|
1
|
#!/usr/local/bin/php
|
|
2
|
<?php
|
|
3
|
/* $Id$ */
|
|
4
|
/*
|
|
5
|
firewall_aliases_edit.php
|
|
6
|
Copyright (C) 2004 Scott Ullrich
|
|
7
|
All rights reserved.
|
|
8
|
|
|
9
|
originially part of m0n0wall (http://m0n0.ch/wall)
|
|
10
|
Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
|
|
11
|
All rights reserved.
|
|
12
|
|
|
13
|
Redistribution and use in source and binary forms, with or without
|
|
14
|
modification, are permitted provided that the following conditions are met:
|
|
15
|
|
|
16
|
1. Redistributions of source code must retain the above copyright notice,
|
|
17
|
this list of conditions and the following disclaimer.
|
|
18
|
|
|
19
|
2. Redistributions in binary form must reproduce the above copyright
|
|
20
|
notice, this list of conditions and the following disclaimer in the
|
|
21
|
documentation and/or other materials provided with the distribution.
|
|
22
|
|
|
23
|
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
|
24
|
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
|
25
|
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
26
|
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
|
27
|
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
28
|
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
29
|
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
30
|
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
31
|
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
32
|
POSSIBILITY OF SUCH DAMAGE.
|
|
33
|
*/
|
|
34
|
|
|
35
|
require("guiconfig.inc");
|
|
36
|
|
|
37
|
if (!is_array($config['aliases']['alias']))
|
|
38
|
$config['aliases']['alias'] = array();
|
|
39
|
|
|
40
|
aliases_sort();
|
|
41
|
$a_aliases = &$config['aliases']['alias'];
|
|
42
|
|
|
43
|
$id = $_GET['id'];
|
|
44
|
if (isset($_POST['id']))
|
|
45
|
$id = $_POST['id'];
|
|
46
|
|
|
47
|
if (isset($id) && $a_aliases[$id]) {
|
|
48
|
$pconfig['name'] = $a_aliases[$id]['name'];
|
|
49
|
$addresses = explode(' ', $a_aliases[$id]['address']);
|
|
50
|
if (is_array($addresses))
|
|
51
|
$address = $addresses[0];
|
|
52
|
else
|
|
53
|
$address = $addresses;
|
|
54
|
list($pconfig['address'],$pconfig['address_subnet']) =
|
|
55
|
explode('/', $address);
|
|
56
|
if ($pconfig['address_subnet'])
|
|
57
|
$pconfig['type'] = "network";
|
|
58
|
else
|
|
59
|
if (is_ipaddr($pconfig['address']))
|
|
60
|
$pconfig['type'] = "host";
|
|
61
|
else
|
|
62
|
$pconfig['type'] = "port";
|
|
63
|
|
|
64
|
$pconfig['descr'] = $a_aliases[$id]['descr'];
|
|
65
|
}
|
|
66
|
|
|
67
|
if ($_POST) {
|
|
68
|
|
|
69
|
unset($input_errors);
|
|
70
|
$pconfig = $_POST;
|
|
71
|
|
|
72
|
/* input validation */
|
|
73
|
$reqdfields = explode(" ", "name address");
|
|
74
|
$reqdfieldsn = explode(",", "Name,Address");
|
|
75
|
|
|
76
|
if ($_POST['type'] == "network") {
|
|
77
|
$reqdfields[] = "address_subnet";
|
|
78
|
$reqdfieldsn[] = "Subnet bit count";
|
|
79
|
}
|
|
80
|
|
|
81
|
do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
|
|
82
|
|
|
83
|
$x = is_validaliasname($_POST['name']);
|
|
84
|
if (!isset($x)) {
|
|
85
|
$input_errors[] = "Reserved word used for alias name.";
|
|
86
|
} else {
|
|
87
|
if (is_validaliasname($_POST['name']) == false)
|
|
88
|
$input_errors[] = "The alias name may only consist of the characters a-z, A-Z, 0-9.";
