webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Some bugfixes for the outgoing fw and grouping feature.

Browse Source
This commit is contained in:
Christian Schmidt
2010-09-03 12:25:41 +02:00
parent 1498017b64
commit bd4ea3c25b
8 changed files with 29 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
config/outgoingfw/outgoingfw.pl
View File

@@ -2,7 +2,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2005-2010 IPTifre Team #
# Copyright (C) 2005-2010 IPFire Team #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -164,6 +164,7 @@ foreach $configentry (sort @configs)
@SOURCE = `cat /var/ipfire/outgoing/groups/ipgroups/$configline[2]`;
} elsif ( -e "/var/ipfire/outgoing/groups/macgroups/$configline[2]" ) {
@SOURCE = `cat /var/ipfire/outgoing/groups/macgroups/$configline[2]`;
$configline[2] = "mac";
}
$DEV = "";
}
@@ -188,7 +189,7 @@ foreach $configentry (sort @configs)
if ( $SOURCE eq "" ){next;}
if ( $configline[6] ne "" ){
if ( $configline[6] ne "" || $configline[2] eq 'mac' ){
$SOURCE =~ s/[^a-zA-Z0-9]/:/gi;
$CMD = "/sbin/iptables -A OUTGOINGFWMAC -m mac --mac-source $SOURCE -d $DESTINATION -p $PROTO";
} else {

4
html/cgi-bin/ids.cgi
View File

@@ -264,11 +264,11 @@ if (-e "/etc/snort/snort.conf") {
if ($snortsettings{'RULES'} eq 'subscripted') {
#$url="http://dl.snort.org/sub-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}";
$url=" http://www.snort.org/reg-rules/snortrules-snapshot-2860_s.tar.gz/$snortsettings{'OINKCODE'}";
$url=" http://www.snort.org/reg-rules/snortrules-snapshot-2861_s.tar.gz/$snortsettings{'OINKCODE'}";
#$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8_s.tar.gz";
} elsif ($snortsettings{'RULES'} eq 'registered') {
#$url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=$snortsettings{'OINKCODE'}";
$url=" http://www.snort.org/reg-rules/snortrules-snapshot-2860.tar.gz/$snortsettings{'OINKCODE'}";
$url=" http://www.snort.org/reg-rules/snortrules-snapshot-2861.tar.gz/$snortsettings{'OINKCODE'}";
#$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz";
} else {
$url="http://www.emergingthreats.net/rules/emerging.rules.tar.gz";

16
html/cgi-bin/outgoingfw.cgi
View File

@@ -567,13 +567,13 @@ END
if ($p2pline[2] eq 'on') {
print <<END
<input type='hidden' name='ACTION' value='disable' />
<input type='image' name='submit' src='/images/stock_ok.png' alt='$Lang::tr{'outgoingfw p2p allow'}' title='$Lang::tr{'outgoingfw p2p allow'}'/>
<input type='image' name='submit' src='/images/stock_ok.png' alt='$Lang::tr{'outgoing firewall p2p allow'}' title='$Lang::tr{'outgoing firewall p2p allow'}'/>
END
;
} else {
print <<END
<input type='hidden' name='ACTION' value='enable' />
<input type='image' name='submit' src='/images/stock_stop.png' alt='$Lang::tr{'outgoingfw p2p deny'}' title='$Lang::tr{'outgoingfw p2p deny'}' />
<input type='image' name='submit' src='/images/stock_stop.png' alt='$Lang::tr{'outgoing firewall p2p deny'}' title='$Lang::tr{'outgoing firewall p2p deny'}' />
END
;
}
@@ -584,7 +584,7 @@ END
}
print <<END
</table>
<br />$Lang::tr{'outgoingfw p2p description 1'} <img src='/images/stock_ok.png' align='absmiddle' alt='$Lang::tr{'outgoingfw p2p deny'}'> $Lang::tr{'outgoingfw p2p description 2'} <img src='/images/stock_stop.png' align='absmiddle' alt='$Lang::tr{'outgoingfw p2p deny'}'> $Lang::tr{'outgoingfw p2p description 3'}
<br />$Lang::tr{'outgoing firewall p2p description 1'} <img src='/images/stock_ok.png' align='absmiddle' alt='$Lang::tr{'outgoing firewall p2p deny'}'> $Lang::tr{'outgoing firewall p2p description 2'} <img src='/images/stock_stop.png' align='absmiddle' alt='$Lang::tr{'outgoing firewall p2p deny'}'> $Lang::tr{'outgoing firewall p2p description 3'}
END
;
&Header::closebox();
@@ -594,9 +594,9 @@ END
print <<END
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<table width='100%'>
<tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 0:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoingfw mode0'}</td></tr>
<tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 1:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoingfw mode1'}</td></tr>
<tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 2:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoingfw mode2'}</td></tr>
<tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 0:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoing firewall mode0'}</td></tr>
<tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 1:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoing firewall mode1'}</td></tr>
<tr><td width='10%' align='left'><b>$Lang::tr{'mode'} 2:</b><td width='90%' align='left' colspan='2'>$Lang::tr{'outgoing firewall mode2'}</td></tr>
<tr><td colspan='3'><hr /></td></tr>
<tr><td width='10%' align='left'> <select name='POLICY' style="width: 85px"><option value='MODE0' $selected{'POLICY'}{'MODE0'}>$Lang::tr{'mode'} 0</option><option value='MODE1' $selected{'POLICY'}{'MODE1'}>$Lang::tr{'mode'} 1</option><option value='MODE2' $selected{'POLICY'}{'MODE2'}>$Lang::tr{'mode'} 2</option></select>
<td width='45%' align='left'><input type='submit' name='ACTION' value=$Lang::tr{'save'} />
@@ -605,7 +605,7 @@ END
;
if ($outfwsettings{'POLICY'} ne 'MODE0') {
print <<END
$Lang::tr{'outgoingfw reset'}: <input type='submit' name='ACTION' value=$Lang::tr{'reset'} />
$Lang::tr{'outgoing firewall reset'}: <input type='submit' name='ACTION' value=$Lang::tr{'reset'} />
END
;
}
@@ -705,7 +705,7 @@ END
</optgroup>
</select>
</td>
<td align='right' colspan='4'><font color='red'>$Lang::tr{'outgoingfw warning'}</font></td>
<td align='right' colspan='4'><font color='red'>$Lang::tr{'outgoing firewall warning'}</font></td>
</tr>
<tr>
<td align='right' colspan='4' >$Lang::tr{'source ip or net'}<img src='/blob.gif' /></td>

8
html/cgi-bin/outgoinggrp.cgi
View File

@@ -84,6 +84,10 @@ if ($outgrpsettings{'ACTION'} eq 'newipgroup')
if ( -e "$configpath/macgroups/$outgrpsettings{'ipgroup'}" ){
$errormessage = "$Lang::tr{'outgoing firewall group error'}";
} elsif ( $outgrpsettings{'ipgroup'} eq "all" || $outgrpsettings{'ipgroup'} eq "red" || $outgrpsettings{'ipgroup'} eq "blue" ||
$outgrpsettings{'ipgroup'} eq "green" || $outgrpsettings{'ipgroup'} eq "orange" || $outgrpsettings{'ipgroup'} eq "ip" ||
$outgrpsettings{'ipgroup'} eq "mac" || $outgrpsettings{'ipgroup'} eq "ovpn" || $outgrpsettings{'ipgroup'} eq "ipsec" ) {
$errormessage = "$Lang::tr{'outgoing firewall reserved groupname'}";
} else {
open (FILE, ">$configpath/ipgroups/$outgrpsettings{'ipgroup'}") or die "Can't save $outgrpsettings{'ipgroup'} settings $!";
flock (FILE, 2);
@@ -101,6 +105,10 @@ if ($outgrpsettings{'ACTION'} eq 'newmacgroup')
if ( -e "$configpath/ipgroups/$outgrpsettings{'macgroup'}" ){
$errormessage = "$Lang::tr{'outgoing firewall group error'}";
} elsif ( $outgrpsettings{'macgroup'} eq "all" || $outgrpsettings{'macgroup'} eq "red" || $outgrpsettings{'macgroup'} eq "blue" ||
$outgrpsettings{'macgroup'} eq "green" || $outgrpsettings{'macgroup'} eq "orange" || $outgrpsettings{'macgroup'} eq "ip" ||
$outgrpsettings{'macgroup'} eq "mac" || $outgrpsettings{'macgroup'} eq "ovpn" || $outgrpsettings{'macgroup'} eq "ipsec" ) {
$errormessage = "$Lang::tr{'outgoing firewall reserved groupname'}";
} else {
open (FILE, ">$configpath/macgroups/$outgrpsettings{'macgroup'}") or die "Can't save $outgrpsettings{'macgroup'} settings $!";
flock (FILE, 2);

3
langs/de/cgi-bin/de.pl
View File

@@ -22,7 +22,8 @@
'ConnSched scheduled actions' => 'Geplante Aktionen',
'ConnSched scheduler' => 'Scheduler',
'ConnSched select profile' => 'Wähle Profil',
'outgoingfw warning' => 'Nur die Auswahl Quell IP / MAC aktiviert diese',
'outgoing firewall warning' => 'Nur die Auswahl Quell IP / MAC aktiviert diese',
'outgoing firewall outgoing firewall reserved groupname' => 'Bitte einen anderen Gruppennamen verwenden, dieser ist ein reserviertes Wort.',
'ConnSched time' => 'Zeit:',
'ConnSched up' => 'Hoch',
'ConnSched weekdays' => 'Wochentage:',

3
langs/en/cgi-bin/en.pl
View File

@@ -19,7 +19,8 @@
'ConnSched ipsecstop' => 'IPSec stop',
'ConnSched reconnect' => 'Reconnect',
'ConnSched scheduled actions' => 'Scheduled actions',
'outgoingfw warning' => 'Not selecting source ip or mac ignores them',
'outgoing firewall warning' => 'Not selecting source ip or mac ignores them',
'outgoing firewall outgoing firewall reserved groupname' => 'Please use another group name, this name is reserved.',
'ConnSched scheduler' => 'Scheduler',
'ConnSched select profile' => 'Select profile',
'modify' => 'Modify',

3
langs/es/cgi-bin/es.pl
View File

@@ -18,7 +18,8 @@
'ConnSched ipsecstop' => 'Detener IPSec',
'ConnSched reconnect' => 'Reconectar',
'ConnSched scheduled actions' => 'Acciones planificadas',
'outgoingfw warning' => 'No seleccionar ip origen o mac las ignora',
'outgoing firewall warning' => 'No seleccionar ip origen o mac las ignora',
'outgoing firewall outgoing firewall reserved groupname' => 'Por favor, utilice otro nombre de grupo, este nombre está reservado',
'ConnSched scheduler' => 'Planificador',
'ConnSched select profile' => 'Elegir Perfil',
'modify' => 'Modificar',

3
langs/fr/cgi-bin/fr.pl
View File

@@ -18,7 +18,8 @@
'ConnSched ipsecstart' => 'IPSec (re)démarrage',
'ConnSched ipsecstop' => 'IPSec arrêt',
'ConnSched reconnect' => 'Reconnecter',
'outgoingfw warning' => 'Ne pas choisir IP source ou Mac ignore les',
'outgoing firewall warning' => 'Ne pas choisir IP source ou Mac ignore les',
'outgoing firewall outgoing firewall reserved groupname' => 'S il vous plaît utilisez un autre nom de groupe, ce nom est réservé.',
'ConnSched scheduled actions' => 'Actions planifiées',
'ConnSched scheduler' => 'Planificateur',
'ConnSched select profile' => 'Sélectionner profil',