+++ /dev/null
-option all-subnets-local flag;
-option arp-cache-timeout uint32;
-option bootfile-name string;
-option boot-size uint16;
-option broadcast-address ip-address;
-option cookie-servers ip-address [, ip-address... ];
-option default-ip-ttl uint8;
-option default-tcp-ttl uint8;
-option dhcp-client-identifier data-string;
-option finger-server ip-address [, ip-address... ];
-option font-servers ip-address [, ip-address... ];
-option host-name string;
-option ieee802-3-encapsulation flag;
-option ien116-name-servers ip-address [, ip-address... ];
-option impress-servers ip-address [, ip-address... ];
-option interface-mtu uint16;
-option ip-forwarding flag;
-option irc-server ip-address [, ip-address... ];
-option log-servers ip-address [, ip-address... ];
-option lpr-servers ip-address [, ip-address... ];
-option mask-supplier flag;
-option max-dgram-reassembly uint16;
-option merit-dump string;
-option mobile-ip-home-agent ip-address [, ip-address... ];
-option netbios-dd-server ip-address [, ip-address... ];
-option netbios-node-type uint8;
-option netbios-scope string;
-option nis-domain string;
-option nisplus-domain string;
-option nisplus-servers ip-address [, ip-address... ];
-option nis-servers ip-address [, ip-address... ];
-option nntp-server ip-address [, ip-address... ];
-option non-local-source-routing flag;
-option ntp-servers ip-address [, ip-address... ];
-option path-mtu-aging-timeout uint32;
-option path-mtu-plateau-table uint16 [, uint16... ];
-option perform-mask-discovery flag;
-option policy-filter ip-address ip-address [, ip-address ip-address... ];
-option pop-server ip-address [, ip-address... ];
-option resource-location-servers ip-address [, ip-address... ];
-option root-path string;
-option router-discovery flag;
-option router-solicitation-address ip-address;
-option smtp-server ip-address [, ip-address... ];
-option static-routes ip-address ip-address [, ip-address ip-address... ];
-option streettalk-directory-assistance-server ip-address [, ip-address... ];
-option streettalk-server ip-address [, ip-address... ];
-option swap-server ip-address;
-option tcp-keepalive-garbage flag;
-option tcp-keepalive-interval uint32;
-option tftp-server-name string;
-option time-offset int32;
-option time-servers ip-address [, ip-address... ];
-option trailer-encapsulation flag;
-option www-server ip-address [, ip-address... ];
-option x-display-manager ip-address [, ip-address... ];
+++ /dev/null
-#!/usr/bin/perl
-#
-# Library file for Connection Scheduler AddOn
-#
-# This code is distributed under the terms of the GPL
-#
-
-package CONNSCHED;
-
-$CONNSCHED::maxprofiles = 5;
-
-@CONNSCHED::weekdays = ( 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun' );
-@CONNSCHED::weekdays_pr = ( 'monday', 'tuesday', 'wednesday', 'thursday', 'friday', 'saturday', 'sunday' );
-
-%CONNSCHED::config;
-$CONNSCHED::configfile = "/var/ipfire/connscheduler/connscheduler.conf";
-&ReadConfig;
-
-
-1;
-
-#
-# load the configuration file
-#
-sub ReadConfig
-{
- # datafileformat:
- # active,action,profilenr,time,daystype,days,weekdays,,comment
-
- @CONNSCHED::config = ();
-
- my @tmpfile = ();
- if ( open(FILE, "$configfile") )
- {
- @tmpfile = <FILE>;
- close (FILE);
- }
-
- foreach $line ( @tmpfile )
- {
- chomp($line); # remove newline
- my @temp = split(/\,/,$line,9);
- if ( ($temp[0] ne 'on') && ($temp[0] ne 'off') ) { next; }
-
- my $weekdays_pr = '';
- for (my $i = 0; $i < 7; $i++)
- {
- if ( index($temp[6], $CONNSCHED::weekdays[$i]) != -1 )
- {
- $weekdays_pr .= "$Lang::tr{$CONNSCHED::weekdays_pr[$i]} ";
- }
- }
-
- push @CONNSCHED::config, { ACTIVE => $temp[0], ACTION => $temp[1], PROFILENR => $temp[2], TIME => $temp[3],
- DAYSTYPE => $temp[4], DAYS => $temp[5], WEEKDAYS => $temp[6], WEEKDAYS_PR => $weekdays_pr, COMMENT => $temp[8] };
- }
-}
-
-#
-# write the configuration file
-#
-sub WriteConfig
-{
- open(FILE, ">$configfile") or die 'hosts datafile error';
-
- for my $i ( 0 .. $#CONNSCHED::config )
- {
- if ( ($CONNSCHED::config[$i]{'ACTIVE'} ne 'on') && ($CONNSCHED::config[$i]{'ACTIVE'} ne 'off') ) { next; }
-
- print FILE "$CONNSCHED::config[$i]{'ACTIVE'},$CONNSCHED::config[$i]{'ACTION'},$CONNSCHED::config[$i]{'PROFILENR'},";
- print FILE "$CONNSCHED::config[$i]{'TIME'},$CONNSCHED::config[$i]{'DAYSTYPE'},";
- print FILE "$CONNSCHED::config[$i]{'DAYS'},$CONNSCHED::config[$i]{'WEEKDAYS'},,$CONNSCHED::config[$i]{'COMMENT'}\n";
- }
- close FILE;
-
- &ReadConfig();
-}
+++ /dev/null
-on,reconnect,,05:00,weekdays,,Mon Tue Wed Thu Fri Sat Sun ,,MorningReconnect
+++ /dev/null
-package Countries;
-
-%countries = (
-'Afghanistan' => 'AF',
-'Albania' => 'AL',
-'Algeria' => 'DZ',
-'American Samoa' => 'AS',
-'Andorra' => 'AD',
-'Angola' => 'AO',
-'Anguilla' => 'AI',
-'Antarctica' => 'AQ',
-'Antigua and Barbuda' => 'AG',
-'Argentina' => 'AR',
-'Armenia' => 'AM',
-'Aruba' => 'AW',
-'Australia' => 'AU',
-'Austria' => 'AT',
-'Azerbaijan' => 'AZ',
-'Bahamas' => 'BS',
-'Bahrain' => 'BH',
-'Bangladesh' => 'BD',
-'Barbados' => 'BB',
-'Belarus' => 'BY',
-'Belgium' => 'BE',
-'Belize' => 'BZ',
-'Benin' => 'BJ',
-'Bermuda' => 'BM',
-'Bhutan' => 'BT',
-'Bolivia' => 'BO',
-'Bosnia and Herzegovina' => 'BA',
-'Botswana' => 'BW',
-'Bouvet Island' => 'BV',
-'Brazil' => 'BR',
-'British Indian Ocean Territory' => 'IO',
-'Brunei Darussalam' => 'BN',
-'Bulgaria' => 'BG',
-'Burkina Faso' => 'BF',
-'Burundi' => 'BI',
-'Cambodia' => 'KH',
-'Cameroon' => 'CM',
-'Canada' => 'CA',
-'Cape Verde' => 'CV',
-'Cayman Islands' => 'KY',
-'Central African Republic' => 'CF',
-'Chad' => 'TD',
-'Chile' => 'CL',
-'China' => 'CN',
-'Christmas Island' => 'CX',
-'Cocos (Keeling) Islands' => 'CC',
-'Colombia' => 'CO',
-'Comoros' => 'KM',
-'Congo' => 'CG',
-'Cook Islands' => 'CK',
-'Costa Rica' => 'CR',
-'Cote D\'Ivoire (Ivory Coast)' => 'CI',
-'Croatia (Hrvatska)' => 'HR',
-'Cuba' => 'CU',
-'Cyprus' => 'CY',
-'Czech Republic' => 'CZ',
-'Czechoslovakia (former)' => 'CS',
-'Denmark' => 'DK',
-'Djibouti' => 'DJ',
-'Dominica' => 'DM',
-'Dominican Republic' => 'DO',
-'East Timor' => 'TP',
-'Ecuador' => 'EC',
-'Egypt' => 'EG',
-'El Salvador' => 'SV',
-'Equatorial Guinea' => 'GQ',
-'Eritrea' => 'ER',
-'Estonia' => 'EE',
-'Ethiopia' => 'ET',
-'Falkland Islands (Malvinas)' => 'FK',
-'Faroe Islands' => 'FO',
-'Fiji' => 'FJ',
-'Finland' => 'FI',
-'France' => 'FR',
-'France, Metropolitan' => 'FX',
-'French Guiana' => 'GF',
-'French Polynesia' => 'PF',
-'French Southern Territories' => 'TF',
-'Gabon' => 'GA',
-'Gambia' => 'GM',
-'Georgia' => 'GE',
-'Germany' => 'DE',
-'Ghana' => 'GH',
-'Gibraltar' => 'GI',
-'Great Britain (UK)' => 'GB',
-'Greece' => 'GR',
-'Greenland' => 'GL',
-'Grenada' => 'GD',
-'Guadeloupe' => 'GP',
-'Guam' => 'GU',
-'Guatemala' => 'GT',
-'Guinea' => 'GN',
-'Guinea-Bissau' => 'GW',
-'Guyana' => 'GY',
-'Haiti' => 'HT',
-'Heard and McDonald Islands' => 'HM',
-'Honduras' => 'HN',
-'Hong Kong' => 'HK',
-'Hungary' => 'HU',
-'Iceland' => 'IS',
-'India' => 'IN',
-'Indonesia' => 'ID',
-'Iran' => 'IR',
-'Iraq' => 'IQ',
-'Ireland' => 'IE',
-'Israel' => 'IL',
-'Italy' => 'IT',
-'Jamaica' => 'JM',
-'Japan' => 'JP',
-'Jordan' => 'JO',
-'Kazakhstan' => 'KZ',
-'Kenya' => 'KE',
-'Kiribati' => 'KI',
-'Korea (North)' => 'KP',
-'Korea (South)' => 'KR',
-'Kuwait' => 'KW',
-'Kyrgyzstan' => 'KG',
-'Laos' => 'LA',
-'Latvia' => 'LV',
-'Lebanon' => 'LB',
-'Lesotho' => 'LS',
-'Liberia' => 'LR',
-'Libya' => 'LY',
-'Liechtenstein' => 'LI',
-'Lithuania' => 'LT',
-'Luxembourg' => 'LU',
-'Macau' => 'MO',
-'Macedonia' => 'MK',
-'Madagascar' => 'MG',
-'Malawi' => 'MW',
-'Malaysia' => 'MY',
-'Maldives' => 'MV',
-'Mali' => 'ML',
-'Malta' => 'MT',
-'Marshall Islands' => 'MH',
-'Martinique' => 'MQ',
-'Mauritania' => 'MR',
-'Mauritius' => 'MU',
-'Mayotte' => 'YT',
-'Mexico' => 'MX',
-'Micronesia' => 'FM',
-'Moldova' => 'MD',
-'Monaco' => 'MC',
-'Mongolia' => 'MN',
-'Montserrat' => 'MS',
-'Morocco' => 'MA',
-'Mozambique' => 'MZ',
-'Myanmar' => 'MM',
-'Namibia' => 'NA',
-'Nauru' => 'NR',
-'Nepal' => 'NP',
-'Netherlands Antilles' => 'AN',
-'Netherlands' => 'NL',
-'Neutral Zone' => 'NT',
-'New Caledonia' => 'NC',
-'New Zealand (Aotearoa)' => 'NZ',
-'Nicaragua' => 'NI',
-'Niger' => 'NE',
-'Nigeria' => 'NG',
-'Niue' => 'NU',
-'Norfolk Island' => 'NF',
-'Northern Mariana Islands' => 'MP',
-'Norway' => 'NO',
-'Oman' => 'OM',
-'Pakistan' => 'PK',
-'Palau' => 'PW',
-'Panama' => 'PA',
-'Papua New Guinea' => 'PG',
-'Paraguay' => 'PY',
-'Peru' => 'PE',
-'Philippines' => 'PH',
-'Pitcairn' => 'PN',
-'Poland' => 'PL',
-'Portugal' => 'PT',
-'Puerto Rico' => 'PR',
-'Qatar' => 'QA',
-'Reunion' => 'RE',
-'Romania' => 'RO',
-'Russian Federation' => 'RU',
-'Rwanda' => 'RW',
-'S. Georgia and S. Sandwich Isls.' => 'GS',
-'Saint Kitts and Nevis' => 'KN',
-'Saint Lucia' => 'LC',
-'Saint Vincent and the Grenadines' => 'VC',
-'Samoa' => 'WS',
-'San Marino' => 'SM',
-'Sao Tome and Principe' => 'ST',
-'Saudi Arabia' => 'SA',
-'Senegal' => 'SN',
-'Seychelles' => 'SC',
-'Sierra Leone' => 'SL',
-'Singapore' => 'SG',
-'Slovak Republic' => 'SK',
-'Slovenia' => 'SI',
-'Solomon Islands' => 'Sb',
-'Somalia' => 'SO',
-'South Africa' => 'ZA',
-'Spain' => 'ES',
-'Sri Lanka' => 'LK',
-'St. Helena' => 'SH',
-'St. Pierre and Miquelon' => 'PM',
-'Sudan' => 'SD',
-'Suriname' => 'SR',
-'Svalbard and Jan Mayen Islands' => 'SJ',
-'Swaziland' => 'SZ',
-'Sweden' => 'SE',
-'Switzerland' => 'CH',
-'Syria' => 'SY',
-'Taiwan' => 'TW',
-'Tajikistan' => 'TJ',
-'Tanzania' => 'TZ',
-'Thailand' => 'TH',
-'Togo' => 'TG',
-'Tokelau' => 'TK',
-'Tonga' => 'TO',
-'Trinidad and Tobago' => 'TT',
-'Tunisia' => 'TN',
-'Turkey' => 'TR',
-'Turkmenistan' => 'TM',
-'Turks and Caicos Islands' => 'TC',
-'Tuvalu' => 'TV',
-'US Minor Outlying Islands' => 'UM',
-'USSR (former)' => 'SU',
-'Uganda' => 'UG',
-'Ukraine' => 'UA',
-'United Arab Emirates' => 'AE',
-'United Kingdom' => 'UK',
-'United States' => 'US',
-'Uruguay' => 'UY',
-'Uzbekistan' => 'UZ',
-'Vanuatu' => 'VU',
-'Vatican City State (Holy See)' => 'VA',
-'Venezuela' => 'VE',
-'Viet Nam' => 'VN',
-'Virgin Islands (British)' => 'VG',
-'Virgin Islands (U.S.)' => 'VI',
-'Wallis and Futuna Islands' => 'WF',
-'Western Sahara' => 'EH',
-'Yemen' => 'YE',
-'Yugoslavia' => 'YU',
-'Zaire' => 'ZR',
-'Zambia' => 'ZM',
-'Zimbabwe' => 'ZW',
-);
-
-1;
-
+++ /dev/null
-acap,674,tcpudp
-afbackup,2988,tcpudp
-afpovertcp,548,tcpudp
-afs3-bos,7007,tcpudp
-afs3-callback,7001,tcpudp
-afs3-errors,7006,tcpudp
-afs3-fileserver,7000,tcpudp
-afs3-kaserver,7004,tcpudp
-afs3-prserver,7002,tcpudp
-afs3-rmtsys,7009,tcpudp
-afs3-update,7008,tcpudp
-afs3-vlserver,7003,tcpudp
-afs3-volser,7005,tcpudp
-amanda,10080,tcpudp
-amandaidx,10082,tcp
-amidxtape,10083,tcp
-asp,27374,tcpudp
-at-echo,204,tcpudp
-at-nbp,202,tcpudp
-at-rtmp,201,tcpudp
-at-zis,206,tcpudp
-auth,113,tcpudp
-bgp,179,tcpudp
-biff,512,udp
-binkp,24554,tcpudp
-bootpc,68,tcpudp
-bootps,67,tcpudp
-canna,5680,tcp
-cfengine,5308,tcpudp
-cfinger,2003,tcp
-chargen,19,tcpudp
-cmip-agent,164,tcpudp
-cmip-man,163,tcpudp
-codaauth2,370,tcpudp
-codasrv,2432,tcpudp
-codasrv-se,2433,tcpudp
-conference,531,tcp
-corbaloc,2809,tcp
-courier,530,tcp
-csnet-ns,105,tcpudp
-cvspserver,2401,tcpudp
-cvsup,5999,tcpudp
-datametrics,1645,tcpudp
-daytime,13,tcpudp
-dhcpv6-client,546,tcpudp
-dhcpv6-server,547,tcpudp
-discard,9,tcpudp
-domain,53,tcpudp
-echo,4,ddp
-echo,7,tcpudp
-efs,520,tcp
-eklogin,2105,tcp
-exec,512,tcp
-fax,4557,tcp
-fido,60179,tcpudp
-finger,79,tcpudp
-fsp,21,udp
-ftp,21,tcpudp
-ftp-data,20,tcpudp
-gdomap,538,tcpudp
-gdp-port,1997,tcpudp
-gii,616,tcp
-gopher,70,tcpudp
-gss-http,488,tcpudp
-h323callsigalt,11720,tcpudp
-h323gatedisc,1718,tcpudp
-h323gatestat,1719,tcpudp
-h323hostcall,1720,tcpudp
-h323hostcallsc,1300,tcpudp
-ha-cluster,694,tcpudp
-hello,1789,tcpudp
-hmmp-ind,612,tcpudp
-hostmon,5355,tcpudp
-hostname,101,tcpudp
-hsrp,1985,tcpudp
-http,80,tcpudp
-http-alt,8008,tcpudp
-https,443,tcpudp
-hylafax,4559,tcp
-ica,1494,tcpudp
-icpv2,3130,tcpudp
-iiop,535,tcpudp
-imap,143,tcpudp
-imap3,220,tcpudp
-imaps,993,tcpudp
-ingreslock,1524,tcpudp
-ipx,213,tcpudp
-irc,194,tcpudp
-ircd,6667,tcpudp
-ircs,994,tcpudp
-isakmp,500,tcpudp
-isdnlog,20011,tcpudp
-iso-tsap,102,tcp
-jetdirect,9100,tcp
-kamanda,10081,tcpudp
-kerberos,88,tcpudp
-kerberos-adm,749,tcp
-kerberos-iv,750,udptcp
-kerberos_master,751,udptcp
-kermit,1649,tcpudp
-klogin,543,tcp
-knetd,2053,tcp
-kpasswd,464,tcpudp
-kpop,1109,tcp
-krb524,4444,tcpudp
-krb5_prop,754,tcp
-krbupdate,760,tcp
-kshell,544,tcp
-l2tp,1701,tcpudp
-ldap,389,tcpudp
-ldaps,636,tcpudp
-licensedaemon,1986,tcpudp
-link,245,tcpucp
-linuxconf,98,tcp
-login,513,tcp
-mailq,174,tcpudp
-mandelspawn,9359,udp
-microsoft-ds,445,tcpudp
-mobileip-agent,434,tcpudp
-mobilip-mn,435,tcpudp
-ms-sql-m,1434,tcpudp
-ms-sql-s,1433,tcpudp
-msp,18,tcpudp
-mtp,1911,tcpudp
-mysql,3306,tcpudp
-nameserver,42,tcpudp
-nbp,2,ddp
-netbios-dgm,138,tcpudp
-netbios-ns,137,tcpudp
-netbios-ssn,139,tcpudp
-netnews,532,tcp
-netrjs-1,71,tcpudp
-netrjs-2,72,tcpudp
-netrjs-3,73,tcpudp
-netrjs-4,74,tcpudp
-netstat,15,tcp
-netwall,533,udp
-nextstep,178,tcpudp
-nfs,2049,tcpudp
-nicname,43,tcpudp
-ninstall,2150,tcpudp
-nntp,119,tcpudp
-nntps,563,tcpudp
-noclog,5354,tcpudp
-npmp-gui,611,tcpudp
-npmp-local,610,tcpudp
-ntalk,518,udp
-ntp,123,tcpudp
-omirr,808,tcpudp
-passwd_server,752,udp
-pgpkeyserver,11371,tcpudp
-phonebook,767,tcpudp
-photuris,468,tcpudp
-pim-rp-disc,496,tcpudp
-pop2,109,tcpudp
-pop3,110,tcpudp
-pop3s,995,tcpudp
-poppassd,106,tcpudp
-postgres,5432,tcpudp
-printer,515,tcpudp
-prospero,191,tcpudp
-prospero-np,1525,tcpudp
-prsvp,3455,tcpudp
-qmtp,209,tcpudp
-qotd,17,tcpudp
-quake,26000,tcpudp
-radius,1812,tcpudp
-radius-acct,1813,tcpudp
-re-mail-ck,50,tcpudp
-remotefs,556,tcp
-rfe,5002,tcpudp
-ripng,521,tcpudp
-rje,5,tcpudp
-rlp,39,tcpudp
-rmtcfg,1236,tcp
-rndc,953,tcpudp
-router,520,udp
-rpc2portmap,369,tcpudp
-rsvp_tunnel,363,tcpudp
-rsync,873,tcpudp
-rtelnet,107,tcpudp
-rtmp,1,ddp
-rtsp,554,tcpudp
-rwhois,4321,tcpudp
-sa-msg-port,1646,tcpudp
-saft,487,tcpudp
-sd,9876,tcpudp
-sftp,115,tcpudp
-sgi-dgl,5232,tcpudp
-shell,514,tcp
-skkserv,1178,tcp
-smtp,25,tcpudp
-smtps,465,tcp
-smux,199,tcpudp
-snmp,161,tcpudp
-snmptrap,162,udp
-snpp,444,tcpudp
-socks,1080,tcpudp
-squid,3128,tcp
-ssh,22,tcpudp
-submission,587,tcpudp
-sunrpc,111,tcpudp
-supdup,95,tcpudp
-supfiledbg,1127,tcp
-supfilesrv,871,tcp
-support,1529,tcp
-svrloc,427,tcpudp
-swat,901,tcp
-syslog,514,udp
-systat,11,tcpudp
-tacacs,49,tcpudp
-talk,517,udp
-tcpmux,1,tcpudp
-telnet,23,tcpudp
-telnets,992,tcpudp
-tempo,526,tcp
-tfido,60177,tcpudp
-tftp,69,tcpudp
-tftp-mcast,1758,tcpudp
-time,37,tcpudp
-timed,525,tcpudp
-tircproxy,7666,tcp
-tproxy,8081,tcpudp
-traceroute,33434,tcpudp
-trnsprntproxy,3346,tcpudp
-ulistproc,372,tcpudp
-utime,519,tcpudp
-uucp,540,tcp
-uucp-path,117,tcpudp
-vboxd,20012,tcpudp
-venus,2430,tcpudp
-venus-se,2431,tcpudp
-webcache,8080,tcpudp
-webster,765,tcpudp
-who,513,udp
-whoami,565,tcpudp
-whois++,63,tcpudp
-wins,1512,tcpudp
-wnn6-ds,26208,tcpudp
-x11,6000,tcp
-x11-ssh-offset,6010,tcp
-xdmcp,177,tcpudp
-xfs,7100,tcp
-xtel,1313,tcp
-z39.50,210,tcpudp
-zephyr-clt,2103,tcpudp
-zephyr-hm,2104,tcpudp
-zephyr-srv,2102,tcpudp
-zip,6,ddp
+++ /dev/null
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The SmoothWall Team
-# Copyright (C) 2002 Alex Hudson - getcgihash() rewrite
-# Copyright (C) 2002 Bob Grant <bob@cache.ucr.edu> - validmac()
-# Copyright (c) 2002/04/13 Steve Bootes - add alias section, helper functions
-# Copyright (c) 2002/08/23 Mark Wormgoor <mark@wormgoor.com> validfqdn()
-# Copyright (c) 2003/09/11 Darren Critchley <darrenc@telus.net> srtarray()
-#
-# $Id: general-functions.pl,v 1.1.2.26 2006/01/04 16:33:55 franck78 Exp $
-#
-
-package General;
-
-use strict;
-use Socket;
-use IO::Socket;
-use Net::SSLeay;
-
-$|=1; # line buffering
-
-$General::version = 'VERSION';
-$General::swroot = 'CONFIG_ROOT';
-$General::noipprefix = 'noipg-';
-$General::adminmanualurl = 'http://wiki.ipfire.org';
-
-#
-# log ("message") use default 'ipcop' tag
-# log ("tag","message") use your tag
-#
-sub log
-{
- my $tag='ipfire';
- $tag = shift if (@_>1);
- my $logmessage = $_[0];
- $logmessage =~ /([\w\W]*)/;
- $logmessage = $1;
- system('logger', '-t', $tag, $logmessage);
-}
-
-sub readhash
-{
- my $filename = $_[0];
- my $hash = $_[1];
- my ($var, $val);
-
-
- # Some ipcop code expects that readhash 'complete' the hash if new entries
- # are presents. Not clear it !!!
- #%$hash = ();
-
- open(FILE, $filename) or die "Unable to read file $filename";
-
- while (<FILE>)
- {
- chop;
- ($var, $val) = split /=/, $_, 2;
- if ($var)
- {
- $val =~ s/^\'//g;
- $val =~ s/\'$//g;
-
- # Untaint variables read from hash
- # trim space from begin and end
- $var =~ s/^\s+//;
- $var =~ s/\s+$//;
- $var =~ /([A-Za-z0-9_-]*)/;
- $var = $1;
- $val =~ /([\w\W]*)/;
- $val = $1;
- $hash->{$var} = $val;
- }
- }
- close FILE;
-}
-
-
-sub writehash
-{
- my $filename = $_[0];
- my $hash = $_[1];
- my ($var, $val);
-
- # write cgi vars to the file.
- open(FILE, ">${filename}") or die "Unable to write file $filename";
- flock FILE, 2;
- foreach $var (keys %$hash)
- {
- if ( $var eq "__CGI__"){next;}
- $val = $hash->{$var};
- # Darren Critchley Jan 17, 2003 added the following because when submitting with a graphic, the x and y
- # location of the mouse are submitted as well, this was being written to the settings file causing
- # some serious grief! This skips the variable.x and variable.y
- if (!($var =~ /(.x|.y)$/)) {
- if ($val =~ / /) {
- $val = "\'$val\'"; }
- if (!($var =~ /^ACTION/)) {
- print FILE "${var}=${val}\n"; }
- }
- }
- close FILE;
-}
-
-
-sub age
-{
- my ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size,
- $atime, $mtime, $ctime, $blksize, $blocks) = stat $_[0];
- my $now = time;
-
- my $totalsecs = $now - $mtime;
- my $days = int($totalsecs / 86400);
- my $totalhours = int($totalsecs / 3600);
- my $hours = $totalhours % 24;
- my $totalmins = int($totalsecs / 60);
- my $mins = $totalmins % 60;
- my $secs = $totalsecs % 60;
-
- return "${days}d ${hours}h ${mins}m ${secs}s";
-}
-
-sub validip
-{
- my $ip = $_[0];
-
- if (!($ip =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/)) {
- return 0; }
- else
- {
- my @octets = ($1, $2, $3, $4);
- foreach $_ (@octets)
- {
- if (/^0./) {
- return 0; }
- if ($_ < 0 || $_ > 255) {
- return 0; }
- }
- return 1;
- }
-}
-
-sub validmask
-{
- my $mask = $_[0];
-
- # secord part an ip?
- if (&validip($mask)) {
- return 1; }
- # second part a number?
- if (/^0/) {
- return 0; }
- if (!($mask =~ /^\d+$/)) {
- return 0; }
- if ($mask >= 0 && $mask <= 32) {
- return 1; }
- return 0;
-}
-
-sub validipormask
-{
- my $ipormask = $_[0];
-
- # see if it is a IP only.
- if (&validip($ipormask)) {
- return 1; }
- # split it into number and mask.
- if (!($ipormask =~ /^(.*?)\/(.*?)$/)) {
- return 0; }
- my $ip = $1;
- my $mask = $2;
- # first part not a ip?
- if (!(&validip($ip))) {
- return 0; }
- return &validmask($mask);
-}
-
-sub validipandmask
-{
- my $ipandmask = $_[0];
-
- # split it into number and mask.
- if (!($ipandmask =~ /^(.*?)\/(.*?)$/)) {
- return 0; }
- my $ip = $1;
- my $mask = $2;
- # first part not a ip?
- if (!(&validip($ip))) {
- return 0; }
- return &validmask($mask);
-}
-
-sub validport
-{
- $_ = $_[0];
-
- if (!/^\d+$/) {
- return 0; }
- if (/^0./) {
- return 0; }
- if ($_ >= 1 && $_ <= 65535) {
- return 1; }
- return 0;
-}
-
-sub validproxyport
-{
- $_ = $_[0];
-
- if (!/^\d+$/) {
- return 0; }
- if (/^0./) {
- return 0; }
- if ($_ == 53 || $_ == 222 || $_ == 444 || $_ == 81 ) {
- return 0; }
- elsif ($_ >= 1 && $_ <= 65535) {
- return 1; }
- return 0;
-}
-
-sub validmac
-{
- my $checkmac = $_[0];
- my $ot = '[0-9a-f]{2}'; # 2 Hex digits (one octet)
- if ($checkmac !~ /^$ot:$ot:$ot:$ot:$ot:$ot$/i)
- {
- return 0;
- }
- return 1;
-}
-
-sub validhostname
-{
- # Checks a hostname against RFC1035
- my $hostname = $_[0];
-
- # Each part should be at least two characters in length
- # but no more than 63 characters
- if (length ($hostname) < 1 || length ($hostname) > 63) {
- return 0;}
- # Only valid characters are a-z, A-Z, 0-9 and -
- if ($hostname !~ /^[a-zA-Z0-9-]*$/) {
- return 0;}
- # First character can only be a letter or a digit
- if (substr ($hostname, 0, 1) !~ /^[a-zA-Z0-9]*$/) {
- return 0;}
- # Last character can only be a letter or a digit
- if (substr ($hostname, -1, 1) !~ /^[a-zA-Z0-9]*$/) {
- return 0;}
- return 1;
-}
-
-sub validdomainname
-{
- my $part;
-
- # Checks a domain name against RFC1035
- my $domainname = $_[0];
- my @parts = split (/\./, $domainname); # Split hostname at the '.'
-
- foreach $part (@parts) {
- # Each part should be at least two characters in length
- # but no more than 63 characters
- if (length ($part) < 2 || length ($part) > 63) {
- return 0;}
- # Only valid characters are a-z, A-Z, 0-9 and -
- if ($part !~ /^[a-zA-Z0-9-]*$/) {
- return 0;}
- # First character can only be a letter or a digit
- if (substr ($part, 0, 1) !~ /^[a-zA-Z0-9]*$/) {
- return 0;}
- # Last character can only be a letter or a digit
- if (substr ($part, -1, 1) !~ /^[a-zA-Z0-9]*$/) {
- return 0;}
- }
- return 1;
-}
-
-sub validfqdn
-{
- my $part;
-
- # Checks a fully qualified domain name against RFC1035
- my $fqdn = $_[0];
- my @parts = split (/\./, $fqdn); # Split hostname at the '.'
- if (scalar(@parts) < 2) { # At least two parts should
- return 0;} # exist in a FQDN
- # (i.e. hostname.domain)
- foreach $part (@parts) {
- # Each part should be at least one character in length
- # but no more than 63 characters
- if (length ($part) < 1 || length ($part) > 63) {
- return 0;}
- # Only valid characters are a-z, A-Z, 0-9 and -
- if ($part !~ /^[a-zA-Z0-9-]*$/) {
- return 0;}
- # First character can only be a letter or a digit
- if (substr ($part, 0, 1) !~ /^[a-zA-Z0-9]*$/) {
- return 0;}
- # Last character can only be a letter or a digit
- if (substr ($part, -1, 1) !~ /^[a-zA-Z0-9]*$/) {
- return 0;}
- }
- return 1;
-}
-
-sub validportrange # used to check a port range
-{
- my $port = $_[0]; # port values
- $port =~ tr/-/:/; # replace all - with colons just in case someone used -
- my $srcdst = $_[1]; # is it a source or destination port
-
- if (!($port =~ /^(\d+)\:(\d+)$/)) {
-
- if (!(&validport($port))) {
- if ($srcdst eq 'src'){
- return $Lang::tr{'source port numbers'};
- } else {
- return $Lang::tr{'destination port numbers'};
- }
- }
- }
- else
- {
- my @ports = ($1, $2);
- if ($1 >= $2){
- if ($srcdst eq 'src'){
- return $Lang::tr{'bad source range'};
- } else {
- return $Lang::tr{'bad destination range'};
- }
- }
- foreach $_ (@ports)
- {
- if (!(&validport($_))) {
- if ($srcdst eq 'src'){
- return $Lang::tr{'source port numbers'};
- } else {
- return $Lang::tr{'destination port numbers'};
- }
- }
- }
- return;
- }
-}
-
-# Test if IP is within a subnet
-# Call: IpInSubnet (Addr, Subnet, Subnet Mask)
-# Subnet can be an IP of the subnet: 10.0.0.0 or 10.0.0.1
-# Everything in dottted notation
-# Return: TRUE/FALSE
-sub IpInSubnet
-{
- my $ip = unpack('N', &Socket::inet_aton(shift));
- my $start = unpack('N', &Socket::inet_aton(shift));
- my $mask = unpack('N', &Socket::inet_aton(shift));
- $start &= $mask; # base of subnet...
- my $end = $start + ~$mask;
- return (($ip >= $start) && ($ip <= $end));
-}
-
-#
-# Return the following IP (IP+1) in dotted notation.
-# Call: NextIP ('1.1.1.1');
-# Return: '1.1.1.2'
-#
-sub NextIP
-{
- return &Socket::inet_ntoa( pack("N", 1 + unpack('N', &Socket::inet_aton(shift))
- )
- );
-}
-
-sub validemail {
- my $mail = shift;
- return 0 if ( $mail !~ /^[0-9a-zA-Z\.\-\_]+\@[0-9a-zA-Z\.\-]+$/ );
- return 0 if ( $mail =~ /^[^0-9a-zA-Z]|[^0-9a-zA-Z]$/);
- return 0 if ( $mail !~ /([0-9a-zA-Z]{1})\@./ );
- return 0 if ( $mail !~ /.\@([0-9a-zA-Z]{1})/ );
- return 0 if ( $mail =~ /.\.\-.|.\-\..|.\.\..|.\-\-./g );
- return 0 if ( $mail =~ /.\.\_.|.\-\_.|.\_\..|.\_\-.|.\_\_./g );
- return 0 if ( $mail !~ /\.([a-zA-Z]{2,4})$/ );
- return 1;
-}
-
-#
-# Currently only vpnmain use this three procs (readhasharray, writehasharray, findhasharray)
-# The 'key' used is numeric but is perfectly unneeded! This will to be removed so don't use
-# this code. Vpnmain will be splitted in parts: x509/pki, connection ipsec, connection other,... .
-#
-sub readhasharray {
- my ($filename, $hash) = @_;
- %$hash = ();
-
- open(FILE, $filename) or die "Unable to read file $filename";
-
- while (<FILE>) {
- my ($key, $rest, @temp);
- chomp;
- ($key, $rest) = split (/,/, $_, 2);
- if ($key =~ /^[0-9]+$/) {
- @temp = split (/,/, $rest);
- $hash->{$key} = \@temp;
- }
- }
- close FILE;
- return;
-}
-
-sub writehasharray {
- my ($filename, $hash) = @_;
- my ($key, @temp, $i);
-
- open(FILE, ">$filename") or die "Unable to write to file $filename";
-
- foreach $key (keys %$hash) {
- if ($key =~ /^[0-9]+$/) {
- print FILE "$key";
- foreach $i (0 .. $#{$hash->{$key}}) {
- print FILE ",$hash->{$key}[$i]";
- }
- print FILE "\n";
- }
- }
- close FILE;
- return;
-}
-
-sub findhasharraykey {
- foreach my $i (1 .. 1000000) {
- if ( ! exists $_[0]{$i}) {
- return $i;
- }
- }
-}
-
-sub srtarray
-# Darren Critchley - darrenc@telus.net - (c) 2003
-# &srtarray(SortOrder, AlphaNumeric, SortDirection, ArrayToBeSorted)
-# This subroutine will take the following parameters:
-# ColumnNumber = the column which you want to sort on, starts at 1
-# AlphaNumberic = a or n (lowercase) defines whether the sort should be alpha or numberic
-# SortDirection = asc or dsc (lowercase) Ascending or Descending sort
-# ArrayToBeSorted = the array that wants sorting
-#
-# Returns an array that is sorted to your specs
-#
-# If SortOrder is greater than the elements in array, then it defaults to the first element
-#
-{
- my ($colno, $alpnum, $srtdir, @tobesorted) = @_;
- my @tmparray;
- my @srtedarray;
- my $line;
- my $newline;
- my $ctr;
- my $ttlitems = scalar @tobesorted; # want to know the number of rows in the passed array
- if ($ttlitems < 1){ # if no items, don't waste our time lets leave
- return (@tobesorted);
- }
- my @tmp = split(/\,/,$tobesorted[0]);
- $ttlitems = scalar @tmp; # this should be the number of elements in each row of the passed in array
-
- # Darren Critchley - validate parameters
- if ($colno > $ttlitems){$colno = '1';}
- $colno--; # remove one from colno to deal with arrays starting at 0
- if($colno < 0){$colno = '0';}
- if ($alpnum ne '') { $alpnum = lc($alpnum); } else { $alpnum = 'a'; }
- if ($srtdir ne '') { $srtdir = lc($srtdir); } else { $srtdir = 'src'; }
-
- foreach $line (@tobesorted)
- {
- chomp($line);
- if ($line ne '') {
- my @temp = split(/\,/,$line);
- # Darren Critchley - juggle the fields so that the one we want to sort on is first
- my $tmpholder = $temp[0];
- $temp[0] = $temp[$colno];
- $temp[$colno] = $tmpholder;
- $newline = "";
- for ($ctr=0; $ctr < $ttlitems ; $ctr++) {
- $newline=$newline . $temp[$ctr] . ",";
- }
- chop($newline);
- push(@tmparray,$newline);
- }
- }
- if ($alpnum eq 'n') {
- @tmparray = sort {$a <=> $b} @tmparray;
- } else {
- @tmparray = (sort @tmparray);
- }
- foreach $line (@tmparray)
- {
- chomp($line);
- if ($line ne '') {
- my @temp = split(/\,/,$line);
- my $tmpholder = $temp[0];
- $temp[0] = $temp[$colno];
- $temp[$colno] = $tmpholder;
- $newline = "";
- for ($ctr=0; $ctr < $ttlitems ; $ctr++){
- $newline=$newline . $temp[$ctr] . ",";
- }
- chop($newline);
- push(@srtedarray,$newline);
- }
- }
-
- if ($srtdir eq 'dsc') {
- @tmparray = reverse(@srtedarray);
- return (@tmparray);
- } else {
- return (@srtedarray);
- }
-}
-
-sub FetchPublicIp {
- my %proxysettings;
- &General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
- if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
- my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
- Net::SSLeay::set_proxy($peer,$peerport,$proxysettings{'UPSTREAM_USER'},$proxysettings{'UPSTREAM_PASSWORD'} );
- }
- my ($out, $response) = Net::SSLeay::get_http( 'checkip.dyndns.org',
- 80,
- "/",
- Net::SSLeay::make_headers('User-Agent' => 'IPFire' )
- );
- if ($response =~ m%HTTP/1\.. 200 OK%) {
- $out =~ /Current IP Address: (\d+.\d+.\d+.\d+)/;
- return $1;
- }
- return '';
-}
-
-#
-# Check if hostname.domain provided have IP provided
-# use gethostbyname to verify that
-# Params:
-# IP
-# hostname
-# domain
-# Output
-# 1 IP matches host.domain
-# 0 not in sync
-#
-sub DyndnsServiceSync ($;$;$) {
-
- my ($ip,$hostName,$domain) = @_;
- my @addresses;
-
- #fix me no ip GROUP, what is the name ?
- $hostName =~ s/$General::noipprefix//;
- if ($hostName) { #may be empty
- $hostName = "$hostName.$domain";
- @addresses = gethostbyname($hostName);
- }
-
- if ($addresses[0] eq '') { # nothing returned ?
- $hostName = $domain; # try resolving with domain only
- @addresses = gethostbyname($hostName);
- }
-
- if ($addresses[0] ne '') { # got something ?
