webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

setfilters und setaliases entfernt.

Browse Source 
qosctrl Fix.


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@806 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
This commit is contained in:
ms
2007-08-22 19:58:53 +00:00
parent f7c162140c
commit 903310c40d
13 changed files with 113 additions and 887 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/rootfiles/common/apache2
View File

@@ -1254,7 +1254,6 @@ etc/httpd/conf/uid.conf
#etc/httpd/conf/vhosts.d
etc/httpd/conf/vhosts.d/ipfire-interface-ssl.conf
etc/httpd/conf/vhosts.d/ipfire-interface.conf
srv/web/ipfire/cgi-bin/aliases.cgi
srv/web/ipfire/cgi-bin/backup.cgi
srv/web/ipfire/cgi-bin/chpasswd.cgi
srv/web/ipfire/cgi-bin/connections.cgi

1
config/rootfiles/common/initscripts
View File

@@ -45,7 +45,6 @@ etc/rc.d/init.d/networking/red.down/20-RL-firewall
etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
etc/rc.d/init.d/networking/red.up/10-multicast
etc/rc.d/init.d/networking/red.up/20-RL-firewall
etc/rc.d/init.d/networking/red.up/21-setfilters
etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl
etc/rc.d/init.d/networking/red.up/23-RS-snort
etc/rc.d/init.d/networking/red.up/24-RS-qos

2
config/rootfiles/common/misc-progs
View File

@@ -19,9 +19,7 @@ usr/local/bin/redctrl
usr/local/bin/restartssh
usr/local/bin/restartwireless
#usr/local/bin/sambactrl
usr/local/bin/setaliases
usr/local/bin/setdmzholes
usr/local/bin/setfilters
usr/local/bin/setportfw
usr/local/bin/setxtaccess
usr/local/bin/smartctrl

4
doc/language_issues.de
View File

@@ -35,6 +35,7 @@ WARNING: translation string unused: advproxy ssadvanced proxy
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: alcatelusb help
WARNING: translation string unused: alcatelusb upload
WARNING: translation string unused: all interfaces
WARNING: translation string unused: all updates installed
WARNING: translation string unused: alt information
WARNING: translation string unused: alt ovpn
@@ -236,9 +237,11 @@ WARNING: translation string unused: not enough disk space
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: openvpn client
WARNING: translation string unused: openvpn server
WARNING: translation string unused: optional data
WARNING: translation string unused: options fw
WARNING: translation string unused: optionsfw portlist hint
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
@@ -268,6 +271,7 @@ WARNING: translation string unused: package failed to install
WARNING: translation string unused: password contains illegal characters
WARNING: translation string unused: password crypting key
WARNING: translation string unused: passwords must be at least 6 characters in length
WARNING: translation string unused: ping disabled
WARNING: translation string unused: polfile
WARNING: translation string unused: pots
WARNING: translation string unused: present

4
doc/language_issues.en
View File

@@ -36,6 +36,7 @@ WARNING: translation string unused: advproxy update information
WARNING: translation string unused: advproxy update notification
WARNING: translation string unused: alcatelusb help
WARNING: translation string unused: alcatelusb upload
WARNING: translation string unused: all interfaces
WARNING: translation string unused: all updates installed
WARNING: translation string unused: alt information
WARNING: translation string unused: alt ovpn
@@ -264,9 +265,11 @@ WARNING: translation string unused: notes
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: openvpn client
WARNING: translation string unused: openvpn server
WARNING: translation string unused: optional data
WARNING: translation string unused: options fw
WARNING: translation string unused: optionsfw portlist hint
WARNING: translation string unused: optionsfw warning
WARNING: translation string unused: or
@@ -296,6 +299,7 @@ WARNING: translation string unused: package failed to install
WARNING: translation string unused: password contains illegal characters
WARNING: translation string unused: password crypting key
WARNING: translation string unused: passwords must be at least 6 characters in length
WARNING: translation string unused: ping disabled
WARNING: translation string unused: polfile
WARNING: translation string unused: pots
WARNING: translation string unused: present

