.
* All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
##|+PRIV
##|*IDENT=page-firewall-aliases
##|*NAME=Firewall: Aliases
##|*DESCR=Allow access to the 'Firewall: Aliases' page.
##|*MATCH=firewall_aliases.php*
##|-PRIV
require_once("guiconfig.inc");
require_once("functions.inc");
require_once("filter.inc");
require_once("shaper.inc");
if (!is_array($config['aliases']['alias'])) {
$config['aliases']['alias'] = array();
}
$a_aliases = &$config['aliases']['alias'];
$tab = ($_REQUEST['tab'] == "" ? "ip" : preg_replace("/\W/", "", $_REQUEST['tab']));
if ($_POST) {
if ($_POST['apply']) {
$retval = 0;
/* reload all components that use aliases */
$retval |= filter_configure();
if ($retval == 0) {
clear_subsystem_dirty('aliases');
}
}
}
if ($_GET['act'] == "del") {
if ($a_aliases[$_GET['id']]) {
/* make sure rule is not being referenced by any nat or filter rules */
$is_alias_referenced = false;
$referenced_by = false;
$alias_name = $a_aliases[$_GET['id']]['name'];
// Firewall rules
find_alias_reference(array('filter', 'rule'), array('source', 'address'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('filter', 'rule'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('filter', 'rule'), array('source', 'port'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('filter', 'rule'), array('destination', 'port'), $alias_name, $is_alias_referenced, $referenced_by);
// NAT Rules
find_alias_reference(array('nat', 'rule'), array('source', 'address'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'rule'), array('source', 'port'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'rule'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'rule'), array('destination', 'port'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'rule'), array('target'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'rule'), array('local-port'), $alias_name, $is_alias_referenced, $referenced_by);
// NAT 1:1 Rules
//find_alias_reference(array('nat', 'onetoone'), array('external'), $alias_name, $is_alias_referenced, $referenced_by);
//find_alias_reference(array('nat', 'onetoone'), array('source', 'address'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'onetoone'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by);
// NAT Outbound Rules
find_alias_reference(array('nat', 'outbound', 'rule'), array('source', 'network'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'outbound', 'rule'), array('sourceport'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'outbound', 'rule'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'outbound', 'rule'), array('dstport'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('nat', 'outbound', 'rule'), array('target'), $alias_name, $is_alias_referenced, $referenced_by);
// Alias in an alias
find_alias_reference(array('aliases', 'alias'), array('address'), $alias_name, $is_alias_referenced, $referenced_by);
// Load Balancer
find_alias_reference(array('load_balancer', 'lbpool'), array('port'), $alias_name, $is_alias_referenced, $referenced_by);
find_alias_reference(array('load_balancer', 'virtual_server'), array('port'), $alias_name, $is_alias_referenced, $referenced_by);
// Static routes
find_alias_reference(array('staticroutes', 'route'), array('network'), $alias_name, $is_alias_referenced, $referenced_by);
if ($is_alias_referenced == true) {
$delete_error = sprintf(gettext("Cannot delete alias. Currently in use by %s."), htmlspecialchars($referenced_by));
} else {
if (preg_match("/urltable/i", $a_aliases[$_GET['id']]['type'])) {
// this is a URL table type alias, delete its file as well
unlink_if_exists("/var/db/aliastables/" . $a_aliases[$_GET['id']]['name'] . ".txt");
}
unset($a_aliases[$_GET['id']]);
if (write_config()) {
filter_configure();
mark_subsystem_dirty('aliases');
}
header("Location: firewall_aliases.php?tab=" . $tab);
exit;
}
}
}
function find_alias_reference($section, $field, $origname, &$is_alias_referenced, &$referenced_by) {
global $config;
if (!$origname || $is_alias_referenced) {
return;
}
$sectionref = &$config;
foreach ($section as $sectionname) {
if (is_array($sectionref) && isset($sectionref[$sectionname])) {
$sectionref = &$sectionref[$sectionname];
} else {
return;
}
}
if (is_array($sectionref)) {
foreach ($sectionref as $itemkey => $item) {
$fieldfound = true;
$fieldref = &$sectionref[$itemkey];
foreach ($field as $fieldname) {
if (is_array($fieldref) && isset($fieldref[$fieldname])) {
$fieldref = &$fieldref[$fieldname];
} else {
$fieldfound = false;
break;
}
}
if ($fieldfound && $fieldref == $origname) {
$is_alias_referenced = true;
if (is_array($item)) {
$referenced_by = $item['descr'];
}
break;
}
}
}
}
$tab_array = array();
$tab_array[] = array(gettext("IP"), ($tab == "ip" ? true : ($tab == "host" ? true : ($tab == "network" ? true : false))), "/firewall_aliases.php?tab=ip");
$tab_array[] = array(gettext("Ports"), ($tab == "port"? true : false), "/firewall_aliases.php?tab=port");
$tab_array[] = array(gettext("URLs"), ($tab == "url"? true : false), "/firewall_aliases.php?tab=url");
$tab_array[] = array(gettext("All"), ($tab == "all"? true : false), "/firewall_aliases.php?tab=all");
foreach ($tab_array as $dtab) {
if ($dtab[1] == true) {
$bctab = $dtab[0];
break;
}
}
$pgtitle = array(gettext("Firewall"), gettext("Aliases"), $bctab);
$pglinks = array("", "firewall_aliases.php", "@self");
$shortcut_section = "aliases";
include("head.inc");
if ($delete_error) {
print_info_box($delete_error, 'danger');
}
if ($_POST['apply']) {
print_apply_result_box($retval);
}
if (is_subsystem_dirty('aliases')) {
print_apply_box(gettext("The alias list has been changed.") . "
" . gettext("The changes must be applied for them to take effect."));
}
display_top_tabs($tab_array);
?>
=gettext("Name")?> | =gettext("Values")?> | =gettext("Description")?> | =gettext("Actions")?> |
---|---|---|---|
=htmlspecialchars($alias['name'])?> |
";
} else {
if (is_array($alias["aliasurl"])) {
$aliasurls = implode(", ", array_slice($alias["aliasurl"], 0, 10));
echo $aliasurls;
if (count($aliasurls) > 10) {
echo "… "; } echo " \n"; } $tmpaddr = explode(" ", $alias['address']); $addresses = implode(", ", array_slice($tmpaddr, 0, 10)); echo $addresses; if (count($tmpaddr) > 10) { echo '…'; } } ?> |
=htmlspecialchars($alias['descr'])?> | " href="firewall_aliases_edit.php?id==$i?>"> " href="?act=del&tab==$tab?>&id==$i?>"> |