- #&General::log("name:$addresses[0], alias:$addresses[1]");
- # Build clear text list of IP
- @addresses = map ( &Socket::inet_ntoa($_), @addresses[4..$#addresses]);
- if (grep (/$ip/, @addresses)) {
- return 1;
- }
- }
- return 0;
-}
-#
-# This sub returns the red IP used to compare in DyndnsServiceSync
-#
-sub GetDyndnsRedIP {
- my %settings;
- &General::readhash("${General::swroot}/ddns/settings", \%settings);
-
- open(IP, "${General::swroot}/red/local-ipaddress") or return 'unavailable';
- my $ip = <IP>;
- close(IP);
- chomp $ip;
-
- if (&General::IpInSubnet ($ip,'10.0.0.0','255.0.0.0') ||
- &General::IpInSubnet ($ip,'172.16.0.0.','255.240.0.0') ||
- &General::IpInSubnet ($ip,'192.168.0.0','255.255.0.0'))
- {
- if ($settings{'BEHINDROUTER'} eq 'FETCH_IP') {
- my $RealIP = &General::FetchPublicIp;
- $ip = (&General::validip ($RealIP) ? $RealIP : 'unavailable');
- }
- }
- return $ip;
-}
-
-# Translate ICMP code to text
-# ref: http://www.iana.org/assignments/icmp-parameters
-sub GetIcmpDescription ($) {
- my $index = shift;
- my @icmp_description = (
- 'Echo Reply', #0
- 'Unassigned',
- 'Unassigned',
- 'Destination Unreachable',
- 'Source Quench',
- 'Redirect',
- 'Alternate Host Address',
- 'Unassigned',
- 'Echo',
- 'Router Advertisement',
- 'Router Solicitation', #10
- 'Time Exceeded',
- 'Parameter Problem',
- 'Timestamp',
- 'Timestamp Reply',
- 'Information Request',
- 'Information Reply',
- 'Address Mask Request',
- 'Address Mask Reply',
- 'Reserved (for Security)',
- 'Reserved (for Robustness Experiment)', #20
- 'Reserved',
- 'Reserved',
- 'Reserved',
- 'Reserved',
- 'Reserved',
- 'Reserved',
- 'Reserved',
- 'Reserved',
- 'Reserved',
- 'Traceroute', #30
- 'Datagram Conversion Error',
- 'Mobile Host Redirect',
- 'IPv6 Where-Are-You',
- 'IPv6 I-Am-Here',
- 'Mobile Registration Request',
- 'Mobile Registration Reply',
- 'Domain Name Request',
- 'Domain Name Reply',
- 'SKIP',
- 'Photur', #40
- 'Experimental');
- if ($index>41) {return 'unknown'} else {return @icmp_description[$index]};
-}
-1;
+++ /dev/null
-#!/usr/bin/perl
-# Generate Graphs exported from Makegraphs to minimize system load an only generate the Graphs when displayed
-# This is part of the IPFire Firewall
-
-
-package Graphs;
-
-use strict;
-use RRDs;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my $ERROR;
-my $rrdlog = "/var/log/rrd";
-my $graphs = "/srv/web/ipfire/html/graphs";
-$ENV{PATH}="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin";
-
-my %color = ();
-my %mainsettings = ();
-&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-
-my %mbmon_settings = ();
-&General::readhash("${General::swroot}/mbmon/settings", \%mbmon_settings);
-
-my %mbmon_values = ();
-if ( -e "/var/log/mbmon-values" ){
-&General::readhash("/var/log/mbmon-values", \%mbmon_values);
-}
-
-my $key;
-my $value;
-my @args = ();
-my $count = 0;
-
-use Encode 'from_to';
-
-my %tr=();
-if ((${Lang::language} eq 'el') ||
- (${Lang::language} eq 'fa') ||
- (${Lang::language} eq 'ru') ||
- (${Lang::language} eq 'th') ||
- (${Lang::language} eq 'vi') ||
- (${Lang::language} eq 'zh') ||
- (${Lang::language} eq 'zt')) {
- eval `/bin/cat "${General::swroot}/langs/en.pl"`;
-} else {
- %tr=%Lang::tr; # use translated version for other languages
-}
-
-
-sub updatecpugraph {
- my $period = $_[0];
-
- RRDs::graph ("$graphs/cpu-$period.png",
- "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-u 100", "-r",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'cpu usage per'} $Lang::tr{$period}",
- "DEF:iowait=$rrdlog/cpu.rrd:iowait:AVERAGE",
- "DEF:user=$rrdlog/cpu.rrd:user:AVERAGE",
- "DEF:system=$rrdlog/cpu.rrd:system:AVERAGE",
- "DEF:idle=$rrdlog/cpu.rrd:idle:AVERAGE",
- "DEF:irq=$rrdlog/cpu.rrd:irq:AVERAGE",
- "CDEF:total=user,system,idle,iowait,irq,+,+,+,+",
- "CDEF:userpct=100,user,total,/,*",
- "CDEF:systempct=100,system,total,/,*",
- "CDEF:idlepct=100,idle,total,/,*",
- "CDEF:iowaitpct=100,iowait,total,/,*",
- "CDEF:irqpct=100,irq,total,/,*",
- "COMMENT:$Lang::tr{'caption'}\\t\\t\\t ",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",
- "AREA:iowaitpct".$color{"color14"}.":$Lang::tr{'iowait'}",
- "GPRINT:iowaitpct:MAX:%3.2lf%%",
- "GPRINT:iowaitpct:AVERAGE:%3.2lf%%",
- "GPRINT:iowaitpct:MIN:%3.2lf%%",
- "GPRINT:iowaitpct:LAST:%3.2lf%%\\j",
- "STACK:irqpct".$color{"color23"}.":$Lang::tr{'cpu irq usage'}",
- "GPRINT:irqpct:MAX:%3.2lf%%",
- "GPRINT:irqpct:AVERAGE:%3.2lf%%",
- "GPRINT:irqpct:MIN:%3.2lf%%",
- "GPRINT:irqpct:LAST:%3.2lf%%\\j",
- "STACK:userpct".$color{"color11"}.":$Lang::tr{'user cpu usage'}",
- "GPRINT:userpct:MAX:%3.2lf%%",
- "GPRINT:userpct:AVERAGE:%3.2lf%%",
- "GPRINT:userpct:MIN:%3.2lf%%",
- "GPRINT:userpct:LAST:%3.2lf%%\\j",
- "STACK:systempct".$color{"color13"}.":$Lang::tr{'system cpu usage'}",
- "GPRINT:systempct:MAX:%3.2lf%%",
- "GPRINT:systempct:AVERAGE:%3.2lf%%",
- "GPRINT:systempct:MIN:%3.2lf%%",
- "GPRINT:systempct:LAST:%3.2lf%%\\j",
- "STACK:idlepct".$color{"color12"}.":$Lang::tr{'idle cpu usage'}",
- "GPRINT:idlepct:MAX:%3.2lf%%",
- "GPRINT:idlepct:AVERAGE:%3.2lf%%",
- "GPRINT:idlepct:MIN:%3.2lf%%",
- "GPRINT:idlepct:LAST:%3.2lf%%\\j");
- $ERROR = RRDs::error;
- print "Error in RRD::graph for cpu: $ERROR\n" if $ERROR;
-}
-
-sub updateloadgraph {
- my $period = $_[0];
-
- RRDs::graph ("$graphs/load-$period.png",
- "--start", "-1$period", "-aPNG",
- "-w 600", "-h 100", "-i", "-z", "-W www.ipfire.org", "-l 0", "-r", "--alt-y-grid",
- "-t Load Average",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "DEF:load1=$rrdlog/load.rrd:load1:AVERAGE",
- "DEF:load5=$rrdlog/load.rrd:load5:AVERAGE",
- "DEF:load15=$rrdlog/load.rrd:load15:AVERAGE",
- "AREA:load1".$color{"color13"}.":1 Minute, letzter:",
- "GPRINT:load1:LAST:%5.2lf",
- "AREA:load5".$color{"color18"}.":5 Minuten, letzter:",
- "GPRINT:load5:LAST:%5.2lf",
- "AREA:load15".$color{"color14"}.":15 Minuten, letzter:",
- "GPRINT:load15:LAST:%5.2lf\\j",
- "LINE1:load5".$color{"color13"},
- "LINE1:load1".$color{"color18"});
- $ERROR = RRDs::error;
- print "Error in RRD::graph for load: $ERROR\n" if $ERROR;
-}
-
-sub updatememgraph {
- my $period = $_[0];
-
- RRDs::graph ("$graphs/memory-$period.png",
- "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-u 100", "-r",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'memory usage per'} $Lang::tr{$period}",
- "DEF:used=$rrdlog/mem.rrd:memused:AVERAGE",
- "DEF:free=$rrdlog/mem.rrd:memfree:AVERAGE",
- "DEF:shared=$rrdlog/mem.rrd:memshared:AVERAGE",
- "DEF:buffer=$rrdlog/mem.rrd:membuffers:AVERAGE",
- "DEF:cache=$rrdlog/mem.rrd:memcache:AVERAGE",
- "CDEF:total=used,free,+",
- "CDEF:used2=used,buffer,cache,shared,+,+,-",
- "CDEF:usedpct=100,used2,total,/,*",
- "CDEF:sharedpct=100,shared,total,/,*",
- "CDEF:bufferpct=100,buffer,total,/,*",
- "CDEF:cachepct=100,cache,total,/,*",
- "CDEF:freepct=100,free,total,/,*",
- "COMMENT:$Lang::tr{'caption'}\\t\\t\\t",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",
- "AREA:usedpct".$color{"color11"}.":$Lang::tr{'used memory'}",
- "GPRINT:usedpct:MAX:%3.2lf%%",
- "GPRINT:usedpct:AVERAGE:%3.2lf%%",
- "GPRINT:usedpct:MIN:%3.2lf%%",
- "GPRINT:usedpct:LAST:%3.2lf%%\\j",
- "STACK:sharedpct".$color{"color13"}.":$Lang::tr{'shared memory'}",
- "GPRINT:sharedpct:MAX:%3.2lf%%",
- "GPRINT:sharedpct:AVERAGE:%3.2lf%%",
- "GPRINT:sharedpct:MIN:%3.2lf%%",
- "GPRINT:sharedpct:LAST:%3.2lf%%\\j",
- "STACK:bufferpct".$color{"color23"}.":$Lang::tr{'buffered memory'}",
- "GPRINT:bufferpct:MAX:%3.2lf%%",
- "GPRINT:bufferpct:AVERAGE:%3.2lf%%",
- "GPRINT:bufferpct:MIN:%3.2lf%%",
- "GPRINT:bufferpct:LAST:%3.2lf%%\\j",
- "STACK:cachepct".$color{"color14"}.":$Lang::tr{'cached memory'}",
- "GPRINT:cachepct:MAX:%3.2lf%%",
- "GPRINT:cachepct:AVERAGE:%3.2lf%%",
- "GPRINT:cachepct:MIN:%3.2lf%%",
- "GPRINT:cachepct:LAST:%3.2lf%%\\j",
- "STACK:freepct".$color{"color12"}.":$Lang::tr{'free memory'}",
- "GPRINT:freepct:MAX:%3.2lf%%",
- "GPRINT:freepct:AVERAGE:%3.2lf%%",
- "GPRINT:freepct:MIN:%3.2lf%%",
- "GPRINT:freepct:LAST:%3.2lf%%\\j");
- $ERROR = RRDs::error;
- print "Error in RRD::graph for mem: $ERROR\n" if $ERROR;
-
- RRDs::graph ("$graphs/swap-$period.png",
- "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-u 100", "-r",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'swap usage per'} $Lang::tr{$period}",
- "DEF:used=$rrdlog/mem.rrd:swapused:AVERAGE",
- "DEF:free=$rrdlog/mem.rrd:swapfree:AVERAGE",
- "CDEF:total=used,free,+",
- "CDEF:usedpct=100,used,total,/,*",
- "CDEF:freepct=100,free,total,/,*",
- "COMMENT:$Lang::tr{'caption'}\\t\\t",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",
- "AREA:usedpct".$color{"color11"}.":$Lang::tr{'used swap'}",
- "GPRINT:usedpct:MAX:%3.2lf%%",
- "GPRINT:usedpct:AVERAGE:%3.2lf%%",
- "GPRINT:usedpct:MIN:%3.2lf%%",
- "GPRINT:usedpct:LAST:%3.2lf%%\\j",
- "STACK:freepct".$color{"color12"}.":$Lang::tr{'free swap'}",
- "GPRINT:freepct:MAX:%3.2lf%%",
- "GPRINT:freepct:AVERAGE:%3.2lf%%",
- "GPRINT:freepct:MIN:%3.2lf%%",
- "GPRINT:freepct:LAST:%3.2lf%%\\j");
- $ERROR = RRDs::error;
- print "Error in RRD::graph for swap: $ERROR\n" if $ERROR;
-}
-
-sub updatediskgraph {
- my $period = $_[0];
- my $disk = $_[1];
-
- RRDs::graph ("$graphs/disk-$disk-$period.png",
- "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-r",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'disk access per'} $Lang::tr{$period} $disk",
- "DEF:read=$rrdlog/disk-$disk.rrd:readsect:AVERAGE",
- "DEF:write=$rrdlog/disk-$disk.rrd:writesect:AVERAGE",
- "DEF:standby=$rrdlog/hddshutdown-$disk.rrd:standby:AVERAGE",
- "CDEF:st=standby,INF,*",
- "AREA:st".$color{"color20"}.":standby\\j",
- "AREA:read".$color{"color11"}.":$Lang::tr{'sectors read from disk per second'}",
- "STACK:write".$color{"color12"}.":$Lang::tr{'sectors written to disk per second'}\\j",
- "COMMENT: \\j",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'current'}\\j",
- "GPRINT:read:MAX:$Lang::tr{'read sectors'}\\:%8.0lf",
- "GPRINT:read:AVERAGE:$Lang::tr{'read sectors'}\\:%8.0lf",
- "GPRINT:read:LAST:$Lang::tr{'read sectors'}\\:%8.0lf\\j",
- "GPRINT:write:MAX:$Lang::tr{'written sectors'}\\:%8.0lf",
- "GPRINT:write:AVERAGE:$Lang::tr{'written sectors'}\\:%8.0lf",
- "GPRINT:write:LAST:$Lang::tr{'written sectors'}\\:%8.0lf\\j");
- $ERROR = RRDs::error;
- print "Error in RRD::graph for disk: $ERROR\n" if $ERROR;
-}
-
-sub updateifgraph {
- my $interface = $_[0];
- my $period = $_[1];
-
- RRDs::graph ("$graphs/$interface-$period.png",
- "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'traffic on'} $interface ($Lang::tr{'graph per'} $Lang::tr{$period})",
- "-v$Lang::tr{'bytes per second'}",
- "DEF:incoming=$rrdlog/$interface.rrd:incoming:AVERAGE",
- "DEF:outgoing=$rrdlog/$interface.rrd:outgoing:AVERAGE",
- "AREA:incoming".$color{"color11"}.":$Lang::tr{'incoming traffic in bytes per second'}",
- "AREA:outgoing".$color{"color12"}.":$Lang::tr{'outgoing traffic in bytes per second'}\\j",
- "COMMENT: \\j",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",
- "GPRINT:incoming:MAX:$Lang::tr{'in'}\\:%8.3lf %sBps",
- "GPRINT:incoming:AVERAGE:$Lang::tr{'in'}\\:%8.3lf %sBps",
- "GPRINT:incoming:MIN:$Lang::tr{'in'}\\:%8.3lf %sBps",
- "GPRINT:incoming:LAST:$Lang::tr{'in'}\\:%8.3lf %sBps\\j",
- "GPRINT:outgoing:MAX:$Lang::tr{'out'}\\:%8.3lf %sBps",
- "GPRINT:outgoing:AVERAGE:$Lang::tr{'out'}\\:%8.3lf %sBps",
- "GPRINT:outgoing:MIN:$Lang::tr{'out'}\\:%8.3lf %sBps",
- "GPRINT:outgoing:LAST:$Lang::tr{'out'}\\:%8.3lf %sBps\\j");
- $ERROR = RRDs::error;
- print "Error in RRD::graph for $interface: $ERROR\n" if $ERROR;
-}
-
-sub updatefwhitsgraph {
- my $period = $_[0];
-
- RRDs::graph ("$graphs/firewallhits-$period-area.png",
- "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'firewall hits per'} $Lang::tr{$period}",
- "DEF:amount=$rrdlog/firewallhits.rrd:amount:AVERAGE",
- "DEF:portamount=$rrdlog/firewallhits.rrd:portamount:AVERAGE",
- "COMMENT:$Lang::tr{'caption'}\\t\\t\\t",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",
- "AREA:amount".$color{"color24"}.":$Lang::tr{'firewallhits'}/5 min",
- "GPRINT:amount:MAX:%2.2lf %S",
- "GPRINT:amount:AVERAGE:%2.2lf %S",
- "GPRINT:amount:MIN:%2.2lf %S",
- "GPRINT:amount:LAST:%2.2lf %S\\j",
- "STACK:portamount".$color{"color25"}.":$Lang::tr{'portscans'}/5 min",
- "GPRINT:portamount:MAX:%2.2lf %S",
- "GPRINT:portamount:MIN:%2.2lf %S",
- "GPRINT:portamount:AVERAGE:%2.2lf %S",
- "GPRINT:portamount:LAST:%2.2lf %S\\j");
- $ERROR = RRDs::error;
- print "Error in RRD::graph for Firewallhits: $ERROR\n" if $ERROR;
-}
-
-sub updatelqgraph {
- my $period = $_[0];
- RRDs::graph ("$graphs/lq-$period.png",
- "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-r",
- "-t $Lang::tr{'linkq'} ($Lang::tr{'graph per'} $Lang::tr{$period})",
- "--lazy",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-v ms / pkts (% x10)",
- "DEF:roundtrip=$rrdlog/lq.rrd:roundtrip:AVERAGE",
- "DEF:loss=$rrdlog/lq.rrd:loss:AVERAGE",
- "CDEF:roundavg=roundtrip,PREV(roundtrip),+,2,/",
- "CDEF:loss10=loss,10,*",
- "CDEF:r0=roundtrip,30,MIN",
- "CDEF:r1=roundtrip,70,MIN",
- "CDEF:r2=roundtrip,150,MIN",
- "CDEF:r3=roundtrip,300,MIN",
- "AREA:roundtrip".$color{"color25"}.":>300 ms",
- "AREA:r3".$color{"color18"}.":150-300 ms",
- "AREA:r2".$color{"color14"}.":70-150 ms",
- "AREA:r1".$color{"color17"}.":30-70 ms",
- "AREA:r0".$color{"color12"}.":<30 ms",
- "AREA:loss10".$color{"color13"}.":Packet loss (x10)\\j",
- "COMMENT: \\j",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",
- "LINE1:roundtrip#707070:",
- "GPRINT:roundtrip:MAX:Time\\:%3.2lf ms",
- "GPRINT:roundtrip:AVERAGE:Time\\:%3.2lf ms",
- "GPRINT:roundtrip:MIN:Time\\:%3.2lf ms",
- "GPRINT:roundtrip:LAST:Time\\:%3.2lf ms\\j",
- "GPRINT:loss:MAX:Loss\\:%3.2lf%%",
- "GPRINT:loss:AVERAGE:Loss\\:%3.2lf%%",
- "GPRINT:loss:MIN:Loss\\:%3.2lf%%",
- "GPRINT:loss:LAST:Loss\\:%3.2lf%%\\j"
- );
- $ERROR = RRDs::error;
- print "Error in RRD::graph for Link Quality: $ERROR\n" if $ERROR;
-}
-
-sub updatehddgraph {
-
- my $disk = $_[0];
- my $period = $_[1];
-
- RRDs::graph ("$graphs/hddtemp-$disk-$period.png",
- "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'harddisk temperature'} ($Lang::tr{'graph per'} $Lang::tr{$period})",
- "DEF:temperature=$rrdlog/hddtemp-$disk.rrd:temperature:AVERAGE",
- "DEF:standby=$rrdlog/hddshutdown-$disk.rrd:standby:AVERAGE",
- "CDEF:st=standby,INF,*",
- "AREA:st".$color{"color20"}.":standby",
- "LINE2:temperature".$color{"color11"}.":$Lang::tr{'hdd temperature in'} C\\j",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",
- "GPRINT:temperature:MAX:%3.0lf Grad C",
- "GPRINT:temperature:AVERAGE:%3.0lf Grad C",
- "GPRINT:temperature:MIN:%3.0lf Grad C",
- "GPRINT:temperature:LAST:%3.0lf Grad C\\j",
- );
- $ERROR = RRDs::error;
- print "Error in RRD::graph for hdd-$disk: $ERROR\n" if $ERROR;
-}
-
-sub updatetempgraph
-{
- my $type = "temp";
- my $period = $_[0];
- my $count = "11";
-
- @args = ("$graphs/mbmon-$type-$period.png",
- "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100", "--alt-autoscale",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'mbmon temp'} ($Lang::tr{'graph per'} $Lang::tr{$period})",
- "COMMENT:$Lang::tr{'caption'}\\t\\t",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",);
-
- foreach $key ( sort(keys %mbmon_values) )
- {
- if ( (index($key, $type) != -1) && ($mbmon_settings{'LINE-'.$key} eq 'on') )
- {
- if ( !defined($mbmon_settings{'LABEL-'.$key}) || ($mbmon_settings{'LABEL-'.$key} eq '') )
- {
- $mbmon_settings{'LABEL-'.$key} = $key;
- }
- push (@args, "DEF:$key=$rrdlog/mbmon.rrd:$key:AVERAGE");
- push (@args, "LINE2:".$key.$color{"color$count"}.":$mbmon_settings{'LABEL-'.$key} Grad C");
- push (@args, "GPRINT:$key:MAX:%3.1lf");
- push (@args, "GPRINT:$key:AVERAGE:%3.1lf");
- push (@args, "GPRINT:$key:MIN:%3.1lf");
- push (@args, "GPRINT:$key:LAST:%3.1lf\\j");
- $count++;
- }
- }
-
- RRDs::graph ( @args );
- $ERROR = RRDs::error;
- print("Error in RRD::graph for temp: $ERROR\n")if $ERROR;
-}
-
-sub updatefangraph
-{
- my $type = "fan";
- my $period = $_[0];
- my $count = "11";
-
- @args = ("$graphs/mbmon-$type-$period.png", "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100", "--alt-autoscale",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'mbmon fan'} ($Lang::tr{'graph per'} $Lang::tr{$period})",
- "COMMENT:$Lang::tr{'caption'}\\t\\t",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",);
-
- foreach $key ( sort(keys %mbmon_values) )
- {
- if ( (index($key, $type) != -1) && ($mbmon_settings{'LINE-'.$key} eq 'on') )
- {
- if ( !defined($mbmon_settings{'LABEL-'.$key}) || ($mbmon_settings{'LABEL-'.$key} eq '') )
- {
- $mbmon_settings{'LABEL-'.$key} = $key;
- }
-
- push(@args, "DEF:$key=$rrdlog/mbmon.rrd:$key:AVERAGE");
- push(@args, "LINE2:".$key.$color{"color$count"}.":$mbmon_settings{'LABEL-'.$key} rpm");
- push(@args, "GPRINT:$key:MAX:%5.0lf");
- push(@args, "GPRINT:$key:AVERAGE:%5.0lf");
- push(@args, "GPRINT:$key:MIN:%5.0lf");
- push(@args, "GPRINT:$key:LAST:%5.0lf\\j");
- $count++;
- }
- }
- RRDs::graph ( @args );
- $ERROR = RRDs::error;
- print("Error in RRD::graph for temp: $ERROR\n")if $ERROR;
-}
-
-sub updatevoltgraph
-{
- my $type = "volt";
- my $period = $_[0];
- my $count = "11";
-
- @args = ("$graphs/mbmon-$type-$period.png", "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 100", "--alt-autoscale",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "-t $Lang::tr{'mbmon volt'} ($Lang::tr{'graph per'} $Lang::tr{$period})",
- "COMMENT:$Lang::tr{'caption'}\\t",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",);
-
- foreach $key ( sort(keys %mbmon_values) )
- {
- my $v = substr($key,0,1);
- if ( ($v eq 'v') && ($mbmon_settings{'LINE-'.$key} eq 'on') )
- {
- if ( !defined($mbmon_settings{'LABEL-'.$key}) || ($mbmon_settings{'LABEL-'.$key} eq '') )
- {
- $mbmon_settings{'LABEL-'.$key} = $key;
- }
-
- push(@args, "DEF:$key=$rrdlog/mbmon.rrd:$key:AVERAGE");
- push(@args, "LINE2:".$key.$color{"color$count"}.":$mbmon_settings{'LABEL-'.$key} Volt");
- push(@args, "GPRINT:$key:MAX:%3.2lf");
- push(@args, "GPRINT:$key:AVERAGE:%3.2lf");
- push(@args, "GPRINT:$key:MIN:%3.2lf");
- push(@args, "GPRINT:$key:LAST:%3.2lf\\j");
- $count++;
- }
- }
-
- RRDs::graph ( @args );
- $ERROR = RRDs::error;
- print("Error in RRD::graph for temp: $ERROR\n")if $ERROR;
-}
-
-sub overviewgraph {
-
- my $period = $_[0];
- my $periodstring;
- my $description;
- my %qossettings = ();
- &General::readhash("${General::swroot}/qos/settings", \%qossettings);
- my $classentry = "";
- my @classes = ();
- my @classline = ();
- my $classfile = "/var/ipfire/qos/classes";
-
- $qossettings{'DEV'} = $_[1];
- if ( $qossettings{'DEV'} eq $qossettings{'RED_DEV'} ) {
- $qossettings{'CLASSPRFX'} = '1';
- } else {
- $qossettings{'CLASSPRFX'} = '2';
- }
-
- if ( $period ne '3240' ){ $periodstring = "-1$period";}else{ $periodstring = "-".$period;}
- if ( $period ne '3240' ){ $description = "-t $Lang::tr{'Utilization on'} ($qossettings{'DEV'}) ($Lang::tr{'graph per'} $Lang::tr{$period})";}else{ $description = "-t $Lang::tr{'Utilization on'} ($qossettings{'DEV'})";}
-
- my $ERROR="";
- my $count="1";
- my $color="#000000";
- my @command=("/srv/web/ipfire/html/graphs/qos-graph-$qossettings{'DEV'}-$period.png",
- "--start", $periodstring, "-aPNG", "-i", "-z", "-W www.ipfire.org",
- "--alt-y-grid", "-w 600", "-h 150", "-r",
- "--color", "SHADEA".$color{"color19"},
- "--color", "SHADEB".$color{"color19"},
- "--color", "BACK".$color{"color21"},
- "COMMENT:$Lang::tr{'caption'}\\t\\t\\t\\t ",
- "COMMENT:$Lang::tr{'maximal'}",
- "COMMENT:$Lang::tr{'average'}",
- "COMMENT:$Lang::tr{'minimal'}",
- "COMMENT:$Lang::tr{'current'}\\j",
- $description
- );
- open( FILE, "< $classfile" ) or die "Unable to read $classfile";
- @classes = <FILE>;
- close FILE;
- foreach $classentry (sort @classes)
- {
- @classline = split( /\;/, $classentry );
- if ( $classline[0] eq $qossettings{'DEV'} )
- {
- $color=random_hex_color(6);
- push(@command, "DEF:$classline[1]=/var/log/rrd/class_$qossettings{'CLASSPRFX'}-$classline[1]_$qossettings{'DEV'}.rrd:bytes:AVERAGE");
-
- if ($count eq "1") {
- push(@command, "AREA:$classline[1]$color:Klasse $classline[1] -".sprintf("%15s",$classline[8]));
- } else {
- push(@command, "STACK:$classline[1]$color:Klasse $classline[1] -".sprintf("%15s",$classline[8]));
-
- }
- push(@command, "GPRINT:$classline[1]:MAX:%5.2lf");
- push(@command, "GPRINT:$classline[1]:AVERAGE:%5.2lf");
- push(@command, "GPRINT:$classline[1]:MIN:%5.2lf");
- push(@command, "GPRINT:$classline[1]:LAST:%5.2lf\\j");
- $count++;
- }
- }
- RRDs::graph (@command);
- $ERROR = RRDs::error;
- print "$ERROR";
-}
-
-sub random_hex_color {
- my $size = shift;
- $size = 6 if $size !~ /^3|6$/;
- my @hex = ( 0 .. 9, 'a' .. 'f' );
- my @color;
- push @color, @hex[rand(@hex)] for 1 .. $size;
- return join('', '#', @color);
-}
+++ /dev/null
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The SmoothWall Team
-# Copyright (C) 2002 Alex Hudson - getcgihash() rewrite
-# Copyright (C) 2002 Bob Grant <bob@cache.ucr.edu> - validmac()
-# Copyright (c) 2002/04/13 Steve Bootes - add alias section, helper functions
-# Copyright (c) 2002/08/23 Mark Wormgoor <mark@wormgoor.com> validfqdn()
-# Copyright (c) 2003/09/11 Darren Critchley <darrenc@telus.net> srtarray()
-#
-package Header;
-
-use CGI();
-use Socket;
-use Time::Local;
-
-$|=1; # line buffering
-
-$Header::revision = 'final';
-$Header::swroot = '/var/ipfire';
-$Header::graphdir='/srv/web/ipfire/html/graphs';
-$Header::pagecolour = '#ffffff';
-#$Header::tablecolour = '#a0a0a0';
-$Header::tablecolour = '#FFFFFF';
-$Header::bigboxcolour = '#F6F4F4';
-$Header::boxcolour = '#EAE9EE';
-$Header::bordercolour = '#000000';
-$Header::table1colour = '#E0E0E0';
-$Header::table2colour = '#F0F0F0';
-$Header::colourred = '#993333';
-$Header::colourorange = '#FF9933';
-$Header::colouryellow = '#FFFF00';
-$Header::colourgreen = '#339933';
-$Header::colourblue = '#333399';
-$Header::colourovpn = '#339999';
-$Header::colourfw = '#000000';
-$Header::colourvpn = '#990099';
-$Header::colourerr = '#FF0000';
-$Header::viewsize = 150;
-$Header::errormessage = '';
-my %menuhash = ();
-my $menu = \%menuhash;
-%settings = ();
-%ethsettings = ();
-@URI = ();
-
-### Make sure this is an SSL request
-if ($ENV{'SERVER_ADDR'} && $ENV{'HTTPS'} ne 'on') {
- print "Status: 302 Moved\r\n";
- print "Location: https://$ENV{'SERVER_ADDR'}:444/$ENV{'PATH_INFO'}\r\n\r\n";
- exit 0;
-}
-
-### Initialize environment
-&General::readhash("${swroot}/main/settings", \%settings);
-&General::readhash("${swroot}/ethernet/settings", \%ethsettings);
-$language = $settings{'LANGUAGE'};
-$hostname = $settings{'HOSTNAME'};
-$hostnameintitle = 0;
-
-### Initialize language
-if ($language =~ /^(\w+)$/) {$language = $1;}
-
-### Read English Files
-if ( -d "/var/ipfire/langs/en/" ) {
- opendir(DIR, "/var/ipfire/langs/en/");
- @names = readdir(DIR) or die "Cannot Read Directory: $!\n";
- foreach $name(@names) {
- next if ($name eq ".");
- next if ($name eq "..");
- next if (!($name =~ /\.pl$/));
- require "${swroot}/langs/en/${name}";
- };
-};
-
-
-### Enable Language Files
-if ( -d "/var/ipfire/langs/${language}/" ) {
- opendir(DIR, "/var/ipfire/langs/${language}/");
- @names = readdir(DIR) or die "Cannot Read Directory: $!\n";
- foreach $name(@names) {
- next if ($name eq ".");
- next if ($name eq "..");
- next if (!($name =~ /\.pl$/));
- require "${swroot}/langs/${language}/${name}";
- };
-};
-
-### Read IPFire Buildversion
-$FIREBUILD = "File not found: firebuild\n";
-if (open(MYFile, "<${swroot}/firebuild")) {
- $FIREBUILD = <MYFile>;
- chomp($FIREBUILD);
- $FIREBUILD = "(Build: $FIREBUILD)";
- close(MYFile);
-};
-
-require "${swroot}/langs/en.pl";
-require "${swroot}/langs/${language}.pl";
-eval `/bin/cat /srv/web/ipfire/html/themes/$settings{'THEME'}/include/functions.pl`;
-
-sub orange_used () {
- if ($ethsettings{'CONFIG_TYPE'} =~ /^[24]$/) {
- return 1;
- }
- return 0;
-}
-
-sub blue_used () {
- if ($ethsettings{'CONFIG_TYPE'} =~ /^[34]$/) {
- return 1;
- }
- return 0;
-}
-
-sub is_modem {
- if ($ethsettings{'CONFIG_TYPE'} =~ /^[0]$/) {
- return 1;
- }
- return 0;
-}
-
-### Initialize menu
-sub genmenu {
-
- my %subsystemhash = ();
- my $subsystem = \%subsystemhash;
-
- my %substatushash = ();
- my $substatus = \%substatushash;
-
- my %subnetworkhash = ();
- my $subnetwork = \%subnetworkhash;
-
- my %subserviceshash = ();
- my $subservices = \%subserviceshash;
-
- my %subfirewallhash = ();
- my $subfirewall = \%subfirewallhash;
-
- my %subipfirehash = ();
- my $subipfire = \%subipfirehash;
-
- my %sublogshash = ();
- my $sublogs = \%sublogshash;
-
- eval `/bin/cat /var/ipfire/menu.d/*.menu`;
- eval `/bin/cat /var/ipfire/menu.d/*.main`;
-
- if (! blue_used() && ! orange_used()) {
- $menu->{'05.firewall'}{'subMenu'}->{'40.dmz'}{'enabled'} = 0;
- }
- if (! blue_used()) {
- $menu->{'05.firewall'}{'subMenu'}->{'30.wireless'}{'enabled'} = 0;
- }
- if ( $ethsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $ethsettings{'RED_TYPE'} eq 'STATIC' ) {
- $menu->{'03.network'}{'subMenu'}->{'70.aliases'}{'enabled'} = 1;
- }
-}
-
-sub showhttpheaders
-{
- print "Pragma: no-cache\n";
- print "Cache-control: no-cache\n";
- print "Connection: close\n";
- print "Content-type: text/html\n\n";
-}
-
-sub is_menu_visible($) {
- my $link = shift;
- $link =~ s#\?.*$##;
- return (-e $ENV{'DOCUMENT_ROOT'}."/../$link");
-}
-
-
-sub getlink($) {
- my $root = shift;
- if (! $root->{'enabled'}) {
- return '';
- }
- if ($root->{'uri'} !~ /^$/) {
- my $vars = '';
- if ($root->{'vars'} !~ /^$/) {
- $vars = '?'. $root->{'vars'};
- }
- if (! is_menu_visible($root->{'uri'})) {
- return '';
- }
- return $root->{'uri'}.$vars;
- }
- my $submenus = $root->{'subMenu'};
- if (! $submenus) {
- return '';
- }
- foreach my $item (sort keys %$submenus) {
- my $link = getlink($submenus->{$item});
- if ($link ne '') {
- return $link;
- }
- }
- return '';
-}
-
-
-sub compare_url($) {
- my $conf = shift;
-
- my $uri = $conf->{'uri'};
- my $vars = $conf->{'vars'};
- my $novars = $conf->{'novars'};
-
- if ($uri eq '') {
- return 0;
- }
- if ($uri ne $URI[0]) {
- return 0;
- }
- if ($novars) {
- if ($URI[1] !~ /^$/) {
- return 0;
- }
- }
- if (! $vars) {
- return 1;
- }
- return ($URI[1] eq $vars);
-}
-
-
-sub gettitle($) {
- my $root = shift;
-
- if (! $root) {
- return '';
- }
- foreach my $item (sort keys %$root) {
- my $val = $root->{$item};
- if (compare_url($val)) {
- $val->{'selected'} = 1;
- if ($val->{'title'} !~ /^$/) {
- return $val->{'title'};
- }
- return 'EMPTY TITLE';
- }
-
- my $title = gettitle($val->{'subMenu'});
- if ($title ne '') {
- $val->{'selected'} = 1;
- return $title;
- }
- }
- return '';
-}
-
-sub getcgihash {
- my ($hash, $params) = @_;
- my $cgi = CGI->new ();
- $hash->{'__CGI__'} = $cgi;
- return if ($ENV{'REQUEST_METHOD'} ne 'POST');
- if (!$params->{'wantfile'}) {
- $CGI::DISABLE_UPLOADS = 1;
- $CGI::POST_MAX = 512 * 1024;
- } else {
- $CGI::POST_MAX = 10 * 1024 * 1024;
- }
-
- $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/;
- my $referer = $1;
- $cgi->url() =~ m/^https?\:\/\/([^\/]+)/;
- my $servername = $1;
- return if ($referer ne $servername);
-
- ### Modified for getting multi-vars, split by |
- %temp = $cgi->Vars();
- foreach my $key (keys %temp) {
- $hash->{$key} = $temp{$key};
- $hash->{$key} =~ s/\0/|/g;
- $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/;
- }
-
- if (($params->{'wantfile'})&&($params->{'filevar'})) {
- $hash->{$params->{'filevar'}} = $cgi->upload
- ($params->{'filevar'});
- }
- return;
-}
-
-
-# Test if IP is within a subnet
-# Call: IpInSubnet (Addr, Subnet, Subnet Mask)
-# Subnet can be an IP of the subnet: 10.0.0.0 or 10.0.0.1
-# Everything in dottted notation
-# Return: TRUE/FALSE
-sub IpInSubnet
-{
- $ip = unpack('N', inet_aton(shift));
- $start = unpack('N', inet_aton(shift));
- $mask = unpack('N', inet_aton(shift));
- $start &= $mask; # base of subnet...
- $end = $start + ~$mask;
- return (($ip >= $start) && ($ip <= $end));
-}
-
-sub cleanhtml
-{
- my $outstring =$_[0];
- $outstring =~ tr/,/ / if not defined $_[1] or $_[1] ne 'y';
- $outstring =~ s/&/&/g;
- $outstring =~ s/\'/'/g;
- $outstring =~ s/\"/"/g; #" This is just a workaround for the syntax highlighter
- $outstring =~ s/</</g;
- $outstring =~ s/>/>/g;
- return $outstring;
-}
-
-sub connectionstatus
-{
- my %pppsettings = ();
- my %netsettings = ();
- my $iface='';
-
- $pppsettings{'PROFILENAME'} = 'None';
- &General::readhash("${General::swroot}/ppp/settings", \%pppsettings);
- &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
- my $profileused='';
- unless ( $netsettings{'RED_TYPE'} =~ /^(DHCP|STATIC)$/ ) {
- $profileused="- $pppsettings{'PROFILENAME'}";
- }
-
- my ($timestr, $connstate);
-
- my $connstate = "<span>$Lang::tr{'idle'} $profileused</span>";
-
- if (-e "${General::swroot}/red/active") {
- $timestr = &General::age("${General::swroot}/red/active");
- $connstate = "<span>$Lang::tr{'connected'} - (<span>$timestr</span>) $profileused</span>";
- } else {
- if ((open(KEEPCONNECTED, "</var/ipfire/red/keepconnected") == false) && ($pppsettings{'RECONNECTION'} eq "persistent")) {
- $connstate = "<span>$Lang::tr{'connection closed'} $profileused</span>";
- } elsif (($pppsettings{'RECONNECTION'} eq "dialondemand") && ( -e "${General::swroot}/red/dial-on-demand")) {
- $connstate = "<span>$Lang::tr{'dod waiting'} $profileused</span>";
- } else {
- $connstate = "<span>$Lang::tr{'connecting'} $profileused</span>" if (system("ps -ef | grep -q '[p]ppd'"));
- }
- }
-
- return $connstate;
-}
-
-sub CheckSortOrder {
-#Sorting of allocated leases
- if ($ENV{'QUERY_STRING'} =~ /^IPADDR|^ETHER|^HOSTNAME|^ENDTIME/ ) {
- my $newsort=$ENV{'QUERY_STRING'};
- &readhash("${swroot}/dhcp/settings", \%dhcpsettings);
- $act=$dhcpsettings{'SORT_LEASELIST'};
- #Reverse actual ?
- if ($act =~ $newsort) {
- if ($act !~ 'Rev') {$Rev='Rev'};
- $newsort.=$Rev
- };
-
- $dhcpsettings{'SORT_LEASELIST'}=$newsort;
- &writehash("${swroot}/dhcp/settings", \%dhcpsettings);
- $dhcpsettings{'ACTION'} = 'SORT'; # avoid the next test "First lauch"
- }
-
-}
-
-sub PrintActualLeases
-{
- &openbox('100%', 'left', $tr{'current dynamic leases'});
- print <<END
-<table width='100%'>
-<tr>
-<td width='25%' align='center'><a href='$ENV{'SCRIPT_NAME'}?IPADDR'><b>$tr{'ip address'}</b></a></td>
-<td width='25%' align='center'><a href='$ENV{'SCRIPT_NAME'}?ETHER'><b>$tr{'mac address'}</b></a></td>
-<td width='20%' align='center'><a href='$ENV{'SCRIPT_NAME'}?HOSTNAME'><b>$tr{'hostname'}</b></a></td>
-<td width='25%' align='center'><a href='$ENV{'SCRIPT_NAME'}?ENDTIME'><b>$tr{'lease expires'} (local time d/m/y)</b></a></td>
-<td width='5%' align='center'><b>Add to fix leases<b></td>
-</tr>
-END
- ;
-
- open(LEASES,"/var/state/dhcp/dhcpd.leases") or die "Can't open dhcpd.leases";
- while ($line = <LEASES>) {
- next if( $line =~ /^\s*#/ );
- chomp($line);
- @temp = split (' ', $line);
-
- if ($line =~ /^\s*lease/) {
- $ip = $temp[1];
- #All field are not necessarily read. Clear everything
- $endtime = 0;
- $ether = "";
- $hostname = "";
- }
-
- if ($line =~ /^\s*ends/) {
- $line =~ /(\d+)\/(\d+)\/(\d+) (\d+):(\d+):(\d+)/;
- $endtime = timegm($6, $5, $4, $3, $2 - 1, $1 - 1900);
- }
-
- if ($line =~ /^\s*hardware ethernet/) {
- $ether = $temp[2];
- $ether =~ s/;//g;
- }
-
- if ($line =~ /^\s*client-hostname/) {
- $hostname = "$temp[1] $temp[2] $temp[3]";
- $hostname =~ s/;//g;
- $hostname =~ s/\"//g;
- }
-
- if ($line eq "}") {
- @record = ('IPADDR',$ip,'ENDTIME',$endtime,'ETHER',$ether,'HOSTNAME',$hostname);
- $record = {}; # create a reference to empty hash
- %{$record} = @record; # populate that hash with @record
- $entries{$record->{'IPADDR'}} = $record; # add this to a hash of hashes
- }
- }
- close(LEASES);
-
- my $id = 0;
- foreach my $key (sort leasesort keys %entries) {
- print "<form method='post' action='/cgi-bin/dhcp.cgi'>\n";
- my $hostname = &cleanhtml($entries{$key}->{HOSTNAME},"y");
-
- if ($id % 2) {
- print "<tr bgcolor='$table1colour'>";
- }
- else {
- print "<tr bgcolor='$table2colour'>";
- }
-
- print <<END
-<td align='center'><input type='hidden' name='FIX_ADDR' value='$entries{$key}->{IPADDR}' />$entries{$key}->{IPADDR}</td>
-<td align='center'><input type='hidden' name='FIX_MAC' value='$entries{$key}->{ETHER}' />$entries{$key}->{ETHER}</td>
-<td align='center'><input type='hidden' name='FIX_REMARK' value='$hostname' /> $hostname</td>
-<td align='center'><input type='hidden' name='FIX_ENABLED' value='on' />
-END
- ;
-
- ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $dst) = localtime ($entries{$key}->{ENDTIME});
- $enddate = sprintf ("%02d/%02d/%d %02d:%02d:%02d",$mday,$mon+1,$year+1900,$hour,$min,$sec);
-
- if ($entries{$key}->{ENDTIME} < time() ){
- print "<strike>$enddate</strike>";
- } else {
- print "$enddate";
- }
- print <<END
-<td><input type='hidden' name='ACTION' value='$Lang::tr{'add'}2' /><input type='submit' name='SUBMIT' value='$Lang::tr{'add'}' />
-</td></td></tr></form>
-END
- ;
- $id++;
- }
-
- print "</table>";
- &closebox();
-}
-
-
-# This sub is used during display of actives leases
-sub leasesort {
- if (rindex ($dhcpsettings{'SORT_LEASELIST'},'Rev') != -1)
- {
- $qs=substr ($dhcpsettings{'SORT_LEASELIST'},0,length($dhcpsettings{'SORT_LEASELIST'})-3);
- if ($qs eq 'IPADDR') {
- @a = split(/\./,$entries{$a}->{$qs});
- @b = split(/\./,$entries{$b}->{$qs});
- ($b[0]<=>$a[0]) ||
- ($b[1]<=>$a[1]) ||
- ($b[2]<=>$a[2]) ||
- ($b[3]<=>$a[3]);
- }else {
- $entries{$b}->{$qs} cmp $entries{$a}->{$qs};
- }
- }
- else #not reverse
- {
- $qs=$dhcpsettings{'SORT_LEASELIST'};
- if ($qs eq 'IPADDR') {
- @a = split(/\./,$entries{$a}->{$qs});
- @b = split(/\./,$entries{$b}->{$qs});
- ($a[0]<=>$b[0]) ||
- ($a[1]<=>$b[1]) ||
- ($a[2]<=>$b[2]) ||
- ($a[3]<=>$b[3]);
- }else {
- $entries{$a}->{$qs} cmp $entries{$b}->{$qs};
- }
- }
-}
+++ /dev/null
-# ICMP Data File
-#
-# This file is part of the IPCop Firewall.
-#
-# IPCop is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# IPCop is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with IPCop; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-# (c) The IPCop Team
-#
-# $Id: icmptypes,v 1.2 2003/12/11 11:15:33 riddles Exp $
-#
-# Valid ICMP types obtained through the following command
-# iptables -p icmp -h
-#
-echo-reply (pong)
-destination-unreachable
-network-unreachable
-host-unreachable
-protocol-unreachable
-port-unreachable
-fragmentation-needed
-source-route-failed
-network-unknown
-host-unknown
-network-prohibited
-host-prohibited
-TOS-network-unreachable
-TOS-host-unreachable
-communication-prohibited
-host-precedence-violation
-precedence-cutoff
-source-quench
-redirect
-network-redirect
-host-redirect
-TOS-network-redirect
-TOS-host-redirect
-echo-request (ping)
-router-advertisement
-router-solicitation
-time-exceeded (ttl-exceeded)
-ttl-zero-during-transit
-ttl-zero-during-reassembly
-parameter-problem
-ip-header-bad
-required-option-missing
-timestamp-request
-timestamp-reply
-address-mask-request
-address-mask-reply
+++ /dev/null
-# SmoothWall CGIs
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) The SmoothWall Team
-# Copyright (c) 2002/08/23 Mark Wormgoor <mark@wormgoor.com> Split from header.pl
-#
-# $Id: lang.pl,v 1.1.2.11 2005/09/10 16:22:50 eoberlander Exp $
-#
-
-package Lang;
-require 'CONFIG_ROOT/general-functions.pl';
-use strict;
-
-### A cache file to avoid long recalculation
-$Lang::CacheLang = '/var/ipfire/langs/cache-lang.pl';
-
-# When you want to add your own language strings/entries to the ipcop language file,
-# you should create a file with <PREFIX>.<LANG>.pl into CONFIG_ROOT/addon-lang dir
-# <PREFIX> is free choosable but should be significant. An Example might be "myAddnName"
-# <LANG> is a mnemonic of the used language like en, de, it, nl etc.
-# You can find a detailed list of possible mnemonic's in the file CONFIG_ROOT/langs/list
-# A file could be named "VirtualHttpd.en.pl" for example.
-#
-# The file content has to start with (of course without the leading #):
-# --------- CODE ---------
-#%tr = (%tr,
-# 'key1' => 'value', # add all your entries key/values here
-# 'key2' => 'value' # and end with (of course without the leading #):
-#);
-# --------- CODE END---------
-#
-# After you have copied all your files to CONFIG_ROOT/add-lang you have to run the
-# script compilation:
-# perl -e "require '/CONFIG_ROOT/lang.pl'; &Lang::BuildCacheLang"
-
-
-### Initialize language
-%Lang::tr = ();
-my %settings = ();
-&General::readhash("${General::swroot}/main/settings", \%settings);
-reload($settings{'LANGUAGE'});
-
-# language variable used by makegraphs script
-our $language;
-$language = $settings{'LANGUAGE'};
-
-#
-# Load requested language file from cachefile. If cachefile doesn't exist, build on the fly.
-# (it is a developper options)
-#
-sub reload {
-
- my ($LG) = @_;
- %Lang::tr = (); # start with a clean array
-
- # Use CacheLang if present & not empty.
- if (-s "$Lang::CacheLang.$LG" ) {
- ##fix: need to put a lock_shared on it in case rebuild is active ?
- do "$Lang::CacheLang.$LG";
- #&General::log ("cachelang file used [$LG]");
- return;
- }
-
- #&General::log("Building on the fly cachelang file for [$LG]");
- do "${General::swroot}/langs/en.pl";
- do "${General::swroot}/langs/$LG.pl" if ($LG ne 'en');
-
- my $AddonDir = ${General::swroot}.'/addon-lang';
-
- opendir (DIR, $AddonDir);
- my @files = readdir (DIR);
- closedir (DIR);
-
- # default is to load english first
- foreach my $file ( grep (/.*\.en.pl$/,@files)) {
- do "$AddonDir/$file";
- }
-
- # read again, overwriting 'en' with choosed lang
- if ($LG ne 'en') {
- foreach my $file (grep (/.*\.$LG\.pl$/,@files) ) {
- do "$AddonDir/$file";
- }
- }
-}
-
-#
-# Assume this procedure is called with enough privileges.
-# Merge ipcop langage file + all other extension found in addon-lang
-# to build a 'cachefile' for selected language
-#
-sub BuildUniqueCacheLang {
-
- my ($LG) = @_;
-
- # Make CacheLang empty so that it won't be used by Lang::reload
- open (FILE, ">$Lang::CacheLang.$LG") or return 1;
- flock (FILE, 2) or return 1;
- close (FILE);
-
- # Load languages files
- &Lang::reload ($LG);
-
- # Write the unique %tr=('key'=>'value') array
- open (FILE, ">$Lang::CacheLang.$LG") or return 1;
- flock (FILE, 2) or return 1;
- print FILE '%tr=(';
- foreach my $k ( keys %Lang::tr ){
- $Lang::tr{$k} =~ s/\'/\\\'/g; # quote ' => \'
- print FILE "'$k' => '$Lang::tr{$k}',"; # key => value,
- }
- print FILE ');';
- close (FILE);
-
- # Make nobody:nobody file's owner
- # Will work when called by root/rc.sysinit
- chown (0,0,"$Lang::CacheLang.$LG");
- chmod (0004,"$Lang::CacheLang.$LG");
- return 0;
-}
-
-#
-# Switch Ipcop Language for each lang then call build cachelang
-#
-sub BuildCacheLang {
-
- my $AddonDir = ${General::swroot}.'/addon-lang';
-
- # Correct permission in case addon-installer did not do it
- opendir (DIR, $AddonDir);
- my @files = readdir (DIR);
- foreach my $file (@files) {
- next if (($file eq '..') || ($file eq '.'));
- chown (0,0,"$AddonDir/$file");
- chmod (0004,"$AddonDir/$file");
- }
- closedir (DIR);
-
- my $selected = '';;
- my $missed = '';
- my $error = 0;
-
- open (LANGS, "${General::swroot}/langs/list");
- while (<LANGS>) {
- ($selected) = split (':');
- if (BuildUniqueCacheLang ($selected) == 1) {
- $missed = $selected; # will try latter. Can only be the current cachelang file locked
- };
- }
- close (LANGS);
-
- if ($missed) { # collision with current cache lang being used ?
- $error = &BuildUniqueCacheLang ($missed);
- }
-
- &General::log ("WARNING: cannot build cachelang file for [$missed].") if ($error);
- return $error;
-}
-1;
+++ /dev/null
-LOGVIEW_REVERSE=off
-REMOTELOG_ADDR=
-ENABLE_REMOTELOG=off
-LOGWATCH_LEVEL=Low
-LOGWATCH_KEEP=56
+++ /dev/null
-GRAPH_HDD=1
-GRAPH_TEMP=1
-GRAPH_FAN=1
-GRAPH_VOLT=1
+++ /dev/null
-VALID=yes
-PULSE_DIAL=ATDP
-HANGUP=ATH0
-INIT=+++ATZ
-SPEAKER_OFF=ATM0
-TIMEOUT=45
-SPEAKER_ON=ATM1
-TONE_DIAL=ATDT
+++ /dev/null
-VALID=yes
-PULSE_DIAL=ATDP
-HANGUP=ATH0
-INIT=+++ATZ
-SPEAKER_OFF=ATM0
-TIMEOUT=45
-SPEAKER_ON=ATM1
-TONE_DIAL=ATDT
+++ /dev/null
-#!/usr/bin/perl
-#
-# This file is a library file for the Net-Traffic Addon.
-#
-# Copyright (C) 2006 Achim Weber <dotzball@users.sourceforge.net>
-#
-# $Id: net-traffic-admin.pl,v 1.13 2006/12/10 13:46:00 dotzball Exp $
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-package NETTRAFF;
-
-use strict;
-use LWP::UserAgent;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-$|=1; # line buffering
-
-my $updateUrl = "http://blockouttraffic.de/version/Net-Traffic.latest";
-my $latestVersionFile = "${General::swroot}/net-traffic/latestVersion";
-
-%NETTRAFF::settings;
-
-
-$NETTRAFF::settingsfile = "${General::swroot}/net-traffic/settings";
-$NETTRAFF::versionfile = "${General::swroot}/net-traffic/version";
-$NETTRAFF::logfile = "/var/log/net-traffic.log";
-$NETTRAFF::colorOk = '#00FF00';
-$NETTRAFF::colorWarn = '#FFFF00';
-$NETTRAFF::colorMax = '#FF0000';
-
-
-#~ $NETTRAFF::settingsCGI = '/cgi-bin/fwrulesadm.cgi';
-#~ $NETTRAFF::configCGI = '/cgi-bin/fwrules.cgi';
-#~ $NETTRAFF::advConfCGI = '/cgi-bin/fwadvconf.cgi';
-
-
-@NETTRAFF::longmonths = ( $Lang::tr{'january'}, $Lang::tr{'february'}, $Lang::tr{'march'},
- $Lang::tr{'april'}, $Lang::tr{'may'}, $Lang::tr{'june'}, $Lang::tr{'july'}, $Lang::tr{'august'},
- $Lang::tr{'september'}, $Lang::tr{'october'}, $Lang::tr{'november'},
- $Lang::tr{'december'} );
-
-@NETTRAFF::months = ( 0,1,2,3,4,5,6,7,8,9,10,11 );
-
-@NETTRAFF::years=("2001","2002","2003","2004","2005","2006","2007","2008","2009");
-
-#workaround to suppress a warning when a variable is used only once
-my @dummy = ( $General::version );
-undef (@dummy);
-
-
-# Init Settings
-$NETTRAFF::settings{'MONTHLY_VOLUME_ON'} = 'off';
-$NETTRAFF::settings{'MONTHLY_VOLUME'} = '1';
-$NETTRAFF::settings{'STARTDAY'} = '1';
-$NETTRAFF::settings{'WARN_ON'} = 'off';
-$NETTRAFF::settings{'WARN'} = '80';
-$NETTRAFF::settings{'CALC_INTERVAL'} = '60';
-$NETTRAFF::settings{'SHOW_AT_HOME'} = 'on';
-$NETTRAFF::settings{'SEND_EMAIL_ON'} = 'off';
-$NETTRAFF::settings{'EMAIL_TO'} = '';
-$NETTRAFF::settings{'EMAIL_FROM'} = '';
-$NETTRAFF::settings{'EMAIL_USR'} = '';
-$NETTRAFF::settings{'EMAIL_PW'} = '';
-$NETTRAFF::settings{'EMAIL_SERVER'} = '';
-$NETTRAFF::settings{'VERSION_CHECK_ON'} = 'off';
-
-&NETTRAFF::readSettings();
-
-
-sub readSettings
-{
- &General::readhash($NETTRAFF::settingsfile, \%NETTRAFF::settings);
-}
-
-
-sub showNetTrafficVersion
-{
- my %versionSettings = ();
-
- &General::readhash($NETTRAFF::versionfile, \%versionSettings);
-
- print <<END;
- <a href="http://$versionSettings{'URL'}" target="_blank">
- <b>Net-Traffic $versionSettings{'VERSION_INSTALLED'}
- -
-END
- print "Build $versionSettings{'BUILD_INSTALLED'}";
-
- if ($versionSettings{'IS_TESTVERSION'} == 1) {
- print " - Testversion $versionSettings{'TESTVERSION'}";
- }
- print "</b></a><br /><br />\n";
-
- # check for new version
- &checkForNewVersion();
-}
-
-sub traffPercentbar
-{
- my $percent = $_[0];
- my $fg = '#a0a0a0';
- my $bg = '#e2e2e2';
-
- if ($percent =~ m/^(\d+)%$/ )
- {
- print <<END;
- <table width='100%' border='1' cellspacing='0' cellpadding='0' style='border-width:1px;border-style:solid;border-color:$fg;width:100%;height:10px;'>
- <tr>
-END
-
- if ($percent eq "100%" || $1 > 100)
- {
- $fg = $NETTRAFF::colorMax;
- print "<td width='100%' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'>"
- }
- elsif ($percent eq "0%")
- {
- print "<td width='100%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- }
- else
- {
- if($NETTRAFF::settings{'WARN_ON'} eq 'on'
- && $1 >= $NETTRAFF::settings{'WARN'})
- {
- $fg = $NETTRAFF::colorWarn;
- }
-
- print "<td width='$percent' bgcolor='$fg' style='background-color:$fg;border-style:solid;border-width:1px;border-color:$bg'></td><td width='" . (100-$1) . "%' bgcolor='$bg' style='background-color:$bg;border-style:solid;border-width:1px;border-color:$bg'>"
- }
- print <<END;
- <img src='/images/null.gif' width='1' height='1' alt='' />
- </td>
- </tr>
- </table>
-END
-
- }
-}
-
-
-sub checkForNewVersion
-{
- if ($NETTRAFF::settings{'VERSION_CHECK_ON'} ne 'on')
- {
- return;
- }
-
- # download latest version
- &downloadLatestVersionInfo();
-
- if(-e $latestVersionFile)
- {
- my %versionSettings = ();
- &General::readhash($NETTRAFF::versionfile, \%versionSettings);
-
- my %latestVersion = ();
- &General::readhash($latestVersionFile, \%latestVersion);
-
- if( $versionSettings{'VERSION_INSTALLED'} lt $latestVersion{'VERSION_AVAILABLE'}
- || ( $versionSettings{'VERSION_INSTALLED'} le $latestVersion{'VERSION_AVAILABLE'}
- && $versionSettings{'BUILD_INSTALLED'} lt $latestVersion{'BUILD_AVAILABLE'} ) )
- {
- &Header::openbox('100%', 'left', $Lang::tr{'info'});
- print <<END;
- <table width="100%">
- <tr>
- <td>
- $Lang::tr{'net traffic newversion'}
- <a href="$latestVersion{'URL_UPDATE'}" target="_blank">
- <b>$latestVersion{'URL_UPDATE'}</b>
- </a>
- </td>
- </tr>
- <tr>
- <td>
- <b>v$latestVersion{'VERSION_AVAILABLE'} - Build $latestVersion{'BUILD_AVAILABLE'}
- </table>
-END
-
- &Header::closebox();
- }
- }
-}
-
-sub downloadLatestVersionInfo
-{
- # only check if we are online
- if (! -e '/var/ipfire/red/active')
- {
- return;
- }
-
- # download latest version file if it is not existing or outdated (i.e. 5 days old)
- if((! -e $latestVersionFile) || (int(-M $latestVersionFile) > 5))
- {
- my %versionSettings = ();
- &General::readhash($NETTRAFF::versionfile, \%versionSettings);
-
- my $ua = LWP::UserAgent->new;
- $ua->timeout(120);
- $ua->agent("Mozilla/4.0 (compatible; IPFire $General::version; $versionSettings{'VERSION_INSTALLED'})");
- my $content = $ua->get($updateUrl);
-
- if ( $content->is_success )
- {
-#~ open(FILE, ">$latestVersionFile") or die "Could not write file: $latestVersionFile";
-#~ flock (FILE, 2);
-#~ print FILE "$content->content\n";
-#~ close(FILE);
-
- my %latestVersion = ();
-
- # latest versions, format is: MOD_VERSION="1.3.0"
- $content->content =~ /MOD_VERSION="(.+?)"/;
- $latestVersion{'VERSION_AVAILABLE'} = $1;
-
- # latest build, format is: MOD_BUILD="0"
- $content->content =~ /MOD_BUILD="(.+?)"/;
- $latestVersion{'BUILD_AVAILABLE'} = $1;
-
- # URL format is: MOD_URL="http://blockouttraffic.de/nt_index.php"
- $content->content =~ /MOD_URL="(.+?)"/;
- $latestVersion{'URL_UPDATE'} = $1;
-
- &General::writehash($latestVersionFile, \%latestVersion);
- }
- }
-}
-
-
-sub getFormatedDate
-{
- my $time = shift;
- my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($time);
-
- return sprintf("%04d-%02d-%02d, %02d:%02d", 1900+$year, $mon+1, $mday, $hour, $min);;
-
-}
-# always return 1;
-1;
-# EOF
+++ /dev/null
-#!/usr/bin/perl
-#
-# $Id: net-traffic-lib.pl,v 1.10 2007/01/09 19:00:35 dotzball Exp $
-#
-# Summarize all IP accounting files from start to end time
-#
-# Copyright (C) 1997 - 2000 Moritz Both
-# 2001 - 2002 Al Zaharov
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-#
-# The author can be reached via email: moritz@daneben.de, or by
-# snail mail: Moritz Both, Im Moore 26, 30167 Hannover,
-# Germany. Phone: +49-511-1610129
-#
-#
-# 22 June 2004 By Achim Weber dotzball@users.sourceforge.net
-# - changed to use it with Net-Traffic Addon
-# - renamed to avoid issues when calling this file or original ipacsum
-# - this file is net-traffic-lib.pl for IPCop 1.4.0
-#
-
-package Traffic;
-
-use 5.000;
-use Getopt::Long;
-use POSIX qw(strftime);
-use Time::Local;
-use Socket;
-use IO::Handle;
-#use warnings;
-#use strict;
-
-$|=1; # line buffering
-
-my @moff = (0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334 );
-
-# =()<$datdelim="@<DATDELIM>@";>()=
-my $datdelim="#-#-#-#-#";
-# =()<$prefix="@<prefix>@";>()=
-my $prefix="/usr";
-# =()<$exec_prefix="@<exec_prefix>@";>()=
-my $exec_prefix="${prefix}";
-# =()<$INSTALLPATH="@<INSTALLPATH>@";>()=
-my $INSTALLPATH="${exec_prefix}/sbin";
-my $datdir="/var/log/ip-acct";
-
-my $me=$0;
-$me =~ s|^.*/([^/]+)$|$1|;
-my $now = time;
-my $fetchipac="$INSTALLPATH/fetchipac";
-my $rule_regex = ".*"; # match rules with this regex only
-my $machine_name;
-my $fetchipac_options;
-my ($newest_timestamp_before_starttime, $oldest_timestamp_after_endtime);
-my (%rule_firstfile, %rule_lastfile);
-my $count;
-my @timestamps;
-my $rulenumber;
-my ($starttime, $endtime);
-
-## Net-Traffic variables ##
-my %allDays;
-my $allDaysBytes;
-my $tzoffset = 0;
-my $displayMode = "daily";
-my ($curMonth, $curYear);
-${Traffic::blue_in} = 'incoming BLUE';
-${Traffic::green_in} = 'incoming GREEN';
-${Traffic::orange_in} = 'incoming ORANGE';
-${Traffic::red_in} = 'incoming RED';
-${Traffic::blue_out} = 'outgoing BLUE';
-${Traffic::green_out} = 'outgoing GREEN';
-${Traffic::orange_out} = 'outgoing ORANGE';
-${Traffic::red_out} = 'outgoing RED';
-
-
-sub calcTraffic{
- $allDaysBytes = shift;
- $starttime = shift;
- $endtime = shift;
- $displayMode = shift;
-
- # init
- %allDays = ();
- $starttime =~ /^(\d\d\d\d)(\d\d)/;
- $curYear = $1;
- $curMonth = $2;
-
- # calculate time zone offset in seconds - use difference of output of date
- # command and time function, round it
- $tzoffset = time-timegm(localtime());
- $machine_name = undef;
-
- if($displayMode ne "exactTimeframe")
- {
- $starttime = makeunixtime($starttime);
- if($displayMode ne 'exactEnd') {
- $endtime = makeunixtime($endtime);
- }
- }
- $endtime -= 1;
-
- # options that we need to pass to fetchipac if we call it.
