From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, fifteen, updated. 30491c6ac70ce55d4bfbcec5aee6096808b3c193
Date: Sat, 11 Jan 2014 13:08:36 +0100 [thread overview]
Message-ID: <20140111120836.76D05211F2@argus.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 28775 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, fifteen has been updated
via 30491c6ac70ce55d4bfbcec5aee6096808b3c193 (commit)
via 68e89a2f2828084bbe7a8fa15a16ae9626d4c74e (commit)
via 8c252e6aa83f0a45d248dc59ae2bbc2ca717b229 (commit)
via 7d44bfeef1614ca2ae0e60ddd020f004a3f3b071 (commit)
via f536ab266173dd7d6ec5ddd984e0a458c1aedbc2 (commit)
via aeefcc9caa329cfd1ca8b8cdafdc845aab7507b2 (commit)
via 82f7d1b4d8f2d504ed750da549416a1110814cc6 (commit)
from b5890e73693cb323b115cf5245964177cb902f64 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 30491c6ac70ce55d4bfbcec5aee6096808b3c193
Merge: 68e89a2 b5890e7
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Jan 11 13:08:27 2014 +0100
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen
Conflicts:
html/html/themes/ipfire/include/css/style.css
commit 68e89a2f2828084bbe7a8fa15a16ae9626d4c74e
Merge: 8c252e6 0f9894a
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Jan 11 12:46:56 2014 +0100
Merge branch 'fifteen' of ssh://git.ipfire.org/pub/git/ipfire-2.x into fifteen
commit 8c252e6aa83f0a45d248dc59ae2bbc2ca717b229
Author: Erik Kapfer <erik.kapfer(a)ipfire.org>
Date: Sat Jan 11 12:38:53 2014 +0100
OpenVPN: Check if port is smaller than 1024.
Bug #10459.
commit 7d44bfeef1614ca2ae0e60ddd020f004a3f3b071
Author: Alexander Marx <amarx(a)ipfire.org>
Date: Sat Jan 11 06:05:29 2014 +0100
changes pagetitle in vpnmain.cgi
commit f536ab266173dd7d6ec5ddd984e0a458c1aedbc2
Author: Alexander Marx <amarx(a)ipfire.org>
Date: Sat Jan 11 05:51:44 2014 +0100
language changes in Menu and on statuspage (index.cgi)
commit aeefcc9caa329cfd1ca8b8cdafdc845aab7507b2
Author: Alexander Marx <amarx(a)ipfire.org>
Date: Sat Jan 11 05:30:46 2014 +0100
Firewall: modified firewall-groups so that they can be empty even if used in rules
Now one can create a group, use it in a rule and then delete every entry
from the group. (The firewallrule then will be displayed yellow and
disabled).
commit 82f7d1b4d8f2d504ed750da549416a1110814cc6
Author: Alexander Marx <amarx(a)ipfire.org>
Date: Sat Jan 11 05:32:16 2014 +0100
Edited stylecss so that TR:first-child td {} has a top border (for firewall rulecreation)
-----------------------------------------------------------------------
Summary of changes:
config/menu/40-services.menu | 2 +-
config/menu/50-firewall.menu | 2 +-
html/cgi-bin/firewall.cgi | 24 +++++-
html/cgi-bin/fwhosts.cgi | 111 ++++++++++++++++----------
html/cgi-bin/index.cgi | 2 +-
html/cgi-bin/ovpnmain.cgi | 26 +++++-
html/cgi-bin/p2p-block.cgi | 0
html/cgi-bin/shutdown.cgi | 0
html/cgi-bin/tor.cgi | 0
html/cgi-bin/vpnmain.cgi | 20 ++---
html/html/themes/ipfire/include/css/style.css | 2 +-
langs/de/cgi-bin/de.pl | 7 +-
langs/en/cgi-bin/en.pl | 5 +-
13 files changed, 133 insertions(+), 68 deletions(-)
mode change 100755 => 100644 html/cgi-bin/firewall.cgi
mode change 100755 => 100644 html/cgi-bin/p2p-block.cgi
mode change 100755 => 100644 html/cgi-bin/shutdown.cgi
mode change 100755 => 100644 html/cgi-bin/tor.cgi
Difference in files:
diff --git a/config/menu/40-services.menu b/config/menu/40-services.menu
