diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index d871025eb..a87e5c070 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -19,7 +19,6 @@ use Socket; use IO::Socket; use Net::SSLeay; use Net::IPv4Addr qw(:all); -$|=1; # line buffering $General::version = 'VERSION'; $General::swroot = 'CONFIG_ROOT'; @@ -116,15 +115,13 @@ sub log } sub setup_default_networks { - my %netsettings=(); + my %netsettings = %Network::ethernet; my $defaultNetworks = shift; - - &readhash("/var/ipfire/ethernet/settings", \%netsettings); - + # Get current defined networks (Red, Green, Blue, Orange) $defaultNetworks->{$Lang::tr{'fwhost any'}}{'IPT'} = "0.0.0.0/0.0.0.0"; $defaultNetworks->{$Lang::tr{'fwhost any'}}{'NAME'} = "ALL"; - + $defaultNetworks->{$Lang::tr{'green'}}{'IPT'} = "$netsettings{'GREEN_NETADDRESS'}/$netsettings{'GREEN_NETMASK'}"; $defaultNetworks->{$Lang::tr{'green'}}{'NET'} = "$netsettings{'GREEN_ADDRESS'}"; $defaultNetworks->{$Lang::tr{'green'}}{'NAME'} = "GREEN"; @@ -145,7 +142,7 @@ sub setup_default_networks $defaultNetworks->{$Lang::tr{'blue'}}{'NET'} = "$netsettings{'BLUE_ADDRESS'}"; $defaultNetworks->{$Lang::tr{'blue'}}{'NAME'} = "BLUE"; } - + #IPFire himself $defaultNetworks->{'IPFire'}{'NAME'} = "IPFire"; @@ -172,18 +169,18 @@ sub setup_default_networks &readhash("${General::swroot}/vpn/settings", \%ipsecsettings); if($ipsecsettings{'RW_NET'} ne '') { - my ($ip,$sub) = split(/\//,$ipsecsettings{'RW_NET'}); - $sub=&General::iporsubtocidr($sub); - my @tempipsecsubnet = split("\/", $ipsecsettings{'RW_NET'}); - $defaultNetworks->{'IPsec RW (' .$ip."/".$sub.")"}{'ADR'} = $tempipsecsubnet[0]; - $defaultNetworks->{'IPsec RW (' .$ip."/".$sub.")"}{'NAME'} = "IPsec RW"; - $defaultNetworks->{'IPsec RW (' .$ip."/".$sub.")"}{'NET'} = &getnextip($ip); + my $netaddress = &Network::get_netaddress($ipsecsettings{'RW_NET'}); + my $prefix = &Network::get_prefix($ipsecsettings{'RW_NET'}); + + $defaultNetworks->{"IPsec RW (${netaddress}/${prefix})"}{'ADR'} = $netaddress; + $defaultNetworks->{"IPsec RW (${netaddress}/${prefix})"}{'NAME'} = "IPsec RW"; + $defaultNetworks->{"IPsec RW (${netaddress}/${prefix})"}{'NET'} = $netaddress; } } } sub get_aliases { - + my $defaultNetworks = shift; open(FILE, "${General::swroot}/ethernet/aliases") or die 'Unable to open aliases file.'; my @current = ; @@ -199,25 +196,36 @@ sub get_aliases } $defaultNetworks->{$temp[2]}{'IPT'} = "$temp[0]"; $defaultNetworks->{$temp[2]}{'NET'} = "$temp[0]"; - + $ctr++; } } } +sub set_defaults($$) { + my $hash = shift; + my $defaults = shift; + + foreach my $key (keys %$defaults) { + unless (defined($hash->{$key})) { + $hash->{$key} = $defaults->{$key}; + } + } +} + sub readhash { my $filename = $_[0]; my $hash = $_[1]; my ($var, $val); - - + + # Some ipcop code expects that readhash 'complete' the hash if new entries # are presents. Not clear it !!! #%$hash = (); open(FILE, $filename) or die "Unable to read file $filename"; - + while () { chop; @@ -251,11 +259,11 @@ sub writehash my $filename = $_[0]; my $hash = $_[1]; my ($var, $val); - + # write cgi vars to the file. open(FILE, ">${filename}") or die "Unable to write file $filename"; flock FILE, 2; - foreach $var (keys %$hash) + foreach $var (keys %$hash) { if ( $var eq "__CGI__"){next;} $val = $hash->{$var}; @@ -272,42 +280,6 @@ sub writehash close FILE; } -sub writehashpart -{ - # This function replaces the given hash in the original hash by keeping the old - # content and just replacing the new content - - my $filename = $_[0]; - my $newhash = $_[1]; - my %oldhash; - my ($var, $val); - - readhash("${filename}", \%oldhash); - - foreach $var (keys %$newhash){ - $oldhash{$var}=$newhash->{$var}; - } - - # write cgi vars to the file. - open(FILE, ">${filename}") or die "Unable to write file $filename"; - flock FILE, 2; - foreach $var (keys %oldhash) - { - if ( $var eq "__CGI__"){next;} - $val = $oldhash{$var}; - # Darren Critchley Jan 17, 2003 added the following because when submitting with a graphic, the x and y - # location of the mouse are submitted as well, this was being written to the settings file causing - # some serious grief! This skips the variable.x and variable.y - if (!($var =~ /(.x|.y)$/)) { - if ($val =~ / /) { - $val = "\'$val\'"; } - if (!($var =~ /^ACTION/)) { - print FILE "${var}=${val}\n"; } - } - } - close FILE; -} - sub age { my ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $mtime, $ctime, $blksize, $blocks) = stat $_[0]; @@ -352,7 +324,7 @@ sub validip if (!($ip =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/)) { return 0; } - else + else { my @octets = ($1, $2, $3, $4); foreach $_ (@octets) @@ -397,7 +369,7 @@ sub subtocidr { sub cidrtosub { return &Network::convert_prefix2netmask(shift); } - + sub iporsubtodec { #Gets: Ip address or subnetmask in decimal oder CIDR @@ -421,7 +393,7 @@ sub iporsubtodec return $net."/".$mask; } } - } + } } #Subnet in binary format? if ($mask=~/^(\d{1,2})$/ && (($1<=32 && $1>=0))){ @@ -433,8 +405,8 @@ sub iporsubtodec } return 3; } - - + + sub iporsubtocidr { #gets: Ip Address or subnetmask in decimal oder CIDR @@ -457,7 +429,7 @@ sub iporsubtocidr return $net."/".&General::subtocidr($mask); } } - } + } } #Subnet already in binary format? if ($mask=~/^(\d{1,2})$/ && (($1<=32 && $1>=0))){ @@ -476,18 +448,6 @@ sub getnetworkip { return &Network::get_netaddress($arg); } -sub getccdbc -{ - #Gets: IP in Form ("192.168.0.0/24") - #Gives: Broadcastaddress of network - my $ccdnet=$_; - my ($ccdip,$ccdsubnet) = split "/",$ccdnet; - my $ip_address_binary = inet_aton( $ccdip ); - my $netmask_binary = ~pack("N", (2**(32-$ccdsubnet))-1); - my $broadcast_address = inet_ntoa( $ip_address_binary | ~$netmask_binary ); - return $broadcast_address; -} - sub ip2dec { return &Network::ip2bin(shift); } @@ -496,21 +456,13 @@ sub dec2ip { return &Network::bin2ip(shift); } -sub getnextip { - return &Network::find_next_ip_address(shift, 4); -} - -sub getlastip { - return &Network::find_next_ip_address(shift, -1); -} - sub validipandmask { #Gets: Ip address in 192.168.0.0/24 or 192.168.0.0/255.255.255.0 and checks if subnet valid - #Gives: True bzw 0 if success or false + #Gives: True bzw 0 if success or false my $ccdnet=$_[0]; my $subcidr; - + if (!($ccdnet =~ /^(.*?)\/(.*?)$/)) { return 0; } @@ -530,7 +482,7 @@ sub validipandmask }else{ return 0; } - + } return 0; } @@ -581,13 +533,13 @@ sub checksubnets &readhasharray("${General::swroot}/ovpn/ccd.conf", \%ccdconfhash); foreach my $key (keys %ccdconfhash) { @ccdconf=split(/\//,$ccdconfhash{$key}[1]); - if ($ccdname eq $ccdconfhash{$key}[0]) + if ($ccdname eq $ccdconfhash{$key}[0]) { $errormessage=$errormessage.$Lang::tr{'ccd err nameexist'}."