- $fetchipac_options = "--directory=$datdir";
-
- $endtime = $now if ($endtime > $now);
- $starttime = 0 if ($starttime < 0);
-#~ $mystarttime = &makemydailytime($starttime);
-#~ $myendtime = &makemydailytime($endtime);
- %rule_firstfile = ( );
- %rule_lastfile = ( );
- @timestamps = ();
-
- # find out which timestamps we need to read.
- # remember newest timestamp before starttime so we know when data for
- # the first file starts
- # also remember oldest timestamp after end time
- $newest_timestamp_before_starttime = "";
- $oldest_timestamp_after_endtime = "";
- open(DATA, "$fetchipac $fetchipac_options --timestamps=$starttime,$endtime ".
- "--machine-output-format|") || die "$me: cant run $fetchipac\n";
- # the first thing is the timestamp count
- $count=<DATA>;
- if ($count == 0) {
- return ();
- }
- while(<DATA>)
- {
- if (/^(.)\s(\d+)$/) {
- my $ts = $2;
- if ($1 eq "-") {
- $newest_timestamp_before_starttime=$ts;
- }
- elsif ($1 eq "+") {
- $oldest_timestamp_after_endtime=$ts;
- }
- elsif ($1 eq "*") {
- push(@timestamps, $ts);
- }
- else {
- die "$me: illegal output from $fetchipac: \"$_\"\n";
- }
- }
- else {
- die "$me: illegal output from $fetchipac: \"$_\"\n";
- }
- }
- close DATA;
-
- push(@timestamps, $oldest_timestamp_after_endtime)
- if ($oldest_timestamp_after_endtime);
- unshift(@timestamps, $newest_timestamp_before_starttime)
- if ($newest_timestamp_before_starttime);
-
- $rulenumber = 0;
-
- # read all data we need and put the data into memory.
- &read_data;
-
- my @days_sorted = sort keys %allDays;
- return @days_sorted;
-}
-##########################
-# END OF MAIN PROGRAM
-##########################
-
-# read all data (@timestmaps contains the timestamps, must be sorted!)
-# and put the data into our global memory data
-# structures. special care must be taken with data of the first and
-# the last timestamps we read, since we only want data which is from our
-# time frame. Furthermore, data from before and after this time frame
-# must be preserved in special data structures because we might replace
-# them (option --replace) and have to write extra data for these times
-# then.
-sub read_data {
- my $run_s;
- my $s;
- my $i;
- my $in_time = 0;
- my $after_time = 0;
-
- my $curDay = $starttime;
-
- # feed the timestamp list to fetchipac on its stdin.
- socketpair(CHILD, PARENT, AF_UNIX, SOCK_STREAM, PF_UNSPEC)
- or die "socketpair: $!";
- CHILD->autoflush(1);
- PARENT->autoflush(1);
- my $pid = open(CHILD, "-|");
- die "$me: can't fork: $!\n" unless defined $pid;
- if ($pid == 0) {
- # child
- close CHILD;
- open(FETCHIPAC, "|$fetchipac $fetchipac_options --record "
- ."--machine-output-format")
- or die "$me: cant exec fetchipac\n";
-
-#this is much more efficient than the original code (Manfred Weihs)
-# and it adds more troubles than solves (Al Zakharov)
- if ($timestamps[0] == $newest_timestamp_before_starttime) {
- print(FETCHIPAC $timestamps[1],"-",$timestamps[$count],"\n");
- } else {
- print(FETCHIPAC $timestamps[0],"-",$timestamps[$count-1],"\n");
- }
- close(FETCHIPAC);
- close(PARENT);
- exit;
- }
- close PARENT;
-
- my $laststamp = undef;
- $laststamp = $newest_timestamp_before_starttime
- if ($newest_timestamp_before_starttime);
- $i = 0;
- $i++ if ($laststamp);
- while (<CHILD>) {
- # first line of fetchipac output: "ADD"
- /^ADD\s*$/i or die "$me: bad line from fetchipac: $_\n";
- # second line of fetchipac output: timestamp no_of_records
- $_ = <CHILD> || last;
- /^(\d+)\s(\d+)$/ or die "$me: bad line from fetchipac: $_\n";
- my $timestamp = int $1;
- my $number_of_records = int $2;
- my $do_collect = 1;
-
- if ($displayMode =~ /^daily/) {
- # increment Day aslong current timestamp is not in current Day
- while ( ($timestamp-$curDay) > 86399) {
- $curDay += 86400;
- }
- }
- else
- {
- my @dummy = localtime($timestamp);
- # increment Month aslong current timestamp is not in current Month
- while ($curMonth < ($dummy[4]+1) || $curYear<($dummy[5]+1900)) {
- $curMonth++;
- if ($curMonth > 12) {
- $curMonth = 1;
- $curYear++;
- }
- my $newMonth = $curYear;
- $newMonth .= $curMonth < 10 ? "0".$curMonth."01" : $curMonth."01";
- $newMonth .= "01";
- $curDay = &makeunixtime($newMonth);
- }
- }
-
- if ($timestamp < $starttime) {
- # this record is too old, we dont need the data.
- # However, the timestamp gives us a clue on the
- # time period the next item covers.
- $do_collect = 0;
- }
-
- my $irec;
- # read each record
- my $data = &read_data_record(CHILD, $number_of_records);
-
- if ($do_collect && $in_time == 0) {
- # the data is from after starttime. if it is the
- # first one, split the data (if we know for how
- # long this data is valid, and if $laststamp is not
- # equal to $starttime in which case the split is
- # redundant). If we don't have a clue about the
- # last file time before our first file was created,
- # we do not know how much of the file data is in our
- # time frame. we assume everything belongs to us.
- $in_time = 1;
-# if ($laststamp && $laststamp != $starttime) {
- if ($laststamp && $laststamp != $newest_timestamp_before_starttime) {
- my $newdata = &split_data($data,
- $laststamp, $timestamp, $starttime);
-#~ $glb_data_before = $data;
- $data = $newdata;
- $laststamp = $starttime;
- }
- }
-
- if ($timestamp > $endtime) {
- # this data is too new, but the data in it may have
- # begun within our time frame. (if endtime eq laststamp
- # we do a redundant split here, too - it works for now
- # and --replace relies on it, but it is ugly.)
- if ($after_time == 0) {
- $after_time = 1;
- if ($laststamp) {
-#~ $glb_data_after =
-#~ &split_data($data,$laststamp,$timestamp,$endtime);
- &split_data($data,$laststamp,$timestamp,$endtime);
- } else {
- $do_collect = 0;
- }
- } else {
- $do_collect = 0; # just too new.
- }
- }
-
- if ($do_collect) {
- &collect_data($data, $i, $curDay);
- }
- $laststamp = $timestamp;
- $i++;
- }
- close CHILD;
- wait;
-}
-
-# split the data in $1 (format as from read_data) into a pair of two
-# such data sets. The set referenced to as $1 will afterwards contain
-# the first part of the data, another set which is returned contains
-# the second part of the data.
-# interpret the data as having start time=$2 and end time=$3 and split
-# time=$4
-sub split_data {
- my $data = shift;
- my $mstart = shift;
- my $mend = shift;
- my $msplit = shift;
-
- # calculate factors for multiplications
- my $ust = $mstart;
- my $uperiod = $mend - $ust;
- my $usplit = $msplit - $ust;
-
- if ($uperiod < 0) {
- # hmmm? die Daten sind rueckwaerts???
- $uperiod = -$uperiod;
- }
- my $fac1;
- if ($usplit < 0) {
- $fac1 = 0;
- }
- elsif ($usplit > $uperiod) {
- $fac1 = 1;
- }
- else {
- $fac1 = $usplit / $uperiod;
- }
-
- # $fac1 now says us how much weight the first result has.
- # initialize the set we will return.
- my @ret = ( );
-
- foreach my $set (@$data) {
- my ($rule, $bytes, $pkts) = @$set;
- $$set[1] = int($bytes * $fac1 + 0.5);
- $$set[2] = int($pkts * $fac1 + 0.5);
- push(@ret, [ $rule, $bytes - $$set[1], $pkts - $$set[2] ]);
- }
- return \@ret;
-}
-
-# put data from one file into global data structures
-# must be called in correct sorted file name order to set rules_lastfile
-# and rules_firstfile (which are currently useless)
-# arguments:
-# $1=index number of file; $2 = reference to array with data from file
-sub collect_data {
- my($filedata, $ifile, $i, $day);
-
- $filedata = shift;
- $ifile=shift;
- $day =shift;
-
- # if day first appeared in this file, initialize its
- # life.
- if (!defined($allDays{$day})) {
- return if (&init_filter_id($day));
- $allDays{$day} = $rulenumber++;
- }
-
- for ($i=0; $i<=$#$filedata; $i++) {
- my $set = $$filedata[$i];
- my $rule = $$set[0];
- my $bytes = $$set[1];
- my $pkts = $$set[2];
-
- $_ = $rule;
- /^(.*) \(.*$/;
- $_ = $1;
- /^forwarded (.*)$/;
- $rule = $1;
- $allDaysBytes->{$day}{$rule} += $bytes;
- }
-}
-
-# initialize data variables for a new rule - if it is new
-sub init_filter_id {
- my($s, $ifile) = @_;
-
- if (!defined $allDaysBytes->{$s}) {
- if ($displayMode =~ /^daily/) {
- my $newDay = &makemydailytime($s);
- $newDay =~ /^\d\d\d\d-(\d\d)-\d\d$/;
-
- return 1 if ($1 > $curMonth && $displayMode ne "daily_multi");
-
- $allDaysBytes->{$s}{'Day'} = $newDay;
- }
- else {
- $allDaysBytes->{$s}{'Day'} = &makemymonthlytime($s);
- }
- $allDaysBytes->{$s}{${Traffic::blue_in}} = int(0);
- $allDaysBytes->{$s}{${Traffic::green_in}} = int(0);
- $allDaysBytes->{$s}{${Traffic::orange_in}} = int(0);
- $allDaysBytes->{$s}{${Traffic::red_in}} = int(0);
- $allDaysBytes->{$s}{${Traffic::blue_out}} = int(0);
- $allDaysBytes->{$s}{${Traffic::green_out}} = int(0);
- $allDaysBytes->{$s}{${Traffic::orange_out}} = int(0);
- $allDaysBytes->{$s}{${Traffic::red_out}} = int(0);
- }
- return 0;
-}
-
-# read data record from filehandle $1
-# number of records is $2
-# Return value: reference to array a of length n;
-# n is the number of rules
-# each field in a is an array aa with 3 fields
-# the fields in arrays aa are: [0]=name of rule; [1]=byte count;
-# [2]=packet count
-# function does not use global variables
-sub read_data_record {
- my($file, $number_of_records, $beforedata, $indata, $i, $irec);
- my($pkts, $bytes, $rule);
- my(@result);
-
- $file=shift;
- $number_of_records = shift;
- $indata=0;
- $beforedata=1;
-
- for($irec = 0; $irec < $number_of_records; $irec++) {
- $_ = <$file>;
- chop;
- /^\(\s*(.*)$/ or die "$me: bad line from fetchipac (expecting machine name): $_\n";
- $machine_name = $1; # remember final machine name
- while(<$file>) {
- last if (/^\)$/); # terminating line ')'
- /^(\d+)\s(\d+)\s\|(.*)\|$/
- or die "$me: bad line from fetchipac (expecting rule item): $_\n";
- $bytes = $1;
- $pkts = $2;
- $rule = $3;
- if ($rule =~ /$rule_regex/) {
- push(@result, [ $rule, $bytes, $pkts]);
- }
- }
- }
- # read another emtpy line (data format consistency)
- $_ = <$file>;
- die "$me: bad data from fetchipac (expected emtpy line): $_\n"
- if ($_ !~ /^$/);
- \@result;
-}
-
-# given a string in format YYYYMMDD[hh[mm[ss]]], make unix time
-# use time zone offset $tzoffset (input=wall clock time, output=UTC)
-sub makeunixtime {
- my($y, $m, $d, $h, $i, $e);
- my $s = shift;
-
- $h=0; $i=0; $e=0;
- if ($s =~ /^(\d\d\d\d)(\d\d)(\d\d)/) {
- ($y, $m, $d) = ($1, $2, $3);
- if ($s =~ /^\d\d\d\d\d\d\d\d-?(\d\d)/) {
- $h=$1;
- if ($s =~ /^\d\d\d\d\d\d\d\d-?\d\d(\d\d)/) {
- $i=$1;
- if ($s =~ /^\d\d\d\d\d\d\d\d-?\d\d\d\d(\d\d)/) {
- $e=$1;
- }
- }
- }
- }
- else {
- return 0;
- }
-
- $y-=1970;
- $s = (($y)*365) + int(($y+2)/4) + $moff[$m-1] + $d-1;
- $s-- if (($y+2)%4 == 0 && $m < 3);
- $s*86400 + $h*3600 + $i*60 + $e + $tzoffset;
-}
-
-# return the given unix time in localtime in "mydaily" time format
-sub makemydailytime {
- my($s)=shift;
-
- my($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
- localtime($s);
- return sprintf("%04d-%02d-%02d", 1900+$year, $mon+1, $mday);
-}
-
-# return the given unix time in localtime in "mymonthly" time format
-sub makemymonthlytime {
- my($s)=shift;
-
- my($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
- localtime($s);
- return sprintf("%04d-%02d", 1900+$year, $mon+1);
-}
-
-# EOF
+++ /dev/null
-PORT="2049"
-PROCESSES="8"
-QUOTAS="no"
-KILLDELAY="10"
+++ /dev/null
-# $Id: oinkmaster.conf,v 1.1.2.2 2005/05/02 17:11:58 franck78 Exp $ #
-
-# Oinkmaster is a tool to update snort rules, which allow to conserve
-# a particular setting even after a rules update.
-# This file is a customised version for IPCop.
-# Disabling/enabling a particular rule should be made in this file.
-# In case you want to use some of the rules files commented out in
-# standard ipcop /etc/snort/snort.conf :
-# -comment out the corresponding skipfile in this oinkmaster.conf
-# -uncomment the corresponding include in /etc/snort.conf
-# -save snort settings to restart snort
-
-
-################################################
-# General options you may want to change #
-################################################
-
-
-
-# The PATH to use during execution. If you prefer to use external
-# binaries (i.e. use_external_bins=1, see below), tar and gzip must be
-# found, and also wget if downloading via ftp, http or https. All with
-# optional .exe suffix. If you're on Cygwin, make sure that the path
-# contains the Cygwin binaries and not the native Win32 binaries or
-# you will get problems.
-# Assume UNIX style by default:
-#path = /bin:/usr/bin:/usr/local/bin
-path = /bin
-
-# Files in the archive(s) matching this regular expression will be
-# checked for changes, and then updated or added if needed.
-# All other files will be ignored. You can then choose to skip
-# individual files by specifying the "skipfile" keyword below.
-# Normally you shouldn't need to change this one.
-update_files = \.rules$|\.config$|\.conf$|\.txt$|\.map$
-
-
-# Regexp of keywords that starts a snort rule.
-# May be useful if you create your own ruletypes and want those
-# lines to be regarded as rules as well.
-# rule_actions = alert|drop|log|pass|reject|sdrop|activate|dynamic
-
-
-#######################################################################
-# Files to totally skip (i.e. never update or check for changes) #
-# #
-# Syntax: skipfile filename #
-# or: skipfile filename1, filename2, filename3, ... #
-#######################################################################
-
-# Ignore local.rules from the rules archive by default since we might
-# have put some local rules in our own local.rules and we don't want it
-# to get overwritten by the empty one from the archive after each
-# update.
-skipfile local.rules
-
-# The file deleted.rules contains rules that have been deleted from
-# other files, so there is usually no point in updating it.
-skipfile deleted.rules
-
-# Also skip snort.conf by default since we don't want to overwrite our
-# own snort.conf if we have it in the same directory as the rules. If
-# you have your own production copy of snort.conf in another directory,
-# it may be really nice to check for changes in this file though,
-# especially since variables are sometimes added or modified and
-# new/old files are included/excluded.
-skipfile snort.conf
-
-# You may want to consider ignoring threshold.conf for the same reasons
-# as for snort.conf, i.e. if you customize it locally and don't want it
-# to become overwritten by the default one. It may be better to put
-# local thresholding/suppressing in some local file and still update
-# and use the official one though, in case important stuff is added to
-# it some day. We do update it by default, but it's your call.
-# skipfile threshold.conf
-
-# If you update from multiple URLs at the same time you must ignore
-# the sid-msg.map (and generate it yourself if you need one) as it's
-# usually included in each rules tarball. See the FAQ for more info.
-# skipfile sid-msg.map
-skipfile web-attacks.rules
-skipfile backdoor.rules
-skipfile shellcode.rules
-skipfile policy.rules
-skipfile porn.rules
-skipfile info.rules
-skipfile icmp-info.rules
-skipfile virus.rules
-skipfile chat.rules
-skipfile multimedia.rules
-skipfile p2p.rules
-skipfile experimental.rules
-
-
-##########################################################################
-# SIDs to modify after each update (only for the skilled/stupid/brave). #
-# Don't use it unless you have to. There is nothing that stops you from #
-# modifying rules in such ways that they become invalid or generally #
-# break things. You have been warned. #
-# If you just want to disable SIDs, please skip this section and have a #
-# look at the "disablesid" keyword below. #
-# #
-# You may specify multiple modifysid directives for the same SID (they #
-# will be processed in order of appearance), and you may also specify a #
-# list of SIDs on which the substitution should be applied. #
-# If the argument is in the form something.something it is regarded #
-# as a filename and the substitution will apply on all rules in that #
-# file. The wildcard ("*") can be used to apply the substitution on all #
-# rules regardless of the SID or file. Please avoid using #comments #
-# at the end of modifysid lines, they may confuse the parser in some #
-# situations. #
-# #
-# Syntax: #
-# modifysid SID "replacethis" | "withthis" #
-# or: #
-# modifysid SID1, SID2, SID3, ... "replacethis" | "withthis" #
-# or: #
-# modifysid file "replacethis" | "withthis" #
-# or: #
-# modifysid * "replacethis" | "withthis" #
-# #
-# The strings within the quotes will simply be passed to a #
-# s/replacethis/withthis/ statement in Perl, so they must be valid #
-# regular expressions. The strings are case-sensitive and only the first #
-# occurrence will be replaced. If there are multiple occurrences you #
-# want to replace, simply repeat the same modifysid line. #
-# #
-# If you specify a modifysid statement for a multi-line rule, Oinkmaster #
-# will first translate the rule into a single-line version and then #
-# perform the substitution, so you don't have to care about the trailing #
-# backslashes and newlines. #
-# #
-# If you use variables in the substitution expression, it is strongly #
-# recommended to always specify them like ${varname} instead of #
-# $varname (like ${1} instead of $1 for example) to avoid parsing #
-# confusion in some situations. Note that modifysid statements #
-# will process both active and inactive (disabled) rules. #
-# #
-# You may want to check out README.templates and template-examples.conf #
-# to find how you can simplify the modifysid usage by using templates. #
-##########################################################################
-
-# Example to enable a rule (in this case SID 1325) that is disabled by
-# default, by simply replacing leading "#alert" with "alert".
-# (You should really use 'enablesid' for this though.)
-# Oinkmaster removes whitespaces next to the leading "#" so you don't
-# have to worry about that, but be careful about possible whitespace in
-# other places when writing the regexps.
-# modifysid 1325 "^#alert" | "alert"
-
-# You could also do this to enable it no matter what type of rule it is
-# (alert, log, pass, etc).
-# modifysid 1325 "^#" | ""
-
-# Example to add "tag" stuff to SID 1325.
-# modifysid 1325 "sid:1325;" | "sid:1325; tag: host, src, 300, seconds;"
-
-# Example to make SID 1378 a 'drop' rule (valid if you're running
-# Snort_inline).
-# modifysid 1378 "^alert" | "drop"
-
-# Example to replace first occurrence of $EXTERNAL_NET with $HOME_NET
-# in SID 302. Remember that the strings are regular expressions, so you
-# must escape special characters like $.
-# modifysid 302 "\$EXTERNAL_NET" | "\$HOME_NET"
-
-# You can also specify that a substitution should apply on multiple SIDs.
-# modifysid 302,429,1821 "\$EXTERNAL_NET" | "\$HOME_NET"
-
-# You can take advantage of the fact that it's regular expressions and
-# do more complex stuff. This example (for Snort_inline) adds a 'replace'
-# statement to SID 1324 that replaces "/bin/sh" with "/foo/sh".
-# modifysid 1324 "(content\s*:\s*"\/bin\/sh"\s*;)" | \
-# "${1} replace:"\/foo\/sh";"
-
-# If you for some reason would like to add a comment inside the actual
-# rules file, like the reason why you disabled this rule, you can do
-# like this (you would normally add such comments in oinkmaster.conf
-# though).
-# modifysid 1324 "(.+)" | "# 20020101: disabled this rule just for fun:\n#${1}"
-
-# Here is an example that is actually useful. Let's say you don't care
-# about incoming welchia pings (detected by SID 483 at the time of
-# writing) but you want to know when infected hosts on your network
-# scans hosts on the outside. (Remember that watching for outgoing
-# malicious packets is often just as important as watching for incoming
-# ones, especially in this case.) The rule currently looks like
-# "alert icmp $EXTERNAL_NET any -> $HOME_NET any ..."
-# but we want to switch that so it becomes
-# "alert icmp $HOME_NET any -> $EXTERNAL_NET any ...".
-# Here is how it could be done.
-# modifysid 483 \
-# "(.+) \$EXTERNAL_NET (.+) \$HOME_NET (.+)" | \
-# "${1} \$HOME_NET ${2} \$EXTERNAL_NET ${3}"
-
-# The wildcard (modifysid * ...) can be used to do all kinds of
-# interesting things. The substitution expression will be applied on all
-# matching rules. First, a silly example to replace "foo" with "bar" in
-# all rules (that have the string "foo" in them, that is.)
-# modifysid * "foo" | "bar"
-
-# If you for some reason don't want to use the stream preprocessor to
-# match established streams, you may want to replace the 'flow'
-# statement with 'flags:A+;' in all those rules.
-# modifysid * "flow:[a-z,_ ]+;" | "flags:A+;"
-
-# Example to convert all rules of classtype attempted-admin to 'drop'
-# rules (for Snort_inline only, obviously).
-# modifysid * "^alert (.*classtype\s*:\s*attempted-admin)" | "drop ${1}"
-
-# This one will append some text to the 'msg' string for all rules that
-# have the 'tag' keyword in them.
-# modifysid * "(.*msg:\s*".+?)"(\s*;.+;\s*tag:.*)" | \
-# "${1}, going to tag this baby"${2}"
-
-# There may be times when you want to replace multiple occurrences of a
-# certain keyword/string in a rule and not just the first one. To
-# replace the first two occurrences of "foo" with "bar" in SID 100,
-# simply repeat the modifysid statement:
-# modifysid 100 "foo" | "bar"
-# modifysid 100 "foo" | "bar"
-
-# Or you can even specify a SID list but repeat the same SID as many
-# times as required, like:
-# modifysid 100,100,100 "foo" | "bar"
-
-# Enable all rules in the file exploit.rules.
-# modifysid exploit.rules "^#" | ""
-
-# Enable all rules in exploit.rules, icmp-info.rules and also SID 1171.
-# modifysid exploit.rules, snmp.rules, 1171 "^#" | ""
-
-
-
-########################################################################
-# SIDs that we don't want to update. #
-# If you for some reason don't want a specific rule to be updated #
-# (e.g. you made local modifications to it and you never want to #
-# update it and don't care about changes in the official version), you #
-# can specify a "localsid" statement for it. This means that the old #
-# version of the rule (i.e. the one in the rules file on your #
-# harddrive) is always kept, regardless if the official version has #
-# been updated. Please do not use this feature unless in special #
-# cases as it's easy to end up with many signatures that aren't #
-# maintained anymore. See the FAQ for details about this and hints #
-# about better solutions regarding customization of rules. #
-# #
-# Syntax: localsid SID #
-# or: localsid SID1, SID2, SID3, ... #
-########################################################################
-
-# Example to never update SID 1325.
-# localsid 1325
-
-
-
-########################################################################
-# SIDs to enable after each update. #
-# Will simply remove all the leading '#' for a specified SID (if it's #
-# a multi-line rule, the leading '#' for all lines are removed.) #
-# These will be processed after all the modifysid and disablesid #
-# statements. Using 'enablesid' on a rule that is not disabled is a #
-# NOOP. #
-# #
-# Syntax: enablesid SID #
-# or: enablesid SID1, SID2, SID3, ... #
-########################################################################
-
-# Example to enable SID 1325.
-# enablesid 1325
-
-
-
-########################################################################
-# SIDs to comment out, i.e. disable, after each update by placing a #
-# '#' in front of the rule (if it's a multi-line rule, it will be put #
-# in front of all lines). #
-# #
-# Syntax: disablesid SID #
-# or: disablesid SID1, SID2, SID3, ... #
-########################################################################
-
-# You can specify one SID per line.
-# disablesid 1
-# disablesid 2
-# disablesid 3
-
-# And also as comma-separated lists.
-# disablesid 4,5,6
-
-# It's a good idea to also add comment about why you disable the sid:
-# disablesid 1324 # 20020101: disabled this SID just because I can
+++ /dev/null
-Bittorrent;bit;on;
-Edonkey;edk;on;
-KaZaA;kazaa;on;
-Gnutella;gnu;on;
-DirectConnect;dc;on;
-Applejuice;apple;on;
-WinMX;winmx;on;
-SoulSeek;soul;on;
-Ares;ares;on;
\ No newline at end of file
+++ /dev/null
-# Protocols Data File
-#
-# This file is part of the IPCop Firewall.
-#
-# IPCop is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# IPCop is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with IPCop; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-# (c) The IPCop Team
-#
-# $Id: protocols.pl,v 1.2.2.1 2005/01/26 12:23:20 riddles Exp $
-#
-# Generated from /etc/protocols using:
-# cat /etc/protocols | grep -ve "^#" | grep -v "^$" | \
-# awk '{ print "\"" $1 "\" => \"" $2 "\","}'
-#
-# Code supplied by Mark Wormgroor
-#
-
-package Protocols;
-
-%protocols = (
-"ip" => "0",
-"icmp" => "1",
-"igmp" => "2",
-"ggp" => "3",
-"ipencap" => "4",
-"st" => "5",
-"tcp" => "6",
-"cbt" => "7",
-"egp" => "8",
-"igp" => "9",
-"bbn-rcc" => "10",
-"nvp" => "11",
-"pup" => "12",
-"argus" => "13",
-"emcon" => "14",
-"xnet" => "15",
-"chaos" => "16",
-"udp" => "17",
-"mux" => "18",
-"dcn" => "19",
-"hmp" => "20",
-"prm" => "21",
-"xns-idp" => "22",
-"trunk-1" => "23",
-"trunk-2" => "24",
-"leaf-1" => "25",
-"leaf-2" => "26",
-"rdp" => "27",
-"irtp" => "28",
-"iso-tp4" => "29",
-"netblt" => "30",
-"mfe-nsp" => "31",
-"merit-inp" => "32",
-"sep" => "33",
-"3pc" => "34",
-"idpr" => "35",
-"xtp" => "36",
-"ddp" => "37",
-"idpr-cmtp" => "38",
-"tp++" => "39",
-"il" => "40",
-"ipv6" => "41",
-"sdrp" => "42",
-"ipv6-route" => "43",
-"ipv6-frag" => "44",
-"idrp" => "45",
-"rsvp" => "46",
-"gre" => "47",
-"mhrp" => "48",
-"bna" => "49",
-"ipv6-crypt" => "50",
-"ipv6-auth" => "51",
-"i-nlsp" => "52",
-"swipe" => "53",
-"narp" => "54",
-"mobile" => "55",
-"tlsp" => "56",
-"skip" => "57",
-"ipv6-icmp" => "58",
-"ipv6-nonxt" => "59",
-"ipv6-opts" => "60",
-"cftp" => "62",
-"sat-expak" => "64",
-"kryptolan" => "65",
-"rvd" => "66",
-"ippc" => "67",
-"sat-mon" => "69",
-"visa" => "70",
-"ipcv" => "71",
-"cpnx" => "72",
-"cphb" => "73",
-"wsn" => "74",
-"pvp" => "75",
-"br-sat-mon" => "76",
-"sun-nd" => "77",
-"wb-mon" => "78",
-"wb-expak" => "79",
-"iso-ip" => "80",
-"vmtp" => "81",
-"secure-vmtp" => "82",
-"vines" => "83",
-"ttp" => "84",
-"nsfnet-igp" => "85",
-"dgp" => "86",
-"tcf" => "87",
-"eigrp" => "88",
-"ospf" => "89",
-"sprite-rpc" => "90",
-"larp" => "91",
-"mtp" => "92",
-"ax.25" => "93",
-"ipip" => "94",
-"micp" => "95",
-"scc-sp" => "96",
-"etherip" => "97",
-"encap" => "98",
-"gmtp" => "100",
-"ifmp" => "101",
-"pnni" => "102",
-"pim" => "103",
-"aris" => "104",
-"scps" => "105",
-"qnx" => "106",
-"a/n" => "107",
-"ipcomp" => "108",
-"snp" => "109",
-"compaq-peer" => "110",
-"ipx-in-ip" => "111",
-"vrrp" => "112",
-"pgm" => "113",
-"l2tp" => "115",
-"ddx" => "116",
-"iatp" => "117",
-"stp" => "118",
-"srp" => "119",
-"uti" => "120",
-"smp" => "121",
-"sm" => "122",
-"ptp" => "123",
-"isis" => "124",
-"fire" => "125",
-"crtp" => "126",
-"crdup" => "127",
-"sscopmce" => "128",
-"iplt" => "129",
-"sps" => "130",
-"pipe" => "131",
-"sctp" => "132",
-"fc" => "133",
-);
+++ /dev/null
-# Do not modify '/var/ipfire/proxy/squid.conf' directly since any changes
-# you make will be overwritten whenever you resave proxy settings using the
-# web interface! Instead, modify the file '/var/ipfire/proxy/acl' and then
-# restart squid using the web interface. Changes made to the 'acl' file
-# will propagate to the 'squid.conf' file at that time.
-# [Scott Tregear, 22 Feb 2005]
-
-# Uncomment the following line to enable logging of User-Agent header:
-#useragent_log /var/log/squid/user_agent.log
-
-# Uncomment the following line to enable logging of Referer header:
-#referer_log /var/log/squid/referer.log
-
-acl all src 0.0.0.0/0.0.0.0
-acl localhost src 127.0.0.1/255.255.255.255
-acl SSL_ports port 443 563
-acl Safe_ports port 80 # http
-acl Safe_ports port 21 # ftp
-acl Safe_ports port 443 563 # https, snews
-acl Safe_ports port 70 # gopher
-acl Safe_ports port 210 # wais
-acl Safe_ports port 1025-65535 # unregistered ports
-acl Safe_ports port 280 # http-mgmt
-acl Safe_ports port 488 # gss-http
-acl Safe_ports port 591 # filemaker
-acl Safe_ports port 777 # multiling http
-acl Safe_ports port __PROXY_PORT__ # Squid port (for icons)
-
-acl IPCop_http port 81
-acl IPCop_https port 444
-acl IPCop_ips dst __GREEN_IP__ __BLUE_IP__
-acl IPCop_networks src __GREEN_NET__ __BLUE_NET__
-acl CONNECT method CONNECT
-
-##Access to squid:
-#local machine, no restriction
-http_access allow localhost
-
-#GUI admin if local machine connects
-http_access allow IPCop_ips IPCop_networks IPCop_http
-http_access allow CONNECT IPCop_ips IPCop_networks IPCop_https
-
-#Deny not web services
-http_access deny !Safe_ports
-http_access deny CONNECT !SSL_ports
-
-#Finally allow IPCop_networks clients
-http_access allow IPCop_networks
-http_access deny all
+++ /dev/null
-ENABLE_SSH_KEYS=off
-ENABLE_SSH_PROTOCOL1=off
-ENABLE_SSH_PASSWORDS=on
-ENABLE_SSH_PORTFW=off
-ENABLE_SSH=off
-__CGI__=CGI=HASH(0x840b7a0)
+++ /dev/null
-NTP_ADDR_2=pool.ntp.org
-UPDATE_PERIOD=daily
-UPDATE_VALUE=1
-UPDATE_METHOD=manually
-ENABLENTP=off
-NTP_ADDR_1=de.pool.ntp.org
-VALID=yes
+++ /dev/null
-APTGET,apt-get,(APT\-HTTP)
-AOL,AOL,(AOL)
-AVANT,AvantBrowser,(avantbrowser)
-FIREFOX,Firefox,(Firefox)
-FRONTPAGE,FrontPage,(FrontPage)
-GEARTH,Google Earth,(kh_lt\/LT)
-GECKO,Gecko compatible,(Gecko)
-GETRIGHT,GetRight,(GetRight)
-GOZILLA,Go!Zilla,(Go!Zilla)
-GOOGLE,Google Toolbar,(Google\sToolbar)
-JAVA,Java,(Java)
-KONQUEROR,Konqueror,(Konqueror)
-LYNX,Lynx,(Lynx)
-MSIE,Internet Explorer,(MSIE.*[)]$)
-NETSCAPE,Netscape,(^Mozilla\/4.[7|8])|(Netscape)
-OPERA,Opera,(Opera)
-WGA,WGA,(LegitCheck)
-WGET,Wget,(Wget)
-WINUPD,Windows Update,(Industry\sUpdate\sControl)|(Windows\sUpdate)|(Service\sPack\sSetup)|(Progressive\sDownload)|(Windows\-Update\-Agent)|(Microsoft\sBITS)
-WMP,Media Player,(Windows\-Media\-Player)|(NSPlayer)
+++ /dev/null
-tcp,0.0.0.0/0,113,on,0.0.0.0
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-# use warnings;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %extrahdsettings = ();
-my $ok = "true";
-my @devices = ();
-my @deviceline = ();
-my $deviceentry = "";
-my $devicefile = "/var/ipfire/extrahd/devices";
-my $fstab = "/var/ipfire/extrahd/fstab";
-
-### Values that have to be initialized
-$extrahdsettings{'PATH'} = '';
-$extrahdsettings{'FS'} = '';
-$extrahdsettings{'DEVICE'} = '';
-$extrahdsettings{'ACTION'} = '';
-
-open( FILE, "< $devicefile" ) or die "Unable to read $devicefile";
-@devices = <FILE>;
-close FILE;
-
-############################################################################################################################
-############################################################################################################################
-
-print "$ARGV[0] $ARGV[1]";
-
-if ( "$ARGV[0]" eq "mount" ) {
- system("/bin/cp -f /etc/fstab $fstab");
-
- foreach $deviceentry (sort @devices)
- {
- @deviceline = split( /\;/, $deviceentry );
- if ( "$ARGV[1]" eq "$deviceline[2]" ) {
- print "Insert /dev/$deviceline[0] ($deviceline[1]) --> $deviceline[2] into /etc/fstab!\n";
- unless ( -d $deviceline[2] ) { system("/bin/mkdir -p $deviceline[2] && chmod 0777 $deviceline[2]"); }
- open(FILE, ">>$fstab");
- print FILE "/dev/$deviceline[0]\t$deviceline[2]\t$deviceline[1]\tdefaults\t0\t0\n";
- close(FILE);
- }
- }
-
- system("/bin/cp -f $fstab /etc/fstab");
- if ( `/bin/mount -a` ) {
- exit(0);
- } else {
- exit(1);
- }
-
-} elsif ( "$ARGV[0]" eq "umount" ) {
- system("/bin/umount $ARGV[1]");
- if ( ! `/bin/mount | /bin/fgrep $ARGV[1]` ) {
- system("/bin/cp -f /etc/fstab $fstab");
- system("/bin/fgrep -v $ARGV[1] <$fstab >/etc/fstab");
- print "Succesfully umounted $ARGV[1].\n";
- exit(0);
- } else {
- print "Can't umount $ARGV[1].\n";
- exit(1);
- }
-
-} else {
- print "Usage: $0 (mount|umount) mountpoint\n";
-}
-
-############################################################################################################################
-############################################################################################################################
+++ /dev/null
-access agent = files
-account agent = iptables
-storage = gdbm
-rules file = /etc/ipac-ng/rules.conf
-drop zero lines = yes
+++ /dev/null
-# Example config file with accounting rules
-# Install as /etc/ipac-ng/rules.conf.iptables
-#
-# Format:
-# Name of rule|direction|interface|protocol|source|destination
-# WARNING!!!! spaces are not allowed before and after '|'.
-#
-# where
-# Name of rule Any string to identify this rule
-# direction ipac~fi - forward in
-# ipac~fo - forward out
-# ipac~i - outgoing from machine with ipac-ng to other host(/net)
-# (or incoming to otherhost)
-# ipac~o - incoming to machine with ipac-ng
-# (or outgoing from otherhost)
-#
-# interface interface name, '+' means all interfaces (dont try to use ip numbers here!)
-# protocol tcp | udp | icmp | all
-# source \
-# destination both as described in ipfwadm(8), or empty
-#
-# incoming:
-
-# lets demonstrate this by following rules.
