mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-10 02:55:55 +02:00
Merge branch 'perl-system' into next
This commit is contained in:
Michael Tremer
@@ -28,6 +28,77 @@ $General::adminmanualurl = 'http://wiki.ipfire.org';
|
||||
|
||||
require "${General::swroot}/network-functions.pl";
|
||||
|
||||
# This function executes a shell command without forking a shell or do any other
|
||||
# Perl-voodoo before it. It deprecates the "system" command and is the only way
|
||||
# to call shell commands.
|
||||
sub safe_system($) {
|
||||
my @command = @_;
|
||||
|
||||
system { ${command[0]} } @command;
|
||||
|
||||
# Return exit code
|
||||
return $? >> 8;
|
||||
}
|
||||
|
||||
# Calls a process in the background and returns nothing
|
||||
sub system_background($) {
|
||||
my $pid = fork();
|
||||
|
||||
unless ($pid) {
|
||||
my $rc = &system(@_);
|
||||
exit($rc);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
# Returns the output of a shell command
|
||||
sub system_output($) {
|
||||
my @command = @_;
|
||||
my $pid;
|
||||
my @output = ();
|
||||
|
||||
unless ($pid = open(OUTPUT, "-|")) {
|
||||
open(STDERR, ">&STDOUT");
|
||||
exec { ${command[0]} } @command;
|
||||
die "Could not execute @command: $!";
|
||||
}
|
||||
|
||||
waitpid($pid, 0);
|
||||
|
||||
while (<OUTPUT>) {
|
||||
push(@output, $_);
|
||||
}
|
||||
close(OUTPUT);
|
||||
|
||||
return @output;
|
||||
}
|
||||
|
||||
# Calls a shell command and throws away the output
|
||||
sub system($) {
|
||||
my @command = @_;
|
||||
|
||||
open(SAVEOUT, ">&STDOUT");
|
||||
open(SAVEERR, ">&STDERR");
|
||||
|
||||
open(STDOUT, ">/dev/null");
|
||||
open(STDERR, ">&STDOUT");
|
||||
|
||||
select(STDERR); $|=1;
|
||||
select(STDOUT); $|=1;
|
||||
|
||||
my $rc = &safe_system(@command);
|
||||
|
||||
close(STDOUT);
|
||||
close(STDERR);
|
||||
|
||||
# Restore
|
||||
open(STDOUT, ">&SAVEOUT");
|
||||
open(STDERR, ">&SAVEERR");
|
||||
|
||||
return $rc;
|
||||
}
|
||||
|
||||
# Function to remove duplicates from an array
|
||||
sub uniq { my %seen; grep !$seen{$_}++, @_ }
|
||||
|
||||
|
||||
@@ -118,7 +118,7 @@ sub check_and_create_filelayout() {
|
||||
#
|
||||
sub checkdiskspace () {
|
||||
# Call diskfree to gather the free disk space of /var.
|
||||
my @df = `/bin/df -B M /var`;
|
||||
my @df = &General::system_output("/bin/df", "-B", "M", "/var");
|
||||
|
||||
# Loop through the output.
|
||||
foreach my $line (@df) {
|
||||
@@ -463,7 +463,7 @@ sub call_suricatactrl ($) {
|
||||
|
||||
# Call the suricatactrl binary and pass the "cron" command
|
||||
# with the requrested interval.
|
||||
system("$suricatactrl $option $interval &>/dev/null");
|
||||
&General::system("$suricatactrl", "$option", "$interval");
|
||||
|
||||
# Return "1" - True.
|
||||
return 1;
|
||||
@@ -475,7 +475,7 @@ sub call_suricatactrl ($) {
|
||||
} else {
|
||||
# Call the suricatactrl binary and pass the requrested
|
||||
# option to it.
|
||||
system("$suricatactrl $option &>/dev/null");
|
||||
&General::system("$suricatactrl", "$option");
|
||||
|
||||
# Return "1" - True.
|
||||
return 1;
|
||||
|
||||
@@ -360,7 +360,7 @@ sub _get_wireless_status($) {
|
||||
my $intf = shift;
|
||||
|
||||
if (!$wireless_status{$intf}) {
|
||||
$wireless_status{$intf} = `iwconfig $intf`;
|
||||
$wireless_status{$intf} = &General::system_output("iwconfig", "$intf");
|
||||
}
|
||||
|
||||
return $wireless_status{$intf};
|
||||
|
||||
@@ -567,7 +567,7 @@ sub SortDataFile
|
||||
#
|
||||
sub BuildConfiguration {
|
||||
# Restart service associated with this
|
||||
system '/usr/local/bin/setaliases';
|
||||
&General::system('/usr/local/bin/setaliases');
|
||||
}
|
||||
|
||||
#
|
||||
|
||||
@@ -54,7 +54,7 @@ $cgiparams{'BACKUPLOGS'} = '';
|
||||
############################################################################################################################
|
||||
################################################ Workaround for Directories ################################################
|
||||
|
||||
system("/usr/local/bin/backupctrl makedirs >/dev/null 2>&1 ") unless ( -e '/var/ipfire/backup/addons/backup') ;
|
||||
&General::system("/usr/local/bin/backupctrl", "makedirs") unless ( -e '/var/ipfire/backup/addons/backup') ;
|
||||
|
||||
############################################################################################################################
|
||||
############################################## System calls ohne Http Header ###############################################
|
||||
@@ -85,7 +85,7 @@ if ($cgiparams{'ACTION'} eq "download") {
|
||||
print UPLOADFILE;
|
||||
}
|
||||
close UPLOADFILE;
|
||||
system("/usr/local/bin/backupctrl restore >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/backupctrl", "restore");
|
||||
}
|
||||
elsif ( $cgiparams{'ACTION'} eq "restoreaddon" )
|
||||
{
|
||||
@@ -99,7 +99,7 @@ elsif ( $cgiparams{'ACTION'} eq "restoreaddon" )
|
||||
print UPLOADFILE;
|
||||
}
|
||||
close UPLOADFILE;
|
||||
system("/usr/local/bin/backupctrl restoreaddon ".$temp[$#temp]." >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/backupctrl", "restoreaddon", $temp[$#temp]);
|
||||
}
|
||||
|
||||
&Header::showhttpheaders();
|
||||
@@ -115,11 +115,11 @@ sub refreshpage{&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' cont
|
||||
if ( $cgiparams{'ACTION'} eq "backup" )
|
||||
{
|
||||
if ( $cgiparams{'BACKUPLOGS'} eq "include" ) {
|
||||
system("/usr/local/bin/backupctrl include >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/backupctrl", "include");
|
||||
} elsif ( $cgiparams{'BACKUPLOGS'} eq "exclude" ) {
|
||||
system("/usr/local/bin/backupctrl exclude >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/backupctrl", "exclude");
|
||||
} elsif ( $cgiparams{'BACKUPLOGS'} eq "iso" ) {
|
||||
system("/usr/local/bin/backupctrl iso >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/backupctrl", "iso");
|
||||
}
|
||||
}
|
||||
if ( $cgiparams{'ACTION'} eq "addonbackup" )
|
||||
@@ -130,14 +130,14 @@ if ( $cgiparams{'ACTION'} eq "addonbackup" )
|
||||
# Check if the addon exists
|
||||
exit(1) unless (-e "/var/ipfire/backup/addons/includes/$cgiparams{'ADDON'}");
|
||||
|
||||
system("/usr/local/bin/backupctrl addonbackup $cgiparams{'ADDON'} >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/backupctrl", "addonbackup", "$cgiparams{'ADDON'}");
|
||||
}
|
||||
elsif ( $cgiparams{'ACTION'} eq "delete" )
|
||||
{
|
||||
my $file = &sanitise_file($cgiparams{'FILE'});
|
||||
exit(1) unless defined($file);
|
||||
|
||||
system("/usr/local/bin/backupctrl $file >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/backupctrl", "$file");
|
||||
}
|
||||
|
||||
############################################################################################################################
|
||||
|
||||
@@ -64,7 +64,7 @@ my $errormessage='';
|
||||
my $clients="${General::swroot}/captive/clients";
|
||||
my %clientshash=();
|
||||
my $settingsfile="${General::swroot}/captive/settings";
|
||||
unless (-e $settingsfile) { system("touch $settingsfile"); }
|
||||
unless (-e $settingsfile) { &General::system("touch $settingsfile"); }
|
||||
|
||||
&Header::getcgihash(\%cgiparams);
|
||||
|
||||
|
||||
@@ -146,6 +146,9 @@ if ($netsettings{'RED_DEV'}) {
|
||||
}
|
||||
}
|
||||
|
||||
# Call safe system_output function to get all available routes.
|
||||
my @all_routes = &General::system_output("/sbin/route", "-n");
|
||||
|
||||
# Add Green Firewall Interface
|
||||
push(@network, $netsettings{'GREEN_ADDRESS'});
|
||||
push(@masklen, "255.255.255.255" );
|
||||
@@ -157,7 +160,7 @@ push(@masklen, $netsettings{'GREEN_NETMASK'} );
|
||||
push(@colour, ${Header::colourgreen} );
|
||||
|
||||
# Add Green Routes to Array
|
||||
my @routes = `/sbin/route -n | /bin/grep $netsettings{'GREEN_DEV'}`;
|
||||
my @routes = grep (/$netsettings{'GREEN_DEV'}/, @all_routes);
|
||||
foreach my $route (@routes) {
|
||||
chomp($route);
|
||||
my @temp = split(/[\t ]+/, $route);
|
||||
@@ -178,7 +181,7 @@ if ($netsettings{'BLUE_DEV'}) {
|
||||
push(@colour, ${Header::colourblue} );
|
||||
|
||||
# Add Blue Routes to Array
|
||||
@routes = `/sbin/route -n | /bin/grep $netsettings{'BLUE_DEV'}`;
|
||||
@routes = grep(/$netsettings{'BLUE_DEV'}/, @all_routes);
|
||||
foreach my $route (@routes) {
|
||||
chomp($route);
|
||||
my @temp = split(/[\t ]+/, $route);
|
||||
@@ -199,7 +202,7 @@ if ($netsettings{'ORANGE_DEV'}) {
|
||||
push(@masklen, $netsettings{'ORANGE_NETMASK'} );
|
||||
push(@colour, ${Header::colourorange} );
|
||||
# Add Orange Routes to Array
|
||||
@routes = `/sbin/route -n | /bin/grep $netsettings{'ORANGE_DEV'}`;
|
||||
@routes = grep(/$netsettings{'ORANGE_DEV'}/, @all_routes);
|
||||
foreach my $route (@routes) {
|
||||
chomp($route);
|
||||
my @temp = split(/[\t ]+/, $route);
|
||||
|
||||
@@ -342,7 +342,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
|
||||
# Handle forced updates.
|
||||
#
|
||||
if ($settings{'ACTION'} eq $Lang::tr{'instant update'}) {
|
||||
system(@ddnsprog) == 0 or die "@ddnsprog failed: $?\n";
|
||||
&General::system(@ddnsprog) == 0 or die "@ddnsprog failed: $?\n";
|
||||
}
|
||||
|
||||
#
|
||||
|
||||
@@ -130,6 +130,15 @@ open(FILE, "$filename2") or die 'Unable to open fixed leases file.';
|
||||
our @current2 = <FILE>;
|
||||
close(FILE);
|
||||
|
||||
# Open and read-in file which contains the list of allowed advanced options.
|
||||
open(FILE, $filename3) or die "Could not open $filename3. $!\n";
|
||||
|
||||
# Grab file content.
|
||||
my @advoptions_list = <FILE>;
|
||||
|
||||
# Close file handle.
|
||||
close(FILE);
|
||||
|
||||
# Check Settings1 first because they are needed by &buildconf
|
||||
if ($dhcpsettings{'ACTION'} eq $Lang::tr{'save'}) {
|
||||
foreach my $itf (@ITFs) {
|
||||
@@ -338,7 +347,7 @@ if ($dhcpsettings{'ACTION'} eq $Lang::tr{'add'}.'1' &&
|
||||
map ($dhcpsettings{"ADVOPT_SCOPE_$_"} = 'off', @ITFs); # force global
|
||||
} elsif (ValidNewOption ($dhcpsettings{'ADVOPT_NAME'} . ' ' . $dhcpsettings{'ADVOPT_DATA'})) {
|
||||
#was a new option
|
||||
} elsif (! `grep "\$option $dhcpsettings{'ADVOPT_NAME'} " $filename3`) {
|
||||
} elsif (! grep(/option $dhcpsettings{'ADVOPT_NAME'}/, @advoptions_list)) {
|
||||
$errormessage=$Lang::tr{'dhcp advopt unknown'}.': '.$dhcpsettings{'ADVOPT_NAME'};
|
||||
}
|
||||
|
||||
@@ -714,7 +723,20 @@ if ($dhcpsettings{'KEY1'} ne '') {
|
||||
}
|
||||
|
||||
#search if the 'option' is in the list and print the syntax model
|
||||
my $opt = `grep "\$option $dhcpsettings{'ADVOPT_NAME'} " $filename3`;
|
||||
my $opt;
|
||||
|
||||
# Check if a advanced option name is set.
|
||||
if ($dhcpsettings{'ADVOPT_NAME'}) {
|
||||
# Check if the name is part of the list and grab syntax.
|
||||
my @opt = grep(/option $dhcpsettings{'ADVOPT_NAME'}/, @advoptions_list);
|
||||
|
||||
# Assign array element to variable.
|
||||
$opt = @opt[0];
|
||||
|
||||
# Remove newlines.
|
||||
chomp($opt);
|
||||
}
|
||||
|
||||
if ($opt ne '') {
|
||||
$opt =~ s/option $dhcpsettings{'ADVOPT_NAME'}/Syntax:/; # "option xyz abc" => "syntax: abc"
|
||||
$opt =~ s/;//;
|
||||
@@ -1330,7 +1352,7 @@ sub buildconf {
|
||||
print FILE "}\n\n";
|
||||
}
|
||||
|
||||
system ('/usr/bin/touch', "${General::swroot}/dhcp/enable_${lc_itf}");
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/dhcp/enable_${lc_itf}");
|
||||
&General::log("DHCP on ${itf}: " . $Lang::tr{'dhcp server enabled'})
|
||||
} else {
|
||||
unlink "${General::swroot}/dhcp/enable_${lc_itf}";
|
||||
@@ -1357,9 +1379,9 @@ sub buildconf {
|
||||
}
|
||||
print FILE "include \"${General::swroot}/dhcp/dhcpd.conf.local\";\n";
|
||||
close FILE;
|
||||
if ( $dhcpsettings{"ENABLE_GREEN"} eq 'on' || $dhcpsettings{"ENABLE_BLUE"} eq 'on' ) {system '/usr/local/bin/dhcpctrl enable >/dev/null 2>&1';}
|
||||
else {system '/usr/local/bin/dhcpctrl disable >/dev/null 2>&1';}
|
||||
system '/usr/local/bin/dhcpctrl restart >/dev/null 2>&1 &';
|
||||
if ( $dhcpsettings{"ENABLE_GREEN"} eq 'on' || $dhcpsettings{"ENABLE_BLUE"} eq 'on' ) {&General::system('/usr/local/bin/dhcpctrl', 'enable');}
|
||||
else {&General::system('/usr/local/bin/dhcpctrl', 'disable');}
|
||||
&General::system_background('/usr/local/bin/dhcpctrl', 'restart');
|
||||
}
|
||||
|
||||
#
|
||||
|
||||
@@ -48,8 +48,8 @@ my $settings_file = "${General::swroot}/dns/settings";
|
||||
my $servers_file = "${General::swroot}/dns/servers";
|
||||
|
||||
# Create files if the does not exist.
|
||||
unless (-f $settings_file) { system("touch $settings_file") };
|
||||
unless (-f $servers_file) { system("touch $servers_file") };
|
||||
unless (-f $settings_file) { &General::system("touch", "$settings_file") };
|
||||
unless (-f $servers_file) { &General::system("touch", "$servers_file") };
|
||||
|
||||
# File which stores the ISP assigned DNS servers.
|
||||
my @ISP_nameserver_files = ( "/var/run/dns1", "/var/run/dns2" );
|
||||
@@ -844,7 +844,7 @@ sub _handle_unbound_and_more () {
|
||||
&IDS::call_suricatactrl("restart");
|
||||
}
|
||||
# Restart unbound
|
||||
system('/usr/local/bin/unboundctrl reload >/dev/null');
|
||||
&General::system('/usr/local/bin/unboundctrl', 'reload');
|
||||
}
|
||||
|
||||
# Check if the system is online (RED is connected).
|
||||
|
||||
@@ -124,7 +124,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
|
||||
}
|
||||
}
|
||||
# Restart unbound
|
||||
system('/usr/local/bin/unboundctrl reload >/dev/null');
|
||||
&General::system('/usr/local/bin/unboundctrl', 'reload');
|
||||
}
|
||||
|
||||
###
|
||||
@@ -142,7 +142,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'remove'})
|
||||
}
|
||||
close(FILE);
|
||||
# Restart unbound.
|
||||
system('/usr/local/bin/unboundctrl reload >/dev/null');
|
||||
&General::system('/usr/local/bin/unboundctrl', 'reload');
|
||||
}
|
||||
|
||||
###
|
||||
@@ -169,7 +169,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'})
|
||||
}
|
||||
close(FILE);
|
||||
# Restart unbound.
|
||||
system('/usr/local/bin/unboundctrl reload >/dev/null');
|
||||
&General::system('/usr/local/bin/unboundctrl', 'reload');
|
||||
}
|
||||
|
||||
###
|
||||
|
||||
@@ -53,8 +53,8 @@ my $partitionsfile = "/var/ipfire/extrahd/partitions";
|
||||
my @dummy = ( ${Header::colourgreen}, ${Header::colourred} );
|
||||
undef (@dummy);
|
||||
|
||||
system("/usr/local/bin/extrahdctrl scanhd ide >/dev/null");
|
||||
system("/usr/local/bin/extrahdctrl scanhd partitions >/dev/null");
|
||||
&General::system("/usr/local/bin/extrahdctrl", "scanhd", "ide");
|
||||
&General::system("/usr/local/bin/extrahdctrl", "scanhd", "partitions");
|
||||
|
||||
&Header::showhttpheaders();
|
||||
|
||||
@@ -98,12 +98,12 @@ if ($extrahdsettings{'ACTION'} eq $Lang::tr{'add'})
|
||||
UUID=$extrahdsettings{'UUID'};$extrahdsettings{'FS'};$extrahdsettings{'PATH'};
|
||||
END
|
||||
;
|
||||
system("/usr/local/bin/extrahdctrl mount $extrahdsettings{'PATH'}");
|
||||
&General::system("/usr/local/bin/extrahdctrl", "mount", "$extrahdsettings{'PATH'}");
|
||||
}
|
||||
}
|
||||
elsif ($extrahdsettings{'ACTION'} eq $Lang::tr{'delete'})
|
||||
{
|
||||
if ( `/usr/local/bin/extrahdctrl umount $extrahdsettings{'PATH'}` ) {
|
||||
if ( &General::system("/usr/local/bin/extrahdctrl", "umount", "$extrahdsettings{'PATH'}")) {
|
||||
open( FILE, "< $devicefile" ) or die "Unable to read $devicefile";
|
||||
@tmp = <FILE>;
|
||||
close FILE;
|
||||
@@ -143,7 +143,11 @@ END
|
||||
{
|
||||
@deviceline = split( /\;/, $deviceentry );
|
||||
my $color="$Header::colourred";
|
||||
if ( ! `/bin/mountpoint $deviceline[2] | grep " not "` ) {
|
||||
|
||||
# Use safe system_output to get mountpoint details.
|
||||
my @mountpoint = &General::system_output("/bin/mountpoint", "$deviceline[2]");
|
||||
|
||||
if ( ! grep(/not/, @mountpoint)) {
|
||||
$color=$Header::colourgreen;
|
||||
}
|
||||
print <<END
|
||||
|
||||
@@ -49,14 +49,18 @@ if ( -e "$configfile" ) {
|
||||
if ("$fireinfosettings{'ACTION'}" eq "trigger") {
|
||||
if ($fireinfosettings{'ENABLE_FIREINFO'} eq 'off') {
|
||||
&General::log($Lang::tr{'fireinfo is enabled'});
|
||||
system ('/usr/bin/touch', $configfile);
|
||||
|
||||
# Write empty configfile.
|
||||
open(FILE, ">$configfile");
|
||||
close(FILE);
|
||||
|
||||
$fireinfosettings{'ENABLE_FIREINFO'} = 'on';
|
||||
} else {
|
||||
&General::log($Lang::tr{'fireinfo is disabled'});
|
||||
unlink "$configfile";
|
||||
$fireinfosettings{'ENABLE_FIREINFO'} = 'off';
|
||||
}
|
||||
system("/usr/local/bin/fireinfoctrl &");
|
||||
&General::system_background("/usr/local/bin/fireinfoctrl");
|
||||
}
|
||||
|
||||
&Header::openpage('Fireinfo', 1, '');
|
||||
@@ -84,9 +88,13 @@ if ($errormessage) {
|
||||
&Header::closebox();
|
||||
}
|
||||
|
||||
my $ipfire_version = `cat /etc/system-release`;
