diff options
Diffstat (limited to 'usr/local/www/firewall_aliases_edit.php')
-rwxr-xr-x | usr/local/www/firewall_aliases_edit.php | 84 |
1 files changed, 66 insertions, 18 deletions
diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index 115ee92..1b0a194 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -106,12 +106,11 @@ if (isset($id) && $a_aliases[$id]) { if($ifdesc == $pconfig['descr']) $input_errors[] = sprintf(gettext("Sorry, an interface is already named %s."), $pconfig['descr']); - if($a_aliases[$id]['type'] == "urltable") { + if(preg_match("/urltable/i", $a_aliases[$id]['type'])) { $pconfig['address'] = $a_aliases[$id]['url']; $pconfig['updatefreq'] = $a_aliases[$id]['updatefreq']; } if($a_aliases[$id]['aliasurl'] <> "") { - $pconfig['type'] = "url"; if(is_array($a_aliases[$id]['aliasurl'])) $pconfig['address'] = implode(" ", $a_aliases[$id]['aliasurl']); else @@ -166,7 +165,7 @@ if ($_POST) { $final_address_details = array(); $alias['name'] = $_POST['name']; - if ($_POST['type'] == "urltable") { + if (preg_match("/urltable/i", $_POST['type'])) { $address = ""; $isfirst = 0; @@ -190,7 +189,7 @@ if ($_POST) { else $final_address_details[] = sprintf(gettext("Entry added %s"), date('r')); } - } elseif($_POST['type'] == "url") { + } else if ($_POST['type'] == "url" || $_POST['type'] == "url_ports") { $isfirst = 0; $address_count = 2; @@ -202,14 +201,15 @@ if ($_POST) { $isfirst = 0; $temp_filename = tempnam("{$g['tmp_path']}/", "alias_import"); unlink($temp_filename); - $fda = fopen("{$g['tmp_path']}/tmpfetch","w"); - fwrite($fda, "/usr/bin/fetch -q -o \"{$temp_filename}/aliases\" \"" . $_POST['address' . $x] . "\""); - fclose($fda); + $verify_ssl = isset($config['system']['checkaliasesurlcert']); mwexec("/bin/mkdir -p {$temp_filename}"); - mwexec("/usr/bin/fetch -q -o \"{$temp_filename}/aliases\" \"" . $_POST['address' . $x] . "\""); + download_file($_POST['address' . $x], $temp_filename . "/aliases", $verify_ssl); + /* if the item is tar gzipped then extract */ if(stristr($_POST['address' . $x], ".tgz")) process_alias_tgz($temp_filename); + else if(stristr($_POST['address' . $x], ".zip")) + process_alias_unzip($temp_filename); if (!isset($alias['aliasurl'])) $alias['aliasurl'] = array(); @@ -234,7 +234,12 @@ if ($_POST) { $tmp = trim($tmp_split[0]); } $tmp = trim($tmp); - if(!empty($tmp) && (is_ipaddr($tmp) || is_subnet($tmp))) { + if ($_POST['type'] == "url") + $is_valid = (is_ipaddr($tmp) || is_subnet($tmp)); + else + $is_valid = (is_port($tmp) || is_portrange($tmp)); + + if (!empty($tmp) && $is_valid) { $address[] = $tmp; $isfirst = 1; $address_count++; @@ -252,6 +257,8 @@ if ($_POST) { } } } + if ($_POST['type'] == "url_ports") + $address = group_ports($address); } else { /* item is a normal alias type */ $wrongaliases = ""; @@ -262,7 +269,7 @@ if ($_POST) { if (!alias_same_type($_POST["address{$x}"], $_POST['type'])) // But alias type network can include alias type urltable. Feature#1603. if (!($_POST['type'] == 'network' && - alias_get_type($_POST["address{$x}"]) == 'urltable')) + preg_match("/urltable/i", alias_get_type($_POST["address{$x}"])))) $wrongaliases .= " " . $_POST["address{$x}"]; } else if ($_POST['type'] == "port") { if (!is_port($_POST["address{$x}"])) @@ -372,7 +379,7 @@ if ($_POST) { { $pconfig['name'] = $_POST['name']; $pconfig['descr'] = $_POST['descr']; - if ($_POST['type'] == 'url') + if (($_POST['type'] == 'url') || ($_POST['type'] == 'url_ports')) $pconfig['address'] = implode(" ", $alias['aliasurl']); else $pconfig['address'] = implode(" ", $address); @@ -441,8 +448,23 @@ function typesel_change() { eval(comd); } break; - - case 4: /* urltable */ + case 4: /* url_ports */ + var cmd; + newrows = totalrows; + for(i=0; i<newrows; i++) { + comd = 'document.iform.address_subnet' + i + '.disabled = 1;'; + eval(comd); + } + break; + case 5: /* urltable */ + var cmd; + newrows = totalrows; + for(i=0; i<newrows; i++) { + comd = 'document.iform.address_subnet' + i + '.disabled = 0;'; + eval(comd); + } + break; + case 6: /* urltable_ports */ var cmd; newrows = totalrows; for(i=0; i<newrows; i++) { @@ -470,15 +492,19 @@ $hosts_str = gettext("Host(s)"); $ip_str = gettext("IP"); $ports_str = gettext("Port(s)"); $port_str = gettext("Port"); -$url_str = gettext("URL"); -$urltable_str = gettext("URL Table"); +$url_str = gettext("URL (IPs)"); +$url_ports_str = gettext("URL (Ports)"); +$urltable_str = gettext("URL Table (IPs)"); +$urltable_ports_str = gettext("URL Table (Ports)"); $update_freq_str = gettext("Update Freq."); $networks_help = gettext("Networks are specified in CIDR format. Select the CIDR mask that pertains to each entry. /32 specifies a single IPv4 host, /128 specifies a single IPv6 host, /24 specifies 255.255.255.0, /64 specifies a normal IPv6 network, etc. Hostnames (FQDNs) may also be specified, using a /32 mask for IPv4 or /128 for IPv6. You may also enter an IP range such as 192.168.1.1-192.168.1.254 and a list of CIDR