-# Example 1:
-# there are some hosts in out net 192.168.0.0/24
-# our ipac-ng host has two interfaces - eth0 connected to local net
-# and eth1 to internet
-Incoming GREEN|ipac~i|green0|all|||
-Outgoing GREEN|ipac~o|green0|all|||
-
-Incoming RED (PPP)|ipac~i|ppp0|all|||
-Outgoing RED (PPP)|ipac~o|ppp0|all|||
-
-Incoming RED (ISDN PPP)|ipac~i|ippp0|all|||
-Outgoing RED (ISDN PPP)|ipac~o|ippp0|all|||
+++ /dev/null
- $menu->{'01.system'} = {'caption' => $Lang::tr{'alt system'},
- 'enabled' => 1,
- 'subMenu' => $subsystem
- };
- $menu->{'02.status'} = {'caption' => $Lang::tr{'status'},
- 'enabled' => 1,
- 'subMenu' => $substatus
- };
- $menu->{'03.network'} = {'caption' => $Lang::tr{'network'},
- 'enabled' => 1,
- 'subMenu' => $subnetwork
- };
- $menu->{'04.services'} = {'caption' => $Lang::tr{'alt services'},
- 'enabled' => 1,
- 'subMenu' => $subservices
- };
- $menu->{'05.firewall'} = {'caption' => $Lang::tr{'firewall'},
- 'enabled' => 1,
- 'subMenu' => $subfirewall
- };
- $menu->{'06.proxy'} = {'caption' => $Lang::tr{'alt proxy'},
- 'enabled' => 1,
- 'subMenu' => $subproxy
- };
- $menu->{'07.ipfire'} = {'caption' => 'IPFire',
- 'enabled' => 1,
- 'subMenu' => $subipfire
- };
- $menu->{'08.logs'} = {'caption' => $Lang::tr{'alt logs'},
- 'enabled' => 1,
- 'subMenu' => $sublogs
- };
+++ /dev/null
- $subsystem->{'10.home'} = {
- 'caption' => $Lang::tr{'alt home'},
- 'uri' => '/cgi-bin/index.cgi',
- 'title' => "$Lang::tr{'alt home'}",
- 'enabled' => 1,
- };
- $subsystem->{'20.dialup'} = {
- 'caption' => $Lang::tr{'alt dialup'},
- 'uri' => '/cgi-bin/pppsetup.cgi',
- 'title' => "$Lang::tr{'alt dialup'}",
- 'enabled' => 1,
- };
- $subsystem->{'30.ssh'} = {
- 'caption' => $Lang::tr{'ssh access'},
- 'uri' => '/cgi-bin/remote.cgi',
- 'title' => "$Lang::tr{'ssh access'}",
- 'enabled' => 1,
- };
- $subsystem->{'40.gui'} = {
- 'caption' => $Lang::tr{'gui settings'},
- 'uri' => '/cgi-bin/gui.cgi',
- 'title' => "$Lang::tr{'gui settings'}",
- 'enabled' => 1,
- };
- $subsystem->{'40.backup'} = {
- 'caption' => $Lang::tr{'backup'},
- 'uri' => '/cgi-bin/backup.cgi',
- 'title' => "$Lang::tr{'backup'}",
- 'enabled' => 1,
- };
- $subsystem->{'99.credits'} = {
- 'caption' => $Lang::tr{'credits'},
- 'uri' => '/cgi-bin/credits.cgi',
- 'title' => "$Lang::tr{'credits'}",
- 'enabled' => 1,
- };
+++ /dev/null
- $substatus->{'10.systemstatus'} = {
- 'caption' => $Lang::tr{'system'},
- 'uri' => '/cgi-bin/system.cgi',
- 'title' => "$Lang::tr{'system'}",
- 'enabled' => 1,
- };
- $substatus->{'20.memory'} = {
- 'caption' => $Lang::tr{'memory'},
- 'uri' => '/cgi-bin/memory.cgi',
- 'title' => "$Lang::tr{'memory'}",
- 'enabled' => 1,
- };
- $substatus->{'30.media'} = {
- 'caption' => $Lang::tr{'media'},
- 'uri' => '/cgi-bin/media.cgi',
- 'title' => "$Lang::tr{'media'}",
- 'enabled' => 1,
- };
- $substatus->{'40.networkred'} = {
- 'caption' => "$Lang::tr{'network red'}",
- 'uri' => '/cgi-bin/network.cgi',
- 'vars' => 'network=red',
- 'title' => "$Lang::tr{'network red'}",
- 'enabled' => 1,
- };
- $substatus->{'41.networkother'} = {
- 'caption' => "$Lang::tr{'network other'}",
- 'uri' => '/cgi-bin/network.cgi',
- 'vars' => 'network=other',
- 'title' => "$Lang::tr{'network other'}",
- 'enabled' => 1,
- };
- $substatus->{'50.proxygraphs'} = {
- 'caption' => $Lang::tr{'ssproxy graphs'},
- 'uri' => '/cgi-bin/proxygraphs.cgi',
- 'title' => "$Lang::tr{'ssproxy graphs'}",
- 'enabled' => 1,
- };
- $substatus->{'60.hardwaregraphs'} = {
- 'caption' => "$Lang::tr{'hardware graphs'}",
- 'uri' => '/cgi-bin/hardwaregraphs.cgi',
- 'title' => "$Lang::tr{'hardware graphs'}",
- 'enabled' => 1,
- };
- $substatus->{'70.fwhits'} = {
- 'caption' => "$Lang::tr{'firewall graphs'}",
- 'uri' => '/cgi-bin/fwhits.cgi',
- 'title' => "$Lang::tr{'firewall graphs'}",
- 'enabled' => 1,
- };
- $substatus->{'71.connections'} = {
- 'caption' => $Lang::tr{'connections'},
- 'uri' => '/cgi-bin/connections.cgi',
- 'title' => "$Lang::tr{'connections'}",
- 'enabled' => 1,
- };
- $substatus->{'72.nettraf'} = {
- 'caption' => $Lang::tr{'sstraffic'},
- 'uri' => '/cgi-bin/traffic.cgi',
- 'title' => "$Lang::tr{'sstraffic'}",
- 'enabled' => 1,
- };
- $substatus->{'73.qos'} = {
- 'caption' => $Lang::tr{'qos graphs'},
- 'uri' => '/cgi-bin/qosgraphs.cgi',
- 'title' => "$Lang::tr{'qos graphs'}",
- 'enabled' => 1,
- };
+++ /dev/null
- $subnetwork->{'10.netconf'} = {'caption' => "$Lang::tr{'net config'}",
- 'uri' => '/cgi-bin/netconfig.cgi',
- 'title' => "$Lang::tr{'net config'}",
- 'enabled' => 0,
- };
- $subnetwork->{'20.proxy'} = {'caption' => 'Webproxy',
- 'uri' => '/cgi-bin/proxy.cgi',
- 'title' => "Webproxy",
- 'enabled' => 1,
- };
- $subnetwork->{'21.urlfilter'} = {'caption' => $Lang::tr{'url filter'},
- 'uri' => '/cgi-bin/urlfilter.cgi',
- 'title' => $Lang::tr{'url filter'},
- 'enabled' => 1,
- };
- $subnetwork->{'22.updxlrator'} = {'caption' => $Lang::tr{'update accelerator'},
- 'uri' => '/cgi-bin/updatexlrator.cgi',
- 'title' => $Lang::tr{'update accelerator'},
- 'enabled' => 1,
- };
- $subnetwork->{'30.dhcp'} = {'caption' => $Lang::tr{'dhcp server'},
- 'uri' => '/cgi-bin/dhcp.cgi',
- 'title' => "$Lang::tr{'dhcp server'}",
- 'enabled' => 1,
- };
- $subnetwork->{'40.scheduler'} = {
- 'caption' => $Lang::tr{'connscheduler'},
- 'uri' => '/cgi-bin/connscheduler.cgi',
- 'title' => "$Lang::tr{'connscheduler'}",
- 'enabled' => 1,
- };
- $subnetwork->{'50.hosts'} = {
- 'caption' => $Lang::tr{'edit hosts'},
- 'uri' => '/cgi-bin/hosts.cgi',
- 'title' => "$Lang::tr{'edit hosts'}",
- 'enabled' => 1,
- };
- $subnetwork->{'60.upload'} = {
- 'caption' => $Lang::tr{'upload'},
- 'uri' => '/cgi-bin/upload.cgi',
- 'title' => "$Lang::tr{'upload'}",
- 'enabled' => 0,
- };
- $subnetwork->{'70.aliases'} = {
- 'caption' => $Lang::tr{'aliases'},
- 'uri' => '/cgi-bin/aliases.cgi',
- 'title' => "$Lang::tr{'aliases'}",
- 'enabled' => 0,
- };
- $subnetwork->{'80.wakeonlan'} = {
- 'caption' => $Lang::tr{'WakeOnLan'},
- 'uri' => '/cgi-bin/wakeonlan.cgi',
- 'title' => "$Lang::tr{'WakeOnLan'}",
- 'enabled' => 1,
- };
+++ /dev/null
- $subservices->{'10.ipsec'} = {
- 'caption' => 'IPSec',
- 'uri' => '/cgi-bin/vpnmain.cgi',
- 'title' => "$Lang::tr{'virtual private networking'}",
- 'enabled' => 1,
- };
- $subservices->{'20.openvpn'} = {
- 'caption' => 'OpenVPN',
- 'uri' => '/cgi-bin/ovpnmain.cgi',
- 'title' => "$Lang::tr{'virtual private networking'}",
- 'enabled' => 1,
- };
- $subservices->{'30.dyndns'} = {'caption' => $Lang::tr{'dynamic dns'},
- 'uri' => '/cgi-bin/ddns.cgi',
- 'title' => "$Lang::tr{'dynamic dns'}",
- 'enabled' => 1,
- };
- $subservices->{'40.time'} = {'caption' => $Lang::tr{'time server'},
- 'uri' => '/cgi-bin/time.cgi',
- 'title' => "$Lang::tr{'time server'}",
- 'enabled' => 1,
- };
- $subservices->{'50.qos'} = {'caption' => 'Quality of Service',
- 'uri' => '/cgi-bin/qos.cgi',
- 'title' => "Quality of Service",
- 'enabled' => 1,
- };
- $subservices->{'60.ids'} = {'caption' => $Lang::tr{'intrusion detection'},
- 'enabled' => 1,
- 'uri' => '/cgi-bin/ids.cgi',
- 'title' => "$Lang::tr{'intrusion detection system'}",
- };
- $subservices->{'70.extrahd'} = {'caption' => "ExtraHD",
- 'enabled' => 1,
- 'uri' => '/cgi-bin/extrahd.cgi',
- 'title' => "ExtraHD",
- };
+++ /dev/null
- $subfirewall->{'10.dnat'} = {
- 'caption' => $Lang::tr{'ssport forwarding'},
- 'uri' => '/cgi-bin/portfw.cgi',
- 'title' => "$Lang::tr{'ssport forwarding'}",
- 'enabled' => 1,
- };
- $subfirewall->{'20.xtaccess'} = {
- 'caption' => $Lang::tr{'external access'},
- 'uri' => '/cgi-bin/xtaccess.cgi',
- 'title' => "$Lang::tr{'external access'}",
- 'enabled' => 1,
- };
- $subfirewall->{'30.wireless'} = {
- 'caption' => $Lang::tr{'blue access'},
- 'uri' => '/cgi-bin/wireless.cgi',
- 'title' => "$Lang::tr{'blue access'}",
- 'enabled' => 1,
- };
- $subfirewall->{'40.dmz'} = {
- 'caption' => $Lang::tr{'ssdmz pinholes'},
- 'uri' => '/cgi-bin/dmzholes.cgi',
- 'title' => "$Lang::tr{'dmz pinhole configuration'}",
- 'enabled' => 1,
- };
- $subfirewall->{'50.outgoing'} = {
- 'caption' => $Lang::tr{'outgoing firewall'},
- 'uri' => '/cgi-bin/outgoingfw.cgi',
- 'title' => "$Lang::tr{'outgoing firewall'}",
- 'enabled' => 1,
- };
- $subfirewall->{'60.upnp'} = {
- 'caption' => 'UPnP',
- 'uri' => '/cgi-bin/upnp.cgi',
- 'title' => "Universal Plug and Play",
- 'enabled' => 0,
- };
+++ /dev/null
- $subipfire->{'10.pakfire'} = {'caption' => 'Pakfire',
- 'uri' => '/cgi-bin/pakfire.cgi',
- 'title' => "Pakfire",
- 'enabled' => 1,
- };
- $subipfire->{'99.help'} = {'caption' => $Lang::tr{'help'},
- 'uri' => '/cgi-bin/help.cgi',
- 'title' => "$Lang::tr{'help'}",
- 'enabled' => 1,
- };
+++ /dev/null
- $sublogs->{'10.summary'} = {'caption' => $Lang::tr{'log summary'},
- 'uri' => '/cgi-bin/logs.cgi/summary.dat',
- 'title' => "$Lang::tr{'log summary'}",
- 'enabled' => 1
- };
- $sublogs->{'20.settings'} = {'caption' => $Lang::tr{'log settings'},
- 'uri' => '/cgi-bin/logs.cgi/config.dat',
- 'title' => "$Lang::tr{'log settings'}",
- 'enabled' => 1
- };
- $sublogs->{'30.proxy'} = {'caption' => $Lang::tr{'proxy logs'},
- 'uri' => '/cgi-bin/logs.cgi/proxylog.dat',
- 'title' => "$Lang::tr{'proxy logs'}",
- 'enabled' => 1
- };
- $sublogs->{'31.calamaris'} = {'caption' => $Lang::tr{'calamaris proxy reports'},
- 'uri' => '/cgi-bin/logs.cgi/calamaris.dat',
- 'title' => "$Lang::tr{'calamaris proxy reports'}",
- 'enabled' => 1
- };
- $sublogs->{'40.firewall'} = {'caption' => $Lang::tr{'firewall logs'},
- 'uri' => '/cgi-bin/logs.cgi/firewalllog.dat',
- 'title' => "$Lang::tr{'firewall logs'}",
- 'enabled' => 1
- };
- $sublogs->{'41.firewallip'} = {'caption' => $Lang::tr{'firewall logs ip'},
- 'uri' => '/cgi-bin/logs.cgi/firewalllogip.dat',
- 'title' => "$Lang::tr{'firewall logs ip'}",
- 'enabled' => 1
- };
- $sublogs->{'42.firewallport'} = {'caption' => $Lang::tr{'firewall logs port'},
- 'uri' => '/cgi-bin/logs.cgi/firewalllogport.dat',
- 'title' => "$Lang::tr{'firewall logs port'}",
- 'enabled' => 1
- };
- $sublogs->{'50.ids'} = {'caption' => $Lang::tr{'ids logs'},
- 'uri' => '/cgi-bin/logs.cgi/ids.dat',
- 'title' => "$Lang::tr{'ids logs'}",
- 'enabled' => 1
- };
- $sublogs->{'60.urlfilter'} = {
- 'caption' => $Lang::tr{'urlfilter logs'},
- 'uri' => '/cgi-bin/logs.cgi/urlfilter.dat',
- 'title' => "$Lang::tr{'urlfilter log'}",
- 'enabled' => 1,
- };
- $sublogs->{'70.openvpn'} = {'caption' => $Lang::tr{'openvpn log'},
- 'uri' => '/cgi-bin/logs.cgi/openvpn.dat',
- 'title' => "$Lang::tr{'openvpn log'}",
- 'enabled' => 1
- };
- $sublogs->{'80.system'} = {'caption' => $Lang::tr{'system logs'},
- 'uri' => '/cgi-bin/logs.cgi/log.dat',
- 'title' => "$Lang::tr{'system logs'}",
- 'enabled' => 1
- };
- $sublogs->{'90.userlog'} = {'caption' => $Lang::tr{'user proxy logs'},
- 'uri' => '/cgi-bin/logs.cgi/userlog.dat',
- 'title' => "$Lang::tr{'user log'}",
- 'enabled' => 1
- };
+++ /dev/null
- $subipfire->{'40.mpfire'} = {'caption' => $Lang::tr{'mpfire'},
- 'uri' => '/cgi-bin/mpfire.cgi',
- 'title' => $Lang::tr{'mpfire'},
- 'enabled' => 1,
- };
+++ /dev/null
- $subipfire->{'30.samba'} = {'caption' => $Lang::tr{'samba'},
- 'uri' => '/cgi-bin/samba.cgi',
- 'title' => $Lang::tr{'samba'},
- 'enabled' => 1,
- };
+++ /dev/null
- $subipfire->{'40.tripwire'} = {'caption' => $Lang::tr{'tripwire'},
- 'uri' => '/cgi-bin/tripwire.cgi',
- 'title' => $Lang::tr{'tripwire'},
- 'enabled' => 1,
- };
+++ /dev/null
-bootpc,68,tcp&udp,Bootstrap Protocol Client
-bootps,67,tcp&udp,Bootstrap Protocol Server
-domain,53,tcp&udp,Domain Name Server
-echo,7,tcp&udp,Echo
-ftp,21,tcp&udp,File Transfer Control
-ftp-data,20,tcp&udp,File Control Data
-http,80,tcp,Hypertext Transfer Protocol
-https,443,tcp,secure HTTP
-imap,143,tcp,Interactive Mail Access Protocol
-imap3,220,tcp,Interactive Mail Access Protocol v3
-imaps,993,tcp,secure IMAP
-ipfire-https,444,tcp,IPFire HTTPS
-ipfire-ssh,222,tcp&udp,IPFire SSH
-irc,194,tcp&udp,Internet Relay Chat
-ircd,6667,tcp&udp,Internet Relay Chat
-microsoft-ds,445,tcp&udp,Netbios Filesharing
-nameserver,42,tcp&udp,Host Name Server
-netbios-dgm,138,tcp&udp,NETBIOS Datagram Service
-netbios-ns,137,tcp&udp,NETBIOS Name Server
-netbios-ssn,139,tcp&udp,NETBIOS Session Service
-nfs,2049,tcp&udp,Network File System
-ntp,123,udp,Network Time Protocol
-pop3,110,tcp,POP3 Email
-pop3s,995,tcp,secure POP3 Email
-sftp,115,tcp&udp,secure File Transfer Protocol
-smtp,25,tcp,Simple Mail Transfer Protocol
-smtps,465,tcp,secure Simple Mail Transfer Protocol
-snmp,161,tcp&udp,Simple Network Management
-snmptrap,162,udp,SNMP Trap
-ssh,22,tcp&udp,SSH
-telnet,23,tcp&udp,Telnet
-tftp,69,tcp&udp,Trivial File Transfer
-time,37,tcp&udp,Time
-wins,1512,tcp&udp,Windows Internet Name Service
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-
-use strict;
-# enable only the following on debugging purpose
-#use warnings;
-
-require '/var/ipfire/general-functions.pl';
-
-my %outfwsettings = ();
-my %checked = ();
-my %selected= () ;
-my %netsettings = ();
-my $errormessage = "";
-my $configentry = "";
-my @configs = ();
-my @configline = ();
-my $p2pentry = "";
-my @p2ps = ();
-my @p2pline = ();
-my @proto = ();
-my $CMD = "";
-my $P2PSTRING = "";
-
-my $DEBUG = 0;
-
-my $configfile = "/var/ipfire/outgoing/rules";
-my $p2pfile = "/var/ipfire/outgoing/p2protocols";
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-### Values that have to be initialized
-$outfwsettings{'ACTION'} = '';
-$outfwsettings{'VALID'} = 'yes';
-$outfwsettings{'EDIT'} = 'no';
-$outfwsettings{'NAME'} = '';
-$outfwsettings{'SNET'} = '';
-$outfwsettings{'SIP'} = '';
-$outfwsettings{'SPORT'} = '';
-$outfwsettings{'SMAC'} = '';
-$outfwsettings{'DIP'} = '';
-$outfwsettings{'DPORT'} = '';
-$outfwsettings{'PROT'} = '';
-$outfwsettings{'STATE'} = '';
-$outfwsettings{'DISPLAY_DIP'} = '';
-$outfwsettings{'DISPLAY_DPORT'} = '';
-$outfwsettings{'DISPLAY_SMAC'} = '';
-$outfwsettings{'DISPLAY_SIP'} = '';
-$outfwsettings{'POLICY'} = 'MODE0';
-my $SOURCE = "";
-my $DESTINATION = "";
-my $PROTO = "";
-my $DPORT = "";
-my $DEV = "";
-my $MAC = "";
-my $POLICY = "";
-my $DO = "";
-
-# read files
-&General::readhash("${General::swroot}/outgoing/settings", \%outfwsettings);
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-open( FILE, "< $configfile" ) or die "Unable to read $configfile";
-@configs = <FILE>;
-close FILE;
-
-if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
- $outfwsettings{'STATE'} = "ALLOW";
- $POLICY = "DROP";
- $DO = "ACCEPT";
-} elsif ( $outfwsettings{'POLICY'} eq 'MODE2' ) {
- $outfwsettings{'STATE'} = "DENY";
- $POLICY = "ACCEPT";
- $DO = "DROP";
-}
-
-### Initialize IPTables
-system("/sbin/iptables --flush OUTGOINGFW >/dev/null 2>&1");
-system("/sbin/iptables --delete-chain OUTGOINGFW >/dev/null 2>&1");
-system("/sbin/iptables -N OUTGOINGFW >/dev/null 2>&1");
-
-if ( $outfwsettings{'POLICY'} eq 'MODE0' ) {
- exit 0
-}
-
-if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
- $CMD = "/sbin/iptables -A OUTGOINGFW -m state --state ESTABLISHED,RELATED -j ACCEPT";
- if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
- $CMD = "/sbin/iptables -A OUTGOINGFW -p icmp -j ACCEPT";
- if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
-}
-
-foreach $configentry (sort @configs)
-{
- $SOURCE = "";
- $DESTINATION = "";
- $PROTO = "";
- $DPORT = "";
- $DEV = "";
- $MAC = "";
- @configline = split( /\;/, $configentry );
- if ($outfwsettings{'STATE'} eq $configline[0]) {
- if ($configline[2] eq 'green') {
- $SOURCE = "$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}";
- $DEV = $netsettings{'GREEN_DEV'};
- } elsif ($configline[2] eq 'blue') {
- $SOURCE = "$netsettings{'BLUE_NETADDRESS'}/$netsettings{'BLUE_NETMASK'}";
- $DEV = $netsettings{'BLUE_DEV'};
- } elsif ($configline[2] eq 'orange') {
- $SOURCE = "$netsettings{'ORANGE_NETADDRESS'}/$netsettings{'ORANGE_NETMASK'}";
- $DEV = $netsettings{'ORANGE_DEV'};
- } elsif ($configline[2] eq 'ip') {
- $SOURCE = "$configline[5]";
- $DEV = "";
- } else {
- $SOURCE = "0/0";
- $DEV = "";
- }
-
- if ($configline[7]) { $DESTINATION = "$configline[7]"; } else { $DESTINATION = "0/0"; }
-
- if ($configline[3] eq 'tcp') {
- @proto = ("tcp");
- } elsif ($configline[3] eq 'udp') {
- @proto = ("udp");
- } else {
- @proto = ("tcp", "udp");
- }
-
- foreach $PROTO (@proto) {
- $CMD = "/sbin/iptables -A OUTGOINGFW -s $SOURCE -d $DESTINATION -p $PROTO";
-
- if ($configline[8]) {
- $DPORT = "$configline[8]";
- $CMD = "$CMD --dport $DPORT";
- }
-
- if ($DEV) {
- $CMD = "$CMD -i $DEV";
- }
-
- if ($configline[6]) {
- $MAC = "$configline[6]";
- $CMD = "$CMD -m mac --mac-source $MAC";
- }
-
- $CMD = "$CMD -o $netsettings{'RED_DEV'}";
-
- if ($configline[9] eq "aktiv") {
- if ($DEBUG) {
- print "$CMD -m state --state NEW -m limit --limit 10/minute -j LOG --log-prefix 'OUTGOINGFW '\n";
- } else {
- system("$CMD -m state --state NEW -m limit --limit 10/minute -j LOG --log-prefix 'OUTGOINGFW '");
- }
- }
-
- if ($DEBUG) {
- print "$CMD -j $DO\n";
- } else {
- system("$CMD -j $DO");
- }
- }
- }
-}
-
-### Do the P2P-Stuff here
-open( FILE, "< $p2pfile" ) or die "Unable to read $p2pfile";
-@p2ps = <FILE>;
-close FILE;
-
-$CMD = "/sbin/iptables -A OUTGOINGFW -m ipp2p";
-
-foreach $p2pentry (sort @p2ps)
-{
- @p2pline = split( /\;/, $p2pentry );
- if ( $outfwsettings{'POLICY'} eq 'MODE2' ) {
- $DO = "DROP";
- if ("$p2pline[2]" eq "off") {
- $P2PSTRING = "$P2PSTRING --$p2pline[1]";
- }
- } else {
- $DO = "ACCEPT";
- if ("$p2pline[2]" eq "on") {
- $P2PSTRING = "$P2PSTRING --$p2pline[1]";
- }
- }
-}
-if ($P2PSTRING) {
- if ($DEBUG) {
- print "$CMD $P2PSTRING -j $DO\n";
- } else {
- system("$CMD $P2PSTRING -j $DO");
- }
-}
-
-if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
- $CMD = "/sbin/iptables -A OUTGOINGFW -o $netsettings{'RED_DEV'} -j DROP";
- if ($DEBUG) {
- print "$CMD\n";
- } else {
- system("$CMD");
- }
-}
+++ /dev/null
-01
\ No newline at end of file
+++ /dev/null
-HOME = .
-RANDFILE = /var/ipfire/ovpn/ca/.rnd
-oid_section = new_oids
-
-[ new_oids ]
-
-[ ca ]
-default_ca = openvpn
-
-[ openvpn ]
-dir = /var/ipfire/ovpn
-certs = $dir/certs
-crl_dir = $dir/crl
-database = $dir/certs/index.txt
-new_certs_dir = $dir/certs
-certificate = $dir/ca/cacert.pem
-serial = $dir/certs/serial
-crl = $dir/crl.pem
-private_key = $dir/ca/cakey.pem
-RANDFILE = $dir/ca/.rand
-x509_extensions = usr_cert
-default_days = 999999
-default_crl_days= 30
-default_md = md5
-preserve = no
-policy = policy_match
-email_in_dn = no
-
-[ policy_match ]
-countryName = optional
-stateOrProvinceName = optional
-organizationName = optional
-organizationalUnitName = optional
-commonName = supplied
-emailAddress = optional
-
-[ req ]
-default_bits = 1024
-default_keyfile = privkey.pem
-distinguished_name = req_distinguished_name
-attributes = req_attributes
-x509_extensions = v3_ca
-string_mask = nombstr
-
-[ req_distinguished_name ]
-countryName = Country Name (2 letter code)
-countryName_default = GB
-countryName_min = 2
-countryName_max = 2
-
-stateOrProvinceName = State or Province Name (full name)
-stateOrProvinceName_default =
-
-localityName = Locality Name (eg, city)
-#localityName_default =
-
-0.organizationName = Organization Name (eg, company)
-0.organizationName_default = My Company Ltd
-
-organizationalUnitName = Organizational Unit Name (eg, section)
-#organizationalUnitName_default =
-
-commonName = Common Name (eg, your name or your server\'s hostname)
-commonName_max = 64
-
-emailAddress = Email Address
-emailAddress_max = 40
-
-[ req_attributes ]
-challengePassword = A challenge password
-challengePassword_min = 4
-challengePassword_max = 20
-unstructuredName = An optional company name
-
-[ usr_cert ]
-basicConstraints=CA:FALSE
-nsComment = "OpenSSL Generated Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-[ server ]
-
-# JY ADDED -- Make a cert with nsCertType set to "server"
-basicConstraints=CA:FALSE
-nsCertType = server
-nsComment = "OpenSSL Generated Server Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-[ v3_req ]
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = CA:true
-
-[ crl_ext ]
-authorityKeyIdentifier=keyid:always,issuer:always
-
-[ engine ]
-default = openssl
+++ /dev/null
-#!/bin/sh
-if [ $1 -eq 0 ]; then
- name2=`echo $2`
- name3=${name2##*/}
- name4=${name3##*CN=}
- clientdisabled=`/bin/grep -iwc off,.*,$name4 /var/ipfire/ovpn/ovpnconfig`
- if [ "$clientdisabled" = "1" ]; then
- exit 1
- fi
- exit 0
-fi
-exit 0
+++ /dev/null
-
-##########################################
-##
-## DESCRIPTION
-##
-## RRD function for tc-graph.
-## Which is part of the ADSL-optimizer.
-##
-## REQUIRES
-##
-##
-## AUTHOR
-## Jesper Dangaard Brouer <hawk@diku.dk>, d.15/4-2004
-##
-## CHANGELOG
-## 2004-04-15: Initial version.
-##
-##########################################
-
-use RRDs;
-
-if (not defined $STEP) {
- my $STEP=10;
-}
-
-my $heartbeat=$STEP*2;
-
-# Update script samples every 10 seconds.
-# 24*60*60 = 86400 seconds (== one day)
-# 8640 *10 = 86400 seconds (== one day)
-# 8640 * 5days = 43200 seconds with 10 sec samples
-#
-my @rrd_data_sources =
- ("-s", $STEP,
- "DS:bytes:COUNTER:$heartbeat:0:U",
- "DS:bits:COUNTER:$heartbeat:0:U",
- "DS:pkts:COUNTER:$heartbeat:0:U",
- "DS:dropped:COUNTER:$heartbeat:0:U",
- "DS:overlimits:COUNTER:$heartbeat:0:U",
- "DS:lended:COUNTER:$heartbeat:0:U",
- "DS:borrowed:COUNTER:$heartbeat:0:U",
- "DS:giants:COUNTER:$heartbeat:0:U",
- "DS:backlog:GAUGE:$heartbeat:0:U",
- "RRA:AVERAGE:0.5:1:43200",
- "RRA:AVERAGE:0.5:7:8640",
- "RRA:AVERAGE:0.5:31:8640",
- "RRA:AVERAGE:0.5:372:8640",
- "RRA:MAX:0.5:7:8640",
- "RRA:MAX:0.5:31:8640",
- "RRA:MAX:0.5:372:8640"
- );
-
-
-sub get_filename_rrd($) {
- my $class_device = "$_[0]";
- my $filename = "${rrd_datadir}class_${class_device}.rrd";
- return $filename;
-}
-
-sub create_rrdfile($) {
- my $class_device = "$_[0]";
- my $filename = get_filename_rrd($class_device);
- RRDs::create $filename, @rrd_data_sources;
- my $ERROR = RRDs::error;
- if ($ERROR) {
- my $timestamp = time;
- die "$timestamp: ERROR - Unable to create RRDfile \"$filename\": $ERROR\n";
- }
-}
-
-sub format_class_data($) {
- my $class = $_[0];
- my ($rrd_template, $rrd_data);
- my (@array_template, @array_data);
- #print "Ref:". ref($class) ."\n";
-
- # Select and correct undef values and key
- while ( (my $key, my $value) = each %{$class}) {
- # Skip timestamps
- if ( ($key eq "last_update") ||
- ($key eq "file_update") ||
- ($key =~ /hfsc_/ )) {next}
-
- push @array_template, $key;
-
- if ( (not defined $value) ||
- ("$value" eq "") ) {
- $value = "U";
- }
- push @array_data, $value;
- }
-
- # Makes a RRD suitable input format
- $rrd_template = join(":",@array_template);
- $rrd_data = join(":",@array_data);
-
- return ($rrd_template, $rrd_data);
-}
-
-sub update_rrds {
-
- my $res=0;
-
- my @test = keys %classes_data;
- if ( $#test <= 0) {
- print time, " [update_rrds] WARNING: classes_data empty!\n";
- return "classes_data empty";
- }
-
- # Find the class_device (keys) in %classes_data
- for my $class_device ( keys %classes_data ) {
-
- if ("last_update" eq "$class_device") {next}
-
- # Verify file exist (else create it)
- my $filename = get_filename_rrd($class_device);
- if ( ! -f $filename ) {
- print "Creating RRDfile: $filename\n";
- create_rrdfile($class_device);
- }
- #print "$class_device\n";
-
- # Make a RRD suitable input format
- my ($rrd_template, $rrd_data) = format_class_data($classes_data{$class_device});
- #print "rrd_template: $rrd_template\n";
- #print "rrd_data: $rrd_data\n";
-
-
- # WHAT ABOUT:
- # $classes_data{$device}{last_update} ????
- my ($tmp, $device) = split /_/, $class_device;
- #print "device: $device $classes_data{last_update}{$device} \n";
- if ( (exists $classes_data{last_update}{$device}) ) {
- if ((($classes_data{$class_device}{last_update} + $heartbeat) <
- $classes_data{last_update}{$device})) {
- print "WARNING: the class $class_device was";
- print "not updated in lastrun + heartbeat...\n";
- print "Assuming $class_device is removed,";
- print " thus deleteing from hash table.";
-# # ??? MAYBE DELETE THE OLD HASH ???
- $res="Deleting class $class_device";
- for my $key ( keys %{ $classes_data{$class_device} } ) {
- delete( $classes_data{$class_device}{$key});
- print " Deleting key: $key from: $class_device \n";
- }
- delete $classes_data{$class_device};
- next;
- }
- }
-
- # Verifies that it is new data,
- # and not old data which already have been updated
- # FIXME
-# print "$0 FIXME update_rrds \n";
- if ( exists $classes_data{$class_device}{file_update} ) {
- if (($classes_data{$class_device}{file_update} >=
- $classes_data{$class_device}{last_update})) {
- print "Warning ($class_device):";
- print " data already updated... old data or deleted class?\n";
- $res="Old data or deleted class";
- # ??? MAYBE DELETE THE OLD HASH ???
- next;
- }
- }
-
-
- # Update the RRD file
- my $update_time = $classes_data{$class_device}{last_update};
-# print "Updates: $filename time:$update_time\n";
-# print " --template=$rrd_template\n";
-# print " $update_time:$rrd_data\n";
-
-# `rrdtool update $filename --template=$rrd_template $update_time:$rrd_data`;
- RRDs::update ($filename, "--template=$rrd_template",
- "N:$rrd_data");
-
- my $ERROR = RRDs::error;
- if ($ERROR) {
- my $timestamp = time;
- print "$timestamp: WARNING - ";
- print "Unable to update RRDfile \"$filename\": $ERROR\n";
- $res="Unable to update RRDfile \"$filename\"";
- } else {
- $classes_data{$class_device}{file_update} = time;
- }
- }
- return $res;
-}
-
-
-return 1;
-
+++ /dev/null
-#!/usr/bin/perl
-
-##########################################
-##
-## NAME
-##
-## DESCRIPTION
-##
-## Which is part of the ADSL-optimizer.
-##
-## USAGE / FUNCTIONS
-##
-##
-##
-##
-##
-## REQUIRES
-##
-##
-## AUTHOR
-## Jesper Dangaard Brouer <hawk@diku.dk>, d.21/4-2004
-##
-## CHANGELOG
-## 2004-04-21: Initial version.
-##
-##########################################
-
-our $event_file_all = "${event_datadir}changes.evt";
-sub get_filename_event($) {
- my $class_device = "$_[0]";
- my $filename = "${event_datadir}class_${class_device}.evt";
- return $filename;
-}
-
-sub get_filename_bandwidth_info($) {
- my $class_device = "$_[0]";
- my $filename = "${event_datadir}class_${class_device}_bandwidth.evt";
- return $filename;
-}
-
-sub update_event_file($$$) {
- my $filename = $_[0];
- my $information = $_[1];
- my $timestamp = $_[2];
-
- if ("$information" ne "") {
- # Append to file
- open( OUTPUT, ">>$filename")
- or print "ERROR: Opening/updating event file $filename\n";
- print OUTPUT "$timestamp $information\n";
- close(OUTPUT);
- }
-}
-
-sub update_info_file($$$) {
- my $filename = $_[0];
- my $information = $_[1];
- my $timestamp = $_[2];
- # Truncate file
- open( OUTPUT, ">$filename")
- or print "ERROR: Opening/updating info event file $filename\n";
- print OUTPUT "$timestamp $information\n";
- close(OUTPUT);
-
-}
-
-sub process_events {
-
- my @test = keys %classes_info;
- if ( $#test < 0) {
- print time, " [process_events] WARNING: classes_info empty!\n";
- return "classes_info empty";
- }
-
- my @bandwidth_items = ( "type", "prio", "rate", "ceil" );
-
- my $event_reduced = "";
- my $last_update;
-
- # Find the class_device (keys) in %classes_info
- for my $class_device ( sort keys %classes_info ) {
-
- if ("$class_device" eq "last_update") {next}
-
- my $event_class = "";
- my $bandwidth_info = "";
-
- # Tests if something has changed
- if ((not exists $classes_info{$class_device}{file_update}) ||
- ($classes_info{$class_device}{last_update} >
- $classes_info{$class_device}{file_update})) {
-
- $last_update = $classes_info{$class_device}{last_update};
-
- $event_class .= "($class_device)";
- if ( "$event_reduced" eq "" ) {$event_reduced="Class changed:"}
- $event_reduced .= " ($class_device)";
- # The list of changed keys
- while( $changed_key =
- shift @{ $classes_info{$class_device}{changed} })
- {
- my $value = $classes_info{$class_device}{$changed_key};
- $event_class .= " $changed_key=$value";
- }
-
- # When something changed always update all the bandwidth info
- foreach my $item (@bandwidth_items) {
- if (exists $classes_info{$class_device}{$item}) {
- my $value = $classes_info{$class_device}{$item};
- if (defined $value) {
- $bandwidth_info .= " $item:$value";
- }
- }
- }
-
- print time . "($class_device) changes... ($last_update) \"$bandwidth_info\" \n";
-
- $classes_info{$class_device}{file_update}=$last_update;
-
- my $event_file = get_filename_event($class_device);
- update_event_file($event_file , $event_class, $last_update);
-
- my $info_file = get_filename_bandwidth_info($class_device);
- update_info_file($info_file, $bandwidth_info, $last_update);
- }
-
- }
- # Only one line per process_events call
- # (notice $last_update is the latest timestamp assignment)
- if (defined $last_update) {
- update_event_file($event_file_all, $event_reduced, $last_update);
- }
-}
-
-
-1;
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-# enable only the following on debugging purpose
-# use warnings;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/lang.pl";
-require "${General::swroot}/header.pl";
-
-my %qossettings = ();
-my %checked = ();
-my %netsettings = ();
-my $message = "";
-my $errormessage = "";
-my $c = "";
-my $direntry = "";
-my $classentry = "";
-my $subclassentry = "";
-my $l7ruleentry = "";
-my $portruleentry = "";
-my $tosruleentry = "";
-my @tmp = ();
-my @classes = ();
-my @subclasses = ();
-my @l7rules = ();
-my @portrules = ();
-my @tosrules = ();
-my @tmpline = ();
-my @classline = ();
-my @subclassline = ();
-my @tosruleline = ();
-my @l7ruleline = ();
-my @portruleline = ();
-my @proto = ();
-my %selected= () ;
-my $classfile = "/var/ipfire/qos/classes";
-my $subclassfile = "/var/ipfire/qos/subclasses";
-my $level7file = "/var/ipfire/qos/level7config";
-my $portfile = "/var/ipfire/qos/portconfig";
-my $tosfile = "/var/ipfire/qos/tosconfig";
-
-&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-
-$qossettings{'ENABLED'} = 'off';
-$qossettings{'EDIT'} = 'no';
-$qossettings{'OUT_SPD'} = '';
-$qossettings{'INC_SPD'} = '';
-$qossettings{'DEF_OUT_SPD'} = '';
-$qossettings{'DEF_INC_SPD'} = '';
-$qossettings{'DEFCLASS_INC'} = '';
-$qossettings{'DEFCLASS_OUT'} = '';
-$qossettings{'ACK'} = '';
-$qossettings{'MTU'} = '1492';
-$qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`;
-$qossettings{'IMQ_DEV'} = 'imq0';
-$qossettings{'TOS'} = '';
-$qossettings{'VALID'} = 'yes';
-
-&General::readhash("${General::swroot}/qos/settings", \%qossettings);
-
-open( FILE, "< $classfile" ) or die "Unable to read $classfile";
-@classes = <FILE>;
-close FILE;
-open( FILE, "< $subclassfile" ) or die "Unable to read $subclassfile";
-@subclasses = <FILE>;
-close FILE;
-open( FILE, "< $level7file" ) or die "Unable to read $level7file";
-@l7rules = <FILE>;
-close FILE;
-open( FILE, "< $portfile" ) or die "Unable to read $portfile";
-@portrules = <FILE>;
-close FILE;
-open( FILE, "< $tosfile" ) or die "Unable to read $tosfile";
-@tosrules = <FILE>;
-close FILE;
-
-############################################################################################################################
-############################################################################################################################
-
-print <<END
-#/bin/bash
-#################################################
-# This is an autocreated QoS-Script for #
-# IPFIRE #
-# Copyright by the IPFire Team (GPLv2) #
-# www.ipfire.org #
-#################################################
-
-### SYSTEMVARIABLES:
-# RED INTERFACE: $qossettings{'RED_DEV'}
-# IMQ DEVICE: $qossettings{'IMQ_DEV'}
-
-case "\$1" in
-
- status)
- case "\$2" in
- qdisc)
- echo "[qdisc]"
- tc -s qdisc show dev $qossettings{'RED_DEV'}
- tc -s qdisc show dev $qossettings{'IMQ_DEV'}
- exit 0
- ;;
- class)
- echo "[class]"
- tc -s class show dev $qossettings{'RED_DEV'}
- tc -s class show dev $qossettings{'IMQ_DEV'}
- exit 0
- ;;
- filter)
- echo "[filter]"
- tc -s filter show dev $qossettings{'RED_DEV'}
- tc -s filter show dev $qossettings{'IMQ_DEV'}
- exit 0
- ;;
- iptables)
- echo "[iptables]"
- iptables -t mangle -n -L QOS-OUT -v -x 2> /dev/null
- iptables -t mangle -n -L QOS-INC -v -x 2> /dev/null
- iptables -t mangle -n -L QOS-TOS -v -x 2> /dev/null
- exit 0
- ;;
- esac
- \$0 \$1 qdisc
- \$0 \$1 class
- \$0 \$1 filter
- \$0 \$1 iptables
- exit 0
- ;;
- start)
- ###
- ### $qossettings{'RED_DEV'}
- ###
-
- ### INIT KERNEL
- modprobe sch_htb
-
- ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
- ip link set dev $qossettings{'RED_DEV'} qlen $qossettings{'QLENGTH'}
- ip link set dev $qossettings{'RED_DEV'} mtu $qossettings{'MTU'}
-
- ### ADD HTB QDISC FOR $qossettings{'RED_DEV'}
- tc qdisc add dev $qossettings{'RED_DEV'} root handle 1: htb default $qossettings{'DEFCLASS_OUT'}
-
- ### MAIN RATE LIMIT
- tc class add dev $qossettings{'RED_DEV'} parent 1: classid 1:1 htb rate $qossettings{'OUT_SPD'}kbit
-
- ### CLASSES FOR $qossettings{'RED_DEV'}
-END
-;
-foreach $classentry (sort @classes)
-{
- @classline = split( /\;/, $classentry );
- if ($qossettings{'RED_DEV'} eq $classline[0]) {
- $qossettings{'DEVICE'} = $classline[0];
- $qossettings{'CLASS'} = $classline[1];
- $qossettings{'PRIO'} = $classline[2];
- $qossettings{'RATE'} = $classline[3];
- $qossettings{'CEIL'} = $classline[4];
- $qossettings{'BURST'} = $classline[5];
- $qossettings{'CBURST'} = $classline[6];
- print "\ttc class add dev $qossettings{'DEVICE'} parent 1:1 classid 1:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
- if (($qossettings{'BURST'} ne '') && ($qossettings{'BURST'} ne 0)) {
- print "burst $qossettings{'BURST'}k ";
- }
- if (($qossettings{'CBURST'} ne '') && ($qossettings{'CBURST'} ne 0)) {
- print "cburst $qossettings{'CBURST'}k";
- }
- print "\n";
- }
-}
-foreach $subclassentry (sort @subclasses) {
- @subclassline = split( /\;/, $subclassentry );
- if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
- $qossettings{'DEVICE'} = $subclassline[0];
- $qossettings{'CLASS'} = $subclassline[1];
- $qossettings{'SCLASS'} = $subclassline[2];
- $qossettings{'SPRIO'} = $subclassline[3];
- $qossettings{'SRATE'} = $subclassline[4];
- $qossettings{'SCEIL'} = $subclassline[5];
- $qossettings{'SBURST'} = $subclassline[6];
- $qossettings{'SCBURST'} = $subclassline[7];
- print "\ttc class add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} classid 1:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
- if ($qossettings{'SBURST'} > 0) {
- print "burst $qossettings{'SBURST'}k ";
- }
- if (($qossettings{'SCBURST'} ne '') && ($qossettings{'SCBURST'} ne 0)) {
- print "cburst $qossettings{'CBURST'}k";
- }
- print "\n";
- }
-}
-
-print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
-foreach $classentry (sort @classes)
-{
- @classline = split( /\;/, $classentry );
- if ($qossettings{'RED_DEV'} eq $classline[0]) {
- $qossettings{'DEVICE'} = $classline[0];
- $qossettings{'CLASS'} = $classline[1];
- print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
- }
-}
-foreach $subclassentry (sort @subclasses) {
- @subclassline = split( /\;/, $subclassentry );
- if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
- $qossettings{'DEVICE'} = $subclassline[0];
- $qossettings{'SCLASS'} = $subclassline[2];
- print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 1:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
- }
-}
-print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
-foreach $classentry (sort @classes)
-{
- @classline = split( /\;/, $classentry );
- if ($qossettings{'RED_DEV'} eq $classline[0]) {
- $qossettings{'DEVICE'} = $classline[0];
- $qossettings{'CLASS'} = $classline[1];
- print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 1:$qossettings{'CLASS'}\n";
- }
-}
-foreach $subclassentry (sort @subclasses) {
- @subclassline = split( /\;/, $subclassentry );
- if ($qossettings{'RED_DEV'} eq $subclassline[0]) {
- $qossettings{'DEVICE'} = $subclassline[0];
- $qossettings{'CLASS'} = $subclassline[1];
- $qossettings{'SCLASS'} = $subclassline[2];
- print "\ttc filter add dev $qossettings{'DEVICE'} parent 1:0 prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 1:$qossettings{'SCLASS'}\n";
- }
-}
-print <<END
-
- ### ADD QOS-OUT CHAIN TO THE MANGLE TABLE IN IPTABLES
- iptables -t mangle -N QOS-OUT
- iptables -t mangle -N QOS-TOS
- iptables -t mangle -I POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
- iptables -t mangle -A POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-TOS
-
- ### MARK ACKs
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j TOS --set-tos 4
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j MARK --set-mark $qossettings{'ACK'}
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags SYN,RST SYN -j RETURN
-
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p icmp -m length --length 40:100 -j RETURN
-
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j TOS --set-tos 4
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --syn -m length --length 40:68 -j RETURN
-
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j TOS --set-tos 4
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j MARK --set-mark $qossettings{'ACK'}
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL SYN,ACK -m length --length 40:68 -j RETURN
-
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j TOS --set-tos 4
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j MARK --set-mark $qossettings{'ACK'}
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK -m length --length 40:100 -j RETURN
-
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j TOS --set-tos 4
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j MARK --set-mark $qossettings{'ACK'}
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL RST -j RETURN
-
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j TOS --set-tos 4
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j MARK --set-mark $qossettings{'ACK'}
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,RST -j RETURN
-
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j TOS --set-tos 4
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j MARK --set-mark $qossettings{'ACK'}
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -p tcp --tcp-flags ALL ACK,FIN -j RETURN
-
- ### SET TOS
-END
-;
- foreach $tosruleentry (sort @tosrules)
- {
- @tosruleline = split( /\;/, $tosruleentry );
- $qossettings{'CLASS'} = $tosruleline[0];
- $qossettings{'TOS'} = abs $tosruleline[2] * 2;
- if ( $tosruleline[1] eq $qossettings{'RED_DEV'} )
- {
- print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -m tos --tos $qossettings{'TOS'} -j MARK --set-mark $qossettings{'CLASS'}\n";
- print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -m tos --tos $qossettings{'TOS'} -j RETURN\n";
- }
- }
-
-print "\n\t### SET PORT-RULES\n";
- foreach $portruleentry (sort @portrules)
- {
- @portruleline = split( /\;/, $portruleentry );
- if ( $portruleline[1] eq $qossettings{'RED_DEV'} )
- {
- $qossettings{'CLASS'} = $portruleline[0];
- $qossettings{'DEVICE'} = $portruleline[1];
- $qossettings{'PPROT'} = $portruleline[2];
- $qossettings{'QIP'} = $portruleline[3];
- $qossettings{'QPORT'} = $portruleline[4];
- $qossettings{'DIP'} = $portruleline[5];
- $qossettings{'DPORT'} = $portruleline[6];
- print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
- if ($qossettings{'QIP'} ne ''){
- print "-s $qossettings{'QIP'} ";
- }
- if ($qossettings{'DIP'} ne ''){
- print "-d $qossettings{'DIP'} ";
- }
- print "-p $qossettings{'PPROT'} ";
- if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
- print "-m multiport ";
- }
- if ($qossettings{'QPORT'} ne ''){
- print "--sport $qossettings{'QPORT'} ";
- }
- if ($qossettings{'DPORT'} ne ''){
- print "--dport $qossettings{'DPORT'} ";
- }
- print "-j MARK --set-mark $qossettings{'CLASS'}\n";
- print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
- if ($qossettings{'QIP'} ne ''){
- print "-s $qossettings{'QIP'} ";
- }
- if ($qossettings{'DIP'} ne ''){
- print "-d $qossettings{'DIP'} ";
- }
- print "-p $qossettings{'PPROT'} ";
- if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
- print "-m multiport ";
- }
- if ($qossettings{'QPORT'} ne ''){
- print "--sport $qossettings{'QPORT'} ";
- }
- if ($qossettings{'DPORT'} ne ''){
- print "--dport $qossettings{'DPORT'} ";
- }
- print "-j RETURN\n\n";
- }
- }
-
-print <<END
-
- ### SET LEVEL7-RULES
-END
-;
- foreach $l7ruleentry (sort @l7rules)
- {
- @l7ruleline = split( /\;/, $l7ruleentry );
- if ( $l7ruleline[1] eq $qossettings{'RED_DEV'} )
- {
- $qossettings{'CLASS'} = $l7ruleline[0];
- $qossettings{'DEVICE'} = $l7ruleline[1];
- $qossettings{'L7PROT'} = $l7ruleline[2];
- $qossettings{'QIP'} = $l7ruleline[3];
- $qossettings{'DIP'} = $l7ruleline[4];
- print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
- if ($qossettings{'QIP'} ne ''){
- print "-s $qossettings{'QIP'} ";
- }
- if ($qossettings{'DIP'} ne ''){
- print "-d $qossettings{'DIP'} ";
- }
- print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
- print "\tiptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} ";
- if ($qossettings{'QIP'} ne ''){
- print "-s $qossettings{'QIP'} ";
- }
- if ($qossettings{'DIP'} ne ''){
- print "-d $qossettings{'DIP'} ";
- }
- print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j RETURN\n";
- }
- }
-
-print <<END
-
- ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
- iptables -t mangle -A QOS-OUT -o $qossettings{'RED_DEV'} -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_OUT'}
-
- ###
- ### $qossettings{'IMQ_DEV'}
- ###
-
- ### BRING UP $qossettings{'IMQ_DEV'}
- if [ `lsmod | grep -q ipt_IMQ` ]; then
- insmod ipt_IMQ
- sleep 2
- fi
- modprobe imq numdevs=1
- ip link set $qossettings{'IMQ_DEV'} up
-
- ### SET QUEUE LENGTH & MTU - has just to be tested!!! IMPORTANT
- ip link set dev $qossettings{'IMQ_DEV'} qlen $qossettings{'QLENGTH'}
- # ip link set dev $qossettings{'IMQ_DEV'} mtu $qossettings{'MTU'}
-
- ### ADD HTB QDISC FOR $qossettings{'IMQ_DEV'}
- tc qdisc add dev $qossettings{'IMQ_DEV'} root handle 2: htb default $qossettings{'DEFCLASS_INC'}
-
- ### MAIN RATE LIMIT
- tc class add dev $qossettings{'IMQ_DEV'} parent 2: classid 2:1 htb rate $qossettings{'INC_SPD'}kbit
-
- ### CLASSES FOR $qossettings{'IMQ_DEV'}
-END
-;
-foreach $classentry (sort @classes)
-{
- @classline = split( /\;/, $classentry );
- if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
- $qossettings{'DEVICE'} = $classline[0];
- $qossettings{'CLASS'} = $classline[1];
- $qossettings{'PRIO'} = $classline[2];
- $qossettings{'RATE'} = $classline[3];
- $qossettings{'CEIL'} = $classline[4];
- $qossettings{'BURST'} = $classline[5];
- $qossettings{'CBURST'} = $classline[6];
- print "\ttc class add dev $qossettings{'DEVICE'} parent 2:1 classid 2:$qossettings{'CLASS'} htb rate $qossettings{'RATE'}kbit ceil $qossettings{'CEIL'}kbit prio $qossettings{'PRIO'} ";
- if (($qossettings{'BURST'} ne '') && ($qossettings{'BURST'} ne 0)) {
- print "burst $qossettings{'BURST'}k ";
- }
- if (($qossettings{'CBURST'} ne '') && ($qossettings{'CBURST'} ne 0)) {
- print "cburst $qossettings{'CBURST'}k";
- }
- print "\n";
- }
-}
-foreach $subclassentry (sort @subclasses) {
- @subclassline = split( /\;/, $subclassentry );
- if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
- $qossettings{'DEVICE'} = $subclassline[0];
- $qossettings{'CLASS'} = $subclassline[1];
- $qossettings{'SCLASS'} = $subclassline[2];
- $qossettings{'SPRIO'} = $subclassline[3];
- $qossettings{'SRATE'} = $subclassline[4];
- $qossettings{'SCEIL'} = $subclassline[5];
- $qossettings{'SBURST'} = $subclassline[6];
- $qossettings{'SCBURST'} = $subclassline[7];
- print "\ttc class add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} classid 2:$qossettings{'SCLASS'} htb rate $qossettings{'SRATE'}kbit ceil $qossettings{'SCEIL'}kbit prio $qossettings{'SPRIO'} ";
- if ($qossettings{'SBURST'} > 0) {
- print "burst $qossettings{'SBURST'}k ";
- }
- if (($qossettings{'SCBURST'} ne '') && ($qossettings{'SCBURST'} ne 0)) {
- print "cburst $qossettings{'CBURST'}k";
- }
- print "\n";
- }
-}
-
-print "\n\t### ATTACH QDISC TO LEAF CLASSES\n";
-foreach $classentry (sort @classes)
-{
- @classline = split( /\;/, $classentry );
- if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
- $qossettings{'DEVICE'} = $classline[0];
- $qossettings{'CLASS'} = $classline[1];
- print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'CLASS'} handle $qossettings{'CLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
- }
-}
-foreach $subclassentry (sort @subclasses) {
- @subclassline = split( /\;/, $subclassentry );
- if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
- $qossettings{'DEVICE'} = $subclassline[0];
- $qossettings{'SCLASS'} = $subclassline[2];
- print "\ttc qdisc add dev $qossettings{'DEVICE'} parent 2:$qossettings{'SCLASS'} handle $qossettings{'SCLASS'}: sfq perturb $qossettings{'SFQ_PERTUB'}\n";
- }
-}
-print "\n\t### FILTER TRAFFIC INTO CLASSES\n";
-foreach $classentry (sort @classes)
-{
- @classline = split( /\;/, $classentry );
- if ($qossettings{'IMQ_DEV'} eq $classline[0]) {
- $qossettings{'DEVICE'} = $classline[0];
- $qossettings{'CLASS'} = $classline[1];
- print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:0 prio 0 protocol ip handle $qossettings{'CLASS'} fw flowid 2:$qossettings{'CLASS'}\n";
- }
-}
-foreach $subclassentry (sort @subclasses) {
- @subclassline = split( /\;/, $subclassentry );
- if ($qossettings{'IMQ_DEV'} eq $subclassline[0]) {
- $qossettings{'DEVICE'} = $subclassline[0];
- $qossettings{'CLASS'} = $subclassline[1];
- $qossettings{'SCLASS'} = $subclassline[2];
- print "\ttc filter add dev $qossettings{'DEVICE'} parent 2:0 prio 0 protocol ip handle $qossettings{'SCLASS'} fw flowid 2:$qossettings{'SCLASS'}\n";
- }
-}
-print <<END
-
- ### ADD QOS-INC CHAIN TO THE MANGLE TABLE IN IPTABLES
- iptables -t mangle -N QOS-INC
- iptables -t mangle -A PREROUTING -i $qossettings{'RED_DEV'} -j IMQ --todev 0
- iptables -t mangle -I PREROUTING -i $qossettings{'RED_DEV'} -j QOS-INC
- iptables -t mangle -A PREROUTING -i $qossettings{'RED_DEV'} -j QOS-TOS
-
- ### SET TOS
-END
-;
- foreach $tosruleentry (sort @tosrules)
- {
- @tosruleline = split( /\;/, $tosruleentry );
- $qossettings{'CLASS'} = $tosruleline[0];
- $qossettings{'TOS'} = abs $tosruleline[2] * 2;
- if ( $tosruleline[1] eq $qossettings{'IMQ_DEV'} )
- {
- print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} -m tos --tos $qossettings{'TOS'} -j MARK --set-mark $qossettings{'CLASS'}\n";
- print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} -m tos --tos $qossettings{'TOS'} -j RETURN\n";
- }
-
- }
-
-print "\n\t### SET PORT-RULES\n";
- foreach $portruleentry (sort @portrules)
- {
- @portruleline = split( /\;/, $portruleentry );
- if ( $portruleline[1] eq $qossettings{'IMQ_DEV'} )
- {
- $qossettings{'CLASS'} = $portruleline[0];
- $qossettings{'DEVICE'} = $portruleline[1];
- $qossettings{'PPROT'} = $portruleline[2];
- $qossettings{'QIP'} = $portruleline[3];
- $qossettings{'QPORT'} = $portruleline[4];
- $qossettings{'DIP'} = $portruleline[5];
- $qossettings{'DPORT'} = $portruleline[6];
- print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
- if ($qossettings{'QIP'} ne ''){
- print "-s $qossettings{'QIP'} ";
- }
- if ($qossettings{'DIP'} ne ''){
- print "-d $qossettings{'DIP'} ";
- }
- print "-p $qossettings{'PPROT'} ";
- if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
- print "-m multiport ";
- }
- if ($qossettings{'QPORT'} ne ''){
- print "--sport $qossettings{'QPORT'} ";
- }
- if ($qossettings{'DPORT'} ne ''){
- print "--dport $qossettings{'DPORT'} ";
- }
- print "-j MARK --set-mark $qossettings{'CLASS'}\n";
- print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
- if ($qossettings{'QIP'} ne ''){
- print "-s $qossettings{'QIP'} ";
- }
- if ($qossettings{'DIP'} ne ''){
- print "-d $qossettings{'DIP'} ";
- }
- print "-p $qossettings{'PPROT'} ";
- if (($qossettings{'QPORT'} ne '') || ($qossettings{'DPORT'} ne '')){
- print "-m multiport ";
- }
- if ($qossettings{'QPORT'} ne ''){
- print "--sport $qossettings{'QPORT'} ";
- }
- if ($qossettings{'DPORT'} ne ''){
- print "--dport $qossettings{'DPORT'} ";
- }
- print "-j RETURN\n\n";
- }
- }
-
-print <<END
-
- ### SET LEVEL7-RULES
-END
-;
- foreach $l7ruleentry (sort @l7rules)
- {
- @l7ruleline = split( /\;/, $l7ruleentry );
- if ( $l7ruleline[1] eq $qossettings{'IMQ_DEV'} )
- {
- $qossettings{'CLASS'} = $l7ruleline[0];
- $qossettings{'DEVICE'} = $l7ruleline[1];
- $qossettings{'L7PROT'} = $l7ruleline[2];
- $qossettings{'QIP'} = $l7ruleline[3];
- $qossettings{'DIP'} = $l7ruleline[4];
- print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
- if ($qossettings{'QIP'} ne ''){
- print "-s $qossettings{'QIP'} ";
- }
- if ($qossettings{'DIP'} ne ''){
- print "-d $qossettings{'DIP'} ";
- }
- print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j MARK --set-mark $qossettings{'CLASS'}\n";
- print "\tiptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} ";
- if ($qossettings{'QIP'} ne ''){
- print "-s $qossettings{'QIP'} ";
- }
- if ($qossettings{'DIP'} ne ''){
- print "-d $qossettings{'DIP'} ";
- }
- print "-m layer7 --l7dir /etc/l7-protocols/protocols --l7proto $qossettings{'L7PROT'} -j RETURN\n";
- }
- }
-
-print <<END
- ### REDUNDANT: SET ALL NONMARKED PACKETS TO DEFAULT CLASS
- iptables -t mangle -A QOS-INC -i $qossettings{'RED_DEV'} -m mark --mark 0 -j MARK --set-mark $qossettings{'DEFCLASS_INC'}
-
- ### SETTING TOS BITS
-END
-;
- foreach $classentry (sort @classes)
- {
- @classline = split( /\;/, $classentry );
- $qossettings{'CLASS'} = $classline[1];
- $qossettings{'TOS'} = abs $classline[7] * 2;
- if ($qossettings{'TOS'} ne "0") {
- print "\tiptables -t mangle -A QOS-TOS -m mark --mark $qossettings{'CLASS'} -j TOS --set-tos $qossettings{'TOS'}\n";
- print "\tiptables -t mangle -A QOS-TOS -m mark --mark $qossettings{'CLASS'} -j RETURN\n";
- }
- }
- foreach $subclassentry (sort @subclasses)
- {
- @subclassline = split( /\;/, $subclassentry );
- $qossettings{'SUBCLASS'} = $subclassline[1];
- $qossettings{'TOS'} = $subclassline[8];
- $qossettings{'TOS'} = abs $qossettings{'TOS'} * 2;
- if ($qossettings{'TOS'} ne "0") {
- print "\tiptables -t mangle -A QOS-TOS -m mark --mark $qossettings{'SUBCLASS'} -j TOS --set-tos $qossettings{'TOS'}\n";
- print "\tiptables -t mangle -A QOS-TOS -m mark --mark $qossettings{'SUBCLASS'} -j RETURN\n";
- }
- }
-
-print <<END
-
- ## STARTING COLLECTOR
- ( sleep 10 && /usr/local/bin/qosd $qossettings{'RED_DEV'} >/dev/null 2>&1) &
- ( sleep 10 && /usr/local/bin/qosd $qossettings{'IMQ_DEV'} >/dev/null 2>&1) &
-
- echo "Quality of Service was successfully started!"