"; return $errormessage; } my ($newip,$newsub) = split(/\//,$ccdnet); - if (&IpInSubnet($newip,$ccdconf[0],&iporsubtodec($ccdconf[1]))) + if (&IpInSubnet($newip,$ccdconf[0],&iporsubtodec($ccdconf[1]))) { $errormessage=$errormessage.$Lang::tr{'ccd err issubnet'}." $ccdconfhash{$key}[0]
"; return $errormessage; @@ -623,7 +575,7 @@ sub checksubnets return $errormessage; } } - + #call check_net_internal if ($checktype eq "exact") { @@ -636,11 +588,10 @@ sub checksubnets sub check_net_internal_range{ my $network=shift; my ($ip,$cidr)=split(/\//,$network); - my %ownnet=(); + my %ownnet = %Network::ethernet; my $errormessage; $cidr=&iporsubtocidr($cidr); #check if we use one of ipfire's networks (green,orange,blue) - &readhash("${General::swroot}/ethernet/settings", \%ownnet); if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'GREEN_NETADDRESS'},&iporsubtodec($ownnet{'GREEN_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;} if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'ORANGE_NETADDRESS'},&iporsubtodec($ownnet{'ORANGE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;} if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &IpInSubnet($ip,$ownnet{'BLUE_NETADDRESS'},&iporsubtodec($ownnet{'BLUE_NETMASK'}))){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;} @@ -650,11 +601,10 @@ sub check_net_internal_range{ sub check_net_internal_exact{ my $network=shift; my ($ip,$cidr)=split(/\//,$network); - my %ownnet=(); + my %ownnet = %Network::ethernet; my $errormessage; $cidr=&iporsubtocidr($cidr); #check if we use one of ipfire's networks (green,orange,blue) - &readhash("${General::swroot}/ethernet/settings", \%ownnet); if (($ownnet{'GREEN_NETADDRESS'} ne '' && $ownnet{'GREEN_NETADDRESS'} ne '0.0.0.0') && &Network::network_equal("$ownnet{'GREEN_NETADDRESS'}/$ownnet{'GREEN_NETMASK'}", $network)){ $errormessage=$Lang::tr{'ccd err green'};return $errormessage;} if (($ownnet{'ORANGE_NETADDRESS'} ne '' && $ownnet{'ORANGE_NETADDRESS'} ne '0.0.0.0') && &Network::network_equal("$ownnet{'ORANGE_NETADDRESS'}/$ownnet{'ORANGE_NETMASK'}", $network)){ $errormessage=$Lang::tr{'ccd err orange'};return $errormessage;} if (($ownnet{'BLUE_NETADDRESS'} ne '' && $ownnet{'BLUE_NETADDRESS'} ne '0.0.0.0') && &Network::network_equal("$ownnet{'BLUE_NETADDRESS'}/$ownnet{'BLUE_NETMASK'}", $network)){ $errormessage=$Lang::tr{'ccd err blue'};return $errormessage;} @@ -781,7 +731,7 @@ sub validfqdn # but no more than 63 characters if (length ($parts[$index]) < 1 || length ($parts[$index]) > 63) { return 0;} - if ($index eq 0) { + if ($index eq 0) { # This is the hostname part # Only valid characters are a-z, A-Z, 0-9 and - if ($parts[$index] !~ /^[a-zA-Z0-9-]*$/) { @@ -792,7 +742,7 @@ sub validfqdn # Last character can only be a letter or a digit if (substr ($parts[$index], -1, 1) !~ /^[a-zA-Z0-9]*$/) { return 0;} - } else{ + } else{ # This is the domain part # Only valid characters are a-z, A-Z, 0-9, _ and - if ($parts[$index] !~ /^[a-zA-Z0-9_-]*$/) { @@ -802,23 +752,23 @@ sub validfqdn return 1; } -sub validportrange # used to check a port range +sub validportrange # used to check a port range { my $port = $_[0]; # port values $port =~ tr/-/:/; # replace all - with colons just in case someone used - my $srcdst = $_[1]; # is it a source or destination port if (!($port =~ /^(\d+)\:(\d+)$/)) { - - if (!(&validport($port))) { + + if (!(&validport($port))) { if ($srcdst eq 'src'){ return $Lang::tr{'source port numbers'}; } else { return $Lang::tr{'destination port numbers'}; - } + } } } - else + else { my @ports = ($1, $2); if ($1 >= $2){ @@ -826,16 +776,16 @@ sub validportrange # used to check a port range return $Lang::tr{'bad source range'}; } else { return $Lang::tr{'bad destination range'}; - } + } } foreach $_ (@ports) { if (!(&validport($_))) { if ($srcdst eq 'src'){ - return $Lang::tr{'source port numbers'}; + return $Lang::tr{'source port numbers'}; } else { return $Lang::tr{'destination port numbers'}; - } + } } } return; @@ -850,19 +800,6 @@ sub IpInSubnet { return &Network::ip_address_in_network($addr, "$network/$netmask"); } -# -# Return the following IP (IP+1) in dotted notation. -# Call: NextIP ('1.1.1.1'); -# Return: '1.1.1.2' -# -sub NextIP { - return &Network::find_next_ip_address(shift, 1); -} - -sub NextIP2 { - return &Network::find_next_ip_address(shift, 4); -} - sub ipcidr { my ($ip,$cidr) = &Net::IPv4Addr::ipv4_parse(shift); return "$ip\/$cidr"; @@ -948,87 +885,6 @@ sub findhasharraykey { } } -sub srtarray -# Darren Critchley - darrenc@telus.net - (c) 2003 -# &srtarray(SortOrder, AlphaNumeric, SortDirection, ArrayToBeSorted) -# This subroutine will take the following parameters: -# ColumnNumber = the column which you want to sort on, starts at 1 -# AlphaNumberic = a or n (lowercase) defines whether the sort should be alpha or numberic -# SortDirection = asc or dsc (lowercase) Ascending or Descending sort -# ArrayToBeSorted = the array that wants sorting -# -# Returns an array that is sorted to your specs -# -# If SortOrder is greater than the elements in array, then it defaults to the first element -# -{ - my ($colno, $alpnum, $srtdir, @tobesorted) = @_; - my @tmparray; - my @srtedarray; - my $line; - my $newline; - my $ctr; - my $ttlitems = scalar @tobesorted; # want to know the number of rows in the passed array - if ($ttlitems < 1){ # if no items, don't waste our time lets leave - return (@tobesorted); - } - my @tmp = split(/\,/,$tobesorted[0]); - $ttlitems = scalar @tmp; # this should be the number of elements in each row of the passed in array - - # Darren Critchley - validate parameters - if ($colno > $ttlitems){$colno = '1';} - $colno--; # remove one from colno to deal with arrays starting at 0 - if($colno < 0){$colno = '0';} - if ($alpnum ne '') { $alpnum = lc($alpnum); } else { $alpnum = 'a'; } - if ($srtdir ne '') { $srtdir = lc($srtdir); } else { $srtdir = 'src'; } - - foreach $line (@tobesorted) - { - chomp($line); - if ($line ne '') { - my @temp = split(/\,/,$line); - # Darren Critchley - juggle the fields so that the one we want to sort on is first - my $tmpholder = $temp[0]; - $temp[0] = $temp[$colno]; - $temp[$colno] = $tmpholder; - $newline = ""; - for ($ctr=0; $ctr < $ttlitems ; $ctr++) { - $newline=$newline . $temp[$ctr] . ","; - } - chop($newline); - push(@tmparray,$newline); - } - } - if ($alpnum eq 'n') { - @tmparray = sort {$a <=> $b} @tmparray; - } else { - @tmparray = (sort @tmparray); - } - foreach $line (@tmparray) - { - chomp($line); - if ($line ne '') { - my @temp = split(/\,/,$line); - my $tmpholder = $temp[0]; - $temp[0] = $temp[$colno]; - $temp[$colno] = $tmpholder; - $newline = ""; - for ($ctr=0; $ctr < $ttlitems ; $ctr++){ - $newline=$newline . $temp[$ctr] . ","; - } - chop($newline); - push(@srtedarray,$newline); - } - } - - if ($srtdir eq 'dsc') { - @tmparray = reverse(@srtedarray); - return (@tmparray); - } else { - return (@srtedarray); - } -} - sub FetchPublicIp { my %proxysettings; &General::readhash("${General::swroot}/proxy/settings", \%proxysettings); @@ -1056,12 +912,12 @@ sub FetchPublicIp { # IP # hostname # domain -# Output +# Output # 1 IP matches host.domain # 0 not in sync # sub DyndnsServiceSync ($;$;$) { - + my ($ip,$hostName,$domain) = @_; my @addresses; @@ -1078,7 +934,7 @@ sub DyndnsServiceSync ($;$;$) { } if ($addresses[0] ne '') { # got something ? - #&General::log("name:$addresses[0], alias:$addresses[1]"); + #&General::log("name:$addresses[0], alias:$addresses[1]"); # Build clear text list of IP @addresses = map ( &Socket::inet_ntoa($_), @addresses[4..$#addresses]); if (grep (/$ip/, @addresses)) { @@ -1190,11 +1046,8 @@ sub MakeUserAgent() { sub RedIsWireless() { # This function checks if a network device is a wireless device. - my %settings = (); - &readhash("${General::swroot}/ethernet/settings", \%settings); - # Find the name of the network device. - my $device = $settings{'RED_DEV'}; + my $device = $Network::ethernet{'RED_DEV'}; # Exit, if no device is configured. return 0 if ($device eq ""); @@ -1225,11 +1078,11 @@ sub read_file_utf8 ($) { sub write_file_utf8 ($) { my ($file, $content) = @_; - open my $out, '>:encoding(UTF-8)', $file or die "Could not open '$file' for writing $!";; + open my $out, '>:encoding(UTF-8)', $file or die "Could not open '$file' for writing $!";; print $out $content; close $out; - return; + return; } my $FIREWALL_RELOAD_INDICATOR = "${General::swroot}/firewall/reread"; @@ -1357,7 +1210,7 @@ sub get_nameservers () { } # Function to format a string containing the amount of bytes to -# something human-readable. +# something human-readable. sub formatBytes { # Private array which contains the units. my @units = qw(B KB MB GB TB PB); diff --git a/config/cfgroot/graphs.pl b/config/cfgroot/graphs.pl index 96c6c26ea..4bf1a5779 100644 --- a/config/cfgroot/graphs.pl +++ b/config/cfgroot/graphs.pl @@ -31,10 +31,10 @@ require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; # Approximate size of the final graph image including canvas and labeling (in pixels, mainly used for placeholders) -our %image_size = ('width' => 900, 'height' => 300); +our %image_size = ('width' => 900, 'height' => 400); # Size of the actual data area within the image, without labeling (in pixels) -our %canvas_size = ('width' => 800, 'height' => 190); +our %canvas_size = ('width' => 800, 'height' => 290); # List of all available time ranges our @time_ranges = ("hour", "day", "week", "month", "year"); @@ -111,21 +111,26 @@ sub makegraphbox { $default_range = "day" unless ($default_range ~~ @time_ranges); print < -
    +
    + $Lang::tr{'graph'} ($name) + +
      END # Print range select buttons foreach my $range (@time_ranges) { print < +
    • + +
      • END } print < - $Lang::tr{'graph'} ($name) -
    +
+ END } @@ -143,7 +148,6 @@ sub updatecpugraph { "-l 0", "-u 100", "-r", - "-t ".$Lang::tr{'cpu usage per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'percentage'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -270,7 +274,6 @@ sub updateloadgraph { "-1".$period, "-l 0", "-r", - "-t ".$Lang::tr{'uptime load average'}." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'processes'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -303,7 +306,6 @@ sub updatememorygraph { "-l 0", "-u 100", "-r", - "-t ".$Lang::tr{'memory usage per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'percentage'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -359,7 +361,6 @@ sub updateswapgraph { "-l 0", "-u 100", "-r", - "-t ".$Lang::tr{'swap usage per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'percentage'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -410,7 +411,6 @@ sub updateprocessescpugraph { "-1".$period, "-l 0", "-r", - "-t ".$Lang::tr{'processes'}." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, "--color=BACK".$color{"color21"} @@ -457,7 +457,6 @@ sub updateprocessesmemorygraph { "-1".$period, "-l 0", "-r", - "-t ".$Lang::tr{'processes'}." ".$Lang::tr{'memory'}." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'bytes'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -500,7 +499,6 @@ sub updatediskgraph { "--start", "-1".$period, "-r", - "-t ".$disk." ".$Lang::tr{'disk access'}." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'bytes per second'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -544,7 +542,6 @@ sub updateifgraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'traffic on'}." ".$interface." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'bytes per second'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -581,7 +578,6 @@ sub updatevpngraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'traffic on'}." ".$interface." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'bytes per second'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -618,7 +614,6 @@ sub updatevpnn2ngraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'traffic on'}." ".$interface." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'bytes per second'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -683,7 +678,6 @@ sub updatefwhitsgraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'firewall hits per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'bytes per second'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -762,7 +756,6 @@ sub updatefwhitsgraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'firewall hits per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'bytes per second'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -849,7 +842,6 @@ sub updatepinggraph { "-1".$period, "-l 0", "-r", - "-t ".$Lang::tr{'linkq'}." ".$host." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v ms", "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -887,7 +879,6 @@ sub updatewirelessgraph { "-", "--start", "-1".$period, - "-t Wireless ".$interface." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v dBm", "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -925,7 +916,6 @@ sub updatehddgraph { "--start", "-1".