sync IPFire fwhosts.cgi
commit 2398cc431a3fb2cd4141b6a846f0cd0742f6a97c
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu Sep 25 17:05:32 2025 +0200
fwhosts.cgi: Escape PROT in the right place
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit ad995081302f6b28ea11c74e56306d94a7bee076
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu Sep 25 17:02:18 2025 +0200
fwhosts.cgi: Check country code before proceeding
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit a2c624b99dbcecb469e6001505731049ef5cbbd3
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Thu Sep 25 13:12:37 2025 +0200
fwhosts.cgi Fix for bug 13876 & bug 13877
Fixes: Bug 13876 savelocationgrp COUNTRY_CODE Stored Cross-Site Scripting
Fixes: Bug 13877 saveservice PROT Stored Cross-Site Scripting
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 798556ec29207d5131a7600d5489f1ee92a7b87a
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon Jun 23 17:16:57 2025 +0000
fwhosts.cgi: Move the tooltip into the usage counter
This will clutter the page less as we don't have any good icon sets.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 61b277aa9c578a9a69e552f593a8bde421b811bc
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon Jun 23 17:16:56 2025 +0000
fwhosts.cgi: Don't show anything if a host/group is unused
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit ca811a746a79f0e02cfb780cbd4543a057131e3a
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon Jun 23 17:16:55 2025 +0000
fwhosts.cgi: Remove whitespace issues
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 5511d94ed0d8ea6fd372d52cba515b4d6726abed
Author: Peer Dietzmann <dietzmann@brecht-schule.hamburg>
Date: Mon Jun 23 17:16:54 2025 +0000
fwhosts.cgi: Show in which firewall rule objects are being used
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 341eb00a821c4254ddd04968beed2e98e5a33aff
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat May 3 15:10:16 2025 +0200
fwhosts.cgi: Correctly show IP addresses for WireGuard RW peers
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
missing set_defaults sub result in error when generate
flash image during build after add wireguard UI
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
BPFire red0 does not support multicast, need to
have unicast peer configured, then the virtual
ipaddress can be added to red0 interface.
the UI requires /var/ipfire/keepalived/runsettings
/var/ipfire/keepalived/settings to be created, so
add them lfs/configroot
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
since we added loxilb ip management to add ip on
red0 interface, we can select the virtual ip from
red0 interface.
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
- The fix for bug #12428 removed spaces from the validhostname subroutine as hostnames are
not supposed to have spaces
- This resulted in spaces no longer being allowed for the Static IP Address Pools names
- New subroutine created called validccdname. This allows letters, upper and lower case,
numbers, spaces and dashes
Fixes: Bug #12865
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
This patch fixes two wrong translations now used by the new
user manual links feature and removes an abandoned constant.
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Tested-by: Bernhard Bitsch <bbitsch@ipfire.org>
this functions was removed from speed.cgi by reading kernel netowrk
statistics instead of parsing ip -s show ...
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
include general-functions.pl load and initialize many subfunctions that are not
needed by speed.cgi which was executed very often.
So this reduce the system load significant if webif was open in browser
and ajax-speed display enabled.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
An error message is still shown although there is no option to disable
DNSSEC at the moment. The old marker file could still be present on
older machines.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
In some cases iptables logs the protocol number instead of the name.
When accessing the logs via the WUI, this number has been displayed as used
protocol, which is very hard to read and understand.
This commit adds a new function to the general-functions.pl, which
generates a hash to translate the protocol number into the protocol
name.
Fixes#11282.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Perl seems to just "guess" that someone no longer wants to use the
builtin "system" command when there is a function with the same name.
I have no idea what kind of liquid they are drinking, but because of the
side effects of that stuff, we explicitely call our system() function.
Not that that would be necessary, but why not waste a couple more CPU
cycles?
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Patch of general-functions.pl for implementation of fix provided
by Bernhard Bitsch in bug #12428.
Had to be modified as that fix gave a failure for single character hostnames.
Updated version prevents spaces being put into hostnames and works for single
character hostnames
- Updated subroutine validfqdn to apply consistent rules for hostname & domain name
portions of fqdn
- Minor updates for consistency across validhostname, validdomainname & validfqdn
- Patch implemented into testbed system and confirmed working for hostnames, domain names
and FQDN's.
Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
There is not enough stuff that it is justified to have an own file.
This patch therefore merges everything into general-functions.pl.
There are no functional changes.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This function can be used to convert an amount of bytes to a
humand-readable format.
For example "3221225472" will become "3MB".
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This function simply return an array of all used nameservers.
It also takes care if the usage of ISP assigned nameservers
is enabled or not and if user-added nameservers are enabled or not.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Using IPFire's Mailservice does not allow to enter a senders mail address with the underscore.
The function used to verify that is used from general-functions.pl.
Now the function 'validemail' allows the underscore in the address.
Fixes: #12070
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This accidientially dropped all lines that include #. That resulted
in colour codes not being loaded from file any more.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
I added a function to determine the number of cores.
Now the number of squid processes will be equal to the number of logical cores.
Further I removed the possibility of changing the number
of squid processes in the proxy.cgi
Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: root <root@ipfire.test>
Fixes: #11278
When creating networks which are part of an internal network, there was an errormessage displayed and the creation was prohibited.
Now it is possible to create such subnets. This is used at own risk! Users have to take care of the firewallrule sequence.
It is possible to create situations that are not wanted.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This reverts commit ff6cc71107.
This patch causes that no new networks can be created and
an error message is shown that the created network is the GREEN
network which is incorrect.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
In firewallgroups it was not possible to create new networks that are subnets of
IPFire internal networks. Now this is possible for all internal networks.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
We now check all allowed chars in the address before the @ sign.
The domainpart after the '@' sign is just checked for valid chars, so that user@ipfire is valid, too
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The new Locale-Country version needs to be loaded and used by specifing
Locale::Codes::Country since an upstream API change. Adjusting various perl
scripts to use the module in the proper way again.
This function will return the full name a country specified by
it's country shortcut. It also will provide some additional names
which are not handled by the perl locale module but are parts of
ISO 3166.
The function validdomainname checks that each part of a domain name is at least
2 characters in length, but RFC1035 only makes a restriction on a "label" being
at most 63 characters in length. This change allows reverse DNS zones like
2.168.192.in-addr.arpa to be added to the DNS forward configuration, which was
incorrectly prevented before.
Signed-off-by: Axel Gembe <ago@multipixs.com>
The state of some code especially in general-functions.pl
is in such a bad shape and faulty.
This is a first step that replaces some of the network
functions with those who have been tested and work for
undefined inputs.
The old functions have been left in place as stubs
and must be removed at some time.