index 9901e8f..2f4d96e 100644
--- a/config/menu/40-services.menu
+++ b/config/menu/40-services.menu
@@ -1,5 +1,5 @@
$subservices->{'10.ipsec'} = {
- 'caption' => 'IPSec',
+ 'caption' => $Lang::tr{'ipsec'},
'uri' => '/cgi-bin/vpnmain.cgi',
'title' => "$Lang::tr{'virtual private networking'}",
'enabled' => 1,
diff --git a/config/menu/50-firewall.menu b/config/menu/50-firewall.menu
index 8bc66f9..ce6fd9d 100644
--- a/config/menu/50-firewall.menu
+++ b/config/menu/50-firewall.menu
@@ -17,7 +17,7 @@
'enabled' => 1,
};
$subfirewall->{'40.p2p'} = {
- 'caption' => 'P2P-Block',
+ 'caption' => $Lang::tr{'p2p block'},
'uri' => '/cgi-bin/p2p-block.cgi',
'title' => "P2P-Block",
'enabled' => 1,
diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
old mode 100755
new mode 100644
index ceaab56..7ffe59c
--- a/html/cgi-bin/firewall.cgi
+++ b/html/cgi-bin/firewall.cgi
@@ -1050,7 +1050,7 @@ END
if (! -z $configgrp || $optionsfw{'SHOWDROPDOWN'} eq 'on'){
print"<tr><td valign='top'><input type='radio' name='$grp' id='cust_grp_$srctgt' value='cust_grp_$srctgt' $checked{$grp}{'cust_grp_'.$srctgt}></td><td >$Lang::tr{'fwhost cust grp'}</td><td align='right'><select name='cust_grp_$srctgt' style='width:200px;'>";
foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } keys %customgrp) {
- if($helper ne $customgrp{$key}[0]){
+ if($helper ne $customgrp{$key}[0] && $customgrp{$key}[2] ne 'none'){
print"<option ";
print "selected='selected' " if ($fwdfwsettings{$fwdfwsettings{$grp}} eq $customgrp{$key}[0]);
print ">$customgrp{$key}[0]</option>";
@@ -1824,7 +1824,7 @@ END
&General::readhasharray("$configsrvgrp", \%customservicegrp);
my $helper;
foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } keys %customservicegrp){
- if ($helper ne $customservicegrp{$key}[0]){
+ if ($helper ne $customservicegrp{$key}[0] && $customservicegrp{$key}[2] ne 'none'){
print"<option ";
print"selected='selected'" if ($fwdfwsettings{$fwdfwsettings{'grp3'}} eq $customservicegrp{$key}[0]);
print">$customservicegrp{$key}[0]</option>";
@@ -1847,7 +1847,7 @@ END
print <<END;
<br>
<center>
- <table width="80%" border="0">
+ <table width="80%" class='tbl'>
<tr>
<td width="33%" align="center" bgcolor="$color{'color17'}">
<br>
@@ -1884,7 +1884,6 @@ END
<br>
END
-
#---Activate/logging/remark-------------------------------------
&Header::openbox('100%', 'left', $Lang::tr{'fwdfw additional'});
print<<END;
@@ -2298,6 +2297,8 @@ sub viewtablenew
&General::readhasharray("$config", $hash);
&General::readhasharray("$configccdnet", \%ccdnet);
&General::readhasharray("$configccdhost", \%ccdhost);
+ &General::readhasharray("$configgrp", \%customgrp);
+ &General::readhasharray("$configsrvgrp", \%customservicegrp);
&Header::openbox('100%', 'left', $title);
print "<table width='100%' cellspacing='0' class='tbl'>";
@@ -2401,6 +2402,21 @@ END
}
}
}
+ #check if networkgroups or servicegroups are empty
+ foreach my $netgroup (sort keys %customgrp){
+ if(($$hash{$key}[4] eq $customgrp{$netgroup}[0] || $$hash{$key}[6] eq $customgrp{$netgroup}[0]) && $customgrp{$netgroup}[2] eq 'none'){
+ $coloryellow='on';
+ &disable_rule($key);
+ $$hash{$key}[2]='';
+ }
+ }
+ foreach my $srvgroup (sort keys %customservicegrp){
+ if($$hash{$key}[15] eq $customservicegrp{$srvgroup}[0] && $customservicegrp{$srvgroup}[2] eq 'none'){
+ $coloryellow='on';
+ &disable_rule($key);
