1 |
diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/BadCountries smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/BadCountries |
2 |
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/BadCountries 2017-09-15 14:44:39.000000000 +0200 |
3 |
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/BadCountries 2019-07-23 02:54:03.000000000 +0200 |
4 |
@@ -1 +0,0 @@ |
5 |
-A1 |
6 |
diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip |
7 |
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-07-23 03:16:53.259411436 +0200 |
8 |
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-07-23 03:20:21.597404763 +0200 |
9 |
@@ -197,4 +197,25 @@ |
10 |
<trans>Too many countries chosen: {$ctr}</trans> |
11 |
</entry> |
12 |
|
13 |
+ <entry> |
14 |
+ <base>LABEL_REVERSE_MATCH</base> |
15 |
+ <trans>Reject if</trans> |
16 |
+ </entry> |
17 |
+ |
18 |
+ <entry> |
19 |
+ <base>DESC_REVERSE_MATCH</base> |
20 |
+ <trans>The following option allow to chose if you want reject visitors from the country list (==) which is the default behaviour, or if you want to only let them in (!=).</trans> |
21 |
+ </entry> |
22 |
+ |
23 |
+ <entry> |
24 |
+ <base>LABEL_OTHERS</base> |
25 |
+ <trans>General filter only for services without rules</trans> |
26 |
+ </entry> |
27 |
+ |
28 |
+ <entry> |
29 |
+ <base>DESC_OTHERS</base> |
30 |
+ <trans>Choose if you want to have the general filter to apply to all incoming connections or if you do not want to filter ports already defined with a specific service rule. This would allow you to have a service less restricted than the general rule if you enable this.</trans> |
31 |
+ </entry> |
32 |
+ |
33 |
+ |
34 |
</lexicon> |
35 |
diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip |
36 |
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-07-23 03:16:53.270411434 +0200 |
37 |
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-07-22 03:12:53.000000000 +0200 |
38 |
@@ -8,14 +8,10 @@ |
39 |
my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko"; |
40 |
my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko"; |
41 |
my $port; |
42 |
- my $locPorts; |
43 |
+ my @locPorts; |
44 |
my $servStatus; |
45 |
my $locBC; |
46 |
- if ($GP eq 'enabled') |
47 |
- { |
48 |
- if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE) |
49 |
- { |
50 |
- # to allow reload |
51 |
+ # to allow reload |
52 |
$OUT .=<<'EOF'; |
53 |
# A blacklist chain for xtables-addons GEOIP |
54 |
/sbin/iptables --new-chain XTGeoIP |
55 |
@@ -24,8 +20,34 @@ |
56 |
/sbin/iptables --insert INPUT 1 \ |
57 |
-j XTGeoIP |
58 |
EOF |
59 |
+ |
60 |
+ if ($GP eq 'enabled') |
61 |
+ { |
62 |
+ if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE) |
63 |
+ { |
64 |
+ |
65 |
+# do not block LAN |
66 |
+ my $locals = "@locals"; |
67 |
+ if (@locals) |
68 |
+ { |
69 |
+ # Make a new local_chk chain and add any networks found in networks db |
70 |
+ foreach my $local (@locals) |
71 |
+ { |
72 |
+ # If the network is a remote vpn subnet, restrict it to the ipsec0 |
73 |
+ # interface. |
74 |
+ my ($net, $msk) = split /\//, $local; |
75 |
+ my $netrec = $nets->get($net); |
76 |
+ die "Can't find network $net in networks db!\n" unless $netrec; |
77 |
+ $OUT .= " /sbin/iptables -A XTGeoIP_1 -s $local"; |
78 |
+ if (($netrec->prop('remoteVPNSubnet') || 'no') eq 'yes') |