|
||||
# Get IPFire version string.
|
||||
open(FILE, "/etc/system-release");
|
||||
my $ipfire_version = <FILE>;
|
||||
close(FILE);
|
||||
|
||||
my $pakfire_version = &Pakfire::make_version();
|
||||
my $kernel_version = `uname -a`;
|
||||
my $kernel_version = &General::system_output("uname", "-a");
|
||||
|
||||
&Header::openbox('100%', 'left', $Lang::tr{'fireinfo system version'});
|
||||
print <<END;
|
||||
@@ -108,12 +116,16 @@ END
|
||||
&Header::closebox();
|
||||
|
||||
# Read pregenerated profile data
|
||||
my $profile = `cat /var/ipfire/fireinfo/profile`;
|
||||
open(FILE, "/var/ipfire/fireinfo/profile");
|
||||
my @profile = <FILE>;
|
||||
close(FILE);
|
||||
|
||||
print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
|
||||
|
||||
# Read profile ID from file
|
||||
my $profile_id = `cat /var/ipfire/fireinfo/public_id`;
|
||||
open(FILE, "/var/ipfire/fireinfo/public_id");
|
||||
my $profile_id = <FILE>;
|
||||
close(FILE);
|
||||
chomp($profile_id);
|
||||
|
||||
&Header::openbox('100%', 'left', $Lang::tr{'fireinfo settings'});
|
||||
@@ -157,7 +169,7 @@ print <<END;
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan='2'>
|
||||
<textarea rows="25" cols="75" readonly="readonly">$profile</textarea>
|
||||
<textarea rows="25" cols="75" readonly="readonly">@profile</textarea>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
@@ -38,11 +38,11 @@ require "${General::swroot}/header.pl";
|
||||
require "${General::swroot}/location-functions.pl";
|
||||
require "/usr/lib/firewall/firewall-lib.pl";
|
||||
|
||||
unless (-d "${General::swroot}/firewall") { system("mkdir ${General::swroot}/firewall"); }
|
||||
unless (-e "${General::swroot}/firewall/settings") { system("touch ${General::swroot}/firewall/settings"); }
|
||||
unless (-e "${General::swroot}/firewall/config") { system("touch ${General::swroot}/firewall/config"); }
|
||||
unless (-e "${General::swroot}/firewall/input") { system("touch ${General::swroot}/firewall/input"); }
|
||||
unless (-e "${General::swroot}/firewall/outgoing") { system("touch ${General::swroot}/firewall/outgoing"); }
|
||||
unless (-d "${General::swroot}/firewall") { &General::system("mkdir", "${General::swroot}/firewall"); }
|
||||
unless (-e "${General::swroot}/firewall/settings") { &General::system("touch", "${General::swroot}/firewall/settings"); }
|
||||
unless (-e "${General::swroot}/firewall/config") { &General::system("touch", "${General::swroot}/firewall/config"); }
|
||||
unless (-e "${General::swroot}/firewall/input") { &General::system("touch", "${General::swroot}/firewall/input"); }
|
||||
unless (-e "${General::swroot}/firewall/outgoing") { &General::system("touch", "${General::swroot}/firewall/outgoing"); }
|
||||
|
||||
my %fwdfwsettings=();
|
||||
my %selected=() ;
|
||||
|
||||
@@ -75,12 +75,12 @@ my $fwoptions = "${General::swroot}/optionsfw/settings";
|
||||
my $configovpn = "${General::swroot}/ovpn/settings";
|
||||
my $configipsecrw = "${General::swroot}/vpn/settings";
|
||||
|
||||
unless (-e $confignet) { system("touch $confignet"); }
|
||||
unless (-e $confighost) { system("touch $confighost"); }
|
||||
unless (-e $configgrp) { system("touch $configgrp"); }
|
||||
unless (-e $configsrv) { system("touch $configsrv"); }
|
||||
unless (-e $configsrvgrp) { system("touch $configsrvgrp"); }
|
||||
unless (-e $configlocationgrp) { system("touch $configlocationgrp"); }
|
||||
unless (-e $confignet) { &General::system("touch", "$confignet"); }
|
||||
unless (-e $confighost) { &General::system("touch", "$confighost"); }
|
||||
unless (-e $configgrp) { &General::system("touch", "$configgrp"); }
|
||||
unless (-e $configsrv) { &General::system("touch", "$configsrv"); }
|
||||
unless (-e $configsrvgrp) { &General::system("touch", "$configsrvgrp"); }
|
||||
unless (-e $configlocationgrp) { &General::system("touch $configlocationgrp"); }
|
||||
|
||||
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
|
||||
&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
|
||||
|
||||
@@ -60,7 +60,19 @@ END
|
||||
;
|
||||
if ( -e "/usr/share/doc/licenses/GPLv3" ) {
|
||||
print '<textarea rows=\'25\' cols=\'75\' readonly=\'readonly\'>';
|
||||
print `cat /usr/share/doc/licenses/GPLv3`;
|
||||
|
||||
# Open and read-in GPL file content.
|
||||
open(FILE, "/usr/share/doc/licenses/GPLv3");
|
||||
|
||||
# Grab license.
|
||||
my @license = <FILE>;
|
||||
|
||||
# Close filehandle.
|
||||
close(FILE);
|
||||
|
||||
# Print license to textarea.
|
||||
print "@license";
|
||||
|
||||
print '</textarea>';
|
||||
}
|
||||
else {
|
||||
|
||||
@@ -67,8 +67,8 @@ my $settingsfile = "${General::swroot}/guardian/settings";
|
||||
my $ignoredfile = "${General::swroot}/guardian/ignored";
|
||||
|
||||
# Create empty settings and ignoredfile if they do not exist yet.
|
||||
unless (-e "$settingsfile") { system("touch $settingsfile"); }
|
||||
unless (-e "$ignoredfile") { system("touch $ignoredfile"); }
|
||||
unless (-e "$settingsfile") { &General::system("touch", "$settingsfile"); }
|
||||
unless (-e "$ignoredfile") { &General::system("touch", "$ignoredfile"); }
|
||||
|
||||
our %settings = ();
|
||||
our %ignored = ();
|
||||
@@ -878,7 +878,7 @@ sub BuildConfiguration() {
|
||||
my $configfile = "${General::swroot}/guardian/guardian.conf";
|
||||
|
||||
# Create the configfile if none exists yet.
|
||||
unless (-e "$configfile") { system("touch $configfile"); }
|
||||
unless (-e "$configfile") { &General::system("touch", "$configfile"); }
|
||||
|
||||
# Open configfile for writing.
|
||||
open(FILE, ">$configfile");
|
||||
@@ -940,11 +940,11 @@ sub BuildConfiguration() {
|
||||
&Guardian::Socket::Client("reload");
|
||||
} else {
|
||||
# Launch guardian.
|
||||
system("/usr/local/bin/addonctrl guardian start &>/dev/null");
|
||||
&General::system("/usr/local/bin/addonctrl", "guardian", "start");
|
||||
}
|
||||
} else {
|
||||
# Stop the daemon.
|
||||
system("/usr/local/bin/addonctrl guardian stop &>/dev/null");
|
||||
&General::system("/usr/local/bin/addonctrl", "guardian", "stop");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -955,7 +955,7 @@ sub GenerateIgnoreFile() {
|
||||
&General::readhasharray($ignoredfile, \%ignored);
|
||||
|
||||
# Create the guardian.ignore file if not exist yet.
|
||||
unless (-e "$ignorefile") { system("touch $ignorefile"); }
|
||||
unless (-e "$ignorefile") { &General::system("touch", "$ignorefile"); }
|
||||
|
||||
# Open ignorefile for writing.
|
||||
open(FILE, ">$ignorefile");
|
||||
|
||||
@@ -70,7 +70,7 @@ if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}")
|
||||
# Set flag if index page is to refresh whilst ppp is up.
|
||||
# Default is NO refresh.
|
||||
if ($cgiparams{'REFRESHINDEX'} ne 'off') {
|
||||
system ('/usr/bin/touch', "${General::swroot}/main/refreshindex");
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/main/refreshindex");
|
||||
} else {
|
||||
unlink "${General::swroot}/main/refreshindex";
|
||||
}
|
||||
@@ -78,7 +78,7 @@ if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}")
|
||||
# Beep on ip-up or ip-down. Default is ON.
|
||||
if ($cgiparams{'PPPUPDOWNBEEP'} ne 'on') {
|
||||
$cgiparams{'PPPUPDOWNBEEP'} = 'off';
|
||||
system ('/usr/bin/touch', "${General::swroot}/red/nobeeps");
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/red/nobeeps");
|
||||
} else {
|
||||
unlink "${General::swroot}/red/nobeeps";
|
||||
}
|
||||
|
||||
@@ -38,12 +38,55 @@ my %mainsettings = ();
|
||||
my %sensorsettings = ();
|
||||
|
||||
my @sensorsgraphs = ();
|
||||
my @sensorsdir = `ls -dA $mainsettings{'RRDLOG'}/collectd/localhost/sensors-*/`;
|
||||
foreach (@sensorsdir){
|
||||
chomp($_);chop($_);
|
||||
foreach (`ls $_/*`){
|
||||
chomp($_);
|
||||
push(@sensorsgraphs,$_);
|
||||
|
||||
# Main directory where rrdlog puts the sensor data.
|
||||
my $sensorsdir = "$mainsettings{'RRDLOG'}/collectd/localhost";
|
||||
|
||||
# Open sensors directory.
|
||||
opendir(SENSORS, "$sensorsdir") or die "Could not opendir $sensorsdir: $!\n";
|
||||
|
||||
# Read-in all sensors.
|
||||
my @sensor_dirs = readdir(SENSORS);
|
||||
|
||||
# Close directory handle.
|
||||
closedir(SENSORS);
|
||||
|
||||
# Loop through the grabbed sensors.
|
||||
foreach my $sensor_dir (@sensor_dirs) {
|
||||
# Skip everything which does not start with "sensors-".
|
||||
next unless $sensor_dir =~ /^sensors-/;
|
||||
|
||||
# Check if the omitet element is a directory.
|
||||
next unless (-d "$sensorsdir/$sensor_dir");
|
||||
|
||||
# Open sensor directory and lookup for sensors.
|
||||
opendir(SENSOR_DIR, "$sensorsdir/$sensor_dir") or die "Could not opendir $sensorsdir/$sensor_dir: $!\n";
|
||||
|
||||
# Grab single sensors from the directory.
|
||||
my @sensors = readdir(SENSOR_DIR);
|
||||
|
||||
# Close directory handle.
|
||||
closedir(SENSOR_DIR);
|
||||
|
||||
# Loop through the omited sensors.
|
||||
foreach my $sensor (@sensors) {
|
||||
# Skip everything which is not a regular file.
|
||||
next unless (-f "$sensorsdir/$sensor_dir/$sensor");
|
||||
|
||||
# Add sensor to the array of sensorsgrapghs.
|
||||
push(@sensorsgraphs, "$sensorsdir/$sensor_dir/$sensor");
|
||||
}
|
||||
}
|
||||
|
||||
# Look for ACPI Thermal Zone sensors.
|
||||
my @thermal_zone_sensors = grep(/thermal-thermal_zone/, @sensor_dirs);
|
||||
|
||||
# If a thermal zone sensor has been found add it to the sensorsgraphs array.
|
||||
if (@thermal_zone_sensors) {
|
||||
# Loop through the array of thermal zone sensors.
|
||||
foreach my $thermal_zone_sensor (@thermal_zone_sensors) {
|
||||
# Add the sensor to the array.
|
||||
push(@sensorsgraphs, "$sensorsdir/$thermal_zone_sensor");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -97,7 +140,9 @@ if ( $querry[0] =~ "hwtemp"){
|
||||
&General::writehash("${General::swroot}/sensors/settings", \%sensorsettings);
|
||||
}
|
||||
|
||||
my @disks = `ls -1 /sys/block | grep -E '^sd|^nvme' | sort | uniq`;
|
||||
# This should be save, because no user given content will be processed.
|
||||
#my @disks = `ls -1 /sys/block | grep -E '^sd|^nvme' | sort | uniq`;
|
||||
my @disks = &get_disks();
|
||||
|
||||
foreach (@disks){
|
||||
my $disk = $_;
|
||||
@@ -109,31 +154,31 @@ if ( $querry[0] =~ "hwtemp"){
|
||||
&Header::closebox();
|
||||
}
|
||||
|
||||
if ( `ls $mainsettings{'RRDLOG'}/collectd/localhost/thermal-thermal_zone* 2>/dev/null` ) {
|
||||
if ( grep(/thermal-thermal_zone/, @sensorsgraphs) ) {
|
||||
&Header::openbox('100%', 'center', "ACPI Thermal-Zone Temp $Lang::tr{'graph'}");
|
||||
&Graphs::makegraphbox("hardwaregraphs.cgi","thermaltemp","day");
|
||||
&Header::closebox();
|
||||
}
|
||||
|
||||
if ( `ls $mainsettings{'RRDLOG'}/collectd/localhost/sensors-*/temperature-* 2>/dev/null` ) {
|
||||
if ( grep(/temperature-/, @sensorsgraphs) ) {
|
||||
&Header::openbox('100%', 'center', "hwtemp $Lang::tr{'graph'}");
|
||||
&Graphs::makegraphbox("hardwaregraphs.cgi","hwtemp","day");
|
||||
Header::closebox();
|
||||
}
|
||||
|
||||
if ( `ls $mainsettings{'RRDLOG'}/collectd/localhost/sensors-*/fanspeed-* 2>/dev/null` ) {
|
||||
if ( grep(/fanspeed-/, @sensorsgraphs) ) {
|
||||
&Header::openbox('100%', 'center', "hwfan $Lang::tr{'graph'}");
|
||||
&Graphs::makegraphbox("hardwaregraphs.cgi","hwfan","day");
|
||||
&Header::closebox();
|
||||
}
|
||||
|
||||
if ( `ls $mainsettings{'RRDLOG'}/collectd/localhost/sensors-*/voltage-* 2>/dev/null` ) {
|
||||
if ( grep(/voltage-/, @sensorsgraphs) ) {
|
||||
&Header::openbox('100%', 'center', "hwvolt $Lang::tr{'graph'}");
|
||||
&Graphs::makegraphbox("hardwaregraphs.cgi","hwvolt","day");
|
||||
&Header::closebox();
|
||||
}
|
||||
|
||||
if ( `ls $mainsettings{'RRDLOG'}/collectd/localhost/sensors-* 2>/dev/null` ) {
|
||||
if ( @sensorsgraphs ) {
|
||||
sensorsbox();
|
||||
}
|
||||
&Header::closebigbox();
|
||||
@@ -175,3 +220,40 @@ END
|
||||
;
|
||||
&Header::closebox();
|
||||
}
|
||||
|
||||
sub get_disks () {
|
||||
my @disks;
|
||||
|
||||
# Open virtal sys FS and grab block devices.
|
||||
opendir(SYS, "/sys/block") or die "Could not opendir /sys/block/: $!\n";
|
||||
|
||||
# Grab all available block devices.
|
||||
my @blockdevs = readdir(SYS);
|
||||
|
||||
# Close directory handle.
|
||||
closedir(SYS);
|
||||
|
||||
# Loop through the array of blockdevs.
|
||||
foreach my $dev (@blockdevs) {
|
||||
# Skip all devices which does not start with "sd" or "nvme".
|
||||
next unless (( $dev =~ /^sd/) || ($dev =~ /^nvme/));
|
||||
|
||||
# Add the device to the array of disks.
|
||||
push(@disks, $dev);
|
||||
}
|
||||
|
||||
# Remove duplicates.
|
||||
my @disks = &uniq(@disks);
|
||||
|
||||
# Sort the array.
|
||||
my @disks = sort(@disks);
|
||||
|
||||
# Return the array.
|
||||
return @disks;
|
||||
}
|
||||
|
||||
# Tiny code snipped to get a uniq() like function.
|
||||
sub uniq {
|
||||
my %seen;
|
||||
return grep { !$seen{$_}++ } @_;
|
||||
}
|
||||
|
||||
@@ -487,6 +487,6 @@ sub SortDataFile
|
||||
# Build the configuration file
|
||||
#
|
||||
sub BuildConfiguration {
|
||||
system '/usr/local/bin/rebuildhosts';
|
||||
system '/usr/local/bin/unboundctrl reload &>/dev/null';
|
||||
&General::system('/usr/local/bin/rebuildhosts');
|
||||
&General::system('/usr/local/bin/unboundctrl', 'reload');
|
||||
}
|
||||
|
||||
@@ -118,10 +118,10 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'dial profile'})
|
||||
}
|
||||
|
||||
if ($cgiparams{'ACTION'} eq $Lang::tr{'dial'}) {
|
||||
system('/usr/local/bin/redctrl start > /dev/null') == 0
|
||||
&General::system('/usr/local/bin/redctrl', 'start') == 0
|
||||
or &General::log("Dial failed: $?"); sleep 1;
|
||||
}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'hangup'}) {
|
||||
system('/usr/local/bin/redctrl stop > /dev/null') == 0
|
||||
&General::system('/usr/local/bin/redctrl', 'stop') == 0
|
||||
or &General::log("Hangup failed: $?"); sleep 1;
|
||||
}
|
||||
|
||||
|
||||
@@ -94,7 +94,7 @@ if ($macsettings{'ACTION'} eq $Lang::tr{'save'}) {
|
||||
}
|
||||
}
|
||||
if ($macsettings{'ACTION'} eq $Lang::tr{'reconnect'}) {
|
||||
system("/usr/local/bin/redctrl restart >/dev/null 2>&1 &");
|
||||
&General::system_background("/usr/local/bin/redctrl", "restart");
|
||||
&Header::openbox('100%', 'left', $Lang::tr{'mac address recon'} );
|
||||
print "<font class='base'>$Lang::tr{'mac address done'}</font>\n";
|
||||
&Header::closebox();
|
||||
@@ -107,7 +107,7 @@ if ($macsettings{'ACTION'} eq $Lang::tr{'delete'} ) {
|
||||
}
|
||||
if ($macsettings{'ACTION'} eq $Lang::tr{'reboot'}) {
|
||||
&General::log($Lang::tr{'rebooting ipfire'});
|
||||
system("/usr/local/bin/ipfirereboot boot");
|
||||
&General::system("/usr/local/bin/ipfirereboot", "boot");
|
||||
&Header::openbox('100%', 'left', $Lang::tr{'rebooting ipfire'} );
|
||||
print " <img src='/images/indicator.gif' /><br /><br />";
|
||||
print "<meta http-equiv='refresh' content='120;'>";
|
||||
|
||||
@@ -42,7 +42,13 @@ my %mainsettings = ();
|
||||
&Header::openbox('100%', 'left',"MD Raid State");
|
||||
|
||||
print '<textarea rows="25" cols="80" readonly="readonly">';
|
||||
print `cat "/proc/mdstat"`;