|
|
89
|
}
|
|
90
|
if ($_POST['type'] == "host")
|
|
91
|
if (!is_ipaddr($_POST['address'])) {
|
|
92
|
$input_errors[] = "A valid address must be specified.";
|
|
93
|
}
|
|
94
|
if ($_POST['type'] == "network") {
|
|
95
|
if (!is_ipaddr($_POST['address'])) {
|
|
96
|
$input_errors[] = "A valid address must be specified.";
|
|
97
|
}
|
|
98
|
if (!is_numeric($_POST['address_subnet'])) {
|
|
99
|
$input_errors[] = "A valid subnet bit count must be specified.";
|
|
100
|
}
|
|
101
|
}
|
|
102
|
if ($_POST['type'] == "port")
|
|
103
|
if (!is_port($_POST['address']))
|
|
104
|
$input_errors[] = "The port must be an integer between 1 and 65535.";
|
|
105
|
|
|
106
|
/* check for name conflicts */
|
|
107
|
foreach ($a_aliases as $alias) {
|
|
108
|
if (isset($id) && ($a_aliases[$id]) && ($a_aliases[$id] === $alias))
|
|
109
|
continue;
|
|
110
|
|
|
111
|
if ($alias['name'] == $_POST['name']) {
|
|
112
|
$input_errors[] = "An alias with this name already exists.";
|
|
113
|
break;
|
|
114
|
}
|
|
115
|
}
|
|
116
|
|
|
117
|
if (!$input_errors) {
|
|
118
|
$alias = array();
|
|
119
|
$alias['name'] = $_POST['name'];
|
|
120
|
if ($_POST['type'] == "network")
|
|
121
|
$alias['address'] = $_POST['address'] . "/" . $_POST['address_subnet'];
|
|
122
|
|
|
123
|
else
|
|
124
|
$alias['address'] = $_POST['address'];
|
|
125
|
|
|
126
|
$address = $alias['address'];
|
|
127
|
$isfirst = 0;
|
|
128
|
for($x=0; $x<99; $x++) {
|
|
129
|
$comd = "\$subnet = \$_POST['address" . $x . "'];";
|
|
130
|
eval($comd);
|
|
131
|
$comd = "\$subnet_address = \$_POST['address_subnet" . $x . "'];";
|
|
132
|
eval($comd);
|
|
133
|
if($subnet <> "") {
|
|
134
|
$address .= " ";
|
|
135
|
$address .= $subnet;
|
|
136
|
if($subnet_address <> "") $address .= "/" . $subnet_address;
|
|
137
|
}
|
|
138
|
}
|
|
139
|
|
|
140
|
$alias['address'] = $address;
|
|
141
|
$alias['descr'] = $_POST['descr'];
|
|
142
|
|
|
143
|
if (isset($id) && $a_aliases[$id])
|
|
144
|
$a_aliases[$id] = $alias;
|
|
145
|
else
|
|
146
|
$a_aliases[] = $alias;
|
|
147
|
|
|
148
|
filter_configure();
|
|
149
|
|
|
150
|
write_config();
|
|
151
|
|
|
152
|
header("Location: firewall_aliases.php");
|
|
153
|
exit;
|
|
154
|
}
|
|
155
|
}
|
|
156
|
|
|
157
|
$pgtitle = "System: Firewall: Aliases: Edit";
|
|
158
|
include("head.inc");
|
|
159
|
|
|
160
|
?>
|
|
161
|
|
|
162
|
<script language="JavaScript">
|
|
163
|
<!--
|
|
164
|
function typesel_change() {
|
|
165
|
switch (document.iform.type.selectedIndex) {
|
|
166
|
case 0: /* host */
|
|
167
|
var cmd;
|
|
168
|
document.iform.address_subnet.disabled = 1;
|
|
169
|
document.iform.address_subnet.value = "";
|
|
170
|
document.iform.address_subnet.selected = 0;
|
|
171
|
newrows = totalrows+1;
|
|
172
|
for(i=2; i<newrows; i++) {
|
|
173
|
comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
|
|
174
|
eval(comd);
|
|
175
|
comd = 'document.iform.address_subnet' + i + '.value = "";';
|
|
176
|
eval(comd);
|
|
177
|
}
|
|
178
|
break;
|
|
179
|
case 1: /* network */
|
|
180
|
var cmd;
|
|
181
|
document.iform.address_subnet.disabled = 0;
|
|
182
|
// document.iform.address_subnet.value = "";
|
|
183
|
newrows = totalrows+1;
|
|
184
|
for(i=2; i<newrows; i++) {
|
|
185
|
comd = 'document.iform.address_subnet' + i + '.disabled = 0;';
|
|
186
|
eval(comd);
