Changeset 4337

Timestamp:

20.02.2010 17:54:04 (5 months ago)

Author:

oliver

Message:

• avm-firewall: Following r4251 we have to include /var/env.cache if we want to restart AVMs ctlmgr from webinterface otherwise it will do a factory reset
  • add buttons to finetune restart behaviour of daemons
  • by MaxMuster (refs #669)

Location:

trunk/make/avm-firewall/files/root

Files:

• etc/default.avm-firewall/avm-firewall.save (added)
• etc/init.d/rc.avm-firewall (modified) (3 diffs)
• usr/lib/cgi-bin/avm-firewall.cgi (modified) (3 diffs)

trunk/make/avm-firewall/files/root/etc/init.d/rc.avm-firewall

@@ -68 +68 @@
 esac
 
-start() {
-        if [ ! -r "/mod/etc/conf/$DAEMON.cfg" ]; then
-                echo "Error[$DAEMON]: not configured" 1>&2
-                exit 1
-        fi
-
+save() {
+        modlib_loadconfig
+        
         if ` grep "*gui*" /mod/etc/conf/avm-firewall.cfg `; then
                 echo "`sed -e "s/\*gui\*//g" $CONFIG`" > $CONFIG
-                echo "Saving new firewall rules..."
+                echo -n "Saving new firewall rules... "
 
                 # Die LI-Accesslist (vorne "Spaces", dann die "Rules" ans Ende ", letzte Zeile "; )
@@ -91 +88 @@
                 # echte ar7.cfg schreiben
                 cat $REALCOPY > $REAL
-                if [ "$AVM_FIREWALL_DO_ACTIVATE" == "yes" ]; then
-                        echo "Requested activation of rule set. Restarting dsld ..."
-                        eval dsld -s
-                        eval ctlmgr -s
-                        sleep 1
-                        killall -9 dsld 2> /dev/null
-                        killall -9 ctlmgr 2> /dev/null
-                        ctlmgr
-                        [ "$AVM_FIREWALL_LOG_DROPPED" != "yes" ] && LOGG="-n" || LOGG=""
-                        if [ "$AVM_FIREWALL_LOG" == "yes" ]; then
-                                dsld $LOGG -D AVM_FW 
-                        else 
-                                dsld $LOGG
-                        fi
-                        echo "done";
-                fi
+                echo "done."
         else
-                echo "ERROR: Can only used by GUI."
+                echo "ERROR: Can only be used by GUI."
         fi
 }
 
-stop () {
-        echo "Stoping firewall is not possible. Firewall is running by AVM per default."
-        exit 1
-}
-
 case "$1" in
-        start)
-                start
-                ;;
-        stop)
-                stop
-                ;;
-        restart)
-                start
-                ;;
-        status)
-                echo 'running'
-                ;;
         ""|load)
                 modreg cgi $DAEMON AVM-Firewall
-                modreg daemon --disable avm-firewall
+                modreg daemon --hide avm-firewall
                 ;;
         unload)
@@ -139 +104 @@
                 modunreg daemon avm-firewall
                 ;;
+        start)
+                ;;
+        stop)
+                ;;
+        restart)
+                ;;
+        status)
+                ;;
+        save)
+                save
+                ;;
         *)
-                echo "Usage: $0 [start|stop|restart|status]" 1>&2
+                echo "Usage: $0 [load|unload|start|stop|restart|save|status]" 1>&2
                 exit 1
                 ;;

trunk/make/avm-firewall/files/root/usr/lib/cgi-bin/avm-firewall.cgi

@@ -15 +15 @@
 sec_begin '$(lang en:"Mode" de:"Ansicht") Firewall / Port Forwarding'
 cat << EOF
-Firewall <input id="id_FW" type="radio" name="fwmode" value="firewall"checked onclick='var fieldsets = document.getElementsByTagName("fieldset");fieldsets[1].style.display = "block"; fieldsets[2].style.display = "block"; fieldsets[3].style.display = "none"; fieldsets[4].style.display = "none";'>
-Forwarding <input id="id_FWD" type="radio" name="fwmode" value="fwd" onclick='var fieldsets = document.getElementsByTagName("fieldset");fieldsets[3].style.display = "block"; fieldsets[4].style.display = "block"; fieldsets[1].style.display = "none"; fieldsets[2].style.display = "none";'>
+<input id="e1" type="radio" name="fwmode" value="firewall"checked onclick='var fieldsets = document.getElementsByTagName("fieldset");fieldsets[1].style.display = "block"; fieldsets[2].style.display = "block"; fieldsets[3].style.display = "none"; fieldsets[4].style.display = "none";'>
+<label for="e1">Firewall</label>
+<input id="e2" type="radio" name="fwmode" value="fwd" onclick='var fieldsets = document.getElementsByTagName("fieldset");fieldsets[3].style.display = "block"; fieldsets[4].style.display = "block"; fieldsets[1].style.display = "none"; fieldsets[2].style.display = "none";'>
+<label for="e2">Port Forwarding</label>
 
