From: Alexander Marx Date: Tue, 4 Mar 2014 10:37:58 +0000 (+0100) Subject: Firewall: Fix Bug 10490 and broken colorization of tables in firewall groups X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=commitdiff_plain;h=f620fa34dfe915c2e30d74614e6aeee1c99e2c59;ds=sidebyside Firewall: Fix Bug 10490 and broken colorization of tables in firewall groups --- diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi index efcdfb933..ceab1873d 100644 --- a/html/cgi-bin/fwhosts.cgi +++ b/html/cgi-bin/fwhosts.cgi @@ -48,7 +48,7 @@ my %fwfwd=(); my %fwinp=(); my %fwout=(); my %ovpnsettings=(); - +my %netsettings=(); my $errormessage; my $hint; @@ -80,7 +80,7 @@ unless (-e $configsrvgrp) { system("touch $configsrvgrp"); } &General::readhash("$configovpn", \%ovpnsettings); &General::readhasharray("$configipsec", \%ipsecconf); &General::readhash("$configipsecrw", \%ipsecsettings); - +&General::readhash("/var/ipfire/ethernet/settings", \%netsettings); &Header::getcgihash(\%fwhostsettings); &Header::showhttpheaders(); @@ -1211,12 +1211,12 @@ sub addgrp print< - $Lang::tr{'fwhost addgrpname'} + $Lang::tr{'fwhost addgrpname'}
- $Lang::tr{'remark'}: - + $Lang::tr{'remark'}: +
@@ -1225,16 +1225,16 @@ sub addgrp END }else{ print< + - - + + - +
$Lang::tr{'fwhost addgrpname'}$Lang::tr{'fwhost addgrpname'}
$Lang::tr{'remark'}:
@@ -1246,8 +1246,16 @@ END
- -
$Lang::tr{'fwhost stdnet'} + + + "; if (! -z $confignet){ - print" + "; } if (! -z $confighost){ - print" +
+ + +
$Lang::tr{'fwhost cust net'}: + + +
$Lang::tr{'fwhost cust addr'}: + + +
"; #Inner table right - print"		"; + print""; + print""; print< @@ -1516,50 +1581,79 @@ END sub getcolor { my $c=shift; + my $sip; + my $scidr; + #Check if MAC + if (&General::validmac($c)){ return $c;} + + #Check if we got a full IP with subnet then split it + if($c =~ /^(.*?)\/(.*?)$/){ + ($sip,$scidr) = split ("/",$c); + }else{ + $sip=$c; + } + + #Now check if IP is part of ORANGE,BLUE or GREEN + if ( &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){ + $tdcolor="$c"; + return $tdcolor; + } + if ( &General::IpInSubnet($sip,$netsettings{'GREEN_ADDRESS'},$netsettings{'GREEN_NETMASK'})){ + $tdcolor="$c"; + return $tdcolor; + } + if ( &General::IpInSubnet($sip,$netsettings{'BLUE_ADDRESS'},$netsettings{'BLUE_NETMASK'})){ + $tdcolor="$c"; + return $tdcolor; + } + #Check if IP is part of OpenVPN N2N subnet foreach my $key (sort keys %ccdhost){ if ($ccdhost{$key}[3] eq 'net'){ my ($a,$b) = split("/",$ccdhost{$key}[11]); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color:$Header::colourovpn ;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } } } + #Check if IP is part of OpenVPN dynamic subnet my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'}); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color: $Header::colourovpn;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } + #Check if IP is part of OpenVPN static subnet foreach my $key (sort keys %ccdnet){ my ($a,$b) = split("/",$ccdnet{$key}[1]); $b =&General::iporsubtodec($b); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color: $Header::colourovpn;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } } + #Check if IP is part of IPsec RW network if ($ipsecsettings{'RW_NET'} ne ''){ my ($a,$b) = split("/",$ipsecsettings{'RW_NET'}); $b=&General::iporsubtodec($b); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color: $Header::colourvpn;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } } + #Check if IP is part of a IPsec N2N network foreach my $key (sort keys %ipsecconf){ my ($a,$b) = split("/",$ipsecconf{$key}[11]); - if (&General::IpInSubnet($c,$a,$b)){ - $tdcolor="style='color: $Header::colourvpn;'"; + if (&General::IpInSubnet($sip,$a,$b)){ + $tdcolor="$c"; return $tdcolor; } } - $tdcolor=''; - return $tdcolor; + return "$c"; } sub viewtablehost { @@ -1598,7 +1692,7 @@ END $customhost{$key}[4]=~s/\s+//g; my $hostcount=0; $hostcount=&gethostcount($customhost{$key}[0]); - print""; + print""; print< @@ -1709,7 +1803,7 @@ sub viewtablegrp }else{ my ($colip,$colsub) = split("/",$ip); $ip="$colip/".&General::subtocidr($colsub) if ($colsub); - print"
"; #OVPN networks if (! -z $configccdnet){ - print" + + + +
$Lang::tr{'fwhost ccdnet'} + $Lang::tr{'fwhost ccdnet'} + + + $Lang::tr{'fwhost ccdhost'} + $Lang::tr{'fwhost ccdhost'} + + + $Lang::tr{'fwhost ovpn_n2n'}: + $Lang::tr{'fwhost ovpn_n2n'}: + + + $Lang::tr{'fwhost ipsec net'} + $Lang::tr{'fwhost ipsec net'} + + + "; - print"
"; + print"
"; &Header::closebox(); } sub addservice @@ -1464,6 +1528,7 @@ sub viewtablenet &General::readhasharray("$fwconfigfwd", \%fwfwd); &General::readhasharray("$fwconfiginp", \%fwinp); &General::readhasharray("$fwconfigout", \%fwout); + if (!keys %customnetwork) { print "
$Lang::tr{'fwhost empty'}"; @@ -1490,7 +1555,7 @@ END } my $colnet="$customnetwork{$key}[1]/".&General::subtocidr($customnetwork{$key}[2]); my $netcount=&getnetcount($customnetwork{$key}[0]); - print"
$customnetwork{$key}[0]
".&Header::colorize($colnet)."$customnetwork{$key}[3]$netcount x$customnetwork{$key}[0]".&getcolor($colnet)."$customnetwork{$key}[3]$netcount x$customhost{$key}[0]".&Header::colorize($ip)."$customhost{$key}[3]$hostcount x$customhost{$key}[0]".&getcolor($ip)."$customhost{$key}[3]$hostcount x".&Header::colorize($ip)."$customgrp{$key}[3]"; + print"".&getcolor($ip)."$customgrp{$key}[3]"; } if ($delflag > 0 && $ip ne ''){ print"";