webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 03:33:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Firewall: Bugfix: the routine to check if a vpn net or host was deleted did not work as expected. Now it even works when source and target contain a vpn host or net

Browse Source
This commit is contained in:
Alexander Marx
2013-11-11 10:23:39 +01:00
committed by Michael Tremer
parent d8afe3e2c0
commit a15f7d0dd5
1 changed files with 35 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
html/cgi-bin/firewall.cgi
View File

@@ -2403,6 +2403,7 @@ sub viewtablenew
my $rulecolor; my $rulecolor;
my $tooltip; my $tooltip;
my @tmpsrc=(); my @tmpsrc=();
my @tmptgt=();
my $coloryellow=''; my $coloryellow='';
print <<END; print <<END;
@@ -2432,33 +2433,61 @@ END
foreach my $key (sort {$a <=> $b} keys %$hash){ foreach my $key (sort {$a <=> $b} keys %$hash){
$tdcolor=''; $tdcolor='';
@tmpsrc=(); @tmpsrc=();
@tmptgt=();
#check if vpn hosts/nets have been deleted #check if vpn hosts/nets have been deleted
if($$hash{$key}[3] =~ /ipsec/i || $$hash{$key}[3] =~ /ovpn/i){ if($$hash{$key}[3] =~ /ipsec/i || $$hash{$key}[3] =~ /ovpn/i){
push (@tmpsrc,$$hash{$key}[4]); push (@tmpsrc,$$hash{$key}[4]);
} }
if($$hash{$key}[5] =~ /ipsec/i || $$hash{$key}[5] =~ /ovpn/i){ if($$hash{$key}[5] =~ /ipsec/i || $$hash{$key}[5] =~ /ovpn/i){
push (@tmpsrc,$$hash{$key}[6]); push (@tmptgt,$$hash{$key}[6]);
} }
foreach my $host (@tmpsrc){ foreach my $host (@tmpsrc){
if($$hash{$key}[3] eq 'ipsec_net_src' || $$hash{$key}[5] eq 'ipsec_net_tgt'){ if($$hash{$key}[3] eq 'ipsec_net_src'){
if(&fwlib::get_ipsec_net_ip($host,11) eq ''){ if(&fwlib::get_ipsec_net_ip($host,11) eq ''){
$coloryellow='on'; $coloryellow='on';
&disable_rule($key); &disable_rule($key);
$$hash{$key}[2]=''; $$hash{$key}[2]='';
} }
}elsif($$hash{$key}[3] eq 'ovpn_net_src' || $$hash{$key}[5] eq 'ovpn_net_tgt'){ }elsif($$hash{$key}[3] eq 'ovpn_net_src'){
if(&fwlib::get_ovpn_net_ip($host,1) eq ''){ if(&fwlib::get_ovpn_net_ip($host,1) eq ''){
$coloryellow='on'; $coloryellow='on';
&disable_rule($key); &disable_rule($key);
$$hash{$key}[2]=''; $$hash{$key}[2]='';
} }
}elsif($$hash{$key}[3] eq 'ovpn_n2n_src' || $$hash{$key}[5] eq 'ovpn_n2n_tgt'){ }elsif($$hash{$key}[3] eq 'ovpn_n2n_src'){
if(&fwlib::get_ovpn_n2n_ip($host,27) eq ''){ if(&fwlib::get_ovpn_n2n_ip($host,27) eq ''){
$coloryellow='on'; $coloryellow='on';
&disable_rule($key); &disable_rule($key);
$$hash{$key}[2]=''; $$hash{$key}[2]='';
} }
}elsif($$hash{$key}[3] eq 'ovpn_host_src' || $$hash{$key}[5] eq 'ovpn_host_tgt'){ }elsif($$hash{$key}[3] eq 'ovpn_host_src'){
if(&fwlib::get_ovpn_host_ip($host,33) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}
}
foreach my $host (@tmptgt){
if($$hash{$key}[5] eq 'ipsec_net_tgt'){
if(&fwlib::get_ipsec_net_ip($host,11) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}elsif($$hash{$key}[5] eq 'ovpn_net_tgt'){
if(&fwlib::get_ovpn_net_ip($host,1) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}elsif($$hash{$key}[5] eq 'ovpn_n2n_tgt'){
if(&fwlib::get_ovpn_n2n_ip($host,27) eq ''){
$coloryellow='on';
&disable_rule($key);
$$hash{$key}[2]='';
}
}elsif($$hash{$key}[5] eq 'ovpn_host_tgt'){
if(&fwlib::get_ovpn_host_ip($host,33) eq ''){ if(&fwlib::get_ovpn_host_ip($host,33) eq ''){
$coloryellow='on'; $coloryellow='on';
&disable_rule($key); &disable_rule($key);
@@ -2469,7 +2498,7 @@ END
$$hash{'ACTIVE'}=$$hash{$key}[2]; $$hash{'ACTIVE'}=$$hash{$key}[2];
$count++; $count++;
if($coloryellow eq 'on'){ if($coloryellow eq 'on'){
print"<tr bgcolor='$color{'color14'}' >"; $color="$color{'color14'}";
$coloryellow=''; $coloryellow='';
}elsif($coloryellow eq ''){ }elsif($coloryellow eq ''){
if ($count % 2){ if ($count % 2){