/[smecontribs]/rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-bz10760-per_serv2.patch
ViewVC logotype

Contents of /rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-bz10760-per_serv2.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Tue Jul 23 01:29:45 2019 UTC (5 years, 4 months ago) by jpp
Branch: MAIN
CVS Tags: smeserver-xt_geoip-1_0_1-14_el6_sme
* Tue Jul 23 2019 Jean-Philipe Pialasse <tests@pialasse.com> 1.0.1-14.sme
- improved per service filtering [SME: 10760]
- remove A1 forced as default and allow empty filter [SME: 10785]

1 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/BadCountries smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/BadCountries
2 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/BadCountries 2017-09-15 14:44:39.000000000 +0200
3 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/BadCountries 2019-07-23 02:54:03.000000000 +0200
4 @@ -1 +0,0 @@
5 -A1
6 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip
7 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-07-23 03:16:53.259411436 +0200
8 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-07-23 03:20:21.597404763 +0200
9 @@ -197,4 +197,25 @@
10 <trans>Too many countries chosen: {$ctr}</trans>
11 </entry>
12
13 + <entry>
14 + <base>LABEL_REVERSE_MATCH</base>
15 + <trans>Reject if</trans>
16 + </entry>
17 +
18 + <entry>
19 + <base>DESC_REVERSE_MATCH</base>
20 + <trans>The following option allow to chose if you want reject visitors from the country list (==) which is the default behaviour, or if you want to only let them in (!=).</trans>
21 + </entry>
22 +
23 + <entry>
24 + <base>LABEL_OTHERS</base>
25 + <trans>General filter only for services without rules</trans>
26 + </entry>
27 +
28 + <entry>
29 + <base>DESC_OTHERS</base>
30 + <trans>Choose if you want to have the general filter to apply to all incoming connections or if you do not want to filter ports already defined with a specific service rule. This would allow you to have a service less restricted than the general rule if you enable this.</trans>
31 + </entry>
32 +
33 +
34 </lexicon>
35 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip
36 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-07-23 03:16:53.270411434 +0200
37 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-07-22 03:12:53.000000000 +0200
38 @@ -8,14 +8,10 @@
39 my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
40 my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
41 my $port;
42 - my $locPorts;
43 + my @locPorts;
44 my $servStatus;
45 my $locBC;
46 - if ($GP eq 'enabled')
47 - {
48 - if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
49 - {
50 - # to allow reload
51 + # to allow reload
52 $OUT .=<<'EOF';
53 # A blacklist chain for xtables-addons GEOIP
54 /sbin/iptables --new-chain XTGeoIP
55 @@ -24,8 +20,34 @@
56 /sbin/iptables --insert INPUT 1 \
57 -j XTGeoIP
58 EOF
59 +
60 + if ($GP eq 'enabled')
61 + {
62 + if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
63 + {
64 +
65 +# do not block LAN
66 + my $locals = "@locals";
67 + if (@locals)
68 + {
69 + # Make a new local_chk chain and add any networks found in networks db
70 + foreach my $local (@locals)
71 + {
72 + # If the network is a remote vpn subnet, restrict it to the ipsec0
73 + # interface.
74 + my ($net, $msk) = split /\//, $local;
75 + my $netrec = $nets->get($net);
76 + die "Can't find network $net in networks db!\n" unless $netrec;
77 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -s $local";
78 + if (($netrec->prop('remoteVPNSubnet') || 'no') eq 'yes')
79 + {
80 + $OUT .= " --in-interface ipsec0";
81 + }
82 + $OUT .= " -j RETURN\n";
83 + }
84 + }
85 +
86 ##adding here for service specific
87 - $locPorts='';
88
89 my @services = split(/,/, $masq{'XtServices'});
90 foreach my $servName (@services)
91 @@ -34,22 +56,27 @@
92 my $servStatus = ${$servName}{'status'} || 'disabled';
93 my $servAccess = ${$servName}{'access'} || 'private';
94 my $locBC = ${$servName}{'BadCountries'} || '';
95 + my $reverse = ( ( ${$servName}{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": "";
96 if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
97 - $locPorts .= "$port,";
98 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
99 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
100 + push @locPorts, $port;
101 + my $multi = ( $port =~ /[,:]/ )? "-m multiport --dports" : "--dport";
102 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
103 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j DROP\n";
104 }
105 }
106
107 # block for other or all should move there
108 if ($BC ne '') {
109 - if ($locPorts ne '') {
110 - $locPorts = substr $locPorts, 0, -1;
111 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
112 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
113 + my $reverse = ( ( $masq{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": "";
114 + my $others = ( ( $masq{'XTGeoipOther'} || 'enabled') eq "disabled") ? 1 : 0;
115 + @locPorts = () unless $others;
116 + if (@locPorts != 0) {
117 + my $LocPorts = join ',', @locPorts;
118 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
119 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j DROP\n";
120 } else {
121 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
122 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j DROP\n";
123 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
124 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip $reverse --src-cc $BC -j DROP\n";
125 }
126 }
127 $OUT .= " /sbin/iptables --append XTGeoIP_1" .