+ $$hash{$key}[2]='';
+ }
+ }
$$hash{'ACTIVE'}=$$hash{$key}[2];
$count++;
if($coloryellow eq 'on'){
diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi
index 16c91bd..baecde3 100644
--- a/html/cgi-bin/fwhosts.cgi
+++ b/html/cgi-bin/fwhosts.cgi
@@ -780,7 +780,7 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
}
#on update, we have to delete the dummy entry
foreach my $key (keys %customservicegrp){
- if ($customservicegrp{$key}[2] eq 'none'){
+ if ($customservicegrp{$key}[2] eq 'none' && $customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){
delete $customservicegrp{$key};
last;
}
@@ -893,33 +893,22 @@ if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
&General::readhasharray("$configgrp", \%customgrp);
foreach my $key (keys %customgrp){
if($customgrp{$key}[0].",".$customgrp{$key}[1].",".$customgrp{$key}[2].",".$customgrp{$key}[3] eq $fwhostsettings{'delhost'}){
- #decrease count from source host/net
- if ($customgrp{$key}[3] eq 'Custom Network'){
- &General::readhasharray("$confignet", \%customnetwork);
- foreach my $key1 (keys %customnetwork){
- if ($customnetwork{$key1}[0] eq $customgrp{$key}[2]){
- $customnetwork{$key1}[4] = $customnetwork{$key1}[4]-1;
- last;
- }
- }
- &General::writehasharray("$confignet", \%customnetwork);
- }
- if ($customgrp{$key}[3] eq 'Custom Host'){
- &General::readhasharray("$confighost", \%customhost);
- foreach my $key1 (keys %customhost){
- if ($customhost{$key1}[0] eq $customgrp{$key}[2]){
- $customhost{$key1}[4] = $customhost{$key1}[4]-1;
- last;
- }
- }
- &General::writehasharray("$confighost", \%customhost);
- }
$grpname=$customgrp{$key}[0];
$grpremark=$customgrp{$key}[1];
- delete $customgrp{$key};
+ #check if we delete the last entry, then generate dummy
+ if ($fwhostsettings{'last'} eq 'on'){
+ $customgrp{$key}[1] = '';
+ $customgrp{$key}[2] = 'none';
+ $customgrp{$key}[3] = '';
+ $fwhostsettings{'last'}='';
+ last;
+ }else{
+ delete $customgrp{$key};
+ }
}
}
&General::writehasharray("$configgrp", \%customgrp);
+ &General::firewall_config_changed();
if ($fwhostsettings{'grpcnt'} > 0){
&General::firewall_config_changed();
}
@@ -982,23 +971,20 @@ if ($fwhostsettings{'ACTION'} eq 'delgrpservice')
my $grpname;
my $grpremark;
&General::readhasharray("$configsrvgrp", \%customservicegrp);
- &General::readhasharray("$configsrv", \%customservice);
foreach my $key (keys %customservicegrp){
if($customservicegrp{$key}[0].",".$customservicegrp{$key}[1].",".$customservicegrp{$key}[2] eq $fwhostsettings{'delsrvfromgrp'})
{
- #decrease count from source service
- foreach my $key1 (sort keys %customservice){
- if($customservice{$key1}[0] eq $customservicegrp{$key}[2]){
- $customservice{$key1}[4]--;
- last;
- }
- }
$grpname=$customservicegrp{$key}[0];
$grpremark=$customservicegrp{$key}[1];
- delete $customservicegrp{$key};
+ if($fwhostsettings{'last'} eq 'on'){
+ $customservicegrp{$key}[2] = 'none';
+ $fwhostsettings{'last'} = '';
+ last;
+ }else{
+ delete $customservicegrp{$key};
+ }
}
}
- &General::writehasharray("$configsrv", \%customservice);
&General::writehasharray("$configsrvgrp", \%customservicegrp);
&General::firewall_config_changed();
if ($fwhostsettings{'updatesrvgrp'} eq 'on'){
@@ -1007,7 +993,6 @@ if ($fwhostsettings{'ACTION'} eq 'delgrpservice')
}
&addservicegrp;
&viewtableservicegrp;
-
}
if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newnet'})
{