|
|
187
|
// comd = 'document.iform.address_subnet' + i + '.value = "32";';
|
|
188
|
// eval(comd);
|
|
189
|
}
|
|
190
|
break;
|
|
191
|
case 2: /* port */
|
|
192
|
var cmd;
|
|
193
|
document.iform.address_subnet.disabled = 1;
|
|
194
|
document.iform.address_subnet.value = "";
|
|
195
|
newrows = totalrows+1;
|
|
196
|
for(i=2; i<newrows; i++) {
|
|
197
|
comd = 'document.iform.address_subnet' + i + '.disabled = 1;';
|
|
198
|
eval(comd);
|
|
199
|
comd = 'document.iform.address_subnet' + i + '.value = "32";';
|
|
200
|
eval(comd);
|
|
201
|
}
|
|
202
|
break;
|
|
203
|
}
|
|
204
|
}
|
|
205
|
|
|
206
|
function update_box_type() {
|
|
207
|
var indexNum = document.forms[0].type.selectedIndex;
|
|
208
|
var selected = document.forms[0].type.options[indexNum].text;
|
|
209
|
if(selected == 'Network(s)') {
|
|
210
|
document.getElementById ("addressnetworkport").firstChild.data = "Network(s)";
|
|
211
|
document.getElementById ("address_subnet").visible = true;
|
|
212
|
document.getElementById ("address_subnet").disabled = false;
|
|
213
|
} else if(selected == 'Host(s)') {
|
|
214
|
document.getElementById ("addressnetworkport").firstChild.data = "Host(s)";
|
|
215
|
document.getElementById ("address_subnet").visible = false;
|
|
216
|
document.getElementById ("address_subnet").disabled = true;
|
|
217
|
} else if(selected == 'Port(s)') {
|
|
218
|
document.getElementById ("addressnetworkport").firstChild.data = "Port(s)";
|
|
219
|
document.getElementById ("address_subnet").visible = false;
|
|
220
|
document.getElementById ("address_subnet").disabled = true;
|
|
221
|
}
|
|
222
|
}
|
|
223
|
|
|
224
|
-->
|
|
225
|
</script>
|
|
226
|
|
|
227
|
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
|
|
228
|
<?php include("fbegin.inc"); ?>
|
|
229
|
|
|
230
|
<script type="text/javascript" language="javascript" src="row_helper.js">
|
|
231
|
</script>
|
|
232
|
|
|
233
|
<input type='hidden' name='address_type' value='textbox'></input>
|
|
234
|
<input type='hidden' name='address_subnet_type' value='select'></input>
|
|
235
|
|
|
236
|
<script type="text/javascript" language='javascript'>
|
|
237
|
<!--
|
|
238
|
|
|
239
|
rowname[0] = "address";
|
|
240
|
rowtype[0] = "textbox";
|
|
241
|
|
|
242
|
rowname[1] = "address_subnet";
|
|
243
|
rowtype[1] = "select";
|
|
244
|
|
|
245
|
rowname[2] = "address_subnet";
|
|
246
|
rowtype[2] = "select";
|
|
247
|
-->
|
|
248
|
</script>
|
|
249
|
|
|
250
|
<p class="pgtitle"><?=$pgtitle?></p>
|
|
251
|
<?php if ($input_errors) print_input_errors($input_errors); ?>
|
|
252
|
<form action="firewall_aliases_edit.php" method="post" name="iform" id="iform">
|
|
253
|
<?display_topbar()?>
|
|
254
|
<table width="100%" border="0" cellpadding="6" cellspacing="0">
|
|
255
|
<tr>
|
|
256
|
<td valign="top" class="vncellreq">Name</td>
|
|
257
|
<td class="vtable"> <input name="name" type="text" class="formfld" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>">
|
|
258
|
<br> <span class="vexpl">The name of the alias may only consist
|
|
259
|
of the characters a-z, A-Z and 0-9.</span></td>
|
|
260
|
</tr>
|
|
261
|
<tr>
|
|
262
|
<td width="22%" valign="top" class="vncell">Description</td>
|
|
263
|
<td width="78%" class="vtable"> <input name="descr" type="text" class="formfld" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>">