- exit 0
- ;;
- clear|stop)
- ### RESET EVERYTHING TO A KNOWN STATE
- killall qosd
- (sleep 3 && killall -9 qosd &>/dev/null) &
- # DELETE QDISCS
- tc qdisc del dev $qossettings{'RED_DEV'} root
- tc qdisc del dev $qossettings{'IMQ_DEV'} root
- # STOP IMQ-DEVICE
- ip link set $qossettings{'IMQ_DEV'} down
- iptables -t mangle --delete PREROUTING -i $qossettings{'RED_DEV'} -j IMQ --todev 0
- rmmod imq
- # REMOVE & FLUSH CHAINS
- iptables -t mangle --delete POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-OUT
- iptables -t mangle --delete POSTROUTING -o $qossettings{'RED_DEV'} -j QOS-TOS
- iptables -t mangle --flush QOS-OUT
- iptables -t mangle --delete-chain QOS-OUT
- iptables -t mangle --delete PREROUTING -i $qossettings{'RED_DEV'} -j QOS-INC
- iptables -t mangle --delete PREROUTING -i $qossettings{'RED_DEV'} -j QOS-TOS
- iptables -t mangle --flush QOS-INC
- iptables -t mangle --delete-chain QOS-INC
- iptables -t mangle --flush QOS-TOS
- iptables -t mangle --delete-chain QOS-TOS
- rmmod sch_htb
- echo "Quality of Service was successfully cleared!"
- ;;
- gen|generate)
- echo -n "Generateing the QoS-Scripts..."
- /usr/bin/perl /var/ipfire/qos/bin/makeqosscripts.pl > /var/ipfire/qos/bin/qos.sh
- echo ".Done!"
- exit 0
- ;;
- restart)
- ### FIRST CLEAR EVERYTHING
- \$0 clear
-
- ### THEN START
- \$0 start
- ;;
-esac
-### EOF
-END
-;
-
-############################################################################################################################
-############################################################################################################################
+++ /dev/null
-#!/usr/bin/perl
-
-##########################################
-##
-## NAME
-##
-## DESCRIPTION
-##
-## Which is part of the ADSL-optimizer.
-##
-## USAGE / FUNCTIONS
-##
-##
-##
-##
-##
-## REQUIRES
-##
-##
-## AUTHOR
-## Jesper Dangaard Brouer <hawk@diku.dk>, d.15/4-2004
-##
-## CHANGELOG
-## 2004-04-15: Initial version.
-## 2005-04-18: Remove some warnings.
-##
-##########################################
-
-#use Data::Dumper;
-
-#our %classes_data;
-#our %classes_info;
-#our $tc_command="/sbin/tc";
-
-my @input_htb = (<<"END_OF_HERE_HTB" =~ m/^\s*(.+)/gm);
-class tbf 4220:1 parent 4220:
-class htb 1:1 root rate 400Kbit ceil 400Kbit burst 2111b cburst 2111b
- Sent 12369084336 bytes 80967118 pkts (dropped 0, overlimits 0)
- rate 45020bps 258pps
- lended: 23353805 borrowed: 0 giants: 0
- tokens: 30210 ctokens: 30210
-
-class htb 1:10 parent 1:1 prio 0 rate 80Kbit ceil 320Kbit burst 1701b cburst 2008b
- Sent 80640087 bytes 247988 pkts (dropped 0, overlimits 0)
- backlog 42p
- lended: 230876 borrowed: 17112 giants: 0
- tokens: 127200 ctokens: 37940
-
-class htb 1:20 parent 1:1 leaf 4220: prio 1 rate 100Kbit ceil 200Kbit burst 1727b cburst 1855b
- Sent 2495181573 bytes 44034303 pkts (dropped 5837, overlimits 0)
- lended: 43825585 borrowed: 208718 giants: 0
- tokens: 103424 ctokens: 55808
-
-class htb 1:30 parent 1:1 leaf 4230: prio 3 rate 80Kbit ceil 400Kbit burst 1701b cburst 2111b
- Sent 2060213567 bytes 5465574 pkts (dropped 121, overlimits 0)
- rate 16851bps 35pps
- lended: 4556992 borrowed: 908582 giants: 0
- tokens: -25364 ctokens: 32897
-
-class htb 1:50 parent 1:1 leaf 4250: prio 5 rate 40Kbit ceil 120Kbit burst 1650b cburst 1752b
- Sent 6071486687 bytes 24448436 pkts (dropped 8086739, overlimits 0)
- rate 15801bps 85pps backlog 126p
- lended: 8324530 borrowed: 16123780 giants: 0
- tokens: -202717 ctokens: -172499
-
-class htb 1:666 parent 1:1 leaf 666: prio 7 rate 4Kbit ceil 40Kbit burst 1604b cburst 1650b
- Sent 2148626078 bytes 6771069 pkts (dropped 2078536, overlimits 0)
- rate 5221bps 17pps backlog 125p
- lended: 675330 borrowed: 6095613 giants: 0
- tokens: -1149121 ctokens: -293386
-
-END_OF_HERE_HTB
-
-
-my @input_hfsc = (<<"END_OF_HERE_HFSC" =~ m/^\s*(.+)/gm);
-class hfsc 1: root
- Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
- period 0 level 2
-
-class hfsc 1:1 parent 1: ls m1 0bps d 0us m2 250Kbit ul m1 0bps d 0us m2 250Kbit
- Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
- period 6 work 131770097 bytes level 1
-
-class hfsc 1:10 parent 1:1 rt m1 250Kbit d 30.0ms m2 50Kbit ls m1 250Kbit d 50.0ms m2 50Kbit
- Sent 1300885 bytes 7052 pkts (dropped 0, overlimits 0)
- period 6502 work 1300885 bytes rtwork 1245495 bytes level 0
-
-class hfsc 1:20 parent 1: rt m1 0bps d 64.0ms m2 75Kbit ls m1 0bps d 0us m2 250Kbit
- Sent 19144279 bytes 325503 pkts (dropped 46, overlimits 0)
- backlog 3p
- period 20242 work 19143778 bytes level 0
-
-class hfsc 1:30 parent 1:1 leaf 4230: ls m1 0bps d 150.0ms m2 50Kbit
- Sent 45139930 bytes 74200 pkts (dropped 1664, overlimits 0)
- backlog 24p
- period 140 work 44885232 bytes level 0
-
-class hfsc 1:50 parent 1:1 leaf 4250: ls m1 0bps d 235.7ms m2 72Kbit
- Sent 73910198 bytes 301294 pkts (dropped 104807, overlimits 0)
- backlog 62p
- period 115 work 64625490 bytes level 0
-
-class hfsc 1:666 parent 1:1 leaf 666: ls m1 0bps d 1.0s m2 2Kbit
- Sent 2217104 bytes 17018 pkts (dropped 74526, overlimits 0)
- backlog 22p
- period 1 work 1814712 bytes level 0
-
-END_OF_HERE_HFSC
-
-sub parse_class($) {
- my $device = "$_[0]";
- my $return_val = 1;
-
- my $timestamp = time;
- my @tc_output = `$tc_command -statistics class show dev $device`;
-# my @tc_output = @input_hfsc;
-# my @tc_output = @input_htb;
- my $result = $?;
- if ( $result != 0 ) {
- print "Error executing $tc_command\n";
- return $result;
- }
-
- $classes_data{last_update}{$device} = $timestamp;
- $classes_info{last_update}{$device} = $timestamp;
-
- #for my $line (@tc_output) {
- for my $i (0 .. $#tc_output) {
-
- my $line=$tc_output[$i];
- # Parsing HTB:
- # ------------
- if ( $line =~ m/class htb (\d+):(\d+)( root| parent )?(\d+:\d+)?( leaf )?(\d+)?:?( prio )?(\d+)? rate (.*) ceil (.*) burst (.*) cburst (.*)/ ) {
- my $type = "htb";
- my $major = $1;
- my $minor = $2;
- my $class = "${major}-${minor}";
- #my $hash = "${class}_${device}";
- my $parent= $4;
- my $leaf = $6;
- my $prio = $8;
- my $rate = $9;
- my $ceil = $10;
- my $burst = $11;
- my $cburst= $12;
-
- #print "class: $class\n"."parent: $parent\n"."leaf: $leaf\n"."prio: $prio\n";
- #print "rate: $rate\n"."ceil: $ceil\n"."burst: $burst\n"."cburst: $cburst\n";
-
- my ($bytes, $pkts, $dropped, $overlimits);
- if ($tc_output[$i + 1] =~ m/Sent (\d+) bytes (\d+) pkt \(dropped (\d+), overlimits (\d+) requeues (\d+)\)/ ) {
- $bytes = $1;
- $pkts = $2;
- $dropped = $3;
- $overlimits = $4;
- $requeues = $5;
- #print "bytes: $bytes\n"."pkts: $pkts\n";
- #print "dropped: $dropped\n"."overlimits: $overlimits\n"."requeues: $requeues\n";
- } else {
- print "$timestamp: ERROR(+1) - Unable to parse (class ${class}_$device): ";
- print "\"$tc_output[$i + 1]\"\n";
- $return_val="";
- next;
- }
-
- # Problem:
- # Sometimes the "rate" line is not shown (when a rate cannot be calculated)
- # And sometimes only "backlog"...
- # Use $next_index to specify the next line to parse
- #
- my $next_index = 3;
- my ($backlog);
- if ($tc_output[$i + 2] =~ m/((rate (\d+\w+) )|backlog )(\d+)?(pps )?(backlog )?(\d+)?p?/ ) {
- $backlog = $7;
- #print "backlog: $backlog\n";
- } else {
-# Too verbose:
-# print "$timestamp: WARNING \"rate\" line missing";
-# print " very inactive class ${class}_$device).\n";
- $next_index = 2;
- }
-
- my ($lended, $borrowed, $giants);
- if ($tc_output[$i + $next_index] =~ m/lended: (\d+) borrowed: (\d+) giants: (\d+)/ ) {
- $lended = $1;
- $borrowed = $2;
- $giants = $3;
- #print "lended: $lended\n"."borrowed: $borrowed\n"."giants: $giants\n";
- } else {
- print "$timestamp: ERROR(+$next_index) - Unable to parse (class ${class}_$device): ";
- print "\"$tc_output[$i + $next_index]\"\n";
- $return_val="";
- next;
- }
-
- # Update the hash tables
- my $hash="${class}_$device";
-
- # Tests if previous data have been updated to file
- if ( (exists $classes_data{$hash}{last_update}) &&
- (exists $classes_data{$hash}{file_update})) {
- if ( $classes_data{$hash}{last_update} >
- $classes_data{$hash}{file_update} ){
- print "Warning: old data from $hash has not been updated to file!\n";
- }
- }
-
- # Update the statistics data
- # (need a function call for error checking)
- $classes_data{$hash}{last_update} = $timestamp;
- update_counter( $hash, $timestamp, "bytes" , $bytes);
- #(yes I know its bad/redundant, but it makes in easier elsewhere)
- update_counter( $hash, $timestamp, "bits" , $bytes*8);
- update_counter( $hash, $timestamp, "pkts" , $pkts);
- update_counter( $hash, $timestamp, "dropped" , $dropped);
- update_counter( $hash, $timestamp, "overlimits", $overlimits);
- update_counter( $hash, $timestamp, "lended" , $lended);
- update_counter( $hash, $timestamp, "borrowed" , $borrowed);
- update_counter( $hash, $timestamp, "giants" , $giants);
- # Not a counter value...
- $classes_data{$hash}{backlog} = $backlog;
-
- # Update the info data
- # (remember to update the "type" first)
- update_info( $hash, $timestamp, "type" , $type);
- update_info( $hash, $timestamp, "parent", $parent);
- update_info( $hash, $timestamp, "leaf" , $leaf);
- update_info( $hash, $timestamp, "prio" , $prio);
- update_info( $hash, $timestamp, "rate" , $rate);
- update_info( $hash, $timestamp, "ceil" , $ceil);
- update_info( $hash, $timestamp, "burst" , $burst);
- update_info( $hash, $timestamp, "cburst", $cburst);
-
- #print "\n";
- }
-
- # Parsing HFSC:
- # -------------
- if ( $line =~ m/class hfsc (\d+):(\d+)( root| parent )?(\d+:\d?)?( leaf )?(\d+)?:?( rt m1 (\d+\w+?) d (\d+.?\d?\w+) m2 (\d+\w+?))?( ls m1 (\d+\w+?) d (\d+.?\d?\w+) m2 (\d+\w+?))?( ul m1 (\d+\w+?) d (\d+.?\d?\w+) m2 (\d+\w+?))? / ){
-
- my $type = "hfsc";
- my $major = $1;
- my $minor = $2;
- my $class = "${major}-${minor}";
- #my $hash = "${class}_${device}";
- my $parent= $4;
- my $leaf = $6;
-
- my $realtime_m1; if (defined $8 && $8 ne '0bps') {$realtime_m1 = $8;}
- my $realtime_d; if (defined $9 && $9 ne '0us' ) {$realtime_d = $9;}
- my $realtime_m2 = $10;
-
- my $linkshare_m1; if (defined $12 && $12 ne '0bps') { $linkshare_m1 = $12;}
- my $linkshare_d ; if (defined $13 && $13 ne '0us' ) { $linkshare_d = $13;}
- my $linkshare_m2 = $14;
-
- my $upperlimit_m1; if (defined $16 && $16 ne '0bps') { $upperlimit_m1 = $16;}
- my $upperlimit_d ; if (defined $17 && $17 ne '0us' ) { $upperlimit_d = $17;}
- my $upperlimit_m2 = $18;
-
- #print "\nType: $type\n";
- my ($bytes, $pkts, $dropped, $overlimits);
- if ($tc_output[$i + 1] =~ m/Sent (\d+) bytes (\d+) pkts \(dropped (\d+), overlimits (\d+)\)/ ) {
- $bytes = $1;
- $pkts = $2;
- $dropped = $3;
- $overlimits = $4;
- #print "bytes: $bytes\n"."pkts: $pkts\n";
- #print "dropped: $dropped\n"."overlimits: $overlimits\n";
- } else {
- print "$timestamp: ERROR(+1) - Unable to parse (class ${class}_$device): ";
- print "\"$tc_output[$i + 1]\"\n";
- $return_val="";
- next;
- }
-
- # Sometimes the "backlog" line is not shown (when there is no backlog...)
- # Use $next_index to specify the next line to parse
- #
- my $next_index = 3;
- my ($backlog);
- if ($tc_output[$i + 2] =~ m/backlog (\d+)?p?/ ) {
- $backlog = $1;
- #print "backlog: $backlog\n";
- } else {
- $next_index = 2;
- }
-
- my ($period, $work, $rtwork, $level);
- if ($tc_output[$i + $next_index] =~ m/period (\d+) (work (\d+) bytes )?(rtwork (\d+) bytes )?level (\d+)/ ) {
- $period = $1;
- $work = $3;
- $rtwork = $5;
- $level = $6
- } else {
- print "$timestamp: ERROR(+$next_index) - Unable to parse (class ${class}_$device): ";
- print "\"$tc_output[$i + $next_index]\"\n";
- $return_val="";
- next;
- }
-
-
- # Update the hash tables
- my $hash="${class}_$device";
-
- # Tests if previous data have been updated to file
- if ( (exists $classes_data{$hash}{last_update}) &&
- (exists $classes_data{$hash}{file_update})) {
- if ( $classes_data{$hash}{last_update} >
- $classes_data{$hash}{file_update} ){
- print "Warning: old data from $hash has not been updated to file!\n";
- }
- }
-
- # HFSC - Update the statistics data
- # (need a function call for error checking)
- $classes_data{$hash}{last_update} = $timestamp;
- update_counter( $hash, $timestamp, "bytes" , $bytes);
- #(yes I know its bad/redundant, but it makes in easier elsewhere)
- update_counter( $hash, $timestamp, "bits" , $bytes*8);
- update_counter( $hash, $timestamp, "pkts" , $pkts);
- update_counter( $hash, $timestamp, "dropped" , $dropped);
- update_counter( $hash, $timestamp, "overlimits", $overlimits);
- # Not a counter value...
- $classes_data{$hash}{backlog} = $backlog;
- #
- # Extra HFSC counters
- $classes_data{$hash}{hfsc_period} = $period;
- update_counter( $hash, $timestamp, "hfsc_work" , $work);
- update_counter( $hash, $timestamp, "hfsc_rtwork" , $rtwork);
-
-
- # HFSC - Update the info data
- # (remember to update the "type" first)
- update_info( $hash, $timestamp, "type" , $type);
- update_info( $hash, $timestamp, "parent", $parent);
- update_info( $hash, $timestamp, "leaf" , $leaf);
- #
- # Extra HFSC information
- update_info( $hash, $timestamp, "level" , $level);
- update_info( $hash, $timestamp, "realtime_m1", $realtime_m1);
- update_info( $hash, $timestamp, "realtime_d" , $realtime_d);
- update_info( $hash, $timestamp, "realtime_m2", $realtime_m2);
-
- update_info( $hash, $timestamp, "linkshare_m1", $linkshare_m1);
- update_info( $hash, $timestamp, "linkshare_d" , $linkshare_d);
- update_info( $hash, $timestamp, "linkshare_m2", $linkshare_m2);
-
- update_info( $hash, $timestamp, "upperlimit_m1", $upperlimit_m1);
- update_info( $hash, $timestamp, "upperlimit_d" , $upperlimit_d);
- update_info( $hash, $timestamp, "upperlimit_m2", $upperlimit_m2);
-
-
- }
-
- # Parsing XXX:
- # ------------
- if ( $line =~ m/class XXX/ ) {
- print "Matching class XXX\n";
- }
-
- }
- return $return_val;
-}
-
-# The main purpose of this function is to detect counter resets
-# and avoid parsing them on to RRDtool which interprets them
-# as counter overflows, thus updating with a very large number.
-sub update_counter ($$$$) {
- my $class_hash = "$_[0]";
- my $timestamp = "$_[1]";
- my $data_key = "$_[2]";
- my $new_value;
- if ( defined $_[3]) {
- $new_value = "$_[3]";
- }
- #
- my $max_allowed_wrap_increase = 100000000;
- my $old_value;
- if (exists $classes_data{$class_hash}{$data_key}) {
- $old_value = $classes_data{$class_hash}{$data_key};
- #print "old_value: $old_value\n";
- }
-
-# # If the new and old value is not defined, nothing is done
-# if ((not defined $new_value) && (not defined $old_value)) {
-# return "";
-# }
-
- # Argh... the tc program outputs in unsigned long long (64 bit).
- # but perls integers should be 32 bit, but some how perl
- # manages to store numbers larger than 32 bit numbers.
- my $MAX_VALUE=0xFFFFFFFF;
-
- if ((defined $new_value) && (defined $old_value)) {
- my $delta = $new_value - $old_value;
- if ( $delta < 0 ) {
- # Counter wrap around...
- my $real_delta = $delta + $MAX_VALUE + 1;
- if ($real_delta < 0) {
- print "($class_hash:$data_key): Perl-Magic using numbers bigger than 32bit ";
- print "new:$new_value - old:$old_value = delta:$delta, real_delta:$real_delta.\n";
- }
- print time . " ($class_hash:$data_key) Info: Counter wrap around (real delta:$real_delta)\n";
- if ( ($real_delta > $max_allowed_wrap_increase) ||
- ($real_delta < 0)) {
- # Properly a counter reset and not a wrap around
- # A counter reset normally a result of a reload of the classes
- $classes_data{$class_hash}{$data_key} = undef;
- $classes_info{$class_hash}{counter_reset} = $timestamp;
- $classes_info{$class_hash}{last_update} = $timestamp;
- print time . "Warning: Real_delta too big, assuming Counter reset";
- print "($class_hash:$data_key)\n";
- return "Counter reset";
- }
- }
- }
-
- $classes_data{$class_hash}{$data_key} = $new_value;
- return 1;
-}
-
-sub update_info ($$$$) {
- my $class_hash = "$_[0]";
- my $timestamp = "$_[1]";
- my $info_key = "$_[2]";
- my $new_value;
- if ( defined $_[3]) {
- $new_value = "$_[3]";
- }
- my $old_value;
- if (exists $classes_info{$class_hash}{$info_key}) {
- $old_value = $classes_info{$class_hash}{$info_key};
- #print "old_value: $old_value\n";
- }
-
- # If the new and old value is not defined, nothing is done
- if ((not defined $new_value) && (not defined $old_value)) {
- return "";
- }
-
- # An update is needed
- # - if the old_value is not defined and new_value is defined
- # - if the new_value is not defined and old_value is defined
- # - if the old_value differs from the new,
- #
- if ( ((not defined $old_value) and (defined $new_value)) ||
- ((not defined $new_value) and (defined $old_value)) ||
- ("$old_value" ne "$new_value")) {
-
- # Special case: If the "type" changes the hash should be cleared
- if ( "$info_key" eq "type") {
- #print "Type has changed clearing hash \n";
- for my $key ( keys %{ $classes_info{$class_hash} } ) {
- delete( $classes_info{$class_hash}{$key});
- print " Deleting key: $key from: $class_hash \n";
- }
- }
-
- if (defined $new_value) {
- $classes_info{$class_hash}{$info_key} = $new_value;
- } else {
- #print "New value undef -> Deleting key: $info_key from: $class_hash\n";
- delete($classes_info{$class_hash}{$info_key});
- }
-
- # Mark the class for an info-file update
- $classes_info{$class_hash}{last_update} = $timestamp;
-
- # Update list/array of "changed" keys
- push @{ $classes_info{$class_hash}{changed} }, $info_key;
-
- # Print debug info
- #print "Update class:$class_hash $info_key=";
- #if (defined $new_value) {print "$new_value"};
- #print "\n";
- return 1;
- }
- return "";
-}
-
-# test
-#parse_class(eth1);
-
-#print Dumper(%classes_data);
-#print Dumper(%classes_info);
-
-return 1;
+++ /dev/null
-#!/usr/bin/perl
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) 2006 marco.s
-#
-# $Id: checkup,v 1.0 2006/08/30 00:00:00 marco.s Exp $
-#
-
-use strict;
-
-use IO::Socket;
-use HTTP::Date;
-
-my $swroot='/var/ipfire';
-my $scriptpath=substr($0,0,rindex($0,"/"));
-my $apphome="/var/ipfire/updatexlrator";
-my $logfile="/var/log/updatexlrator/checkup.log";
-my $debug=(-e "$apphome/debug");
-my $repository='/srv/web/ipfire/html/updatecache';
-my %xlratorsettings=();
-my $download=0;
-my $updatefile='';
-my $sourceurl='';
-my $remote_size=0;
-my $local_size=0;
-my $remote_mtime=0;
-my $local_mtime=0;
-my @updatelist=();
-my @metadata=();
-
-@updatelist = <$repository/*>;
-
-my $sfUnknown = "0";
-my $sfOk = "1";
-my $sfOutdated = "2";
-
-if (-e "$swroot/updatexlrator/settings")
-{
- &readhash("$swroot/updatexlrator/settings", \%xlratorsettings);
- if ($xlratorsettings{'FULL_AUTOSYNC'} eq 'on') { $download=1; };
-}
-
-foreach (@updatelist)
-{
- if (!-d $_)
- {
- $updatefile = substr($_,rindex($_,"/")+1);
- if (-e "$repository/metadata/$updatefile")
- {
- open (FILE,"$repository/metadata/$updatefile");
- @metadata = <FILE>;
- close FILE;
- chomp(@metadata);
- $sourceurl = $metadata[0];
-
- $remote_size = &getdownloadsize($sourceurl);
- $local_size = (-s "$repository/$updatefile");
-
- $remote_mtime = &getlastmod($sourceurl);
- $local_mtime = &getmtime("$repository/$updatefile");
-
- if ($remote_mtime eq 0)
- {
- $metadata[2] = $sfUnknown;
- if ($debug) { &writelog("$updatefile - WARNING: Source not found"); }
- print "$updatefile - WARNING: Source not found\n";
- }
- elsif (($local_mtime eq $remote_mtime) && ($local_size == $remote_size))
- {
- $metadata[2] = $sfOk;
- $metadata[3] = time;
- if ($debug) { &writelog("$updatefile"); }
- print "$updatefile\n";
- }
- else
- {
- $metadata[2] = $sfOutdated;
- $metadata[3] = time;
- if ($debug) { &writelog("$updatefile - WARNING: Out of date"); }
- print "$updatefile - WARNING: Out of date\n";
- if ($download)
- {
- if ($debug)
- {
- 1 while $remote_size =~ s/^(-?\d+)(\d{3})/$1.$2/;
- print "Please wait, retrieving file ($remote_size Byte) from source ...";
- `$scriptpath/../bin/wget -nd -nv -O $repository/$updatefile $sourceurl >>$logfile 2>&1`;
- print "\n";
- } else
- {
- `$scriptpath/../bin/wget -nd -nv -O $repository/$updatefile $sourceurl 2>&1`;
- }
- $local_mtime = &getmtime("$repository/$updatefile");
- if ($local_mtime eq $remote_mtime) { $metadata[2] = $sfOk; }
- }
- }
- open (FILE,">$repository/metadata/$updatefile");
- foreach (@metadata) { print FILE "$_\n"; }
- close FILE;
- }
- }
-}
-
-# -------------------------------------------------------------------
-
-sub readhash
-{
- my $filename = $_[0];
- my $hash = $_[1];
- my ($var, $val);
-
- if (-e $filename)
- {
- open(FILE, $filename) or die "Unable to read file $filename";
- while (<FILE>)
- {
- chop;
- ($var, $val) = split /=/, $_, 2;
- if ($var)
- {
- $val =~ s/^\'//g;
- $val =~ s/\'$//g;
-
- # Untaint variables read from hash
- $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
- $val =~ /([\w\W]*)/; $val = $1;
- $hash->{$var} = $val;
- }
- }
- close FILE;
- }
-}
-
-# -------------------------------------------------------------------
-
-sub getmtime
-{
- my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = stat($_[0]);
-
- return $mtime;
-}
-
-# -------------------------------------------------------------------
-
-sub getlastmod
-{
- my $remote=0;
- my @response=();
- my $lastmoddate=0;
-
- my $url = $_[0];
-
- $url =~ s@^(.*)://([^/]*)@@;
-
- my $proto = $1;
- my $fqhn = $2;
-
- if ((-e "$swroot/red/active") && ($proto eq 'http'))
- {
- $remote = IO::Socket::INET->new(
- PeerHost => $fqhn,
- PeerPort => 'http(80)',
- Timeout => 1
- );
- }
-
- if ($remote)
- {
- print $remote "HEAD $url HTTP/1.0\n";
- print $remote "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\n";
- print $remote "Host: $fqhn\n";
- print $remote "Accept: */*\n\n";
- while (<$remote>) { push(@response,$_); }
- close $remote;
- if ($response[0] =~ /^HTTP\/\d+\.\d+\s\d+\sOK\s*$/)
- {
- foreach (@response)
- {
- if (/^Last-Modified: /i)
- {
- s/^Last-Modified: //i;
- $lastmoddate=HTTP::Date::str2time($_);
- }
- }
- }
- }
- return $lastmoddate;
-}
-
-# -------------------------------------------------------------------
-
-sub getdownloadsize
-{
- my $remote=0;
- my @response=();
- my $contentlength=0;
-
- my $url = $_[0];
-
- $url =~ s@^(.*)://([^/]*)@@;
-
- my $proto = $1;
- my $fqhn = $2;
-
- if ((-e "$swroot/red/active") && ($proto eq 'http'))
- {
- $remote = IO::Socket::INET->new(
- PeerHost => $fqhn,
- PeerPort => 'http(80)',
- Timeout => 1
- );
- }
-
- if ($remote)
- {
- print $remote "HEAD $url HTTP/1.0\n";
- print $remote "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\n";
- print $remote "Host: $fqhn\n";
- print $remote "Accept: */*\n\n";
- while (<$remote>) { push(@response,$_); }
- close $remote;
- if ($response[0] =~ /^HTTP\/\d+\.\d+\s\d+\sOK\s*$/)
- {
- foreach (@response)
- {
- if (/^Content-Length: /i)
- {
- s/^Content-Length: //i;
- $contentlength=int($_);
- }
- }
- }
- }
- return $contentlength;
-}
-
-# -------------------------------------------------------------------
-
-sub writelog
-{
- open (LOGFILE,">>$logfile");
- my @now = localtime(time);
- printf LOGFILE "%02d:%02d:%02d %s\n",$now[2],$now[1],$now[0],$_[0];
- close LOGFILE;
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-#!/usr/bin/perl
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) 2006 marco.s
-#
-# $Id: download,v 1.0 2006/08/30 00:00:00 marco.s Exp $
-#
-
-use strict;
-
-my $logfile="/var/log/updatexlrator/download.log";
-my $debug = 0;
-my $updcachedir="/srv/web/ipfire/html/updatecache";
-my $updfile='';
-my @metadata=();
-
-my $sfOk="1";
-
-my $dsturl=@ARGV[0]; if ($dsturl eq '') { exit; }
-
-$dsturl =~ s@\%2f@/@ig;
-$updfile = substr($dsturl,rindex($dsturl,"/")+1);
-
-# ---------------------------------------------------------------
-# Retrieve file
-# ---------------------------------------------------------------
-
-if ($debug)
-{
- &writelog("Retrieving file for local cache: $updfile");
- `/usr/bin/wget -nc -nd -nv -P $updcachedir/download $dsturl >>$logfile 2>&1`;
-} else
-{
- `/usr/bin/wget -nc -nd -nv -P $updcachedir/download $dsturl 2>&1`;
-}
-
-if ($debug) { &writelog("Moving file into the cache directory -> \"$updcachedir/$updfile\""); }
-system("mv $updcachedir/download/$updfile $updcachedir");
-
-# ---------------------------------------------------------------
-# Write metadata
-# ---------------------------------------------------------------
-
-if ($debug) { &writelog("Writing metadata \"$updcachedir/metadata/$updfile\""); }
-
-open(FILE,"$updcachedir/metadata/$updfile");
-@metadata = <FILE>;
-close(FILE);
-chomp @metadata;
-$metadata[2]="$sfOk";
-$metadata[3]=time;
-open(FILE,">$updcachedir/metadata/$updfile");
-foreach (@metadata) { print FILE "$_\n"; }
-print FILE time."\n";
-close(FILE);
-
-# ===============================================================
-
-sub writelog
-{
- open (LOGFILE,">>$logfile");
- my @now = localtime(time);
- printf LOGFILE "%02d:%02d:%02d %s\n",$now[2],$now[1],$now[0],$_[0];
- close LOGFILE;
-}
-
-# ===============================================================
+++ /dev/null
-#!/usr/bin/perl
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) 2006 marco.s
-#
-# $Id: updxlrator,v 1.0 2006/10/03 00:00:00 marco.s Exp $
-#
-
-use strict;
-
-use IO::Socket;
-
-$|=1;
-
-my $swroot="/var/ipfire";
-my $updcachedir="/srv/web/ipfire/html/updatecache";
-my %netsettings=();
-my %xlratorsettings=();
-my $http_port="81";
-my $logfile="/var/log/updatexlrator/cache.log";
-my $logging=0;
-my $passive_mode=0;
-my $maxusage=0;
-my $nice='';
-my @tmp=();
-my $now='';
-my $request='';
-my $from_local_cache=0;
-my $dsturl='';
-my $hostaddr='';
-my $username='';
-my $method='';
-my @metadata=();
-
-my $sfNoSource = "0";
-my $sfOk = "1";
-my $sfOutdated = "2";
-
-unless (-d "$updcachedir/metadata")
-{
- unless (-d "$updcachedir") { mkdir "$updcachedir"; }
- mkdir "$updcachedir/metadata";
- system("chown nobody.squid $updcachedir");
- system("chmod 775 $updcachedir");
- system("chown nobody.squid $updcachedir/metadata");
- system("chmod 775 $updcachedir/metadata");
-}
-
-readhash("${swroot}/ethernet/settings", \%netsettings);
-
-if (-e "$swroot/updatexlrator/settings")
-{
- &readhash("$swroot/updatexlrator/settings", \%xlratorsettings);
- if ($xlratorsettings{'ENABLE_LOG'} eq 'on') { $logging=1; };
- if ($xlratorsettings{'PASSIVE_MODE'} eq 'on') { $passive_mode=1; };
- $maxusage=$xlratorsettings{'MAX_DISK_USAGE'};
- if ($xlratorsettings{'LOW_DOWNLOAD_PRIORITY'} eq 'on') { $nice='/bin/nice --adjustment=15 '; };
-}
-if (!$maxusage) { $maxusage=75; };
-
-
-while (<>) {
-
- $request=$_;
- $from_local_cache=0;
-
- @tmp=split(/ /,$request);
- chomp(@tmp);
-
- $dsturl =$tmp[0];
- $hostaddr=$tmp[1]; while ($hostaddr =~ /.*\/$/) { chop $hostaddr; }
- $username=$tmp[2]; if ($username eq '') { $username='-'; };
- $method =$tmp[3];
-
- if (($method eq 'GET') || ($method eq 'HEAD'))
- {
-
- # -----------------------------------------------------------
- # Section: Windows Update / Windows Downloads
- # -----------------------------------------------------------
-
- if (
- (($dsturl =~ m@^http://[^/]*\.microsoft\.com/.*\.(exe|psf|msi)$@i) ||
- ($dsturl =~ m@^http://[^/]*\.windowsupdate\.com/.*\.(exe|psf|cab)$@i))
- && ($dsturl !~ m@^http://[^/]*\.microsoft\.com/.*(/autoupd|selfupdate/).*\.cab@i)
- && ($dsturl !~ m@\&@)
- )
- {
- $from_local_cache = &cache_access($dsturl,$hostaddr,$username,"Microsoft");
- }
-
- # -----------------------------------------------------------
- # Section: Adobe Downloads
- # -----------------------------------------------------------
-
- if ($dsturl =~ m@^http://(ar)?download\.adobe\.com/.*\.(exe|bin|dmg|idx|gz)$@i)
- {
- $from_local_cache = &cache_access($dsturl,$hostaddr,$username,"Adobe");
- }
-
- # -----------------------------------------------------------
- # Section: Symantec Downloads
- # -----------------------------------------------------------
-
- if ($dsturl =~ m@^[f|h]t?tp://[^/]*\.symantec(liveupdate)?\.com/.*\.(exe|zip|xdb)$@i)
- {
- $from_local_cache = &cache_access($dsturl,$hostaddr,$username,"Symantec");
- }
-
- # -----------------------------------------------------------
- # Section: Avira Downloads
- # -----------------------------------------------------------
-
- if ($dsturl =~ m@^http://dl[0-9]\.avgate\.net/.*\.(htm|html|gz)$@i)
- {
- $from_local_cache = &cache_access($dsturl,$hostaddr,$username,"Avira");
- }
-
- # -----------------------------------------------------------
- # Section: Avast Downloads
- # -----------------------------------------------------------
-
- if ($dsturl =~ m@^http://download[0-99]\.avast\.com/.*\.(exe|zip|vps|stamp|vpu)$@i)
- {
- $from_local_cache = &cache_access($dsturl,$hostaddr,$username,"Avast");
- }
-
- # -----------------------------------------------------------
- # Section: IPFire Downloads
- # -----------------------------------------------------------
-
- if ($dsturl =~ m@^[f|h]t?tp://.*\.(ipfire)$@i)
- {
- $from_local_cache = &cache_access($dsturl,$hostaddr,$username,"IPFire");
- }
-
- # -----------------------------------------------------------
- # Section: Linux Downloads
- # -----------------------------------------------------------
-
- if ($dsturl =~ m@^[f|h]t?tp://.*\.(deb|rpm)$@i)
- {
- $from_local_cache = &cache_access($dsturl,$hostaddr,$username,"Linux");
- }
-
- # -----------------------------------------------------------
-
- # -----------------------------------------------------------
- # Section: Apple Downloads
- # -----------------------------------------------------------
-
- if ($dsturl =~ m@^[f|h]t?tp://swcdn\.apple.*\.(pkm|tar)$@i)
- {
- $from_local_cache = &cache_access($dsturl,$hostaddr,$username,"Apple");
- }
-
- # -----------------------------------------------------------
- # Section: Kaspersky Downloads
- # not working properly
- # -----------------------------------------------------------
-
- #if ($dsturl =~ m@^http://dnl-.*\.kaspersky-labs\.com\/(diffs|bases|AutoPatches).*$@i)
- #{
- #$from_local_cache = &cache_access($dsturl,$hostaddr,$username,"Kaspersky");
- #}
-
- # -----------------------------------------------------------
-
- }
-
- if ($from_local_cache) { $request="http://$netsettings{'GREEN_ADDRESS'}:$http_port/updatecache/".substr($dsturl,rindex($dsturl,"/")+1)." $hostaddr $username $method\n"; }
-
- print $request;
-}
-
-# -------------------------------------------------------------------
-
-sub readhash
-{
- my $filename = $_[0];
- my $hash = $_[1];
- my ($var, $val);
-
- if (-e $filename)
- {
- open(FILE, $filename) or die "Unable to read file $filename";
- while (<FILE>)
- {
- chop;
- ($var, $val) = split /=/, $_, 2;
- if ($var)
- {
- $val =~ s/^\'//g;
- $val =~ s/\'$//g;
-
- # Untaint variables read from hash
- $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
- $val =~ /([\w\W]*)/; $val = $1;
- $hash->{$var} = $val;
- }
- }
- close FILE;
- }
-}
-
-# -------------------------------------------------------------------
-
-sub writelog
-{
- open(LOGFILE,">>$logfile");
- print LOGFILE time." $_[0] $_[1] $_[2] $_[3] $_[4]\n";
- close(LOGFILE);
-}
-
-# -------------------------------------------------------------------
-
-sub diskfree
-{
- open(DF,"/bin/df --block-size=1 $_[0]|");
- while(<DF>)
- {
- unless ($_ =~ m/^Filesystem/ )
- {
- my ($device,$size,$used,$free,$percent,$mount) = split;
- if ($free =~ m/^(\d+)$/)
- {
- close DF;
- return $free;
- }
- }
- }
- close DF;
-}
-
-# -------------------------------------------------------------------
-
-sub diskusage
-{
- open(DF,"/bin/df $_[0]|");
- while(<DF>)
- {
- unless ($_ =~ m/^Filesystem/ )
- {
- my ($device,$size,$used,$free,$percent,$mount) = split;
- if ($percent =~ m/^(\d+)%$/)
- {
- close DF;
- $percent =~ s/%$//;
- return $percent;
- }
- }
- }
- close DF;
-}
-
-# -------------------------------------------------------------------
-
-sub getdownloadsize
-{
- my $remote=0;
- my @response=();
- my $contentlength=0;
-
- my $url = $_[0];
-
- $url =~ s@^(.*)://([^/]*)@@;
-
- my $proto = $1;
- my $fqhn = $2;
-
- if ((-e "$swroot/red/active") && ($proto eq 'http'))
- {
- $remote = IO::Socket::INET->new(
- PeerHost => $fqhn,
- PeerPort => 'http(80)',
- Timeout => 1
- );
- }
-
- if ($remote)
- {
- print $remote "HEAD $url HTTP/1.0\n";
- print $remote "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\n";
- print $remote "Host: $fqhn\n";
- print $remote "Accept: */*\n\n";
- while (<$remote>) { push(@response,$_); }
- close $remote;
- if ($response[0] =~ /^HTTP\/\d+\.\d+\s\d+\sOK\s*$/)
- {
- foreach (@response)
- {
- if (/^Content-Length: /i)
- {
- s/^Content-Length: //i;
- $contentlength=$_;
- }
- }
- }
- }
- return $contentlength;
-}
-
-# -------------------------------------------------------------------
-
-sub cache_access
-{
- my $updsource="UPDCACHE";
- my $updfile='';
- my $do_redirect=0;
-
- $_[0] =~ s@\%2f@/@ig;
- $updfile = substr($_[0],rindex($_[0],"/")+1);
-
- if (!-e "$updcachedir/metadata/$updfile")
- {
- open(FILE,">$updcachedir/metadata/$updfile");
- print FILE "$_[0]\n$_[3]\n$sfOutdated\n0\n";
- close(FILE);
- }
-
- if (-e "$updcachedir/$updfile")
- {
- open(FILE,">>$updcachedir/metadata/$updfile");
- print FILE time."\n";
- close(FILE);
- $do_redirect=1;
- }
- else
- {
- $updsource="DLSOURCE";
- if ((!$passive_mode) && (&diskusage($updcachedir) <= $maxusage) && (&getdownloadsize <= &diskfree($updcachedir)) && (!-e "$updcachedir/download/$updfile"))
- {
- system("$nice/var/ipfire/updatexlrator/bin/download $_[0] &");
- }
- }
-
- if ($logging) { &writelog($_[1],$_[2],$_[3],$updsource,$_[0]); }
-
- return $do_redirect;
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-#!/usr/bin/perl
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) 2004-2007 marco.s - http://www.urlfilter.net
-#
-# $Id: autoupdate.pl,v 1.1 2007/03/14 00:00:00 marco.s Exp $
-#
-use strict;
-
-my $make_clean = 1;
-
-my $swroot = "/var/ipfire";
-my $target = "$swroot/urlfilter/download";
-my $tempdb = "$target/blacklists";
-my $dbdir = "$swroot/urlfilter/blacklists";
-
-my $sourceurlfile = "$swroot/urlfilter/autoupdate/autoupdate.urls";
-my $updconffile = "$swroot/urlfilter/autoupdate/autoupdate.conf";
-my $updflagfile = "$swroot/urlfilter/blacklists/.autoupdate.last";
-
-my %cgiparams;
-my %updatesettings;
-my $blacklist_url;
-my $blacklist_src;
-my $source_url;
-my $source_name;
-my @source_urllist;
-
-my @categories;
-my $blacklist;
-my $category;
-
-my $exitcode = 1;
-
-if (-e "$sourceurlfile")
-{
- open(FILE, $sourceurlfile);
- @source_urllist = <FILE>;
- close(FILE);
-}
-
-if (-e "$updconffile") { &readhash("$updconffile", \%updatesettings); }
-
-if (@ARGV[0] =~ m@^(f|h)tt?ps?://@) { $updatesettings{'UPDATE_SOURCE'} = @ARGV[0]; }
-
-if ($updatesettings{'UPDATE_SOURCE'} eq 'custom')
-{
- $blacklist_url=$updatesettings{'CUSTOM_UPDATE_URL'};
-} else {
- $blacklist_url=$updatesettings{'UPDATE_SOURCE'};
- foreach (@source_urllist)
- {
- chomp;
- $source_name = substr($_,0,rindex($_,","));
- $source_url = substr($_,index($_,",")+1);
- if ($blacklist_url eq $source_url) { $blacklist_src=$source_name; }
- }
-}
-
-if ($blacklist_src eq '') { $blacklist_src="custom source URL"; }
-
-$blacklist_url =~ s/\&/\\\&/;
-
-$blacklist=substr($blacklist_url,rindex($blacklist_url,"/")+1);
-if (($blacklist =~ /\?/) || (!($blacklist =~ /\.t(ar\.)?gz$/))) { $blacklist = 'blacklist.tar.gz'; }
-$blacklist=$target.'/'.$blacklist;
-
-unless ($blacklist_url eq '')
-{
-
- if (-d $target) { system("rm -rf $target"); }
- system("mkdir $target");
-
- system("/usr/bin/wget -o $target/wget.log -O $blacklist $blacklist_url");
-
- if (-e $blacklist)
- {
- system("/bin/tar --no-same-owner -xzf $blacklist -C $target");
- if (-d "$target/BL") { system ("mv $target/BL $target/blacklists"); }
- if (-d "$tempdb")
- {
- undef(@categories);
- &getblockcategory ($tempdb);
- foreach (@categories) { $_ = substr($_,length($tempdb)+1); }
-
- open(FILE, ">$target/update.conf");
- flock FILE, 2;
- print FILE "logdir $target\n";
- print FILE "dbhome $tempdb\n\n";
-
- foreach $category (@categories) {
- $blacklist = $category;
- $category =~ s/\//_/g;
- print FILE "dest $category {\n";
- if (-s "$tempdb/$blacklist/domains") {
- print FILE " domainlist $blacklist\/domains\n";
- }
- if (-s "$tempdb/$blacklist/urls") {
- print FILE " urllist $blacklist\/urls\n";
- }
- print FILE "}\n\n";
- $category = $blacklist;
- }
-
- print FILE "acl {\n";
- print FILE " default {\n";
- print FILE " pass none\n";
- print FILE " }\n";
- print FILE "}\n";
- close FILE;
-
- system("/usr/sbin/squidGuard -d -c $target/update.conf -C all");
-
- system("cp -r $target/blacklists/* $dbdir");
-
- system("chown -R nobody.nobody $dbdir");
-
- &setpermissions ($dbdir);
-
- system("touch $updflagfile");
- system("chown nobody.nobody $updflagfile");
-
- system("/usr/local/bin/restartsquid");
-
- system("logger -t installpackage[urlfilter] \"URL filter blacklist - Update from $blacklist_src completed\"");
-
- $exitcode = 0;
-
- } else {
- system("logger -t installpackage[urlfilter] \"URL filter blacklist - ERROR: Not a valid URL filter blacklist\"");
- }
- } else {
- system("logger -t installpackage[urlfilter] \"URL filter blacklist - ERROR: Unable to retrieve blacklist from $blacklist_src\"");
- }
-
-} else {
- system("logger -t installpackage[urlfilter] \"URL filter blacklist - ERROR: No update source defined\"");
-}
-
-if ((-d $target) && ($make_clean)) { system("rm -rf $target"); }
-
-exit $exitcode;
-
-# -------------------------------------------------------------------
-
-sub readhash
-{
- my $filename = $_[0];
- my $hash = $_[1];
- my ($var, $val);
-
- if (-e $filename)
- {
- open(FILE, $filename) or die "Unable to read file $filename";
- while (<FILE>)
- {
- chop;
- ($var, $val) = split /=/, $_, 2;
- if ($var)
- {
- $val =~ s/^\'//g;
- $val =~ s/\'$//g;
-
- # Untaint variables read from hash
- $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
- $val =~ /([\w\W]*)/; $val = $1;
- $hash->{$var} = $val;
- }
- }
- close FILE;
- }
-}
-
-# -------------------------------------------------------------------
-
-sub getblockcategory
-{
- foreach $category (<$_[0]/*>)
- {
- if (-d $category)
- {
- if ((-s "$category/domains") || (-s "$category/urls"))
- {
- unless ($category =~ /\bcustom\b/) { push(@categories,$category); }
- }
- &getblockcategory ($category);
- }
- }
-}
-
-# -------------------------------------------------------------------
-
-sub setpermissions
-{
- my $bldir = $_[0];
-
- foreach $category (<$bldir/*>)
- {
- if (-d $category){
- system("chmod 755 $category &> /dev/null");
- foreach $blacklist (<$category/*>)
- {
- if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
- if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
- }
- system("chmod 666 $category/*.db &> /dev/null");
- &setpermissions ($category);
- }
- }
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-Shalla Secure Services,http://squidguard.shalla.de/Downloads/shallalist.tar.gz
-MESD,http://squidguard.mesd.k12.or.us/blacklists.tgz
-Univ. Toulouse,ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib/blacklists.tar.gz
+++ /dev/null
-#!/usr/bin/perl
-
-$swroot="/var/ipfire";
-$logdir="/var/log/squidGuard";
-$dbdir="/var/ipfire/urlfilter/blacklists";
-
-print "Creating configuration file ";
-foreach $blacklist (<$dbdir/*>)
-{
- if (-d $blacklist)
- {
- $lastslashpos = rindex($blacklist,"/");
- $section = substr($blacklist,$lastslashpos+1);
- push(@categories,$section);
- }
-}
-open(FILE, ">$swroot/urlfilter/squidGuard.conf");
-print FILE "logdir $logdir\n";
-print FILE "dbhome $dbdir\n\n";
-foreach $category (@categories)
-{
- print FILE "dest $category {\n";
- if (-e "$dbdir/$category/domains") {
- print FILE " domainlist $category\/domains\n";
- }
- if (-e "$dbdir/$category/urls") {
- print FILE " urllist $category\/urls\n";
- }
- print FILE "}\n\n";
-}
-print FILE "acl {\n";
-print FILE " default {\n";
-print FILE " pass all\n";
-print FILE " }\n";
-print FILE "}\n";
-close FILE;
-print "\n";
-
-print "Building blacklist databases ";
-system("$swroot/urlfilter/bin/prebuild.pl");
-print "\n";
-
-print "Creating custom directories ";
-mkdir("$dbdir/custom");
-mkdir("$dbdir/custom/allowed");
-mkdir("$dbdir/custom/blocked");
-system("touch $dbdir/custom/allowed/domains");
-system("touch $dbdir/custom/allowed/urls");
-system("touch $dbdir/custom/blocked/domains");
-system("touch $dbdir/custom/blocked/urls");
-print "\n";
-
-exit
+++ /dev/null
-#!/usr/bin/perl
-#
-# This code is distributed under the terms of the GPL
-#
-# (c) written from scratch
-#
-
-$dbdir="/var/ipfire/urlfilter/blacklists";
-
-system("/usr/bin/squidGuard -C all");
-
-if (-e "$dbdir/custom/allowed/domains.db") { unlink("$dbdir/custom/allowed/domains.db"); }
-if (-e "$dbdir/custom/allowed/urls.db") { unlink("$dbdir/custom/allowed/urls.db"); }
-if (-e "$dbdir/custom/blocked/domains.db") { unlink("$dbdir/custom/blocked/domains.db"); }
-if (-e "$dbdir/custom/blocked/urls.db") { unlink("$dbdir/custom/blocked/urls.db"); }
-
-system("chown -R nobody.nobody $dbdir");
-
-&setpermissions ($dbdir);
-
-# -------------------------------------------------------------------
-
-sub setpermissions
-{
- my $bldir = $_[0];
-
- foreach $category (<$bldir/*>)
- {
- if (-d $category){
- system("chmod 755 $category &> /dev/null");
- foreach $blacklist (<$category/*>)
- {
- if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
- if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
- }
- system("chmod 666 $category/*.db &> /dev/null");
- &setpermissions ($category);
- }
- }
-}
-
-# -------------------------------------------------------------------
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-# Based on Steffen Schoch (sschoch@users.sourceforge.net) #
-# #
-###############################################################################
-
-use strict;
-use IPC::Open2;
-use IO::Handle;
-
-# define here your redirectors (use a comma sperated list)
-my $redirectors = [ '/usr/bin/squidGuard', '/usr/sbin/updxlrator' ];
-
-# Attention: keep in mind that the order of your redirectors is important.