|
||||
|
||||
# Grab mdstat status.
|
||||
open(MDSTAT, "/proc/mdstat");
|
||||
my @mdstat = <MDSTAT>;
|
||||
close(MDSTAT);
|
||||
print "@mdstat";
|
||||
|
||||
print '</textarea>';
|
||||
|
||||
&Header::closebox();
|
||||
|
||||
@@ -56,7 +56,7 @@ if ( $querry[0] =~ "memory"){
|
||||
&Graphs::makegraphbox("memory.cgi","memory","day");
|
||||
&Header::closebox();
|
||||
|
||||
if ( `ls $mainsettings{'RRDLOG'}/collectd/localhost/swap 2>/dev/null` ) {
|
||||
if (-f $mainsettings{'RRDLOG'}/collectd/localhost/swap) {
|
||||
&Header::openbox('100%', 'center', "Swap $Lang::tr{'graph'}");
|
||||
&Graphs::makegraphbox("memory.cgi","swap","day");
|
||||
&Header::closebox();
|
||||
|
||||
@@ -57,7 +57,7 @@ ERROR:
|
||||
|
||||
if ($modemsettings{'ACTION'} eq $Lang::tr{'restore defaults'})
|
||||
{
|
||||
system('/bin/cp', "${General::swroot}/modem/defaults", "${General::swroot}/modem/settings", '-f');
|
||||
&General::system("cp", "-f", "${General::swroot}/modem/defaults", "${General::swroot}/modem/settings");
|
||||
}
|
||||
|
||||
&General::readhash("${General::swroot}/modem/settings", \%modemsettings);
|
||||
|
||||
@@ -231,7 +231,7 @@ if ( $mpfiresettings{'ACTION'} eq "scan" ){
|
||||
$mpd->updatedb();
|
||||
refreshpage();
|
||||
}elsif ( $mpfiresettings{'ACTION'} eq "playweb" ){
|
||||
$message=system("/usr/local/bin/mpfirectrl","playweb","\"$mpfiresettings{'FILE'}\"","2>/dev/null");
|
||||
$message= &General::system_output("/usr/local/bin/mpfirectrl","playweb","\"$mpfiresettings{'FILE'}\"");
|
||||
}elsif ( $mpfiresettings{'ACTION'} eq "playlist" ){
|
||||
$mpd->play();
|
||||
}elsif ( $mpfiresettings{'ACTION'} eq "emptyplaylist" ){
|
||||
|
||||
@@ -86,8 +86,7 @@ if ( $querry[0] ne~ ""){
|
||||
|
||||
&General::readhash("${General::swroot}/dhcpc/dhcpcd-$netsettings{'RED_DEV'}.info", \%dhcpinfo);
|
||||
|
||||
my $DNS1=`echo $dhcpinfo{'domain_name_servers'} | cut -f 1 -d " "`;
|
||||
my $DNS2=`echo $dhcpinfo{'domain_name_servers'} | cut -f 2 -d " "`;
|
||||
my ($DNS1, $DNS2) = split(/ /, $dhcpinfo{'domain_name_servers'});
|
||||
|
||||
my $lsetme=0;
|
||||
my $leasetime="";
|
||||
|
||||
@@ -49,7 +49,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
|
||||
if ($settings{'defpol'} ne '1'){
|
||||
$errormessage .= $Lang::tr{'new optionsfw later'};
|
||||
&General::writehash($filename, \%settings); # Save good settings
|
||||
system("/usr/local/bin/firewallctrl");
|
||||
&General::system("/usr/local/bin/firewallctrl");
|
||||
}else{
|
||||
if ($settings{'POLICY'} ne ''){
|
||||
$fwdfwsettings{'POLICY'} = $settings{'POLICY'};
|
||||
@@ -64,7 +64,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
|
||||
$fwdfwsettings{'POLICY1'} = "$MODE1";
|
||||
&General::writehash("${General::swroot}/firewall/settings", \%fwdfwsettings);
|
||||
&General::readhash("${General::swroot}/firewall/settings", \%fwdfwsettings);
|
||||
system("/usr/local/bin/firewallctrl");
|
||||
&General::system("/usr/local/bin/firewallctrl");
|
||||
}
|
||||
&General::readhash($filename, \%settings); # Load good settings
|
||||
}
|
||||
|
||||
@@ -192,10 +192,10 @@ sub newcleanssldatabase
|
||||
close FILE;
|
||||
}
|
||||
if (! -s ">${General::swroot}/ovpn/certs/index.txt") {
|
||||
system ("touch ${General::swroot}/ovpn/certs/index.txt");
|
||||
&General::system("touch", "${General::swroot}/ovpn/certs/index.txt");
|
||||
}
|
||||
if (! -s ">${General::swroot}/ovpn/certs/index.txt.attr") {
|
||||
system ("touch ${General::swroot}/ovpn/certs/index.txt.attr");
|
||||
&General::system("touch", "${General::swroot}/ovpn/certs/index.txt.attr");
|
||||
}
|
||||
unlink ("${General::swroot}/ovpn/certs/index.txt.old");
|
||||
unlink ("${General::swroot}/ovpn/certs/index.txt.attr.old");
|
||||
@@ -220,18 +220,21 @@ sub pkiconfigcheck
|
||||
{
|
||||
# Warning if DH parameter is 1024 bit
|
||||
if (-f "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}") {
|
||||
my $dhparameter = `/usr/bin/openssl dhparam -text -in ${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}`;
|
||||
my @dhbit = ($dhparameter =~ /(\d+)/);
|
||||
if ($1 < 2048) {
|
||||
$cryptoerror = "$Lang::tr{'ovpn error dh'}";
|
||||
goto CRYPTO_ERROR;
|
||||
my @dhparameter = &General::system_output("/usr/bin/openssl", "dhparam", "-text", "-in", "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}");
|
||||
|
||||
foreach my $line (@dhparameter) {
|
||||
my @dhbit = ($line =~ /(\d+)/);
|
||||
if ($1 < 2048) {
|
||||
$cryptoerror = "$Lang::tr{'ovpn error dh'}";
|
||||
goto CRYPTO_ERROR;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Warning if md5 is in usage
|
||||
if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
|
||||
my $signature = `/usr/bin/openssl x509 -noout -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
|
||||
if ($signature =~ /md5WithRSAEncryption/) {
|
||||
my @signature = &General::system_output("/usr/bin/openssl", "x509", "-noout", "-text", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
|
||||
if (grep(/md5WithRSAEncryption/, @signature) ) {
|
||||
$cryptoerror = "$Lang::tr{'ovpn error md5'}";
|
||||
goto CRYPTO_ERROR;
|
||||
}
|
||||
@@ -241,8 +244,8 @@ sub pkiconfigcheck
|
||||
|
||||
# Warning if certificate is not compliant to RFC3280 TLS rules
|
||||
if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
|
||||
my $extendkeyusage = `/usr/bin/openssl x509 -noout -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
|
||||
if ($extendkeyusage !~ /TLS Web Server Authentication/) {
|
||||
my @extendkeyusage = &General::system_output("/usr/bin/openssl", "x509", "-noout", "-text", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
|
||||
if ( ! grep(/TLS Web Server Authentication/, @extendkeyusage)) {
|
||||
$cryptowarning = "$Lang::tr{'ovpn warning rfc3280'}";
|
||||
goto CRYPTO_WARNING;
|
||||
}
|
||||
@@ -734,7 +737,7 @@ sub writecollectdconf {
|
||||
close(COLLECTDVPN);
|
||||
|
||||
# Reload collectd afterwards
|
||||
system("/usr/local/bin/collectdctrl restart &>/dev/null");
|
||||
&General::system("/usr/local/bin/collectdctrl", "restart");
|
||||
}
|
||||
|
||||
#hier die refresh page
|
||||
@@ -764,11 +767,11 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'} ||
|
||||
#start openvpn server
|
||||
if ($cgiparams{'ACTION'} eq $Lang::tr{'start ovpn server'}){
|
||||
&emptyserverlog();
|
||||
system('/usr/local/bin/openvpnctrl', '-s');
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-s");
|
||||
}
|
||||
#stop openvpn server
|
||||
if ($cgiparams{'ACTION'} eq $Lang::tr{'stop ovpn server'}){
|
||||
system('/usr/local/bin/openvpnctrl', '-k');
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-k");
|
||||
&emptyserverlog();
|
||||
}
|
||||
# #restart openvpn server
|
||||
@@ -1075,8 +1078,8 @@ unless(-d "${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}"){mkdir "${General
|
||||
# Check host certificate if X509 is RFC3280 compliant.
|
||||
# If not, old --ns-cert-type directive will be used.
|
||||
# If appropriate key usage extension exists, new --remote-cert-tls directive will be used.
|
||||
my $hostcert = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
|
||||
if ($hostcert !~ /TLS Web Server Authentication/) {
|
||||
my @hostcert = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
|
||||
if ( ! grep(/TLS Web Server Authentication/, @hostcert)) {
|
||||
print CLIENTCONF "ns-cert-type server\n";
|
||||
} else {
|
||||
print CLIENTCONF "remote-cert-tls server\n";
|
||||
@@ -1196,7 +1199,8 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
|
||||
# Create ta.key for tls-auth if not presant
|
||||
if ($cgiparams{'TLSAUTH'} eq 'on') {
|
||||
if ( ! -e "${General::swroot}/ovpn/certs/ta.key") {
|
||||
system('/usr/sbin/openvpn', '--genkey', '--secret', "${General::swroot}/ovpn/certs/ta.key");
|
||||
# This system call is safe, because all arguements are passed as an array.
|
||||
system("/usr/sbin/openvpn", "--genkey", "--secret", "${General::swroot}/ovpn/certs/ta.key");
|
||||
if ($?) {
|
||||
$errormessage = "$Lang::tr{'openssl produced an error'}: $?";
|
||||
goto SETTINGS_ERROR;
|
||||
@@ -1219,9 +1223,24 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
|
||||
$vpnsettings{'TLSAUTH'} = $cgiparams{'TLSAUTH'};
|
||||
#wrtie enable
|
||||
|
||||
if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' ) {system("touch ${General::swroot}/ovpn/enable_blue 2>/dev/null");}else{system("unlink ${General::swroot}/ovpn/enable_blue 2>/dev/null");}
|
||||
if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' ) {system("touch ${General::swroot}/ovpn/enable_orange 2>/dev/null");}else{system("unlink ${General::swroot}/ovpn/enable_orange 2>/dev/null");}
|
||||
if ( $vpnsettings{'ENABLED'} eq 'on' ) {system("touch ${General::swroot}/ovpn/enable 2>/dev/null");}else{system("unlink ${General::swroot}/ovpn/enable 2>/dev/null");}
|
||||
if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' ) {
|
||||
&General::system("touch", "${General::swroot}/ovpn/enable_blue");
|
||||
} else {
|
||||
unlink(${General::swroot}/ovpn/enable_blue);
|
||||
}
|
||||
|
||||
if ( $vpnsettings{'ENABLED_ORANGE'} eq 'on' ) {
|
||||
&General::system("touch", "${General::swroot}/ovpn/enable_orange");
|
||||
} else {
|
||||
unlink("${General::swroot}/ovpn/enable_orange");
|
||||
}
|
||||
|
||||
if ( $vpnsettings{'ENABLED'} eq 'on' ) {
|
||||
&General::system("touch", "${General::swroot}/ovpn/enable");
|
||||
} else {
|
||||
unlink("${General::swroot}/ovpn/enable");
|
||||
}
|
||||
|
||||
#new settings for daemon
|
||||
&General::writehash("${General::swroot}/ovpn/settings", \%vpnsettings);
|
||||
&writeserverconf();#hier ok
|
||||
@@ -1234,7 +1253,7 @@ SETTINGS_ERROR:
|
||||
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
|
||||
|
||||
# Kill all N2N connections
|
||||
system("/usr/local/bin/openvpnctrl -kn2n &>/dev/null");
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-kn2n");
|
||||
|
||||
foreach my $key (keys %confighash) {
|
||||
my $name = $confighash{$cgiparams{'$key'}}[1];
|
||||
@@ -1243,7 +1262,7 @@ SETTINGS_ERROR:
|
||||
delete $confighash{$cgiparams{'$key'}};
|
||||
}
|
||||
|
||||
system ("/usr/local/bin/openvpnctrl -drrd $name &>/dev/null");
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-drrd", "$name");
|
||||
}
|
||||
while ($file = glob("${General::swroot}/ovpn/ca/*")) {
|
||||
unlink $file;
|
||||
@@ -1282,7 +1301,7 @@ SETTINGS_ERROR:
|
||||
close FILE;
|
||||
}
|
||||
while ($file = glob("${General::swroot}/ovpn/n2nconf/*")) {
|
||||
system ("rm -rf $file");
|
||||
unlink($file);
|
||||
}
|
||||
|
||||
# Remove everything from the collectd configuration
|
||||
@@ -1328,7 +1347,8 @@ END
|
||||
unlink "${General::swroot}/ovpn/ca/$cgiparams{'DH_NAME'}";
|
||||
}
|
||||
# Create Diffie Hellmann Parameter
|
||||
system('/usr/bin/openssl', 'dhparam', '-out', "${General::swroot}/ovpn/ca/dh1024.pem", "$cgiparams{'DHLENGHT'}");
|
||||
# The system call is safe, because all arguments are passed as an array.
|
||||
system("/usr/bin/openssl", "dhparam", "-out", "${General::swroot}/ovpn/ca/dh1024.pem", "$cgiparams{'DHLENGHT'}");
|
||||
if ($?) {
|
||||
$errormessage = "$Lang::tr{'openssl produced an error'}: $?";
|
||||
unlink ("${General::swroot}/ovpn/ca/dh1024.pem");
|
||||
@@ -1397,8 +1417,8 @@ END
|
||||
$errormessage = $!;
|
||||
goto UPLOADCA_ERROR;
|
||||
}
|
||||
my $temp = `/usr/bin/openssl dhparam -text -in $filename`;
|
||||
if ($temp !~ /DH Parameters: \((2048|3072|4096) bit\)/) {
|
||||
my @temp = &General::system_output("/usr/bin/openssl", "dhparam", "-text", "-in", "$filename");
|
||||
if ( ! grep(/DH Parameters: \((2048|3072|4096) bit\)/, @temp)) {
|
||||
$errormessage = $Lang::tr{'not a valid dh key'};
|
||||
unlink ($filename);
|
||||
goto UPLOADCA_ERROR;
|
||||
@@ -1454,8 +1474,8 @@ END
|
||||
$errormessage = $!;
|
||||
goto UPLOADCA_ERROR;
|
||||
}
|
||||
my $temp = `/usr/bin/openssl x509 -text -in $filename`;
|
||||
if ($temp !~ /CA:TRUE/i) {
|
||||
my @temp = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "$filename");
|
||||
if ( ! grep(/CA:TRUE/i, @temp )) {
|
||||
$errormessage = $Lang::tr{'not a valid ca certificate'};
|
||||
unlink ($filename);
|
||||
goto UPLOADCA_ERROR;
|
||||
@@ -1468,11 +1488,19 @@ END
|
||||
}
|
||||
}
|
||||
|
||||
my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem`;
|
||||
$casubject =~ /Subject: (.*)[\n]/;
|
||||
$casubject = $1;
|
||||
$casubject =~ s+/Email+, E+;
|
||||
$casubject =~ s/ ST=/ S=/;
|
||||
@casubject = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/ca/$cgiparams{'CA_NAME'}cert.pem");
|
||||
my $casubject;
|
||||
|
||||
foreach my $line (@casubject) {
|
||||
if ($line =~ /Subject: (.*)[\n]/) {
|
||||
$casubject = $1;
|
||||
$casubject =~ s+/Email+, E+;
|
||||
$casubject =~ s/ ST=/ S=/;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
$casubject = &Header::cleanhtml($casubject);
|
||||
|
||||
my $key = &General::findhasharraykey (\%cahash);
|
||||
@@ -1494,9 +1522,9 @@ END
|
||||
&Header::openpage($Lang::tr{'ovpn'}, 1, '');
|
||||
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
|
||||
&Header::openbox('100%', 'LEFT', "$Lang::tr{'ca certificate'}:");
|
||||
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
my @output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
|
||||
@output = &Header::cleanhtml(@output,"y");
|
||||
print "<pre>@output</pre>\n";
|
||||
&Header::closebox();
|
||||
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
|
||||
&Header::closebigbox();
|
||||
@@ -1515,7 +1543,10 @@ END
|
||||
if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
|
||||
print "Content-Type: application/octet-stream\r\n";
|
||||
print "Content-Disposition: filename=$cahash{$cgiparams{'KEY'}}[0]cert.pem\r\n\r\n";
|
||||
print `/usr/bin/openssl x509 -in ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
|
||||
|
||||
my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
|
||||
print "@tmp";
|
||||
|
||||
exit(0);
|
||||
} else {
|
||||
$errormessage = $Lang::tr{'invalid key'};
|
||||
@@ -1530,8 +1561,8 @@ END
|
||||
|
||||
if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
|
||||
foreach my $key (keys %confighash) {
|
||||
my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
|
||||
if ($test =~ /: OK/) {
|
||||
my @test = &General::system_output("/usr/bin/openssl", "verify", "-CAfile", "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem", "${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem");
|
||||
if (grep(/: OK/, @test)) {
|
||||
# Delete connection
|
||||
# if ($vpnsettings{'ENABLED'} eq 'on' ||
|
||||
# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
|
||||
@@ -1561,8 +1592,8 @@ END
|
||||
my $assignedcerts = 0;
|
||||
if ( -f "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
|
||||
foreach my $key (keys %confighash) {
|
||||
my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
|
||||
if ($test =~ /: OK/) {
|
||||
my @test = &General::system_output("/usr/bin/openssl", "verify", "-CAfile", "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem", "${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem");
|
||||
if (grep(/: OK/, @test)) {
|
||||
$assignedcerts++;
|
||||
}
|
||||
}
|
||||
@@ -1601,19 +1632,19 @@ END
|
||||
###
|
||||
}elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'} ||
|
||||
$cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
|
||||
my $output;
|
||||
my @output;
|
||||
&Header::showhttpheaders();
|
||||
&Header::openpage($Lang::tr{'ovpn'}, 1, '');
|
||||
&Header::openbigbox('100%', 'LEFT', '', '');
|
||||
if ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'}) {
|
||||
&Header::openbox('100%', 'LEFT', "$Lang::tr{'root certificate'}:");
|
||||
$output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
|
||||
@output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/ca/cacert.pem");
|
||||
} else {
|
||||
&Header::openbox('100%', 'LEFT', "$Lang::tr{'host certificate'}:");
|
||||
$output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
|
||||
@output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
|
||||
}
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
@output = &Header::cleanhtml(@output,"y");
|
||||
print "<pre>@output</pre>\n";
|
||||
&Header::closebox();
|
||||
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
|
||||
&Header::closebigbox();
|
||||
@@ -1627,7 +1658,10 @@ END
|
||||
if ( -f "${General::swroot}/ovpn/ca/cacert.pem" ) {
|
||||
print "Content-Type: application/octet-stream\r\n";
|
||||
print "Content-Disposition: filename=cacert.pem\r\n\r\n";
|
||||
print `/usr/bin/openssl x509 -in ${General::swroot}/ovpn/ca/cacert.pem`;
|
||||
|
||||
my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/ca/cacert.pem");
|
||||
print "@tmp";
|
||||
|
||||
exit(0);
|
||||
}
|
||||
|
||||
@@ -1638,7 +1672,10 @@ END
|
||||
if ( -f "${General::swroot}/ovpn/certs/servercert.pem" ) {
|
||||
print "Content-Type: application/octet-stream\r\n";
|
||||
print "Content-Disposition: filename=servercert.pem\r\n\r\n";
|
||||
print `/usr/bin/openssl x509 -in ${General::swroot}/ovpn/certs/servercert.pem`;
|
||||
|
||||
my @tmp = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
|
||||
print "@tmp";
|
||||
|
||||
exit(0);
|
||||
}
|
||||
|
||||
@@ -1649,7 +1686,13 @@ END
|
||||
if ( -f "${General::swroot}/ovpn/certs/ta.key" ) {
|
||||
print "Content-Type: application/octet-stream\r\n";
|
||||
print "Content-Disposition: filename=ta.key\r\n\r\n";
|
||||
print `/bin/cat ${General::swroot}/ovpn/certs/ta.key`;
|
||||
|
||||
open(FILE, "${General::swroot}/ovpn/certs/ta.key");
|
||||
my @tmp = <FILE>;
|
||||
close(FILE);
|
||||
|
||||
print "@tmp";
|
||||
|
||||
exit(0);
|
||||
}
|
||||
|
||||
@@ -1926,6 +1969,7 @@ END
|
||||
}
|
||||
|
||||
# Sign the host certificate request
|
||||
# This system call is safe, because all argeuments are passed as an array.
|
||||
system('/usr/bin/openssl', 'ca', '-days', '999999',
|
||||
'-batch', '-notext',
|
||||
'-in', "${General::swroot}/ovpn/certs/serverreq.pem",
|
||||
@@ -1947,6 +1991,7 @@ END
|
||||
}
|
||||
|
||||
# Create an empty CRL
|
||||
# System call is safe, because all arguments are passed as array.
|
||||
system('/usr/bin/openssl', 'ca', '-gencrl',
|
||||
'-out', "${General::swroot}/ovpn/crls/cacrl.pem",
|
||||
'-config', "${General::swroot}/ovpn/openssl/ovpn.cnf" );
|
||||
@@ -1962,6 +2007,7 @@ END
|
||||
# &cleanssldatabase();
|
||||
}
|
||||
# Create ta.key for tls-auth
|
||||
# This system call is safe, because all arguments are passed as an array.
|
||||
system('/usr/sbin/openvpn', '--genkey', '--secret', "${General::swroot}/ovpn/certs/ta.key");
|
||||
if ($?) {
|
||||
$errormessage = "$Lang::tr{'openssl produced an error'}: $?";
|
||||
@@ -1969,6 +2015,7 @@ END
|
||||
goto ROOTCERT_ERROR;
|
||||
}
|
||||
# Create Diffie Hellmann Parameter
|
||||
# The system call is safe, because all arguments are passed as an array.
|
||||
system('/usr/bin/openssl', 'dhparam', '-out', "${General::swroot}/ovpn/ca/dh1024.pem", "$cgiparams{'DHLENGHT'}");
|
||||
if ($?) {
|
||||
$errormessage = "$Lang::tr{'openssl produced an error'}: $?";
|
||||
@@ -2083,7 +2130,7 @@ END
|
||||
}
|
||||
|
||||
ROOTCERT_SUCCESS:
|
||||
system ("chmod 600 ${General::swroot}/ovpn/certs/serverkey.pem");
|
||||
&General::system("chmod", "600", "${General::swroot}/ovpn/certs/serverkey.pem");
|
||||
# if ($vpnsettings{'ENABLED'} eq 'on' ||
|
||||
# $vpnsettings{'ENABLE_BLUE'} eq 'on') {
|
||||
# system('/usr/local/bin/ipsecctrl', 'S');
|
||||
@@ -2101,8 +2148,12 @@ END
|
||||
|
||||
&General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
|
||||
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
|
||||
# my $n2nactive = '';
|
||||
my $n2nactive = `/bin/ps ax|grep $confighash{$cgiparams{'KEY'}}[1]|grep -v grep|awk \'{print \$1}\'`;
|
||||
my $n2nactive = '';
|
||||
my @ps = &General::system_output("/bin/ps", "ax");
|
||||
|
||||
if(grep(/$confighash{$cgiparams{'KEY'}}[1]/, @ps)) {
|
||||
$n2nactive = "1";
|
||||
}
|
||||
|
||||
if ($confighash{$cgiparams{'KEY'}}) {
|
||||
if ($confighash{$cgiparams{'KEY'}}[0] eq 'off') {
|
||||
@@ -2110,7 +2161,7 @@ END
|
||||
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
|
||||
|
||||
if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
|
||||
system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$cgiparams{'KEY'}}[1]);
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-sn2n", "$confighash{$cgiparams{'KEY'}}[1]");
|
||||
&writecollectdconf();
|
||||
}
|
||||
} else {
|
||||
@@ -2120,7 +2171,7 @@ END
|
||||
|
||||
if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
|
||||
if ($n2nactive ne '') {
|
||||
system('/usr/local/bin/openvpnctrl', '-kn2n', $confighash{$cgiparams{'KEY'}}[1]);
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-kn2n", "$confighash{$cgiparams{'KEY'}}[1]");
|
||||
&writecollectdconf();