482
html/cgi-bin/aliases.cgi
View File

@@ -1,482 +0,0 @@
#!/usr/bin/perl
#
# IPFire CGI's - aliases.cgi
#
# This code is distributed under the terms of the GPL
#
# (c) Steve Bootes 2002/04/13 - Manage IP Aliases
#
# $Id: aliases.cgi,v 1.5.2.14 2006/01/13 20:14:48 eoberlander Exp $
# to fully troubleshot your code, uncomment diagnostics, Carp and cluck lines
#use diagnostics; # need to add the file /usr/lib/perl5/5.8.x/pods/perldiag.pod before to work
# next look at /var/log/httpd/error_log , http://www.perl.com/pub/a/2002/05/07/mod_perl.html may help
#use warnings;
use strict;
#use Carp ();
#local $SIG{__WARN__} = \&Carp::cluck;
require '/var/ipfire/general-functions.pl'; # replace /var/ipfire with /var/ipfire in case of manual install
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
#workaround to suppress a warning when a variable is used only once
my @dummy = ( ${Header::colouryellow} );
@dummy = ( ${Header::table1colour} );
@dummy = ( ${Header::table2colour} );
undef (@dummy);
# Files used
my $setting = "${General::swroot}/ethernet/settings";
our $datafile = "${General::swroot}/ethernet/aliases";
our %settings=();
#Settings1
#Settings2 for editing the multi-line list
#Must not be saved !
$settings{'IP'} = '';
$settings{'ENABLED'} = 'off'; # Every check box must be set to off
$settings{'NAME'} = '';
my @nosaved=('IP','ENABLED','NAME'); # List here ALL setting2 fields. Mandatory
$settings{'ACTION'} = ''; # add/edit/remove
$settings{'KEY1'} = ''; # point record for ACTION
#Define each field that can be used to sort columns
my $sortstring='^IP|^NAME';
my $errormessage = '';
my $warnmessage = '';
&Header::showhttpheaders();
# Read needed Ipcop netsettings
my %netsettings=();
$netsettings{'SORT_ALIASES'} = 'NAME'; # default sort
&General::readhash($setting, \%netsettings);
#Get GUI values
&Header::getcgihash(\%settings);
# Load multiline data
our @current = ();
if (open(FILE, "$datafile")) {
@current = <FILE>;
close (FILE);
}
#
# Check Settings1 first because they are needed before working on @current
#
# Remove if no Setting1 needed
#
if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
#
#Validate static Settings1 here
#
unless ($errormessage) { # Everything is ok, save settings
#map (delete ($settings{$_}) ,(@nosaved,'ACTION','KEY1'));# Must never be saved
#&General::writehash($setting, \%settings); # Save good settings
#$settings{'ACTION'} = $Lang::tr{'save'}; # Recreate 'ACTION'
#map ($settings{$_}= '',(@nosaved,'KEY1')); # and reinit var to empty
# Rebuild configuration file if needed
&BuildConfiguration;
}
ERROR: # Leave the faulty field untouched
} else {
#&General::readhash($setting, \%settings); # Get saved settings and reset to good if needed
}
## Now manipulate the multi-line list with Settings2
# Basic actions are:
# toggle the check box
# add/update a new line
# begin editing a line
# remove a line
# Toggle enable/disable field. Field is in second position
if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
#move out new line
chomp(@current[$settings{'KEY1'}]);
my @temp = split(/\,/,@current[$settings{'KEY1'}]);
$temp[1] = $temp[1] eq 'on' ? '' : 'on'; # Toggle the field
@current[$settings{'KEY1'}] = join (',',@temp)."\n";
$settings{'KEY1'} = ''; # End edit mode
&General::log($Lang::tr{'ip alias changed'});
#Save current
open(FILE, ">$datafile") or die 'Unable to open aliases file.';
print FILE @current;
close(FILE);
# Rebuild configuration file
&BuildConfiguration;
}
if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
# Validate inputs
if (! &General::validip($settings{'IP'})) {$errormessage = "invalid ip"};
$settings{'NAME'} = &Header::cleanhtml($settings{'NAME'});
# Make sure we haven't duplicated an alias or RED
my $spacer='';
if ($settings{'IP'} eq $netsettings{'RED_ADDRESS'}) {
$errormessage = $Lang::tr{'duplicate ip'} . ' (RED)';
$spacer=" & ";
}
my $idx=0;
foreach my $line (@current) {
chomp ($line);
my @temp = split (/\,/, $line);
if ( ($settings{'KEY1'} eq '')||(($settings{'KEY1'} ne '') && ($settings{'KEY1'} != $idx))) { # update
if ($temp[0] eq $settings{'IP'}) {
$errormessage .= $spacer.$Lang::tr{'duplicate ip'};
$spacer=" & ";
}
if ($temp[2] eq $settings{'NAME'} && $temp[2] ne '') {
$errormessage .= $spacer.$Lang::tr{'duplicate name'};
$spacer=" & ";
}
}
$idx++;
}
unless ($errormessage) {
if ($settings{'KEY1'} eq '') { #add or edit ?
unshift (@current, "$settings{'IP'},$settings{'ENABLED'},$settings{'NAME'}\n");
&General::log($Lang::tr{'ip alias added'});
} else {
@current[$settings{'KEY1'}] = "$settings{'IP'},$settings{'ENABLED'},$settings{'NAME'}\n";
$settings{'KEY1'} = ''; # End edit mode