-# It doesn't make sense to scan for viruses on pages you restrict access to...
-# So place first your tools which restrict access, then the tools which do the
-# content filtering!
-
-
-##### no need to change anything below this line #####
-
-# init
-$| = 1;
-STDOUT->autoflush(1);
-my $line;
-my $return;
-my $i;
-
-# open progamms
-my $pidlist = [];
-my $rlist = [];
-my $wlist = [];
-for($i = 0; $i < @$redirectors; $i++) {
- $pidlist->[$i] = open2($rlist->[$i], $wlist->[$i], $redirectors->[$i]);
-}
-
-# wait for data...
-while($line = <>) {
- for($i = 0; $i < @$redirectors; $i++) {
- $wlist->[$i]->print($line);
- $return = $rlist->[$i]->getline;
- last if($return ne "\n" and $return ne $line);
- # break if redirector changes data
- }
- print $return;
-}
-exit 0;
+++ /dev/null
-logdir /var/log/squidGuard
-dbhome /var/ipfire/urlfilter/blacklists
-
-acl {
- default {
- pass all
- }
-}
+++ /dev/null
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-###############################################################################
-# Definitions
-###############################################################################
-
-include Config
-
-VER = ipfire
-
-THISAPP = initrd
-DIR_APP = $(DIR_SRC)/$(THISAPP)
-TARGET = $(DIR_INFO)/$(THISAPP)
-
-###############################################################################
-# Top-level Rules
-###############################################################################
-
-install : $(TARGET)
-
-check :
-
-download :
-
-md5 :
-
-###############################################################################
-# Installation Details
-###############################################################################
-
-$(TARGET) :
- @$(PREBUILD)
- rm -f /install/images/initrd
-
- # Finish up initrd directory
- -mkdir -p /install/initrd/{dev,etc,mnt,root,lib/modules/$(KVER)-ipfire/kernel/drivers,cdrom,dev,harddisk,proc,tmp,usr/share/terminfo/l,var/run,sys} && \
- cd /install/initrd/etc && rm -f fstab
- cp -aRf $(DIR_SRC)/config/install/* /install/initrd/etc/
- rm -rf /install/initrd/etc{,/udev,/udev/rules.d}/.svn
- rm -rf /install/initrd/usr/share/man
- chmod 755 /install/initrd/etc/halt /install/initrd/etc/rc
- cp -f /usr/share/terminfo/l/linux /install/initrd/usr/share/terminfo/l
-
- # make new dependencies
- depmod -a -F /boot/System.map-$(KVER)-ipfire $(KVER)-ipfire
- depmod -a -F /boot/System.map-$(KVER)-ipfire-smp $(KVER)-ipfire-smp
-
- cp -a /lib/modules/$(KVER)-ipfire/ /install/initrd/lib/modules/
- rm -rf /install/initrd/lib/modules/$(KVER)-ipfire/{build,source,misc/*,kernel/{crypro,sound,net}} \
- /install/initrd/lib/modules/$(KVER)-ipfire/kernel/drivers/message/fusion/mptlan*
-
- cp /opt/$(MACHINE)-uClibc/lib/libgcc_s.so.1 /install/initrd/lib/
-
- cd /install/initrd/lib/ && ln -sf libgcc_s.so.1 libgcc_s.so
-
- -mkdir -p /install/{images,mnt}
- rm -rf /install/mnt/*
-
- cp -aR /install/initrd/* /install/mnt
-
- # make new dependencies
- depmod -a -F /boot/System.map-$(KVER)-ipfire $(KVER)-ipfire
-
- mksquashfs /install/initrd /install/images/initrd
- cd /install/initrd && find ./ -ls > $(DIR_INFO)/_build.initrd.log
-
- @$(POSTBUILD)
install -d -m 755 /etc/rc.d/init.d/networking
install -d -m 755 /etc/rc.d/init.d/networking/red.up
install -d -m 755 /etc/rc.d/init.d/networking/red.down
- install -d -m 755 /etc/rc.d/helper
install -d -m 755 /etc/sysconfig
-rm -rf /etc/init.d
ln -svf rc.d/init.d /etc/init.d
done
chmod -v 755 /etc/sysconfig/{firewall,rc}.local
- for i in $(DIR_SRC)/src/initscripts/helper/*; do \
- install -v -m 755 $$i /etc/rc.d/helper/; \
- done
-
ln -sf ../init.d/sysklogd /etc/rc.d/rc0.d/K90sysklogd
ln -sf ../init.d/sendsignals /etc/rc.d/rc0.d/S60sendsignals
ln -sf ../init.d/localnet /etc/rc.d/rc0.d/S70localnet
@$(PREBUILD)
# Create all directories
- for i in addon-lang auth backup ca certs connscheduler crls ddns dhcp dhcpc dmzholes \
- ethernet extrahd/bin fwlogs isdn key logging main mbmon menu.d modem net-traffic \
- net-traffic/templates nfs optionsfw outgoing/bin patches pakfire portfw \
- ppp private proxy/advanced/cre proxy/calamaris/bin qos/bin red remote snort time tripwire/report \
- updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/bin upnp vpn \
- wakeonlan wireless xtaccess ; do \
- mkdir -p $(CONFIG_ROOT)/$$i; \
+ for i in auth ca certs crls; do \
+ mkdir -p $(CONFIG_ROOT)/$$i; \
done
# Touch empty files
- for i in auth/users backup/include.user backup/exclude.user \
- certs/index.txt ddns/config ddns/noipsettings ddns/settings ddns/ipcache dhcp/settings \
- dhcp/fixleases dhcp/advoptions dmzholes/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/scanned_nics \
- extrahd/scan extrahd/devices extrahd/partitions extrahd/settings fwlogs/ipsettings fwlogs/portsettings \
- isdn/settings main/hosts main/settings net-traffic/settings optionsfw/settings outgoing/settings outgoing/rules pakfire/settings \
- portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
- ppp/settings-5 ppp/settings proxy/settings proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
- qos/tosconfig snort/settings tripwire/settings upnp/settings vpn/config vpn/settings vpn/ipsec.conf \
- vpn/ipsec.secrets vpn/caconfig wakeonlan/clients.conf wireless/config wireless/settings; do \
- touch $(CONFIG_ROOT)/$$i; \
+ for i in auth/users certs/index.txt; do \
+ touch $(CONFIG_ROOT)/$$i; \
done
-
- # Copy initial configfiles
- cp $(DIR_SRC)/config/cfgroot/header.pl $(CONFIG_ROOT)/
- cp $(DIR_SRC)/config/cfgroot/general-functions.pl $(CONFIG_ROOT)/
- cp $(DIR_SRC)/config/cfgroot/lang.pl $(CONFIG_ROOT)/
- cp $(DIR_SRC)/config/cfgroot/countries.pl $(CONFIG_ROOT)/
- cp $(DIR_SRC)/config/cfgroot/graphs.pl $(CONFIG_ROOT)/
- cp $(DIR_SRC)/config/cfgroot/advoptions-list $(CONFIG_ROOT)/dhcp/advoptions-list
- cp $(DIR_SRC)/config/cfgroot/connscheduler-lib.pl $(CONFIG_ROOT)/connscheduler/lib.pl
- cp $(DIR_SRC)/config/cfgroot/connscheduler.conf $(CONFIG_ROOT)/connscheduler
- cp $(DIR_SRC)/config/extrahd/* $(CONFIG_ROOT)/extrahd/bin/
- cp $(DIR_SRC)/config/cfgroot/mbmon-settings $(CONFIG_ROOT)/mbmon/settings
- cp $(DIR_SRC)/config/menu/* $(CONFIG_ROOT)/menu.d/
- cp $(DIR_SRC)/config/cfgroot/modem-defaults $(CONFIG_ROOT)/modem/defaults
- cp $(DIR_SRC)/config/cfgroot/modem-settings $(CONFIG_ROOT)/modem/settings
- cp $(DIR_SRC)/config/cfgroot/net-traffic-lib.pl $(CONFIG_ROOT)/net-traffic/net-traffic-lib.pl
- cp $(DIR_SRC)/config/cfgroot/net-traffic-admin.pl $(CONFIG_ROOT)/net-traffic/net-traffic-admin.pl
- cp $(DIR_SRC)/config/cfgroot/nfs-server $(CONFIG_ROOT)/nfs/nfs-server
- cp $(DIR_SRC)/config/cfgroot/p2protocols $(CONFIG_ROOT)/outgoing/p2protocols
- cp $(DIR_SRC)/config/outgoingfw/outgoingfw.pl $(CONFIG_ROOT)/outgoing/bin/
- cp $(DIR_SRC)/config/outgoingfw/defaultservices $(CONFIG_ROOT)/outgoing/
- cp $(DIR_SRC)/config/cfgroot/proxy-acl $(CONFIG_ROOT)/proxy/acl-1.4
- cp $(DIR_SRC)/config/qos/* $(CONFIG_ROOT)/qos/bin/
- cp $(DIR_SRC)/config/cfgroot/ssh-settings $(CONFIG_ROOT)/remote/settings
- cp $(DIR_SRC)/config/cfgroot/xtaccess-config $(CONFIG_ROOT)/xtaccess/config
- cp $(DIR_SRC)/config/cfgroot/time-settings $(CONFIG_ROOT)/time/settings
- cp $(DIR_SRC)/config/cfgroot/logging-settings $(CONFIG_ROOT)/logging/settings
- cp $(DIR_SRC)/config/cfgroot/useragents $(CONFIG_ROOT)/proxy/advanced
-
+
# Oneliner configfiles
- echo "ENABLED=off" > $(CONFIG_ROOT)/vpn/settings
- echo "VPN_DELAYED_START=0" >>$(CONFIG_ROOT)/vpn/settings
echo "01" > $(CONFIG_ROOT)/certs/serial
- echo "nameserver 1.2.3.4" > $(CONFIG_ROOT)/ppp/fake-resolv.conf
- echo "DISABLEPING=NO" > $(CONFIG_ROOT)/optionsfw/settings
-
- # Modify variables in header.pl
- sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
- -e "s+VERSION+$(VERSION)+g" \
- $(CONFIG_ROOT)/header.pl
-
- # Modify variables in general-functions.pl
- sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
- -e "s+VERSION+$(VERSION)+g" \
- $(CONFIG_ROOT)/general-functions.pl
-
- # Modify CONFIG_ROOT in lang.pl
- sed -i -e "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" \
- $(CONFIG_ROOT)/lang.pl
-
+
# Configroot permissions
chown -R nobody:nobody $(CONFIG_ROOT)
chown root:root $(CONFIG_ROOT)
- for i in backup/ header.pl general-functions.pl lang.pl addon-lang/ red/ ; do \
- chown -R root:root $(CONFIG_ROOT)/$$i; \
- done
- chown root:nobody $(CONFIG_ROOT)/dhcpc
@$(POSTBUILD)
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-require '/var/ipfire/general-functions.pl';
-
-my $count = $ARGV[0];
-my ($dhcp, $dns, @alldns, %dhcpc);
-
-if ($count eq "" || $count < 1) {
- die "Bad DNS number given"; }
-
-if (open(FILE, "${General::swroot}/red/iface")) {
- my $iface = <FILE>;
- close FILE;
- chomp ($iface);
- if (!&General::readhash("${General::swroot}/dhcpc/dhcpcd-$iface.info", \%dhcpc)) {
- die "Could not open dhcpc info file";
- }
-} else {
- die "Could not open interface file";
-}
-
-
-$dns = $dhcpc{'DNS'};
-
-@alldns = split(',', $dns);
-
-print "$alldns[$count - 1]\n";
+++ /dev/null
-#!/usr/bin/perl
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-use strict;
-require '/var/ipfire/general-functions.pl';
-
-my %settings;
-my $iface;
-
-General::readhash("${General::swroot}/ethernet/settings", \%settings);
-
-if (!open(FILE, '>/etc/ipac-ng/rules.conf')) {
- die "Unable to create /etc/ipac-ng/rules.conf"; }
-
-if (open(IFACE, "${General::swroot}/red/iface"))
-{
- $iface = <IFACE>;
- close IFACE;
- chomp ($iface);
-}
-
-print FILE "incoming GREEN ($settings{'GREEN_DEV'})|ipac~o|$settings{'GREEN_DEV'}|all|||\n";
-print FILE "outgoing GREEN ($settings{'GREEN_DEV'})|ipac~i|$settings{'GREEN_DEV'}|all|||\n";
-print FILE "forwarded incoming GREEN ($settings{'GREEN_DEV'})|ipac~fi|$settings{'GREEN_DEV'}|all|||\n";
-print FILE "forwarded outgoing GREEN ($settings{'GREEN_DEV'})|ipac~fo|$settings{'GREEN_DEV'}|all|||\n";
-
-if ($settings{'CONFIG_TYPE'} =~ /^(2|4)$/ )
-{
- print FILE "incoming ORANGE ($settings{'ORANGE_DEV'})|ipac~o|$settings{'ORANGE_DEV'}|all|||\n";
- print FILE "outgoing ORANGE ($settings{'ORANGE_DEV'})|ipac~i|$settings{'ORANGE_DEV'}|all|||\n";
- print FILE "forwarded incoming ORANGE ($settings{'ORANGE_DEV'})|ipac~fi|$settings{'ORANGE_DEV'}|all|||\n";
- print FILE "forwarded outgoing ORANGE ($settings{'ORANGE_DEV'})|ipac~fo|$settings{'ORANGE_DEV'}|all|||\n";
-}
-
-if ($settings{'CONFIG_TYPE'} =~ /^(3|4)$/ )
-{
- print FILE "incoming BLUE ($settings{'BLUE_DEV'})|ipac~o|$settings{'BLUE_DEV'}|all|||\n";
- print FILE "outgoing BLUE ($settings{'BLUE_DEV'})|ipac~i|$settings{'BLUE_DEV'}|all|||\n";
- print FILE "forwarded incoming BLUE ($settings{'BLUE_DEV'})|ipac~fi|$settings{'BLUE_DEV'}|all|||\n";
- print FILE "forwarded outgoing BLUE ($settings{'BLUE_DEV'})|ipac~fo|$settings{'BLUE_DEV'}|all|||\n";
-}
-if ($iface) {
- print FILE "incoming RED ($iface)|ipac~o|$iface|all|||\n";
- print FILE "outgoing RED ($iface)|ipac~i|$iface|all|||\n";
- print FILE "forwarded incoming RED ($iface)|ipac~fi|$iface|all|||\n";
- print FILE "forwarded outgoing RED ($iface)|ipac~fo|$iface|all|||\n";
-}
-
-close FILE;
+++ /dev/null
-#!/bin/sh
-########################################################################
-# Begin $rc_base/init.d/applejuice
-#
-# Description : Applejuice Init script
-#
-# Authors : Michael Tremer - www.ipfire.org
-#
-# Version : 01.00
-#
-# Notes :
-#
-########################################################################
-
-. /etc/sysconfig/rc
-. ${rc_functions}
-eval $(/usr/local/bin/readhash /var/ipfire/applejuice/settings)
-
-
-case "${1}" in
- start)
- boot_mesg "Starting Applejuice Core..."
- cd /opt/applejuice
- screen -dmS ajcore /usr/bin/java -Xmx${RAMSIZE} -Djava.library.path=. -jar ajcore.jar
- evaluate_retval
- ;;
-
- stop)
- boot_mesg "Stopping Applejuice Core..."
- killproc /usr/bin/java
- ;;
-
- restart)
- ${0} stop
- sleep 1
- ${0} start
- ;;
-
- status)
- statusproc /usr/bin/java
- ;;
-
- core)
- screen -x ajcore
- ;;
-
- *)
- echo "Usage: ${0} {start|stop|restart|status|core}"
- exit 1
- ;;
-esac
-
-# End $rc_base/init.d/applejuice
+++ /dev/null
-#!/bin/sh
-# Begin $rc_base/init.d/mysql
-
-# Based on sysklogd script from LFS-3.1 and earlier.
-# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
-
-#$LastChangedBy: bdubbs $
-#$Date: 2005-08-01 14:29:19 -0500 (Mon, 01 Aug 2005) $
-
-. /etc/sysconfig/rc
-. $rc_functions
-
-PIDFILE=/srv/mysql/`/bin/hostname`.pid
-KILLDELAY=20
-
-case "$1" in
- start)
- boot_mesg -n "Starting MySQL daemon..."
- failure=0
- if [ -f "$PIDFILE" ]
- then
- if /bin/ps p `cat $PIDFILE` | grep mysqld >/dev/null
- then
- boot_mesg "mysqld already running!" ${WARNING}
- echo_warning
- exit 0
- else
- rm -f "$PIDFILE"
- if [ -f "$PIDFILE" ]
- then
- failure=1
- fi
- fi
- fi
- if [ "$failure" = "1" ]
- then
- echo ""
- echo_failure
- else
- echo ""
- /usr/bin/mysqld_safe --user=mysql 2>&1 >/dev/null &
- evaluate_retval
- fi
- ;;
-
- stop)
- boot_mesg -n "Stopping MySQL daemon..."
- if [ -e "$PIDFILE" ]
- then
- echo ""
- killproc -p ${PIDFILE} /usr/bin/mysqld_safe
- else
- boot_mesg "mysqld not running!" ${WARNING}
- echo_warning
- if [ -e "$PIDFILE" ]
- then
- rm -f $PIDFILE
- fi
- fi
- ;;
-
- restart)
- $0 stop
- sleep 1
- $0 start
- ;;
-
- status)
- statusproc /usr/sbin/mysqld
- ;;
-
- *)
- echo "Usage: $0 {start|stop|restart|status}"
- exit 1
- ;;
-esac
-
-# End $rc_base/init.d/mysql
+++ /dev/null
-#!/bin/sh
-# Begin $rc_base/init.d/xinetd
-
-# Based on sysklogd script from LFS-3.1 and earlier.
-# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
-
-#$LastChangedBy: bdubbs $
-#$Date: 2005-08-01 14:29:19 -0500 (Mon, 01 Aug 2005) $
-
-. /etc/sysconfig/rc
-. $rc_functions
-
-case "$1" in
- start)
- boot_mesg "Starting xinetd..."
- loadproc /usr/sbin/xinetd
- ;;
-
- stop)
- boot_mesg "Stopping xinetd..."
- killproc /usr/sbin/xinetd
- ;;
-
- reload)
- boot_mesg "Reloading xinetd..."
- reloadproc /usr/sbin/xinetd
- ;;
-
- restart)
- $0 stop
- sleep 1
- $0 start
- ;;
-
- status)
- statusproc /usr/sbin/xinetd
- ;;
-
- *)
- echo "Usage: $0 {start|stop|reload|restart|status}"
- exit 1
- ;;
-esac
-
-# End $rc_base/init.d/xinetd
+++ /dev/null
-diff -Naur cyrus-imapd-2.2.12/README.autocreate cyrus-imapd-2.2.12.autocreate2/README.autocreate
---- cyrus-imapd-2.2.12/README.autocreate 1970-01-01 02:00:00.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/README.autocreate 2005-10-19 14:48:57.930991000 +0300
-@@ -0,0 +1,181 @@
-+Cyrus IMAP autocreate Inbox patch
-+----------------------------------
-+
-+NOTE : This patch has been created at the University of Athens. For more info, as well
-+as more patches on Cyrus IMAPD server, please visit http://email.uoa.gr
-+
-+The design of Cyrus IMAP server does not predict the automatic creation of users'
-+INBOX folders. The creation of a user's INBOX is considered to be an external task,
-+that has to be completed as part of the user e-mail account creation procedure.
-+Hence, to create a new e-mail account the site administrator has to
-+a) Include the new account in the user database for the authentication procedure
-+ (e.g. sasldb, shadow, mysql, ldap).
-+b) Create the corresponding INBOX folder.
-+
-+Alternatively, the user, if succesfully authenticated, may create his own INBOX folder,
-+as long as the configuration of the site allows it (see "autocreatequota" in imapd.conf).
-+Unlike what uncareful readers may think, enabling the "autocreatequota" option, doesn't
-+lead to the automatic INBOX folder creation by Cyrus IMAP server.
-+In fact, "autocreate" means that the IMAP clients are allowed to automatically create
-+the user INBOX.
-+
-+This patch adds the functionality of automatic creation of the users' INBOX folders into
-+the Cyrus IMAP server. It is implemented as two features, namely the "create on login"
-+and "create on post".
-+
-+
-+
-+Create on login
-+===============
-+This feauture provides automatic creation of a user's INBOX folder when all of the
-+following requirements are met:
-+
-+i) The user has succesfully passed the authentication procedure.
-+
-+ii) The user's authorization ID (typically the same as the user's
-+authentication ID) doesn't belong to the imap_admins or admins
-+accounts (see imapd.conf).
-+
-+iii) The "autocreatequota" option in the imap configuration file
-+has been set to a non zero value.
-+
-+iv) The corresponding to the user's authorizationID INBOX folder
-+does not exist.
-+
-+The user's first login is the most typical case when all four requirements are met.
-+Note that if the authenticatedID is allowed to proxy to another account for which
-+all of the above requirements are met, the corresponding INBOX folder for that account
-+will be created.
-+
-+
-+
-+Create on post
-+==============
-+This feauture provides automatic creation of a user's INBOX folder when all of the
-+following requirements are met.
-+
-+i) An e-mail message addressed to the user has been received.
-+
-+ii) The recipient is not any of the imap_admins or admins accounts.
-+Note that passing e-mails to admins or imap_admins accounts from
-+the MTA to LMTP should be avoided in any case.
-+
-+iii) The recipient's INBOX does not exist.
-+
-+iv) The "autocreatequota" option in the imap configuration file
-+has been set to a non zero value.
-+
-+v) The "createonpost" option in the imap configuration file
-+has been switched on.
-+
-+
-+Besides the automatic creation of INBOX folder, additional functionalities are
-+provided:
-+
-+A) Automatic creation of INBOX subfolders controlled by "autocreateinboxfolders"
-+configuration option. eg
-+
-+autocreateinboxfolders: sent|drafts|spam|templates
-+
-+B) Automatic subscription of INBOX subfolders controlled by "autosubscribeinboxfolders"
-+configuration option. eg
-+
-+autosubscribeinboxfolders: sent|spam
-+
-+Obviously, only subscription to subfolders included in the "autocreateinboxfolder"
-+list is meaningfull.
-+
-+C) Automatic subscription to shared folders (bulletin boards). The user gets
-+automatically subscribed to the shared folders declared in the "autosubscribesharedfolders"
-+configuration option in imapd.conf.
-+eg autosubscribesharedfolders: public_folder | public_folder.subfolder
-+
-+In order the above action to succeed, the shared folder has to pre-exist the INBOX creation
-+and the user must have the apropriate permissions in order to be able to subscribe to the
-+shared folder.
-+
-+* A new config option has been added. 'autosubscribe_all_sharedfolders' is a yes/no
-+option. When set to yes, the user is automatically subscribed to all shared folders one
-+has permission to subscribe to. Please, note that when this option is set to yes, then
-+'autosubscribesharedfolders' option is overriden.
-+
-+D) Automatic creation of a predefined default sieve script.
-+
-+This is very useful when a default sieve script is used for every user. Usually, a
-+default anti-spam script may me be written in a file and copied to each user
-+sieve scripts upon the INBOX creation. The imapd.conf options that have been added
-+are 'autocreate_sieve_script', 'autocreate_sieve_compiledscript' and
-+'generate_compiled_sieve_script'.
-+
-+autocreate_sieve_script configuration option refers to the full path of the file
-+that contains the sieve script. The default value is null and if no file is defined,
-+then no default script is created upon INBOX creation. (The feature is disabled)
-+eg autocreate_sieve_script: /etc/default_sieve_script
-+
-+autocreate_sieve_compiledscript configuration option refers to the full path of the
-+file that contains the bytecode compiled sieve script. If this filename is defined
-+in imapd.conf and the file exists, then it is automatically copied in the user's sieve
-+directory. If it is not defined, then a bytecode sieve script gets on the fly compiled
-+by the daemon.
-+eg autocreate_sieve_compiledscript: /etc/default_sieve_script.bc
-+
-+generate_compiled_sieve_script is a boolean option that triggers the compilation of the
-+source sieve script to bytecode sieve script. The file that the bytecode script will
-+be saved is pointed by autocreate_sieve_compiledscript.
-+
-+Ways of compiling a sieve script :
-+1. Compile a sieve script using the standard sievec utility, distributed by CMU
-+2. Compile a sieve script using the compile_sieve utility, released by UoA. This
-+ tool is almost identical to the sievec utility, with the difference that it
-+ reads the input and output file from autocreate_sieve_script and
-+ autocreate_sieve_compiledscript options in imapd.conf
-+3. Let cyrus create a compiled sieve script using a source script. Cyrus can be
-+ instructed to save the compiled script any time a compiled script does not exist.
-+
-+NOTES :
-+1. In order this functionality to work, the following requirements must have been met:
-+ - 'sieveusehomedir' option must be 'no' in the configuration (default).
-+ - 'sievedir' option must have a valid value.
-+2. Currently, this patch checks the validity of the source script while generating a
-+ bytecode compiled script, but not the validity of the bytecode sieve script file.
-+ The administrator should make sure that the provided files contain a valid sieve
-+ script as well as the compiled script is updated every time the source script changes.
-+
-+
-+
-+Issues to be considered
-+=======================
-+
-+I) In order to use the create on post feauture one should be absolutely sure that:
-+a) The MTA checks the validity of the e-mail recipient before sending the e-mail to
-+LMTP. This is an RFC821 requirement. This usually expands to "the mta should be
-+able to use the account database as user mailbox database".
-+b) Only authorized accounts/services can talk to LMTP.
-+
-+II) Especially in the case of imap logins, the current patch implementation checks
-+for the INBOX folder existence upon login, causing an extra mailbox lookup in most
-+of the cases.
-+A better approach would be to chase the "IMAP_MAILBOX_NONEXISTENT" error code and
-+check if the error is associated with an INBOX folder. However, this would mess up
-+Cyrus code. The way it was implemented may not have been the most performance
-+optimized, but it produces a much cleaner and simple patch.
-+
-+
-+
-+Virtual Domains Support
-+=======================
-+
-+Virtual domains are supported by all versions of the patch for cyrus-imapd-2.2.1-BETA and
-+later. However, it is not possible to declare different INBOX subfolders to be created or
-+shared folders to be subscribed to for every domain.
-+
-+
-+
-+Things to be done
-+=================
-+
-+1. Support MURDER architecture.
-+
-+
-+For more information and updates please visit http://email.uoa.gr/autocreate
-+
-diff -Naur cyrus-imapd-2.2.12/imap/Makefile.in cyrus-imapd-2.2.12.autocreate2/imap/Makefile.in
---- cyrus-imapd-2.2.12/imap/Makefile.in 2004-05-28 21:03:02.000000000 +0300
-+++ cyrus-imapd-2.2.12.autocreate2/imap/Makefile.in 2005-10-19 14:48:57.935240000 +0300
-@@ -104,7 +104,7 @@
- convert_code.o duplicate.o saslclient.o saslserver.o signals.o \
- annotate.o search_engines.o squat.o squat_internal.o mbdump.o \
- imapparse.o telemetry.o user.o notify.o protocol.o quota_db.o \
-- $(SEEN) $(IDLE)
-+ autosieve.o $(SEEN) $(IDLE)
-
- IMAPDOBJS=pushstats.o backend.o imapd.o index.o tls.o version.o
-
-@@ -122,7 +122,7 @@
- fud smmapd reconstruct quota mbpath ipurge \
- cyrdump chk_cyrus cvt_cyrusdb deliver ctl_mboxlist \
- ctl_deliver ctl_cyrusdb squatter mbexamine cyr_expire arbitron \
-- @IMAP_PROGS@
-+ compile_sieve @IMAP_PROGS@
-
- BUILTSOURCES = imap_err.c imap_err.h pushstats.c pushstats.h \
- lmtpstats.c lmtpstats.h xversion.h mupdate_err.c mupdate_err.h \
-@@ -188,7 +188,7 @@
- ### Services
- idled: idled.o mutex_fake.o libimap.a $(DEPLIBS)
- $(CC) $(LDFLAGS) -o idled \
-- idled.o mutex_fake.o libimap.a $(DEPLIBS) $(LIBS)
-+ idled.o mutex_fake.o libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
- lmtpd: lmtpd.o $(LMTPOBJS) $(SIEVE_OBJS) mutex_fake.o libimap.a $(SIEVE_LIBS) \
- $(DEPLIBS) $(SERVICE)
-@@ -214,10 +214,10 @@
- $(SERVICE) lmtpproxyd.o backend.o $(LMTPOBJS) mutex_fake.o \
- libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-
--imapd: xversion $(IMAPDOBJS) mutex_fake.o libimap.a $(DEPLIBS) $(SERVICE)
-+imapd: xversion $(IMAPDOBJS) mutex_fake.o libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(SERVICE)
- $(CC) $(LDFLAGS) -o imapd \
- $(SERVICE) $(IMAPDOBJS) mutex_fake.o \
-- libimap.a $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-
- imapd.pure: $(IMAPDOBJS) mutex_fake.o libimap.a $(DEPLIBS) $(SERVICE)
- $(PURIFY) $(PUREOPT) $(CC) $(LDFLAGS) -o imapd.pure \
-@@ -232,7 +232,7 @@
- proxyd: $(PROXYDOBJS) mutex_fake.o libimap.a $(DEPLIBS) $(SERVICE)
- $(CC) $(LDFLAGS) -o proxyd \
- $(SERVICE) $(PROXYDOBJS) mutex_fake.o libimap.a \
-- $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-+ $(SIEVE_LIBS) $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-
- proxyd.pure: $(PROXYDOBJS) mutex_fake.o libimap.a $(DEPLIBS) $(SERVICE)
- $(PURIFY) $(PUREOPT) $(CC) $(LDFLAGS) -o proxyd.pure \
-@@ -244,7 +244,7 @@
- $(CC) $(LDFLAGS) -o mupdate \
- $(SERVICETHREAD) mupdate.o mupdate-slave.o mupdate-client.o \
- mutex_pthread.o tls.o libimap.a \
-- $(DEPLIBS) $(LIBS) $(LIB_WRAP) -lpthread
-+ $(SIEVE_LIBS) $(DEPLIBS) $(LIBS) $(LIB_WRAP) -lpthread
-
- mupdate.pure: mupdate.o mupdate-slave.o mupdate-client.o mutex_pthread.o \
- libimap.a $(DEPLIBS)
-@@ -252,92 +252,96 @@
- $(SERVICETHREAD) mupdate.o mupdate-slave.o mupdate-client.o \
- mutex_pthread.o libimap.a $(DEPLIBS) $(LIBS) $(LIB_WRAP) -lpthread
-
--pop3d: pop3d.o backend.o tls.o mutex_fake.o libimap.a $(DEPLIBS) $(SERVICE)
-+pop3d: pop3d.o backend.o tls.o mutex_fake.o libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(SERVICE)
- $(CC) $(LDFLAGS) -o pop3d pop3d.o backend.o tls.o $(SERVICE) \
-- mutex_fake.o libimap.a $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-+ mutex_fake.o libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-
- nntpd: nntpd.o backend.o index.o smtpclient.o spool.o tls.o \
- mutex_fake.o nntp_err.o libimap.a $(DEPLIBS) $(SERVICE)
- $(CC) $(LDFLAGS) -o nntpd nntpd.o backend.o index.o spool.o \
- smtpclient.o tls.o $(SERVICE) mutex_fake.o nntp_err.o \
-- libimap.a $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-
--fud: fud.o libimap.a mutex_fake.o $(DEPLIBS) $(SERVICE)
-+fud: fud.o libimap.a mutex_fake.o $(SIEVE_LIBS) $(DEPLIBS) $(SERVICE)
- $(CC) $(LDFLAGS) -o fud $(SERVICE) fud.o mutex_fake.o libimap.a \
-- $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-+ $(SIEVE_LIBS) $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-
--smmapd: smmapd.o libimap.a mutex_fake.o $(DEPLIBS) $(SERVICE)
-+smmapd: smmapd.o libimap.a mutex_fake.o $(SIEVE_LIBS) $(DEPLIBS) $(SERVICE)
- $(CC) $(LDFLAGS) -o smmapd $(SERVICE) smmapd.o mutex_fake.o libimap.a \
-- $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-+ $(SIEVE_LIBS) $(DEPLIBS) $(LIBS) $(LIB_WRAP)
-
- ### Command Line Utilities
--arbitron: arbitron.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+arbitron: arbitron.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o arbitron arbitron.o $(CLIOBJS) \
-- libimap.a $(DEPLIBS) $(LIBS)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-+
-+compile_sieve: compile_sieve.o libimap.a $(SIEVE_LIBS) $(DEPLIBS)
-+ $(CC) $(LDFLAGS) -o compile_sieve compile_sieve.o $(CLIOBJS) \
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--cvt_cyrusdb: cvt_cyrusdb.o mutex_fake.o libimap.a $(DEPLIBS)
-+cvt_cyrusdb: cvt_cyrusdb.o mutex_fake.o libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o cvt_cyrusdb cvt_cyrusdb.o $(CLIOBJS) \
-- libimap.a $(DEPLIBS) $(LIBS)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--chk_cyrus: chk_cyrus.o mutex_fake.o libimap.a $(DEPLIBS)
-+chk_cyrus: chk_cyrus.o mutex_fake.o libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o chk_cyrus chk_cyrus.o $(CLIOBJS) \
-- libimap.a $(DEPLIBS) $(LIBS)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--deliver: deliver.o backend.o $(LMTPOBJS) mutex_fake.o libimap.a $(DEPLIBS)
-+deliver: deliver.o backend.o $(LMTPOBJS) mutex_fake.o libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o deliver deliver.o backend.o $(LMTPOBJS) \
-- mutex_fake.o libimap.a $(DEPLIBS) $(LIBS)
-+ mutex_fake.o libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--ctl_deliver: ctl_deliver.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+ctl_deliver: ctl_deliver.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o \
-- $@ ctl_deliver.o $(CLIOBJS) libimap.a $(DEPLIBS) $(LIBS)
-+ $@ ctl_deliver.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--ctl_mboxlist: ctl_mboxlist.o mupdate-client.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+ctl_mboxlist: ctl_mboxlist.o mupdate-client.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o $@ ctl_mboxlist.o mupdate-client.o $(CLIOBJS) \
-- libimap.a $(DEPLIBS) $(LIBS)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--ctl_cyrusdb: ctl_cyrusdb.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+ctl_cyrusdb: ctl_cyrusdb.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o \
-- $@ ctl_cyrusdb.o $(CLIOBJS) libimap.a $(DEPLIBS) $(LIBS)
-+ $@ ctl_cyrusdb.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--cyr_expire: cyr_expire.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+cyr_expire: cyr_expire.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o $@ cyr_expire.o $(CLIOBJS) \
-- libimap.a $(DEPLIBS) $(LIBS)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--fetchnews: fetchnews.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+fetchnews: fetchnews.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o \
-- $@ fetchnews.o $(CLIOBJS) libimap.a $(DEPLIBS) $(LIBS)
-+ $@ fetchnews.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--squatter: squatter.o index.o squat_build.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+squatter: squatter.o index.o squat_build.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o squatter squatter.o index.o squat_build.o \
-- $(CLIOBJS) libimap.a $(DEPLIBS) $(LIBS)
-+ $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--mbpath: mbpath.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+mbpath: mbpath.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o mbpath mbpath.o $(CLIOBJS) libimap.a \
-- $(DEPLIBS) $(LIBS)
-+ $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--ipurge: ipurge.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+ipurge: ipurge.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o ipurge ipurge.o $(CLIOBJS) \
-- libimap.a $(DEPLIBS) $(LIBS)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--cyrdump: cyrdump.o index.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+cyrdump: cyrdump.o index.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o cyrdump cyrdump.o index.o $(CLIOBJS) \
-- libimap.a $(DEPLIBS) $(LIBS)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--mbexamine: mbexamine.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+mbexamine: mbexamine.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o \
-- mbexamine mbexamine.o $(CLIOBJS) libimap.a $(DEPLIBS) $(LIBS)
-+ mbexamine mbexamine.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--reconstruct: reconstruct.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+reconstruct: reconstruct.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o \
-- reconstruct reconstruct.o $(CLIOBJS) libimap.a $(DEPLIBS) $(LIBS)
-+ reconstruct reconstruct.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--quota: quota.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+quota: quota.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o quota quota.o $(CLIOBJS) \
-- libimap.a $(DEPLIBS) $(LIBS)
-+ libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
--tls_prune: tls_prune.o tls.o $(CLIOBJS) libimap.a $(DEPLIBS)
-+tls_prune: tls_prune.o tls.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS)
- $(CC) $(LDFLAGS) -o \
-- $@ tls_prune.o tls.o $(CLIOBJS) libimap.a $(DEPLIBS) $(LIBS)
-+ $@ tls_prune.o tls.o $(CLIOBJS) libimap.a $(SIEVE_LIBS) $(DEPLIBS) $(LIBS)
-
- ### Other Misc Targets
-
-diff -Naur cyrus-imapd-2.2.12/imap/autosieve.c cyrus-imapd-2.2.12.autocreate2/imap/autosieve.c
---- cyrus-imapd-2.2.12/imap/autosieve.c 1970-01-01 02:00:00.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/imap/autosieve.c 2005-10-19 14:48:57.940098000 +0300
-@@ -0,0 +1,587 @@
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <string.h>
-+
-+#ifdef HAVE_UNISTD_H
-+#include <unistd.h>
-+#endif
-+
-+#include <errno.h>
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <sys/uio.h>
-+#include <fcntl.h>
-+#include <ctype.h>
-+#include <time.h>
-+#include <syslog.h>
-+#include <com_err.h>
-+#include <config.h>
-+
-+#include "global.h"
-+#include "util.h"
-+#include "mailbox.h"
-+#include "imap_err.h"
-+#include "sieve_interface.h"
-+#include "script.h"
-+
-+#define TIMSIEVE_FAIL -1
-+#define TIMSIEVE_OK 0
-+#define MAX_FILENAME 1024
-+
-+static int get_script_name(char *sievename, size_t buflen, const char *filename);
-+static int get_script_dir(char *sieve_script_dir, size_t buflen, char *userid, const char *sieve_dir);
-+int autoadd_sieve(char *userid, const char *source_script);
-+
-+static void fatal(const char *s, int code);
-+static void foo(void);
-+static int sieve_notify(void *ac __attribute__((unused)),
-+ void *interp_context __attribute__((unused)),
-+ void *script_context __attribute__((unused)),
-+ void *message_context __attribute__((unused)),
-+ const char **errmsg __attribute__((unused)));
-+static int mysieve_error(int lineno, const char *msg,
-+ void *i __attribute__((unused)), void *s);
-+static int is_script_parsable(FILE *stream, char **errstr, sieve_script_t **ret);
-+
-+
-+sieve_vacation_t vacation2 = {
-+ 0, /* min response */
-+ 0, /* max response */
-+ (sieve_callback *) &foo, /* autorespond() */
-+ (sieve_callback *) &foo /* send_response() */
-+};
-+
-+
-+/*
-+ * Find the name of the sieve script
-+ * given the source script and compiled script names
-+ */
-+static int get_script_name(char *sievename, size_t buflen, const char *filename)
-+{
-+ char *p;
-+ int r;
-+
-+ p = strrchr(filename, '/');
-+ if (p == NULL)
-+ p = (char *) filename;
-+ else
-+ p++;
-+
-+ r = strlcpy(sievename, p, buflen) - buflen;
-+ return (r >= 0 || r == -buflen ? 1 : 0);
-+}
-+
-+
-+/*
-+ * Find the directory where the sieve scripts of the user
-+ * reside
-+ */
-+static int get_script_dir(char *sieve_script_dir, size_t buflen, char *userid, const char *sieve_dir)
-+{
-+ char *user = NULL, *domain = NULL;
-+
-+ /* Setup the user and the domain */
-+ if(config_virtdomains && (domain = strchr(userid, '@'))) {
-+ user = (char *) xmalloc((domain - userid +1) * sizeof(char));
-+ strlcpy(user, userid, domain - userid + 1);
-+ domain++;
-+ } else
-+ user = userid;
-+
-+ /* Find the dir path where the sieve scripts of the user will reside */
-+ if (config_virtdomains && domain) {
-+ if(snprintf(sieve_script_dir, buflen, "%s%s%c/%s/%c/%s/",
-+ sieve_dir, FNAME_DOMAINDIR, dir_hash_c(domain), domain, dir_hash_c(user), user) >= buflen) {
-+ free(user);
-+ return 1;
-+ }
-+ } else {
-+ if(snprintf(sieve_script_dir, buflen, "%s/%c/%s/",
-+ sieve_dir, dir_hash_c(user), user) >= buflen)
-+ return 1;
-+ }
-+
-+ /* Free the xmalloced user memory, reserved above */
-+ if(user != userid)
-+ free(user);
-+
-+ return 0;
-+}
-+
-+int autoadd_sieve(char *userid, const char *source_script)
-+{
-+ sieve_script_t *s = NULL;
-+ bytecode_info_t *bc = NULL;
-+ char *err = NULL;
-+ FILE *in_stream, *out_fp;
-+ int out_fd, in_fd, r, k;
-+ int do_compile = 0;
-+ const char *sieve_dir = NULL;
-+ const char *compiled_source_script = NULL;
-+ char sievename[MAX_FILENAME];
-+ char sieve_script_name[MAX_FILENAME];
-+ char sieve_script_dir[MAX_FILENAME];
-+ char sieve_bcscript_name[MAX_FILENAME];
-+ char sieve_default[MAX_FILENAME];
-+ char sieve_tmpname[MAX_FILENAME];
-+ char sieve_bctmpname[MAX_FILENAME];
-+ char sieve_bclink_name[MAX_FILENAME];
-+ char buf[4096];
-+ mode_t oldmask;
-+ struct stat statbuf;
-+
-+ /* We don't support using the homedirectory, like timsieved */
-+ if (config_getswitch(IMAPOPT_SIEVEUSEHOMEDIR)) {
-+ syslog(LOG_WARNING,"autocreate_sieve: autocreate_sieve does not work with sieveusehomedir option in imapd.conf");
-+ return 1;
-+ }
-+
-+ /* Check if sievedir is defined in imapd.conf */
-+ if(!(sieve_dir = config_getstring(IMAPOPT_SIEVEDIR))) {
-+ syslog(LOG_WARNING, "autocreate_sieve: sievedir option is not defined. Check imapd.conf");
-+ return 1;
-+ }
-+
-+ /* Check if autocreate_sieve_compiledscript is defined in imapd.conf */
-+ if(!(compiled_source_script = config_getstring(IMAPOPT_AUTOCREATE_SIEVE_COMPILEDSCRIPT))) {
-+ syslog(LOG_WARNING, "autocreate_sieve: autocreate_sieve_compiledscript option is not defined. Compiling it");
-+ do_compile = 1;
-+ }
-+
-+ if(get_script_dir(sieve_script_dir, sizeof(sieve_script_dir), userid, sieve_dir)) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Cannot find sieve scripts directory");
-+ return 1;
-+ }
-+
-+ if (get_script_name(sievename, sizeof(sievename), source_script)) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Invalid sieve script %s", source_script);
-+ return 1;
-+ }
-+
-+ if(snprintf(sieve_tmpname, sizeof(sieve_tmpname), "%s%s.script.NEW",sieve_script_dir, sievename) >= sizeof(sieve_tmpname)) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Invalid sieve path %s, %s, %s", sieve_dir, sievename, userid);
-+ return 1;
-+ }
-+ if(snprintf(sieve_bctmpname, sizeof(sieve_bctmpname), "%s%s.bc.NEW",sieve_script_dir, sievename) >= sizeof(sieve_bctmpname)) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Invalid sieve path %s, %s, %s", sieve_dir, sievename, userid);
-+ return 1;
-+ }
-+ if(snprintf(sieve_script_name, sizeof(sieve_script_name), "%s%s.script",sieve_script_dir, sievename) >= sizeof(sieve_script_name)) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Invalid sieve path %s, %s, %s", sieve_dir, sievename, userid);
-+ return 1;
-+ }
-+ if(snprintf(sieve_bcscript_name, sizeof(sieve_bcscript_name), "%s%s.bc",sieve_script_dir, sievename) >= sizeof(sieve_bcscript_name)) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Invalid sieve path %s, %s, %s", sieve_dir, sievename, userid);
-+ return 1;
-+ }
-+ if(snprintf(sieve_default, sizeof(sieve_default), "%s%s",sieve_script_dir,"defaultbc") >= sizeof(sieve_default)) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Invalid sieve path %s, %s, %s", sieve_dir, sievename, userid);
-+ return 1;
-+ }
-+ if(snprintf(sieve_bclink_name, sizeof(sieve_bclink_name), "%s.bc", sievename) >= sizeof(sieve_bclink_name)) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Invalid sieve path %s, %s, %s", sieve_dir, sievename, userid);
-+ return 1;
-+ }
-+
-+ /* Check if a default sieve filter alrady exists */
-+ if(!stat(sieve_default,&statbuf)) {
-+ syslog(LOG_WARNING,"autocreate_sieve: Default sieve script already exists");
-+ fclose(in_stream);
-+ return 1;
-+ }
-+
-+ /* Open the source script. if there is a problem with that exit */
-+ in_stream = fopen(source_script, "r");
-+ if(!in_stream) {
-+ syslog(LOG_WARNING,"autocreate_sieve: Unable to open sieve script %s. Check permissions",source_script);
-+ return 1;
-+ }
-+
-+
-+ /*
-+ * At this point we start the modifications of the filesystem
-+ */
-+
-+ /* Create the directory where the sieve scripts will reside */
-+ r = cyrus_mkdir(sieve_script_dir, 0755);
-+ if(r == -1) {
-+ /* If this fails we just leave */
-+ syslog(LOG_WARNING,"autocreate_sieve: Unable to create directory %s. Check permissions",sieve_script_name);
-+ return 1;
-+ }
-+
-+ /*
-+ * We open the file that will be used as the bc file. If this file exists, overwrite it
-+ * since something bad has happened. We open the file here so that this error checking is
-+ * done before we try to open the rest of the files to start copying etc.