 EOF
@@ -123 +125 @@
  &nbsp; <b>Permit</b> <input type="radio" name="default_policy" value="permit" id="id_permit" onclick="policyclick()"> &nbsp; <b>Deny</b> <input type="radio" name="default_policy" value="deny" id="id_deny" onclick="policyclick()"> </td></tr> 
     <tr> <th bgcolor="#bae3ff">#</th> <th bgcolor="#bae3ff">$(lang en:"Source" de:"Quelle")</th> <th bgcolor="#bae3ff">$(lang en:"Destination" de:"Ziel")</th> <th bgcolor="#bae3ff">$(lang en:"Protocol" de:"Protokoll")</th>
-    <th bgcolor="#bae3ff">Service/Port</th> <th bgcolor="#bae3ff">A$(lang en:"c" de:"k")tion</th> <th bgcolor="#bae3ff">$(lang en:"Configure" de:"Bearbeiten")</th> </tr>
+    <th bgcolor="#bae3ff">Service/Port</th> <th bgcolor="#bae3ff">A$(lang en:"c" de:"k")tion</th> <th bgcolor="#bae3ff">$(lang en:"&nbsp;&nbsp;Configure&nbsp;&nbsp;" de:"&nbsp;&nbsp;Bearbeiten&nbsp;&nbsp;")</th> </tr>
 EOF
 row=0
@@ -565 +567 @@
 <font size="1">$(lang en:"\"Defaults\" will load AVM default firewall rules (only loads into this GUI, use \"Apply\" to save them)" de:"\"Standard\" l&auml;dt AVM Default-Regeln in die GUI. Zum Speichern \"&Uuml;bernehmen\"-Knopf dr&uuml;cken").</font><br />
 <input type="hidden" name="do_activate" value=""></font>
-$(lang en:"Saving will <b>not</b> activate new rules by default! <b>Check to activate rules when saving:</b>" de:"Regeln werden beim Speichern standardm&auml;&szlig;ig <b>nicht</b> aktiviert! <b>Zum Aktivieren hier klicken:</b>") <input type="checkbox" value="yes" name="do_activate" >
-<img src="../images/blink!.gif" title="Attention!" valign="center"> &nbsp; <font size="1">$(lang en:"(Sometimes box will reboot!)" de:"(Kann zum Reboot f&uuml;hren!)")</font>
-EOF
+$(lang en:"Saving will <b>not</b> activate rules or new dsld switches by default! <b>To do so, some daemoms have to be restarted:</b>" de:"Regelwerk und dsld Schalter werden standardm&auml;&szlig;ig <b>nicht</b> aktiviert!  Dazu m&uuml;ssen AVM-Dienste neu gestartet werden:") <br />
+<img src="../images/blink!.gif" title="Attention!" valign="center"> &nbsp; <b>$(lang en:"This might crash your box or even restore factory defaults!" de:"Das kann zum Absturz oder sogar zum Werksreset f&uuml;hren!")</b>
+<table width="100%" border=0>
+<colgroup>
+    <col width="25%">
+    <col width="25%">
+    <col width="25%">
+    <col width="25%">
+</colgroup>
+<tr  align=center>
+<td><input type="radio" value="y" name="do_activate" > </td>
+<td><input type="radio" value="dsld" name="do_activate" > </td>
+<td><input type="radio" value="ctlmgr" name="do_activate" > </td>
+<td><input type="radio" value="dsld_ctlmgr" name="do_activate" > </td></tr>
+<tr align=center>
+<td>$(lang en:"Activate forwardings" de:"Forwardings aktivieren")</td>
+<td>$(lang en:"Firewall and dsld-Switches" de:"Firewall und dsld-Schalter ")</td>
+<td>$(lang en:"Upate AVM GUI" de:"AVM-GUI aktualisieren")</td>
+<td>$(lang en:"both" de:"Beides")</td></tr>
+<tr  align=center>
+<td><font size=1>(SIGHUP dsld)</font></td>
+<td><font size=1>(Restart dsld)</font></td>
+<td><font size=1>(SIGHUP dsld $(lang en:"and" de:"und") restart ctlmgr)</font></td>
+<td><font size=1>(Restart dsld $(lang en:"and" de:"und") ctlmgr)</font></td></tr>
+</table>
+EOF
+