@@ -1497,11 +1482,11 @@ END
}elsif ($count % 2)
{
$col="bgcolor='$color{'color20'}'";
- print" <tr>";# bgcolor='$color{'color20'}'>";
+ print" <tr>";
}else
{
$col="bgcolor='$color{'color22'}'";
- print" <tr>";# bgcolor='$color{'color22'}'>";
+ print" <tr>";
}
my $colnet="$customnetwork{$key}[1]/".&General::subtocidr($customnetwork{$key}[2]);
my $netcount=&getnetcount($customnetwork{$key}[0]);
@@ -1655,10 +1640,19 @@ sub viewtablegrp
my $remark;
my $number;
my $delflag;
+ my @counter;
+ my %hash;
if (!keys %customgrp)
{
print "<center><b>$Lang::tr{'fwhost err emptytable'}</b>";
}else{
+ #get all groups in a hash
+ foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
+ push (@counter,$customgrp{$key}[0]);
+ }
+ foreach my $key1 (@counter) {
+ $hash{$key1}++ ;
+ }
foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
$count++;
if ($helper ne $customgrp{$key}[0]){
@@ -1676,7 +1670,7 @@ sub viewtablegrp
if ($customgrp{$key}[2] eq "none"){$customgrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};}
$grpname=$customgrp{$key}[0];
$remark="$customgrp{$key}[1]";
- if($count gt 1){ print"</table>";}
+ if($count gt 1){ print"</table>";$count=1;}
print "<br><b><u>$grpname</u></b> ";
print " <b>$Lang::tr{'remark'}:</b>  $remark   " if ($remark ne '');
my $netgrpcount=&getnetcount($grpname);
@@ -1694,10 +1688,10 @@ sub viewtablegrp
$col="bgcolor='${Header::colouryellow}'";
}elsif ($count %2 == 0){
print"<tr>";
- $col="bgcolor='$color{'color22'}'";
+ $col="bgcolor='$color{'color20'}'";
}else{
print"<tr>";
- $col="bgcolor='$color{'color20'}'";
+ $col="bgcolor='$color{'color22'}'";
}
my $ip=&getipforgroup($customgrp{$key}[2],$customgrp{$key}[3]);
if ($ip eq ''){
@@ -1717,8 +1711,14 @@ sub viewtablegrp
$ip="$colip/".&General::subtocidr($colsub) if ($colsub);
print"<td align='center' $col ".&getcolor($colip).">".&Header::colorize($ip)."</td><td align='center' $col>$customgrp{$key}[3]</td><td width='1%' $col><form method='post'>";
}
- if ($delflag > 1 && $ip ne ''){
+ if ($delflag > 0 && $ip ne ''){
print"<input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} />";
+ #check if this group has only one entry
+ foreach my $key2 (keys %hash) {
+ if ($hash{$key2}<2 && $key2 eq $customgrp{$key}[0]){
+ print "<input type='hidden' name='last' value='on'>" ;
+ }
+ }
}
print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='grpcnt' value='$customgrp{$key}[4]'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
@@ -1793,11 +1793,15 @@ sub viewtableservicegrp
my $grpname;
my $remark;
my $helper;
+ my $helper1;
my $port;
my $protocol;
my $delflag;
my $grpcount=0;
my $col='';
+ my $lastentry=0;
+ my @counter;
+ my %hash;
if (! -z $configsrvgrp){
&Header::openbox('100%', 'left', $Lang::tr{'fwhost cust srvgrp'});
&General::readhasharray("$configsrvgrp", \%customservicegrp);
@@ -1807,6 +1811,12 @@ sub viewtableservicegrp
&General::readhasharray("$fwconfigout", \%fwout);
my $number= keys %customservicegrp;
foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
+ push (@counter,$customservicegrp{$key}[0]);
+ }
+ foreach my $key1 (@counter) {
+ $hash{$key1}++ ;
+ }
+ foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
$count++;
if ($helper ne $customservicegrp{$key}[0]){
#Get used groupcounter
@@ -1823,12 +1833,12 @@ sub viewtableservicegrp
}
$grpname=$customservicegrp{$key}[0];
if ($customservicegrp{$key}[2] eq "none"){
