Context Navigation

Back to Ticket #669

Ticket #669: avm_fw_20100217.patch.txt

File avm_fw_20100217.patch.txt, 16.3 KB (added by MaxMuster, 5 months ago)

Line
1	Index: make/avm-firewall/files/root/usr/lib/cgi-bin/avm-firewall.cgi
2	===================================================================
3	--- make/avm-firewall/files/root/usr/lib/cgi-bin/avm-firewall.cgi (Revision 4308)
4	+++ make/avm-firewall/files/root/usr/lib/cgi-bin/avm-firewall.cgi (Arbeitskopie)
5	@@ -1,5 +1,5 @@
6	#!/bin/sh
7	-VERSION="2.0.4_rc2"
8	+VERSION="2.0.4_rc3"
9	PATH=/bin:/usr/bin:/sbin:/usr/sbin:/var/mod/sbin
10	CONFIG=/mod/etc/conf/avm-firewall.cfg
11	. /usr/lib/libmodcgi.sh
12	@@ -14,8 +14,10 @@
13
14	sec_begin '$(lang en:"Mode" de:"Ansicht") Firewall / Port Forwarding'
15	cat << EOF
16	-Firewall <input id="id_FW" type="radio" name="fwmode" value="firewall"checked onclick='var fieldsets = document.getElementsByTagName("fieldset");fieldsets[1].style.display = "block"; fieldsets[2].style.display = "block"; fieldsets[3].style.display = "none"; fieldsets[4].style.display = "none";'>
17	-Forwarding <input id="id_FWD" type="radio" name="fwmode" value="fwd" onclick='var fieldsets = document.getElementsByTagName("fieldset");fieldsets[3].style.display = "block"; fieldsets[4].style.display = "block"; fieldsets[1].style.display = "none"; fieldsets[2].style.display = "none";'>
18	+<input id="e1" type="radio" name="fwmode" value="firewall"checked onclick='var fieldsets = document.getElementsByTagName("fieldset");fieldsets[1].style.display = "block"; fieldsets[2].style.display = "block"; fieldsets[3].style.display = "none"; fieldsets[4].style.display = "none";'>
19	+<label for="e1">Firewall</label>
20	+<input id="e2" type="radio" name="fwmode" value="fwd" onclick='var fieldsets = document.getElementsByTagName("fieldset");fieldsets[3].style.display = "block"; fieldsets[4].style.display = "block"; fieldsets[1].style.display = "none"; fieldsets[2].style.display = "none";'>
21	+<label for="e2">Port Forwarding</label>
22
23	EOF
24
25	@@ -34,7 +36,7 @@
26	<td><select id="source_type" onchange='change_iptype(this.value, "id_ssubnet", "id_source"); build_new_rule()' > <option value="any">any</option>
27	<option value="net">net</option> <option value="host">host</option>
28	</select></td>
29	-<td><input type="text" name="source" id="id_source" size="18" maxlength="18" value="any" disabled onblur="build_new_rule()"></td>
30	+<td><input type="text" name="source" id="id_source" size="18" maxlength="18" value="any" disabled onblur="onlynumpoint(this);build_new_rule()"></td>
31	<td>
32
33	EOF
34	@@ -52,7 +54,7 @@
35	<td><select id="dest_type" onchange='change_iptype(this.value, "id_dsubnet", "id_dest"); build_new_rule()'> <option value="any">any</option>
36	<option value="net">net</option> <option value="host">host</option>
37	</select></td>
38	-<td><input type="text" name="dest" id="id_dest" size="18" maxlength="18" value="any" disabled onblur="build_new_rule()"></td>
39	+<td><input type="text" name="dest" id="id_dest" size="18" maxlength="18" value="any" disabled onblur="onlynumpoint(this);build_new_rule()"></td>
40	<td>
41
42	EOF
43	@@ -75,8 +77,8 @@
44	</select> </td>
45	<td colspan=2>
46	<div id="div_port" style="display:none">
47	- (Start-)Port: <input size="5" id="id_sport" title="startport" value="" onblur="build_new_rule()">
48	-     (End-)Port: <input size="5" id="id_eport" title="endport" value="" onblur="build_new_rule()">
49	+ (Start-)Port: <input size="5" id="id_sport" title="startport" value="" onblur="onlynum(this);build_new_rule()">