128 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip
129 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 2019-07-23 03:16:53.293411435 +0200
130 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 2019-07-22 00:35:29.000000000 +0200
131 @@ -7,11 +7,11 @@
132 my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
133 my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
134 my $port;
135 - my $locPorts;
136 + my @locPorts;
137 my $servStatus;
138 my $locBC;
139
140 - # to allow reload without locking just after initial install
141 + # to allow reload without locking just after initial install
142 $OUT .=<<'EOF';
143 iptables -n --list XTGeoIP >/dev/null 2>&1
144 test=$?
145 @@ -36,8 +36,28 @@
146 {
147 if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
148 {
149 - # add content here
150 - $locPorts = '';
151 +
152 +# do not block LAN
153 + my $locals = "@locals";
154 + if (@locals)
155 + {
156 + # Make a new local_chk chain and add any networks found in networks db
157 + foreach my $local (@locals)
158 + {
159 + # If the network is a remote vpn subnet, restrict it to the ipsec0
160 + # interface.
161 + my ($net, $msk) = split /\//, $local;
162 + my $netrec = $nets->get($net);
163 + die "Can't find network $net in networks db!\n" unless $netrec;
164 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -s $local";
165 + if (($netrec->prop('remoteVPNSubnet') || 'no') eq 'yes')
166 + {
167 + $OUT .= " --in-interface ipsec0";
168 + }
169 + $OUT .= " -j RETURN\n";
170 + }
171 + }
172 +
173 my @services = split(/,/, $masq{'XtServices'});
174
175 foreach my $servName (@services)
176 @@ -46,33 +66,27 @@
177 my $servStatus = ${$servName}{'status'} || 'disabled';
178 my $servAccess = ${$servName}{'access'} || 'private';
179 my $locBC = ${$servName}{'BadCountries'} || '';
180 + my $reverse = ( ( ${$servName}{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": "";
181 if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
182 - $locPorts .= "$port,";
183 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
184 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
185 + push @locPorts, $port;
186 + my $multi = ( $port =~ /[,:]/ )? "-m multiport --dports" : "--dport";
187 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
188 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j DROP\n";
189 }
190 }
191
192 - ##adding here for service specific
193 - # imaps 993
194 - #$locBC = $imaps{BadCountries} || '';
195 - #$servStatus = $imaps{'status'} || 'disabled';
196 - #$port = $imaps{'TCPPort'} || '993';
197 - #if ($servStatus eq 'enabled' and $locBC ne '') {
198 - # $locPorts .= "${port},";
199 - # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: IMAPS\"\n";
200 - # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
201 - #}
202 -
203 # block for all or other ports should move there
204 if ($BC ne '') {
205 - if ($locPorts ne '') {
206 - $locPorts = substr $locPorts, 0, -1;
207 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
208 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
209 + my $reverse = ( ( $masq{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": "";
210 + my $others = ( ( $masq{'XTGeoipOther'} || 'disabled') eq "enabled") ? 1 : 0;
211 + @locPorts = () unless $others;
212 + if (@locPorts != 0) {
213 + my $LocPorts = join ',', @locPorts;
214 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
215 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j DROP\n";
216 } else {
217 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
218 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j DROP\n";
219 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
220 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip $reverse --src-cc $BC -j DROP\n";
221 }
222 }
223 $OUT .= " /sbin/iptables --append \$NEW_XTGeoIP" .