- $customservicegrp{$key}[2]=$Lang::tr{'fwhost empty'};
+ $customservicegrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};
$port='';
$protocol='';
}
$remark="$customservicegrp{$key}[1]";
- if($count >=2){print"</table>";}
+ if($count >0){print"</table>";$count=1;}
print "<br><b><u>$grpname</u></b> ";
print "<b>$Lang::tr{'remark'}:</b> $remark " if ($remark ne '');
print " <b>$Lang::tr{'used'}:</b> $grpcount x";
@@ -1849,6 +1859,11 @@ sub viewtableservicegrp
print"<tr>";
$col="bgcolor='$color{'color22'}'";
}
+ #make lines yellow if it is a dummy entry
+ if ($customservicegrp{$key}[2] eq $Lang::tr{'fwhost err emptytable'}){
+ print"<tr>";
+ $col="bgcolor='${Header::colouryellow}'";
+ }
#Set fields if we use protocols in servicegroups
if ($customservicegrp{$key}[2] ne 'TCP' || $customservicegrp{$key}[2] ne 'UDP' || $customservicegrp{$key}[2] ne 'ICMP'){
$port='-';
@@ -1868,8 +1883,16 @@ sub viewtableservicegrp
}
}
print"<td align='center' $col>$port</td><td align='center' $col>$protocol</td><td width='1%' $col><form method='post'>";
- if ($delflag gt '1'){
- print"<input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} />";
+ if ($delflag gt '0'){
+ if ($customservicegrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
+ print"<input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} />";
+ }
+ #check if this group has only one entry
+ foreach my $key2 (keys %hash) {
+ if ($hash{$key2}<2 && $key2 eq $customservicegrp{$key}[0]){
+ print "<input type='hidden' name='last' value='on'>" ;
+ }
+ }
}
print"<input type='hidden' name='ACTION' value='delgrpservice'><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'>";
if($protocol eq 'TCP' || $protocol eq 'UDP' || $protocol eq 'ICMP'){
diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi
index 5143e5e..b3a2629 100644
--- a/html/cgi-bin/index.cgi
+++ b/html/cgi-bin/index.cgi
@@ -286,7 +286,7 @@ if ( `cat /var/ipfire/vpn/settings | grep ^ENABLED=on` ||
$haveipsec=1;
my $ipsecip = `cat /var/ipfire/vpn/settings | grep ^VPN_IP= | cut -c 8-`;
print<<END;
- <tr><td align='center' bgcolor='$Header::colourvpn' width='25%'><a href="/cgi-bin/vpnmain.cgi"><font size='2' color='white'><b>$Lang::tr{'vpn'}</b></font></a><br>
+ <tr><td align='center' bgcolor='$Header::colourvpn' width='25%'><a href="/cgi-bin/vpnmain.cgi"><font size='2' color='white'><b>$Lang::tr{'ipsec'}</b></font></a><br>
<td width='30%' align='center'>$ipsecip
<td width='45%' align='center'><font color=$Header::colourgreen>Online</font>
END
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 7b1654f..75b6c75 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -1163,6 +1163,12 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
$errormessage = $Lang::tr{'invalid port'};
goto SETTINGS_ERROR;
}
+
+ if ($cgiparams{'DDEST_PORT'} <= 1023) {
+ $errormessage = $Lang::tr{'ovpn port in root range'};
+ goto SETTINGS_ERROR;
+ }
+
$vpnsettings{'ENABLED_BLUE'} = $cgiparams{'ENABLED_BLUE'};
$vpnsettings{'ENABLED_ORANGE'} =$cgiparams{'ENABLED_ORANGE'};
$vpnsettings{'ENABLED'} = $cgiparams{'ENABLED'};
@@ -3534,10 +3540,24 @@ if ($cgiparams{'TYPE'} eq 'net') {
unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
goto VPNCONF_ERROR;
- }
+ }
+
+ if ($cgiparams{'DEST_PORT'} <= 1023) {
+ $errormessage = $Lang::tr{'ovpn port in root range'};
+ unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+ goto VPNCONF_ERROR;