-+ */
-+ out_fd = open(sieve_bctmpname, O_CREAT|O_TRUNC|O_WRONLY, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
-+ if(out_fd < 0) {
-+ if(errno == EEXIST) {
-+ syslog(LOG_WARNING,"autocreate_sieve: File %s already exists. Probaly left over. Ignoring",sieve_bctmpname);
-+ } else if (errno == EACCES) {
-+ syslog(LOG_WARNING,"autocreate_sieve: No access to create file %s. Check permissions",sieve_bctmpname);
-+ fclose(in_stream);
-+ return 1;
-+ } else {
-+ syslog(LOG_WARNING,"autocreate_sieve: Unable to create %s. Unknown error",sieve_bctmpname);
-+ fclose(in_stream);
-+ return 1;
-+ }
-+ }
-+
-+ if(!do_compile && compiled_source_script && (in_fd = open(compiled_source_script, O_RDONLY)) != -1) {
-+ while((r = read(in_fd, buf, sizeof(buf))) > 0) {
-+ if((k=write(out_fd, buf,r)) < 0) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Error writing to file: %s, error: %d", sieve_bctmpname, errno);
-+ close(out_fd);
-+ close(in_fd);
-+ fclose(in_stream);
-+ unlink(sieve_bctmpname);
-+ return 1;
-+ }
-+ }
-+
-+ if(r == 0) { /* EOF */
-+ close(out_fd);
-+ close(in_fd);
-+ } else if (r < 0) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Error reading compiled script file: %s. Will try to compile it",
-+ compiled_source_script);
-+ close(in_fd);
-+ do_compile = 1;
-+ if(lseek(out_fd, 0, SEEK_SET)) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Major IO problem. Aborting");
-+ return 1;
-+ }
-+ }
-+ close(in_fd);
-+ } else {
-+ if(compiled_source_script)
-+ syslog(LOG_WARNING,"autocreate_sieve: Problem opening compiled script file: %s. Compiling it", compiled_source_script);
-+ do_compile = 1;
-+ }
-+
-+
-+ /* Because we failed to open a precompiled bc sieve script, we compile one */
-+ if(do_compile) {
-+ if(is_script_parsable(in_stream,&err, &s) == TIMSIEVE_FAIL) {
-+ if(err && *err) {
-+ syslog(LOG_WARNING,"autocreate_sieve: Error while parsing script %s.",err);
-+ free(err);
-+ } else
-+ syslog(LOG_WARNING,"autocreate_sieve: Error while parsing script");
-+
-+ unlink(sieve_bctmpname);
-+ fclose(in_stream);
-+ close(out_fd);
-+ return 1;
-+ }
-+
-+ /* generate the bytecode */
-+ if(sieve_generate_bytecode(&bc, s) == TIMSIEVE_FAIL) {
-+ syslog(LOG_WARNING,"autocreate_sieve: problem compiling sieve script");
-+ /* removing the copied script and cleaning up memory */
-+ unlink(sieve_bctmpname);
-+ sieve_script_free(&s);
-+ fclose(in_stream);
-+ close(out_fd);
-+ return 1;
-+ }
-+
-+ if(sieve_emit_bytecode(out_fd, bc) == TIMSIEVE_FAIL) {
-+ syslog(LOG_WARNING,"autocreate_sieve: problem emiting sieve script");
-+ /* removing the copied script and cleaning up memory */
-+ unlink(sieve_bctmpname);
-+ sieve_free_bytecode(&bc);
-+ sieve_script_free(&s);
-+ fclose(in_stream);
-+ close(out_fd);
-+ return 1;
-+ }
-+
-+ /* clean up the memory */
-+ sieve_free_bytecode(&bc);
-+ sieve_script_free(&s);
-+ }
-+
-+ close(out_fd);
-+ rewind(in_stream);
-+
-+ /* Copy the initial script */
-+ oldmask = umask(077);
-+ if((out_fp = fopen(sieve_tmpname, "w")) == NULL) {
-+ syslog(LOG_WARNING,"autocreate_sieve: Unable to open %s destination sieve script", sieve_tmpname);
-+ unlink(sieve_bctmpname);
-+ umask(oldmask);
-+ fclose(in_stream);
-+ return 1;
-+ }
-+ umask(oldmask);
-+
-+ while((r = fread(buf,sizeof(char), sizeof(buf), in_stream))) {
-+ if( fwrite(buf,sizeof(char), r, out_fp) != r) {
-+ syslog(LOG_WARNING,"autocreate_sieve: Problem writing to sieve script file: %s",sieve_tmpname);
-+ fclose(out_fp);
-+ unlink(sieve_tmpname);
-+ unlink(sieve_bctmpname);
-+ fclose(in_stream);
-+ return 1;
-+ }
-+ }
-+
-+ if(feof(in_stream)) {
-+ fclose(out_fp);
-+ } else { /* ferror */
-+ fclose(out_fp);
-+ unlink(sieve_tmpname);
-+ unlink(sieve_bctmpname);
-+ fclose(in_stream);
-+ return 1;
-+ }
-+
-+ /* Renaming the necessary stuff */
-+ if(rename(sieve_tmpname, sieve_script_name)) {
-+ unlink(sieve_tmpname);
-+ unlink(sieve_bctmpname);
-+ return 1;
-+ }
-+
-+ if(rename(sieve_bctmpname, sieve_bcscript_name)) {
-+ unlink(sieve_bctmpname);
-+ unlink(sieve_bcscript_name);
-+ return 1;
-+ }
-+
-+ /* end now with the symlink */
-+ if(symlink(sieve_bclink_name, sieve_default)) {
-+ if(errno != EEXIST) {
-+ syslog(LOG_WARNING, "autocreate_sieve: problem making the default link.");
-+ /* Lets delete the files */
-+ unlink(sieve_script_name);
-+ unlink(sieve_bcscript_name);
-+ }
-+ }
-+
-+ /*
-+ * If everything has succeeded AND we have compiled the script AND we have requested
-+ * to generate the global script so that it is not compiled each time then we create it.
-+ */
-+ if(do_compile &&
-+ config_getswitch(IMAPOPT_GENERATE_COMPILED_SIEVE_SCRIPT)) {
-+
-+ if(!compiled_source_script) {
-+ syslog(LOG_WARNING, "autocreate_sieve: To save a compiled sieve script, autocreate_sieve_compiledscript must have been defined in imapd.conf");
-+ return 0;
-+ }
-+
-+ if(snprintf(sieve_tmpname, sizeof(sieve_tmpname), "%s.NEW", compiled_source_script) >= sizeof(sieve_tmpname))
-+ return 0;
-+
-+ /*
-+ * Copy everything from the newly created bc sieve sieve script.
-+ */
-+ if((in_fd = open(sieve_bcscript_name, O_RDONLY))<0) {
-+ return 0;
-+ }
-+
-+ if((out_fd = open(sieve_tmpname, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) {
-+ if(errno == EEXIST) {
-+ /* Someone is already doing this so just bail out. */
-+ syslog(LOG_WARNING, "autocreate_sieve: %s already exists. Some other instance processing it, or it is left over", sieve_tmpname);
-+ close(in_fd);
-+ return 0;
-+ } else if (errno == EACCES) {
-+ syslog(LOG_WARNING,"autocreate_sieve: No access to create file %s. Check permissions",sieve_tmpname);
-+ close(in_fd);
-+ return 0;
-+ } else {
-+ syslog(LOG_WARNING,"autocreate_sieve: Unable to create %s",sieve_tmpname);
-+ close(in_fd);
-+ return 0;
-+ }
-+ }
-+
-+ while((r = read(in_fd, buf, sizeof(buf))) > 0) {
-+ if((k = write(out_fd,buf,r)) < 0) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Error writing to file: %s, error: %d", sieve_tmpname, errno);
-+ close(out_fd);
-+ close(in_fd);
-+ unlink(sieve_tmpname);
-+ return 0;
-+ }
-+ }
-+
-+ if(r == 0 ) { /*EOF */
-+ close(out_fd);
-+ close(in_fd);
-+ } else if (r < 0) {
-+ syslog(LOG_WARNING, "autocreate_sieve: Error writing to file: %s, error: %d", sieve_tmpname, errno);
-+ close(out_fd);
-+ close(in_fd);
-+ unlink(sieve_tmpname);
-+ return 0;
-+ }
-+
-+ /* Rename the temporary created sieve script to its final name. */
-+ if(rename(sieve_tmpname, compiled_source_script)) {
-+ if(errno != EEXIST) {
-+ unlink(sieve_tmpname);
-+ unlink(compiled_source_script);
-+ }
-+ return 0;
-+ }
-+
-+ syslog(LOG_NOTICE, "autocreate_sieve: Compiled sieve script was successfully saved in %s", compiled_source_script);
-+ }
-+
-+ return 0;
-+}
-+
-+static void fatal(const char *s, int code)
-+{
-+ printf("Fatal error: %s (%d)\r\n", s, code);
-+ exit(1);
-+}
-+
-+/* to make larry's stupid functions happy :) */
-+static void foo(void)
-+{
-+ fatal("stub function called", 0);
-+}
-+
-+static int sieve_notify(void *ac __attribute__((unused)),
-+ void *interp_context __attribute__((unused)),
-+ void *script_context __attribute__((unused)),
-+ void *message_context __attribute__((unused)),
-+ const char **errmsg __attribute__((unused)))
-+{
-+ fatal("stub function called", 0);
-+ return SIEVE_FAIL;
-+}
-+
-+static int mysieve_error(int lineno, const char *msg,
-+ void *i __attribute__((unused)), void *s)
-+{
-+ char buf[1024];
-+ char **errstr = (char **) s;
-+
-+ snprintf(buf, 80, "line %d: %s\r\n", lineno, msg);
-+ *errstr = (char *) xrealloc(*errstr, strlen(*errstr) + strlen(buf) + 30);
-+ syslog(LOG_DEBUG, "%s", buf);
-+ strcat(*errstr, buf);
-+
-+ return SIEVE_OK;
-+}
-+
-+/* end the boilerplate */
-+
-+/* returns TRUE or FALSE */
-+int is_script_parsable(FILE *stream, char **errstr, sieve_script_t **ret)
-+{
-+ sieve_interp_t *i;
-+ sieve_script_t *s;
-+ int res;
-+
-+ res = sieve_interp_alloc(&i, NULL);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_interp_alloc() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_redirect(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_redirect() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+ res = sieve_register_discard(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_discard() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+ res = sieve_register_reject(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_reject() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+ res = sieve_register_fileinto(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_fileinto() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+ res = sieve_register_keep(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_keep() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_imapflags(i, NULL);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_imapflags() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_size(i, (sieve_get_size *) &foo);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_size() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_header(i, (sieve_get_header *) &foo);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_header() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_envelope(i, (sieve_get_envelope *) &foo);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_envelope() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_vacation(i, &vacation2);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_vacation() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_notify(i, &sieve_notify);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_notify() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_parse_error(i, &mysieve_error);
-+ if (res != SIEVE_OK) {
-+ syslog(LOG_WARNING, "sieve_register_parse_error() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ rewind(stream);
-+
-+ *errstr = (char *) xmalloc(20 * sizeof(char));
-+ strcpy(*errstr, "script errors:\r\n");
-+
-+ res = sieve_script_parse(i, stream, errstr, &s);
-+
-+ if (res == SIEVE_OK) {
-+ if(ret) {
-+ *ret = s;
-+ } else {
-+ sieve_script_free(&s);
-+ }
-+ free(*errstr);
-+ *errstr = NULL;
-+ }
-+
-+ /* free interpreter */
-+ sieve_interp_free(&i);
-+
-+ return (res == SIEVE_OK) ? TIMSIEVE_OK : TIMSIEVE_FAIL;
-+}
-+
-+/*
-+ * Btw the initial date of this patch is Sep, 02 2004 which is the birthday of
-+ * Pavlos. Author of cyrusmaster. So consider this patch as his birthday present
-+ */
-+
-diff -Naur cyrus-imapd-2.2.12/imap/compile_sieve.c cyrus-imapd-2.2.12.autocreate2/imap/compile_sieve.c
---- cyrus-imapd-2.2.12/imap/compile_sieve.c 1970-01-01 02:00:00.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/imap/compile_sieve.c 2005-10-19 14:48:57.943407000 +0300
-@@ -0,0 +1,364 @@
-+/* This tool compiles the sieve script from a command
-+line so that it can be used wby the autoadd patch */
-+#include <stdio.h>
-+#include <stdlib.h>
-+
-+#include <config.h>
-+#include <string.h>
-+#ifdef HAVE_UNISTD_H
-+#include <unistd.h>
-+#endif
-+#include <errno.h>
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <sys/uio.h>
-+#include <fcntl.h>
-+#include <ctype.h>
-+#include <time.h>
-+#include <com_err.h>
-+
-+#include "global.h"
-+
-+#include "util.h"
-+#include "mailbox.h"
-+#include "imap_err.h"
-+#include "sieve_interface.h"
-+#include "script.h"
-+
-+#include <pwd.h>
-+
-+#define TIMSIEVE_FAIL -1
-+#define TIMSIEVE_OK 0
-+#define MAX_FILENAME_SIZE 100
-+
-+/* Needed by libconfig */
-+const int config_need_data = 0;
-+
-+static int is_script_parsable(FILE *stream, char **errstr, sieve_script_t **ret);
-+
-+static void fatal(const char *s, int code)
-+{
-+ printf("Fatal error: %s (%d)\r\n", s, code);
-+
-+ exit(1);
-+}
-+
-+void usage(void)
-+{
-+ fprintf(stderr,
-+ "Usage:\n\tcompile_sieve [-C <altconfig>] [-i <infile> -o <outfile>]\n");
-+ exit(-1);
-+}
-+
-+
-+int main (int argc, char **argv)
-+{
-+
-+ sieve_script_t *s = NULL;
-+ bytecode_info_t *bc = NULL;
-+ char *err = NULL;
-+ FILE *in_stream;
-+ int out_fd,r, k, opt;
-+ char *source_script = NULL;
-+ char *compiled_source_script = NULL;
-+ mode_t oldmask;
-+ struct stat statbuf;
-+ char *alt_config = NULL;
-+ extern char *optarg;
-+ char sieve_tmpname[MAX_MAILBOX_NAME+1];
-+
-+ if (geteuid() == 0) fatal("must run as the Cyrus user", EC_USAGE);
-+
-+ while((opt = getopt(argc, argv, "C:i:o:")) != EOF) {
-+ switch (opt) {
-+ case 'C': /* alt config file */
-+ alt_config = optarg;
-+ break;
-+ case 'i': /* input script file */
-+ source_script = optarg;
-+ break;
-+ case 'o': /* output script file */
-+ compiled_source_script = optarg;
-+ break;
-+ default:
-+ usage();
-+ break;
-+ }
-+ }
-+
-+ if(source_script && !compiled_source_script) {
-+ fprintf(stderr, "No output file was defined\n");
-+ usage();
-+ } else if (!source_script && compiled_source_script) {
-+ fprintf(stderr, "No input file was defined\n");
-+ usage();
-+ }
-+
-+ /*
-+ * If no <infile> has been defined, then read them from
-+ * the configuration file.
-+ */
-+ if (!source_script && !compiled_source_script) {
-+ cyrus_init(alt_config, "compile_sieve", 0);
-+
-+ /* Initially check if we want to have the sieve script created */
-+ if(!(source_script = (char *) config_getstring(IMAPOPT_AUTOCREATE_SIEVE_SCRIPT))) {
-+ fprintf(stderr,"autocreate_sieve_script option not defined. Check imapd.conf\n");
-+ return 1;
-+ }
-+
-+ /* Check if we have an already compiled sieve script*/
-+ if(!(compiled_source_script = (char *) config_getstring(IMAPOPT_AUTOCREATE_SIEVE_COMPILEDSCRIPT))) {
-+ fprintf(stderr, "autocreate_sieve_compiledscript option not defined. Check imapd.conf\n");
-+ return 1;
-+ }
-+
-+ if(!strrchr(source_script,'/') || !strrchr(compiled_source_script,'/')) {
-+ /*
-+ * At this point the only think that is inconsistent is the directory
-+ * that was created. But if the user will have any sieve scripts then
-+ * they will eventually go there, so no big deal
-+ */
-+ fprintf(stderr,
-+ "In imapd.conf the full path of the filenames must be defined\n");
-+ return 1;
-+ }
-+ }
-+
-+ printf("input file : %s, output file : %s\n", source_script, compiled_source_script);
-+
-+
-+ if(strlen(compiled_source_script) + sizeof(".NEW") + 1 > sizeof(sieve_tmpname)) {
-+ fprintf(stderr, "Filename %s is too big\n", compiled_source_script);
-+ return 1;
-+ }
-+
-+ snprintf(sieve_tmpname, sizeof(sieve_tmpname), "%s.NEW", compiled_source_script);
-+
-+ in_stream = fopen(source_script,"r");
-+
-+ if(!in_stream) {
-+ fprintf(stderr,"Unable to open %s source sieve script\n",source_script);
-+ return;
-+ }
-+
-+ /*
-+ * We open the file that will be used as the bc file. If this file exists, overwrite it
-+ * since something bad has happened. We open the file here so that this error checking is
-+ * done before we try to open the rest of the files to start copying etc.
-+ */
-+ out_fd = open(sieve_tmpname, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
-+ if(out_fd < 0) {
-+ if(errno == EEXIST) {
-+ fprintf(stderr, "File %s already exists\n", sieve_tmpname);
-+ } else if (errno == EACCES) {
-+ fprintf(stderr,"No access to create file %s. Please check that you have the correct permissions\n",
-+ sieve_tmpname);
-+ } else {
-+ fprintf(stderr,"Unable to create %s. Please check that you have the correct permissions\n",
-+ sieve_tmpname);
-+ }
-+
-+ fclose(in_stream);
-+ return 1;
-+ }
-+
-+ if(is_script_parsable(in_stream,&err, &s) == TIMSIEVE_FAIL) {
-+ if(err && *err) {
-+ fprintf(stderr, "Error while parsing script %s\n",err);
-+ free(err);
-+ }
-+ else
-+ fprintf(stderr,"Error while parsing script\n");
-+ unlink(sieve_tmpname);
-+ fclose(in_stream);
-+ close(out_fd);
-+ return;
-+ }
-+
-+
-+ /* generate the bytecode */
-+ if(sieve_generate_bytecode(&bc,s) == TIMSIEVE_FAIL) {
-+ fprintf(stderr,"Error occured while compiling sieve script\n");
-+ /* removing the copied script and cleaning up memory */
-+ unlink(sieve_tmpname);
-+ sieve_script_free(&s);
-+ fclose(in_stream);
-+ close(out_fd);
-+ return;
-+ }
-+ if(sieve_emit_bytecode(out_fd,bc) == TIMSIEVE_FAIL) {
-+ fprintf(stderr, "Error occured while emitting sieve script\n");
-+ unlink(sieve_tmpname);
-+ sieve_free_bytecode(&bc);
-+ sieve_script_free(&s);
-+ fclose(in_stream);
-+ close(out_fd);
-+ return;
-+ }
-+
-+ /* clean up the memory */
-+ sieve_free_bytecode(&bc);
-+ sieve_script_free(&s);
-+
-+ close(out_fd);
-+
-+ if(rename(sieve_tmpname, compiled_source_script)) {
-+ if(errno != EEXIST) {
-+ unlink(sieve_tmpname);
-+ unlink(compiled_source_script);
-+ return 1;
-+ }
-+ }
-+ return 0;
-+}
-+
-+
-+/* to make larry's stupid functions happy :) */
-+static void foo(void)
-+{
-+ fatal("stub function called", 0);
-+}
-+
-+extern sieve_vacation_t vacation2;/* = {
-+ 0, / min response /
-+ 0, / max response /
-+ (sieve_callback *) &foo, / autorespond() /
-+ (sieve_callback *) &foo / send_response() /
-+}; */
-+
-+static int sieve_notify(void *ac __attribute__((unused)),
-+ void *interp_context __attribute__((unused)),
-+ void *script_context __attribute__((unused)),
-+ void *message_context __attribute__((unused)),
-+ const char **errmsg __attribute__((unused)))
-+{
-+ fatal("stub function called", 0);
-+ return SIEVE_FAIL;
-+}
-+
-+static int mysieve_error(int lineno, const char *msg,
-+ void *i __attribute__((unused)), void *s)
-+{
-+ char buf[1024];
-+ char **errstr = (char **) s;
-+
-+ snprintf(buf, 80, "line %d: %s\r\n", lineno, msg);
-+ *errstr = (char *) xrealloc(*errstr, strlen(*errstr) + strlen(buf) + 30);
-+ fprintf(stderr, "%s\n", buf);
-+ strcat(*errstr, buf);
-+
-+ return SIEVE_OK;
-+}
-+
-+/* end the boilerplate */
-+
-+/* returns TRUE or FALSE */
-+int is_script_parsable(FILE *stream, char **errstr, sieve_script_t **ret)
-+{
-+ sieve_interp_t *i;
-+ sieve_script_t *s;
-+ int res;
-+
-+ res = sieve_interp_alloc(&i, NULL);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_interp_alloc() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_redirect(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_redirect() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+ res = sieve_register_discard(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_discard() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+ res = sieve_register_reject(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_reject() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+ res = sieve_register_fileinto(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_fileinto() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+ res = sieve_register_keep(i, (sieve_callback *) &foo);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_keep() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_imapflags(i, NULL);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_imapflags() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_size(i, (sieve_get_size *) &foo);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_size() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_header(i, (sieve_get_header *) &foo);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_header() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_envelope(i, (sieve_get_envelope *) &foo);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_envelope() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_vacation(i, &vacation2);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_vacation() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_notify(i, &sieve_notify);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_notify() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ res = sieve_register_parse_error(i, &mysieve_error);
-+ if (res != SIEVE_OK) {
-+ fprintf(stderr, "sieve_register_parse_error() returns %d\n", res);
-+ return TIMSIEVE_FAIL;
-+ }
-+
-+ rewind(stream);
-+
-+ *errstr = (char *) xmalloc(20 * sizeof(char));
-+ strcpy(*errstr, "script errors:\r\n");
-+
-+ res = sieve_script_parse(i, stream, errstr, &s);
-+
-+ if (res == SIEVE_OK) {
-+ if(ret) {
-+ *ret = s;
-+ } else {
-+ sieve_script_free(&s);
-+ }
-+ free(*errstr);
-+ *errstr = NULL;
-+ }
-+
-+ /* free interpreter */
-+ sieve_interp_free(&i);
-+
-+ return (res == SIEVE_OK) ? TIMSIEVE_OK : TIMSIEVE_FAIL;
-+}
-+
-+
-+
-+
-+
-+
-diff -Naur cyrus-imapd-2.2.12/imap/imapd.c cyrus-imapd-2.2.12.autocreate2/imap/imapd.c
---- cyrus-imapd-2.2.12/imap/imapd.c 2005-02-14 08:39:55.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/imap/imapd.c 2005-10-19 14:48:57.966749000 +0300
-@@ -158,6 +158,7 @@
- void motd_file(int fd);
- void shut_down(int code);
- void fatal(const char *s, int code);
-+void autocreate_inbox(void);
-
- void cmdloop(void);
- void cmd_login(char *tag, char *user);
-@@ -1693,6 +1694,42 @@
- }
-
- /*
-+ * Autocreate Inbox and subfolders upon login
-+ */
-+void autocreate_inbox()
-+{
-+ char inboxname[MAX_MAILBOX_NAME+1];
-+ int autocreatequota;
-+ int r;
-+
-+ /*
-+ * Exlude admin's accounts
-+ */
-+ if (imapd_userisadmin || imapd_userisproxyadmin)
-+ return;
-+
-+ /*
-+ * Exclude anonymous
-+ */
-+ if (!strcmp(imapd_userid, "anonymous"))
-+ return;
-+
-+ if ((autocreatequota = config_getint(IMAPOPT_AUTOCREATEQUOTA))) {
-+ /* This is actyally not required
-+ as long as the lenght of userid is ok */
-+ r = (*imapd_namespace.mboxname_tointernal) (&imapd_namespace,
-+ "INBOX", imapd_userid, inboxname);
-+ if (!r)
-+ r = mboxlist_lookup(inboxname, NULL, NULL, NULL);
-+
-+ if (r == IMAP_MAILBOX_NONEXISTENT)
-+ mboxlist_autocreateinbox(&imapd_namespace, imapd_userid,
-+ imapd_authstate, inboxname, autocreatequota);
-+ }
-+}
-+
-+
-+/*
- * Perform a LOGIN command
- */
- void cmd_login(char *tag, char *user)
-@@ -1848,6 +1885,9 @@
- strcspn(imapd_userid, "@") : 0);
-
- freebuf(&passwdbuf);
-+
-+ autocreate_inbox();
-+
- return;
- }
-
-@@ -1993,6 +2033,8 @@
- config_virtdomains ?
- strcspn(imapd_userid, "@") : 0);
-
-+ autocreate_inbox();
-+
- return;
- }
-
-diff -Naur cyrus-imapd-2.2.12/imap/lmtpd.c cyrus-imapd-2.2.12.autocreate2/imap/lmtpd.c
---- cyrus-imapd-2.2.12/imap/lmtpd.c 2004-12-17 18:32:15.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/imap/lmtpd.c 2005-10-19 14:48:57.971145000 +0300
-@@ -106,6 +106,8 @@
- static FILE *spoolfile(message_data_t *msgdata);
- static void removespool(message_data_t *msgdata);
-
-+static int autocreate_inbox(char *rcpt_userid);
-+
- /* current namespace */
- static struct namespace lmtpd_namespace;
-
-@@ -504,10 +506,55 @@
- exit(code);
- }
-
-+/*
-+ * Autocreate Inbox and subfolders upon login
-+ */
-+int autocreate_inbox(char *rcpt_userid)
-+{
-+ struct auth_state *authstate;
-+ char inboxname[MAX_MAILBOX_NAME+1];
-+ int rcptisadmin;
-+ int autocreatequota;
-+ int r;
-+
-+ if(rcpt_userid == NULL)
-+ return IMAP_MAILBOX_NONEXISTENT;
-+
-+ /*
-+ * Exclude anonymous
-+ */
-+ if (!strcmp(rcpt_userid, "anonymous"))
-+ return IMAP_MAILBOX_NONEXISTENT;
-+
-+ /*
-+ * Check for autocreatequota and createonpost
-+ */
-+ if (!(autocreatequota = config_getint(IMAPOPT_AUTOCREATEQUOTA)) ||
-+ !(config_getswitch(IMAPOPT_CREATEONPOST)))
-+ return IMAP_MAILBOX_NONEXISTENT;
-+
-+ /*
-+ * Exclude admin's accounts
-+ */
-+ authstate = auth_newstate(rcpt_userid);
-+ rcptisadmin = global_authisa(authstate, IMAPOPT_ADMINS);
-+ if (rcptisadmin)
-+ return IMAP_MAILBOX_NONEXISTENT;
-+
-+ r = (*lmtpd_namespace.mboxname_tointernal) (&lmtpd_namespace,
-+ "INBOX", rcpt_userid, inboxname);
-+ if (!r)
-+ r = mboxlist_autocreateinbox(&lmtpd_namespace, rcpt_userid,
-+ authstate, inboxname, autocreatequota);
-+ return r;
-+}
-+
-+
- static int verify_user(const char *user, const char *domain, const char *mailbox,
- long quotacheck, struct auth_state *authstate)
- {
- char namebuf[MAX_MAILBOX_NAME+1] = "";
-+ char *userinbox = NULL;
- int r = 0;
-
- if ((!user && !mailbox) ||
-@@ -545,6 +592,28 @@
- */
- r = append_check(namebuf, MAILBOX_FORMAT_NORMAL, authstate,
- !user ? ACL_POST : 0, quotacheck > 0 ? 0 : quotacheck);
-+ if (r == IMAP_MAILBOX_NONEXISTENT && user) {
-+ if(domain) {
-+ int k;
-+ userinbox = (char *)xmalloc((strlen(user)+strlen(domain)+2)*sizeof(char));
-+ k = strlcpy(userinbox, user, strlen(user)+1);
-+ *(userinbox + k) = '@';
-+ strlcpy(userinbox+k+1, domain, strlen(domain)+1);
-+ }
-+ else userinbox = user;
-+ /*
-+ * Try to create automatically the mailbox, if
-+ * autocreate inbox option is enabled.
-+ */
-+ r = autocreate_inbox(userinbox);
-+
-+ if(userinbox != user)
-+ free(userinbox);
-+ if (!r)
-+ r = append_check(namebuf, MAILBOX_FORMAT_NORMAL, authstate,
-+ 0, quotacheck > 0 ? 0 : quotacheck);
-+ }
-+
- }
-
- if (r) syslog(LOG_DEBUG, "verify_user(%s) failed: %s", namebuf,
-diff -Naur cyrus-imapd-2.2.12/imap/mboxlist.c cyrus-imapd-2.2.12.autocreate2/imap/mboxlist.c
---- cyrus-imapd-2.2.12/imap/mboxlist.c 2004-07-26 21:08:03.000000000 +0300
-+++ cyrus-imapd-2.2.12.autocreate2/imap/mboxlist.c 2005-10-19 14:49:25.972032000 +0300
-@@ -81,6 +81,12 @@
- #include "mboxlist.h"
- #include "quota.h"
-
-+#ifdef USE_SIEVE
-+extern int autoadd_sieve(char *userid,
-+ const char *source_script);
-+#endif
-+
-+
- #define DB config_mboxlist_db
- #define SUBDB config_subscription_db
-
-@@ -98,11 +104,29 @@
- static int mboxlist_changequota(const char *name, int matchlen, int maycreate,
- void *rock);
-
-+static int mboxlist_autochangesub(char *name, int matchlen, int maycreate,
-+ void *rock);
-+
-+static int mboxlist_autosubscribe_sharedfolders(struct namespace *namespace,
-+ char *userid, char *auth_userid,
-+ struct auth_state *auth_state);
-+
- struct change_rock {
- struct quota *quota;
- struct txn **tid;
- };
-
-+/*
-+ * Struct needed to be passed as void *rock to
-+ * mboxlist_autochangesub();
-+ */
-+struct changesub_rock_st {
-+ char *userid;
-+ char *auth_userid;
-+ struct auth_state *auth_state;
-+};
-+
-+
- #define FNAME_SUBSSUFFIX ".sub"
-
- /*
-@@ -3124,3 +3148,338 @@
-
- return DB->abort(mbdb, tid);
- }
-+
-+/*
-+ * Automatically subscribe user to *ALL* shared folders,
-+ * one has permissions to be subscribed to.
-+ * INBOX subfolders are excluded.
-+ */
-+static int mboxlist_autochangesub(char *name, int matchlen, int maycreate,
-+ void *rock) {
-+
-+ struct changesub_rock_st *changesub_rock = (struct changesub_rock_st *) rock;
-+ char *userid = changesub_rock->userid;
-+ char *auth_userid = changesub_rock->auth_userid;
-+ struct auth_state *auth_state = changesub_rock->auth_state;
-+ int r;
-+
-+
-+ if((strlen(name) == 5 && !strncmp(name, "INBOX", 5)) || /* Exclude INBOX */
-+ (strlen(name) > 5 && !strncmp(name, "INBOX.",6)) || /* Exclude INBOX subfolders */
-+ (strlen(name) > 4 && !strncmp(name, "user.", 5))) /* Exclude other users' folders */
-+ return 0;
-+
-+
-+ r = mboxlist_changesub(name, userid, auth_state, 1, 0);
-+
-+ if (r) {
-+ syslog(LOG_WARNING,
-+ "autosubscribe: User %s to folder %s, subscription failed: %s",
-+ auth_userid, name, error_message(r));
-+ } else {
-+ syslog(LOG_NOTICE,
-+ "autosubscribe: User %s to folder %s, subscription succeeded",
-+ auth_userid, name);
-+ }
-+
-+ return 0;
-+}
-+
-+#define SEP '|'
-+
-+/*
-+ * Automatically subscribe user to a shared folder.
-+ * Subscription is done successfully, if the shared
-+ * folder exists and the user has the necessary
-+ * permissions.
-+ */
-+static int mboxlist_autosubscribe_sharedfolders(struct namespace *namespace,
-+ char *userid, char *auth_userid,
-+ struct auth_state *auth_state) {
-+
-+ const char *sub ;
-+ char *p, *q, *next_sub;
-+ char folder[MAX_MAILBOX_NAME+1], name[MAX_MAILBOX_NAME+1], mailboxname[MAX_MAILBOX_NAME+1];
-+ int len;
-+ int r = 0;
-+ int subscribe_all_sharedfolders = 0;
-+
-+ subscribe_all_sharedfolders = config_getswitch(IMAPOPT_AUTOSUBSCRIBE_ALL_SHAREDFOLDERS);
-+
-+ /*
-+ * If subscribeallsharedfolders is set to yes in imapd.conf, then
-+ * subscribe user to every shared folder one has the apropriate
-+ * permissions.
-+ */
-+ if(subscribe_all_sharedfolders) {
-+ char pattern[MAX_MAILBOX_PATH+1];
-+ struct changesub_rock_st changesub_rock;
-+
-+ strcpy(pattern, "*");
-+ changesub_rock.userid = userid;
-+ changesub_rock.auth_userid = auth_userid;
-+ changesub_rock.auth_state = auth_state;
-+
-+ r = mboxlist_findall(namespace, pattern, 0, userid,
-+ auth_state, mboxlist_autochangesub, &changesub_rock);
-+
-+ return r;
-+ }
-+
-+ if ((sub=config_getstring(IMAPOPT_AUTOSUBSCRIBESHAREDFOLDERS)) == NULL)
-+ return r;
-+
-+ next_sub = (char *) sub;
-+ while (*next_sub) {
-+ for (p = next_sub ; isspace((int) *p) || *p == SEP ; p++);
-+ for (next_sub = p ; *next_sub && *next_sub != SEP ; next_sub++);
-+ for (q = next_sub ; q > p && (isspace((int) *q) || *q == SEP || !*q) ; q--);
-+ if (!*p ) continue;
-+
-+ len = q - p + 1;
-+ /* Check for folder length */
-+ if (len > sizeof(folder)-1)
-+ continue;
-+
-+ if (!r) {
-+ strncpy(folder, p, len);
-+ folder[len] = '\0';
-+
-+ strlcpy(name, namespace->prefix[NAMESPACE_SHARED], sizeof(name));
-+ len = strlcat(name, folder, sizeof(name));
-+
-+ r = (namespace->mboxname_tointernal) (namespace, name, userid,
-+ mailboxname);
-+ }
-+
-+ if (!r)
-+ r = mboxlist_changesub(mailboxname, userid, auth_state, 1, 0);
-+
-+ if (!r) {
-+ syslog(LOG_NOTICE, "autosubscribe: User %s to %s succeeded",
-+ userid, folder);
-+ } else {
-+ syslog(LOG_WARNING, "autosubscribe: User %s to %s failed: %s",
-+ userid, folder, error_message(r));
-+ r = 0;
-+ }
-+ }
-+
-+ return r;
-+}
-+
-+
-+
-+int mboxlist_autocreateinbox(struct namespace *namespace,
-+ char *userid,
-+ struct auth_state *auth_state,
-+ char *mailboxname, int autocreatequota) {
-+ char name [MAX_MAILBOX_NAME+1];
-+ char folder [MAX_MAILBOX_NAME+1];
-+ char *auth_userid = NULL;
-+ char *partition = NULL;
-+ const char *crt;
-+ const char *sub;
-+ char *p, *q, *next_crt, *next_sub;
-+ int len;
-+ int r = 0;
-+ int numcrt = 0;
-+ int numsub = 0;
-+#ifdef USE_SIEVE
-+ const char *source_script;
-+#endif
-+
-+ /*
-+ * While this is not needed for admins
-+ * and imap_admins accounts, it would be
-+ * better to separate *all* admins and
-+ * proxyservers from normal accounts
-+ * (accounts that have mailboxes).
-+ * UOA Specific note(1): Even if we do not
-+ * exclude these servers-classes here,
-+ * UOA specific code, will neither return
-+ * role, nor create INBOX, because none of these
-+ * administrative accounts belong to the
-+ * mailRecipient objectclass, or have imapPartition.
-+ * UOA Specific note(2): Another good reason for doing
-+ * this, is to prevent the code, from getting into
-+ * cyrus_ldap.c because of the continues MSA logins to LMTPd.
-+ */
-+
-+ /*
-+ * admins and the coresponding imap
-+ * service, had already been excluded.
-+ */
-+
-+ /*
-+ * Do we really need group membership
-+ * for admins or service_admins?
-+ */
-+ if (global_authisa(auth_state, IMAPOPT_ADMINS)) return 0;
-+ if (global_authisa(auth_state, IMAPOPT_ADMINS)) return 0;
-+
-+ /*
-+ * Do we really need group membership
-+ * for proxyservers?
-+ */
-+ if (global_authisa(auth_state, IMAPOPT_PROXYSERVERS)) return 0;
-+ if (global_authisa(auth_state, IMAPOPT_PROXYSERVERS)) return 0;
-+
-+ auth_userid = auth_canonuser(auth_state);
-+
-+ if (auth_userid == NULL) {
-+ /*
-+ * Couldn't get cannon userid
-+ */
-+ syslog(LOG_ERR,
-+ "Could not get cannon userid for user %s", userid);
-+ return IMAP_PARTITION_UNKNOWN;
-+ }
-+
-+#if 0
-+ /*
-+ * Get Partition info or return.
-+ * (Here you should propably use
-+ * you own "get_partition(char *userid)"
-+ * function. Otherwise all new INBOXes will be
-+ * created into whatever partition has been declared
-+ * as default in your imapd.conf)
-+ */
-+
-+ partition = get_partition(userid);
-+
-+ if (partition == NULL) {
-+ /*
-+ * Couldn't get partition info
-+ */
-+ syslog(LOG_ERR,
-+ "Could not get imapPartition info for user %s", userid);
-+ return IMAP_PARTITION_UNKNOWN;
-+ }
-+#endif
-+
-+ r = mboxlist_createmailbox(mailboxname, MAILBOX_FORMAT_NORMAL, NULL,
-+ 1, userid, auth_state, 0, 0, 0);
-+
-+ if (!r && autocreatequota > 0)
-+ r = mboxlist_setquota(mailboxname, autocreatequota, 0);
-+
-+ if (!r)
-+ r = mboxlist_changesub(mailboxname, userid,
-+ auth_state, 1, 1);
-+
-+ if (!r) {
-+ syslog(LOG_NOTICE, "autocreateinbox: User %s, INBOX was successfully created in partition %s",
-+ auth_userid, partition == NULL ? "default" : partition);
-+ } else {
-+ syslog(LOG_ERR, "autocreateinbox: User %s, INBOX failed. %s",
-+ auth_userid, error_message(r));
-+ }
-+
-+
-+#if 0
-+ /* Allocated from get_partition, and not needed any more */
-+ free_partition(partition);
-+#endif
-+
-+ if (r) return r;
-+
-+
-+ /* INBOX's subfolders */
-+ if ((crt=config_getstring(IMAPOPT_AUTOCREATEINBOXFOLDERS)))
-+ sub=config_getstring(IMAPOPT_AUTOSUBSCRIBEINBOXFOLDERS);
-+
-+ /* Roll through crt */
-+ next_crt = (char *) crt;
-+ while (next_crt!=NULL && *next_crt) {
-+ for (p = next_crt ; isspace((int) *p) || *p == SEP ; p++);
-+ for (next_crt = p ; *next_crt && *next_crt != SEP ; next_crt++);
-+ for (q = next_crt ; q > p && (isspace((int) *q) || *q == SEP || !*q); q--);
-+
-+ if (!*p) continue;
-+
-+ len = q - p + 1;
-+
-+ /* First time we check for length */
-+ if (len > sizeof(folder) - 5)
-+ r = IMAP_MAILBOX_BADNAME;
-+
-+ if (!r) {
-+ strncpy(folder, p, len);
-+ folder[len] = '\0';
-+
-+ strlcpy(name, namespace->prefix[NAMESPACE_INBOX], sizeof(name));
-+ len = strlcat(name, folder, sizeof(name));
-+ }
-+
-+ if (!r)
-+ r = (namespace->mboxname_tointernal) (namespace, name, userid,
-+ mailboxname);
-+ if (!r)
-+ r = mboxlist_createmailbox(mailboxname, MAILBOX_FORMAT_NORMAL, NULL,
-+ 1, userid, auth_state, 0, 0, 0);
-+
-+ if (!r) {
-+ numcrt++;
-+ syslog(LOG_NOTICE, "autocreateinbox: User %s, subfolder %s creation succeeded.",
-+ auth_userid, name);
-+ } else {
-+ syslog(LOG_WARNING, "autocreateinbox: User %s, subfolder %s creation failed. %s",
-+ auth_userid, name, error_message(r));
-+ r=0;
-+ continue;
-+ }
-+
-+ /* Roll through sub */
-+ next_sub = (char *) sub;
-+ while (next_sub!=NULL && *next_sub) {
-+ for (p = next_sub ; isspace((int) *p) || *p == SEP ; p++);
-+ for (next_sub = p ; *next_sub && *next_sub != SEP ; next_sub++);
-+ for (q = next_sub ; q > p && (isspace((int) *q) || *q == SEP || !*q) ; q--);
-+ if (!*p ) continue;
-+
-+ len = q - p + 1;
-+
-+ if (len != strlen(folder) || strncmp(folder, p, len))
-+ continue;
-+
-+ r = mboxlist_changesub(mailboxname, userid, auth_state, 1, 1);
-+
-+ if (!r) {
-+ numsub++;
-+ syslog(LOG_NOTICE,"autocreateinbox: User %s, subscription to %s succeeded",
-+ auth_userid, name);
-+ } else
-+ syslog(LOG_WARNING, "autocreateinbox: User %s, subscription to %s failed. %s",
-+ auth_userid, name, error_message(r));
-+
-+ break;
-+ }
-+ }
-+
-+ if (crt!=NULL && *crt)
-+ syslog(LOG_INFO, "User %s, Inbox subfolders, created %d, subscribed %d",
-+ auth_userid, numcrt, numsub);
-+
-+ /*
-+ * Check if shared folders are available for subscription.
-+ */
-+ mboxlist_autosubscribe_sharedfolders(namespace, userid, auth_userid, auth_state);
-+
-+#ifdef USE_SIEVE
-+ /*
-+ * Here the autocreate sieve script feature is iniated from.
-+ */
-+ source_script = config_getstring(IMAPOPT_AUTOCREATE_SIEVE_SCRIPT);
-+
-+ if (source_script) {
-+ if (!autoadd_sieve(userid, source_script))
-+ syslog(LOG_NOTICE, "autocreate_sieve: User %s, default sieve script creation succeeded", auth_userid);
-+ else
-+ syslog(LOG_WARNING, "autocreate_sieve: User %s, default sieve script creation failed", auth_userid);
-+ }
-+#endif
-+
-+ return r;
-+}
-+
-diff -Naur cyrus-imapd-2.2.12/imap/mboxlist.h cyrus-imapd-2.2.12.autocreate2/imap/mboxlist.h
---- cyrus-imapd-2.2.12/imap/mboxlist.h 2004-03-17 20:07:49.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/imap/mboxlist.h 2005-10-19 14:48:58.027033000 +0300
-@@ -197,4 +197,10 @@
- int mboxlist_commit(struct txn *tid);
- int mboxlist_abort(struct txn *tid);
-
-+int mboxlist_autocreateinbox(struct namespace *namespace,
-+ char *userid,
-+ struct auth_state *auth_state,
-+ char *mailboxname, int autocreatequota);
-+
-+
- #endif
-diff -Naur cyrus-imapd-2.2.12/imap/pop3d.c cyrus-imapd-2.2.12.autocreate2/imap/pop3d.c
---- cyrus-imapd-2.2.12/imap/pop3d.c 2005-01-04 17:06:13.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/imap/pop3d.c 2005-10-19 14:48:58.033335000 +0300
-@@ -152,6 +152,8 @@
- static char popd_apop_chal[45 + MAXHOSTNAMELEN + 1]; /* <rand.time@hostname> */
- static void cmd_apop(char *response);
-
-+static int autocreate_inbox(char *inboxname, char *userid);
-+
- static void cmd_auth(char *arg);
- static void cmd_capa(void);
- static void cmd_pass(char *pass);
-@@ -1084,6 +1086,7 @@
- popd_userid = xstrdup(p);
- prot_printf(popd_out, "+OK Name is a valid mailbox\r\n");
- }
-+
- }
-
- void cmd_pass(char *pass)
-@@ -1328,6 +1331,46 @@
- }
-
- /*
-+ * Autocreate Inbox and subfolders upon login
-+ */
-+int autocreate_inbox(char *inboxname, char *auth_userid)
-+{
-+ struct auth_state *authstate;
-+ int userisadmin;
-+ int autocreatequota;
-+ int r;
-+
-+ if(inboxname == NULL || auth_userid == NULL)
-+ return IMAP_MAILBOX_NONEXISTENT;
-+
-+ /*
-+ * Exclude anonymous
-+ */
-+ if (!strcmp(popd_userid, "anonymous"))
-+ return IMAP_MAILBOX_NONEXISTENT;
-+
-+ /*
-+ * Check for autocreatequota
-+ */
-+ if (!(autocreatequota = config_getint(IMAPOPT_AUTOCREATEQUOTA)))
-+ return IMAP_MAILBOX_NONEXISTENT;
-+
-+ /*
-+ * Exclude admin's accounts
-+ */
-+
-+ authstate = auth_newstate(popd_userid);
-+ userisadmin = global_authisa(authstate, IMAPOPT_ADMINS);
-+ if (userisadmin)
-+ return IMAP_MAILBOX_NONEXISTENT;
-+
-+ r = mboxlist_autocreateinbox(&popd_namespace, auth_userid,
-+ authstate, inboxname, autocreatequota);
-+ return r;
-+}
-+
-+
-+/*
- * Complete the login process by opening and locking the user's inbox
- */
- int openinbox(void)
-@@ -1349,6 +1392,10 @@
- userid, inboxname);
-
- if (!r) r = mboxlist_detail(inboxname, &type, NULL, &server, &acl, NULL);
-+ /* Try once again after autocreate_inbox */
-+ if (r == IMAP_MAILBOX_NONEXISTENT && !(r = autocreate_inbox(inboxname, userid)))
-+ r = mboxlist_detail(inboxname, &type, NULL, &server, &acl, NULL);
-+
- if (!r && (config_popuseacl = config_getswitch(IMAPOPT_POPUSEACL)) &&
- (!acl ||
- !((myrights = cyrus_acl_myrights(popd_authstate, acl)) & ACL_READ))) {
-diff -Naur cyrus-imapd-2.2.12/lib/auth.h cyrus-imapd-2.2.12.autocreate2/lib/auth.h
---- cyrus-imapd-2.2.12/lib/auth.h 2003-10-22 21:50:12.000000000 +0300
-+++ cyrus-imapd-2.2.12.autocreate2/lib/auth.h 2005-10-19 14:48:58.035324000 +0300
-@@ -60,4 +60,6 @@
- extern struct auth_state *auth_newstate(const char *identifier);
- extern void auth_freestate(struct auth_state *auth_state);
-
-+extern char *auth_canonuser(struct auth_state *auth_state);
-+
- #endif /* INCLUDED_AUTH_H */
-diff -Naur cyrus-imapd-2.2.12/lib/auth_krb.c cyrus-imapd-2.2.12.autocreate2/lib/auth_krb.c
---- cyrus-imapd-2.2.12/lib/auth_krb.c 2003-11-11 05:26:00.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/lib/auth_krb.c 2005-10-19 14:48:58.038180000 +0300
-@@ -338,3 +338,11 @@
- free((char *)auth_state);
- }
-
-+char *
-+auth_canonuser(struct auth_state *auth_state)
-+{
-+ if (auth_state)
-+ return auth_state->userid;
-+ return NULL;
-+}
-+
-diff -Naur cyrus-imapd-2.2.12/lib/auth_krb5.c cyrus-imapd-2.2.12.autocreate2/lib/auth_krb5.c
---- cyrus-imapd-2.2.12/lib/auth_krb5.c 2004-01-16 17:28:58.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/lib/auth_krb5.c 2005-10-19 14:48:58.040108000 +0300
-@@ -193,4 +193,11 @@
- free(auth_state);
- }
-
-+char *
-+auth_canonuser(struct auth_state *auth_state)
-+{
-+ if (auth_state)
-+ return auth_state->userid;
-+ return NULL;
-+}
-
-diff -Naur cyrus-imapd-2.2.12/lib/auth_pts.c cyrus-imapd-2.2.12.autocreate2/lib/auth_pts.c
---- cyrus-imapd-2.2.12/lib/auth_pts.c 2004-02-25 01:11:37.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/lib/auth_pts.c 2005-10-19 14:48:58.042343000 +0300
-@@ -349,3 +349,11 @@
- {
- free(auth_state);
- }
-+
-+char *auth_canonuser(struct auth_state *auth_state)
-+{
-+ if (auth_state)
-+ return auth_state->userid.id;
-+ return NULL;
-+}
-+
-diff -Naur cyrus-imapd-2.2.12/lib/auth_unix.c cyrus-imapd-2.2.12.autocreate2/lib/auth_unix.c
---- cyrus-imapd-2.2.12/lib/auth_unix.c 2004-09-14 01:49:29.000000000 +0300
-+++ cyrus-imapd-2.2.12.autocreate2/lib/auth_unix.c 2005-10-19 14:48:58.044431000 +0300
-@@ -267,4 +267,11 @@
- free((char *)auth_state);
- }
-
-+char *auth_canonuser(struct auth_state *auth_state)
-+{
-+ if (auth_state)
-+ return auth_state->userid;
-+
-+ return NULL;
-+}
-
-diff -Naur cyrus-imapd-2.2.12/lib/imapoptions cyrus-imapd-2.2.12.autocreate2/lib/imapoptions
---- cyrus-imapd-2.2.12/lib/imapoptions 2004-07-21 22:07:45.000000000 +0300
-+++ cyrus-imapd-2.2.12.autocreate2/lib/imapoptions 2005-10-19 14:48:58.048748000 +0300
-@@ -169,6 +169,51 @@
- /* Number of seconds to wait before returning a timeout failure when
- performing a client connection (e.g. in a murder enviornment) */
-
-+{ "createonpost", 0, SWITCH }
-+/* If yes, when lmtpd receives an incoming mail for an INBOX that does not exist,
-+ then the INBOX is automatically created by lmtpd. */
-+
-+{ "autocreateinboxfolders", NULL, STRING }
-+/* If a user does not have an INBOX created then the INBOX as well as some INBOX subfolders are
-+ created under two conditions.
-+ 1. The user logins via the IMAP or the POP3 protocol. (autocreatequota option must have a nonzero value)
-+ 2. A message arrives for the user through the LMTPD protocol.(createonpost option must yes)
-+ autocreateinboxfolders is a list of INBOX's subfolders separated by a "|", that are automatically created by the server
-+ under the previous two situations. */
-+
-+{ "autosubscribeinboxfolders", NULL, STRING }
-+/* A list of folder names, separated by "|" that the users get automatically subscribed to, when their INBOX
-+ is created.
-+ These folder names must have been included in the autocreateinboxfolders option of the imapd.conf. */
-+
-+{ "autosubscribesharedfolders", NULL, STRING }
-+/* A list of shared folders (bulletin boards), separated by "|" that the users get
-+ automatically subscribed to, after their INBOX
-+ is created. The shared folder must have been created and the user must have the
-+ required permissions to get subscribed to the it. Otherwise the subscription fails. */
-+
-+{ "autosubscribe_all_sharedfolders", 0, SWITCH }
-+/* If set to yes then the user is automatically subscribed to all shared folders, one has permission
-+ to subscribe to. */
-+
-+{ "autocreate_sieve_script", NULL, STRING }
-+/* The full path of a file that contains a sieve script. This script automatically becomes a
-+ user's initial default sieve filter script. When this option is not defined, no default
-+ sieve filter is created. The file must be readable by the cyrus daemon. */
-+
-+{ "autocreate_sieve_compiledscript", NULL, STRING }
-+/* The full path of a file that contains a compiled in bytecode sieve script. This script
-+ automatically becomes a user's initial default sieve filter script.