79 |
+ { |
80 |
+ $OUT .= " --in-interface ipsec0"; |
81 |
+ } |
82 |
+ $OUT .= " -j RETURN\n"; |
83 |
+ } |
84 |
+ } |
85 |
+ |
86 |
##adding here for service specific |
87 |
- $locPorts=''; |
88 |
|
89 |
my @services = split(/,/, $masq{'XtServices'}); |
90 |
foreach my $servName (@services) |
91 |
@@ -34,22 +56,27 @@ |
92 |
my $servStatus = ${$servName}{'status'} || 'disabled'; |
93 |
my $servAccess = ${$servName}{'access'} || 'private'; |
94 |
my $locBC = ${$servName}{'BadCountries'} || ''; |
95 |
+ my $reverse = ( ( ${$servName}{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": ""; |
96 |
if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') { |
97 |
- $locPorts .= "$port,"; |
98 |
- $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n"; |
99 |
- $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n"; |
100 |
+ push @locPorts, $port; |
101 |
+ my $multi = ( $port =~ /[,:]/ )? "-m multiport --dports" : "--dport"; |
102 |
+ $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n"; |
103 |
+ $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j DROP\n"; |
104 |
} |
105 |
} |
106 |
|
107 |
# block for other or all should move there |
108 |
if ($BC ne '') { |
109 |
- if ($locPorts ne '') { |
110 |
- $locPorts = substr $locPorts, 0, -1; |
111 |
- $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n"; |
112 |
- $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n"; |
113 |
+ my $reverse = ( ( $masq{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": ""; |
114 |
+ my $others = ( ( $masq{'XTGeoipOther'} || 'enabled') eq "disabled") ? 1 : 0; |
115 |
+ @locPorts = () unless $others; |
116 |
+ if (@locPorts != 0) { |
117 |
+ my $LocPorts = join ',', @locPorts; |
118 |
+ $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n"; |
119 |
+ $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j DROP\n"; |
120 |
} else { |
121 |
- $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n"; |
122 |
- $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j DROP\n"; |
123 |
+ $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n"; |
124 |
+ $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip $reverse --src-cc $BC -j DROP\n"; |
125 |
} |
126 |
} |
127 |
$OUT .= " /sbin/iptables --append XTGeoIP_1" . |
128 |
diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip |
129 |
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 2019-07-23 03:16:53.293411435 +0200 |
130 |
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 2019-07-22 00:35:29.000000000 +0200 |
131 |
@@ -7,11 +7,11 @@ |
132 |
my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko"; |
133 |
my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko"; |
134 |
my $port; |
135 |
- my $locPorts; |
136 |
+ my @locPorts; |
137 |
my $servStatus; |
138 |
my $locBC; |
139 |
|
140 |
- # to allow reload without locking just after initial install |
141 |
+ # to allow reload without locking just after initial install |
142 |
$OUT .=<<'EOF'; |
143 |
iptables -n --list XTGeoIP >/dev/null 2>&1 |
144 |
test=$? |
145 |
@@ -36,8 +36,28 @@ |
146 |
{ |
147 |
if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE) |
148 |
{ |
149 |
- # add content here |
150 |
- $locPorts = ''; |
151 |
+ |
152 |
+# do not block LAN |
153 |
+ my $locals = "@locals"; |
154 |
