diff --git a/html/cgi-bin/ddos.cgi b/html/cgi-bin/ddos.cgi index da7353872..ae3b211d4 100755 --- a/html/cgi-bin/ddos.cgi +++ b/html/cgi-bin/ddos.cgi @@ -41,15 +41,16 @@ my %dnsddossettings=(); my %checked=(); my $errormessage=''; my $counter = 0; +my %tcp_ports=(); +my %udp_ports=(); my $tcp_portfile = "${General::swroot}/ddos/tcp_ports"; my $udp_portfile = "${General::swroot}/ddos/udp_ports"; my $ddossettingfile = "${General::swroot}/ddos/settings"; my $udpddossettingfile = "${General::swroot}/ddos/udp-ddos-settings"; my $dnsddossettingfile = "${General::swroot}/ddos/dns-ddos-settings"; -# Get TCP and UDP ports -my %tcp_ports = get_ports($tcp_portfile, 'tcp'); -my %udp_ports = get_ports($udp_portfile, 'udp'); +&get_tcp_ports(); +&get_udp_ports(); # Read configuration file. @@ -63,7 +64,7 @@ $udpddossettings{'ENABLE_UDP_DDOS'} = 'off'; $dnsddossettings{'ENABLE_DNS_DDOS'} = 'off'; $ddossettings{'ACTION'} = ''; $udpddossettings{'UDP_ACTION'} = ''; -$dnsddossettings{'DNS_ACTION'} = ''; +$udpddossettings{'DNS_ACTION'} = ''; &Header::getcgihash(\%ddossettings); @@ -84,9 +85,13 @@ if ($ddossettings{'ACTION'} eq $Lang::tr{'save'}) &General::writehash("$ddossettingfile", \%ddossettings); if ($ddossettings{'ENABLE_DDOS'} eq 'on') { - &enable_ddos; + &General::log($Lang::tr{'ddos is enabled'}); + &General::system('/usr/bin/touch', "${General::swroot}/ddos/enableddos"); + &General::system('/usr/local/bin/ddosctrl', 'start'); } else { - &disable_ddos; + &General::log($Lang::tr{'ddos is disabled'}); + &General::system('/usr/local/bin/ddosctrl', 'stop'); + unlink "${General::swroot}/ddos/enableddos"; } } @@ -110,24 +115,32 @@ if ($udpddossettings{'UDP_ACTION'} eq $Lang::tr{'save'}) &General::writehash("$udpddossettingfile", \%udpddossettings); if ($udpddossettings{'ENABLE_UDP_DDOS'} eq 'on') { - &enable_ddos; + &General::log($Lang::tr{'ddos is enabled'}); + &General::system('/usr/bin/touch', "${General::swroot}/ddos/enableddos"); + &General::system('/usr/local/bin/ddosctrl', 'start'); } else { - &disable_ddos; + &General::log($Lang::tr{'ddos is disabled'}); + &General::system('/usr/local/bin/ddosctrl', 'stop'); + unlink "${General::swroot}/ddos/enableddos"; } } &Header::getcgihash(\%dnsddossettings); -if ($dnsddossettings{'DNS_ACTION'} eq $Lang::tr{'save'}) +if ($udpddossettings{'DNS_ACTION'} eq $Lang::tr{'save'}) { &General::writehash("$dnsddossettingfile", \%dnsddossettings); if ($dnsddossettings{'ENABLE_DNS_DDOS'} eq 'on') { - &enable_ddos; + &General::log($Lang::tr{'ddos is enabled'}); + &General::system('/usr/bin/touch', "${General::swroot}/ddos/enableddos"); + &General::system('/usr/local/bin/ddosctrl', 'start'); } else { - &disable_ddos; + &General::log($Lang::tr{'ddos is disabled'}); + &General::system('/usr/local/bin/ddosctrl', 'stop'); + unlink "${General::swroot}/ddos/enableddos"; } } @@ -143,7 +156,7 @@ if ($errormessage) { } # Read configuration file. -read_config_file("$ddossettingfile", \%ddossettings); +&General::readhash("$ddossettingfile", \%ddossettings); # Checkbox pre-selection. my $checked; @@ -169,166 +182,45 @@ END &Header::closebox(); &Header::openbox('100%', 'center', $Lang::tr{'xdp tcp port'}); - -&print_port_head; - -&print_port_status(%tcp_ports); - -&Header::closebox(); - -print "\n"; -# -# Read configuration file. -read_config_file("$dnsddossettingfile", \%dnsddossettings); - -# Checkbox pre-selection. -my $dns_checked; -if ($dnsddossettings{'ENABLE_DNS_DDOS'} eq "on") { - $dns_checked = "checked='checked'"; -} - -# Print box to enable/disable locationblock. -print"
\n"; - -&Header::openbox('100%', 'center', $Lang::tr{'xdp dns'}); print < - - $Lang::tr{'xdp enable'} - - - - -END - -&Header::closebox(); - -print "\n"; - -# Read configuration file. -read_config_file("$udpddossettingfile", \%udpddossettings); - -# Checkbox pre-selection. -my $udp_checked; -if ($udpddossettings{'ENABLE_UDP_DDOS'} eq "on") { - $udp_checked = "checked='checked'"; -} - -# Print box to enable/disable locationblock. -print"
\n"; - -&Header::openbox('100%', 'center', $Lang::tr{'xdp udp'}); -print < - - $Lang::tr{'xdp enable'} - - - - - -END - -&Header::closebox(); - -&Header::openbox('100%', 'center', $Lang::tr{'xdp udp port'}); - -&print_port_head; - -&print_port_status(%udp_ports); - -&Header::closebox(); - -print "\n"; - -&Header::openbox('100%', 'center', $Lang::tr{'xdp status'}); - -&print_xdp_status_head; - -&print_xdp_status; - -&Header::closebox(); - -&Header::closebigbox(); - -&Header::closepage(); - -# Subroutine to get ports from file -sub get_ports { - my ($file, $protocol) = @_; - my %ports; - - open(my $fh, '<', $file) or die "Unable to open file $file: $!"; - while (my $line = <$fh>) { - chomp $line; - next if $line =~ /^\s*#/; # Skip comments - my ($service, $port) = $line =~ /^(\w+)\s+(\d+)\/$protocol/; - $ports{$service} = $port if $service && $port; - } - close($fh); - return %ports; -} - -# Subroutine to read configuration file -sub read_config_file { - my ($file, $config) = @_; - &General::readhash($file, $config); -} - -sub enable_ddos() { - &General::log($Lang::tr{'ddos is enabled'}); - &General::system('/usr/bin/touch', "${General::swroot}/ddos/enableddos"); - &General::system('/usr/local/bin/ddosctrl', 'start'); -} - -sub disable_ddos() { - &General::log($Lang::tr{'ddos is disabled'}); - &General::system('/usr/local/bin/ddosctrl', 'stop'); - unlink "${General::swroot}/ddos/enableddos"; -} - -sub print_port_head() { - print < - - - - $Lang::tr{'port'} - - - $Lang::tr{'service'} - + + + + + - - - - + + + + + + END -} -sub print_port_status() { - my $lines; - my $lines2; - my $col; +my $lines; +my $lines2; +my $col; - my %ports = @_; - # Sort output based on hash value port number -for my $service ( sort { $ports{$a} cmp $ports{$b} } - keys %ports ) +# Sort output based on hash value port number +for my $service ( sort { $tcp_ports{$a} cmp $tcp_ports{$b} } + keys %tcp_ports ) { - my $port = $ports{$service}; + my $port = $tcp_ports{$service}; # Checkbox pre-selection. my $checked; - if ($udpddossettings{$port} eq "on") { + if ($ddossettings{$port} eq "on") { $checked = "checked='checked'"; } @@ -360,50 +252,232 @@ for my $service ( sort { $ports{$a} cmp $ports{$b} } } print "$line_start\n"; - print "\n"; + print "\n"; print "$line_end\n"; $lines2++; } + +print < + +END + +&Header::closebox(); + +print "\n"; +# +# Read configuration file. +&General::readhash("$dnsddossettingfile", \%dnsddossettings); + +# Checkbox pre-selection. +my $dns_checked; +if ($dnsddossettings{'ENABLE_DNS_DDOS'} eq "on") { + $dns_checked = "checked='checked'"; +} + +# Print box to enable/disable locationblock. +print"
\n"; + +&Header::openbox('100%', 'center', $Lang::tr{'xdp dns'}); +print < + + + + +
+ $Lang::tr{'port'} + + $Lang::tr{'service'} +   - $Lang::tr{'port'} - - $Lang::tr{'service'} -
+ $Lang::tr{'port'} + + $Lang::tr{'service'} +
$port$port$service
$Lang::tr{'xdp enable'} +
+ +END + +&Header::closebox(); + +print "\n"; + +# Read configuration file. +&General::readhash("$udpddossettingfile", \%udpddossettings); + +# Checkbox pre-selection. +my $udp_checked; +if ($udpddossettings{'ENABLE_UDP_DDOS'} eq "on") { + $udp_checked = "checked='checked'"; +} + +# Print box to enable/disable locationblock. +print"
\n"; + +&Header::openbox('100%', 'center', $Lang::tr{'xdp udp'}); +print < + + $Lang::tr{'xdp enable'} + + + + + +END + +&Header::closebox(); + +&Header::openbox('100%', 'center', $Lang::tr{'xdp udp port'}); +print < + + + + $Lang::tr{'port'} + + + $Lang::tr{'service'} + + +   + + + + $Lang::tr{'port'} + + + $Lang::tr{'service'} + + + +END + +my $udp_lines; +my $udp_lines2; +my $udp_col; + +# Sort output based on hash value port number +for my $service ( sort { $udp_ports{$a} cmp $udp_ports{$b} } + keys %udp_ports ) +{ + my $port = $udp_ports{$service}; + + # Checkbox pre-selection. + my $checked; + if ($udpddossettings{$port} eq "on") { + $checked = "checked='checked'"; + } + + # Colour lines. + if ($udp_lines % 2) { + $col="bgcolor='$color{'color20'}'"; + } else { + $col="bgcolor='$color{'color22'}'"; + } + + # Grouping elements. + my $line_start; + my $line_end; + if ($udp_lines2 % 2) { + # Increase lines (background color by once. + $lines++; + + # Add empty column in front. + $line_start=" "; + + # When the line number can be diveded by "2", + # we are going to close the line. + $line_end=""; + } else { + # When the line number is not divideable by "2", + # we are starting a new line. + $line_start=""; + $line_end; + } + + print "$line_start\n"; + print "$port\n"; + print "$service$line_end\n"; + +$udp_lines2++; +} print < END -} -sub print_xdp_status_head() { +&Header::closebox(); + +print "\n"; + +&Header::openbox('100%', 'center', $Lang::tr{'xdp status'}); + print < - - - - $Lang::tr{'xdp interface'} - - - $Lang::tr{'xdp prio'} - - - $Lang::tr{'xdp program'} - - - $Lang::tr{'xdp mode'} - - - $Lang::tr{'xdp id'} - - - $Lang::tr{'xdp tag'} - - - $Lang::tr{'xdp action'} - - - - + + + + + + + + + + + + + END + +&printxdp(); + +print "\n
+ $Lang::tr{'xdp interface'} + + $Lang::tr{'xdp prio'} + + $Lang::tr{'xdp program'} + + $Lang::tr{'xdp mode'} + + $Lang::tr{'xdp id'} + + $Lang::tr{'xdp tag'} + + $Lang::tr{'xdp action'} +
\n"; + +&Header::closebox(); + +&Header::closebigbox(); + +&Header::closepage(); + +sub get_tcp_ports() +{ + my $fh; + open($fh, '<', $tcp_portfile) or die "Unable to open file: $!"; + while (my $line = <$fh>) { + chomp $line; + next if $line =~ /^\s*#/; # Skip comments + my ($service, $port) = $line =~ /^(\w+)\s+(\d+)\/tcp/; + if ($service && $port) { + $tcp_ports{$service} = $port; + } + } + close($fh); } -sub print_xdp_status() +sub get_udp_ports() +{ + my $fh; + open($fh, '<', $udp_portfile) or die "Unable to open file: $!"; + while (my $line = <$fh>) { + chomp $line; + next if $line =~ /^\s*#/; # Skip comments + my ($service, $port) = $line =~ /^(\w+)\s+(\d+)\/udp/; + if ($service && $port) { + $udp_ports{$service} = $port; + } + } + close($fh); +} + +sub printxdp() { # print active SSH logins (grep outpout of "who -s") my @output = &General::system_output("/usr/local/bin/ddosctrl", "status"); @@ -460,5 +534,4 @@ END } } - print "\n\n"; }