diff --git a/config/menu/40-services.menu b/config/menu/40-services.menu index 9901e8f3f..2f4d96e73 100644 --- a/config/menu/40-services.menu +++ b/config/menu/40-services.menu @@ -1,5 +1,5 @@ $subservices->{'10.ipsec'} = { - 'caption' => 'IPSec', + 'caption' => $Lang::tr{'ipsec'}, 'uri' => '/cgi-bin/vpnmain.cgi', 'title' => "$Lang::tr{'virtual private networking'}", 'enabled' => 1, diff --git a/config/menu/50-firewall.menu b/config/menu/50-firewall.menu index 8bc66f912..ce6fd9d8d 100644 --- a/config/menu/50-firewall.menu +++ b/config/menu/50-firewall.menu @@ -17,7 +17,7 @@ 'enabled' => 1, }; $subfirewall->{'40.p2p'} = { - 'caption' => 'P2P-Block', + 'caption' => $Lang::tr{'p2p block'}, 'uri' => '/cgi-bin/p2p-block.cgi', 'title' => "P2P-Block", 'enabled' => 1, diff --git a/config/rootfiles/core/fifteen/filelists/php b/config/rootfiles/core/fifteen/filelists/php new file mode 120000 index 000000000..1ae48d7a7 --- /dev/null +++ b/config/rootfiles/core/fifteen/filelists/php @@ -0,0 +1 @@ +../../../common/php \ No newline at end of file diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi old mode 100755 new mode 100644 index ceaab566b..7ffe59c6f --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -1050,7 +1050,7 @@ END if (! -z $configgrp || $optionsfw{'SHOWDROPDOWN'} eq 'on'){ print"$Lang::tr{'fwhost cust grp'}"; + #check if this group has only one entry + foreach my $key2 (keys %hash) { + if ($hash{$key2}<2 && $key2 eq $customgrp{$key}[0]){ + print "" ; + } + } } print""; @@ -1793,11 +1793,15 @@ sub viewtableservicegrp my $grpname; my $remark; my $helper; + my $helper1; my $port; my $protocol; my $delflag; my $grpcount=0; my $col=''; + my $lastentry=0; + my @counter; + my %hash; if (! -z $configsrvgrp){ &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust srvgrp'}); &General::readhasharray("$configsrvgrp", \%customservicegrp); @@ -1806,6 +1810,12 @@ sub viewtableservicegrp &General::readhasharray("$fwconfiginp", \%fwinp); &General::readhasharray("$fwconfigout", \%fwout); my $number= keys %customservicegrp; + foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){ + push (@counter,$customservicegrp{$key}[0]); + } + foreach my $key1 (@counter) { + $hash{$key1}++ ; + } foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){ $count++; if ($helper ne $customservicegrp{$key}[0]){ @@ -1823,12 +1833,12 @@ sub viewtableservicegrp } $grpname=$customservicegrp{$key}[0]; if ($customservicegrp{$key}[2] eq "none"){ - $customservicegrp{$key}[2]=$Lang::tr{'fwhost empty'}; + $customservicegrp{$key}[2]=$Lang::tr{'fwhost err emptytable'}; $port=''; $protocol=''; } $remark="$customservicegrp{$key}[1]"; - if($count >=2){print"";} + if($count >0){print"";$count=1;} print "
$grpname    "; print "$Lang::tr{'remark'}:  $remark " if ($remark ne ''); print "  $Lang::tr{'used'}: $grpcount x"; @@ -1849,6 +1859,11 @@ sub viewtableservicegrp print""; $col="bgcolor='$color{'color22'}'"; } + #make lines yellow if it is a dummy entry + if ($customservicegrp{$key}[2] eq $Lang::tr{'fwhost err emptytable'}){ + print""; + $col="bgcolor='${Header::colouryellow}'"; + } #Set fields if we use protocols in servicegroups if ($customservicegrp{$key}[2] ne 'TCP' || $customservicegrp{$key}[2] ne 'UDP' || $customservicegrp{$key}[2] ne 'ICMP'){ $port='-'; @@ -1868,8 +1883,16 @@ sub viewtableservicegrp } } print"$port$protocol
"; - if ($delflag gt '1'){ - print""; + if ($delflag gt '0'){ + if ($customservicegrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){ + print""; + } + #check if this group has only one entry + foreach my $key2 (keys %hash) { + if ($hash{$key2}<2 && $key2 eq $customservicegrp{$key}[0]){ + print "" ; + } + } } print""; if($protocol eq 'TCP' || $protocol eq 'UDP' || $protocol eq 'ICMP'){ diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi index 5143e5e14..b3a262994 100644 --- a/html/cgi-bin/index.cgi +++ b/html/cgi-bin/index.cgi @@ -286,7 +286,7 @@ if ( `cat /var/ipfire/vpn/settings | grep ^ENABLED=on` || $haveipsec=1; my $ipsecip = `cat /var/ipfire/vpn/settings | grep ^VPN_IP= | cut -c 8-`; print<$Lang::tr{'vpn'}
+ $Lang::tr{'ipsec'}
$ipsecip Online END diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 7b1654fb9..75b6c75f1 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -1163,6 +1163,12 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg $errormessage = $Lang::tr{'invalid port'}; goto SETTINGS_ERROR; } + + if ($cgiparams{'DDEST_PORT'} <= 1023) { + $errormessage = $Lang::tr{'ovpn port in root range'}; + goto SETTINGS_ERROR; + } + $vpnsettings{'ENABLED_BLUE'} = $cgiparams{'ENABLED_BLUE'}; $vpnsettings{'ENABLED_ORANGE'} =$cgiparams{'ENABLED_ORANGE'}; $vpnsettings{'ENABLED'} = $cgiparams{'ENABLED'}; @@ -3534,10 +3540,24 @@ if ($cgiparams{'TYPE'} eq 'net') { unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; goto VPNCONF_ERROR; - } + } + + if ($cgiparams{'DEST_PORT'} <= 1023) { + $errormessage = $Lang::tr{'ovpn port in root range'}; + unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; + rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; + goto VPNCONF_ERROR; + } - if ($cgiparams{'OVPN_MGMT'} eq '') { - $cgiparams{'OVPN_MGMT'} = $cgiparams{'DEST_PORT'}; + if ($cgiparams{'OVPN_MGMT'} eq '') { + $cgiparams{'OVPN_MGMT'} = $cgiparams{'DEST_PORT'}; + } + + if ($cgiparams{'OVPN_MGMT'} <= 1023) { + $errormessage = $Lang::tr{'ovpn mgmt in root range'}; + unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; + rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; + goto VPNCONF_ERROR; } } diff --git a/html/cgi-bin/p2p-block.cgi b/html/cgi-bin/p2p-block.cgi old mode 100755 new mode 100644 diff --git a/html/cgi-bin/shutdown.cgi b/html/cgi-bin/shutdown.cgi old mode 100755 new mode 100644 diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi old mode 100755 new mode 100644 diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 3e92d4b8e..7e90649d8 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -511,7 +511,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg ### } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove x509'}) { &Header::showhttpheaders(); - &Header::openpage($Lang::tr{'vpn configuration main'}, 1, ''); + &Header::openpage($Lang::tr{'ipsec'}, 1, ''); &Header::openbigbox('100%', 'left', '', ''); &Header::openbox('100%', 'left', $Lang::tr{'are you sure'}); print < + $headline - $title diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 3671c5276..b4753a6fd 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1269,9 +1269,10 @@ 'ipfire side is invalid' => 'IPFire Seite ist ungültig.', 'ipfires hostname' => 'IPFire\'s Hostname', 'ipinfo' => 'IP-Info', -'ipsec network' => 'IPsec-Netzwerke', 'iptable rules' => 'IPTable-Regeln', 'iptmangles' => 'IPTable Mangles', +'ipsec' => 'IPsec', +'ipsec network' => 'IPsec-Netzwerke', 'iptnats' => 'IPTable Network Address Translation', 'ipts' => 'iptables', 'isdn' => 'ISDN', @@ -1605,6 +1606,8 @@ 'ovpn on blue' => 'OpenVPN auf BLAU', 'ovpn on orange' => 'OpenVPN auf ORANGE', 'ovpn on red' => 'OpenVPN auf ROT', +'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.', +'ovpn port in root range' => 'Ein Port von 1024 oder höher ist erforderlich.', 'ovpn routes push' => 'Routen (eine pro Zeile) z.b. 192.168.10.0/255.255.255.0 192.168.20.0/24', 'ovpn routes push options' => 'Route push Optionen', 'ovpn server status' => 'OpenVPN-Server-Status', @@ -1627,7 +1630,7 @@ 'ovpn_processprioVH' => 'Sehr Hoch', 'ovpnstatus log' => 'OVPN-Status-Log', 'ovpnsys log' => 'OVPN-System-Log', -'p2p block' => 'P2P-Block', +'p2p block' => 'P2P-Netzwerke', 'p2p block save notice' => 'Bitte lesen Sie die Firewallregeln neu ein, damit die Änderungen aktiv werden.', 'package failed to install' => 'Programmpaket konnte nicht installiert werden.', 'pagerefresh' => 'Seite wird aktualisiert. Bitte warten.', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index f04a17e76..3d9a5eb4d 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1298,6 +1298,7 @@ 'ipfire side is invalid' => 'IPFire side is invalid.', 'ipfires hostname' => 'IPFire\'s Hostname', 'ipinfo' => 'IP info', +'ipsec' => 'IPsec', 'ipsec network' => 'IPsec network', 'iptable rules' => 'IPTable rules', 'iptmangles' => 'IPTable Mangles', @@ -1635,6 +1636,8 @@ 'ovpn on blue' => 'OpenVPN on BLUE', 'ovpn on orange' => 'OpenVPN on ORANGE', 'ovpn on red' => 'OpenVPN on RED', +'ovpn mgmt in root range' => 'A port number of 1024 or higher is required.', +'ovpn port in root range' => 'A port number of 1024 or higher is required.', 'ovpn routes push' => 'Routes (one per line) e.g. 192.168.10.0/255.255.255.0 192.168.20.0/24', 'ovpn routes push options' => 'Route push options', 'ovpn server status' => 'Current OpenVPN server status:', @@ -1657,7 +1660,7 @@ 'ovpn_processprioVH' => 'Very high', 'ovpnstatus log' => 'OVPN-Status-Log', 'ovpnsys log' => 'OVPN-System-Log', -'p2p block' => 'P2P block', +'p2p block' => 'P2P networks', 'p2p block save notice' => 'Please reload the firewall ruleset in order to apply your changes.', 'package failed to install' => 'Package failed to install.', 'pagerefresh' => 'Page is beeing refreshed, please wait.',