50	+     (End-)Port: <input size="5" id="id_eport" title="endport" value="" onblur="onlynum(this);build_new_rule()">
51	</div>
52	</td>
53	</tr>
54	@@ -122,7 +124,7 @@
55	<tr border="0"><td style="border-right:0" align="left" id="id_table_title" colspan="3"><font color="red">dslifaces rules lowinput</font></td><td style="border-left:0" align="right" colspan="4" >$(lang en:"<b>Default</b> policy" de:"Implizite <b>Standard</b>-Regel"):
56	<b>Permit</b> <input type="radio" name="default_policy" value="permit" id="id_permit" onclick="policyclick()">   <b>Deny</b> <input type="radio" name="default_policy" value="deny" id="id_deny" onclick="policyclick()"> </td></tr>
57	<tr> <th bgcolor="#bae3ff">#</th> <th bgcolor="#bae3ff">$(lang en:"Source" de:"Quelle")</th> <th bgcolor="#bae3ff">$(lang en:"Destination" de:"Ziel")</th> <th bgcolor="#bae3ff">$(lang en:"Protocol" de:"Protokoll")</th>
58	- <th bgcolor="#bae3ff">Service/Port</th> <th bgcolor="#bae3ff">A$(lang en:"c" de:"k")tion</th> <th bgcolor="#bae3ff">$(lang en:"Configure" de:"Bearbeiten")</th> </tr>
59	+ <th bgcolor="#bae3ff">Service/Port</th> <th bgcolor="#bae3ff">A$(lang en:"c" de:"k")tion</th> <th bgcolor="#bae3ff">$(lang en:"  Configure  " de:"  Bearbeiten  ")</th> </tr>
60	EOF
61	row=0
62	while [ $row -lt 50 ]; do
63	@@ -155,18 +157,18 @@
64	</select> </td>
65	<td></td>
66	<td><div id="div_fwdsport">
67	-    (Start-)Port: <input size="5" id="id_fwd_in_sport" title="startport" value="22" onblur="(fdsport=this.value);build_new_fwdrule()">
68	-    (End-)Port: <input type="text" size="5" id="id_fwd_in_eport" title="endport" value="" onblur="fdeport=this.value;build_new_fwdrule()" >
69	+    (Start-)Port: <input size="5" id="id_fwd_in_sport" title="startport" value="22" onblur="onlynum(this);(fdsport=this.value);build_new_fwdrule()">
70	+    (End-)Port: <input type="text" size="5" id="id_fwd_in_eport" title="endport" value="" onblur="onlynum(this);fdeport=this.value;build_new_fwdrule()" >
71	</div></td>
72	</tr>
73	<tr><td>$(lang en:"Destination" de:"Ziel"): </td><td>
74	<select id="id_fwddest_type" onchange='(fddtype=this.value); build_new_fwdrule()'>
75	<option value="fritz">Fritz!Box</option> <option value="host">host</option>
76	</select></td>
77	-<td>  <input type="text" disabled="disabled" id="id_fwddest" size="15" maxlength="15" value="0.0.0.0" onblur="fddest=this.value;build_new_fwdrule()">
78	+<td>  <input type="text" disabled="disabled" id="id_fwddest" size="15" maxlength="15" value="0.0.0.0" onblur="onlynumpoint(this); fddest=this.value;build_new_fwdrule()">
79	</div></td>
80	<td>
81	-<div id="div_fwddport" style="display:inline">     (Start-)Port: <input type="text" size="5" id='id_fwd_out_sport' value='22' onblur='fdoport=this.value;build_new_fwdrule()'>
82	+<div id="div_fwddport" style="display:inline">     (Start-)Port: <input type="text" size="5" id='id_fwd_out_sport' value='22' onblur='onlynum(this);fdoport=this.value;build_new_fwdrule()'>
83	</div>
84	</td>
85	</tr>
86	@@ -256,6 +258,14 @@
87	Init_FWDTable();
88	build_new_fwdrule();
89
90	+function onlynum(elem){
91	+ elem.value=elem.value.replace(/[^0-9]+/g,'');
92	+}
93	+
94	+function onlynumpoint(elem){
95	+ elem.value=elem.value.replace(/[^0-9\.]+/g,'');
96	+}
97	+
98	function split_fwdrules(){
99	count=0;
100	while ( allfwdrules[count]){
101	@@ -417,21 +427,21 @@
102
103	function build_new_rule(){
104	elem_proto=document.getElementById("id_proto");
105	- tmp=document.getElementById("id_action").value + " " + elem_proto.value.replace(/\s+/g,"") + " ";