+ if (@locals) |
155 |
+ { |
156 |
+ # Make a new local_chk chain and add any networks found in networks db |
157 |
+ foreach my $local (@locals) |
158 |
+ { |
159 |
+ # If the network is a remote vpn subnet, restrict it to the ipsec0 |
160 |
+ # interface. |
161 |
+ my ($net, $msk) = split /\//, $local; |
162 |
+ my $netrec = $nets->get($net); |
163 |
+ die "Can't find network $net in networks db!\n" unless $netrec; |
164 |
+ $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -s $local"; |
165 |
+ if (($netrec->prop('remoteVPNSubnet') || 'no') eq 'yes') |
166 |
+ { |
167 |
+ $OUT .= " --in-interface ipsec0"; |
168 |
+ } |
169 |
+ $OUT .= " -j RETURN\n"; |
170 |
+ } |
171 |
+ } |
172 |
+ |
173 |
my @services = split(/,/, $masq{'XtServices'}); |
174 |
|
175 |
foreach my $servName (@services) |
176 |
@@ -46,33 +66,27 @@ |
177 |
my $servStatus = ${$servName}{'status'} || 'disabled'; |
178 |
my $servAccess = ${$servName}{'access'} || 'private'; |
179 |
my $locBC = ${$servName}{'BadCountries'} || ''; |
180 |
+ my $reverse = ( ( ${$servName}{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": ""; |
181 |
if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') { |
182 |
- $locPorts .= "$port,"; |
183 |
- $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n"; |
184 |
- $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n"; |
185 |
+ push @locPorts, $port; |
186 |
+ my $multi = ( $port =~ /[,:]/ )? "-m multiport --dports" : "--dport"; |
187 |
+ $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n"; |
188 |
+ $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j DROP\n"; |
189 |
} |
190 |
} |
191 |
|
192 |
- ##adding here for service specific |
193 |
- # imaps 993 |
194 |
- #$locBC = $imaps{BadCountries} || ''; |
195 |
- #$servStatus = $imaps{'status'} || 'disabled'; |
196 |
- #$port = $imaps{'TCPPort'} || '993'; |
197 |
- #if ($servStatus eq 'enabled' and $locBC ne '') { |
198 |
- # $locPorts .= "${port},"; |
199 |
- # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: IMAPS\"\n"; |
200 |
- # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n"; |
201 |
- #} |
202 |
- |
203 |
# block for all or other ports should move there |
204 |
if ($BC ne '') { |
205 |
- if ($locPorts ne '') { |
206 |
- $locPorts = substr $locPorts, 0, -1; |
207 |
- $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n"; |
208 |
- $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n"; |
209 |
+ my $reverse = ( ( $masq{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": ""; |
210 |
+ my $others = ( ( $masq{'XTGeoipOther'} || 'disabled') eq "enabled") ? 1 : 0; |
211 |
+ @locPorts = () unless $others; |
212 |
+ if (@locPorts != 0) { |
213 |
+ my $LocPorts = join ',', @locPorts; |
214 |
+ $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n"; |
215 |
+ $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j DROP\n"; |
216 |
} else { |
217 |
- $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n"; |
218 |
- $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j DROP\n"; |
219 |
+ $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n"; |
220 |
+ $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip $reverse --src-cc $BC -j DROP\n"; |
221 |
} |
222 |
} |
223 |
$OUT .= " /sbin/iptables --append \$NEW_XTGeoIP" . |
224 |
diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip |
225 |
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip 2019-07-23 03:16:53.279411436 +0200 |
226 |
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip 2019-07-23 02:18:09.000000000 +0200 |
227 |
@@ -81,7 +81,7 @@ |
228 |
<field |
229 |
type="literal" |
230 |
id="badcountries" |
231 |
- value="get_badcountries()"> |
232 |
+ value="get_badcountries(1)"> |
233 |
<label>LABEL_BADCOUNTRIES_STATUS</label> |
234 |
</field> |
235 |
|
236 |
@@ -102,7 +102,6 @@ |
237 |
<field type="literal" id="service_label" value=""> |
238 |
<description>SERVICE_DESCRIPTION</description> |
239 |
</field> |
240 |
- |
241 |
<subroutine src="print_custom_button('PER_SERVICE_GEOIP', 'Service', '')"/> |
242 |
|
243 |
<field type="literal" id="stats_label" value=""> |
244 |
@@ -128,10 +127,20 @@ |
245 |
<description>DESC_GEOIP</description> |
246 |
</field> |
247 |
|
248 |
+ <field |
249 |
+ type="select" |
250 |
+ id="masq_reverse" |
251 |
+ options="'enabled' => '!=', 'disabled' => '=='" |
252 |
+ value="get_reverse('masq','XTGeoipRev')"> |
253 |
+ <label>LABEL_REVERSE_MATCH</label> |
254 |
+ <description>DESC_REVERSE_MATCH</description> |
255 |
+ </field> |
256 |
+ |
257 |
<field |
258 |
type="text" |
259 |
id="masq_badcountries" |
260 |
size="64" |
261 |
+ value="get_badcountries(0)" |
262 |
validation="must_exist()"> |
263 |
<label>LABEL_BADCOUNTRIES</label> |
264 |
<description>DESC_BADCOUNTRIES</description> |
265 |
@@ -140,9 +149,18 @@ |
266 |
<field |
267 |
type="literal" |
268 |
id="badcountries" |
269 |
- value="get_badcountries()"> |
270 |
+ value="get_badcountries(1)"> |
271 |
<label>LABEL_BADCOUNTRIES_STATUS</label> |
272 |
</field> |
273 |
+ |
274 |
+ <field |
275 |
+ type="select" |
276 |
+ id="masq_others" |
277 |
+ options="'enabled' => 'enabled', 'disabled' => 'disabled'" |
278 |
+ value="get_reverse('masq','XTGeoipOther')"> |
279 |
+ <label>LABEL_OTHERS</label> |
280 |
+ <description>DESC_OTHERS</description> |
281 |
+ </field> |
282 |
|
283 |
<field |
284 |
type="select" |
285 |
@@ -163,7 +181,7 @@ |
286 |
<field |
287 |
type="literal" |
288 |
id="badcountries" |
289 |
- value="get_badcountries()"> |
290 |
+ value="get_badcountries(1)"> |
291 |
<label>LABEL_BADCOUNTRIES_STATUS</label> |
292 |
</field> |
293 |
<subroutine src="print_service_table()" /> |
294 |
@@ -187,14 +205,24 @@ |
295 |
<field |
296 |
type="literal" |
297 |
id="badcountries" |
298 |
- value="get_badcountries()"> |
299 |
+ value="get_badcountries(1)"> |
300 |
<label>LABEL_BADCOUNTRIES_STATUS</label> |
301 |
</field> |
302 |
|
303 |
+ <field |
304 |
+ type="select" |
305 |
+ id="masq_srv_reverse" |
306 |
+ options="'enabled' => '!=', 'disabled' => '=='" |
307 |
+ value="get_reverse('','XTGeoipRev')"> |
308 |
+ <label>LABEL_REVERSE_MATCH</label> |
309 |
+ <description>DESC_REVERSE_MATCH</description> |
310 |
+ </field> |
311 |
+ |
312 |
<field |
313 |
type="text" |
314 |
id="masq_srv_badcountries" |
315 |
size="64" |
316 |
+ value="get_srv_badcountries(0)" |
317 |
validation="srv_must_exist()"> |
318 |
<label>LABEL_BADCOUNTRIES</label> |
319 |
<description>DESC_BADCOUNTRIES</description> |
320 |
@@ -203,7 +231,7 @@ |
321 |
<field |
322 |
type="literal" |
323 |
id="srv_badcountries" |
324 |
- value="get_srv_badcountries()"> |
325 |