|
||||
}
|
||||
|
||||
@@ -2204,8 +2255,8 @@ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
|
||||
# Check host certificate if X509 is RFC3280 compliant.
|
||||
# If not, old --ns-cert-type directive will be used.
|
||||
# If appropriate key usage extension exists, new --remote-cert-tls directive will be used.
|
||||
my $hostcert = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
|
||||
if ($hostcert !~ /TLS Web Server Authentication/) {
|
||||
my @hostcert = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
|
||||
if (! grep(/TLS Web Server Authentication/, @hostcert)) {
|
||||
print CLIENTCONF "ns-cert-type server\n";
|
||||
} else {
|
||||
print CLIENTCONF "remote-cert-tls server\n";
|
||||
@@ -2315,6 +2366,7 @@ else
|
||||
$zip->addFile("${General::swroot}/ovpn/ca/cacert.pem", "cacert.pem") or die "Can't add file cacert.pem\n";
|
||||
|
||||
# Extract the certificate
|
||||
# This system call is safe, because all arguments are passed as an array.
|
||||
system('/usr/bin/openssl', 'pkcs12', '-in', "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12",
|
||||
'-clcerts', '-nokeys', '-nodes', '-out', "$file_crt" , '-passin', 'pass:');
|
||||
if ($?) {
|
||||
@@ -2325,6 +2377,7 @@ else
|
||||
print CLIENTCONF ";cert $confighash{$cgiparams{'KEY'}}[1].pem\r\n";
|
||||
|
||||
# Extract the key
|
||||
# This system call is safe, because all arguments are passed as an array.
|
||||
system('/usr/bin/openssl', 'pkcs12', '-in', "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12",
|
||||
'-nocerts', '-nodes', '-out', "$file_key", '-passin', 'pass:');
|
||||
if ($?) {
|
||||
@@ -2361,8 +2414,8 @@ else
|
||||
# Check host certificate if X509 is RFC3280 compliant.
|
||||
# If not, old --ns-cert-type directive will be used.
|
||||
# If appropriate key usage extension exists, new --remote-cert-tls directive will be used.
|
||||
my $hostcert = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
|
||||
if ($hostcert !~ /TLS Web Server Authentication/) {
|
||||
my @hostcert = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
|
||||
if (! grep(/TLS Web Server Authentication/, @hostcert)) {
|
||||
print CLIENTCONF "ns-cert-type server\r\n";
|
||||
} else {
|
||||
print CLIENTCONF "remote-cert-tls server\r\n";
|
||||
@@ -2464,8 +2517,8 @@ else
|
||||
|
||||
if ($confighash{$cgiparams{'KEY'}}) {
|
||||
# Revoke certificate if certificate was deleted and rewrite the CRL
|
||||
my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
|
||||
my $tempA = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
|
||||
&General::system("/usr/bin/openssl", "ca", "-revoke", "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem", "-config", "${General::swroot}/ovpn/openssl/ovpn.cnf)";
|
||||
&General::system("/usr/bin/openssl", "ca", "-gencrl", "-out", "${General::swroot}/ovpn/crls/cacrl.pem", "-config", "${General::swroot}/ovpn/openssl/ovpn.cnf");
|
||||
|
||||
###
|
||||
# m.a.d net2net
|
||||
@@ -2473,7 +2526,7 @@ else
|
||||
|
||||
if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
|
||||
# Stop the N2N connection before it is removed
|
||||
system('/usr/local/bin/openvpnctrl', '-kn2n', $confighash{$cgiparams{'KEY'}}[1]);
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-kn2n", "$confighash{$cgiparams{'KEY'}}[1]");
|
||||
|
||||
my $conffile = glob("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]/$confighash{$cgiparams{'KEY'}}[1].conf");
|
||||
my $certfile = glob("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
|
||||
@@ -2515,10 +2568,10 @@ else
|
||||
# CCD end
|
||||
# Update collectd configuration and delete all RRD files of the removed connection
|
||||
&writecollectdconf();
|
||||
system ('/usr/local/bin/openvpnctrl', '-drrd', $confighash{$cgiparams{'KEY'}}[1]);
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-drrd", "$confighash{$cgiparams{'KEY'}}[1]");
|
||||
|
||||
delete $confighash{$cgiparams{'KEY'}};
|
||||
my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
|
||||
&General::system("/usr/bin/openssl", "ca", "-gencrl", "-out", "${General::swroot}/ovpn/crls/cacrl.pem", "-config", "${General::swroot}/ovpn/openssl/ovpn.cnf");
|
||||
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
|
||||
|
||||
} else {
|
||||
@@ -2534,7 +2587,12 @@ else
|
||||
|
||||
print "Content-Disposition: filename=" . $confighash{$cgiparams{'KEY'}}[1] . ".p12\r\n";
|
||||
print "Content-Type: application/octet-stream\r\n\r\n";
|
||||
print `/bin/cat ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12`;
|
||||
|
||||
open(FILE, "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
|
||||
my @tmp = <FILE>;
|
||||
close(FILE);
|
||||
|
||||
print "@tmp";
|
||||
exit (0);
|
||||
|
||||
###
|
||||
@@ -2548,9 +2606,9 @@ else
|
||||
&Header::openpage($Lang::tr{'ovpn'}, 1, '');
|
||||
&Header::openbigbox('100%', 'LEFT', '', '');
|
||||
&Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate'}:");
|
||||
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
my @output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
|
||||
@output = &Header::cleanhtml(@output,"y");
|
||||
print "<pre>@output</pre>\n";
|
||||
&Header::closebox();
|
||||
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
|
||||
&Header::closebigbox();
|
||||
@@ -2570,9 +2628,9 @@ else
|
||||
&Header::openpage($Lang::tr{'ovpn'}, 1, '');
|
||||
&Header::openbigbox('100%', 'LEFT', '', '');
|
||||
&Header::openbox('100%', 'LEFT', "$Lang::tr{'dh'}:");
|
||||
my $output = `/usr/bin/openssl dhparam -text -in ${General::swroot}/ovpn/ca/dh1024.pem`;
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
my @output = &General::system_output("/usr/bin/openssl", "dhparam", "-text", "-in", "${General::swroot}/ovpn/ca/dh1024.pem");
|
||||
@output = &Header::cleanhtml(@output,"y");
|
||||
print "<pre>@output</pre>\n";
|
||||
&Header::closebox();
|
||||
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
|
||||
&Header::closebigbox();
|
||||
@@ -2592,9 +2650,13 @@ else
|
||||
&Header::openpage($Lang::tr{'ovpn'}, 1, '');
|
||||
&Header::openbigbox('100%', 'LEFT', '', '');
|
||||
&Header::openbox('100%', 'LEFT', "$Lang::tr{'ta key'}:");
|
||||
my $output = `/bin/cat ${General::swroot}/ovpn/certs/ta.key`;
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
|
||||
open(FILE, "${General::swroot}/ovpn/certs/ta.key");
|
||||
my @output = <FILE>;
|
||||
close(FILE);
|
||||
|
||||
@output = &Header::cleanhtml(@output,"y");
|
||||
print "<pre>@output</pre>\n";
|
||||
&Header::closebox();
|
||||
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
|
||||
&Header::closebigbox();
|
||||
@@ -2615,9 +2677,9 @@ else
|
||||
&Header::openpage($Lang::tr{'ovpn'}, 1, '');
|
||||
&Header::openbigbox('100%', 'LEFT', '', '');
|
||||
&Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
|
||||
my $output = `/usr/bin/openssl crl -text -noout -in ${General::swroot}/ovpn/crls/cacrl.pem`;
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
my @output = &General::system_output("/usr/bin/openssl", "crl", "-text", "-noout", "-in", "${General::swroot}/ovpn/crls/cacrl.pem");
|
||||
@output = &Header::cleanhtml(@output,"y");
|
||||
print "<pre>@output</pre>\n";
|
||||
&Header::closebox();
|
||||
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
|
||||
&Header::closebigbox();
|
||||
@@ -3105,7 +3167,12 @@ END
|
||||
if ( -f "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
|
||||
print "Content-Disposition: filename=" . $confighash{$cgiparams{'KEY'}}[1] . "cert.pem\r\n";
|
||||
print "Content-Type: application/octet-stream\r\n\r\n";
|
||||
print `/bin/cat ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
|
||||
|
||||
open(FILE, "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
|
||||
my @tmp = <FILE>;
|
||||
close(FILE);
|
||||
|
||||
print "@tmp";
|
||||
exit (0);
|
||||
}
|
||||
|
||||
@@ -4031,6 +4098,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
|
||||
|
||||
# Sign the certificate request and move it
|
||||
# Sign the host certificate request
|
||||
# The system call is safe, because all arguments are passed as an array.
|
||||
system('/usr/bin/openssl', 'ca', '-days', "$cgiparams{'DAYS_VALID'}",
|
||||
'-batch', '-notext',
|
||||
'-in', $filename,
|
||||
@@ -4047,11 +4115,19 @@ if ($cgiparams{'TYPE'} eq 'net') {
|
||||
&deletebackupcert();
|
||||
}
|
||||
|
||||
my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
|
||||
$temp =~ /Subject:.*CN\s?=\s?(.*)[\n]/;
|
||||
$temp = $1;
|
||||
$temp =~ s+/Email+, E+;
|
||||
$temp =~ s/ ST=/ S=/;
|
||||
my @temp = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
|
||||
my $temp;
|
||||
|
||||
foreach my $line (@temp) {
|
||||
if ($line =~ /Subject:.*CN\s?=\s?(.*)[\n]/) {
|
||||
$temp = $1;
|
||||
$temp =~ s+/Email+, E+;
|
||||
$temp =~ s/ ST=/ S=/;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
$cgiparams{'CERT_NAME'} = $temp;
|
||||
$cgiparams{'CERT_NAME'} =~ s/,//g;
|
||||
$cgiparams{'CERT_NAME'} =~ s/\'//g;
|
||||
@@ -4077,13 +4153,13 @@ if ($cgiparams{'TYPE'} eq 'net') {
|
||||
|
||||
# Verify the certificate has a valid CA and move it
|
||||
my $validca = 0;
|
||||
my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/cacert.pem $filename`;
|
||||
if ($test =~ /: OK/) {
|
||||
my @test = &General::system_output("/usr/bin/openssl", "verify", "-CAfile", "${General::swroot}/ovpn/ca/cacert.pem", "$filename");
|
||||
if (grep(/: OK/, @test)) {
|
||||
$validca = 1;
|
||||
} else {
|
||||
foreach my $key (keys %cahash) {
|
||||
$test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem $filename`;
|
||||
if ($test =~ /: OK/) {
|
||||
@test = &General::system_output("/usr/bin/openssl", "verify", "-CAfile", "${General::swroot}/ovpn/ca/$cahash{$key}[0]cert.pem", "$filename");
|
||||
if (grep(/: OK/, @test)) {
|
||||
$validca = 1;
|
||||
}
|
||||
}
|
||||
@@ -4101,11 +4177,19 @@ if ($cgiparams{'TYPE'} eq 'net') {
|
||||
}
|
||||
}
|
||||
|
||||
my $temp = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem`;
|
||||
$temp =~ /Subject:.*CN\s?=\s?(.*)[\n]/;
|
||||
$temp = $1;
|
||||
$temp =~ s+/Email+, E+;
|
||||
$temp =~ s/ ST=/ S=/;
|
||||
my @temp = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem");
|
||||
my $temp;
|
||||
|
||||
foreach my $line (@temp) {
|
||||
if ($line =~ /Subject:.*CN\s?=\s?(.*)[\n]/) {
|
||||
$temp = $1;
|
||||
$temp =~ s+/Email+, E+;
|
||||
$temp =~ s/ ST=/ S=/;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
$cgiparams{'CERT_NAME'} = $temp;
|
||||
$cgiparams{'CERT_NAME'} =~ s/,//g;
|
||||
$cgiparams{'CERT_NAME'} =~ s/\'//g;
|
||||
@@ -4232,6 +4316,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
|
||||
}
|
||||
|
||||
# Sign the host certificate request
|
||||
# The system call is safe, because all arguments are passed as an array.
|
||||
system('/usr/bin/openssl', 'ca', '-days', "$cgiparams{'DAYS_VALID'}",
|
||||
'-batch', '-notext',
|
||||
'-in', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}req.pem",
|
||||
@@ -4250,6 +4335,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
|
||||
}
|
||||
|
||||
# Create the pkcs12 file
|
||||
# The system call is safe, because all arguments are passed as an array.
|
||||
system('/usr/bin/openssl', 'pkcs12', '-export',
|
||||
'-inkey', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}key.pem",
|
||||
'-in', "${General::swroot}/ovpn/certs/$cgiparams{'NAME'}cert.pem",
|
||||
@@ -4415,21 +4501,24 @@ if ($cgiparams{'TYPE'} eq 'net') {
|
||||
|
||||
if ($cgiparams{'TYPE'} eq 'net') {
|
||||
|
||||
if (-e "/var/run/$confighash{$key}[1]n2n.pid") {
|
||||
system('/usr/local/bin/openvpnctrl', '-kn2n', $confighash{$cgiparams{'KEY'}}[1]);
|
||||
if (-e "/var/run/$confighash{$key}[1]n2n.pid") {
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-kn2n", "$confighash{$cgiparams{'KEY'}}[1]");
|
||||
|
||||
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
|
||||
my $key = $cgiparams{'KEY'};
|
||||
if (! $key) {
|
||||
$key = &General::findhasharraykey (\%confighash);
|
||||
foreach my $i (0 .. 31) { $confighash{$key}[$i] = "";}
|
||||
}
|
||||
$confighash{$key}[0] = 'on';
|
||||
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
|
||||
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
|
||||
my $key = $cgiparams{'KEY'};
|
||||
if (! $key) {
|
||||
$key = &General::findhasharraykey (\%confighash);
|
||||
foreach my $i (0 .. 31) {
|
||||
$confighash{$key}[$i] = "";
|
||||
}
|
||||
}
|
||||
|
||||
$confighash{$key}[0] = 'on';
|
||||
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
|
||||
|
||||
system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$cgiparams{'KEY'}}[1]);
|
||||
}
|
||||
}
|
||||
&General::system("/usr/local/bin/openvpnctrl", "-sn2n", "$confighash{$cgiparams{'KEY'}}[1]");
|
||||
}
|
||||
}
|
||||
|
||||
###
|
||||
# m.a.d n2n end
|
||||
@@ -5046,7 +5135,9 @@ END
|
||||
&General::readhasharray("${General::swroot}/ovpn/caconfig", \%cahash);
|
||||
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
|
||||
|
||||
my @status = `/bin/cat /var/run/ovpnserver.log`;
|
||||
open(FILE, "/var/run/ovpnserver.log");
|
||||
my @status = <FILE>;
|
||||
close(FILE);
|
||||
|
||||
if ($cgiparams{'VPN_IP'} eq '' && -e "${General::swroot}/red/active") {
|
||||
if (open(IPADDR, "${General::swroot}/red/local-ipaddress")) {
|
||||
@@ -5358,9 +5449,17 @@ END
|
||||
#} else {
|
||||
#print "<td align='left'> </td>";
|
||||
#}
|
||||
my $cavalid = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem`;
|
||||
$cavalid =~ /Not After : (.*)[\n]/;
|
||||
$cavalid = $1;
|
||||
my @cavalid = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem");
|
||||
my $cavalid;
|
||||
|
||||
foreach my $line (@cavalid) {
|
||||
if ($line =~ /Not After : (.*)[\n]/) {
|
||||
$cavalid = $1;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
print "<td align='center' $col>$confighash{$key}[25]</td>";
|
||||
$col1="bgcolor='${Header::colourred}'";
|
||||
my $active = "<b><font color='#FFFFFF'>$Lang::tr{'capsclosed'}</font></b>";
|
||||
@@ -5571,11 +5670,19 @@ END
|
||||
my $col4="bgcolor='$color{'color20'}'";
|
||||
|
||||
if (-f "${General::swroot}/ovpn/ca/cacert.pem") {
|
||||
my $casubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/ca/cacert.pem`;
|
||||
$casubject =~ /Subject: (.*)[\n]/;
|
||||
$casubject = $1;
|
||||
$casubject =~ s+/Email+, E+;
|
||||
$casubject =~ s/ ST=/ S=/;
|
||||
my @casubject = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/ca/cacert.pem");
|
||||
my $casubject;
|
||||
|
||||
foreach my $line (@casubject) {
|
||||
if ($line =~ /Subject: (.*)[\n]/) {
|
||||
$casubject = $1;
|
||||
$casubject =~ s+/Email+, E+;
|
||||
$casubject =~ s/ ST=/ S=/;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
print <<END;
|
||||
<tr>
|
||||
<td class='base' $col1>$Lang::tr{'root certificate'}</td>
|
||||
@@ -5605,11 +5712,18 @@ END
|
||||
}
|
||||
|
||||
if (-f "${General::swroot}/ovpn/certs/servercert.pem") {
|
||||
my $hostsubject = `/usr/bin/openssl x509 -text -in ${General::swroot}/ovpn/certs/servercert.pem`;
|
||||
$hostsubject =~ /Subject: (.*)[\n]/;
|
||||
$hostsubject = $1;
|
||||
$hostsubject =~ s+/Email+, E+;
|
||||
$hostsubject =~ s/ ST=/ S=/;
|
||||
my @hostsubject = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
|
||||
my $hostsubject;
|
||||
|
||||
foreach my $line (@hostsubject) {
|
||||
if ($line =~ /Subject: (.*)[\n]/) {
|
||||
$hostsubject = $1;
|
||||
$hostsubject =~ s+/Email+, E+;
|
||||
$hostsubject =~ s/ ST=/ S=/;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
print <<END;
|
||||
<tr>
|
||||
@@ -5641,10 +5755,16 @@ END
|
||||
|
||||
# Adding DH parameter to chart
|
||||
if (-f "${General::swroot}/ovpn/ca/dh1024.pem") {
|
||||
my $dhsubject = `/usr/bin/openssl dhparam -text -in ${General::swroot}/ovpn/ca/dh1024.pem`;
|
||||
$dhsubject =~ / (.*)[\n]/;
|
||||
$dhsubject = $1;
|
||||
my @dhsubject = &System_output("/usr/bin/openssl", "dhparam", "-text", "-in", "${General::swroot}/ovpn/ca/dh1024.pem");
|
||||
my $dhsubject;
|
||||
|
||||
foreach my $line (@dhsubject) {
|
||||
if ($line =~ / (.*)[\n]/) {
|
||||
$dhsubject = $1;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
print <<END;
|
||||
<tr>
|
||||
@@ -5674,9 +5794,19 @@ END
|
||||
|
||||
# Adding ta.key to chart
|
||||
if (-f "${General::swroot}/ovpn/certs/ta.key") {
|
||||
my $tasubject = `/bin/cat ${General::swroot}/ovpn/certs/ta.key`;
|
||||
$tasubject =~ /# (.*)[\n]/;
|
||||
$tasubject = $1;
|
||||
open(FILE, "${General::swroot}/ovpn/certs/ta.key");
|
||||
my @tasubject = <FILE>;
|
||||
close(FILE);
|
||||
|
||||
my $tasubject;
|
||||
foreach my $line (@tasubject) {
|
||||
if($line =~ /# (.*)[\n]/) {
|
||||
$tasubject = $1;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
print <<END;
|
||||
|
||||
<tr>
|
||||
|
||||
@@ -57,12 +57,10 @@ sub refreshpage{&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' cont
|
||||
if (($cgiparams{'ACTION'} eq 'install') && (! -e $Pakfire::lockfile)) {
|
||||
$cgiparams{'INSPAKS'} =~ s/\|/\ /g;
|
||||
if ("$cgiparams{'FORCE'}" eq "on") {
|
||||
my $command = "/usr/local/bin/pakfire install --non-interactive --no-colors $cgiparams{'INSPAKS'} &>/dev/null &";
|
||||
system("$command");
|
||||
system("/bin/sleep 1");
|
||||
&General::system_background("/usr/local/bin/pakfire", "install", "--non-interactive", "--no-colors", $cgiparams{'INSPAKS'});
|
||||
} else {
|
||||
&Header::openbox("100%", "center", $Lang::tr{'request'});
|
||||
my @output = `/usr/local/bin/pakfire resolvedeps --no-colors $cgiparams{'INSPAKS'}`;
|
||||
my @output = &General::system_output("/usr/local/bin/pakfire", "resolvedeps", "--no-colors", $cgiparams{'INSPAKS'});
|
||||
print <<END;
|
||||
<table><tr><td colspan='2'>$Lang::tr{'pakfire install package'}.$cgiparams{'INSPAKS'}.$Lang::tr{'pakfire possible dependency'}
|
||||
<pre>
|
||||
@@ -97,12 +95,10 @@ END
|
||||
|
||||
$cgiparams{'DELPAKS'} =~ s/\|/\ /g;
|
||||
if ("$cgiparams{'FORCE'}" eq "on") {
|
||||
my $command = "/usr/local/bin/pakfire remove --non-interactive --no-colors $cgiparams{'DELPAKS'} &>/dev/null &";
|
||||
system("$command");
|
||||
system("/bin/sleep 1");
|
||||
&General::system_background("/usr/local/bin/pakfire", "remove", "--non-interactive", "--no-colors", $cgiparams{'DELPAKS'});
|
||||
} else {
|
||||
&Header::openbox("100%", "center", $Lang::tr{'request'});
|
||||
my @output = `/usr/local/bin/pakfire resolvedeps --no-colors $cgiparams{'DELPAKS'}`;
|
||||
my @output = &General::system_output("/usr/local/bin/pakfire", "resolvedeps", "--no-colors", $cgiparams{'DELPAKS'});
|
||||
print <<END;
|
||||
<table><tr><td colspan='2'>$Lang::tr{'pakfire uninstall package'}.$cgiparams{'DELPAKS'}.$Lang::tr{'pakfire possible dependency'}
|
||||
<pre>
|
||||
@@ -135,13 +131,9 @@ END
|
||||
}
|
||||
|
||||
} elsif (($cgiparams{'ACTION'} eq 'update') && (! -e $Pakfire::lockfile)) {
|
||||
|
||||
system("/usr/local/bin/pakfire update --force --no-colors &>/dev/null &");
|
||||
system("/bin/sleep 1");
|
||||
&General::system_background("/usr/local/bin/pakfire", "update", "--force", "--no-colors");
|
||||
} elsif (($cgiparams{'ACTION'} eq 'upgrade') && (!-e $Pakfire::lockfile)) {
|
||||
my $command = "/usr/local/bin/pakfire upgrade -y --no-colors &>/dev/null &";
|
||||
system("$command");
|
||||
system("/bin/sleep 1");
|
||||
&General::system_background("/usr/local/bin/pakfire", "upgrade", "-y", "--no-colors");
|
||||
} elsif ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") {
|
||||
$pakfiresettings{"TREE"} = $cgiparams{"TREE"};
|
||||
|
||||
@@ -154,7 +146,7 @@ END
|
||||
&General::writehash("${General::swroot}/pakfire/settings", \%pakfiresettings);
|
||||
|
||||
# Update lists
|
||||
system("/usr/local/bin/pakfire update --force --no-colors &>/dev/null &");
|
||||
&General::system_background("/usr/local/bin/pakfire", "update", "--force", "--no-colors");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -39,6 +39,8 @@ my %checked=();
|
||||
my @profilenames=();
|
||||
my $errormessage = '';
|
||||
my $maxprofiles = 5;