106	+ tmp=document.getElementById("id_action").value + " " + elem_proto.value + " ";
107	switch ( document.getElementById("source_type").value ){
108	- case "host": tmp += "host " + document.getElementById("id_source").value.replace(/\s+/g,"") + " "; break;
109	- case "net": tmp += document.getElementById("id_source").value.replace(/\s+/g,"") + " "+ document.getElementById("id_ssubnet").value + " "; break;
110	+ case "host": tmp += "host " + document.getElementById("id_source").value + " "; break;
111	+ case "net": tmp += document.getElementById("id_source").value + " "+ document.getElementById("id_ssubnet").value + " "; break;
112	case "any": tmp += "any " ; break;
113	}
114	switch ( document.getElementById("dest_type").value ){
115	- case "host": tmp += "host " + document.getElementById("id_dest").value.replace(/\s+/g,""); break;
116	- case "net": tmp += document.getElementById("id_dest").value.replace(/\s+/g,"") + " "+ document.getElementById("id_dsubnet").value; break;
117	+ case "host": tmp += "host " + document.getElementById("id_dest").value; break;
118	+ case "net": tmp += document.getElementById("id_dest").value + " "+ document.getElementById("id_dsubnet").value; break;
119	case "any": tmp += "any" ; break;
120	}
121	if ( elem_proto.value.charAt(0) != "i" ){
122	- eport = document.getElementById("id_eport").value.replace(/\s+/g,"") ;
123	+ eport = document.getElementById("id_eport").value ;
124	if ( eport != "" ) { tmp += " range "} else { tmp += " eq "} ;
125	- tmp += document.getElementById("id_sport").value.replace(/\s+/g,"") ;
126	+ tmp += document.getElementById("id_sport").value ;
127	if ( eport !="" ) { tmp += " " + eport } ;
128	}
129	else {
130	@@ -555,8 +565,34 @@
131	EOF
132	sec_end
133	cat << EOF
134	-<font size="1">$(lang en:"\"Defaults\" will load AVM default firewall rules (only loads into this GUI, use \"Apply\" to save them)" de:"\"Standard\" lädt AVM Default-Regeln in die GUI. Zum Speichern \"Übernehmen\"-Knopf drücken").</font><br />
135	<input type="hidden" name="do_activate" value=""></font>
136	-$(lang en:"Saving will <b>not</b> activate new rules by default! <b>Check to activate rules when saving:</b>" de:"Regeln werden beim Speichern standardmäßig <b>nicht</b> aktiviert! <b>Zum Aktivieren hier klicken:</b>") <input type="checkbox" value="yes" name="do_activate" >
137	-<img src="../images/blink!.gif" title="Attention!" valign="center">   <font size="1">$(lang en:"(Sometimes box will reboot!)" de:"(Kann zum Reboot führen!)")</font>
138	+$(lang en:"Saving will <b>not</b> activate rules or new dsld switches by default! To be safe, just save settings here and then reboot your box." de:"Regelwerk und dsld Schalter werden standardmäßig <b>nicht</b> aktiviert! Das Sicherste ist, nach dem Speichern die Box zu rebooten.") <br />
139	+$(lang en:"You may try to restart the daemons listed below:" de:"Aktivierung ist auch per Neustart von AVM-Dienste möglich. ")
140	+<img src="../images/blink!.gif" title="Attention!" valign="center">   <b>$(lang en:"This might crash your box or even restore factory defaults!" de:"Kann zum Absturz oder sogar zum Werksreset führen!")</b>   <img src="../images/blink!.gif" title="Attention!" valign="center">
141	+<table width="100%" border=0>
142	+<colgroup>
143	+ <col width="25%">
144	+ <col width="25%">
145	+ <col width="25%">
146	+ <col width="25%">
147	+</colgroup>
148	+<tr align=center>
149	+<td><input type="radio" value="y" name="do_activate" > </td>
150	+<td><input type="radio" value="dsld" name="do_activate" > </td>