|
|
264
|
<br> <span class="vexpl">You may enter a description here
|
|
265
|
for your reference (not parsed).</span></td>
|
|
266
|
</tr>
|
|
267
|
<tr>
|
|
268
|
<td valign="top" class="vncellreq">Type</td>
|
|
269
|
<td class="vtable">
|
|
270
|
<select name="type" class="formfld" id="type" onChange="update_box_type(); typesel_change();">
|
|
271
|
<option value="host" <?php if ($pconfig['type'] == "host") echo "selected"; ?>>Host(s)</option>
|
|
272
|
<option value="network" <?php if ($pconfig['type'] == "network") echo "selected"; ?>>Network(s)</option>
|
|
273
|
<option value="port" <?php if ($pconfig['type'] == "port") echo "selected"; ?>>Port(s)</option>
|
|
274
|
</select>
|
|
275
|
</td>
|
|
276
|
</tr>
|
|
277
|
<tr>
|
|
278
|
<td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport" name="addressnetworkport">Host(s)</div></td>
|
|
279
|
<td width="78%" class="vtable">
|
|
280
|
|
|
281
|
|
|
282
|
<table name="maintable" id="maintable">
|
|
283
|
<tbody>
|
|
284
|
|
|
285
|
<?php
|
|
286
|
$counter = 0;
|
|
287
|
$address = $a_aliases[$id]['address'];
|
|
288
|
$item = explode(" ", $address);
|
|
289
|
foreach($item as $ww) {
|
|
290
|
$address = $item[$counter];
|
|
291
|
$address_subnet = "";
|
|
292
|
$item2 = explode("/", $address);
|
|
293
|
foreach($item2 as $current) {
|
|
294
|
if($item2[1] <> "") {
|
|
295
|
$address = $item2[0];
|
|
296
|
$address_subnet = $item2[1];
|
|
297
|
}
|
|
298
|
}
|
|
299
|
if($counter > 0) $tracker = $counter + 1;
|
|
300
|
?>
|
|
301
|
<tr><td> <input name="address<?php echo $tracker; ?>" type="text" class="formfld" id="address<?php echo $tracker; ?>" size="20" value="<?=htmlspecialchars($address);?>"></td><td>
|
|
302
|
<select name="address_subnet<?php echo $tracker; ?>" class="formfld" id="address_subnet<?php echo $tracker; ?>">
|
|
303
|
<option></option>
|
|
304
|
<?php for ($i = 32; $i >= 1; $i--): ?>
|
|
305
|
<option value="<?=$i;?>" <?php if ($i == $address_subnet) echo "selected"; ?>><?=$i;?></option>
|
|
306
|
<?php endfor; ?>
|
|
307
|
</select>
|
|
308
|
<?php
|
|
309
|
if($counter > 0)
|
|
310
|
echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\">";
|
|
311
|
?>
|
|
312
|
|
|
313
|
</td></tr>
|
|
314
|
<?php $counter++; } ?>
|
|
315
|
|
|
316
|
</tbody>
|
|
317
|
</table>
|
|
318
|
<a onClick="javascript:addRowTo('maintable'); typesel_change(); return false;" href="#"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add another entry"></a>
|
|
319
|
</td>
|
|
320
|
</tr>
|
|
321
|
<tr>
|
|
322
|
<td width="22%" valign="top"> </td>
|
|
323
|
<td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save"> <input class="formbtn" type="button" value="Cancel" onclick="history.back()">
|
|
324
|
<?php if (isset($id) && $a_aliases[$id]): ?>
|
|
325
|
<input name="id" type="hidden" value="<?=$id;?>">
|
|
326
|
<?php endif; ?>
|
|
327
|
</td>
|
|
328
|
</tr>
|
|
329
|
</table>
|
|
330
|
</form>
|
|
331
|
<script language="JavaScript">
|
|
332
|
<!--
|
|
333
|
field_counter_js = 2;
|
|
334
|
rows = 1;
|
|
335
|
totalrows = <?php echo $counter; ?>;
|
|
336
|
loaded = <?php echo $counter; ?>;
|
|
337
|
typesel_change();
|
|
338
|
update_box_type();
|
|
339
|
|
|
340
|
//-->
|
|
341
|
</script>
|
|
342
|
<?php include("fend.inc"); ?>
|
|
343
|
</body>
|
|
344
|
</html>
|