+ }
- if ($cgiparams{'OVPN_MGMT'} eq '') {
- $cgiparams{'OVPN_MGMT'} = $cgiparams{'DEST_PORT'};
+ if ($cgiparams{'OVPN_MGMT'} eq '') {
+ $cgiparams{'OVPN_MGMT'} = $cgiparams{'DEST_PORT'};
+ }
+
+ if ($cgiparams{'OVPN_MGMT'} <= 1023) {
+ $errormessage = $Lang::tr{'ovpn mgmt in root range'};
+ unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+ goto VPNCONF_ERROR;
}
}
diff --git a/html/cgi-bin/p2p-block.cgi b/html/cgi-bin/p2p-block.cgi
old mode 100755
new mode 100644
diff --git a/html/cgi-bin/shutdown.cgi b/html/cgi-bin/shutdown.cgi
old mode 100755
new mode 100644
diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi
old mode 100755
new mode 100644
diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 3e92d4b..7e90649 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -511,7 +511,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save'} && $cgiparams{'TYPE'} eq '' && $cg
###
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove x509'}) {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', '');
&Header::openbox('100%', 'left', $Lang::tr{'are you sure'});
print <<END
@@ -607,7 +607,7 @@ END
if ( -f "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem") {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', '');
&Header::openbox('100%', 'left', "$Lang::tr{'ca certificate'}:");
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem`;
@@ -683,7 +683,7 @@ END
}
if ($assignedcerts) {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', '');
&Header::openbox('100%', 'left', $Lang::tr{'are you sure'});
print <<END
@@ -728,7 +728,7 @@ END
$cgiparams{'ACTION'} eq $Lang::tr{'show host certificate'}) {
my $output;
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', '');
if ($cgiparams{'ACTION'} eq $Lang::tr{'show root certificate'}) {
&Header::openbox('100%', 'left', "$Lang::tr{'root certificate'}:");
@@ -1054,7 +1054,7 @@ END
ROOTCERT_ERROR:
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
if ($errormessage) {
&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
@@ -1141,7 +1141,7 @@ END
if ( -f "${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem") {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', '');
&Header::openbox('100%', 'left', "$Lang::tr{'cert'}:");
my $output = `/usr/bin/openssl x509 -text -in ${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem`;
@@ -1231,7 +1231,7 @@ END
###
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'add'} && $cgiparams{'TYPE'} eq '') {
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', '');
&Header::openbox('100%', 'left', $Lang::tr{'connection type'});
print <<END
@@ -1911,7 +1911,7 @@ END
$checked{'AUTH'}{$cgiparams{'AUTH'}} = "checked='checked'";
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
if ($errormessage) {
&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
@@ -2353,7 +2353,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
$selected{'DPD_ACTION'}{$cgiparams{'DPD_ACTION'}} = "selected='selected'";
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
if ($errormessage) {
@@ -2602,7 +2602,7 @@ EOF
$checked{'ENABLED'} = $cgiparams{'ENABLED'} eq 'on' ? "checked='checked'" : '';
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'vpn configuration main'}, 1, '');
+ &Header::openpage($Lang::tr{'ipsec'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
if ($errormessage) {