+ value="get_srv_badcountries(1)"> |
326 |
<label>LABEL_SERV_BADCOUNTRIES_STATUS</label> |
327 |
</field> |
328 |
|
329 |
diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/panels/manager/cgi-bin/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/panels/manager/cgi-bin/xt_geoip |
330 |
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/panels/manager/cgi-bin/xt_geoip 2019-07-23 03:16:53.279411436 +0200 |
331 |
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/panels/manager/cgi-bin/xt_geoip 2019-07-23 02:18:09.000000000 +0200 |
332 |
@@ -81,7 +81,7 @@ |
333 |
<field |
334 |
type="literal" |
335 |
id="badcountries" |
336 |
- value="get_badcountries()"> |
337 |
+ value="get_badcountries(1)"> |
338 |
<label>LABEL_BADCOUNTRIES_STATUS</label> |
339 |
</field> |
340 |
|
341 |
@@ -102,7 +102,6 @@ |
342 |
<field type="literal" id="service_label" value=""> |
343 |
<description>SERVICE_DESCRIPTION</description> |
344 |
</field> |
345 |
- |
346 |
<subroutine src="print_custom_button('PER_SERVICE_GEOIP', 'Service', '')"/> |
347 |
|
348 |
<field type="literal" id="stats_label" value=""> |
349 |
@@ -128,10 +127,20 @@ |
350 |
<description>DESC_GEOIP</description> |
351 |
</field> |
352 |
|
353 |
+ <field |
354 |
+ type="select" |
355 |
+ id="masq_reverse" |
356 |
+ options="'enabled' => '!=', 'disabled' => '=='" |
357 |
+ value="get_reverse('masq','XTGeoipRev')"> |
358 |
+ <label>LABEL_REVERSE_MATCH</label> |
359 |
+ <description>DESC_REVERSE_MATCH</description> |
360 |
+ </field> |
361 |
+ |
362 |
<field |
363 |
type="text" |
364 |
id="masq_badcountries" |
365 |
size="64" |
366 |
+ value="get_badcountries(0)" |
367 |
validation="must_exist()"> |
368 |
<label>LABEL_BADCOUNTRIES</label> |
369 |
<description>DESC_BADCOUNTRIES</description> |
370 |
@@ -140,9 +149,18 @@ |
371 |
<field |
372 |
type="literal" |
373 |
id="badcountries" |
374 |
- value="get_badcountries()"> |
375 |
+ value="get_badcountries(1)"> |
376 |
<label>LABEL_BADCOUNTRIES_STATUS</label> |
377 |
</field> |
378 |
+ |
379 |
+ <field |
380 |
+ type="select" |
381 |
+ id="masq_others" |
382 |
+ options="'enabled' => 'enabled', 'disabled' => 'disabled'" |
383 |
+ value="get_reverse('masq','XTGeoipOther')"> |
384 |
+ <label>LABEL_OTHERS</label> |
385 |
+ <description>DESC_OTHERS</description> |
386 |
+ </field> |
387 |
|
388 |
<field |
389 |
type="select" |
390 |
@@ -163,7 +181,7 @@ |
391 |
<field |
392 |
type="literal" |
393 |
id="badcountries" |
394 |
- value="get_badcountries()"> |
395 |
+ value="get_badcountries(1)"> |
396 |
<label>LABEL_BADCOUNTRIES_STATUS</label> |
397 |
</field> |
398 |
<subroutine src="print_service_table()" /> |
399 |
@@ -187,14 +205,24 @@ |
400 |
<field |
401 |
type="literal" |
402 |
id="badcountries" |
403 |
- value="get_badcountries()"> |
404 |
+ value="get_badcountries(1)"> |
405 |
<label>LABEL_BADCOUNTRIES_STATUS</label> |
406 |
</field> |
407 |
|
408 |
+ <field |
409 |
+ type="select" |
410 |
+ id="masq_srv_reverse" |
411 |
+ options="'enabled' => '!=', 'disabled' => '=='" |
412 |
+ value="get_reverse('','XTGeoipRev')"> |
413 |
+ <label>LABEL_REVERSE_MATCH</label> |
414 |
+ <description>DESC_REVERSE_MATCH</description> |
415 |
+ </field> |
416 |
+ |
417 |
<field |
418 |
type="text" |
419 |
id="masq_srv_badcountries" |
420 |
size="64" |
421 |
