRESS"/"$BLUE_NETMASK" -j DROP - /sbin/iptables -A POLICYFWD -s "$ORANGE_NETADDRESS"/"$ORANGE_NETMASK" -d "$GREEN_NETADDRESS"/"$GREEN_NETMASK" -j DROP + /sbin/iptables -A POLICYFWD -i orange0 ! -o $IFACE -j DROP /sbin/iptables -A POLICYFWD -j ACCEPT /sbin/iptables -A POLICYFWD -m comment --comment "DROP_FORWARD" -j DROP fi diff --git a/config/forwardfw/rules.pl b/config/forwardfw/rules.pl index d62cca0d7..82b5dd61e 100755 --- a/config/forwardfw/rules.pl +++ b/config/forwardfw/rules.pl @@ -140,9 +140,6 @@ sub preparerules if (! -z "${General::swroot}/forward/outgoing"){ &buildrules(\%configoutgoingfw); } - if (! -z "${General::swroot}/forward/nat"){ - &buildrules(\%confignatfw); - } } sub buildrules { diff --git a/html/cgi-bin/forwardfw.cgi b/html/cgi-bin/forwardfw.cgi index 57e187581..692580c71 100755 --- a/html/cgi-bin/forwardfw.cgi +++ b/html/cgi-bin/forwardfw.cgi @@ -74,7 +74,7 @@ my %aliases=(); my %optionsfw=(); my %ifaces=(); -my $VERSION='0.9.9.9'; +my $VERSION='0.9.9.10'; my $color; my $confignet = "${General::swroot}/fwhosts/customnetworks"; my $confighost = "${General::swroot}/fwhosts/customhosts"; @@ -2372,6 +2372,8 @@ END } print""; } + print""; + print ""; my $col; if ($config eq '/var/ipfire/forward/config'){ my $pol='fwdfw '.$fwdfwsettings{'POLICY'}; @@ -2380,7 +2382,7 @@ END }else{ $col="bgcolor='green'"; } - print""; + &show_default_rules($col,$pol); }elsif ($config eq '/var/ipfire/forward/outgoing'){ my $pol='fwdfw '.$fwdfwsettings{'POLICY1'}; if ($fwdfwsettings{'POLICY1'} eq 'MODE1'){ @@ -2388,9 +2390,9 @@ END }else{ $col="bgcolor='green'"; } - print""; + print""; }else{ - print""; + print""; } print"
$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}
$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}
$Lang::tr{'fwdfw final_rule'}$Lang::tr{$pol}
$Lang::tr{'fwdfw final_rule'} $Lang::tr{'fwdfw MODE1'}
$Lang::tr{'fwdfw final_rule'}$Lang::tr{'fwdfw MODE1'}
"; print "
"; @@ -2408,7 +2410,7 @@ END }else{ $col="bgcolor='green'"; } - print"$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}"; + &show_defaultrules($col,$pol); }elsif ($config eq '/var/ipfire/forward/outgoing'){ my $pol='fwdfw '.$fwdfwsettings{'POLICY1'}; if ($fwdfwsettings{'POLICY1'} eq 'MODE1'){ @@ -2426,3 +2428,21 @@ END } &Header::closebigbox(); &Header::closepage(); + +sub show_defaultrules +{ + my $col=shift; + my $pol=shift; + #STANDARD RULES (From WIKI) + print""; + print ""; + if ($col eq "bgcolor='green'"){ + my $blue = ", $Lang::tr{'blue'} ($Lang::tr{'fwdfw pol block'})" if $ifaces{'BLUE_DEV'}; + my $orange = ", $Lang::tr{'orange'} ($Lang::tr{'fwdfw pol block'})" if $ifaces{'ORANGE_DEV'}; + print""; + print"" if $ifaces{'BLUE_DEV'}; + print""; + }elsif($col eq "bgcolor='darkred'"){ + print""; + } +}
$Lang::tr{'orange'} $Lang::tr{'green'} ($Lang::tr{'fwdfw pol block'}), $Lang::tr{'red'} ($Lang::tr{'fwdfw pol allow'})$blue
$Lang::tr{'blue'} $Lang::tr{'green'} ($Lang::tr{'fwdfw pol block'}), $Lang::tr{'red'} ($Lang::tr{'fwdfw pol allow'})$orange
$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}
$Lang::tr{'fwdfw final_rule'}$Lang::tr{$pol}