$period, "-r", - "-t ".$disk." ".$Lang::tr{'harddisk temperature'}." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v Celsius", "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -959,7 +949,6 @@ sub updatehwtempgraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'mbmon temp'}." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v Celsius", "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -1007,7 +996,6 @@ sub updatehwfangraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'mbmon fan'}." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, "--color=BACK".$color{"color21"}, @@ -1054,7 +1042,6 @@ sub updatehwvoltgraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'mbmon volt'}." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, "--color=BACK".$color{"color21"}, @@ -1121,7 +1108,6 @@ sub updateqosgraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'Utilization on'}." (".$qossettings{'DEV'}.") ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v ".$Lang::tr{'bytes per second'}, "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -1183,7 +1169,6 @@ sub updatecpufreqgraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'cpu frequency per'}." ".$Lang::tr{$period."-graph"}, "-v MHz", "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -1223,7 +1208,6 @@ sub updatethermaltempgraph { "--start", "-1".$period, "-r", - "-t ".$Lang::tr{'acpitemp'}." ".$Lang::tr{'graph per'}." ".$Lang::tr{$period."-graph"}, "-v Celsius", "--color=SHADEA".$color{"color19"}, "--color=SHADEB".$color{"color19"}, @@ -1277,7 +1261,6 @@ sub updateconntrackgraph { "-1" . $period, "-r", "--lower-limit","0", - "-t $Lang::tr{'connection tracking'}", "-v $Lang::tr{'open connections'}", "DEF:conntrack=$mainsettings{'RRDLOG'}/collectd/localhost/conntrack/conntrack.rrd:entropy:AVERAGE", "LINE3:conntrack#ff0000:" . sprintf("%-15s", $Lang::tr{'open connections'}), diff --git a/config/cfgroot/header.pl b/config/cfgroot/header.pl index 66b49e411..af524af53 100644 --- a/config/cfgroot/header.pl +++ b/config/cfgroot/header.pl @@ -18,6 +18,8 @@ use Socket; use Time::Local; use Encode; +require "${General::swroot}/graphs.pl"; + our %color = (); &General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color); @@ -54,10 +56,10 @@ $Header::extraHead = <"; + foreach my $item (sort keys %$submenus) { + $link = getlink($submenus->{$item}); + next if (!is_menu_visible($link) or $link eq ''); + + my $subsubmenus = $submenus->{$item}->{'subMenu'}; + + if ($subsubmenus) { + print '
  • '; + } else { + print '
  • '; + } + print ''.$submenus->{$item}->{'caption'}.''; + + &showsubmenu($subsubmenus) if ($subsubmenus); + print '
    • '; + } + print "" +} + +############################################################################### +# +# print menu html elements +sub showmenu() { + print '
    '; + + if ($settings{'SPEED'} ne 'off') { + print < + $Lang::tr{'traffic stat title'}: + $Lang::tr{'traffic stat in'} --.-- bit/s   + $Lang::tr{'traffic stat out'} --.-- bit/s +
    +EOF + } + + print "
      "; + foreach my $k1 ( sort keys %$menu ) { + $link = getlink($menu->{$k1}); + next if (!is_menu_visible($link) or $link eq ''); + print '
    • '.$menu->{$k1}->{'caption'}.''; + my $submenus = $menu->{$k1}->{'subMenu'}; + &showsubmenu($submenus) if ($submenus); + print "
      • "; + } + + print "
    "; +} + +############################################################################### +# +# print page opening html layout +# @param page title +# @param boh +# @param extra html code for html head section +# @param suppress menu option, can be numeric 1 or nothing. +# menu will be suppressed if param is 1 +sub openpage { + my $title = shift; + my $boh = shift; + my $extrahead = shift; + my $suppressMenu = shift // 0; + + my $headline = "IPFire"; + if (($settings{'WINDOWWITHHOSTNAME'} eq 'on') || ($settings{'WINDOWWITHHOSTNAME'} eq '')) { + $headline = "$settings{'HOSTNAME'}.$settings{'DOMAINNAME'}"; + } + +print < + + + $headline - $title + + + + + + $extrahead + +END + + +print "\n"; + + +if ($settings{'SPEED'} ne 'off') { +print < +END +; +} + +print < + + +END +; + +unless($suppressMenu) { + &genmenu(); + &showmenu(); +} + +print < +
    +
    +

    $title

    +END +; + +# Print user manual link +my $manual_url = &get_manualpage_url(); +if($manual_url) { + print <$Lang::tr{'online help en'} +END +; +} + +print < +END +; +} + +############################################################################### +# +# print page closing html layout + +sub closepage () { + open(FILE, "; + $system_release =~ s/core/$Lang::tr{'core update'} /; + close(FILE); + +print < +
    + + + + +END +; +} + +############################################################################### +# +# print big box opening html layout +sub openbigbox { +} + +############################################################################### +# +# print big box closing html layout +sub closebigbox { +} + +# Sections + +sub opensection($) { + my $title = shift; + + # Open the section + print "
    "; + + # Show the title if set + if ($title) { + print "

    ${title}

    \n"; + } +} + +sub closesection() { + print "
    "; +} + +############################################################################### +# +# print box opening html layout +# @param page width +# @param page align +# @param page caption +sub openbox { + # The width parameter is ignored and should always be '100%' + my $width = shift; + my $align = shift; + + my $title = shift; + + print "
    \n"; + + # Show the title + if ($title) { + print "

    ${title}

    \n"; + } +} + +############################################################################### +# +# print box closing html layout +sub closebox { + print "