-+ If this option is not specified, or the filename doesn't exist then the script defined
-+ by autocreate_sieve_script is compiled on the fly and installed as the user's default
-+ sieve script */
-+
-+{ "generate_compiled_sieve_script", 0, SWITCH }
-+/* If set to yes and no compiled sieve script file exists then the sieve script that is
-+ compiled on the fly will be saved in the file name that autocreate_sieve_compiledscript
-+ option points. In order a compiled script to be generated, autocreate_sieve_script and
-+ autocreate_sieve_compiledscript must have valid values */
-+
- { "configdirectory", NULL, STRING }
- /* The pathname of the IMAP configuration directory. This field is
- required. */
-diff -Naur cyrus-imapd-2.2.12/notifyd/Makefile.in cyrus-imapd-2.2.12.autocreate2/notifyd/Makefile.in
---- cyrus-imapd-2.2.12/notifyd/Makefile.in 2004-05-28 21:03:06.000000000 +0300
-+++ cyrus-imapd-2.2.12.autocreate2/notifyd/Makefile.in 2005-10-19 14:48:58.050575000 +0300
-@@ -69,10 +69,11 @@
- SERVICE=../master/service.o
-
- IMAP_LIBS = @IMAP_LIBS@ @LIB_RT@
-+SIEVE_LIBS = @SIEVE_LIBS@
- IMAP_COM_ERR_LIBS = @IMAP_COM_ERR_LIBS@
- LIB_WRAP = @LIB_WRAP@
- LIBS = @ZEPHYR_LIBS@ @LIBS@ $(IMAP_COM_ERR_LIBS)
--DEPLIBS=../imap/mutex_fake.o ../imap/libimap.a ../lib/libcyrus.a ../lib/libcyrus_min.a @DEPLIBS@
-+DEPLIBS=../imap/mutex_fake.o ../imap/libimap.a $(SIEVE_LIBS) ../lib/libcyrus.a ../lib/libcyrus_min.a @DEPLIBS@
-
- PURIFY=/usr/local/bin/purify
- PUREOPT=-best-effort
-diff -Naur cyrus-imapd-2.2.12/notifyd/notifyd.c cyrus-imapd-2.2.12.autocreate2/notifyd/notifyd.c
---- cyrus-imapd-2.2.12/notifyd/notifyd.c 2004-12-17 18:32:25.000000000 +0200
-+++ cyrus-imapd-2.2.12.autocreate2/notifyd/notifyd.c 2005-10-19 14:48:58.052220000 +0300
-@@ -97,7 +97,7 @@
-
- #define NOTIFY_MAXSIZE 8192
-
--int do_notify()
-+static int do_notify()
- {
- struct sockaddr_un sun_data;
- socklen_t sunlen = sizeof(sun_data);
-diff -Naur cyrus-imapd-2.2.12/ptclient/Makefile.in cyrus-imapd-2.2.12.autocreate2/ptclient/Makefile.in
---- cyrus-imapd-2.2.12/ptclient/Makefile.in 2004-05-28 21:03:08.000000000 +0300
-+++ cyrus-imapd-2.2.12.autocreate2/ptclient/Makefile.in 2005-10-19 14:48:58.053762000 +0300
-@@ -57,10 +57,11 @@
- AFS_LDFLAGS = @AFS_LDFLAGS@ @COM_ERR_LDFLAGS@
- AFS_LIBS = @AFS_LIBS@
- IMAP_LIBS = @IMAP_LIBS@ @LIB_RT@
-+SIEVE_LIBS = @SIEVE_LIBS@
- LIBS = $(IMAP_LIBS) @COM_ERR_LIBS@
- LIB_SASL = @LIB_SASL@
- LIB_WRAP = @LIB_WRAP@
--DEPLIBS = ../imap/libimap.a ../lib/libcyrus.a ../lib/libcyrus_min.a @DEPLIBS@
-+DEPLIBS = ../imap/libimap.a $(SIEVE_LIBS) ../lib/libcyrus.a ../lib/libcyrus_min.a @DEPLIBS@
- UTIL_LIBS = ../imap/mutex_fake.o ../imap/cli_fatal.o
-
- LDAP_LIBS=@LDAP_LIBS@
+++ /dev/null
---- tools/config2header 2005/04/13 08:56:16 1.1
-+++ tools/config2header 2005/04/13 08:57:48
-@@ -214,7 +214,6 @@
- print HFILE <<EOF
- IMAPOPT_LAST
- };
--extern struct imapopt_s imapopts[];
-
- enum enum_value {
- IMAP_ENUM_ZERO = 0,
-@@ -260,6 +259,9 @@
-
- print HFILE <<EOF
- };
-+
-+extern struct imapopt_s imapopts[];
-+
- #endif /* INCLUDED_IMAPOPTIONS_H */
- EOF
- ;
---- imap/fud.c 2005/04/13 09:19:05 1.1
-+++ imap/fud.c 2005/04/13 09:20:02
-@@ -202,6 +202,7 @@
- r = begin_handling();
-
- shut_down(r);
-+ return 0;
- }
-
- static void cyrus_timeout(int signo __attribute__((unused)))
---- imap/smmapd.c 2005/04/13 09:19:12 1.1
-+++ imap/smmapd.c 2005/04/13 09:19:50
-@@ -199,6 +199,7 @@
- r = begin_handling();
-
- shut_down(r);
-+ return 0;
- }
-
- int verify_user(const char *key, long quotacheck,
---- notifyd/notifyd.c 2005/04/13 09:19:23 1.1
-+++ notifyd/notifyd.c 2005/04/13 09:19:39
-@@ -266,4 +266,5 @@
- r = do_notify();
-
- shut_down(r);
-+ return 0;
- }
+++ /dev/null
---- gnump3d-3.0/bin/org/gnump3d2 2007-11-05 00:00:34.000000000 +0100\r
-+++ gnump3d-3.0/bin/gnump3d2 2007-11-07 15:23:21.000000000 +0100\r
-@@ -2805,7 +2805,7 @@\r
- }\r
- }\r
- \r
-- if ( $dir ne '/prefs/' ) {\r
-+ if ( ($dir ne '/prefs/')&&($dir ne '/tagbrowse/')&&($dir ne '/playlist/')&&($dir ne '/random/')&&($dir ne '/stats/') ) {\r
- #\r
- # Interpolate links - chopping out trailing '/' if necessary.\r
- #\r
+++ /dev/null
---- net/ipv4/netfilter/ip_conntrack_standalone.c~ 2006-12-12 01:50:40.000000000 +0000
-+++ net/ipv4/netfilter/ip_conntrack_standalone.c 2006-12-16 16:29:28.000000000 +0000
-@@ -804,7 +804,7 @@
-
- #ifdef CONFIG_PROC_FS
- ret = -ENOMEM;
-- proc = proc_net_fops_create("ip_conntrack", 0440, &ct_file_ops);
-+ proc = proc_net_fops_create("ip_conntrack", 0444, &ct_file_ops);
- if (!proc) goto cleanup_init;
-
- proc_exp = proc_net_fops_create("ip_conntrack_expect", 0440,
+++ /dev/null
-diff -ruN libcap-1.10.old/libcap/Makefile libcap-1.10/libcap/Makefile
---- libcap-1.10.old/libcap/Makefile 1999-04-18 00:16:31.000000000 +0200
-+++ libcap-1.10/libcap/Makefile 2004-01-14 10:47:20.000000000 +0100
-@@ -56,12 +56,12 @@
- # @sed -ne '/^#define[ \t]CAP[_A-Z]\+[ \t]\+[0-9]\+/{s/^#define CAP_\([^ \t]*\)[ \t]*\([^ \t]*\)/ \{ \2, \"\1\" \},/;y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/;p;}' < /usr/include/linux/capability.h | fgrep -v 0x > cap_names.sed
-
- $(MINLIBNAME): $(OBJS)
-- $(LD) -soname $(MAJLIBNAME) -x -shared -o $@ $(OBJS)
-+ $(CC) -Wl,-soname,$(MAJLIBNAME) -Wl,-x -shared -o $@ $(OBJS)
- ln -sf $(MINLIBNAME) $(MAJLIBNAME)
- ln -sf $(MAJLIBNAME) $(LIBNAME)
-
- %.o: %.c $(INCLS)
-- $(CC) $(CFLAGS) -c $< -o $@
-+ $(CC) $(CFLAGS) -fpic -c $< -o $@
-
- install: all
- mkdir -p -m 0755 $(INCDIR)/sys
+++ /dev/null
---- libcap-1.10.old/libcap/cap_sys.c 2003-08-24 19:03:35.524759616 -0700
-+++ libcap-1.10/libcap/cap_sys.c 2003-08-24 19:03:48.406801248 -0700
-@@ -10,7 +10,7 @@
- #include "libcap.h"
- #define __LIBRARY__
- #include <linux/unistd.h>
--
-+/*
- _syscall2(int, capget,
- cap_user_header_t, header,
- cap_user_data_t, data)
-@@ -18,7 +18,7 @@
- _syscall2(int, capset,
- cap_user_header_t, header,
- const cap_user_data_t, data)
--
-+*/
- /*
- * $Log: libcap-1.10-syscall.patch,v $
- * Revision 1.1 2004/01/14 13:11:39 riddles
- * Build shared libcap
- *
- * Revision 1.2 2003/08/29 06:28:38 cretin
- * Only add -fPIC for libcap.so objects
- *
- * Revision 1.1 2003/08/27 06:10:53 cretin
- * Added -fPIC for prelink to work, and fixed compile error
- *
- * Revision 1.1.1.1 1999/04/17 22:16:31 morgan
---- libcap-1.10.old/Make.Rules Mon May 21 16:22:08 2001
-+++ libcap-1.10/Make.Rules Mon May 21 16:22:32 2001
-@@ -44,10 +44,10 @@
- CC=gcc
- COPTFLAGS=-O2
- DEBUG=-g #-DDEBUG
--WARNINGS=-ansi -D_POSIX_SOURCE -Wall -Wwrite-strings \
-+WARNINGS=-D_POSIX_SOURCE -Wall -Wwrite-strings \
- -Wpointer-arith -Wcast-qual -Wcast-align \
- -Wtraditional -Wstrict-prototypes -Wmissing-prototypes \
-- -Wnested-externs -Winline -Wshadow -pedantic
-+ -Wnested-externs -Winline -Wshadow
- LD=ld
- LDFLAGS=-s #-g
+++ /dev/null
---- libsafe-2.0-16-orig/src/intercept.c 2003-03-15 16:02:12.000000000 +0100
-+++ libsafe-2.0-16/src/intercept.c 2003-03-15 16:12:22.000000000 +0100
-@@ -165,7 +165,8 @@
- */
- char *strcpy(char *dest, const char *src)
- {
-- size_t max_size, len;
-+ uint max_size;
-+ size_t len;
-
- if (!real_memcpy)
- real_memcpy = (memcpy_t) getLibraryFunction("memcpy");
-@@ -196,7 +197,8 @@
-
- char *strncpy(char *dest, const char *src, size_t n)
- {
-- size_t max_size, len;
-+ uint max_size;
-+ size_t len;
-
- if (!real_strncpy)
- real_strncpy = (strncpy_t) getLibraryFunction("strncpy");
-@@ -219,7 +221,8 @@
-
- char *stpcpy(char *dest, const char *src)
- {
-- size_t max_size, len;
-+ uint max_size;
-+ size_t len;
-
- if (!real_memcpy)
- real_memcpy = (memcpy_t) getLibraryFunction("memcpy");
-@@ -251,7 +254,8 @@
- #ifndef MISSING_WCSNLEN
- wchar_t *wcscpy(wchar_t *dest, const wchar_t *src)
- {
-- size_t max_bytes, max_wchars, len;
-+ size_t max_wchars, len;
-+ uint max_bytes;
-
- if (!real_wcscpy)
- real_wcscpy = (wcscpy_t) getLibraryFunction("wcscpy");
-@@ -291,7 +295,8 @@
-
- wchar_t *wcpcpy(wchar_t *dest, const wchar_t *src)
- {
-- size_t max_bytes, max_wchars, len;
-+ size_t max_wchars, len;
-+ uint max_bytes;
-
- if (!real_wcpcpy)
- real_wcpcpy = (wcpcpy_t) getLibraryFunction("wcpcpy");
-@@ -333,9 +338,15 @@
- /*
- * This is needed! See the strcpy() for the reason. -ab.
- */
--void *memcpy(void *dest, const void *src, size_t n)
-+void *memcpy(void *dest, const void *src, size_t hack)
- {
-- size_t max_size;
-+ /*
-+ * a size_t IS an unsigned long everywhere, though it sometimes
-+ * doesn't state so, making printf misinterpret it.
-+ */
-+ unsigned long n = hack;
-+ uint max_size;
-+
-
- if (!real_memcpy)
- real_memcpy = (memcpy_t) getLibraryFunction("memcpy");
-@@ -344,11 +355,11 @@
- return real_memcpy(dest, src, n);
-
- if ((max_size = _libsafe_stackVariableP(dest)) == 0) {
-- LOG(5, "memcpy(<heap var> , <src>, %d)\n", n);
-+ LOG(5, "memcpy(<heap var> , <src>, %ld)\n", n);
- return real_memcpy(dest, src, n);
- }
-
-- LOG(4, "memcpy(<stack var> , <src>, %d) stack limit=%d)\n", n, max_size);
-+ LOG(4, "memcpy(<stack var> , <src>, %ld) stack limit=%d)\n", n, max_size);
- if (n > max_size)
- _libsafe_die("Overflow caused by memcpy()");
- return real_memcpy(dest, src, n);
-@@ -357,7 +368,7 @@
-
- char *strcat(char *dest, const char *src)
- {
-- size_t max_size;
-+ uint max_size;
- uint dest_len, src_len;
-
- if (!real_memcpy)
-@@ -388,7 +399,7 @@
-
- char *strncat(char *dest, const char *src, size_t n)
- {
-- size_t max_size;
-+ uint max_size;
- uint dest_len, src_len;
-
- if (!real_strncat)
-@@ -1008,12 +1019,31 @@
- if (is_printf_convspec[(int)*p]) {
- caddr_t addr;
- c++;
-+#if 0
-+ /*
-+ * cannot add va_list (ap here) with a number on alpha.
-+ * this is faster than the other method, and might be
-+ * a good idea to enable this on !alpha arch.
-+ */
- if (pnum) {
- addr = *((caddr_t*)(ap + (atoi(pnum)-1)*sizeof(char*)));
- }
- else {
- addr = *((caddr_t*)(ap + c*sizeof(char*)));
- }
-+#else
-+ {
-+ va_list apc;
-+ uint nb = c + 1;
-+
-+ va_copy(apc, ap);
-+ if (pnum)
-+ nb = atoi(pnum);
-+ addr = NULL;
-+ while (nb--)
-+ addr = va_arg(apc, caddr_t);
-+ }
-+#endif
- if (*p == 'n') {
- if (_libsafe_raVariableP((void *)(addr))) {
- _libsafe_die("printf(\"%%n\")");
-@@ -1172,12 +1202,32 @@
- if (is_printf_convspec[(int)*p]) {
- caddr_t addr;
- c++;
-+#if 0
-+ /*
-+ * cannot add va_list (ap here) with a number on alpha.
-+ * this is faster than the other method, and might be
-+ * a good idea to enable this on !alpha arch.
-+ */
-+
- if (pnum) {
- addr = *((caddr_t*)(ap + (atoi(pnum)-1)*sizeof(char*)));
- }
- else {
- addr = *((caddr_t*)(ap + c*sizeof(char*)));
- }
-+#else
-+ {
-+ va_list apc;
-+ uint nb = c + 1;
-+
-+ va_copy(apc, ap);
-+ if (pnum)
-+ nb = atoi(pnum);
-+ addr = NULL;
-+ while (nb--)
-+ addr = va_arg(apc, caddr_t);
-+ }
-+#endif
- if (*p == 'n') {
- if (_libsafe_raVariableP((void *)(addr))) {
- _libsafe_die("printf(\"%%n\")");
-@@ -1194,7 +1244,7 @@
-
- int sprintf(char *str, const char *format, ...)
- {
-- size_t max_size;
-+ uint max_size;
- va_list ap;
- int res;
-
-@@ -1242,7 +1292,7 @@
-
- int snprintf(char *str, size_t size, const char *format, ...)
- {
-- size_t max_size;
-+ uint max_size;
- va_list ap;
- int res;
-
-@@ -1288,7 +1338,7 @@
-
- int vsprintf(char *str, const char *format, va_list ap)
- {
-- size_t max_size;
-+ uint max_size;
- int res;
-
- if (!real_vsprintf)
-@@ -1325,7 +1375,7 @@
-
- int vsnprintf(char *str, size_t size, const char *format, va_list ap)
- {
-- size_t max_size;
-+ uint max_size;
- int res;
-
- if (!real_vsnprintf)
-@@ -1360,7 +1410,7 @@
-
- char *getwd(char *buf)
- {
-- size_t max_size;
-+ uint max_size;
- char *res;
-
- if (!real_getwd)
-@@ -1384,7 +1434,8 @@
-
- char *gets(char *s)
- {
-- size_t max_size, len;
-+ uint max_size;
-+ size_t len;
-
- if (!real_gets)
- real_gets = (gets_t) getLibraryFunction("gets");
-@@ -1409,7 +1460,8 @@
-
- char *realpath(char *path, char resolved_path[])
- {
-- size_t max_size, len;
-+ uint max_size;
-+ size_t len;
- char *res;
- char buf[MAXPATHLEN + 1];
-
+++ /dev/null
-From: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>
-Subject: Bug#129345: patch to prevent a loop between libdl and libsafe causing libdl to crash
-To: 129345@bugs.debian.org
-Date: 01 Sep 2002 23:54:35 +0200
-Reply-To: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>,
- 129345@bugs.debian.org
-Resent-From: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>
-
-
--------
-[D. Coe edited this patch slightly -- moved an unrelated change into the
-Makefile itself [it changed the debugging comments only], and corrected a
-spelling error and reworded the comments. The original patch is in the
-bug tracking system, if you want to see it as submitted by Goswin.]
--------
--------
-D. Coe subsequently modified the patch further, because in some cases
-the initializations did not occur (e.g. when IO_vfscanf or memcpy was
-called from ps or top (likely one of the libraries they use). maybe
-they do something that disables libsafe's library globals initialization?
-
-
-In any case, I've adopted both strategise in this new patch; the addresses
-are preloaded as Goswin had coded, but they are also individually checked
-each time needed (as was the case before Goswin's patch), and are initialized
-at that point if necessary. Hopefully this will let ps and top work
-and also continue to work around the libdl problem.
--------
-
-Hi,
-
-if libsafe is invoked from inside libdl (or only inside dlerror()?)
-and a real_XXX function is not yet looked up it will reenter
-libdl. That causes memory corruption resulting in a read from 0x0 and
-thus segfault.
-
-The patch below makes libsafe cache all needed symbols once upon
-init. That not only causes less lookups than before but should prevent
-fatal loops. Failures of the initial lookups might not be reported
-correctly but terminate in some odd way if the functions needed to
-report are not yet looked up.
-
-MfG
- Goswin
-
-----------------------------------------------------------------------
-diff -Nurd libsafe-2.0-16/src/intercept.c libsafe-2.0-16-mrvn/src/intercept.c
---- libsafe-2.0-16/src/intercept.c 2002-05-31 19:37:34.000000000 +0200
-+++ libsafe-2.0-16-mrvn/src/intercept.c 2002-09-01 23:44:55.000000000 +0200
-@@ -128,14 +128,29 @@
- }
-
-
--/* Starting with version 2.0, we keep a single global copy of the pointer to
-- * the real memcpy() function. This allows us to call
-- * getLibraryFunction("memcpy") just once instead of multiple times, since
-- * memcpy() is needed in four different functions below.
-+/* Starting with Debian version 2.0-16-2, we keep a global copy of the pointer
-+ * to each real functions. Otherwise a getLibraryFunction might
-+ * be triggered from inside dlsym() and cause memory corruption reulting in a
-+ * segfault.
- */
--static memcpy_t real_memcpy = NULL;
--
--
-+static memcpy_t real_memcpy = NULL;
-+static _IO_vfscanf_t real_IO_vfscanf = NULL;
-+static vfprintf_t real_vfprintf = NULL;
-+static vsnprintf_t real_vsnprintf = NULL;
-+static vsprintf_t real_vsprintf = NULL;
-+static gets_t real_gets = NULL;
-+static getwd_t real_getwd = NULL;
-+static realpath_t real_realpath = NULL;
-+static stpcpy_t real_stpcpy = NULL;
-+static strcat_t real_strcat = NULL;
-+static strcpy_t real_strcpy = NULL;
-+static strncat_t real_strncat = NULL;
-+static strncpy_t real_strncpy = NULL;
-+static wcscpy_t real_wcscpy = NULL;
-+static wcpcpy_t real_wcpcpy = NULL;
-+#ifndef MISSING_WCSNLEN
-+static wcscat_t real_wcscat = NULL;
-+#endif
- /*
- * -------------- system library implementations -------------------
- * Here is the story: if a C source file includes <string.h> and is
-@@ -150,7 +165,6 @@
- */
- char *strcpy(char *dest, const char *src)
- {
-- static strcpy_t real_strcpy = NULL;
- size_t max_size, len;
-
- if (!real_memcpy)
-@@ -182,7 +196,6 @@
-
- char *strncpy(char *dest, const char *src, size_t n)
- {
-- static strncpy_t real_strncpy = NULL;
- size_t max_size, len;
-
- if (!real_strncpy)
-@@ -206,7 +219,6 @@
-
- char *stpcpy(char *dest, const char *src)
- {
-- static stpcpy_t real_stpcpy = NULL;
- size_t max_size, len;
-
- if (!real_memcpy)
-@@ -239,7 +251,6 @@
- #ifndef MISSING_WCSNLEN
- wchar_t *wcscpy(wchar_t *dest, const wchar_t *src)
- {
-- static wcscpy_t real_wcscpy = NULL;
- size_t max_bytes, max_wchars, len;
-
- if (!real_wcscpy)
-@@ -280,7 +291,6 @@
-
- wchar_t *wcpcpy(wchar_t *dest, const wchar_t *src)
- {
-- static wcpcpy_t real_wcpcpy = NULL;
- size_t max_bytes, max_wchars, len;
-
- if (!real_wcpcpy)
-@@ -347,7 +357,6 @@
-
- char *strcat(char *dest, const char *src)
- {
-- static strcat_t real_strcat = NULL;
- size_t max_size;
- uint dest_len, src_len;
-
-@@ -379,7 +388,6 @@
-
- char *strncat(char *dest, const char *src, size_t n)
- {
-- static strncat_t real_strncat = NULL;
- size_t max_size;
- uint dest_len, src_len;
-
-@@ -408,7 +416,6 @@
- #ifndef MISSING_WCSNLEN
- wchar_t *wcscat(wchar_t *dest, const wchar_t *src)
- {
-- static wcscat_t real_wcscat = NULL;
- size_t max_bytes;
- uint dest_len, src_len;
-
-@@ -861,7 +868,6 @@
- */
- int vfprintf(FILE *fp, const char *format, va_list ap)
- {
-- static vfprintf_t real_vfprintf = NULL;
- int res;
- char *p, *pnum;
- int c = -1; /* Next var arg to be used */
-@@ -1026,7 +1032,6 @@
- */
- int _IO_vfprintf(FILE *fp, const char *format, va_list ap)
- {
-- static vfprintf_t real_vfprintf = NULL;
- int res;
- char *p, *pnum;
- int c = -1; /* Next var arg to be used */
-@@ -1189,8 +1194,6 @@
-
- int sprintf(char *str, const char *format, ...)
- {
-- static vsprintf_t real_vsprintf = NULL;
-- static vsnprintf_t real_vsnprintf = NULL;
- size_t max_size;
- va_list ap;
- int res;
-@@ -1239,7 +1242,6 @@
-
- int snprintf(char *str, size_t size, const char *format, ...)
- {
-- static vsnprintf_t real_vsnprintf = NULL;
- size_t max_size;
- va_list ap;
- int res;
-@@ -1286,8 +1288,6 @@
-
- int vsprintf(char *str, const char *format, va_list ap)
- {
-- static vsprintf_t real_vsprintf = NULL;
-- static vsnprintf_t real_vsnprintf = NULL;
- size_t max_size;
- int res;
-
-@@ -1325,7 +1325,6 @@
-
- int vsnprintf(char *str, size_t size, const char *format, va_list ap)
- {
-- static vsnprintf_t real_vsnprintf = NULL;
- size_t max_size;
- int res;
-
-@@ -1361,7 +1360,6 @@
-
- char *getwd(char *buf)
- {
-- static getwd_t real_getwd = NULL;
- size_t max_size;
- char *res;
-
-@@ -1386,7 +1384,6 @@
-
- char *gets(char *s)
- {
-- static gets_t real_gets = NULL;
- size_t max_size, len;
-
- if (!real_gets)
-@@ -1412,7 +1409,6 @@
-
- char *realpath(char *path, char resolved_path[])
- {
-- static realpath_t real_realpath = NULL;
- size_t max_size, len;
- char *res;
- char buf[MAXPATHLEN + 1];
-@@ -1445,7 +1441,6 @@
-
- int _IO_vfscanf (_IO_FILE *s, const char *format, _IO_va_list argptr, int *errp)
- {
-- static _IO_vfscanf_t real_IO_vfscanf = NULL;
- int res, save_count;
- caddr_t ra_array[MAXLEVELS], fp_array[MAXLEVELS];
-
-@@ -1529,6 +1524,25 @@
-
- fclose(fp);
- }
-+
-+ real_memcpy = (memcpy_t) getLibraryFunction("memcpy");
-+ real_IO_vfscanf = (_IO_vfscanf_t) getLibraryFunction("_IO_vfscanf");
-+ real_vfprintf = (vfprintf_t) getLibraryFunction("vfprintf");
-+ real_vsnprintf = (vsnprintf_t) getLibraryFunction("vsnprintf");
-+ real_vsprintf = (vsprintf_t) getLibraryFunction("vsprintf");
-+ real_gets = (gets_t) getLibraryFunction("gets");
-+ real_getwd = (getwd_t) getLibraryFunction("getwd");
-+ real_realpath = (realpath_t) getLibraryFunction("realpath");
-+ real_stpcpy = (stpcpy_t) getLibraryFunction("stpcpy");
-+ real_strcat = (strcat_t) getLibraryFunction("strcat");
-+ real_strcpy = (strcpy_t) getLibraryFunction("strcpy");
-+ real_strncat = (strncat_t) getLibraryFunction("strncat");
-+ real_strncpy = (strncpy_t) getLibraryFunction("strncpy");
-+ real_wcscpy = (wcscpy_t) getLibraryFunction("wcscpy");
-+ real_wcpcpy = (wcpcpy_t) getLibraryFunction("wcpcpy");
-+#ifndef MISSING_WCSNLEN
-+ real_wcscat = (wcscat_t) getLibraryFunction("wcscat");
-+#endif
- }
-
-
+++ /dev/null
---- avm_fritz.c.old Tue Feb 13 11:43:45 2007
-+++ avm_fritz.c Wed Apr 11 15:26:32 2007
-@@ -781,6 +781,8 @@
- spin_lock_irqsave(inst->hwlock, flags);
- ret = modehdlc(bch, bch->channel,
- bch->inst.pid.protocol[1]);
-+ if (bch->inst.pid.protocol[2] == ISDN_PID_L2_B_TRANS)
-+ test_and_set_bit(FLG_L2DATA, &bch->Flags);
- spin_unlock_irqrestore(inst->hwlock, flags);
- }
- skb_trim(skb, 0);
+++ /dev/null
-Submitted By: David Jensen (djensen at linuxfromscratch dot org)
-Date: 2005-07-23
-Initial Package Version: 0.59r
-Origin: Debian
-Upstream Status: not maintained
-Description: Fixes buffer overflow vulnerablity (CAN-2004-0805)
-
-$LastChangedBy: djensen $
-$Date: 2005-07-26 21:17:28 -0600 (Tue, 26 Jul 2005) $
-
-diff -Naur mpg123-0.59r.orig/layer2.c mpg123-0.59r/layer2.c
---- mpg123-0.59r.orig/layer2.c 1999-02-10 06:13:06.000000000 -0600
-+++ mpg123-0.59r/layer2.c 2005-07-23 16:44:07.000000000 -0500
-@@ -265,6 +265,11 @@
- fr->jsbound = (fr->mode == MPG_MD_JOINT_STEREO) ?
- (fr->mode_ext<<2)+4 : fr->II_sblimit;
-
-+ if (fr->jsbound > fr->II_sblimit) {
-+ fprintf(stderr, "Truncating stereo boundary to sideband limit.\n");
-+ fr->jsbound=fr->II_sblimit;
-+ }
-+
- if(stereo == 1 || single == 3)
- single = 0;
-
+++ /dev/null
-Submitted By: Ken Moffat <ken@kenmoffat.uklinux.net>
-Date: 2005-08-08
-Initial Package Version: 0.98.39
-Upstream Status: From upstream cvs
-Origin: Extracted by Ken Moffat
-Description: This is Jindrich Novy's patch to fix another buffer overrun
-in nasm, CAN-2005-1194 (users who can be persuaded to assemble and run a
-malicious source file can have arbitrary code executed via a buffer
-overflow).
-
---- nasm-0.98.39/output/outieee.c.orig 2005-01-15 22:16:08.000000000 +0000
-+++ nasm-0.98.39/output/outieee.c 2005-08-08 22:12:46.000000000 +0100
-@@ -1120,7 +1120,7 @@
- va_list ap;
-
- va_start(ap, format);
-- vsprintf(buffer, format, ap);
-+ vsnprintf(buffer, sizeof(buffer), format, ap);
- l = strlen(buffer);
- for (i = 0; i < l; i++)
- if ((buffer[i] & 0xff) > 31)
+++ /dev/null
-# This is a BitKeeper generated diff -Nru style patch.
-#
-# ChangeSet
-# 2004/06/01 02:58:12+02:00 kaber@trash.net
-# [NETFILTER]: Change permissions of /proc/net/ip_conntrack to 0440
-#
-# net/ipv4/netfilter/ip_conntrack_standalone.c
-# 2004/06/01 02:58:02+02:00 kaber@trash.net +1 -1
-# [NETFILTER]: Change permissions of /proc/net/ip_conntrack to 0440
-#
-diff -Nru a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c
---- a/net/ipv4/netfilter/ip_conntrack_standalone.c 2004-06-02 03:23:39 +02:00
-+++ b/net/ipv4/netfilter/ip_conntrack_standalone.c 2004-06-02 03:23:39 +02:00
-@@ -502,7 +502,7 @@
- if (ret < 0)
- goto cleanup_nothing;
-
-- proc = proc_net_create("ip_conntrack",0,list_conntracks);
-+ proc = proc_net_create("ip_conntrack", 0440, list_conntracks);
- if (!proc) goto cleanup_init;
- proc->owner = THIS_MODULE;
-
+++ /dev/null
-diff -urN squidGuard-1.2.0_orig/configure.in squidGuard-1.2.0/configure.in
---- squidGuard-1.2.0_orig/configure.in 2001-12-18 10:16:36.000000000 +0000
-+++ squidGuard-1.2.0/configure.in 2006-06-10 12:29:26.000000000 +0000
-@@ -71,7 +71,12 @@
-
- dnl Checks for libraries.
-
--AC_CHECK_LIB(db,db_version,,[
-+AC_CHECK_LIB(db,db_version,,
-+AC_CHECK_LIB(db,db_version_4000,,
-+AC_CHECK_LIB(db,db_version_4001,,
-+AC_CHECK_LIB(db,db_version_4002,,
-+AC_CHECK_LIB(db,db_version_4003,,
-+AC_CHECK_LIB(db,db_version_4004,,[
- echo
- echo "** The Berkley DB library is required for squidGuard"
- echo " to compile. Get it from http://www.sleepycat.com"
-@@ -79,7 +84,7 @@
- echo " its location. (default is $dbprefix/BerkeleyDB)"
- echo
- exit 1
-- ])
-+ ]))))))
-
- dnl Checks for header files.
- AC_HEADER_STDC
-diff -urN squidGuard-1.2.0_orig/src/sgDb.c squidGuard-1.2.0/src/sgDb.c
---- squidGuard-1.2.0_orig/src/sgDb.c 2001-05-14 13:40:12.000000000 +0000
-+++ squidGuard-1.2.0/src/sgDb.c 2006-06-10 12:27:04.000000000 +0000
-@@ -98,13 +98,21 @@
- if(createdb)
- flag = flag | DB_TRUNCATE;
- if ((ret =
-+#if DB_VERSION_MINOR == 1 || DB_VERSION_MINOR == 2 || DB_VERSION_MINOR == 3 || DB_VERSION_MINOR == 4
-+ Db->dbp->open(Db->dbp, NULL, dbfile, NULL, DB_BTREE, flag, 0664)) != 0) {
-+#else
- Db->dbp->open(Db->dbp, dbfile, NULL, DB_BTREE, flag, 0664)) != 0) {
-+#endif
- (void) Db->dbp->close(Db->dbp, 0);
- sgLogFatalError("Error db_open: %s", strerror(ret));
- }
- } else {
- if ((ret =
-+#if DB_VERSION_MINOR == 1 || DB_VERSION_MINOR == 2 || DB_VERSION_MINOR == 3 || DB_VERSION_MINOR == 4
-+ Db->dbp->open(Db->dbp, NULL, dbfile, NULL, DB_BTREE, DB_CREATE, 0664)) != 0) {
-+#else
- Db->dbp->open(Db->dbp, dbfile, NULL, DB_BTREE, DB_CREATE, 0664)) != 0) {
-+#endif
- sgLogFatalError("Error db_open: %s", strerror(ret));
- }
- }
+++ /dev/null
-borrowed from fedora
-fix for CAN-2005-1267
-
---- tcpdump-3.8.2/print-bgp.c.old 2005-05-31 11:58:00.000000000 +0200
-+++ tcpdump-3.8.2/print-bgp.c 2005-05-31 12:01:01.000000000 +0200
-@@ -1706,9 +1706,10 @@
- while (dat + length > p) {
- char buf[MAXHOSTNAMELEN + 100];
- i = decode_prefix4(p, buf, sizeof(buf));
-- if (i == -1)
-+ if (i == -1) {
- printf("\n\t (illegal prefix length)");
-- else if (i == -2)
-+ break;
-+ } else if (i == -2)
- goto trunc;
- else {
- printf("\n\t %s", buf);
+++ /dev/null
-borrowed from fedora
-fix for CAN-2005-1279
-
---- tcpdump-3.8.2/print-bgp.c.old 2004-03-24 01:01:00.000000000 +0100
-+++ tcpdump-3.8.2/print-bgp.c 2005-04-28 12:47:12.000000000 +0200
-@@ -1089,7 +1089,7 @@
- printf(", no SNPA");
- }
-
-- while (len - (tptr - pptr) > 0) {
-+ while ((tptr - pptr) > 0 && len - (tptr - pptr) > 0) {
- switch (af) {
- case AFNUM_INET:
- switch (safi) {
+++ /dev/null
-borrowed from fedora
-fix for CAN-2005-1278
-
---- tcpdump-3.8.2/print-isoclns.c.old 2005-04-28 12:58:28.000000000 +0200
-+++ tcpdump-3.8.2/print-isoclns.c 2005-04-28 13:07:17.000000000 +0200
-@@ -1748,12 +1748,14 @@
- lan_alen = *tptr++; /* LAN adress length */
- tmp --;
- printf("\n\t LAN address length %u bytes ",lan_alen);
-- while (tmp >= lan_alen) {
-- if (!TTEST2(*tptr, lan_alen))
-- goto trunctlv;
-- printf("\n\t\tIS Neighbor: %s",isis_print_id(tptr,lan_alen));
-- tmp -= lan_alen;
-- tptr +=lan_alen;
-+ if(lan_alen >= SYSTEM_ID_LEN) {
-+ while (tmp >= lan_alen) {
-+ if (!TTEST2(*tptr, lan_alen))
-+ goto trunctlv;
-+ printf("\n\t\tIS Neighbor: %s",isis_print_id(tptr,lan_alen));
-+ tmp -= lan_alen;
-+ tptr +=lan_alen;
-+ }
- }
- break;
-
+++ /dev/null
-borrowed from fedora
-fix for CAN-2005-1279
-
---- tcpdump-3.8.2/print-ldp.c.t4 2003-11-16 10:36:27.000000000 +0100
-+++ tcpdump-3.8.2/print-ldp.c 2005-04-28 14:17:15.000000000 +0200
-@@ -327,7 +327,8 @@
- LDP_MASK_U_BIT(EXTRACT_16BITS(&ldp_msg_header->type)) ? "continue processing" : "ignore");
-
- msg_tptr=tptr+sizeof(struct ldp_msg_header);
-- msg_tlen=msg_len-sizeof(struct ldp_msg_header)+4; /* Type & Length fields not included */
-+ /* Type & Length fields not included */
-+ msg_tlen = (msg_len >= (sizeof(struct ldp_msg_header) + 4)) ? (msg_len - sizeof(struct ldp_msg_header) + 4) : 0;
-
- /* did we capture enough for fully decoding the message ? */
- if (!TTEST2(*tptr, msg_len))
-@@ -372,8 +373,12 @@
- print_unknown_data(tptr+sizeof(sizeof(struct ldp_msg_header)),"\n\t ",
- msg_len);
-
-- tptr+=msg_len;
-- tlen-=msg_len;
-+ if(!msg_len)
-+ break;
-+ else {
-+ tptr+=msg_len;
-+ tlen-=msg_len;
-+ }
- }
- return;
- trunc:
---- tcpdump-3.8.2/print-ascii.c.t4 2003-12-29 12:05:10.000000000 +0100
-+++ tcpdump-3.8.2/print-ascii.c 2005-04-28 14:05:42.000000000 +0200
-@@ -142,6 +142,9 @@
- register int nshorts;
-
- nshorts = (u_int) length / sizeof(u_short);
-+ if(!nshorts)
-+ return;
-+
- i = 0;
- while (--nshorts >= 0) {
- if ((i++ % 8) == 0) {
+++ /dev/null
-borrowed from fedora
-fix for CAN-2005-1280
-
---- tcpdump-3.8.2/print-rsvp.c.old 2004-03-24 05:00:38.000000000 +0100
-+++ tcpdump-3.8.2/print-rsvp.c 2005-04-27 17:09:34.000000000 +0200
-@@ -872,6 +872,8 @@
-
- case RSVP_OBJ_RRO:
- case RSVP_OBJ_ERO:
-+ {
-+ int step;
- switch(rsvp_obj_ctype) {
- case RSVP_CTYPE_IPV4:
- while(obj_tlen >= 4 ) {
-@@ -889,15 +891,16 @@
- "none",
- *(obj_tptr+7))); /* rfc3209 says that this field is rsvd. */
- }
-- obj_tlen-=*(obj_tptr+1);
-- obj_tptr+=*(obj_tptr+1);
-+ step = *(obj_tptr+1) ? *(obj_tptr+1) : obj_tlen;
-+ obj_tlen -= step;
-+ obj_tptr += step;
- }
- break;
- default:
- hexdump=TRUE;
- }
- break;
--
-+ }
- case RSVP_OBJ_HELLO:
- switch(rsvp_obj_ctype) {
- case RSVP_CTYPE_1:
+bin
bin/cat
bin/echo
bin/grep
usr/lib
#usr/lib/libgcc_s.so
#usr/lib/libgcc_s.so.1
-#usr/lib/libstdc##.so
-#usr/lib/libstdc##.so.6
+#usr/lib/libstdc++.so
+#usr/lib/libstdc++.so.6
usr/local/bin
-usr/local/bin/connscheduler
-usr/local/bin/httpscert
usr/local/bin/readhash
-usr/local/bin/run-parts
-usr/local/bin/scanhd
usr/local/bin/setddns.pl
usr/local/bin/vpn-watch
#usr/local/doc
+++ /dev/null
-#!/usr/bin/perl
-#
-# IPFire Connection Scheduler (F)Cron Job
-#
-# This code is distributed under the terms of the GPL
-# The original code is taken from weizen_42.
-# See /home/httpd/cgi-bin/connscheduler.cgi
-#
-
-use strict;
-
-require '/var/ipfire/general-functions.pl';
-require '/var/ipfire/connscheduler/lib.pl';
-
-# seems to be necessary
-my $sleep_after_profile = 5;
-
-my ($second, $minute, $hour, $day, $month ,$year, $weekday) = localtime(time);
-# correction for weekday, I am used to weeks starting with Monday (= 0) ;-)
-$weekday = ($weekday + 6) % 7;
-# get the closest thing possible
-$minute = int($minute / 5) * 5;
-
-
-if ( $ARGV[0] eq 'hangup' )
-{
- &hangup();
-}
-elsif ( $ARGV[0] eq 'dial' )
-{
- &dial();
-}
-elsif ( $ARGV[0] eq 'reconnect' )
-{
- &reconnect();
-}
-elsif ( $ARGV[0] eq 'profile' )
-{
- &profile($ARGV[1]);
-}
-elsif ( $ARGV[0] eq 'timer' )
-{
- &timer();
-}
-elsif ( $ARGV[0] eq 'test' )
-{
- &test();
-}
-else
-{
- print "Usage: $0 {dial | hangup | reconnect | profile nr# }\n";
-}
-
-exit 0;
-
-
-# __ _ _
-# / _| | | (_)
-# | |_ _ _ _ __ ___| |_ _ ___ _ __ ___
-# | _| | | | '_ \ / __| __| |/ _ \| '_ \/ __|
-# | | | |_| | | | | (__| |_| | (_) | | | \__ \
-# |_| \__,_|_| |_|\___|\__|_|\___/|_| |_|___/
-#
-sub hangup
-{
- unless ( -e "${General::swroot}/red/active" )
- {
- &General::log("ConnSched already disconnected");
- return;
- }
-
- &General::log("ConnSched disconnect");
- unless ( system('/etc/rc.d/init.d/network', 'stop', 'red') == 0 )
- {
- &General::log("ConnSched disconnect failed: $?");
- return;
- }
-
- # now wait for active triggerfile and ppp daemon to disappear
- sleep 1;
- while ( -e "${General::swroot}/red/active" || -e '/var/run/ppp-ipfire.pid' )
- {
- sleep 1;
- }
-}
-
-
-sub dial
-{
- if ( -e "${General::swroot}/red/active" )
- {
- &General::log("ConnSched already connected");
- return;
- }
-
- &General::log("ConnSched connect");
- unless ( system('/etc/rc.d/init.d/network', 'start', 'red') == 0 )
- {
- &General::log("ConnSched connect failed: $?");
- return;
- }
-
- # wait maximum 60 seconds for active triggerfile
- my $counter = 60;
- until ( -e "${General::swroot}/red/active" || $counter == 0 )
- {
- sleep 1;
- $counter--;
- }
-}
-
-
-sub reconnect
-{
- &hangup() if ( -e "${General::swroot}/red/active" );
- &dial();
-}
-
-
-sub profile
-{
- my $profile = shift;
- my $restart_red = 0;
-
- unless ( ($profile > 0) and ($profile < $CONNSCHED::maxprofiles) )
- {
- &General::log("ConnSched invalid profile: $profile");
- return;
- }
-
- unless ( -e "${General::swroot}/ppp/settings-$profile" )
- {
- &General::log("ConnSched profile file does not exist: $profile");
- return;
- }
-
- if ( -e "${General::swroot}/red/active" )
- {
- # remember to restart red after changing profile
- $restart_red = 1;
- &hangup();
- }
-
- &General::log("ConnSched select profile: $profile");
-
- # Method to change Profile from pppsetup.cgi
- unlink("${General::swroot}/ppp/settings");
- link("${General::swroot}/ppp/settings-$profile", "${General::swroot}/ppp/settings");
- system ("/usr/bin/touch", "${General::swroot}/ppp/updatesettings");
-
- if ( $restart_red == 1 )
- {
- ## FIXME: do we need to do this ?
- sleep($sleep_after_profile);
- &dial();
- }
-}
-
-
-# fcronjob entry
-sub timer
-{
- for my $i ( 0 .. $#CONNSCHED::config )
- {
- next if ( $CONNSCHED::config[$i]{'ACTIVE'} ne 'on' );
-
- my $action_hour = substr($CONNSCHED::config[$i]{'TIME'},0,2);
- my $action_minute = substr($CONNSCHED::config[$i]{'TIME'},3,2);
-
- next if ( $action_hour != $hour );
- next if ( $action_minute != $minute );
-
- if ( $CONNSCHED::config[$i]{'DAYSTYPE'} eq 'days' )
- {
- my @temp = split(/-/,$CONNSCHED::config[$i]{'DAYS'},2);
-
- my $daystart = substr($temp[0], 0, -1);
- my $dayend = substr($temp[1], 1);
-
- next if ( ($day < $daystart) || ($day > $dayend) );
- }
- else
- {
- next if ( index($CONNSCHED::config[$i]{'WEEKDAYS'}, $CONNSCHED::weekdays[$weekday]) == -1 );
- }
-
-
- if ( $CONNSCHED::config[$i]{'ACTION'} eq 'reconnect' )
- {
- &reconnect()
- }
- elsif ( $CONNSCHED::config[$i]{'ACTION'} eq 'dial' )
- {
- &dial();
- }
- elsif ( $CONNSCHED::config[$i]{'ACTION'} eq 'hangup' )
- {
- &hangup();
- }
- elsif ( $CONNSCHED::config[$i]{'ACTION'} eq 'select profile' )
- {
- &profile($CONNSCHED::config[$i]{'PROFILENR'});
- }
- elsif ( $CONNSCHED::config[$i]{'ACTION'} eq 'reboot' )
- {
- &General::log("ConnSched reboot");
- system ("/usr/local/bin/ipfirereboot", "boot");
- }
- elsif ( $CONNSCHED::config[$i]{'ACTION'} eq 'shutdown' )
- {
- &General::log("ConnSched shutdown");
- system ("/usr/local/bin/ipfirereboot", "down");
- }
- elsif ( $CONNSCHED::config[$i]{'ACTION'} eq 'ipsecstart' )
- {
- &General::log("ConnSched ipsecstart");
- system ("/usr/local/bin/ipsecctrl", "S");
- }
- elsif ( $CONNSCHED::config[$i]{'ACTION'} eq 'ipsecstop' )
- {
- &General::log("ConnSched ipsecstop");
- system ("/usr/local/bin/ipsecctrl", "D");
- }
- else
- {
- # okay ? an event we don't know about
- }
- }
-}
+++ /dev/null
-#!/bin/sh
-#
-# new : generate new certificate
-# read: read issuer in certificate and verify if it is the same as hostname
-
-# See how we were called.
-case "$1" in
- new)
- # set temporary random file
- export RANDFILE=/root/.rnd
- if [ ! -f /etc/httpd/server.key ]; then
- echo "Generating https server key."
- /usr/bin/openssl genrsa -rand \
- /boot/vmlinuz:CONFIG_ROOT/ethernet/settings -out \
- /etc/httpd/server.key 1024
- fi
- echo "Generating CSR"
- /bin/cat /etc/certparams | sed "s/HOSTNAME/`hostname -f`/" | /usr/bin/openssl \
- req -new -key /etc/httpd/server.key -out /etc/httpd/server.csr
- echo "Signing certificate"
- /usr/bin/openssl x509 -req -days 999999 -in \
- /etc/httpd/server.csr -signkey /etc/httpd/server.key -out \
- /etc/httpd/server.crt
- # unset and remove random file
- export -n RANDFILE
- rm -f /root/.rnd
- ;;
- read)
- if [ -f /etc/httpd/server.key -a -f /etc/httpd/server.crt -a -f /etc/httpd/server.csr ]; then
- ISSUER=`openssl x509 -in /etc/httpd/server.crt -text -noout | grep Issuer | /usr/bin/cut -f2 -d '='`
- HOSTNAME=`/bin/hostname -f`
- if [ "$ISSUER" != "$HOSTNAME" ]; then
- echo "Certificate issuer '$ISSUER' is not the same as the hostname '$HOSTNAME'"
- echo "Probably host or domain name has been changed in setup"
- echo "You could remake server certificate with '/usr/local/bin/httpscert new'"
- exit 1
- else
- echo "https certificate issuer match $HOSTNAME"
- fi
- else
- echo "Certificate not found"
- exit 1
- fi
- ;;
- *)
- /bin/echo "Usage: $0 {read|new}"
- exit 1
- ;;
-esac
+++ /dev/null
-#!/bin/sh
-# run-parts: Runs all the scripts found in a directory.
-
-# keep going when something fails
-set +e
-
-if [ $# -lt 1 ]; then
- echo "Usage: run-parts <directory>"
- exit 1
-fi
-
-if [ ! -d $1 ]; then
- echo "Not a directory: $1"
- echo "Usage: run-parts <directory>"
- exit 1
-fi
-
-# There are several types of files that we would like to
-# ignore automatically, as they are likely to be backups
-# of other scripts:
-IGNORE_SUFFIXES="~ ^ , .bak .new .rpmsave .rpmorig .rpmnew .swp"
-
-# Main loop:
-for SCRIPT in $1/* ; do
- # If this is not a regular file, skip it:
- if [ ! -f $SCRIPT ]; then
- continue
- fi
- # Determine if this file should be skipped by suffix:
- SKIP=false
- for SUFFIX in $IGNORE_SUFFIXES ; do
- if [ ! "`basename $SCRIPT $SUFFIX`" = "`basename $SCRIPT`" ]; then
- SKIP=true
- break
- fi
- done
- if [ "$SKIP" = "true" ]; then
- continue
- fi
- # If we've made it this far, then run the script if it's executable:
- if [ -x $SCRIPT ]; then
- echo "$SCRIPT:"
- echo
- $SCRIPT 2>&1
- echo
- fi
-done
-
-exit 0
+++ /dev/null
-#!/bin/bash
-
-case "$1" in
- ide)
- /sbin/kudzu -qps -c HD | egrep "desc|device:" | awk -F': ' '{print $2}' | sed -e '/"$/a\\' -e "s/$/\;/g" | tr "\n" "XX" | sed -e "s/XX/\n/g" -e "s/\;X/\;/g" > /var/ipfire/extrahd/scan
- ;;
- partitions)
- cat /proc/partitions | awk '{print $4 ";" $3 ";"}' | grep -v name | grep -v "^;;$" > /var/ipfire/extrahd/partitions
- ;;
- *)
- echo "Usage: $0 (ide|partitions)"
- ;;
-esac
+++ /dev/null
-#!/bin/sh
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-name=finder.log
-echo -n "Where: " ;read wo
-echo -n "String: " ;read was
-echo -n "Output to file? (y/n): " ;read jn
-
-if [ "$jn" = "y" ]; then
- echo "Creating log file $name"
- find $wo -type f | xargs grep -in "$was" 2>/dev/null | grep -v ".svn" | grep -v "ChangeLog" | grep -v "/serv/ipfire/branches/ipcop-1.4" | grep -v "/serv/ipfire/tags/beta0" > $name
-else
- find $wo -type f | xargs grep -in "$was" 2>/dev/null | grep -v ".svn" | grep -v "ChangeLog" | grep -v "/serv/ipfire/branches/ipcop-1.4" | grep -v "/serv/ipfire/tags/beta0"
-fi
-
-if [ -d $name ]; then
- cat $name
-fi