|
||||
|
||||
# This call is safe, because no user input will be processed.
|
||||
my $kernel=`/bin/uname -r | /usr/bin/tr -d '\012'`;
|
||||
|
||||
my %color = ();
|
||||
@@ -177,7 +179,12 @@ elsif ($pppsettings{'ACTION'} eq $Lang::tr{'save'})
|
||||
$errormessage = $Lang::tr{'invalid input'};
|
||||
goto ERROR; }
|
||||
|
||||
if( $pppsettings{'RECONNECTION'} eq 'dialondemand' && `/bin/cat ${General::swroot}/ddns/config` =~ /,on$/m ) {
|
||||
# Read-in ddns config file, to check if at least one provider is enabled.
|
||||
open(FILE, "${General::swroot}/ddns/config)";
|
||||
my @ddns_config = <FILE>
|
||||
close(FILE);
|
||||
|
||||
if( $pppsettings{'RECONNECTION'} eq 'dialondemand' && grep(/on/, @ddns_config) ) {
|
||||
$errormessage = $Lang::tr{'dod not compatible with ddns'};
|
||||
goto ERROR; }
|
||||
|
||||
@@ -520,7 +527,12 @@ print <<END
|
||||
END
|
||||
;
|
||||
|
||||
my $atmdev=`cat /proc/net/atm/devices 2>/dev/null | grep 0`;
|
||||
# Read-in atm devices from proc.
|
||||
open(PROC, "/proc/net/atm/devices");
|
||||
my @patm_devices = <PROC>;
|
||||
close(PROC);
|
||||
|
||||
my $atmdev = grep(/0/, @atm_devices);
|
||||
chomp ($atmdev);
|
||||
if ($atmdev ne '') {
|
||||
print <<END
|
||||
@@ -962,7 +974,10 @@ sub updatesettings
|
||||
unlink("${General::swroot}/ppp/settings");
|
||||
link("${General::swroot}/ppp/settings-$pppsettings{'PROFILE'}",
|
||||
"${General::swroot}/ppp/settings");
|
||||
system ("/usr/bin/touch", "${General::swroot}/ppp/updatesettings");
|
||||
|
||||
# Write updatesettings file.
|
||||
open(FILE, ">/${General::swroot}/ppp/updatesettings");
|
||||
close(FILE);
|
||||
}
|
||||
|
||||
sub writesecrets
|
||||
|
||||
@@ -32,7 +32,7 @@ require "${General::swroot}/header.pl";
|
||||
|
||||
require "${General::swroot}/ids-functions.pl";
|
||||
|
||||
my @squidversion = `/usr/sbin/squid -v`;
|
||||
my @squidversion = &General::system_output("/usr/sbin/squid", "-v");
|
||||
my $http_port='81';
|
||||
my $https_port='444';
|
||||
|
||||
@@ -131,35 +131,35 @@ unless (-d "$raddir") { mkdir("$raddir"); }
|
||||
unless (-d "$identdir") { mkdir("$identdir"); }
|
||||
unless (-d "$credir") { mkdir("$credir"); }
|
||||
|
||||
unless (-e $cre_groups) { system("touch $cre_groups"); }
|
||||
unless (-e $cre_svhosts) { system("touch $cre_svhosts"); }
|
||||
unless (-e $cre_groups) { &General::system("touch", "$cre_groups"); }
|
||||
unless (-e $cre_svhosts) { &General::system("touch $cre_svhosts"); }
|
||||
|
||||
unless (-e $userdb) { system("touch $userdb"); }
|
||||
unless (-e $stdgrp) { system("touch $stdgrp"); }
|
||||
unless (-e $extgrp) { system("touch $extgrp"); }
|
||||
unless (-e $disgrp) { system("touch $disgrp"); }
|
||||
unless (-e $userdb) { &General::system("touch", "$userdb"); }
|
||||
unless (-e $stdgrp) { &General::system("touch", "$stdgrp"); }
|
||||
unless (-e $extgrp) { &General::system("touch", "$extgrp"); }
|
||||
unless (-e $disgrp) { &General::system("touch", "$disgrp"); }
|
||||
|
||||
unless (-e $acl_src_subnets) { system("touch $acl_src_subnets"); }
|
||||
unless (-e $acl_src_banned_ip) { system("touch $acl_src_banned_ip"); }
|
||||
unless (-e $acl_src_banned_mac) { system("touch $acl_src_banned_mac"); }
|
||||
unless (-e $acl_src_unrestricted_ip) { system("touch $acl_src_unrestricted_ip"); }
|
||||
unless (-e $acl_src_unrestricted_mac) { system("touch $acl_src_unrestricted_mac"); }
|
||||
unless (-e $acl_src_noaccess_ip) { system("touch $acl_src_noaccess_ip"); }
|
||||
unless (-e $acl_src_noaccess_mac) { system("touch $acl_src_noaccess_mac"); }
|
||||
unless (-e $acl_dst_noauth) { system("touch $acl_dst_noauth"); }
|
||||
unless (-e $acl_dst_noauth_dom) { system("touch $acl_dst_noauth_dom"); }
|
||||
unless (-e $acl_dst_noauth_net) { system("touch $acl_dst_noauth_net"); }
|
||||
unless (-e $acl_dst_noauth_url) { system("touch $acl_dst_noauth_url"); }
|
||||
unless (-e $acl_dst_nocache) { system("touch $acl_dst_nocache"); }
|
||||
unless (-e $acl_dst_nocache_dom) { system("touch $acl_dst_nocache_dom"); }
|
||||
unless (-e $acl_dst_nocache_net) { system("touch $acl_dst_nocache_net"); }
|
||||
unless (-e $acl_dst_nocache_url) { system("touch $acl_dst_nocache_url"); }
|
||||
unless (-e $acl_dst_throttle) { system("touch $acl_dst_throttle"); }
|
||||
unless (-e $acl_ports_safe) { system("touch $acl_ports_safe"); }
|
||||
unless (-e $acl_ports_ssl) { system("touch $acl_ports_ssl"); }
|
||||
unless (-e $acl_include) { system("touch $acl_include"); }
|
||||
unless (-e $acl_src_subnets) { &General::system("touch", "$acl_src_subnets"); }
|
||||
unless (-e $acl_src_banned_ip) { &General::system("touch", "$acl_src_banned_ip"); }
|
||||
unless (-e $acl_src_banned_mac) { &General::system("touch", "$acl_src_banned_mac"); }
|
||||
unless (-e $acl_src_unrestricted_ip) { &General::system("touch", "$acl_src_unrestricted_ip"); }
|
||||
unless (-e $acl_src_unrestricted_mac) { &General::system("touch", "$acl_src_unrestricted_mac"); }
|
||||
unless (-e $acl_src_noaccess_ip) { &General::system("touch", "$acl_src_noaccess_ip"); }
|
||||
unless (-e $acl_src_noaccess_mac) { &General::system("touch", "$acl_src_noaccess_mac"); }
|
||||
unless (-e $acl_dst_noauth) { &General::system("touch", "$acl_dst_noauth"); }
|
||||
unless (-e $acl_dst_noauth_dom) { &General::system("touch", "$acl_dst_noauth_dom"); }
|
||||
unless (-e $acl_dst_noauth_net) { &General::system("touch", "$acl_dst_noauth_net"); }
|
||||
unless (-e $acl_dst_noauth_url) { &General::system("touch", "$acl_dst_noauth_url"); }
|
||||
unless (-e $acl_dst_nocache) { &General::system("touch", "$acl_dst_nocache"); }
|
||||
unless (-e $acl_dst_nocache_dom) { &General::system("touch", "$acl_dst_nocache_dom"); }
|
||||
unless (-e $acl_dst_nocache_net) { &General::system("touch", "$acl_dst_nocache_net"); }
|
||||
unless (-e $acl_dst_nocache_url) { &General::system("touch", "$acl_dst_nocache_url"); }
|
||||
unless (-e $acl_dst_throttle) { &General::system("touch", "$acl_dst_throttle"); }
|
||||
unless (-e $acl_ports_safe) { &General::system("touch", "$acl_ports_safe"); }
|
||||
unless (-e $acl_ports_ssl) { &General::system("touch", "$acl_ports_ssl"); }
|
||||
unless (-e $acl_include) { &General::system("touch", "$acl_include"); }
|
||||
|
||||
unless (-e $mimetypes) { system("touch $mimetypes"); }
|
||||
unless (-e $mimetypes) { &General::system("touch", "$mimetypes"); }
|
||||
|
||||
my $HAVE_NTLM_AUTH = (-e "/usr/bin/ntlm_auth");
|
||||
|
||||
@@ -383,7 +383,7 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'}
|
||||
$errormessage = $Lang::tr{'advproxy errmsg mem cache size'};
|
||||
goto ERROR;
|
||||
}
|
||||
my @free = `/usr/bin/free`;
|
||||
my @free = &General::system_output("/usr/bin/free");
|
||||
$free[1] =~ m/(\d+)/;
|
||||
$cachemem = int $1 / 2048;
|
||||
if ($proxysettings{'CACHE_MEM'} > $cachemem) {
|
||||
@@ -630,25 +630,25 @@ ERROR:
|
||||
|
||||
if ($proxysettings{'CACHEMGR'} eq 'on'){&writecachemgr;}
|
||||
|
||||
system ('/usr/local/bin/squidctrl', 'disable');
|
||||
&General::system ('/usr/local/bin/squidctrl', 'disable');
|
||||
unlink "${General::swroot}/proxy/enable";
|
||||
unlink "${General::swroot}/proxy/transparent";
|
||||
unlink "${General::swroot}/proxy/enable_blue";
|
||||
unlink "${General::swroot}/proxy/transparent_blue";
|
||||
|
||||
if ($proxysettings{'ENABLE'} eq 'on') {
|
||||
system ('/usr/bin/touch', "${General::swroot}/proxy/enable");
|
||||
system ('/usr/local/bin/squidctrl', 'enable'); }
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/proxy/enable");
|
||||
&General::system('/usr/local/bin/squidctrl', 'enable'); }
|
||||
if ($proxysettings{'TRANSPARENT'} eq 'on' && $proxysettings{'ENABLE'} eq 'on') {
|
||||
system ('/usr/bin/touch', "${General::swroot}/proxy/transparent"); }
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/proxy/transparent"); }
|
||||
if ($proxysettings{'ENABLE_BLUE'} eq 'on') {
|
||||
system ('/usr/bin/touch', "${General::swroot}/proxy/enable_blue");
|
||||
system ('/usr/local/bin/squidctrl', 'enable'); }
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/proxy/enable_blue");
|
||||
&General::system('/usr/local/bin/squidctrl', 'enable'); }
|
||||
if ($proxysettings{'TRANSPARENT_BLUE'} eq 'on' && $proxysettings{'ENABLE_BLUE'} eq 'on') {
|
||||
system ('/usr/bin/touch', "${General::swroot}/proxy/transparent_blue"); }
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/proxy/transparent_blue"); }
|
||||
|
||||
if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy save and restart'}) { system('/usr/local/bin/squidctrl restart >/dev/null 2>&1'); }
|
||||
if ($proxysettings{'ACTION'} eq $Lang::tr{'proxy reconfigure'}) { system('/usr/local/bin/squidctrl reconfigure >/dev/null 2>&1'); }
|
||||
if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy save and restart'}) { &General::system('/usr/local/bin/squidctrl', 'restart'); }
|
||||
if ($proxysettings{'ACTION'} eq $Lang::tr{'proxy reconfigure'}) { &General::system('/usr/local/bin/squidctrl', 'reconfigure'); }
|
||||
|
||||
# Check if the suricata_proxy_ports_changed flag has been set.
|
||||
if ($suricata_proxy_ports_changed) {
|
||||
@@ -663,7 +663,7 @@ ERROR:
|
||||
|
||||
if ($proxysettings{'ACTION'} eq $Lang::tr{'advproxy clear cache'})
|
||||
{
|
||||
system('/usr/local/bin/squidctrl flush >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/squidctrl', 'flush');
|
||||
}
|
||||
|
||||
if (!$errormessage)
|
||||
|
||||
@@ -104,7 +104,7 @@ $qossettings{'TOS'} = '';
|
||||
&General::readhash("${General::swroot}/qos/settings", \%qossettings);
|
||||
&Header::getcgihash(\%qossettings);
|
||||
|
||||
$qossettings{'RED_DEV'} = `cat /var/ipfire/red/iface`;
|
||||
$qossettings{'RED_DEV'} = &General::get_red_interface();
|
||||
|
||||
my %color = ();
|
||||
my %mainsettings = ();
|
||||
@@ -232,7 +232,7 @@ END
|
||||
open( FILE, "< $level7file" ) or die "Unable to read $level7file";
|
||||
@l7rules = <FILE>;
|
||||
close FILE;
|
||||
system("rm $level7file");
|
||||
&General::system("rm", "$level7file");
|
||||
foreach $l7ruleentry (sort @l7rules)
|
||||
{
|
||||
@l7ruleline = split( /\;/, $l7ruleentry );
|
||||
@@ -244,13 +244,13 @@ END
|
||||
close FILE;
|
||||
}
|
||||
}
|
||||
open( FILE, "< $level7file" ) or system("touch $level7file");close FILE;
|
||||
open( FILE, "< $level7file" ) or &General::system("touch", "$level7file");close FILE;
|
||||
} elsif ($qossettings{'DOLEVEL7'} eq $Lang::tr{'edit'})
|
||||
{
|
||||
open( FILE, "< $level7file" ) or die "Unable to read $level7file";
|
||||
@l7rules = <FILE>;
|
||||
close FILE;
|
||||
system("rm $level7file");
|
||||
&General::system("rm", "$level7file");
|
||||
foreach $l7ruleentry (sort @l7rules)
|
||||
{
|
||||
@l7ruleline = split( /\;/, $l7ruleentry );
|
||||
@@ -263,7 +263,7 @@ END
|
||||
}
|
||||
}
|
||||
&level7rule;
|
||||
open( FILE, "< $level7file" ) or system("touch $level7file");close FILE;
|
||||
open( FILE, "< $level7file" ) or &General::system("touch", "$level7file");close FILE;
|
||||
}
|
||||
|
||||
############################################################################################################################
|
||||
@@ -323,7 +323,7 @@ END
|
||||
open( FILE, "< $portfile" ) or die "Unable to read $portfile";
|
||||
@portrules = <FILE>;
|
||||
close FILE;
|
||||
system("rm $portfile");
|
||||
&General::system("rm", "$portfile");
|
||||
foreach $portruleentry (sort @portrules)
|
||||
{
|
||||
@portruleline = split( /\;/, $portruleentry );
|
||||
@@ -336,7 +336,7 @@ END
|
||||
}
|
||||
}
|
||||
&portrule;
|
||||
open( FILE, "< $portfile" ) or system("touch $portfile");close FILE;
|
||||
open( FILE, "< $portfile" ) or &General::system("touch", "$portfile");close FILE;
|
||||
}
|
||||
|
||||
############################################################################################################################
|
||||
@@ -408,25 +408,25 @@ if ($qossettings{'ACTION'} eq $Lang::tr{'start'})
|
||||
{
|
||||
$qossettings{'ENABLED'} = 'on';
|
||||
&General::writehash("${General::swroot}/qos/settings", \%qossettings);
|
||||
system("/usr/local/bin/qosctrl generate >/dev/null 2>&1");
|
||||
system("/usr/local/bin/qosctrl start >/dev/null 2>&1");
|
||||
system("logger -t ipfire 'QoS started'");
|
||||
&General::system("/usr/local/bin/qosctrl", "generate");
|
||||
&General::system("/usr/local/bin/qosctrl", "start");
|
||||
&General::system("logger", "-t", "ipfire", "QoS started");
|
||||
}
|
||||
elsif ($qossettings{'ACTION'} eq $Lang::tr{'stop'})
|
||||
{
|
||||
$qossettings{'ENABLED'} = 'off';
|
||||
&General::writehash("${General::swroot}/qos/settings", \%qossettings);
|
||||
system("/usr/local/bin/qosctrl stop >/dev/null 2>&1");
|
||||
system("/usr/local/bin/qosctrl generate >/dev/null 2>&1");
|
||||
system("logger -t ipfire 'QoS stopped'");
|
||||
&General::system("/usr/local/bin/qosctrl", "stop");
|
||||
&General::system("/usr/local/bin/qosctrl", "generate");
|
||||
&General::system("logger", "-t", "ipfire", "QoS stopped");
|
||||
}
|
||||
elsif ($qossettings{'ACTION'} eq $Lang::tr{'restart'})
|
||||
{
|
||||
if ($qossettings{'ENABLED'} eq 'on'){
|
||||
system("/usr/local/bin/qosctrl stop >/dev/null 2>&1");
|
||||
system("/usr/local/bin/qosctrl generate >/dev/null 2>&1");
|
||||
system("/usr/local/bin/qosctrl start >/dev/null 2>&1");
|
||||
system("logger -t ipfire 'QoS restarted'");
|
||||
&General::system("/usr/local/bin/qosctrl", "stop");
|
||||
&General::system("/usr/local/bin/qosctrl", "generate");
|
||||
&General::system("/usr/local/bin/qosctrl", "start");
|
||||
&General::system("logger", "-t", "ipfire", "QoS restarted");
|
||||
}
|
||||
}
|
||||
elsif ($qossettings{'ACTION'} eq $Lang::tr{'save'})
|
||||
@@ -530,9 +530,9 @@ END
|
||||
$qossettings{'ACK'} ="101";
|
||||
$qossettings{'ENABLED'} = 'on';
|
||||
&General::writehash("${General::swroot}/qos/settings", \%qossettings);
|
||||
system("/usr/local/bin/qosctrl generate >/dev/null 2>&1");
|
||||
system("/usr/local/bin/qosctrl start >/dev/null 2>&1");
|
||||
system("logger -t ipfire 'QoS started'");
|
||||
&General::system("/usr/local/bin/qosctrl", "generate");
|
||||
&General::system("/usr/local/bin/qosctrl", "start");
|
||||
&General::system("logger", "-t", "ipfire", "QoS started");
|
||||
} else {
|
||||
$message = $Lang::tr{'qos enter bandwidths'};
|
||||
}
|
||||
@@ -542,8 +542,8 @@ elsif ($qossettings{'ACTION'} eq $Lang::tr{'status'} )
|
||||
&Header::openbox('100%', 'left', 'QoS Status');
|
||||
if ($qossettings{'ENABLED'} eq 'on'){
|
||||
my $output = "";
|
||||
$output = `/usr/local/bin/qosctrl status`;
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
my @output = &General::system_output("/usr/local/bin/qosctrl", "status");
|
||||
$output = &Header::cleanhtml(@output[0],"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
} else { print "$Lang::tr{'QoS not enabled'}"; }
|
||||
&Header::closebox();
|
||||
|
||||
@@ -65,7 +65,7 @@ if ( (($remotesettings{'ACTION'} eq $Lang::tr{'save'}) || ($remotesettings{'ACTI
|
||||
{
|
||||
$errormessage = $Lang::tr{'ssh no auth'};
|
||||
}
|
||||
system ('/usr/bin/touch', "${General::swroot}/remote/enablessh");
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/remote/enablessh");
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -85,8 +85,8 @@ if ( (($remotesettings{'ACTION'} eq $Lang::tr{'save'}) || ($remotesettings{'ACTI
|
||||
if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} || $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ){
|
||||
if ($remotesettings{'ENABLE_SSH'} eq 'off')
|
||||
{
|
||||
system ('/usr/bin/touch', "${General::swroot}/remote/enablessh");
|
||||
system('/usr/local/bin/sshctrl');
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/remote/enablessh");
|
||||
&General::system('/usr/local/bin/sshctrl');
|
||||
}
|
||||
if ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart15'} ) { $counter = 900;}
|
||||
elsif ( $remotesettings{'ACTION'} eq $Lang::tr{'ssh tempstart30'} ) { $counter = 1800;}
|
||||
@@ -254,7 +254,10 @@ sub viewkey
|
||||
|
||||
if ( -e $key )
|
||||
{
|
||||
my @temp = split(/ /,`/usr/bin/ssh-keygen -l -f $key`);
|
||||
# Use safe system_output function to call ssh-keygen and get the output from the tool.
|
||||
my @ssh_keygen = &General::system_output("/usr/bin/ssh-keygen", "-l", "-f", "$key");
|
||||
|
||||
my @temp = split(/ /, $ssh_keygen[0]);
|
||||
my $keysize = &Header::cleanhtml($temp[0],"y");
|
||||
my $fingerprint = &Header::cleanhtml($temp[1],"y");
|
||||
print "<tr><td><code>$key</code></td><td align='center'>$name</td><td><code>$fingerprint</code></td><td align='center'>$keysize</td></tr>\n";
|
||||
@@ -264,8 +267,7 @@ sub viewkey
|
||||
sub printactivelogins()
|
||||
{
|
||||
# print active SSH logins (grep outpout of "who -s")
|
||||
my $command = "who -s";
|
||||
my @output = `$command`;
|
||||
my @output = &General::system_output("who", "-s");
|
||||
chomp(@output);
|
||||
|
||||
my $id = 0;
|
||||
|
||||
@@ -474,5 +474,5 @@ sub SortDataFile
|
||||
# Build the configuration file
|
||||
#
|
||||
sub BuildConfiguration {
|
||||
system '/usr/local/bin/rebuildroutes';
|
||||
&General::system('/usr/local/bin/rebuildroutes');
|
||||
}
|
||||
|
||||
@@ -85,14 +85,14 @@ delete $sambasettings{'__CGI__'};delete $sambasettings{'x'};delete $sambasetting
|
||||
############################################################################################################################
|
||||
############################################# Samba Rootskript aufrufe fr SU-Actions #######################################
|
||||
|
||||
if ($sambasettings{'ACTION'} eq 'smbuserdisable'){system("/usr/local/bin/sambactrl smbuserdisable $sambasettings{'NAME'}");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbuserenable'){system("/usr/local/bin/sambactrl smbuserenable $sambasettings{'NAME'}");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbuseradd'){system("/usr/local/bin/sambactrl smbuseradd $sambasettings{'USERNAME'} $sambasettings{'PASSWORD'}");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbchangepw'){system("/usr/local/bin/sambactrl smbchangepw $sambasettings{'USERNAME'} $sambasettings{'PASSWORD'}");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbrestart'){system("/usr/local/bin/sambactrl smbrestart");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbstart'){system("/usr/local/bin/sambactrl smbstart");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbstop'){system("/usr/local/bin/sambactrl smbstop");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbreload'){system("/usr/local/bin/sambactrl smbreload");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbuserdisable'){&General::system("/usr/local/bin/sambactrl", "smbuserdisable", "$sambasettings{'NAME'}");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbuserenable'){&General::system("/usr/local/bin/sambactrl", "smbuserenable", "$sambasettings{'NAME'}");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbuseradd'){&General::system("/usr/local/bin/sambactrl", "smbuseradd", "$sambasettings{'USERNAME'}", "$sambasettings{'PASSWORD'}");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbchangepw'){&General::system("/usr/local/bin/sambactrl", "smbchangepw", "$sambasettings{'USERNAME'}", "$sambasettings{'PASSWORD'}");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbrestart'){&General::system("/usr/local/bin/sambactrl", "smbrestart");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbstart'){&General::system("/usr/local/bin/sambactrl", "smbstart");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbstop'){&General::system("/usr/local/bin/sambactrl", "smbstop");}
|
||||
if ($sambasettings{'ACTION'} eq 'smbreload'){&General::system("/usr/local/bin/sambactrl", "smbreload");}
|
||||
if ($sambasettings{'ACTION'} eq 'join') {
|
||||
$message .= &joindomain($sambasettings{'USERNAME'}, $sambasettings{'PASSWORD'});
|
||||
}
|
||||
@@ -124,7 +124,7 @@ if ($sambasettings{'ACTION'} eq 'smbsharechange') {
|
||||
############################################################################################################################
|
||||
########################################### Samba Benutzer oder PC l<>chen #################################################
|
||||
|
||||
if ($sambasettings{'ACTION'} eq 'userdelete'){system("/usr/local/bin/sambactrl smbuserdelete $sambasettings{'NAME'}");}
|
||||
if ($sambasettings{'ACTION'} eq 'userdelete'){&General::system("/usr/local/bin/sambactrl", "smbuserdelete", "$sambasettings{'NAME'}");}
|
||||
|
||||
############################################################################################################################
|
||||
##################################### Umsetzen der Werte von Checkboxen und Dropdowns ######################################
|
||||
@@ -138,7 +138,7 @@ if ($sambasettings{'ACTION'} eq $Lang::tr{'save'}) {
|
||||
# Write configuration to file
|
||||
&writeconfiguration();
|
||||
|
||||
system("/usr/local/bin/sambactrl smbreload");
|
||||
&General::system("/usr/local/bin/sambactrl", "smbreload");
|
||||
}
|
||||
|
||||
&General::readhash("${General::swroot}/samba/settings", \%sambasettings);
|
||||
@@ -334,11 +334,11 @@ if ($sambasettings{'ROLE'} eq 'standalone') {
|
||||
</tr>
|
||||
END
|
||||
|
||||
system('/usr/local/bin/sambactrl readsmbpasswd');
|
||||
&General::system("/usr/local/bin/sambactrl", "readsmbpasswd");
|
||||
open(FILE, "<${General::swroot}/samba/private/smbpasswd") or die "Can't read user file: $!";
|
||||
my @users = <FILE>;
|
||||
close(FILE);
|
||||
system('/usr/local/bin/sambactrl locksmbpasswd');
|
||||
&General::system("/usr/local/bin/sambactrl", "locksmbpasswd");
|
||||
|
||||
my $lines = 0;
|
||||
foreach $userentry (sort @users) {
|
||||
@@ -734,8 +734,8 @@ if ( $smb eq 'shares')
|
||||
|
||||
close FILE;
|
||||
|
||||
system("/usr/local/bin/sambactrl smbsafeconf");
|
||||
system("/usr/local/bin/sambactrl smbreload");
|
||||
&General::system("/usr/local/bin/sambactrl", "smbsafeconf");
|
||||
&General::system("/usr/local/bin/sambactrl", "smbreload");
|
||||
}
|
||||
|
||||
sub isrunning
|
||||
@@ -844,7 +844,7 @@ printable = yes
|
||||
END
|
||||
close FILE;
|
||||
|
||||
system("/usr/local/bin/sambactrl smbsafeconf");
|
||||
&General::system("/usr/local/bin/sambactrl", "smbsafeconf");
|
||||
}
|
||||
|
||||
sub joindomain {
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
###############################################################################
|
||||
# #
|
||||
# IPFire.org - A linux based firewall #
|
||||
# Copyright (C) 2005-2010 IPFire Team #
|
||||
# Copyright (C) 2005-2021 IPFire Team #
|
||||
# #
|
||||
# This program is free software: you can redistribute it and/or modify #
|
||||
# it under the terms of the GNU General Public License as published by #
|
||||
@@ -141,7 +141,7 @@ END
|
||||
my $paramstr=$ENV{QUERY_STRING};
|
||||
my @param=split(/!/, $paramstr);
|
||||
if ($param[1] ne ''){
|
||||
system("/usr/local/bin/addonctrl @param[0] @param[1] > /dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/addonctrl", "$param[0]", "$param[1]");
|
||||
}
|
||||
|
||||
print <<END
|
||||
@@ -163,6 +163,8 @@ END
|
||||
# Generate list of installed addon pak's
|
||||
opendir (DIR, "/opt/pakfire/db/installed") || die "Cannot opendir /opt/pakfire/db/installed/: $!";
|
||||
my @pak = sort readdir DIR;
|
||||
closedir(DIR);
|
||||
|
||||
foreach (@pak){
|
||||
chomp($_);
|
||||
next unless (m/^meta-/);
|
||||
@@ -187,6 +189,7 @@ END
|
||||
print "<tr>";
|
||||
$col="bgcolor='$color{'color20'}'";
|
||||
}
|
||||
|
||||
print "<td align='left' $col width='31%'>$_</td> ";
|
||||
my $status = isautorun($_,$col);
|
||||
print "$status ";
|
||||
@@ -217,27 +220,54 @@ END
|
||||
&Header::closepage();
|
||||
}
|
||||
|
||||
sub isautorun{
|
||||
my $cmd = $_[0];
|
||||
my $col = $_[1];
|
||||
sub isautorun (@) {
|
||||
my ($cmd, $col) = @_;
|
||||
|
||||
# Init directory.
|
||||
my $initdir = "/etc/rc.d/rc3.d/";
|
||||
|
||||
my $status = "<td align='center' $col></td>";
|
||||
my $init = `find /etc/rc.d/rc3.d/S??${cmd} 2>/dev/null`;
|
||||
chomp ($init);
|
||||
if ($init ne ''){
|
||||
|
||||
# Check if autorun for the given cmd is enabled.
|
||||
if ( &find_init("$cmd", "$initdir") ) {
|
||||
# Adjust status.
|
||||
$status = "<td align='center' $col><a href='services.cgi?$_!disable'><img alt='$Lang::tr{'deactivate'}' title='$Lang::tr{'deactivate'}' src='/images/on.gif' border='0' width='16' height='16' /></a></td>";
|
||||
}
|
||||
$init = `find /etc/rc.d/rc3.d/off/S??${cmd} 2>/dev/null`;
|
||||
chomp ($init);
|
||||
if ($init ne ''){
|
||||
} else {
|
||||
# Adjust status.
|
||||
$status = "<td align='center' $col><a href='services.cgi?$_!enable'><img alt='$Lang::tr{'activate'}' title='$Lang::tr{'activate'}' src='/images/off.gif' border='0' width='16' height='16' /></a></td>";
|
||||
}
|
||||
|
||||
# Return the status.
|
||||
return $status;
|
||||
}
|
||||
|
||||
sub isrunning{
|
||||
my $cmd = $_[0];
|
||||
my $col = $_[1];
|
||||
sub find_init (@) {
|
||||
my ($cmd, $dir) = @_;
|
||||
|
||||
# Open given init directory.
|
||||
opendir (INITDIR, "$dir") || die "Cannot opendir $dir: $!";
|
||||
|
||||
# Read-in init files from directory.
|
||||
my @inits = readdir(INITDIR);
|
||||
|
||||
# Close directory handle.
|
||||
closedir(INITDIR);
|
||||
|
||||
# Loop through the directory.
|
||||
foreach my $init (@inits) {
|
||||
# Check if the current processed file belongs to the given command.
|
||||
if ($init =~ /S\d+\d+$cmd\z/) {
|
||||
# Found, return "1" - True.
|
||||
return "1";
|
||||
}
|
||||
}
|
||||
|
||||
# Nothing found, return nothing.
|
||||
return;
|
||||
}
|
||||
|
||||
sub isrunning (@) {
|
||||
my ($cmd, $col) = @_;
|
||||
my $status = "<td align='center' bgcolor='${Header::colourred}'><font color='white'><b>$Lang::tr{'stopped'}</b></font></td><td colspan='2' $col></td>";
|
||||
my $pid = '';
|
||||
my $testcmd = '';
|
||||
@@ -288,16 +318,17 @@ sub isrunning{
|
||||
return $status;
|
||||
}
|
||||
|
||||
sub isrunningaddon{
|
||||
my $cmd = $_[0];
|
||||
my $col = $_[1];
|
||||
sub isrunningaddon (@) {
|
||||
my ($cmd, $col) = @_;
|
||||
|
||||
my $status = "<td align='center' bgcolor='${Header::colourred}'><font color='white'><b>$Lang::tr{'stopped'}</b></font></td><td colspan='2' $col></td>";
|
||||
my $pid = '';
|
||||
my $testcmd = '';
|
||||
my $exename;
|
||||
my @memory;
|
||||
|
||||
my $testcmd = `/usr/local/bin/addonctrl $_ status 2>/dev/null`;
|
||||
my @testcmd = &General::system_output("/usr/local/bin/addonctrl", "$cmd", "status");
|
||||
my $testcmd = @testcmd[0];
|
||||
|
||||
if ( $testcmd =~ /is\ running/ && $testcmd !~ /is\ not\ running/){
|
||||
$status = "<td align='center' bgcolor='${Header::colourgreen}'><font color='white'><b>$Lang::tr{'running'}</b></font></td>";
|
||||
|
||||
@@ -29,11 +29,11 @@ $cgiparams{'ACTION'} = '';
|
||||
if ($cgiparams{'ACTION'} eq $Lang::tr{'shutdown'}) {
|
||||
$death = 1;
|
||||
&General::log($Lang::tr{'shutting down ipfire'});
|
||||
system '/usr/local/bin/ipfirereboot down';
|
||||
&General::system('/usr/local/bin/ipfirereboot', 'down');
|
||||
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'reboot'}) {
|
||||
$rebirth = 1;
|
||||
&General::log($Lang::tr{'rebooting ipfire'});
|
||||
system '/usr/local/bin/ipfirereboot boot';
|
||||
&General::system('/usr/local/bin/ipfirereboot', 'boot');
|
||||
}
|
||||
if ($death == 0 && $rebirth == 0) {
|
||||
|
||||
|
||||
@@ -36,8 +36,8 @@ foreach $field (@fields) {
|
||||
}
|
||||
}
|
||||
|
||||
my $interface = `cat /var/ipfire/red/iface 2>/dev/null`;
|
||||
my @data_now = `ip -s link show $interface 2>/dev/null`;
|
||||
my $interface = &General::get_red_interface();
|
||||
my @data_now = &General::system_output("ip", "-s", "link", "show", "$interface");
|
||||
|
||||
my $lastline;
|
||||
my $rxb_now = 0;
|
||||
|
||||
@@ -20,6 +20,7 @@
|
||||
###############################################################################
|
||||
|
||||
use strict;
|
||||
use POSIX qw(strftime);
|
||||
|
||||
# enable only the following on debugging purpose
|
||||
#use warnings;
|
||||
@@ -125,8 +126,8 @@ ERROR:
|
||||
|
||||
if ($timesettings{'ENABLENTP'} eq 'on' && $timesettings{'VALID'} eq 'yes')
|
||||
{
|
||||
system ('/usr/bin/touch', "${General::swroot}/time/enable");
|
||||
system ('/usr/local/bin/timectrl enable >/dev/null 2>&1');
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/time/enable");
|
||||
&General::system('/usr/local/bin/timectrl', 'enable');
|
||||
&General::log($Lang::tr{'ntp syncro enabled'});
|
||||
unlink "/var/lock/time/counter";
|
||||
if ($timesettings{'UPDATE_METHOD'} eq 'periodically')
|
||||
@@ -138,7 +139,7 @@ ERROR:
|
||||
}
|
||||
if ($timesettings{'ENABLECLNTP'} eq 'on') # DPC added to 1.3.1
|
||||
{
|
||||
system ('/usr/bin/touch', "${General::swroot}/time/allowclients"); # DPC added to 1.3.1
|
||||
&General::system('/usr/bin/touch', "${General::swroot}/time/allowclients"); # DPC added to 1.3.1
|
||||
&General::log($Lang::tr{'ntpd restarted'}); # DPC added to 1.3.1
|
||||
} else {
|
||||
unlink "${General::swroot}/time/allowclients";
|
||||
@@ -150,11 +151,11 @@ ERROR:
|
||||
unlink "${General::swroot}/time/enable";
|
||||
unlink "/var/lock/time/settimenow";
|
||||
unlink "${General::swroot}/time/allowclients"; # DPC added to 1.3.1
|
||||
system ('/usr/local/bin/timectrl disable >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/timectrl', 'disable');
|
||||
&General::log($Lang::tr{'ntp syncro disabled'})
|
||||
}
|
||||
if (! $errormessage) {
|
||||
system ('/usr/local/bin/timectrl restart >/dev/null 2>&1'); # DPC added to 1.3.1
|
||||
&General::system('/usr/local/bin/timectrl', 'restart'); # DPC added to 1.3.1
|
||||
}
|
||||
}
|
||||
|
||||
@@ -163,7 +164,7 @@ ERROR:
|
||||
$timesettings{'ACTION'} = &Header::cleanhtml ($timesettings{'ACTION'});
|
||||
if ($timesettings{'ACTION'} eq $Lang::tr{'set time now'} && $timesettings{'ENABLENTP'} eq 'on')
|
||||
{
|
||||
system ('/usr/bin/touch', "/var/lock/time/settimenow");
|
||||
&General::system('/usr/bin/touch', "/var/lock/time/settimenow");
|
||||
}
|
||||
|
||||
&General::readhash("${General::swroot}/time/settings", \%timesettings);
|
||||
@@ -180,11 +181,18 @@ if ($timesettings{'VALID'} eq '')
|
||||
}
|
||||
|
||||
unless ($errormessage) {
|
||||
$timesettings{'SETMONTH'} = `date +'%m %e %Y %H %M'|cut -c 1-2`;
|
||||
$timesettings{'SETDAY'} = `date +'%m %e %Y %H %M'|cut -c 4-5`;
|
||||
$timesettings{'SETYEAR'} = `date +'%m %e %Y %H %M'|cut -c 7-10`;
|
||||
$timesettings{'SETHOUR'} = `date +'%m %e %Y %H %M'|cut -c 12-13`;
|
||||
$timesettings{'SETMINUTES'} = `date +'%m %e %Y %H %M'|cut -c 15-16`;
|
||||
# Get date and time.
|
||||
my $date = strftime("%m %e %Y %H %M", localtime);
|
||||
|
||||
# Split date string into single values.
|
||||
my ($month, $day, $year, $hour, $minute) = split(/ /, $date);
|
||||
|
||||
# Assign values to the hash.
|
||||
$timesettings{'SETMONTH'} = $month;
|
||||
$timesettings{'SETDAY'} = $day;
|
||||
$timesettings{'SETYEAR'} = $year;
|
||||
$timesettings{'SETHOUR'} = $hour;
|
||||
$timesettings{'SETMINUTES'} = $minute;
|
||||
$_=$timesettings{'SETDAY'};
|
||||
$timesettings{'SETDAY'}=~ tr/ /0/;
|
||||
}
|
||||
|
||||
@@ -873,9 +873,9 @@ sub BuildConfiguration() {
|
||||
|
||||
# Restart the service.
|
||||
if (($settings{'TOR_ENABLED'} eq 'on') || ($settings{'TOR_RELAY_ENABLED'} eq 'on')) {
|
||||
system("/usr/local/bin/torctrl restart &>/dev/null");
|
||||
&General::system("/usr/local/bin/torctrl", "restart");
|
||||
} else {
|
||||
system("/usr/local/bin/torctrl stop &>/dev/null");
|
||||
&General::system("/usr/local/bin/torctrl", "stop");
|
||||
}
|
||||
# Update pid and memory
|
||||
daemonstats();
|
||||
|
||||
@@ -87,17 +87,17 @@ sub display_vnstat
|
||||
print"No data for $device !<br>";
|
||||
} else {
|
||||
# Summary
|
||||
system("/usr/bin/vnstati -c 1 -s -i $device -o /srv/web/ipfire/html/graphs/vnstat-s-$device.png");
|
||||
&General::system("/usr/bin/vnstati", "-c", "1", "-s", "-i", "$device", "-o", "/srv/web/ipfire/html/graphs/vnstat-s-$device.png");
|
||||
# 5-minute graphs
|
||||
system("/usr/bin/vnstati -c 1 -5 -i $device -o /srv/web/ipfire/html/graphs/vnstat-5-$device.png");
|
||||
&General::system("/usr/bin/vnstati", "-c", "1", "-5", "-i", "$device", "-o", "/srv/web/ipfire/html/graphs/vnstat-5-$device.png");
|
||||
# Hour graph
|
||||
system("/usr/bin/vnstati -c 1 -h -i $device -o /srv/web/ipfire/html/graphs/vnstat-h-$device.png");
|
||||
&General::system("/usr/bin/vnstati", "-c", "1", "-h", "-i", "$device", "-o", "/srv/web/ipfire/html/graphs/vnstat-h-$device.png");
|
||||
# Day graph
|
||||
system("/usr/bin/vnstati -c 1 -d -i $device -o /srv/web/ipfire/html/graphs/vnstat-d-$device.png");
|
||||
&General::system("/usr/bin/vnstati", "-c", "1", "-d", "-i", "$device", "-o", "/srv/web/ipfire/html/graphs/vnstat-d-$device.png");
|
||||
# Month graph
|
||||
system("/usr/bin/vnstati -c 1 -m -i $device -o /srv/web/ipfire/html/graphs/vnstat-m-$device.png");
|
||||
&General::system("/usr/bin/vnstati", "-c", "1", "-m", "-i", "$device", "-o", "/srv/web/ipfire/html/graphs/vnstat-m-$device.png");
|
||||
# Top10 graph
|
||||
system("/usr/bin/vnstati -c 1 -t -i $device -o /srv/web/ipfire/html/graphs/vnstat-t-$device.png");
|
||||
&General::system("/usr/bin/vnstati", "-c", "1", "-t", "-i", "$device", "-o", "/srv/web/ipfire/html/graphs/vnstat-t-$device.png");
|
||||
|
||||
# Generate HTML-Table with the graphs
|
||||
print <<END
|
||||
|
||||
@@ -192,33 +192,33 @@ if ($xlratorsettings{'ACTION'} eq $Lang::tr{'updxlrtr purge'})
|
||||
|
||||
if (($xlratorsettings{'REMOVE_NOSOURCE'} eq 'on') && ($status == $sfNoSource))
|
||||
{
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { system("rm -r $repository/$vendorid/$uuid"); }
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { &General::system("rm", "-r", "$repository/$vendorid/$uuid"); }
|
||||
}
|
||||
if (($xlratorsettings{'REMOVE_OUTDATED'} eq 'on') && ($status == $sfOutdated))
|
||||
{
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { system("rm -r $repository/$vendorid/$uuid"); }
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { &General::system("rm", "-r", "$repository/$vendorid/$uuid"); }
|
||||
}
|
||||
if ($xlratorsettings{'REMOVE_OBSOLETE'} eq 'on')
|
||||
{
|
||||
if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'week') && ($lastaccess < (time - 604800)))
|
||||
{
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { system("rm -r $repository/$vendorid/$uuid"); }
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { &General::system("rm", "-r", "$repository/$vendorid/$uuid"); }
|
||||
}
|
||||
if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'month1') && ($lastaccess < (time - 2505600)))
|
||||
{
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { system("rm -r $repository/$vendorid/$uuid"); }
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { &General::system("rm", "-r", "$repository/$vendorid/$uuid"); }
|
||||
}
|
||||
if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'month3') && ($lastaccess < (time - 7516800)))
|
||||
{
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { system("rm -r $repository/$vendorid/$uuid"); }
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { &General::system("rm", "-r", "$repository/$vendorid/$uuid"); }
|
||||
}
|
||||
if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'month6') && ($lastaccess < (time - 15033600)))
|
||||
{
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { system("rm -r $repository/$vendorid/$uuid"); }
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { &General::system("rm", "-r", "$repository/$vendorid/$uuid"); }
|
||||
}
|
||||
if (($xlratorsettings{'NOT_ACCESSED_LAST'} eq 'year') && ($lastaccess < (time - 31536000)))
|
||||
{
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { system("rm -r $repository/$vendorid/$uuid"); }
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { &General::system("rm", "-r", "$repository/$vendorid/$uuid"); }
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -266,7 +266,7 @@ if ($xlratorsettings{'ACTION'} eq $Lang::tr{'updxlrtr save and restart'})
|
||||
|
||||
&savesettings;
|
||||
|
||||
system('/usr/local/bin/squidctrl restart >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/squidctrl', 'restart');
|
||||
}
|
||||
|
||||
if ($xlratorsettings{'ACTION'} eq $Lang::tr{'updxlrtr remove file'})
|
||||
@@ -278,7 +278,7 @@ if ($xlratorsettings{'ACTION'} eq $Lang::tr{'updxlrtr remove file'})
|
||||
unless ($updatefile =~ /^download\//)
|
||||
{
|
||||
($vendorid,$uuid,$updatefile) = split('/',$updatefile);
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { system("rm -r $repository/$vendorid/$uuid"); }
|
||||
if (-e "$repository/$vendorid/$uuid/$updatefile") { &General::system("rm", "-r", "$repository/$vendorid/$uuid"); }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -295,16 +295,16 @@ if (($xlratorsettings{'ACTION'} eq $Lang::tr{'updxlrtr cancel download'}) || ($x
|
||||
&General::readhash("$repository/download/$vendorid/$updatefile.info", \%dlinfo);
|
||||
|
||||
$id = &getPID("\\s${General::swroot}/updatexlrator/bin/download\\s.*\\s".quotemeta($dlinfo{'SRCURL'})."\\s\\d\\s\\d\$");
|
||||
if ($id) { system("/bin/kill -9 $id"); }
|
||||
if ($id) { &General::system("/bin/kill", "-9", "$id"); }
|
||||
$id = &getPID("\\s/usr/bin/wget\\s.*\\s".quotemeta($dlinfo{'SRCURL'})."\$");
|
||||
if ($id) { system("/bin/kill -9 $id"); }
|
||||
if ($id) { &General::system("/bin/kill", "-9", "$id"); }
|
||||
|
||||
system("rm $repository/download/$vendorid/$updatefile.info");
|
||||
&General::system("rm", "$repository/download/$vendorid/$updatefile.info");
|
||||
}
|
||||
|
||||
if (-e "$repository/download/$vendorid/$updatefile")
|
||||
{
|
||||
system("rm $repository/download/$vendorid/$updatefile");
|
||||
&General::system("rm", "$repository/download/$vendorid/$updatefile");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1478,15 +1478,15 @@ sub savesettings
|
||||
|
||||
if (($xlratorsettings{'ENABLE_AUTOCHECK'} eq 'on') && ($xlratorsettings{'AUTOCHECK_SCHEDULE'} eq 'daily'))
|
||||
{
|
||||
system('/usr/local/bin/updxlratorctrl cron daily >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/updxlratorctrl', 'cron', 'daily');
|
||||
}
|
||||
if (($xlratorsettings{'ENABLE_AUTOCHECK'} eq 'on') && ($xlratorsettings{'AUTOCHECK_SCHEDULE'} eq 'weekly'))
|
||||
{
|
||||
system('/usr/local/bin/updxlratorctrl cron weekly >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/updxlratorctrl', 'cron', 'weekly');
|
||||
}
|
||||
if (($xlratorsettings{'ENABLE_AUTOCHECK'} eq 'on') && ($xlratorsettings{'AUTOCHECK_SCHEDULE'} eq 'monthly'))
|
||||
{
|
||||
system('/usr/local/bin/updxlratorctrl cron monthly >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/updxlratorctrl', 'cron', 'monthly');
|
||||
}
|
||||
|
||||
# don't save those variable to the settings file,
|
||||
|
||||
@@ -95,9 +95,9 @@ my $ldesc='';
|
||||
my $gdesc='';
|
||||
|
||||
if (! -d $dbdir) { mkdir("$dbdir"); }
|
||||
if (! -e $tcfile) { system("touch $tcfile"); }
|
||||
if (! -e $uqfile) { system("touch $uqfile"); }
|
||||
if (! -e $sourceurlfile) { system("touch $sourceurlfile"); }
|
||||
if (! -e $tcfile) { &General::system("touch", "$tcfile"); }
|
||||
if (! -e $uqfile) { &General::system("touch", "$uqfile"); }
|
||||
if (! -e $sourceurlfile) { &General::system("touch", "$sourceurlfile"); }
|
||||
|
||||
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
|
||||
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
|
||||
@@ -226,7 +226,7 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
|
||||
|
||||
if (!(-d "${General::swroot}/urlfilter/update")) { mkdir("${General::swroot}/urlfilter/update"); }
|
||||
|
||||
my $exitcode = system("/bin/tar --no-same-owner -xzf ${General::swroot}/urlfilter/blacklists.tar.gz -C ${General::swroot}/urlfilter/update");
|
||||
my $exitcode = &General::system("/bin/tar", "--no-same-owner", "-xzf", "${General::swroot}/urlfilter/blacklists.tar.gz", "-C", "${General::swroot}/urlfilter/update");
|
||||
|
||||
if ($exitcode > 0)
|
||||
{
|
||||
@@ -235,18 +235,19 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
|
||||
|
||||
if (-d "${General::swroot}/urlfilter/update/BL")
|
||||
{
|
||||
system("mv ${General::swroot}/urlfilter/update/BL ${General::swroot}/urlfilter/update/blacklists");
|
||||
&General::system("mv", "${General::swroot}/urlfilter/update/BL", "${General::swroot}/urlfilter/update/blacklists");
|
||||
}
|
||||
|
||||
if (-d "${General::swroot}/urlfilter/update/category")
|
||||
{
|
||||
system("mv ${General::swroot}/urlfilter/update/category ${General::swroot}/urlfilter/update/blacklists");
|
||||
&General::system("mv", "${General::swroot}/urlfilter/update/category", "${General::swroot}/urlfilter/update/blacklists");
|
||||
}
|
||||
|
||||
if (!(-d "${General::swroot}/urlfilter/update/blacklists"))
|
||||
{
|
||||
$errormessage = $Lang::tr{'urlfilter invalid content'};
|
||||
} else {
|
||||
# XXX Uses globbing
|
||||
system("cp -r ${General::swroot}/urlfilter/update/blacklists/* $dbdir");
|
||||
|
||||
&readblockcategories;
|
||||
@@ -255,11 +256,11 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
|
||||
&writeconfigfile;
|
||||
|
||||
$updatemessage = $Lang::tr{'urlfilter upload success'};
|
||||
system("${General::swroot}/urlfilter/bin/prebuild.pl &");
|
||||
system("logger -t installpackage[urlfilter] \"URL filter blacklist - Blacklist update from local source completed\"");
|
||||
&General::system_background("${General::swroot}/urlfilter/bin/prebuild.pl");
|
||||
&General::system("logger", "-t", "installpackage[urlfilter]", "URL filter blacklist - Blacklist update from local source completed");
|
||||
}
|
||||
}
|
||||
if (-d "${General::swroot}/urlfilter/update") { system("rm -rf ${General::swroot}/urlfilter/update"); }
|
||||
if (-d "${General::swroot}/urlfilter/update") { &General::system("rm", "-rf", "${General::swroot}/urlfilter/update"); }
|
||||
if (-e "${General::swroot}/urlfilter/blacklists.tar.gz") { unlink("${General::swroot}/urlfilter/blacklists.tar.gz"); }
|
||||
if ($errormessage) { goto ERROR; }
|
||||
}
|
||||
@@ -267,7 +268,7 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
|
||||
if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter backup'})
|
||||
{
|
||||
$blistbackup = ($filtersettings{'ENABLE_FULLBACKUP'} eq 'on') ? "blacklists" : "blacklists/custom";
|
||||
if (system("/bin/tar -C ${General::swroot}/urlfilter -czf ${General::swroot}/urlfilter/backup.tar.gz settings timeconst userquota autoupdate $blistbackup"))
|
||||
if (&General::system("/bin/tar", "-C", "${General::swroot}/urlfilter", "-czf", "${General::swroot}/urlfilter/backup.tar.gz", "settings", "timeconst", "userquota", "autoupdate", "$blistbackup"))
|
||||
{
|
||||
$errormessage = $Lang::tr{'urlfilter backup error'};
|
||||
goto ERROR;
|
||||
@@ -306,7 +307,7 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
|
||||
$errormessage = $!;
|
||||
}
|
||||
|
||||
my $exitcode = system("/bin/tar --no-same-owner --preserve-permissions -xzf ${General::swroot}/urlfilter/backup.tar.gz -C ${General::swroot}/urlfilter/restore");
|
||||
my $exitcode = &General::system("/bin/tar", "--no-same-owner", "--preserve-permissions", "-xzf", "${General::swroot}/urlfilter/backup.tar.gz", "-C", "${General::swroot}/urlfilter/restore");
|
||||
if ($exitcode > 0)
|
||||
{
|
||||
$errormessage = $Lang::tr{'urlfilter tar error'};
|
||||
@@ -315,6 +316,7 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
|
||||
{
|
||||
$errormessage = $Lang::tr{'urlfilter invalid restore file'};
|
||||
} else {
|
||||
# XXX uses globbing
|
||||
system("cp -rp ${General::swroot}/urlfilter/restore/* ${General::swroot}/urlfilter/");
|
||||
&readblockcategories;
|
||||
&readcustomlists;
|
||||
@@ -325,7 +327,7 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
|
||||
}
|
||||
|
||||
if (-e "${General::swroot}/urlfilter/backup.tar.gz") { unlink("${General::swroot}/urlfilter/backup.tar.gz"); }
|
||||
if (-d "${General::swroot}/urlfilter/restore") { system("rm -rf ${General::swroot}/urlfilter/restore"); }
|
||||
if (-d "${General::swroot}/urlfilter/restore") { &General::system("rm", "-rf", "${General::swroot}/urlfilter/restore"); }
|
||||
if ($errormessage) { goto ERROR; }
|
||||
}
|
||||
|
||||
@@ -351,7 +353,7 @@ if (($filtersettings{'ACTION'} eq $Lang::tr{'save'}) ||
|
||||
$filtersettings{'VALID'} = 'yes';
|
||||
&savesettings;
|
||||
|
||||
system('/usr/local/bin/squidctrl restart >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/squidctrl', 'restart');
|
||||
}
|
||||
}
|
||||
|
||||
@@ -485,7 +487,7 @@ if (($tcsettings{'MODE'} eq 'TIMECONSTRAINT') && ($tcsettings{'ACTION'} eq $Lang
|
||||
$errormessage = $Lang::tr{'urlfilter web proxy service required'};
|
||||
}
|
||||
|
||||
if (!$errormessage) { system('/usr/local/bin/squidctrl restart >/dev/null 2>&1'); }
|
||||
if (!$errormessage) { &General::system('/usr/local/bin/squidctrl', 'restart'); }
|
||||
$tcsettings{'TCMODE'}='on';
|
||||
}
|
||||
|
||||
@@ -688,7 +690,7 @@ if (($uqsettings{'MODE'} eq 'USERQUOTA') && ($uqsettings{'ACTION'} eq $Lang::tr{
|
||||
$errormessage = $Lang::tr{'urlfilter web proxy service required'};
|
||||
}
|
||||
|
||||
if (!$errormessage) { system('/usr/local/bin/squidctrl restart >/dev/null 2>&1'); }
|
||||
if (!$errormessage) { &General::system('/usr/local/bin/squidctrl', 'restart'); }
|
||||
$uqsettings{'UQMODE'}='on';
|
||||
}
|
||||
|
||||
@@ -772,7 +774,7 @@ if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter import blacklist'}) && ($bese
|
||||
$errormessage = $!;
|
||||
} else {
|
||||
|
||||
my $exitcode = system("/bin/tar --no-same-owner --preserve-permissions -xzf $editdir/blacklist.tar.gz -C $editdir");
|
||||
my $exitcode = &General::system("/bin/tar", "--no-same-owner", "--preserve-permissions", "-xzf", "$editdir/blacklist.tar.gz", "-C", "$editdir");
|
||||
if ($exitcode > 0)
|
||||
{
|
||||
$errormessage = $Lang::tr{'urlfilter tar error'};
|
||||
@@ -819,7 +821,7 @@ if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter import blacklist'}) && ($bese
|
||||
}
|
||||
}
|
||||
|
||||
if (-d $editdir) { system("rm -rf $editdir"); }
|
||||
if (-d $editdir) { &General::system("rm", "-rf", "$editdir"); }
|
||||
|
||||
}
|
||||
}
|
||||
@@ -853,7 +855,7 @@ if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter export blacklist'}) && ($bese
|
||||
print FILE "$besettings{'BE_EXPRESSIONS'}\n";
|
||||
close FILE;
|
||||
|
||||
if (system("/bin/tar -C $editdir -czf $editdir/$besettings{'BE_NAME'}.tar.gz blacklists"))
|
||||
if (&General::system("/bin/tar", "-C", "$editdir", "-czf", "$editdir/$besettings{'BE_NAME'}.tar.gz", "blacklists"))
|
||||
{
|
||||
$errormessage = $Lang::tr{'urlfilter export error'};
|
||||
}
|
||||
@@ -869,7 +871,7 @@ if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter export blacklist'}) && ($bese
|
||||
while (<FILE>) { print; }
|
||||
close (FILE);
|
||||
|
||||
if (-d $editdir) { system("rm -rf $editdir"); }
|
||||
if (-d $editdir) { &General::system("rm", "-rf", "$editdir"); }
|
||||
exit;
|
||||
}
|
||||
} else {
|
||||
@@ -933,8 +935,10 @@ if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter install blacklist'}) && ($bes
|
||||
print FILE "}\n";
|
||||
close FILE;
|
||||
|
||||
# XXX uses globbing
|
||||
system("rm -f $dbdir/$besettings{'BE_NAME'}/*.db");
|
||||
system("/usr/bin/squidGuard -c $editdir/install.conf -C all");
|
||||
&General::system("/usr/bin/squidGuard", "-c", "$editdir/install.conf", "-C", "all");
|
||||
# XXX uses globbing
|
||||
system("chmod a+w $dbdir/$besettings{'BE_NAME'}/*.db");
|
||||
|
||||
&readblockcategories;
|
||||
@@ -942,9 +946,9 @@ if (($besettings{'ACTION'} eq $Lang::tr{'urlfilter install blacklist'}) && ($bes
|
||||
|
||||
&writeconfigfile;
|
||||
|
||||
system('/usr/local/bin/squidctrl restart >/dev/null 2>&1') unless ($besettings{'NORESTART'} eq 'on');
|
||||
&General::system('/usr/local/bin/squidctrl', 'restart') unless ($besettings{'NORESTART'} eq 'on');
|
||||
|
||||
if (-d $editdir) { system("rm -rf $editdir"); }
|
||||
if (-d $editdir) { &General::system("rm", "-rf", "$editdir"); }
|
||||
} else {
|
||||
$errormessage = $Lang::tr{'urlfilter category data error'};
|
||||
}
|
||||
@@ -966,17 +970,17 @@ if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter save schedule'})
|
||||
|
||||
if (($filtersettings{'ENABLE_AUTOUPDATE'} eq 'on') && ($filtersettings{'UPDATE_SCHEDULE'} eq 'daily'))
|
||||
{
|
||||
system('/usr/local/bin/urlfilterctrl cron daily >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/urlfilterctrl', 'cron', 'daily');
|
||||
}
|
||||
|
||||
if (($filtersettings{'ENABLE_AUTOUPDATE'} eq 'on') && ($filtersettings{'UPDATE_SCHEDULE'} eq 'weekly'))
|
||||
{
|
||||
system('/usr/local/bin/urlfilterctrl cron weekly >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/urlfilterctrl', 'cron', 'weekly');
|
||||
}
|
||||
|
||||
if (($filtersettings{'ENABLE_AUTOUPDATE'} eq 'on') && ($filtersettings{'UPDATE_SCHEDULE'} eq 'monthly'))
|
||||
{
|
||||
system('/usr/local/bin/urlfilterctrl cron monthly >/dev/null 2>&1');
|
||||
&General::system('/usr/local/bin/urlfilterctrl', 'cron', 'monthly');
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -989,10 +993,10 @@ if ($filtersettings{'ACTION'} eq $Lang::tr{'urlfilter update now'})
|
||||
{
|
||||
$errormessage = $Lang::tr{'urlfilter custom url required'};
|
||||
} else {
|
||||
system("${General::swroot}/urlfilter/bin/autoupdate.pl $filtersettings{'CUSTOM_UPDATE_URL'} &");
|
||||
&General::system_background("${General::swroot}/urlfilter/bin/autoupdate.pl", "$filtersettings{'CUSTOM_UPDATE_URL'}");
|
||||
}
|
||||
} else {
|
||||
system("${General::swroot}/urlfilter/bin/autoupdate.pl $filtersettings{'UPDATE_SOURCE'} &");
|
||||
&General::system_background("${General::swroot}/urlfilter/bin/autoupdate.pl", "$filtersettings{'UPDATE_SOURCE'}");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2533,11 +2537,11 @@ sub savesettings
|
||||
delete $filtersettings{'BACKGROUND'};
|
||||
delete $filtersettings{'UPDATEFILE'};
|
||||
|
||||
system("chown -R nobody.nobody $dbdir");
|
||||
system('/usr/bin/squidGuard -C custom/allowed/domains >/dev/null 2>&1');
|
||||
system('/usr/bin/squidGuard -C custom/allowed/urls >/dev/null 2>&1');
|
||||
system('/usr/bin/squidGuard -C custom/blocked/domains >/dev/null 2>&1');
|
||||
system('/usr/bin/squidGuard -C custom/blocked/urls >/dev/null 2>&1 ');
|
||||
&General::system("chown", "-R", "nobody.nobody", "$dbdir");
|
||||
&General::system('/usr/bin/squidGuard', '-C', 'custom/allowed/domains');
|
||||
&General::system('/usr/bin/squidGuard', '-C', 'custom/allowed/urls');
|
||||
&General::system('/usr/bin/squidGuard', '-C', 'custom/blocked/domains');
|
||||
&General::system('/usr/bin/squidGuard', '-C', 'custom/blocked/urls');
|
||||
&setpermissions ($dbdir);
|
||||
|
||||
&General::writehash("${General::swroot}/urlfilter/settings", \%filtersettings);
|
||||
@@ -2694,12 +2698,13 @@ sub setpermissions
|
||||
foreach $category (<$bldir/*>)
|
||||
{
|
||||
if (-d $category){
|
||||
system("chmod 755 $category &> /dev/null");
|
||||
&General::system("chmod", "755", "$category");
|
||||
foreach $blacklist (<$category/*>)
|
||||
{
|
||||
if (-f $blacklist) { system("chmod 644 $blacklist &> /dev/null"); }
|
||||
if (-d $blacklist) { system("chmod 755 $blacklist &> /dev/null"); }
|
||||
if (-f $blacklist) { &General::system("chmod", "644", "$blacklist"); }
|
||||
if (-d $blacklist) { &General::system("chmod", "755", "$blacklist"); }
|
||||
}
|
||||
# XXX uses globbing
|
||||
system("chmod 666 $category/*.db &> /dev/null");
|
||||
&setpermissions ($category);
|
||||
}
|
||||
|
||||
@@ -208,10 +208,12 @@ sub newcleanssldatabase {
|
||||
close FILE;
|
||||
}
|
||||
if (! -s ">${General::swroot}/certs/index.txt") {
|
||||
system ("touch ${General::swroot}/certs/index.txt");
|
||||
open(FILE, ">${General::swroot}/certs/index.txt");
|
||||
close(FILE);
|
||||
}
|
||||
if (! -s ">${General::swroot}/certs/index.txt.attr") {
|
||||
system ("touch ${General::swroot}/certs/index.txt.attr");
|
||||
open(FILE, ">${General::swroot}/certs/index.txt.attr");
|
||||
close(FILE);
|
||||
}
|
||||
unlink ("${General::swroot}/certs/index.txt.old");
|
||||
unlink ("${General::swroot}/certs/index.txt.attr.old");
|
||||
@@ -224,9 +226,13 @@ sub newcleanssldatabase {
|
||||
###
|
||||
sub callssl ($) {
|
||||
my $opt = shift;
|
||||
my $retssl = `/usr/bin/openssl $opt 2>&1`; #redirect stderr
|
||||
|
||||
# Split the given argument string into single pieces and assign them to an array.
|
||||
my @opts = split(/ /, $opt);
|
||||
|
||||
my @retssl = &General::system_output("/usr/bin/openssl", @opts); #redirect stderr
|
||||
my $ret = '';
|
||||
foreach my $line (split (/\n/, $retssl)) {
|
||||
foreach my $line (split (/\n/, @retssl)) {
|
||||
&General::log("ipsec", "$line") if (0); # 1 for verbose logging
|
||||
$ret .= '<br>'.$line if ( $line =~ /error|unknown/ );
|
||||
}
|
||||
@@ -240,13 +246,21 @@ sub callssl ($) {
|
||||
###
|
||||
sub getCNfromcert ($) {
|
||||
#&General::log("ipsec", "Extracting name from $_[0]...");
|
||||
my $temp = `/usr/bin/openssl x509 -text -in $_[0]`;
|
||||
$temp =~ /Subject:.*CN = (.*)[\n]/;
|
||||
$temp = $1;
|
||||
$temp =~ s+/Email+, E+;
|
||||
$temp =~ s/ ST = / S = /;
|
||||
$temp =~ s/,//g;
|
||||
$temp =~ s/\'//g;
|
||||
my @temp = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "$_[0]");
|
||||
my $temp;
|
||||
|
||||
foreach my $line (@temp) {
|
||||
if ($line =~ /Subject:.*CN = (.*)[\n]/) {
|
||||
$temp = $1;
|
||||
$temp =~ s+/Email+, E+;
|
||||
$temp =~ s/ ST = / S = /;
|
||||
$temp =~ s/,//g;
|
||||
$temp =~ s/\'//g;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
return $temp;
|
||||
}
|
||||
###
|
||||
@@ -254,11 +268,19 @@ sub getCNfromcert ($) {
|
||||
###
|
||||
sub getsubjectfromcert ($) {
|
||||
#&General::log("ipsec", "Extracting subject from $_[0]...");
|
||||
my $temp = `/usr/bin/openssl x509 -text -in $_[0]`;
|
||||
$temp =~ /Subject: (.*)[\n]/;
|
||||
$temp = $1;
|
||||
$temp =~ s+/Email+, E+;
|
||||
$temp =~ s/ ST = / S = /;
|
||||
my @temp = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "$_[0]");
|
||||
my $temp;
|
||||
|
||||
foreach my $line (@temp) {
|
||||
if($line =~ /Subject: (.*)[\n]/) {
|
||||
$temp = $1;
|
||||
$temp =~ s+/Email+, E+;
|
||||
$temp =~ s/ ST = / S = /;
|
||||
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
return $temp;
|
||||
}
|
||||
###
|
||||
@@ -568,9 +590,9 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
|
||||
&General::writehash("${General::swroot}/vpn/settings", \%vpnsettings);
|
||||
&writeipsecfiles();
|
||||
if (&vpnenabled) {
|
||||
system('/usr/local/bin/ipsecctrl', 'S');
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'S');
|
||||
} else {
|
||||
system('/usr/local/bin/ipsecctrl', 'D');
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'D');
|
||||
}
|
||||
sleep $sleepDelay;
|
||||
SAVE_ERROR:
|
||||
@@ -595,7 +617,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
|
||||
}
|
||||
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
|
||||
&writeipsecfiles();
|
||||
system('/usr/local/bin/ipsecctrl', 'R');
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'R');
|
||||
sleep $sleepDelay;
|
||||
|
||||
###
|
||||
@@ -667,8 +689,8 @@ END
|
||||
$errormessage = $!;
|
||||
goto UPLOADCA_ERROR;
|
||||
}
|
||||
my $temp = `/usr/bin/openssl x509 -text -in $filename`;
|
||||
if ($temp !~ /CA:TRUE/i) {
|
||||
my @temp = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "$filename");
|
||||
if (! grep(/CA:TRUE/, @temp)) {
|
||||
$errormessage = $Lang::tr{'not a valid ca certificate'};
|
||||
unlink ($filename);
|
||||
goto UPLOADCA_ERROR;
|
||||
@@ -686,7 +708,7 @@ END
|
||||
$cahash{$key}[1] = &Header::cleanhtml(getsubjectfromcert ("${General::swroot}/ca/$cgiparams{'CA_NAME'}cert.pem"));
|
||||
&General::writehasharray("${General::swroot}/vpn/caconfig", \%cahash);
|
||||
|
||||
system('/usr/local/bin/ipsecctrl', 'R');
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'R');
|
||||
sleep $sleepDelay;
|
||||
|
||||
UPLOADCA_ERROR:
|
||||
@@ -702,9 +724,9 @@ END
|
||||
&Header::openpage($Lang::tr{'ipsec'}, 1, '');
|
||||
&Header::openbigbox('100%', 'left', '', '');
|
||||
&Header::openbox('100%', 'left', "$Lang::tr{'ca certificate'}:");
|
||||
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
my @output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
|
||||
@output = &Header::cleanhtml(@output,"y");
|
||||
print "<pre>@output</pre>\n";
|
||||
&Header::closebox();
|
||||
print "<div align='center'><a href='/cgi-bin/vpnmain.cgi'>$Lang::tr{'back'}</a></div>";
|
||||
&Header::closebigbox();
|
||||
@@ -724,7 +746,9 @@ END
|
||||
print "Content-Type: application/force-download\n";
|
||||
print "Content-Type: application/octet-stream\r\n";
|
||||
print "Content-Disposition: attachment; filename=$cahash{$cgiparams{'KEY'}}[0]cert.pem\r\n\r\n";
|
||||
print `/usr/bin/openssl x509 -in ${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
|
||||
|
||||
my @cert = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
|
||||
print "@cert";
|
||||
exit(0);
|
||||
} else {
|
||||
$errormessage = $Lang::tr{'invalid key'};
|
||||
@@ -739,21 +763,21 @@ END
|
||||
|
||||
if ( -f "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
|
||||
foreach my $key (keys %confighash) {
|
||||
my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/certs/$confighash{$key}[1]cert.pem`;
|
||||
if ($test =~ /: OK/) {
|
||||
my @test = &General::system_output("/usr/bin/openssl", "verify", "-CAfile", "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem", "${General::swroot}/certs/$confighash{$key}[1]cert.pem");
|
||||
if (grep(/: OK/, @test)) {
|
||||
# Delete connection
|
||||
unlink ("${General::swroot}/certs/$confighash{$key}[1]cert.pem");
|
||||
unlink ("${General::swroot}/certs/$confighash{$key}[1].p12");
|
||||
delete $confighash{$key};
|
||||
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
|
||||
&writeipsecfiles();
|
||||
system('/usr/local/bin/ipsecctrl', 'D', $key) if (&vpnenabled);
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'D', $key) if (&vpnenabled);
|
||||
}
|
||||
}
|
||||
unlink ("${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
|
||||
delete $cahash{$cgiparams{'KEY'}};
|
||||
&General::writehasharray("${General::swroot}/vpn/caconfig", \%cahash);
|
||||
system('/usr/local/bin/ipsecctrl', 'R');
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'R');
|
||||
sleep $sleepDelay;
|
||||
} else {
|
||||
$errormessage = $Lang::tr{'invalid key'};
|
||||
@@ -768,8 +792,8 @@ END
|
||||
my $assignedcerts = 0;
|
||||
if ( -f "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem" ) {
|
||||
foreach my $key (keys %confighash) {
|
||||
my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem ${General::swroot}/certs/$confighash{$key}[1]cert.pem`;
|
||||
if ($test =~ /: OK/) {
|
||||
my @test = &General::system_output("/usr/bin/openssl", "verify", "-CAfile", "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem", "${General::swroot}/certs/$confighash{$key}[1]cert.pem");
|
||||
if (grep(/: OK/, @test)) {
|
||||
$assignedcerts++;
|
||||
}
|
||||
}
|
||||
@@ -805,7 +829,7 @@ END
|
||||
unlink ("${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
|
||||
delete $cahash{$cgiparams{'KEY'}};
|
||||
&General::writehasharray("${General::swroot}/vpn/caconfig", \%cahash);
|
||||
system('/usr/local/bin/ipsecctrl', 'R');
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'R');
|
||||
sleep $sleepDelay;
|
||||
}
|
||||
} else {
|
||||
@@ -817,19 +841,19 @@ END
|
||||
###
|
||||
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'} ||
|
||||
$cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
|
||||
my $output;
|
||||
my @output;
|
||||
&Header::showhttpheaders();
|
||||
&Header::openpage($Lang::tr{'ipsec'}, 1, '');
|
||||
&Header::openbigbox('100%', 'left', '', '');
|
||||
if ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'}) {
|
||||
&Header::openbox('100%', 'left', "$Lang::tr{'root certificate'}:");
|
||||
$output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ca/cacert.pem`;
|
||||
@output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ca/cacert.pem");
|
||||
} else {
|
||||
&Header::openbox('100%', 'left', "$Lang::tr{'host certificate'}:");
|
||||
$output = `/usr/bin/openssl x509 -text -in ${General::swroot}/certs/hostcert.pem`;
|
||||
@output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/certs/hostcert.pem");
|
||||
}
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
@output = &Header::cleanhtml(@output,"y");
|
||||
print "<pre>@output</pre>\n";
|
||||
&Header::closebox();
|
||||
print "<div align='center'><a href='/cgi-bin/vpnmain.cgi'>$Lang::tr{'back'}</a></div>";
|
||||
&Header::closebigbox();
|
||||
@@ -843,7 +867,9 @@ END
|
||||
if ( -f "${General::swroot}/ca/cacert.pem" ) {
|
||||
print "Content-Type: application/force-download\n";
|
||||
print "Content-Disposition: attachment; filename=cacert.pem\r\n\r\n";
|
||||
print `/usr/bin/openssl x509 -in ${General::swroot}/ca/cacert.pem`;
|
||||
|
||||
my @cert = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/ca/cacert.pem");
|
||||
print "@cert";
|
||||
exit(0);
|
||||
}
|
||||
###
|
||||
@@ -853,7 +879,9 @@ END
|
||||
if ( -f "${General::swroot}/certs/hostcert.pem" ) {
|
||||
print "Content-Type: application/force-download\n";
|
||||
print "Content-Disposition: attachment; filename=hostcert.pem\r\n\r\n";
|
||||
print `/usr/bin/openssl x509 -in ${General::swroot}/certs/hostcert.pem`;
|
||||
|
||||
my @cert = &General::system_output("/usr/bin/openssl", "x509", "-in", "${General::swroot}/certs/hostcert.pem");
|
||||
print "@cert";
|
||||
exit(0);
|
||||
}
|
||||
###
|
||||
@@ -1216,7 +1244,7 @@ END
|
||||
|
||||
ROOTCERT_SUCCESS:
|
||||
if (&vpnenabled) {
|
||||
system('/usr/local/bin/ipsecctrl', 'S');
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'S');
|
||||
sleep $sleepDelay;
|
||||
}
|
||||
ROOTCERT_SKIP:
|
||||
@@ -1228,7 +1256,12 @@ END
|
||||
print "Content-Type: application/force-download\n";
|
||||
print "Content-Disposition: attachment; filename=" . $confighash{$cgiparams{'KEY'}}[1] . ".p12\r\n";
|
||||
print "Content-Type: application/octet-stream\r\n\r\n";
|
||||
print `/bin/cat ${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1].p12`;
|
||||
|
||||
open(FILE, "${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
|
||||
my @p12 = <FILE>;
|
||||
close(FILE);
|
||||
print "@file";
|
||||
|
||||
exit (0);
|
||||
|
||||
# Export Apple profile to browser
|
||||
@@ -1507,9 +1540,9 @@ END
|
||||
&Header::openpage($Lang::tr{'ipsec'}, 1, '');
|
||||
&Header::openbigbox('100%', 'left', '', '');
|
||||
&Header::openbox('100%', 'left', "$Lang::tr{'cert'}:");
|
||||
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
|
||||
$output = &Header::cleanhtml($output,"y");
|
||||
print "<pre>$output</pre>\n";
|
||||
my @output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
|
||||
@output = &Header::cleanhtml(@output,"y");
|
||||
print "<pre>@output</pre>\n";
|
||||
&Header::closebox();
|
||||
print "<div align='center'><a href='/cgi-bin/vpnmain.cgi'>$Lang::tr{'back'}</a></div>";
|
||||
&Header::closebigbox();
|
||||
@@ -1526,7 +1559,12 @@ END
|
||||
if ( -f "${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
|
||||
print "Content-Type: application/force-download\n";
|
||||
print "Content-Disposition: attachment; filename=" . $confighash{$cgiparams{'KEY'}}[1] . "cert.pem\n\n";
|
||||
print `/bin/cat ${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
|
||||
|
||||
open(FILE, "${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
|
||||
my @pem = <FILE>;
|
||||
close(FILE);
|
||||
print "@pem";
|
||||
|
||||
exit (0);
|
||||
}
|
||||
|
||||
@@ -1543,12 +1581,12 @@ END
|
||||
$confighash{$cgiparams{'KEY'}}[0] = 'on';
|
||||
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
|
||||
&writeipsecfiles();
|
||||
system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'}) if (&vpnenabled);
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'}) if (&vpnenabled);
|
||||
} else {
|
||||
$confighash{$cgiparams{'KEY'}}[0] = 'off';
|
||||
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
|
||||
&writeipsecfiles();
|
||||
system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'}) if (&vpnenabled);
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'}) if (&vpnenabled);
|
||||
}
|
||||
sleep $sleepDelay;
|
||||
} else {
|
||||
@@ -1564,7 +1602,7 @@ END
|
||||
|
||||
if ($confighash{$cgiparams{'KEY'}}) {
|
||||
if (&vpnenabled) {
|
||||
system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
|
||||
sleep $sleepDelay;
|
||||
}
|
||||
} else {
|
||||
@@ -1584,7 +1622,7 @@ END
|
||||
delete $confighash{$cgiparams{'KEY'}};
|
||||
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
|
||||
&writeipsecfiles();
|
||||
system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'}) if (&vpnenabled);
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'}) if (&vpnenabled);
|
||||
} else {
|
||||
$errormessage = $Lang::tr{'invalid key'};
|
||||
}
|
||||
@@ -1952,8 +1990,8 @@ END
|
||||
unshift (@names,$cahash{$x}[0]);
|
||||
}
|
||||
if ($casubject) { # a new one!
|
||||
my $temp = `/usr/bin/openssl x509 -text -in /tmp/newcacert`;
|
||||
if ($temp !~ /CA:TRUE/i) {
|
||||
my @temp = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "/tmp/newcacert");
|
||||
if (! grep(/CA:TRUE/, @temp)) {
|
||||
$errormessage = $Lang::tr{'not a valid ca certificate'};
|
||||
} else {
|
||||
#compute a name for it
|
||||
@@ -1968,7 +2006,7 @@ END
|
||||
$cahash{$key}[0] = $cgiparams{'CA_NAME'};
|
||||
$cahash{$key}[1] = $casubject;
|
||||
&General::writehasharray("${General::swroot}/vpn/caconfig", \%cahash);
|
||||
system('/usr/local/bin/ipsecctrl', 'R');
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'R');
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -2008,12 +2046,12 @@ END
|
||||
# Verify the certificate has a valid CA and move it
|
||||
&General::log("ipsec", "Validating imported cert against our known CA...");
|
||||
my $validca = 1; #assume ok
|
||||
my $test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ca/cacert.pem $filename`;
|
||||
if ($test !~ /: OK/) {
|
||||
my @test = &General::system_output("/usr/bin/openssl", "verify", "-CAfile", "${General::swroot}/ca/cacert.pem", "$filename");
|
||||
if (! grep(/: OK/, @test)) {
|
||||
my $validca = 0;
|
||||
foreach my $key (keys %cahash) {
|
||||
$test = `/usr/bin/openssl verify -CAfile ${General::swroot}/ca/$cahash{$key}[0]cert.pem $filename`;
|
||||
if ($test =~ /: OK/) {
|
||||
@test = &General::system_output("/usr/bin/openssl", "verify", "-CAfile", "${General::swroot}/ca/$cahash{$key}[0]cert.pem", "$filename");
|
||||
if (grep(/: OK/, @test)) {
|
||||
$validca = 1;
|
||||
last;
|
||||
}
|
||||
@@ -2276,7 +2314,7 @@ END
|
||||
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
|
||||
&writeipsecfiles();
|
||||
if (&vpnenabled) {
|
||||
system('/usr/local/bin/ipsecctrl', 'S', $key);
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'S', $key);
|
||||
sleep $sleepDelay;
|
||||
}
|
||||
if ($cgiparams{'EDIT_ADVANCED'} eq 'on') {
|
||||
@@ -2822,7 +2860,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
|
||||
&General::writehasharray("${General::swroot}/vpn/config", \%confighash);
|
||||
&writeipsecfiles();
|
||||
if (&vpnenabled) {
|
||||
system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
|
||||
&General::system('/usr/local/bin/ipsecctrl', 'S', $cgiparams{'KEY'});
|
||||
sleep $sleepDelay;
|
||||
}
|
||||
goto ADVANCED_END;
|
||||
@@ -3271,7 +3309,7 @@ EOF
|
||||
&General::readhasharray("${General::swroot}/vpn/config", \%confighash);
|
||||
$cgiparams{'CA_NAME'} = '';
|
||||
|
||||
my @status = `/usr/local/bin/ipsecctrl I 2>/dev/null`;
|
||||
my @status = &General::system_output("/usr/local/bin/ipsecctrl", "I");
|
||||
|
||||
$checked{'ENABLED'} = $cgiparams{'ENABLED'} eq 'on' ? "checked='checked'" : '';
|
||||
|
||||
|
||||
@@ -171,7 +171,7 @@ if ( $cgiparams{'ACTION'} eq 'wakeup' )
|
||||
|
||||
undef %cgiparams;
|
||||
|
||||
system("/usr/sbin/etherwake -i $iface $mac");
|
||||
&General::system("/usr/sbin/etherwake", "-i", "$iface", "$mac");
|
||||
|
||||
# make a box with info, 'refresh' to normal screen after 5 seconds
|
||||
if ( $refresh eq 'yes' )
|
||||
|
||||
@@ -86,7 +86,7 @@ if (($cgiparams{'ACTION'} eq 'submit') && ($is_supervisor))
|
||||
((defined($proxysettings{'SUPERVISOR_PASSWORD'})) && ($proxysettings{'SUPERVISOR_PASSWORD'} eq '')))
|
||||
{
|
||||
&write_acl;
|
||||
system("/usr/local/bin/squidctrl restart >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/squidctrl", "restart");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -133,7 +133,7 @@ ADDERROR:
|
||||
close(FILE);
|
||||
undef %cgiparams;
|
||||
&General::log($Lang::tr{'wireless config added'});
|
||||
system('/usr/local/bin/wirelessctrl');
|
||||
&General::system('/usr/local/bin/wirelessctrl');
|
||||
}
|
||||
ADDEXIT:
|
||||
}
|
||||
@@ -157,7 +157,7 @@ if ($cgiparams{'ACTION'} eq 'edit')
|
||||
}
|
||||
}
|
||||
&General::log($Lang::tr{'wireless config changed'});
|
||||
system('/usr/local/bin/wirelessctrl');
|
||||
&General::system('/usr/local/bin/wirelessctrl');
|
||||
}
|
||||
|
||||
if ($cgiparams{'ACTION'} eq 'remove' || $cgiparams{'ACTION'} eq 'toggle')
|
||||
@@ -178,7 +178,7 @@ if ($cgiparams{'ACTION'} eq 'remove' || $cgiparams{'ACTION'} eq 'toggle')
|
||||
}
|
||||
close(FILE);
|
||||
&General::log($Lang::tr{'wireless config changed'});
|
||||
system('/usr/local/bin/wirelessctrl');
|
||||
&General::system('/usr/local/bin/wirelessctrl');
|
||||
}
|
||||
|
||||
|
||||
@@ -277,7 +277,7 @@ my @curhosts = <HOSTFILE>;
|
||||
close (HOSTFILE);
|
||||
|
||||
my $connstate = &Header::connectionstatus();
|
||||
my @arp = `/sbin/arp -n`;
|
||||
my @arp = &General::system_output("/sbin/arp", "-n");
|
||||
shift @arp;
|
||||
|
||||
foreach my $line (@current)
|
||||
|
||||
@@ -796,7 +796,7 @@ END
|
||||
}
|
||||
|
||||
sub BuildConfiguration() {
|
||||
system("/usr/local/bin/wirelessclient restart");
|
||||
&General::system("/usr/local/bin/wirelessclient", "restart");
|
||||
}
|
||||
|
||||
sub NextID() {
|
||||
|
||||
@@ -148,16 +148,16 @@ if ( $wlanapsettings{'ACTION'} eq "$Lang::tr{'save'}" ){
|
||||
&General::writehash("/var/ipfire/wlanap/settings", \%wlanapsettings);
|
||||
&WriteConfig_hostapd();
|
||||
|
||||
system("/usr/local/bin/wlanapctrl restart >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/wlanapctrl", "restart");
|
||||
pid();
|
||||
}
|
||||
}elsif ( $wlanapsettings{'ACTION'} eq "$Lang::tr{'wlanap interface'}" ){
|
||||
&General::writehash("/var/ipfire/wlanap/settings", \%wlanapsettings);
|
||||
}elsif ( ($wlanapsettings{'ACTION'} eq "$Lang::tr{'start'}") && ($memory == 0) ){
|
||||
system("/usr/local/bin/wlanapctrl start >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/wlanapctrl", "start");
|
||||
pid();
|
||||
}elsif ( $wlanapsettings{'ACTION'} eq "$Lang::tr{'stop'}" ){
|
||||
system("/usr/local/bin/wlanapctrl stop >/dev/null 2>&1");
|
||||
&General::system("/usr/local/bin/wlanapctrl", "stop");
|
||||
$memory=0;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user