    "; +} + +sub graph($) { + my $title = shift; + + # Open a new section with a title + &opensection($title); + + &Graphs::makegraphbox(@_); + + # Close the section + &closesection(); +} sub green_used() { - if ($ethsettings{'GREEN_DEV'} && $ethsettings{'GREEN_DEV'} ne "") { + if ($Network::ethernet{'GREEN_DEV'} && $Network::ethernet{'GREEN_DEV'} ne "") { return 1; } @@ -154,21 +403,14 @@ sub green_used() { } sub orange_used () { - if ($ethsettings{'CONFIG_TYPE'} =~ /^[24]$/) { + if ($Network::ethernet{'CONFIG_TYPE'} =~ /^[24]$/) { return 1; } return 0; } sub blue_used () { - if ($ethsettings{'CONFIG_TYPE'} =~ /^[34]$/) { - return 1; - } - return 0; -} - -sub is_modem { - if ($ethsettings{'CONFIG_TYPE'} =~ /^[0]$/) { + if ($Network::ethernet{'CONFIG_TYPE'} =~ /^[34]$/) { return 1; } return 0; @@ -206,7 +448,7 @@ sub genmenu { if (! blue_used()) { $menu->{'05.firewall'}{'subMenu'}->{'60.wireless'}{'enabled'} = 0; } - if ( $ethsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $ethsettings{'RED_TYPE'} eq 'STATIC' ) { + if ( $Network::ethernet{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ && $Network::ethernet{'RED_TYPE'} eq 'STATIC' ) { $menu->{'03.network'}{'subMenu'}->{'70.aliases'}{'enabled'} = 1; } @@ -214,7 +456,7 @@ sub genmenu { $menu->{'01.system'}{'subMenu'}->{'21.wlan'}{'enabled'} = 1; } - if ( $ethsettings{'RED_TYPE'} eq "PPPOE" && $pppsettings{'MONPORT'} ne "" ) { + if ( $Network::ethernet{'RED_TYPE'} eq "PPPOE" && $Network::ppp{'MONPORT'} ne "" ) { $menu->{'02.status'}{'subMenu'}->{'74.modem-status'}{'enabled'} = 1; } @@ -233,10 +475,24 @@ sub genmenu { } } -sub showhttpheaders -{ - print "Cache-control: private\n"; - print "Content-type: text/html; charset=UTF-8\n\n"; +sub showhttpheaders($) { + my $overwrites = shift; + + my %headers = ( + "Content-Type" => "text/html; charset=UTF-8", + "Cache-Control" => "private", + + # Overwrite anything passed + %$overwrites, + ); + + # Print all headers + foreach my $header (keys %headers) { + print "$header: $headers{$header}\n"; + } + + # End headers + print "\n"; } sub is_menu_visible($) { @@ -377,17 +633,11 @@ sub cleanhtml { sub connectionstatus { - my %pppsettings = (); - my %netsettings = (); my $iface=''; - $pppsettings{'PROFILENAME'} = 'None'; - &General::readhash("${General::swroot}/ppp/settings", \%pppsettings); - &General::readhash("${General::swroot}/ethernet/settings", \%netsettings); - my $profileused=''; - unless ( $netsettings{'RED_TYPE'} =~ /^(DHCP|STATIC)$/ ) { - $profileused="- $pppsettings{'PROFILENAME'}"; + unless ($Network::ethernet{'RED_TYPE'} =~ /^(DHCP|STATIC)$/) { + $profileused="- $Network::ppp{'PROFILENAME'}"; } my ($timestr, $connstate); @@ -398,15 +648,13 @@ sub connectionstatus $timestr = &General::age("${General::swroot}/red/active"); $connstate = "$Lang::tr{'connected'} - ($timestr) $profileused"; } else { - if ((open(KEEPCONNECTED, "{expired}) && ($divider_printed == 0)) { $divider_printed = 1; @@ -511,14 +759,14 @@ END } $id++; } - + print "
    \n"; if ($id % 2) { $col="bgcolor='$table1colour'"; } else { $col="bgcolor='$table2colour'"; } - + if($entries{$key}->{expired}) { print <$entries{$key}->{IPADDR} @@ -599,13 +847,13 @@ sub colorize { return "".$string.""; } elsif ( $string =~ "lo" or $string =~ "127.0.0.0" ){ return "".$string.""; - } elsif ( $string =~ $ethsettings{'GREEN_DEV'} or &General::IpInSubnet($string2,$ethsettings{'GREEN_NETADDRESS'},$ethsettings{'GREEN_NETMASK'}) ){ + } elsif ( $string =~ $Network::ethernet{'GREEN_DEV'} or &General::IpInSubnet($string2,$Network::ethernet{'GREEN_NETADDRESS'},$Network::ethernet{'GREEN_NETMASK'}) ){ return "".$string.""; - } elsif ( $string =~ "ppp0" or $string =~ $ethsettings{'RED_DEV'} or $string =~ "0.0.0.0" or $string =~ $ethsettings{'RED_ADDRESS'} ){ + } elsif ( $string =~ "ppp0" or $string =~ $Network::ethernet{'RED_DEV'} or $string =~ "0.0.0.0" or $string =~ $Network::ethernet{'RED_ADDRESS'} ){ return "".$string.""; - } elsif ( $ethsettings{'CONFIG_TYPE'}>1 and ( $string =~ $ethsettings{'BLUE_DEV'} or &General::IpInSubnet($string2,$ethsettings{'BLUE_NETADDRESS'},$ethsettings{'BLUE_NETMASK'}) )){ + } elsif ( $Network::ethernet{'CONFIG_TYPE'}>1 and ( $string =~ $Network::ethernet{'BLUE_DEV'} or &General::IpInSubnet($string2,$Network::ethernet{'BLUE_NETADDRESS'},$Network::ethernet{'BLUE_NETMASK'}) )){ return "".$string.""; - } elsif ( $ethsettings{'CONFIG_TYPE'}>2 and ( $string =~ $ethsettings{'ORANGE_DEV'} or &General::IpInSubnet($string2,$ethsettings{'ORANGE_NETADDRESS'},$ethsettings{'ORANGE_NETMASK'}) )){ + } elsif ( $Network::ethernet{'CONFIG_TYPE'}>2 and ( $string =~ $Network::ethernet{'ORANGE_DEV'} or &General::IpInSubnet($string2,$Network::ethernet{'ORANGE_NETADDRESS'},$Network::ethernet{'ORANGE_NETMASK'}) )){ return "".$string.""; } else { return $string; diff --git a/config/cfgroot/network-functions.pl b/config/cfgroot/network-functions.pl index 7b38cfac7..5b35114aa 100644 --- a/config/cfgroot/network-functions.pl +++ b/config/cfgroot/network-functions.pl @@ -28,9 +28,12 @@ require "/var/ipfire/general-functions.pl"; use experimental 'smartmatch'; use Socket; -# System ethernet configuration -our %ethernet_settings = (); -&General::readhash("${General::swroot}/ethernet/settings", \%ethernet_settings); +our %ethernet = (); +our %ppp = (); + +# Read configuration files +&General::readhash("${General::swroot}/ethernet/settings", \%ethernet); +&General::readhash("${General::swroot}/ppp/settings", \%ppp); # List of all possible network zones that can be configured our @known_network_zones = ("red", "green", "orange", "blue"); @@ -291,6 +294,43 @@ sub get_broadcast($) { return &bin2ip($network_bin ^ ~$netmask_bin); } +sub get_prefix($) { + my $network = shift; + + # Convert to binary + my ($network_bin, $netmask_bin) = &network2bin($network); + + if (defined $netmask_bin) { + my $prefix = 0; + + while (1) { + # End the loop if we have consumed all ones + last if ($netmask_bin == 0); + + # Increment prefix + $prefix++; + + # Remove the most-significant one + $netmask_bin <<= 1; + $netmask_bin &= 0xffffffff; + } + + return $prefix; + } + + return undef; +} + +sub get_netmask($) { + my $network = shift; + + # Fetch the prefix + my $prefix = &get_prefix($network); + + # Convert to netmask + return &convert_prefix2netmask($prefix); +} + # Returns True if $address is in $network. sub ip_address_in_network($$) { my $address = shift; @@ -556,7 +596,7 @@ sub get_intf_by_address($) { # sub get_available_network_zones () { # Obtain the configuration type from the netsettings hash. - my $config_type = $ethernet_settings{'CONFIG_TYPE'}; + my $config_type = $ethernet{'CONFIG_TYPE'}; # Hash which contains the conversation from the config mode # to the existing network interface names. They are stored like @@ -588,10 +628,10 @@ sub get_available_network_zones () { # sub is_zone_available() { my $zone = lc shift; - + # Make sure the zone is valid die("Unknown network zone '$zone'") unless ($zone ~~ @known_network_zones); - + # Get available zones and return result my @available_zones = get_available_network_zones(); return ($zone ~~ @available_zones); @@ -602,8 +642,8 @@ sub is_zone_available() { # sub is_red_mode_ip() { # Obtain the settings from the netsettings hash - my $config_type = $ethernet_settings{'CONFIG_TYPE'}; - my $red_type = $ethernet_settings{'RED_TYPE'}; + my $config_type = $ethernet{'CONFIG_TYPE'}; + my $red_type = $ethernet{'RED_TYPE'}; # RED must be a network device (configuration 1-4) with dynamic or static IP return (($config_type ~~ [1..4]) && ($red_type ~~ ["DHCP", "STATIC"])); @@ -664,7 +704,7 @@ sub testsuite() { assert('find_next_ip_address("1.2.3.4", 2)', $result eq "1.2.3.6"); $result = &network_equal("192.168.0.0/24", "192.168.0.0/255.255.255.0"); - assert('network_equal("192.168.0.0/24", "192.168.0.0/255.255.255.0")', $result); + assert('network_equal("192.168.0.0/24", "192.168.0.0/255.255.255.0")', !