webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

firewall: Add WireGuard RW to the UI

Browse Source 
commit 5a1c02df8973b3acc5c3101a94e86fe6df4b43b6
    Author: Michael Tremer <michael.tremer@ipfire.org>
    Date:   Thu Sep 12 19:39:26 2024 +0200

        firewall: Add WireGuard RW to the UI

        Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
This commit is contained in:
Vincent Li
2025-07-03 22:55:18 +00:00
parent 6ed934dbfc
commit aff726b928
5 changed files with 44 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
html/cgi-bin/firewall.cgi
View File

@@ -837,8 +837,14 @@ sub checkrule
$hint.=$Lang::tr{'fwdfw hint ip2'}." Source: $networkip1/$scidr Target: $networkip2/$tcidr<br>";
}
}else{
$errormessage .= $sip;
$errormessage .= $scidr;
$errormessage .= $tip;
$errormessage .= $tcidr;
if ( &General::IpInSubnet($networkip2,$sip,&General::iporsubtodec($scidr)) ){
$errormessage.=$Lang::tr{'fwdfw err samesub'};
$errormessage.=$Lang::tr{'fwdfw err samesub'} . $fwdfwsettings{'grp1'} .$fwdfwsettings{$fwdfwsettings{'grp1'}} . $fwdfwsettings{'grp2'} . $fwdfwsettings{$fwdfwsettings{'grp2'}};
}
}
}
@@ -1291,19 +1297,22 @@ sub get_ip
if ($fwdfwsettings{$grp} eq $val.'_addr'){
($a,$b) = split (/\//, $fwdfwsettings{$fwdfwsettings{$grp}});
}elsif($fwdfwsettings{$grp} eq 'std_net_'.$val){
if ($fwdfwsettings{$fwdfwsettings{$grp}} =~ /Gr/i){
if ($fwdfwsettings{$fwdfwsettings{$grp}} eq "GREEN"){
$a=$netsettings{'GREEN_NETADDRESS'};
$b=&General::iporsubtocidr($netsettings{'GREEN_NETMASK'});
}elsif($fwdfwsettings{$fwdfwsettings{$grp}} =~ /Ora/i){
}elsif($fwdfwsettings{$fwdfwsettings{$grp}} eq "ORANGE"){
$a=$netsettings{'ORANGE_NETADDRESS'};
$b=&General::iporsubtocidr($netsettings{'ORANGE_NETMASK'});
}elsif($fwdfwsettings{$fwdfwsettings{$grp}} =~ /Bl/i){
}elsif($fwdfwsettings{$fwdfwsettings{$grp}} eq "BLUE"){
$a=$netsettings{'BLUE_NETADDRESS'};
$b=&General::iporsubtocidr($netsettings{'BLUE_NETMASK'});
}elsif($fwdfwsettings{$fwdfwsettings{$grp}} =~ /OpenVPN/i){
}elsif($fwdfwsettings{$fwdfwsettings{$grp}} eq "OpenVPN-Dyn"){
&General::readhash("$configovpn",\%ovpnsettings);
($a,$b) = split (/\//, $ovpnsettings{'DOVPN_SUBNET'});
$b=&General::iporsubtocidr($b);
# WireGuard
}elsif($fwdfwsettings{$fwdfwsettings{$grp}} eq "WGRW") {
return $Wireguard::settings{'CLIENT_POOL'};
}
}elsif($fwdfwsettings{$grp} eq 'cust_net_'.$val){
&General::readhasharray("$confignet", \%customnetwork);
@@ -1454,6 +1463,9 @@ sub getcolor
}elsif ($val eq 'IPsec RW' ){
$tdcolor="style='background-color: $Header::colourvpn;color:white;'";
return;
}elsif ($val eq "WGRW") {
$tdcolor="style='background-color: $Header::colourwg; color: white;'";
return;
}elsif($val =~ /^(.*?)\/(.*?)$/){
my ($sip,$scidr) = split ("/",$val);
if ( &Header::orange_used() && &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){
@@ -1520,6 +1532,13 @@ sub getcolor
}
}
}
# WireGuard Roadwarrior
if ($Wireguard::settings{'CLIENT_POOL'}) {
if (&Network::ip_address_in_network($c, $Wireguard::settings{'CLIENT_POOL'})) {
$tdcolor="style='background-color: $Header::colourwg; color:white;'";
return;
}
}
}
#VPN networks
if ($nettype eq 'ovpn_n2n_src' || $nettype eq 'ovpn_n2n_tgt' || $nettype eq 'ovpn_net_src' || $nettype eq 'ovpn_net_tgt'|| $nettype eq 'ovpn_host_src' || $nettype eq 'ovpn_host_tgt'){

10
html/cgi-bin/fwhosts.cgi
View File

@@ -1965,6 +1965,13 @@ sub getcolor
}
}
# WireGuard Roadwarrior
if ($Wireguard::settings{'CLIENT_POOL'}) {
if (&Network::ip_address_in_network($sip, $Wireguard::settings{'CLIENT_POOL'})) {
return "<font style='color: $Header::colourwg;'>$c</font>"
}
}
#Check if IP is part of OpenVPN dynamic subnet
my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'});
if (&General::IpInSubnet($sip,$a,$b)){
@@ -3036,6 +3043,9 @@ sub getipforgroup
&General::readhash("${General::swroot}/ethernet/settings",\%hash);
return $hash{'ORANGE_NETADDRESS'}."/".&Network::convert_netmask2prefix($hash{'ORANGE_NETMASK'}) || $hash{'ORANGE_NETMASK'};
}
if ($name eq "WGRW") {
return $Wireguard::settings{'CLIENT_POOL'};
}
if ($name eq 'ALL'){
return "0.0.0.0/0";
}