+ value="get_srv_badcountries(0)" |
422 |
validation="srv_must_exist()"> |
423 |
<label>LABEL_BADCOUNTRIES</label> |
424 |
<description>DESC_BADCOUNTRIES</description> |
425 |
@@ -203,7 +231,7 @@ |
426 |
<field |
427 |
type="literal" |
428 |
id="srv_badcountries" |
429 |
- value="get_srv_badcountries()"> |
430 |
+ value="get_srv_badcountries(1)"> |
431 |
<label>LABEL_SERV_BADCOUNTRIES_STATUS</label> |
432 |
</field> |
433 |
|
434 |
diff -Nur smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm |
435 |
--- smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-07-23 03:16:53.284411435 +0200 |
436 |
+++ smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-07-23 02:49:15.000000000 +0200 |
437 |
@@ -23,6 +23,7 @@ |
438 |
get_value |
439 |
get_badcountries |
440 |
get_geoip |
441 |
+ get_reverse |
442 |
print_service_table |
443 |
get_stat_geoip |
444 |
print_custom_button |
445 |
@@ -139,7 +140,12 @@ |
446 |
|
447 |
sub get_badcountries |
448 |
{ |
449 |
- return $db->get_prop("masq", "BadCountries"); |
450 |
+ my $self = shift; |
451 |
+ my $full = shift; |
452 |
+ my $badc=$db->get_prop("masq", "BadCountries")||""; |
453 |
+ return $badc unless $full ; |
454 |
+ my $rev = (($db->get_prop("masq", "XTGeoipRev")||"disabled") eq "enabled") ? "!=" : "=="; |
455 |
+ return "$rev $badc "; |
456 |
} |
457 |
|
458 |
=head2 get_geoip |
459 |
@@ -152,6 +158,20 @@ |
460 |
return $db->get_prop("masq", "GeoIP") || 'disabled'; |
461 |
} |
462 |
|
463 |
+=head2 get_reverse |
464 |
+ |
465 |
+method to retrieve the value of geoip for the form |
466 |
+=cut |
467 |
+ |
468 |
+sub get_reverse |
469 |
+{ |
470 |
+ my $fm = shift; |
471 |
+ my $item = shift; |
472 |
+ my $prop = shift; |
473 |
+ $item = ($item eq 'masq') ? $item : $fm->cgi->param('name'); |
474 |
+ return $db->get_prop("$item", "$prop") || "disabled"; |
475 |
+} |
476 |
+ |
477 |
=head2 get_stat_geoip |
478 |
|
479 |
method to retrieve the status of geoip for the form |
480 |
@@ -189,15 +209,23 @@ |
481 |
|
482 |
my $mq_bc = get_badcountries(); |
483 |
my $mq_gp = get_geoip(); |
484 |
- my $n_mq_bc = $q->param("masq_badcountries") || $mq_bc; |
485 |
+ my $masq = $db->get('masq') || "disabled"; |
486 |
+ my $mq_rv = $masq->prop('XTGeoipRev') || 'disabled'; |
487 |
+ my $mq_ot = $masq->prop('XTGeoipOther') || 'disabled'; |
488 |
+ |
489 |
+ my $n_mq_bc = $q->param("masq_badcountries"); |
490 |
my $n_mq_gp = $q->param("masq_geoip") || $mq_gp; |
491 |
my $n_upd_gp = $q->param("update_geoip") || ''; |
492 |
- |
493 |
- if (($n_mq_bc eq $mq_bc) && ($n_mq_gp eq $mq_gp) && ($n_upd_gp eq 'NO')) { |
494 |
+ my $n_mq_rv = $q->param("masq_reverse") || $mq_rv ; |
495 |
+ my $n_mq_ot = $q->param("masq_others") || $mq_ot ; |
496 |
+ |
497 |
+ if (($n_mq_bc eq $mq_bc) && ($n_mq_gp eq $mq_gp) && ($n_upd_gp eq 'NO') && ($n_mq_rv eq $mq_rv) && ($n_mq_ot eq $mq_ot)) { |
498 |
return $self->success("NO_CHANGE") |
499 |
} |
500 |
$db->set_prop("masq", "BadCountries", $n_mq_bc); |
501 |
$db->set_prop("masq", "GeoIP", $n_mq_gp); |
502 |
+ $db->set_prop("masq", "XTGeoipRev", $n_mq_rv); |
503 |
+ $db->set_prop("masq", "XTGeoipOther", $n_mq_ot); |
504 |
|
505 |
my $eventloc = "xt_geoip-modify"; |
506 |
$eventloc = "xt_geoip-update" if $n_upd_gp eq 'YES'; |
507 |
@@ -293,9 +321,13 @@ |
508 |
|
509 |
sub get_srv_badcountries |