$result); $result = &network_equal("192.168.0.0/24", "192.168.0.0/25"); assert('network_equal("192.168.0.0/24", "192.168.0.0/25")', !$result); @@ -690,6 +730,13 @@ sub testsuite() { $result = &ip_address_in_range("192.168.30.21", "192.168.30.10", "192.168.30.20"); assert('ip_address_in_range("192.168.30.21", "192.168.30.10", "192.168.30.20")', !$result); + # Check &get_prefix() + $result = &get_prefix("192.168.0.0/24"); + assert('get_prefix("192.168.0.0/24")', $result != 24); + + $result = &get_prefix("192.168.0.0/255.255.0.0"); + assert('get_prefix("192.168.0.0/255.255.0.0")', $result != 16); + print "Testsuite completed successfully!\n"; return 0; diff --git a/config/rootfiles/common/web-user-interface b/config/rootfiles/common/web-user-interface index d2ef6ab10..7ec076d2d 100644 --- a/config/rootfiles/common/web-user-interface +++ b/config/rootfiles/common/web-user-interface @@ -355,7 +355,6 @@ srv/web/ipfire/html/themes/ipfire/include/css/style.css srv/web/ipfire/html/themes/ipfire/include/fonts/Prompt-Bold.ttf srv/web/ipfire/html/themes/ipfire/include/fonts/Prompt-Medium.ttf srv/web/ipfire/html/themes/ipfire/include/fonts/Prompt-Regular.ttf -srv/web/ipfire/html/themes/ipfire/include/functions.pl srv/web/ipfire/html/themes/ipfire/include/js srv/web/ipfire/html/themes/ipfire/include/js/refreshInetInfo.js var/updatecache diff --git a/html/cgi-bin/services.cgi b/html/cgi-bin/services.cgi index 0d06ab5fe..e1e901c4e 100644 --- a/html/cgi-bin/services.cgi +++ b/html/cgi-bin/services.cgi @@ -214,7 +214,7 @@ END print "
    \n"; &Header::closebox(); - &Header::openbox('100%', 'center', "$Lang::tr{'processes'} $Lang::tr{'graph'}"); + &Header::opensection('100%', 'center', "$Lang::tr{'processes'} $Lang::tr{'graph'}"); &Graphs::makegraphbox("services.cgi","processescpu","day"); &Header::closebox(); diff --git a/html/cgi-bin/system.cgi b/html/cgi-bin/system.cgi index c1da5f536..a6f60409d 100644 --- a/html/cgi-bin/system.cgi +++ b/html/cgi-bin/system.cgi @@ -26,32 +26,24 @@ use strict; #use CGI::Carp 'fatalsToBrowser'; require '/var/ipfire/general-functions.pl'; -require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; -require "${General::swroot}/graphs.pl"; -my %color = (); my %mainsettings = (); &General::readhash("${General::swroot}/main/settings", \%mainsettings); -&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color); &Header::showhttpheaders(); + &Header::openpage($Lang::tr{'status information'}, 1, ''); -&Header::openbigbox('100%', 'left'); -&Header::openbox('100%', 'center', "CPU $Lang::tr{'graph'}"); -&Graphs::makegraphbox("system.cgi","cpu","day"); -&Header::closebox(); +# Processor Graph +&Header::graph("$Lang::tr{'processors'}", "system.cgi", "cpu", "day"); +# CPU Frequency if ( -e "$mainsettings{'RRDLOG'}/collectd/localhost/cpufreq/cpufreq-0.rrd"){ - &Header::openbox('100%', 'center', "$Lang::tr{'cpu frequency'} $Lang::tr{'graph'}"); - &Graphs::makegraphbox("system.cgi","cpufreq","day"); - &Header::closebox(); + &Header::graph("$Lang::tr{'cpu frequency'}", "system.cgi", "cpufreq", "day"); } -&Header::openbox('100%', 'center', "$Lang::tr{'uptime load average'} $Lang::tr{'graph'}"); -&Graphs::makegraphbox("system.cgi","load","day"); -&Header::closebox(); +# Load Average +&Header::graph("$Lang::tr{'load average'}", "system.cgi", "load", "day"); -&Header::closebigbox(); &Header::closepage(); diff --git a/html/cgi-bin/vulnerabilities.cgi b/html/cgi-bin/vulnerabilities.cgi index 217952578..030c824aa 100644 --- a/html/cgi-bin/vulnerabilities.cgi +++ b/html/cgi-bin/vulnerabilities.cgi @@ -98,73 +98,56 @@ if ($notice) { &Header::openbox('100%', 'center', $Lang::tr{'processor vulnerability mitigations'}); print < + - - + END -my $id = 0; for my $vuln (sort keys %VULNERABILITIES) { my ($status, $message) = &check_status($vuln); next if (!$status); - my $colour = ""; - my $bgcolour = ""; - my $status_message = ""; + my $status_message = $status; # Not affected - if ($status eq "Not affected") { + if ($status eq "not-affected") { $status_message = $Lang::tr{'not affected'}; - $colour = "white"; - $bgcolour = ${Header::colourgreen}; # Vulnerable - } elsif ($status eq "Vulnerable") { + } elsif ($status eq "vulnerable") { $status_message = $Lang::tr{'vulnerable'}; - $colour = "white"; - $bgcolour = ${Header::colourred}; # Mitigated - } elsif ($status eq "Mitigation") { + } elsif ($status eq "mitigation") { $status_message = $Lang::tr{'mitigated'}; - $colour = "white"; - $bgcolour = ${Header::colourblue}; - - # Unknown report from kernel - } else { - $status_message = $status; - $colour = "black"; - $bgcolour = ${Header::colouryellow}; } - my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'}; - print < - + + - END @@ -239,11 +222,13 @@ sub check_status($) { # Fix status when something has been mitigated, but not fully, yet if ($status =~ /^(Mitigation): (.*vulnerable.*)$/) { - return ("Vulnerable", $status); - } + return ("vulnerable", $status); - if ($status =~ /^(Vulnerable|Mitigation): (.*)$/) { - return ($1, $2); + } elsif ($status eq "Not affected") { + return "not-affected"; + + } elsif ($status =~ /^(Vulnerable|Mitigation): (.