networks will be derived to fill the range."); $hosts_help = gettext("Enter as many hosts as you would like. Hosts must be specified by their IP address or fully qualified domain name (FQDN). FQDN hostnames are periodically re-resolved and updated. If multiple IPs are returned by a DNS query, all are used."); $ports_help = gettext("Enter as many ports as you wish. Port ranges can be expressed by seperating with a colon."); $url_help = sprintf(gettext("Enter as many URLs as you wish. After saving %s will download the URL and import the items into the alias. Use only with small sets of IP addresses (less than 3000)."), $g['product_name']); +$url_ports_help = sprintf(gettext("Enter as many URLs as you wish. After saving %s will download the URL and import the items into the alias. Use only with small sets of Ports (less than 3000)."), $g['product_name']); $urltable_help = sprintf(gettext("Enter a single URL containing a large number of IPs and/or Subnets. After saving %s will download the URL and create a table file containing these addresses. This will work with large numbers of addresses (30,000+) or small numbers."), $g['product_name']); +$urltable_ports_help = sprintf(gettext("Enter a single URL containing a list of Port numbers and/or Port ranges. After saving %s will download the URL."), $g['product_name']); $openvpn_str = gettext("Username"); $openvpn_user_str = gettext("OpenVPN Users"); @@ -518,6 +544,13 @@ function update_box_type() { document.getElementById ("threecolumn").firstChild.data = "{$description_str}"; document.getElementById ("itemhelp").firstChild.data = "{$url_help}"; document.getElementById ("addrowbutton").style.display = 'block'; + } else if(selected == '{$url_ports_str}') { + document.getElementById ("addressnetworkport").firstChild.data = "{$url_ports_str}"; + document.getElementById ("onecolumn").firstChild.data = "{$url_ports_str}"; + document.getElementById ("twocolumn").firstChild.data = ""; + document.getElementById ("threecolumn").firstChild.data = "{$description_str}"; + document.getElementById ("itemhelp").firstChild.data = "{$url_ports_help}"; + document.getElementById ("addrowbutton").style.display = 'block'; } else if(selected == '{$openvpn_user_str}') { document.getElementById ("addressnetworkport").firstChild.data = "{$openvpn_user_str}"; document.getElementById ("onecolumn").firstChild.data = "{$openvpn_str}"; @@ -538,6 +571,19 @@ function update_box_type() { document.getElementById ("threecolumn").style.display = 'none'; document.getElementById ("itemhelp").firstChild.data = "{$urltable_help}"; document.getElementById ("addrowbutton").style.display = 'none'; + } else if(selected == '{$urltable_ports_str}') { + if ((typeof(totalrows) == "undefined") || (totalrows < 1)) { + addRowTo('maintable', 'formfldalias'); + typesel_change(); + add_alias_control(this); + } + document.getElementById ("addressnetworkport").firstChild.data = "{$url_str}"; + document.getElementById ("onecolumn").firstChild.data = "{$url_str}"; + document.getElementById ("twocolumn").firstChild.data = "{$update_freq_str}"; + document.getElementById ("threecolumn").firstChild.data = ""; + document.getElementById ("threecolumn").style.display = 'none'; + document.getElementById ("itemhelp").firstChild.data = "{$urltable_ports_help}"; + document.getElementById ("addrowbutton").style.display = 'none'; } } //]]> @@ -584,7 +630,7 @@ EOD; <form action="firewall_aliases_edit.php" method="post" name="iform" id="iform"> <?php if (empty($tab)) { - if ($pconfig['type'] == 'urltable') + if (preg_match("/url/i", $pconfig['type'])) $tab = 'url'; else if ($pconfig['type'] == 'host') $tab = 'ip'; @@ -630,8 +676,10 @@ if (empty($tab)) { <option value="network" <?php if ($pconfig['type'] == "network") echo "selected=\"selected\""; ?>><?=gettext("Network(s)"); ?></option> <option value="port" <?php if ($pconfig['type'] == "port") echo "selected=\"selected\""; ?>><?=gettext("Port(s)"); ?></option> <!--<option value="openvpn" <?php if ($pconfig['type'] == "openvpn") echo "selected=\"selected\""; ?>><?=gettext("OpenVPN Users"); ?></option> --> - <option value="url" <?php if ($pconfig['type'] == "url") echo "selected=\"selected\""; ?>><?=gettext("URL");?></option> - <option value="urltable" <?php if ($pconfig['type'] == "urltable") echo "selected=\"selected\""; ?>><?=gettext("URL Table"); ?></option> + <option value="url" <?php if ($pconfig['type'] == "url") echo "selected=\"selected\""; ?>><?=gettext("URL (IPs)");?></option> + <option value="url_ports" <?php if ($pconfig['type'] == "url_ports") echo "selected=\"selected\""; ?>><?=gettext("URL (Ports)");?></option> + <option value="urltable" <?php if ($pconfig['type'] == "urltable") echo "selected=\"selected\""; ?>><?=gettext("URL Table (IPs)"); ?></option> + <option value="urltable_ports" <?php if ($pconfig['type'] == "urltable_ports") echo "selected=\"selected\""; ?>><?=gettext("URL Table (Ports)"); ?></option> </select> </td> </tr> |