510 |
{ |
511 |
- my ($self) = @_; |
512 |
+ my $self = shift; |
513 |
my $name = $self->cgi->param('name'); |
514 |
- return $db->get_prop($name, "BadCountries"); |
515 |
+ my $full = shift; |
516 |
+ my $badc=$db->get_prop($name, "BadCountries")||""; |
517 |
+ return $badc unless $full ; |
518 |
+ my $rev = (($db->get_prop($name, "XTGeoipRev")||"disabled") eq "enabled") ? "!=" : "=="; |
519 |
+ return "$rev $badc "; |
520 |
} |
521 |
|
522 |
sub print_service_table { |
523 |
@@ -338,6 +370,7 @@ |
524 |
my $status = $i->prop('status'); |
525 |
my $access = $i->prop('access'); |
526 |
my $servBC = $i->prop('BadCountries') || ' '; |
527 |
+ my $servRev = (( $i->prop('XTGeoipRev')|| 'disabled') eq 'disabled' )? '==': '!='; |
528 |
|
529 |
my $params = $self->build_serv_cgi_params($servname, $i->props()); |
530 |
|
531 |
@@ -352,13 +385,15 @@ |
532 |
. ' '; |
533 |
|
534 |
my $color = 'red'; |
535 |
- if ($status eq 'disabled' || $access ne 'public') { $color = 'green'; } |
536 |
+ my $deco= "none"; |
537 |
+ if ($servRev eq '!=' ) { $color = 'green'; } |
538 |
+ if ($status eq 'disabled' || $access ne 'public') { $color = 'grey'; $deco= "line-through"; } |
539 |
print $q->Tr ( |
540 |
esmith::cgi::genSmallCell($q, $servname,"normal"), |
541 |
esmith::cgi::genSmallCell($q, $port,"normal"), |
542 |
- esmith::cgi::genSmallCell($q, $status,"header"), |
543 |
- esmith::cgi::genSmallCell($q, $access,"header"), |
544 |
- esmith::cgi::genSmallCell($q, "<font color='$color'>" . $servBC . "</font>","header"), |
545 |
+ esmith::cgi::genSmallCell($q, $status,"normal"), |
546 |
+ esmith::cgi::genSmallCell($q, $access,"normal"), |
547 |
+ esmith::cgi::genSmallCell($q, "<font color='$color' style='text-decoration: $deco'>" . "$servRev $servBC" . "</font>","normal"), |
548 |
esmith::cgi::genSmallCell($q, $actionModify,"normal"), |
549 |
esmith::cgi::genSmallCell($q, $actionRemove,"normal")); |
550 |
} |
551 |
@@ -386,7 +421,8 @@ |
552 |
if (my $serv = $db->get($name)) { |
553 |
my $servBC = $serv->prop('BadCountries') || ''; |
554 |
if ($servBC ne '') { |
555 |
- $db->set_prop($name, "BadCountries", ''); |
556 |
+ my $tps = $db->set_prop_and_delete($name, "BadCountries"); |
557 |
+ $tps = $db->get_prop_and_delete($name, "XTGeoipRev"); |
558 |
# Untaint $name before use in system() |
559 |
# $name =~ /(.+)/; $name = $1; |
560 |
if (system ("/sbin/e-smith/signal-event", "xt_geoip-service") == 0) |
561 |
@@ -410,14 +446,17 @@ |
562 |
my $name = $self->cgi->param('name'); |
563 |
if (my $serv = $db->get($name)) { |
564 |
my $servBC = $serv->prop('BadCountries') || ''; |
565 |
+ my $servRev = $serv->prop('XTGeoipRev') || 'disabled'; |
566 |
|
567 |
my $q = $self->{'cgi'}; |
568 |
- my $n_servBC = $q->param("masq_srv_badcountries") || $servBC; |
569 |
- |
570 |
- if ($n_servBC eq $servBC) { |
571 |
+ my $n_servBC = $q->param("masq_srv_badcountries"); |
572 |
+ my $n_servRev = $q->param("masq_srv_reverse") || $servRev; |
573 |
+ |
574 |
+ if ($n_servBC eq $servBC && $n_servRev eq $servRev ) { |
575 |
return $self->success("NO_CHANGE") |
576 |
} |
577 |
$db->set_prop($name, "BadCountries", $n_servBC); |
578 |
+ $db->set_prop($name, "XTGeoipRev", $n_servRev); |
579 |
|
580 |
if (system ( "/sbin/e-smith/signal-event", "xt_geoip-service" ) == 0 ) |
581 |
{ |