*)$/) { + return (lc $1, $2); } return $status; diff --git a/html/html/themes/ipfire/include/css/style.css b/html/html/themes/ipfire/include/css/style.css index 7cf85d68d..8fb343263 100644 --- a/html/html/themes/ipfire/include/css/style.css +++ b/html/html/themes/ipfire/include/css/style.css @@ -1,3 +1,17 @@ +:root { + --color-green : #339933; + --color-green-invert : #ffffff; + --color-red : #993333; + --color-red-invert : #ffffff; + --color-blue : #333399; + --color-blue-invert : #ffffff; + --color-grey : #d6d6d6; + --color-light-grey : #f0f0f0; + + --color-primary : #ff2e52; + --color-primary-invert : #ffffff; + --color-text : #363636; +} /* This controls the width of the fixed width layouts */ @@ -80,9 +94,10 @@ body { h1, h2, h3, h4, h5, h6 { font-size: 20px; - font-weight: normal; - letter-spacing: -1px; - text-align: left; +} + +select, textarea, input[type=text], input[type=number] { + width: 100%; } br.clear { @@ -154,6 +169,20 @@ iframe { border-radius: 3px 3px 3px 3px; } +section { + margin-bottom: 2rem; +} + +section.is-box { + padding: 0.75rem 1rem; + border: 1px solid var(--color-grey); +} + +section .title { + margin-bottom: 1rem; + border-bottom: 1px solid var(--color-grey); +} + #main_inner { padding-bottom: 1.5em; } @@ -172,19 +201,6 @@ iframe { margin-bottom: 1em; } -#main_inner .post { - border: 1px solid silver; - padding: 1em 2em 1em 2em; - margin-bottom: 1em; - clear: both; -} - -#main_inner .post h2 { - border-bottom: dotted 1px #e1e1e1; - font-size: 1.6em; - margin-bottom: 1em; -} - #main_header > * { display: inline-block; vertical-align: baseline; @@ -289,6 +305,18 @@ table { padding-right: 0.5em; } +.tbl th[scope=row] { + text-align: left; +} + +.tbl tr:nth-child(odd) td { + background-color: var(--color-grey); +} + +.tbl tr:nth-child(even) td { + background-color: var(--color-light-grey); +} + .tbl th:first-child { border-left: 1px solid #363636; border-top: 1px solid #363636; @@ -337,10 +365,87 @@ table { border-bottom: 1px solid #363636; } +.tbl .status { + text-align: center; + font-weight: bold; +} + +.tbl .status.is-running { + background-color: var(--color-green); + color: var(--color-green-invert); +} + +.tbl .status.is-stopped { + background-color: var(--color-red); + color: var(--color-red-invert); + + width: 33%; +} + +.tbl .status.is-vulnerable { + background-color: var(--color-red); + color: var(--color-red-invert); +} + +.tbl .status.is-mitigation { + background-color: var(--color-blue); + color: var(--color-blue-invert); +} + +.tbl .status.is-not-affected { + background-color: var(--color-green); + color: var(--color-green-invert); +} + table.fw-nat tbody tr td { height: 2.25em; } +/* + Graphs +*/ + +.graph { + padding: 0.125rem; +} + +.graph img { + width: 100%; + min-height: 360px; + + margin-bottom: 0.5rem; + padding: 0; + + border: 1px solid var(--color-grey); +} + +.graph ul { + list-style-type: none; + + display: flex; + justify-content: center; +} + +.graph ul li { + margin: 0 0.125rem; +} + +.graph ul li button { + background: none; + border: none; + cursor: pointer; + + background-color: var(--color-grey); + color: var(--color-text); + + padding: 0.5rem 1rem; +} + +.graph ul li button.selected { + background-color: var(--color-primary); + color: var(--color-primary-invert); +} + /* RRD graph images */ div.rrdimage > ul { diff --git a/html/html/themes/ipfire/include/functions.pl b/html/html/themes/ipfire/include/functions.pl deleted file mode 100644 index 5ea3f9fa7..000000000 --- a/html/html/themes/ipfire/include/functions.pl +++ /dev/null @@ -1,267 +0,0 @@ -#!/usr/bin/perl -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see . # -# # -############################################################################### -# # -# Theme file for IPfire (based on ipfire theme) # -# Author kay-michael köhler kmk # -# # -# Version 1.0 March, 6th 2013 # -############################################################################### -# # -# Modyfied theme by a.marx@ipfire.org January 2014 # -# # -# Cleanup code, deleted unused code and rewrote the rest to get a new working # -# IPFire default theme. # -############################################################################### - -############################################################################### -# -# print menu html elements for submenu entries -# @param submenu entries -sub showsubmenu() { - my $submenus = shift; - - print "
      "; - foreach my $item (sort keys %$submenus) { - $link = getlink($submenus->{$item}); - next if (!is_menu_visible($link) or $link eq ''); - - my $subsubmenus = $submenus->{$item}->{'subMenu'}; - - if ($subsubmenus) { - print '
    • '; - } else { - print '
    • '; - } - print ''.$submenus->{$item}->{'caption'}.''; - - &showsubmenu($subsubmenus) if ($subsubmenus); - print '
      • '; - } - print "
    " -} - -############################################################################### -# -# print menu html elements -sub showmenu() { - print '
    '; - - if ($settings{'SPEED'} ne 'off') { - print < - $Lang::tr{'traffic stat title'}: - $Lang::tr{'traffic stat in'} --.-- bit/s   - $Lang::tr{'traffic stat out'} --.-- bit/s -
    -EOF - } - - print "
      "; - foreach my $k1 ( sort keys %$menu ) { - $link = getlink($menu->{$k1}); - next if (!is_menu_visible($link) or $link eq ''); - print '
    • '.$menu->{$k1}->{'caption'}.''; - my $submenus = $menu->{$k1}->{'subMenu'}; - &showsubmenu($submenus) if ($submenus); - print "
      • "; - } - - print "
    "; -} - -############################################################################### -# -# print page opening html layout -# @param page title -# @param boh -# @param extra html code for html head section -# @param suppress menu option, can be numeric 1 or nothing. -# menu will be suppressed if param is 1 -sub openpage { - my $title = shift; - my $boh = shift; - my $extrahead = shift; - my $suppressMenu = shift // 0; - - my $headline = "IPFire"; - if (($settings{'WINDOWWITHHOSTNAME'} eq 'on') || ($settings{'WINDOWWITHHOSTNAME'} eq '')) { - $headline = "$settings{'HOSTNAME'}.$settings{'DOMAINNAME'}"; - } - -print < - - - $headline - $title - - - - - - $extrahead - -END - - -print "\n"; - - -if ($settings{'SPEED'} ne 'off') { -print < -END -; -} - -print < - - -END -; - -unless($suppressMenu) { - &genmenu(); - &showmenu(); -} - -print < -
    -
    -

    $title

    -END -; - -# Print user manual link -my $manual_url = &Header::get_manualpage_url(); -if($manual_url) { - print <$Lang::tr{'online help en'} -END -; -} - -print < -END -; -} - -############################################################################### -# -# print page opening html layout without menu -# @param page title -# @param boh -# @param extra html code for html head section -sub openpagewithoutmenu { - openpage(shift,shift,shift,1); - return; -} - -############################################################################### -# -# print page closing html layout - -sub closepage () { - open(FILE, "; - $system_release =~ s/core/$Lang::tr{'core update'} /; - close(FILE); - -print < -
    - - - - -END -; -} - -############################################################################### -# -# print big box opening html layout -sub openbigbox { -} - -############################################################################### -# -# print big box closing html layout -sub closebigbox { -} - -############################################################################### -# -# print box opening html layout -# @param page width -# @param page align -# @param page caption -sub openbox { - $width = $_[0]; - $align = $_[1]; - $caption = $_[2]; - - if($align eq 'center') { - print "
    \n" - } - else { - print "
    \n"; - } - - if ($caption) { - print "

    $caption

    \n"; - } -} - -############################################################################### -# -# print box closing html layout -sub closebox { - print "
    "; -} diff --git a/src/initscripts/networking/functions.network b/src/initscripts/networking/functions.network index 4c7ad51d4..e134d0cce 100644 --- a/src/initscripts/networking/functions.network +++ b/src/initscripts/networking/functions.network @@ -19,12 +19,153 @@ # # ############################################################################### -. /etc/sysconfig/rc -. $rc_functions - eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) eval $(/usr/local/bin/readhash /var/ipfire/dns/settings) +ip2bin() { + local address="${1}" + + local IFS='.' + local octet + + local n=0 + + for octet in ${address}; do + # Shift n + (( n <<= 8 )) + + # Apply the octet + (( n |= octet )) + done + + echo "${n}" +} + +bin2ip() { + local n="${1}" + + local IFS='.' + local address=() + + for i in {3..0}; do + address+=( $(( n >> (8 * i) & 0xff )) ) + done + + echo "${address[*]}" +} + +network_get_address() { + local network="${1}" + + # Return everything before the slash + echo "${network%%/*}" +} + +network_get_prefix() { + local network="${1}" + + # Consider everything after the / the prefix + local prefix="${network##*/}" + + # If the prefix is valid, return it + if network_prefix_is_valid "${prefix}"; then + echo "${prefix}" + + # Otherwise it might be a subnet mask + else + network_netmask_to_prefix "${prefix}" + fi +} + +network_get_netmask() { + local network="${1}" + + # Consider everything after the / the netmask + local netmask="${network##*/}" + + # If we have a prefix, we need to convert + if network_prefix_is_valid "${netmask}"; then + network_prefix_to_netmask "${netmask}" + + # Otherwise return what we got + else + echo "${netmask}" + fi +} + +network_prefix_is_valid() { + local prefix="${1}" + + # The prefix must be numbers only + if ! [[ "${prefix}" =~ ^[0-9]+$ ]]; then + return 1 + fi + + # Must be a number between 0 and 32 (inclusive) + [ "${prefix}" -ge 0 -a "${prefix}" -le 32 ] +} + +network_prefix_to_netmask() { + local prefix="${1}" + + # Set n with all bits set + local n=0xffffffff + + # Shift + (( n <<= (32 - prefix) )) + + # Convert back + bin2ip "${n}" +} + +network_netmask_to_prefix() { + local netmask="${1}" + + local prefix=0 + + # Convert to binary + local n="$(ip2bin "${netmask}")" + + while [ "${n}" -gt 0 ]; do + # If the highest bit is not set, we are done + [ "$(( n & (1 << 31) ))" -eq 0 ] && break + + # Increment prefix & shift n + (( prefix++ )) + (( n <<= 1 )) + done + + echo "${prefix}" +} + +network_address_in_network() { + local address="${1}" + local network="${2}" + + # Split the network into its address & mask + local netaddr="$(network_get_address "${network}")" + local netmask="$(network_get_netmask "${network}")" + + # Abort if we could not parse the network + if [ -z "${netaddr}" -o -z "${netmask}" ]; then + return 1 + fi + + # Convert everything to binary + address="$(ip2bin "${address}")" + netaddr="$(ip2bin "${netaddr}")" + netmask="$(ip2bin "${netmask}")" + + # Ensure the network address is the first address + (( netaddr &= netmask )) + + # Compute broadcast + local broadcast=$(( netaddr | (~netmask & 0xffffffff) )) + + # Return true if address is in the network + [ "${address}" -ge "${netaddr}" -a "${address}" -le "${broadcast}" ] +} + dhcpcd_get_pid() { # This function returns the pid of a dhcpcd by a given # network device, if a pidfile exists. diff --git a/src/initscripts/networking/red b/src/initscripts/networking/red index beb665e5f..34ee8cc58 100644 --- a/src/initscripts/networking/red +++ b/src/initscripts/networking/red @@ -402,19 +402,10 @@ case "${1}" in AUTH="" fi - ### Dial On Demand - # - if [ "${RECONNECTION}" != "persistent" ]; then - if [ "${TIMEOUT}" != "0" ] && [ "${TIMEOUT}" != "" ]; then - SECONDS=$[${TIMEOUT} * 60] - else - SECONDS=300 - fi - if [ "${RECONNECTION}" == "dialondemand" ]; then - touch /var/ipfire/red/dial-on-demand - DEMAND="demand persist idle ${SECONDS} 10.112.112.112:10.112.112.113" - DEMAND+=" ipcp-accept-remote ipcp-accept-local noipdefault ktune" - fi + if [ "${TIMEOUT}" != "0" ] && [ "${TIMEOUT}" != "" ]; then + SECONDS=$[${TIMEOUT} * 60] + else + SECONDS=300 fi if [ "$TYPE" == "pppoe" ]; then diff --git a/src/initscripts/system/connectd b/src/initscripts/system/connectd index 5ab186108..d956c2847 100644 --- a/src/initscripts/system/connectd +++ b/src/initscripts/system/connectd @@ -36,10 +36,6 @@ if [ ! $HOLDOFF ]; then HOLDOFF=30 fi -if [ "$RECONNECTION" = "dialondemand" ]; then - exit 0 -fi - msg_log () { logger -t $(basename $0)[$$] $* } diff --git a/src/initscripts/system/functions b/src/initscripts/system/functions index b610143ab..1fa256e80 100644 --- a/src/initscripts/system/functions +++ b/src/initscripts/system/functions @@ -512,7 +512,7 @@ loadproc() esac fi - local cmd="${@}" + local cmd=( "${@}" ) if [ -n "${nicelevel}" ]; then cmd="nice -n "${nicelevel}" ${cmd}" @@ -520,13 +520,12 @@ loadproc() if [ -n "${background}" ]; then ( - ${cmd} &>/dev/null + ${cmd[@]} &>/dev/null ) & pid="$!" evaluate_retval else - ${cmd} - pid="$!" + ${cmd[@]} evaluate_retval # This is "Probably" not LSB compliant, but required to be compatible with older bootscripts fi
    - $Lang::tr{'vulnerability'} + + $Lang::tr{'vulnerability'} - $Lang::tr{'status'} + + + $Lang::tr{'status'}
    - $VULNERABILITIES{$vuln} -
    + $VULNERABILITIES{$vuln} + - + END if ($message) { - print "$status_message - $message"; + print "$status_message - $message"; } else { - print "$status_message"; + print "$status_message"; } print <