&General::log($Lang::tr{'ip alias changed'});
}
# Write changes to config file.
&SortDataFile; # sort newly added/modified entry
&BuildConfiguration; # then re-build conf which use new data
##
## if entering data line is repetitive, choose here to not erase fields between each addition
##
map ($settings{$_}='' ,@nosaved); # Clear fields
}
}
if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
#move out new line
my $line = @current[$settings{'KEY1'}]; # KEY1 is the index in current
chomp($line);
my @temp = split(/\,/, $line);
##
## move data fields to Setting2 for edition
##
$settings{'IP'}=$temp[0]; # Prepare the screen for editing
$settings{'ENABLED'}=$temp[1];
$settings{'NAME'}=$temp[2];
}
if ($settings{'ACTION'} eq $Lang::tr{'remove'}) {
splice (@current,$settings{'KEY1'},1); # Delete line
open(FILE, ">$datafile") or die 'Unable to open aliases file.';
print FILE @current;
close(FILE);
$settings{'KEY1'} = ''; # End remove mode
&General::log($Lang::tr{'ip alias removed'});
&BuildConfiguration; # then re-build conf which use new data
}
## Check if sorting is asked
# If same column clicked, reverse the sort.
if ($ENV{'QUERY_STRING'} =~ /$sortstring/ ) {
my $newsort=$ENV{'QUERY_STRING'};
my $actual=$netsettings{'SORT_ALIASES'};
#Reverse actual sort ?
if ($actual =~ $newsort) {
my $Rev='';
if ($actual !~ 'Rev') {
$Rev='Rev';
}
$newsort.=$Rev;
}
$netsettings{'SORT_ALIASES'}=$newsort;
&General::writehash($setting, \%netsettings);
&SortDataFile;
$settings{'ACTION'} = 'SORT'; # Recreate 'ACTION'
}
# Default initial value
if ($settings{'ACTION'} eq '' ) { # First launch from GUI
$settings{'ENABLED'} ='on';
}
&Header::openpage($Lang::tr{'external aliases configuration'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
my %checked =(); # Checkbox manipulations
if ($errormessage) {
&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
print "<font class='base'>$errormessage&nbsp;</font>";
&Header::closebox();
}
unless (( $netsettings{'CONFIG_TYPE'} =~ /^(1|2|3|4)$/ ) && ($netsettings{'RED_TYPE'} eq 'STATIC'))
{
&Header::openbox('100%', 'left', $Lang::tr{'capswarning'});
print <<END
<table width='100%'>
<tr>
<td width='100%' class='boldbase' align='center'><font color='${Header::colourred}'><b>$Lang::tr{'aliases not active'}</b></font></td>
</tr>
</table>
END
;
&Header::closebox();
}
#
# Second check box is for editing the list
#
$checked{'ENABLED'}{'on'} = ($settings{'ENABLED'} eq '') ? '' : "checked='checked'";
my $buttontext = $Lang::tr{'add'};
if ($settings{'KEY1'} ne '') {
$buttontext = $Lang::tr{'update'};
&Header::openbox('100%', 'left', $Lang::tr{'edit an existing alias'});
} else {
&Header::openbox('100%', 'left', $Lang::tr{'add new alias'});
}
#Edited line number (KEY1) passed until cleared by 'save' or 'remove' or 'new sort order'
print <<END
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<input type='hidden' name='KEY1' value='$settings{'KEY1'}' />
<table width='100%'>
<tr>
<td class='base'><font color='${Header::colourred}'>$Lang::tr{'name'}:&nbsp;<img src='/blob.gif' alt='*' /></font></td>
<td><input type='text' name='NAME' value='$settings{'NAME'}' size='32' /></td>
<td class='base' align='right'><font color='${Header::colourred}'>$Lang::tr{'alias ip'}:&nbsp;</font></td>
<td><input type='text' name='IP' value='$settings{'IP'}' size='16' /></td>
<td class='base' align='right'>$Lang::tr{'enabled'}&nbsp;</td>
<td><input type='checkbox' name='ENABLED' $checked{'ENABLED'}{'on'} /></td>
</tr>
</table>
<hr />
<table width='100%'>
<tr>
<td class='base' width='50%'><img src='/blob.gif' align='top' alt='*' />&nbsp;$Lang::tr{'this field may be blank'}</td>
<td width='50%' align='center'><input type='hidden' name='ACTION' value='$Lang::tr{'add'}' /><input type='submit' name='SUBMIT' value='$buttontext' /></td>
</tr>
</table>
</form>
END
;
&Header::closebox();
#
# Third box shows the list, in columns
#
# Columns headers may content a link. In this case it must be named in $sortstring
#
&Header::openbox('100%', 'left', $Lang::tr{'current aliases'});
print <<END
<table width='100%'>
<tr>
<td width='50%' align='center'><a href='$ENV{'SCRIPT_NAME'}?NAME'><b>$Lang::tr{'name'}</b></a></td>
<td width='40%' align='center'><a href='$ENV{'SCRIPT_NAME'}?IP'><b>$Lang::tr{'alias ip'}</b></a></td>
<td width='10%' colspan='3' class='boldbase' align='center'><b>$Lang::tr{'action'}</b></td>
</tr>
END
;
#
# Print each line of @current list
#
# each data line is splitted into @temp.
#
my $key = 0;
foreach my $line (@current) {
chomp($line);
my @temp = split(/\,/,$line);
#Choose icon for checkbox
my $gif = '';
my $gdesc = '';
if ($temp[1] eq "on") {
$gif = 'on.gif';
$gdesc = $Lang::tr{'click to disable'};
} else {
$gif = 'off.gif';
$gdesc = $Lang::tr{'click to enable'};
}
#Colorize each line
if ($settings{'KEY1'} eq $key) {
print "<tr bgcolor='${Header::colouryellow}'>";
} elsif ($key % 2) {
print "<tr bgcolor='${Header::table2colour}'>";
} else {
print "<tr bgcolor='${Header::table1colour}'>";
}
print <<END
<td align='center'>$temp[2]</td>
<td align='center'>$temp[0]</td>
<td align='center'>
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<input type='hidden' name='ACTION' value='$Lang::tr{'toggle enable disable'}' />
<input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' alt='$gdesc' title='$gdesc' />
<input type='hidden' name='KEY1' value='$key' />
</form>
</td>
<td align='center'>
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<input type='hidden' name='ACTION' value='$Lang::tr{'edit'}' />
<input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' />
<input type='hidden' name='KEY1' value='$key' />
</form>
</td>
<td align='center'>
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<input type='hidden' name='ACTION' value='$Lang::tr{'remove'}' />
<input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' alt='$Lang::tr{'remove'}' title='$Lang::tr{'remove'}' />
<input type='hidden' name='KEY1' value='$key' />
</form>
</td>
</tr>
END
;
$key++;
}
print "</table>";
# If table contains entries, print 'Key to action icons'
if ($key) {
print <<END
<table>
<tr>
<td class='boldbase'>&nbsp;<b>$Lang::tr{'legend'}:&nbsp;</b></td>
<td><img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
<td class='base'>$Lang::tr{'click to disable'}</td>
<td>&nbsp;&nbsp;</td>
<td><img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
<td class='base'>$Lang::tr{'click to enable'}</td>
<td>&nbsp;&nbsp;</td>
<td><img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
<td class='base'>$Lang::tr{'edit'}</td>
<td>&nbsp;&nbsp;</td>
<td><img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
<td class='base'>$Lang::tr{'remove'}</td>
</tr>
</table>
END
;
}
&Header::closebox();
&Header::closebigbox();
&Header::closepage();
## Ouf it's the end !
# Sort the "current" array according to choices
sub SortDataFile
{
our %entries = ();
# Sort pair of record received in $a $b special vars.
# When IP is specified use numeric sort else alpha.
# If sortname ends with 'Rev', do reverse sort.
#
sub fixedleasesort {
my $qs=''; # The sort field specified minus 'Rev'
if (rindex ($netsettings{'SORT_ALIASES'},'Rev') != -1) {
$qs=substr ($netsettings{'SORT_ALIASES'},0,length($netsettings{'SORT_ALIASES'})-3);
if ($qs eq 'IP') {
my @a = split(/\./,$entries{$a}->{$qs});
my @b = split(/\./,$entries{$b}->{$qs});
($b[0]<=>$a[0]) ||
($b[1]<=>$a[1]) ||
($b[2]<=>$a[2]) ||
($b[3]<=>$a[3]);
} else {
$entries{$b}->{$qs} cmp $entries{$a}->{$qs};
}
} else { #not reverse
$qs=$netsettings{'SORT_ALIASES'};
if ($qs eq 'IP') {
my @a = split(/\./,$entries{$a}->{$qs});
my @b = split(/\./,$entries{$b}->{$qs});
($a[0]<=>$b[0]) ||
($a[1]<=>$b[1]) ||
($a[2]<=>$b[2]) ||
($a[3]<=>$b[3]);
} else {
$entries{$a}->{$qs} cmp $entries{$b}->{$qs};
}
}
}
#Use an associative array (%entries)
my $key = 0;
foreach my $line (@current) {
chomp( $line); #remove newline because can be on field 5 or 6 (addition of REMARK)
my @temp = split (',',$line);
# Build a pair 'Field Name',value for each of the data dataline.
# Each SORTABLE field must have is pair.
# Other data fields (non sortable) can be grouped in one
# Exemple
# F1,F2,F3,F4,F5 only F1 F2 for sorting
# my @record = ('KEY',$key++,
# 'F1',$temp[0],
# 'F2',$temp[1],
# 'DATA',join(',',@temp[2..4]) ); #group remainning values, with separator (,)
# The KEY,key record permits doublons. If removed, then F1 becomes the key without doublon permitted.
my @record = ('KEY',$key++,'IP',$temp[0],'ENABLED',$temp[1],'NAME',$temp[2]);
my $record = {}; # create a reference to empty hash
%{$record} = @record; # populate that hash with @record
$entries{$record->{KEY}} = $record; # add this to a hash of hashes
}
open(FILE, ">$datafile") or die 'Unable to open aliases file.';
# Each field value is printed , with the newline ! Don't forget separator and order of them.
foreach my $entry (sort fixedleasesort keys %entries) {
print FILE "$entries{$entry}->{IP},$entries{$entry}->{ENABLED},$entries{$entry}->{NAME}\n";
}
close(FILE);
# Reload sorted @current
open (FILE, "$datafile");
@current = <FILE>;
close (FILE);
}
#
# Build the configuration file for application aliases
#
sub BuildConfiguration {
# Restart service associated with this
system '/usr/local/bin/setaliases';
}

2
lfs/initscripts
View File

@@ -135,8 +135,6 @@ $(TARGET) :
ln -sf ../../dnsmasq /etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq
ln -sf ../../firewall /etc/rc.d/init.d/networking/red.up/20-RL-firewall
ln -sf ../../../../../usr/local/bin/setfilters \
/etc/rc.d/init.d/networking/red.up/21-setfilters
ln -sf ../../../../../usr/local/bin/outgoingfwctrl \
/etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl
ln -sf ../../../../../usr/local/bin/snortctrl \

13
src/misc-progs/Makefile
View File

@@ -4,8 +4,8 @@ CFLAGS=-O2 -Wall
COMPILE=$(CC) $(CFLAGS)
PROGS = iowrap
SUID_PROGS = setdmzholes setportfw setfilters setxtaccess \
squidctrl restartssh ipfirereboot setaliases \
SUID_PROGS = setdmzholes setportfw setxtaccess \
squidctrl restartssh ipfirereboot \
ipsecctrl timectrl dhcpctrl snortctrl \
applejuicectrl rebuildhosts backupctrl \
logwatch openvpnctrl outgoingfwctrl \
@@ -61,9 +61,6 @@ tripwirectrl: tripwirectrl.c setuid.o ../install+setup/libsmooth/varval.o
smartctrl: smartctrl.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ smartctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@
monitorTraff: monitorTraff.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ monitorTraff.c setuid.o ../install+setup/libsmooth/varval.o -o $@
clamavctrl: clamavctrl.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ clamavctrl.c setuid.o ../install+setup/libsmooth/varval.o -o $@
@@ -76,18 +73,12 @@ timectrl: timectrl.c setuid.o ../install+setup/libsmooth/varval.o
launch-ether-wake: launch-ether-wake.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ launch-ether-wake.c setuid.o ../install+setup/libsmooth/varval.o -o $@
setaliases: setaliases.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ setaliases.c setuid.o ../install+setup/libsmooth/varval.o -o $@
setdmzholes: setdmzholes.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ setdmzholes.c setuid.o ../install+setup/libsmooth/varval.o -o $@
setportfw: setportfw.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ setportfw.c setuid.o ../install+setup/libsmooth/varval.o -o $@
setfilters: setfilters.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ setfilters.c setuid.o ../install+setup/libsmooth/varval.o -o $@
rebuildhosts: rebuildhosts.c setuid.o ../install+setup/libsmooth/varval.o
$(COMPILE) -I../install+setup/libsmooth/ rebuildhosts.c setuid.o ../install+setup/libsmooth/varval.o -o $@

20
src/misc-progs/qosctrl.c
View File

@@ -16,7 +16,6 @@
int main(int argc, char *argv[]) {
int fd = -1;
int enable = 0;
if (!(initsetuid()))
exit(1);
@@ -25,18 +24,17 @@ int main(int argc, char *argv[]) {
fprintf(stderr, "\nNo argument given.\n\nqosctrl (start|stop|restart|status|generate)\n\n");
exit(1);
}
if ((fd = open("/var/ipfire/qos/bin/qos.sh", O_RDONLY)) != -1) {
close(fd);
} else {
// If there is no qos.sh do nothing.
exit(0);
}
safe_system("chmod 755 /var/ipfire/qos/bin/qos.sh &>/dev/null");
if (strcmp(argv[1], "start") == 0) {
if ((fd = open("/var/ipfire/qos/bin/qos.sh", O_RDONLY)) != -1)
{
close(fd);
enable = 1;
}
if (enable)
{
safe_system("/var/ipfire/qos/bin/qos.sh start");
}
safe_system("/var/ipfire/qos/bin/qos.sh start");
} else if (strcmp(argv[1], "stop") == 0) {
safe_system("/var/ipfire/qos/bin/qos.sh clear");
} else if (strcmp(argv[1], "status") == 0) {

186
src/misc-progs/setaliases.c
View File

@@ -1,186 +0,0 @@
/*
* setaliases - configure red aliased interfaces
*
* This program is distributed under the terms of the GNU General Public
* Licence. See the file COPYING for details.
*
* (c) Steve Bootes, 2002/04/15
*
* 21/04/03 Robert Kerr Changed to link directly to libsmooth rather than
* using a copy & paste
*
* $Id: setaliases.c,v 1.2.2.4 2004/08/22 22:01:44 alanh Exp $
*
*/
#include "libsmooth.h"
#include "setuid.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
struct keyvalue *kv = NULL;
FILE *file = NULL;
void exithandler(void)
{
if (kv) freekeyvalues(kv);
if (file) fclose(file);
}
int main(void)
{
char s[STRING_SIZE];
char command[STRING_SIZE];
char red_netmask[STRING_SIZE];
char red_broadcast[STRING_SIZE];
char red_dev[STRING_SIZE];
char default_gateway[STRING_SIZE];
char *aliasip;
char *enabled;
char *sptr;
char *comment;
int alias;
int count;
if (!(initsetuid()))
{
fprintf(stderr, "Cannot run setuid\n");
exit(1);
}
atexit(exithandler);
/* Init the keyvalue structure */
kv=initkeyvalues();
/* Read in the current values */
if (!readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings"))
{
fprintf(stderr, "Cannot read ethernet settings\n");
exit(1);
}
/* Find the CONFIG_TYPE value */
if (!findkey(kv, "CONFIG_TYPE", s))
{
fprintf(stderr, "Cannot read CONFIG_TYPE\n");
exit(1);
}
/* Check for CONFIG_TYPE=2 or 3 i.e. RED ethernet present. If not,
* exit gracefully. This is not an error... */
if (!((strcmp(s, "2")==0) || (strcmp(s, "3")==0) || (strcmp(s, "6")==0) || (strcmp(s, "7")==0)))
exit(0);
/* Now check the RED_TYPE - aliases only work with STATIC.
* At least, that's what /etc/rc.d/rc.netaddress.up thinks.. */
/* Find the RED_TYPE value */
if (!findkey(kv, "RED_TYPE", s))
{
fprintf(stderr, "Cannot read RED_TYPE\n");
exit(1);
}
/* Make sure it's the right type */
if (!(strcmp(s, "STATIC")==0))
exit(0);
/* Get the RED interface details */
if((!findkey(kv, "RED_NETMASK", red_netmask)) || (!findkey(kv, "RED_BROADCAST", red_broadcast)) ||
(!findkey(kv, "RED_DEV", red_dev)) || (!findkey(kv, "DEFAULT_GATEWAY", default_gateway)))
{
fprintf(stderr, "Cannot read RED settings\n");
exit(1);
}
if (!VALID_DEVICE(red_dev))
{
fprintf(stderr, "Bad red_dev: %s\n", red_dev);
exit(1);
}
if (!VALID_IP(red_netmask))
{
fprintf(stderr, "Bad red_netmask : %s\n", red_netmask);
exit(1);
}
if (!VALID_IP(red_broadcast))
{
fprintf(stderr, "Bad red_broadcast : %s\n", red_broadcast);
exit(1);
}
if (!VALID_IP(default_gateway))
{
fprintf(stderr, "Bad default_gateway : %s\n", default_gateway);
exit(1);
}
/* down the aliases in turn until ifconfig complains */
alias=0;
do
{
memset(command, 0, STRING_SIZE);
snprintf(command, STRING_SIZE-1, "/sbin/ifconfig %s:%d down 2>/dev/null", red_dev, alias++);
} while (safe_system(command)==0);
/* Now set up the new aliases from the config file */
if (!(file = fopen(CONFIG_ROOT "/ethernet/aliases", "r")))
{
fprintf(stderr, "Unable to open aliases configuration file\n");
exit(1);
}
alias=0;
while (fgets(s, STRING_SIZE, file) != NULL)
{
if (s[strlen(s) - 1] == '\n')
s[strlen(s) - 1] = '\0';
sptr = strtok(s, ",");
count = 0;
aliasip = NULL;
enabled = NULL;
comment = NULL;
while (sptr)
{
if (count == 0)
aliasip = sptr;
if (count == 1)
enabled = sptr;
else
comment = sptr;
count++;
sptr = strtok(NULL, ",");
}
if (!(aliasip && enabled))
continue;
if (!VALID_IP(aliasip))
{
fprintf(stderr, "Bad alias : %s\n", aliasip);
exit(1);
}
if (strcmp(enabled, "on") == 0)
{
memset(command, 0, STRING_SIZE);
snprintf(command, STRING_SIZE-1, "/sbin/ifconfig %s:%d %s netmask %s broadcast %s up", red_dev, alias, aliasip, red_netmask, red_broadcast);
safe_system(command);
memset(command, 0, STRING_SIZE);
snprintf(command, STRING_SIZE-1, "/usr/sbin/arping -q -c 1 -w 1 -i %s -S %s %s", red_dev, aliasip, default_gateway);
safe_system(command);
alias++;
}
}
return 0;
}

100
src/misc-progs/setfilters.c
View File

@@ -1,100 +0,0 @@
/* Derivated from SmoothWall helper programs
*
* This program is distributed under the terms of the GNU General Public
* Licence. See the file COPYING for details.
*
* (c) Daniel Goscomb, 2001
*
* Modifications and improvements by Lawrence Manning.
*
* 19/04/03 Robert Kerr Fixed root exploit
*
* 20/08/05 Achim Weber 20 Modified to have a binary for the new firewall options page in IPCop 1.4.8
*
* 02/10/05 Gilles Espinasse treat only ping actually
*
* $Id: setfilters.c,v 1.1.2.2 2006/02/07 20:54:16 gespinasse Exp $
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "libsmooth.h"
#include "setuid.h"
struct keyvalue *kv = NULL;
FILE *ifacefile = NULL;
void exithandler(void)
{
if(kv)
freekeyvalues(kv);
}
int main(void)
{
char iface[STRING_SIZE] = "";
char command[STRING_SIZE];
char disableping[STRING_SIZE];
int redAvailable = 1;
if (!(initsetuid()))
exit(1);
atexit(exithandler);
/* Read in and verify config */
kv=initkeyvalues();
if (!readkeyvalues(kv, CONFIG_ROOT "/optionsfw/settings")) {
fprintf(stderr, "Cannot read firewall option settings\n");
exit(1);
}
if (!findkey(kv, "DISABLEPING", disableping)) {
fprintf(stderr, "Cannot read DISABLEPING\n");
exit(1);
}
if (strcmp(disableping, "NO") != 0 && strcmp(disableping, "ONLYRED") != 0 && strcmp(disableping, "ALL") != 0) {
fprintf(stderr, "Bad DISABLEPING: %s\n", disableping);
exit(1);
}
if (!(ifacefile = fopen(CONFIG_ROOT "/red/iface", "r"))) {
redAvailable = 0;
} else {
if (fgets(iface, STRING_SIZE, ifacefile)) {
if (iface[strlen(iface) - 1] == '\n')
iface[strlen(iface) - 1] = '\0';
}
fclose (ifacefile);
if (!VALID_DEVICE(iface)) {
fprintf(stderr, "Bad iface: %s\n", iface);
exit(1);
}
redAvailable = 1;
}
safe_system("/sbin/iptables -F GUIINPUT");
/* don't need to do anything if ping is disabled, so treat only other cases */
if (strcmp(disableping, "NO") == 0
|| (strcmp(disableping, "ONLYRED") == 0 && redAvailable == 0)) {
// We allow ping (icmp type 8) on every interfaces
// or RED is not available, so we can enable it on all (available) Interfaces
memset(command, 0, STRING_SIZE);
snprintf(command, STRING_SIZE - 1, "/sbin/iptables -A GUIINPUT -p icmp --icmp-type 8 -j ACCEPT");
safe_system(command);
} else {
// Allow ping only on internal interfaces
if(strcmp(disableping, "ONLYRED") == 0) {
memset(command, 0, STRING_SIZE);
snprintf(command, STRING_SIZE - 1,
"/sbin/iptables -A GUIINPUT -i ! %s -p icmp --icmp-type 8 -j ACCEPT", iface);
safe_system(command);
}
}
return 0;
}

165
src/misc-progs/setuid.h
View File

@@ -1,91 +1,74 @@
/* SmoothWall helper program - header file
*
* This program is distributed under the terms of the GNU General Public
* Licence. See the file COPYING for details.
* Simple header file for all setuid progs.
*
* $Id: setuid.h,v 1.4.2.4 2005/11/20 23:20:13 franck78 Exp $
*
*/
#ifndef SETUID_H
#define SETUID_H 1
#include <stdlib.h>
#include <sys/types.h>
/* As nothing in setuid.c uses STRING_SIZE specifically there's no real reason
* to redefine it if it already is set */
#ifndef STRING_SIZE
#define STRING_SIZE 256
#endif
#define LETTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
#define NUMBERS "0123456789"
#define LETTERS_NUMBERS LETTERS NUMBERS
#define IP_NUMBERS "./" NUMBERS
#define PORT_NUMBERS ":-" NUMBERS
#define VALID_FQDN LETTERS_NUMBERS ".-"
#define VALID_IP(ip) (strlen(ip) > 6 \
&& strlen(ip) < 16 \
&& strspn(ip, NUMBERS ".") == strlen(ip))
#define VALID_IP_AND_MASK(ip) (strlen(ip) > 6 \
&& strlen(ip) < 32 \
&& strspn(ip, IP_NUMBERS) == strlen(ip))
#define VALID_PORT(port) (strlen(port) \
&& strlen(port) < 6 \
&& strspn(port, NUMBERS) == strlen(port))
#define VALID_PORT_RANGE(port) (strlen(port) \
&& strlen(port) < 12 \
&& strspn(port, PORT_NUMBERS) == strlen(port))
#define VALID_SHORT_MASK(ip) (strlen(ip) > 1 \
&& strlen(ip) < 3 \
&& strspn(ip, NUMBERS) == strlen(ip))
/* Can't find any info on valid characters/length hopefully these are
* reasonable guesses */
#define VALID_DEVICE(dev) (strlen(dev) \
&& strlen(dev) < 16 \
&& strspn(dev, LETTERS_NUMBERS ":.") == strlen(dev))
/* Again, can't find any hard and fast rules for protocol names, these
* restrictions are based on the keywords currently listed in
* <http://www.iana.org/assignments/protocol-numbers>
* though currently the ipcop cgis will only pass tcp, udp or gre anyway */
#define VALID_PROTOCOL(prot) (strlen(prot) \
&& strlen(prot) <16 \
&& strspn(prot, LETTERS_NUMBERS "-") == strlen(prot))
extern char * trusted_env[4];
int system_core(char* command, uid_t uid, gid_t gid, char *error);
int safe_system(char* command);
int unpriv_system(char* command, uid_t uid, gid_t gid);
size_t strlcat(char *dst, const char *src, size_t len);
int initsetuid(void);
/* check whether a file exists */
int file_exists(const char *fname);
int file_exists_w(const char *fname); //wildcard filename test
// Backup restore
#define MOUNTPOINT "/home/httpd/html/backup"
#define BACKUP_KEY CONFIG_ROOT"/backup/backup.key"
/* defines for config create/restore return status*/
#define ERR_ANY 1 // unspecified error
#define ERR_KEY 2 // error creating key file
#define ERR_TAR 3 // error creating .tar
#define ERR_GZ 4 // error creating .tar.gz
#define ERR_ENCRYPT 5 // error creating .dat
#define ERR_DECRYPT 6 // error decrypting .dat file
#define ERR_UNTARTST 7 // error (test) untarring .tar.gz
#define ERR_UNTAR 8 // error (real) untarring .tar.gz
#define ERR_DAT 9 // missing .dat file
#endif
/* SmoothWall helper program - header file
*
* This program is distributed under the terms of the GNU General Public
* Licence. See the file COPYING for details.
* Simple header file for all setuid progs.
*
*/
#ifndef SETUID_H
#define SETUID_H 1
#include <stdlib.h>
#include <sys/types.h>
/* As nothing in setuid.c uses STRING_SIZE specifically there's no real reason
* to redefine it if it already is set */
#ifndef STRING_SIZE
#define STRING_SIZE 256
#endif
#define LETTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
#define NUMBERS "0123456789"
#define LETTERS_NUMBERS LETTERS NUMBERS
#define IP_NUMBERS "./" NUMBERS
#define PORT_NUMBERS ":-" NUMBERS
#define VALID_FQDN LETTERS_NUMBERS ".-"
#define VALID_IP(ip) (strlen(ip) > 6 \
&& strlen(ip) < 16 \
&& strspn(ip, NUMBERS ".") == strlen(ip))
#define VALID_IP_AND_MASK(ip) (strlen(ip) > 6 \
&& strlen(ip) < 32 \
&& strspn(ip, IP_NUMBERS) == strlen(ip))
#define VALID_PORT(port) (strlen(port) \
&& strlen(port) < 6 \
&& strspn(port, NUMBERS) == strlen(port))
#define VALID_PORT_RANGE(port) (strlen(port) \
&& strlen(port) < 12 \
&& strspn(port, PORT_NUMBERS) == strlen(port))
#define VALID_SHORT_MASK(ip) (strlen(ip) > 1 \
&& strlen(ip) < 3 \
&& strspn(ip, NUMBERS) == strlen(ip))
/* Can't find any info on valid characters/length hopefully these are
* reasonable guesses */
#define VALID_DEVICE(dev) (strlen(dev) \
&& strlen(dev) < 16 \
&& strspn(dev, LETTERS_NUMBERS ":.") == strlen(dev))
/* Again, can't find any hard and fast rules for protocol names, these
* restrictions are based on the keywords currently listed in
* <http://www.iana.org/assignments/protocol-numbers>
* though currently the ipcop cgis will only pass tcp, udp or gre anyway */
#define VALID_PROTOCOL(prot) (strlen(prot) \
&& strlen(prot) <16 \
&& strspn(prot, LETTERS_NUMBERS "-") == strlen(prot))
extern char * trusted_env[4];
int system_core(char* command, uid_t uid, gid_t gid, char *error);
int safe_system(char* command);
int unpriv_system(char* command, uid_t uid, gid_t gid);
size_t strlcat(char *dst, const char *src, size_t len);
int initsetuid(void);
/* check whether a file exists */
int file_exists(const char *fname);
int file_exists_w(const char *fname); //wildcard filename test
#endif

20
tools/finder.sh Normal file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
# Verson 0.1 by linuxadmin
# sucht in allen regulären Files nach dem eingegebenen Wert
# ACHTUNG DAS KANN EINIGE MINUTEN DAUERN !!!
name=finder.log
echo -n "Where: " ;read wo
echo -n "String: " ;read was
echo -n "Output to file? (y/n): " ;read jn
if [ "$jn" = "y" ]; then
echo "Creating log file $name"
find $wo -type f | xargs grep -in "$was" > $name
else
find $wo -type f | xargs grep -in "$was"
fi
if [ -d $name ]; then
cat $name
fi