224 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip
225 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip 2019-07-23 03:16:53.279411436 +0200
226 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip 2019-07-23 02:18:09.000000000 +0200
227 @@ -81,7 +81,7 @@
228 <field
229 type="literal"
230 id="badcountries"
231 - value="get_badcountries()">
232 + value="get_badcountries(1)">
233 <label>LABEL_BADCOUNTRIES_STATUS</label>
234 </field>
235
236 @@ -102,7 +102,6 @@
237 <field type="literal" id="service_label" value="">
238 <description>SERVICE_DESCRIPTION</description>
239 </field>
240 -
241 <subroutine src="print_custom_button('PER_SERVICE_GEOIP', 'Service', '')"/>
242
243 <field type="literal" id="stats_label" value="">
244 @@ -128,10 +127,20 @@
245 <description>DESC_GEOIP</description>
246 </field>
247
248 + <field
249 + type="select"
250 + id="masq_reverse"
251 + options="'enabled' => '!=', 'disabled' => '=='"
252 + value="get_reverse('masq','XTGeoipRev')">
253 + <label>LABEL_REVERSE_MATCH</label>
254 + <description>DESC_REVERSE_MATCH</description>
255 + </field>
256 +
257 <field
258 type="text"
259 id="masq_badcountries"
260 size="64"
261 + value="get_badcountries(0)"
262 validation="must_exist()">
263 <label>LABEL_BADCOUNTRIES</label>
264 <description>DESC_BADCOUNTRIES</description>
265 @@ -140,9 +149,18 @@
266 <field
267 type="literal"
268 id="badcountries"
269 - value="get_badcountries()">
270 + value="get_badcountries(1)">
271 <label>LABEL_BADCOUNTRIES_STATUS</label>
272 </field>
273 +
274 + <field
275 + type="select"
276 + id="masq_others"
277 + options="'enabled' => 'enabled', 'disabled' => 'disabled'"
278 + value="get_reverse('masq','XTGeoipOther')">
279 + <label>LABEL_OTHERS</label>
280 + <description>DESC_OTHERS</description>
281 + </field>
282
283 <field
284 type="select"
285 @@ -163,7 +181,7 @@
286 <field
287 type="literal"
288 id="badcountries"
289 - value="get_badcountries()">
290 + value="get_badcountries(1)">
291 <label>LABEL_BADCOUNTRIES_STATUS</label>
292 </field>
293 <subroutine src="print_service_table()" />
294 @@ -187,14 +205,24 @@
295 <field
296 type="literal"
297 id="badcountries"
298 - value="get_badcountries()">
299 + value="get_badcountries(1)">
300 <label>LABEL_BADCOUNTRIES_STATUS</label>
301 </field>
302
303 + <field
304 + type="select"
305 + id="masq_srv_reverse"
306 + options="'enabled' => '!=', 'disabled' => '=='"
307 + value="get_reverse('','XTGeoipRev')">
308 + <label>LABEL_REVERSE_MATCH</label>
309 + <description>DESC_REVERSE_MATCH</description>
310 + </field>
311 +
312 <field
313 type="text"
314 id="masq_srv_badcountries"
315 size="64"
316 + value="get_srv_badcountries(0)"
317 validation="srv_must_exist()">
318 <label>LABEL_BADCOUNTRIES</label>
319 <description>DESC_BADCOUNTRIES</description>
320 @@ -203,7 +231,7 @@
321 <field
322 type="literal"
323 id="srv_badcountries"
324 - value="get_srv_badcountries()">
325 + value="get_srv_badcountries(1)">
326 <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
327 </field>
328
329 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/panels/manager/cgi-bin/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/panels/manager/cgi-bin/xt_geoip
330 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/panels/manager/cgi-bin/xt_geoip 2019-07-23 03:16:53.279411436 +0200
331 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/panels/manager/cgi-bin/xt_geoip 2019-07-23 02:18:09.000000000 +0200
332 @@ -81,7 +81,7 @@
333 <field
334 type="literal"
335 id="badcountries"
336 - value="get_badcountries()">
337 + value="get_badcountries(1)">
338 <label>LABEL_BADCOUNTRIES_STATUS</label>
339 </field>
340
341 @@ -102,7 +102,6 @@
342 <field type="literal" id="service_label" value="">
343 <description>SERVICE_DESCRIPTION</description>
344 </field>
345 -
346 <subroutine src="print_custom_button('PER_SERVICE_GEOIP', 'Service', '')"/>
347
348 <field type="literal" id="stats_label" value="">
349 @@ -128,10 +127,20 @@