diff --git a/html/html/themes/ipfire/include/css/style.css b/html/html/themes/ipfire/include/css/style.css
index e33c6e1..9f3e25b 100644
--- a/html/html/themes/ipfire/include/css/style.css
+++ b/html/html/themes/ipfire/include/css/style.css
@@ -300,7 +300,7 @@ table {
border-right: 1px solid lightgrey;
}
-.tbl tr:first-child td:only-child {
+.tbl tr:first-child td {
border-top: 1px solid lightgrey;
}
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 3671c52..b4753a6 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1269,9 +1269,10 @@
'ipfire side is invalid' => 'IPFire Seite ist ungültig.',
'ipfires hostname' => 'IPFire\'s Hostname',
'ipinfo' => 'IP-Info',
-'ipsec network' => 'IPsec-Netzwerke',
'iptable rules' => 'IPTable-Regeln',
'iptmangles' => 'IPTable Mangles',
+'ipsec' => 'IPsec',
+'ipsec network' => 'IPsec-Netzwerke',
'iptnats' => 'IPTable Network Address Translation',
'ipts' => 'iptables',
'isdn' => 'ISDN',
@@ -1605,6 +1606,8 @@
'ovpn on blue' => 'OpenVPN auf BLAU',
'ovpn on orange' => 'OpenVPN auf ORANGE',
'ovpn on red' => 'OpenVPN auf ROT',
+'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
+'ovpn port in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
'ovpn routes push' => 'Routen (eine pro Zeile) z.b. 192.168.10.0/255.255.255.0 192.168.20.0/24',
'ovpn routes push options' => 'Route push Optionen',
'ovpn server status' => 'OpenVPN-Server-Status',
@@ -1627,7 +1630,7 @@
'ovpn_processprioVH' => 'Sehr Hoch',
'ovpnstatus log' => 'OVPN-Status-Log',
'ovpnsys log' => 'OVPN-System-Log',
-'p2p block' => 'P2P-Block',
+'p2p block' => 'P2P-Netzwerke',
'p2p block save notice' => 'Bitte lesen Sie die Firewallregeln neu ein, damit die Änderungen aktiv werden.',
'package failed to install' => 'Programmpaket konnte nicht installiert werden.',
'pagerefresh' => 'Seite wird aktualisiert. Bitte warten.',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index f04a17e..3d9a5eb 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1298,6 +1298,7 @@
'ipfire side is invalid' => 'IPFire side is invalid.',
'ipfires hostname' => 'IPFire\'s Hostname',
'ipinfo' => 'IP info',
+'ipsec' => 'IPsec',
'ipsec network' => 'IPsec network',
'iptable rules' => 'IPTable rules',
'iptmangles' => 'IPTable Mangles',
@@ -1635,6 +1636,8 @@
'ovpn on blue' => 'OpenVPN on BLUE',
'ovpn on orange' => 'OpenVPN on ORANGE',
'ovpn on red' => 'OpenVPN on RED',
+'ovpn mgmt in root range' => 'A port number of 1024 or higher is required.',
+'ovpn port in root range' => 'A port number of 1024 or higher is required.',
'ovpn routes push' => 'Routes (one per line) e.g. 192.168.10.0/255.255.255.0 192.168.20.0/24',
'ovpn routes push options' => 'Route push options',
'ovpn server status' => 'Current OpenVPN server status:',
@@ -1657,7 +1660,7 @@
'ovpn_processprioVH' => 'Very high',
'ovpnstatus log' => 'OVPN-Status-Log',
'ovpnsys log' => 'OVPN-System-Log',
-'p2p block' => 'P2P block',
+'p2p block' => 'P2P networks',
'p2p block save notice' => 'Please reload the firewall ruleset in order to apply your changes.',
'package failed to install' => 'Package failed to install.',
'pagerefresh' => 'Page is beeing refreshed, please wait.',
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2014-01-11 12:08 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140111120836.76D05211F2@argus.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox