From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject:
 Re: [PATCH] firewall.cgi: Map rule if manual target address belongs to IPFire
Date: Sat, 17 Jul 2021 13:15:28 +0100
Message-ID: <6F86A4FB-90BC-41C8-A354-3F7EB81B8DE8@ipfire.org>
In-Reply-To: <20210716171528.2652-1-stefan.schantl@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4228325025916689018=="
List-Id: <development.lists.ipfire.org>

--===============4228325025916689018==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

> On 16 Jul 2021, at 18:15, Stefan Schantl <stefan.schantl(a)ipfire.org> wrot=
e:
>=20
> Automatically map the rule target if a manual entered target address is
> assigned to a network zone.
>=20
> Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
> ---
> html/cgi-bin/firewall.cgi | 33 +++++++++++++++++++++++++++++++++
> 1 file changed, 33 insertions(+)
>=20
> diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
> index e50a98179..e168788eb 100644
> --- a/html/cgi-bin/firewall.cgi
> +++ b/html/cgi-bin/firewall.cgi
> @@ -213,6 +213,7 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule')
> 	&General::readhasharray("$configfwdfw", \%configfwdfw);
> 	&General::readhasharray("$configinput", \%configinputfw);
> 	&General::readhasharray("$configoutgoing", \%configoutgoingfw);
> +	&General::readhash("/var/ipfire/ethernet/settings", \%netsettings);
> 	my $maxkey;
> 	#Set Variables according to the JQuery code in protocol section
> 	if ($fwdfwsettings{'PROT'} eq 'TCP' || $fwdfwsettings{'PROT'} eq 'UDP')
> @@ -231,6 +232,38 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule')
> 	{
> 		$fwdfwsettings{'USESRV'} =3D 'ON';
> 	}
> +
> +	# Check if a manual target IP is one of the IPFire's addresses.
> +	if ($fwdfwsettings{'grp2'} eq 'tgt_addr') {
> +		# Grab all available network zones.
> +		my @network_zones =3D &Network::get_available_network_zones();
> +
> +		# Loop through the array of network zones.
> +		foreach my $zone (@network_zones) {
> +			# Skip red network zone.
> +			next if $zone eq "red";
> +
> +			# Convert current zone name into upper case.
> +			$zone =3D uc($zone);
> +
> +			# Generate key to access the required data from the netsettings hash.
> +			my $key =3D $zone . "_ADDRESS";
> +
> +			# Obtain the configured address for the current zone from the netsettin=
gs hash.
> +			my $zone_address =3D $netsettings{$key};
> +
> +			# Check if the given address and the current processed zone address are=
 the same.
> +			if ($fwdfwsettings{$fwdfwsettings{'grp2'}} eq $zone_address) {
> +				# Map the type and target.
> +				$fwdfwsettings{'grp2'} =3D 'ipfire';
> +				$fwdfwsettings{$fwdfwsettings{'grp2'}} =3D $zone;
> +
> +				# End loop.
> +				last;
> +			}
> +		}
> +	}
> +
> 	$errormessage=3D&checksource;
> 	if(!$errormessage){&checktarget;}
> 	if(!$errormessage){&checkrule;}
> --=20
> 2.30.2
>=20


--===============4228325025916689018==--