350 <description>DESC_GEOIP</description>
351 </field>
352
353 + <field
354 + type="select"
355 + id="masq_reverse"
356 + options="'enabled' => '!=', 'disabled' => '=='"
357 + value="get_reverse('masq','XTGeoipRev')">
358 + <label>LABEL_REVERSE_MATCH</label>
359 + <description>DESC_REVERSE_MATCH</description>
360 + </field>
361 +
362 <field
363 type="text"
364 id="masq_badcountries"
365 size="64"
366 + value="get_badcountries(0)"
367 validation="must_exist()">
368 <label>LABEL_BADCOUNTRIES</label>
369 <description>DESC_BADCOUNTRIES</description>
370 @@ -140,9 +149,18 @@
371 <field
372 type="literal"
373 id="badcountries"
374 - value="get_badcountries()">
375 + value="get_badcountries(1)">
376 <label>LABEL_BADCOUNTRIES_STATUS</label>
377 </field>
378 +
379 + <field
380 + type="select"
381 + id="masq_others"
382 + options="'enabled' => 'enabled', 'disabled' => 'disabled'"
383 + value="get_reverse('masq','XTGeoipOther')">
384 + <label>LABEL_OTHERS</label>
385 + <description>DESC_OTHERS</description>
386 + </field>
387
388 <field
389 type="select"
390 @@ -163,7 +181,7 @@
391 <field
392 type="literal"
393 id="badcountries"
394 - value="get_badcountries()">
395 + value="get_badcountries(1)">
396 <label>LABEL_BADCOUNTRIES_STATUS</label>
397 </field>
398 <subroutine src="print_service_table()" />
399 @@ -187,14 +205,24 @@
400 <field
401 type="literal"
402 id="badcountries"
403 - value="get_badcountries()">
404 + value="get_badcountries(1)">
405 <label>LABEL_BADCOUNTRIES_STATUS</label>
406 </field>
407
408 + <field
409 + type="select"
410 + id="masq_srv_reverse"
411 + options="'enabled' => '!=', 'disabled' => '=='"
412 + value="get_reverse('','XTGeoipRev')">
413 + <label>LABEL_REVERSE_MATCH</label>
414 + <description>DESC_REVERSE_MATCH</description>
415 + </field>
416 +
417 <field
418 type="text"
419 id="masq_srv_badcountries"
420 size="64"
421 + value="get_srv_badcountries(0)"
422 validation="srv_must_exist()">
423 <label>LABEL_BADCOUNTRIES</label>
424 <description>DESC_BADCOUNTRIES</description>
425 @@ -203,7 +231,7 @@
426 <field
427 type="literal"
428 id="srv_badcountries"
429 - value="get_srv_badcountries()">
430 + value="get_srv_badcountries(1)">
431 <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
432 </field>
433
434 diff -Nur smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm
435 --- smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-07-23 03:16:53.284411435 +0200
436 +++ smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-07-23 02:49:15.000000000 +0200
437 @@ -23,6 +23,7 @@
438 get_value
439 get_badcountries
440 get_geoip
441 + get_reverse
442 print_service_table
443 get_stat_geoip
444 print_custom_button
445 @@ -139,7 +140,12 @@
446
447 sub get_badcountries
448 {
449 - return $db->get_prop("masq", "BadCountries");
450 + my $self = shift;
451 + my $full = shift;
452 + my $badc=$db->get_prop("masq", "BadCountries")||"";
453 + return $badc unless $full ;
454 + my $rev = (($db->get_prop("masq", "XTGeoipRev")||"disabled") eq "enabled") ? "!=" : "==";
455 + return "$rev $badc ";
456 }
457
458 =head2 get_geoip
459 @@ -152,6 +158,20 @@
460 return $db->get_prop("masq", "GeoIP") || 'disabled';
461 }
462
463 +=head2 get_reverse
464 +
465 +method to retrieve the value of geoip for the form
466 +=cut
467 +
468 +sub get_reverse
469 +{
470 + my $fm = shift;
471 + my $item = shift;
472 + my $prop = shift;
473 + $item = ($item eq 'masq') ? $item : $fm->cgi->param('name');
474 + return $db->get_prop("$item", "$prop") || "disabled";
475 +}
476 +
477 =head2 get_stat_geoip
478
479 method to retrieve the status of geoip for the form
480 @@ -189,15 +209,23 @@
481
482 my $mq_bc = get_badcountries();
483 my $mq_gp = get_geoip();
484 - my $n_mq_bc = $q->param("masq_badcountries") || $mq_bc;
485 + my $masq = $db->get('masq') || "disabled";
486 + my $mq_rv = $masq->prop('XTGeoipRev') || 'disabled';
487 + my $mq_ot = $masq->prop('XTGeoipOther') || 'disabled';
488 +