151	+<td><input type="radio" value="ctlmgr" name="do_activate" > </td>
152	+<td><input type="radio" value="dsld_ctlmgr" name="do_activate" > </td></tr>
153	+<tr align=center>
154	+<td>$(lang en:"Activate forwardings" de:"Forwardings aktivieren")</td>
155	+<td>$(lang en:"Activate rules and dsld switches" de:"Regeln und dsld-Schalter aktivieren")</td>
156	+<td>$(lang en:"Upate AVM GUI" de:"AVM-GUI aktualisieren")</td>
157	+<td>$(lang en:"both" de:"Beides")</td></tr>
158	+<tr align=center>
159	+<td><font size=1>(SIGHUP dsld)</font></td>
160	+<td><font size=1>(Restart dsld)</font></td>
161	+<td><font size=1>(HUP dsld + Restart ctlmgr)</font></td>
162	+<td><font size=1>(Restart dsld $(lang en:"and" de:"und") ctlmgr)</font></td></tr>
163	+</table>
164	+<p><font size=1>$(lang en:"Some explanations: If you do not restart <i>ctlmgr</i>, AVM services are not aware of the changes. So any other change made in the regular AVM GUI might reverse the settings you made here. To activate port forwardings, it is sufficient to send <i>HUP</i> signal to <i>dsld</i>, to activate firewall rules or the <i>dsld</i> switches, <i>dsld</i> has to be restated" de:"Kurze Erklärung: Wenn <i>ctlmgr</i> nicht neu gestartet wird, sind die hier gemachten Änderungen für die AVM Dienste nicht erkennbar. Jede Änderung in der AVM GUI kann deshalb die hier gemachten Einstellungen überschreiben. Um Portweiterleitungen zu aktivieren reicht es, ein <i>HUP</i> Signal an den <i>dsld</i> zu schicken. Um die Firewall-Regeln zu aktivieren oder veränderte <i>dsld</i> Schalter muss <i>dsld</i> neu gestartet werden")</font></p>
165	+<br /><font size="1">$(lang en:"\"Defaults\" will load AVM default firewall rules (only loads into this GUI, use \"Apply\" to save them)" de:"\"Standard\" lädt AVM Default-Regeln in die GUI. Zum Speichern \"Übernehmen\"-Knopf drücken").</font><br />
166	EOF
167	+
168	Index: make/avm-firewall/files/root/etc/init.d/rc.avm-firewall
169	===================================================================
170	--- make/avm-firewall/files/root/etc/init.d/rc.avm-firewall (Revision 4308)
171	+++ make/avm-firewall/files/root/etc/init.d/rc.avm-firewall (Arbeitskopie)
172	@@ -68,14 +68,9 @@
173	esac
174
175	start() {
176	- if [ ! -r "/mod/etc/conf/$DAEMON.cfg" ]; then
177	- echo "Error[$DAEMON]: not configured" 1>&2
178	- exit 1
179	- fi
180	-
181	if ` grep "gui" /mod/etc/conf/avm-firewall.cfg `; then
182	echo "`sed -e "s/\gui\//g" $CONFIG`" > $CONFIG
183	- echo "Saving new firewall rules..."
184	+ echo -n "Saving new firewall rules... "
185
186	# Die LI-Accesslist (vorne "Spaces", dann die "Rules" ans Ende ", letzte Zeile "; )
187	TMPACCL="" && [ -n "$AVM_FIREWALL_RULESTABLE_LI" ] && TMPACCL="$RET$ACCL$RET"`echo "$AVM_FIREWALL_RULESTABLE_LI" \| sed "s/^/$SPACES\"/ ; s%$..$[ ]$/\.\/$[ ]$%\1\", \2 % ; $ s/, /;/"`
188	@@ -90,56 +85,33 @@
189
190	# echte ar7.cfg schreiben
191	cat $REALCOPY > $REAL
192	- if [ "$AVM_FIREWALL_DO_ACTIVATE" == "yes" ]; then
193	- echo "Requested activation of rule set. Restarting dsld ..."
194	- eval dsld -s
195	- eval ctlmgr -s
196	- sleep 1
197	- killall -9 dsld 2> /dev/null
198	- killall -9 ctlmgr 2> /dev/null
199	- ctlmgr
200	- [ "$AVM_FIREWALL_LOG_DROPPED" != "yes" ] && LOGG="-n" \|\| LOGG=""
201	- if [ "$AVM_FIREWALL_LOG" == "yes" ]; then
202	- dsld $LOGG -D AVM_FW
203	- else
204	- dsld $LOGG
205	- fi
206	- echo "done";
207	- fi
208	else
209	echo "ERROR: Can only used by GUI."
210	fi
211	}
212
213	-stop () {
214	- echo "Stoping firewall is not possible. Firewall is running by AVM per default."
215	- exit 1
216	-}
217	-
218	case "$1" in
219	+ ""\|load)
220	+ modreg cgi $DAEMON AVM-Firewall
221	+ modreg daemon --hide avm-firewall
222	+ ;;
223	+ unload)
224	+ stop
225	+ modunreg cgi $DAEMON
226	+ modunreg daemon avm-firewall
227	+ ;;
228	start)
229	start
230	;;
231	stop)
232	- stop
233	;;
234	restart)
235	start
236	;;
237	status)
238	- echo 'running'
239	;;
240	- ""\|load)
241	- modreg cgi $DAEMON AVM-Firewall
242	- modreg daemon --disable avm-firewall
243	- ;;
244	- unload)
245	- stop
246	- modunreg cgi $DAEMON
247	- modunreg daemon avm-firewall
248	- ;;
249	*)
250	- echo "Usage: $0 [start\|stop\|restart\|status]" 1>&2
251	+ echo "Usage: $0 [load\|unload\|start\|stop\|restart\|status]" 1>&2
252	exit 1
253	;;
254	esac
255	Index: make/avm-firewall/files/root/etc/default.avm-firewall/avm-firewall.save
256	===================================================================
257	--- make/avm-firewall/files/root/etc/default.avm-firewall/avm-firewall.save (Revision 0)
258	+++ make/avm-firewall/files/root/etc/default.avm-firewall/avm-firewall.save (Revision 0)
259	@@ -0,0 +1,41 @@
260	+pkg_apply_save()
261	+{
262	+ /mod/etc/init.d/rc.avm-firewall restart
263	+}
264	+
265	+pkg_apply_def()
266	+{
267	+ /mod/etc/init.d/rc.avm-firewall restart
268	+}
269	+
270	+pkg_post_save()
271	+{
272	+ [ -f /mod/etc/conf/avm-firewall.cfg ] && . /mod/etc/conf/avm-firewall.cfg
273	+ if $(echo "$AVM_FIREWALL_DO_ACTIVATE" \| grep -q dsld ) ; then
274	+ [ "$AVM_FIREWALL_LOG_DROPPED" != "yes" ] && LOGD="-n" \|\| LOGD=""
275	+ [ "$AVM_FIREWALL_LOG" == "yes" ] && LOG ="-D AVM_FW" \|\| LOG=""
276	+ echo -n "Restarting dsld ... "
277	+ dsld -s
278	+ sleep 1
279	+ killall -9 dsld 2> /dev/null
280	+ echo -n "dsld stopped ... "
281	+ . /var/env.cache
282	+ dsld $LOGD $LOG > /dev/null 2>&1
283	+ echo "dsld startet"
284	+ else
285	+ if [ "$AVM_FIREWALL_DO_ACTIVATE" ]; then
286	+ echo 'Sending "SIGHUP" to dsld'
287	+ dsld -I > /dev/null 2>&1
288	+ fi
289	+ fi
290	+ if $(echo "$AVM_FIREWALL_DO_ACTIVATE" \| grep -q ctlmgr) ; then
291	+ echo -n "Restarting ctlmgr ... "
292	+ ctlmgr -s
293	+ sleep 1
294	+ killall -9 ctlmgr 2> /dev/null
295	+ echo -n "ctlmgr stopped ... "
296	+ . /var/env.cache
297	+ ctlmgr 2>&1
298	+ echo "ctlmgr startet"
299	+ fi
300	+}
301	Index: make/avm-firewall/Config.in
302	===================================================================
303	--- make/avm-firewall/Config.in (Revision 4308)
304	+++ make/avm-firewall/Config.in (Arbeitskopie)
305	@@ -1,5 +1,5 @@
306	config FREETZ_PACKAGE_AVM_FIREWALL
307	- bool "AVM-firewall 2.0.4_rc2"
308	+ bool "AVM-firewall 2.0.4_rc3"
309	depends on !FREETZ_REMOVE_DSLD
310	default n
311
312	Index: make/avm-firewall/avm-firewall.mk
313	===================================================================
314	--- make/avm-firewall/avm-firewall.mk (Revision 4308)
315	+++ make/avm-firewall/avm-firewall.mk (Arbeitskopie)
316	@@ -1,4 +1,4 @@
317	-$(call PKG_INIT_BIN, 2.0.4_rc2)
318	+$(call PKG_INIT_BIN, 2.0.4_rc3)
319	$(PKG)_STARTLEVEL=40
320
321	$(PKG_UNPACKED)

Download in other formats:

Original Format