489 + my $n_mq_bc = $q->param("masq_badcountries");
490 my $n_mq_gp = $q->param("masq_geoip") || $mq_gp;
491 my $n_upd_gp = $q->param("update_geoip") || '';
492 -
493 - if (($n_mq_bc eq $mq_bc) && ($n_mq_gp eq $mq_gp) && ($n_upd_gp eq 'NO')) {
494 + my $n_mq_rv = $q->param("masq_reverse") || $mq_rv ;
495 + my $n_mq_ot = $q->param("masq_others") || $mq_ot ;
496 +
497 + if (($n_mq_bc eq $mq_bc) && ($n_mq_gp eq $mq_gp) && ($n_upd_gp eq 'NO') && ($n_mq_rv eq $mq_rv) && ($n_mq_ot eq $mq_ot)) {
498 return $self->success("NO_CHANGE")
499 }
500 $db->set_prop("masq", "BadCountries", $n_mq_bc);
501 $db->set_prop("masq", "GeoIP", $n_mq_gp);
502 + $db->set_prop("masq", "XTGeoipRev", $n_mq_rv);
503 + $db->set_prop("masq", "XTGeoipOther", $n_mq_ot);
504
505 my $eventloc = "xt_geoip-modify";
506 $eventloc = "xt_geoip-update" if $n_upd_gp eq 'YES';
507 @@ -293,9 +321,13 @@
508
509 sub get_srv_badcountries
510 {
511 - my ($self) = @_;
512 + my $self = shift;
513 my $name = $self->cgi->param('name');
514 - return $db->get_prop($name, "BadCountries");
515 + my $full = shift;
516 + my $badc=$db->get_prop($name, "BadCountries")||"";
517 + return $badc unless $full ;
518 + my $rev = (($db->get_prop($name, "XTGeoipRev")||"disabled") eq "enabled") ? "!=" : "==";
519 + return "$rev $badc ";
520 }
521
522 sub print_service_table {
523 @@ -338,6 +370,7 @@
524 my $status = $i->prop('status');
525 my $access = $i->prop('access');
526 my $servBC = $i->prop('BadCountries') || ' ';
527 + my $servRev = (( $i->prop('XTGeoipRev')|| 'disabled') eq 'disabled' )? '==': '!=';
528
529 my $params = $self->build_serv_cgi_params($servname, $i->props());
530
531 @@ -352,13 +385,15 @@
532 . '&nbsp';
533
534 my $color = 'red';
535 - if ($status eq 'disabled' || $access ne 'public') { $color = 'green'; }
536 + my $deco= "none";
537 + if ($servRev eq '!=' ) { $color = 'green'; }
538 + if ($status eq 'disabled' || $access ne 'public') { $color = 'grey'; $deco= "line-through"; }
539 print $q->Tr (
540 esmith::cgi::genSmallCell($q, $servname,"normal"),
541 esmith::cgi::genSmallCell($q, $port,"normal"),
542 - esmith::cgi::genSmallCell($q, $status,"header"),
543 - esmith::cgi::genSmallCell($q, $access,"header"),
544 - esmith::cgi::genSmallCell($q, "<font color='$color'>" . $servBC . "</font>","header"),
545 + esmith::cgi::genSmallCell($q, $status,"normal"),
546 + esmith::cgi::genSmallCell($q, $access,"normal"),
547 + esmith::cgi::genSmallCell($q, "<font color='$color' style='text-decoration: $deco'>" . "$servRev $servBC" . "</font>","normal"),
548 esmith::cgi::genSmallCell($q, $actionModify,"normal"),
549 esmith::cgi::genSmallCell($q, $actionRemove,"normal"));
550 }
551 @@ -386,7 +421,8 @@
552 if (my $serv = $db->get($name)) {
553 my $servBC = $serv->prop('BadCountries') || '';
554 if ($servBC ne '') {
555 - $db->set_prop($name, "BadCountries", '');
556 + my $tps = $db->set_prop_and_delete($name, "BadCountries");
557 + $tps = $db->get_prop_and_delete($name, "XTGeoipRev");
558 # Untaint $name before use in system()
559 # $name =~ /(.+)/; $name = $1;
560 if (system ("/sbin/e-smith/signal-event", "xt_geoip-service") == 0)
561 @@ -410,14 +446,17 @@
562 my $name = $self->cgi->param('name');
563 if (my $serv = $db->get($name)) {
564 my $servBC = $serv->prop('BadCountries') || '';
565 + my $servRev = $serv->prop('XTGeoipRev') || 'disabled';
566
567 my $q = $self->{'cgi'};
568 - my $n_servBC = $q->param("masq_srv_badcountries") || $servBC;
569 -
570 - if ($n_servBC eq $servBC) {
571 + my $n_servBC = $q->param("masq_srv_badcountries");
572 + my $n_servRev = $q->param("masq_srv_reverse") || $servRev;
573 +
574 + if ($n_servBC eq $servBC && $n_servRev eq $servRev ) {
575 return $self->success("NO_CHANGE")
576 }
577 $db->set_prop($name, "BadCountries", $n_servBC);
578 + $db->set_prop($name, "XTGeoipRev", $n_servRev);
579
580 if (system ( "/sbin/e-smith/signal-event", "xt_geoip-service" ) == 0 )
581 {

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed