/[smecontribs]/rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-bz10760-per_serv2.patch
ViewVC logotype

Contents of /rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-bz10760-per_serv2.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.3 - (show annotations) (download)
Tue Jul 23 22:45:49 2019 UTC (5 years, 4 months ago) by jpp
Branch: MAIN
CVS Tags: smeserver-xt_geoip-1_0_1-18_el6_sme, smeserver-xt_geoip-1_0_1-20_el6_sme, smeserver-xt_geoip-1_0_1-17_el6_sme, smeserver-xt_geoip-1_0_1-24_el6_sme, smeserver-xt_geoip-1_0_1-23_el6_sme, smeserver-xt_geoip-1_0_1-26_el6_sme, smeserver-xt_geoip-1_0_1-25_el6_sme, smeserver-xt_geoip-1_0_1-16_el6_sme, smeserver-xt_geoip-1_0_1-22_el6_sme, smeserver-xt_geoip-1_0_1-21_el6_sme, smeserver-xt_geoip-1_0_1-19_el6_sme, HEAD
Changes since 1.2: +148 -0 lines
* Wed Jul 24 2019 Jean-Philipe Pialasse <tests@pialasse.com> 1.0.1-16.sme
- add missing file to patch [SME: 10760]
- workaround link issue in source [SME: 10790]

1 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/BadCountries smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/BadCountries
2 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/BadCountries 2017-09-15 14:44:39.000000000 +0200
3 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/BadCountries 2019-07-23 02:54:03.000000000 +0200
4 @@ -1 +0,0 @@
5 -A1
6 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip
7 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-07-23 03:16:53.259411436 +0200
8 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-07-23 03:20:21.597404763 +0200
9 @@ -197,4 +197,25 @@
10 <trans>Too many countries chosen: {$ctr}</trans>
11 </entry>
12
13 + <entry>
14 + <base>LABEL_REVERSE_MATCH</base>
15 + <trans>Reject if</trans>
16 + </entry>
17 +
18 + <entry>
19 + <base>DESC_REVERSE_MATCH</base>
20 + <trans>The following option allow to chose if you want reject visitors from the country list (==) which is the default behaviour, or if you want to only let them in (!=).</trans>
21 + </entry>
22 +
23 + <entry>
24 + <base>LABEL_OTHERS</base>
25 + <trans>General filter only for services without rules</trans>
26 + </entry>
27 +
28 + <entry>
29 + <base>DESC_OTHERS</base>
30 + <trans>Choose if you want to have the general filter to apply to all incoming connections or if you do not want to filter ports already defined with a specific service rule. This would allow you to have a service less restricted than the general rule if you enable this.</trans>
31 + </entry>
32 +
33 +
34 </lexicon>
35 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip
36 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-07-23 03:16:53.270411434 +0200
37 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-07-22 03:12:53.000000000 +0200
38 @@ -8,14 +8,10 @@
39 my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
40 my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
41 my $port;
42 - my $locPorts;
43 + my @locPorts;
44 my $servStatus;
45 my $locBC;
46 - if ($GP eq 'enabled')
47 - {
48 - if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
49 - {
50 - # to allow reload
51 + # to allow reload
52 $OUT .=<<'EOF';
53 # A blacklist chain for xtables-addons GEOIP
54 /sbin/iptables --new-chain XTGeoIP
55 @@ -24,8 +20,34 @@
56 /sbin/iptables --insert INPUT 1 \
57 -j XTGeoIP
58 EOF
59 +
60 + if ($GP eq 'enabled')
61 + {
62 + if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
63 + {
64 +
65 +# do not block LAN
66 + my $locals = "@locals";
67 + if (@locals)
68 + {
69 + # Make a new local_chk chain and add any networks found in networks db
70 + foreach my $local (@locals)
71 + {
72 + # If the network is a remote vpn subnet, restrict it to the ipsec0
73 + # interface.
74 + my ($net, $msk) = split /\//, $local;
75 + my $netrec = $nets->get($net);
76 + die "Can't find network $net in networks db!\n" unless $netrec;
77 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -s $local";
78 + if (($netrec->prop('remoteVPNSubnet') || 'no') eq 'yes')
79 + {
80 + $OUT .= " --in-interface ipsec0";
81 + }
82 + $OUT .= " -j RETURN\n";
83 + }
84 + }
85 +
86 ##adding here for service specific
87 - $locPorts='';
88
89 my @services = split(/,/, $masq{'XtServices'});
90 foreach my $servName (@services)
91 @@ -34,22 +56,27 @@
92 my $servStatus = ${$servName}{'status'} || 'disabled';
93 my $servAccess = ${$servName}{'access'} || 'private';
94 my $locBC = ${$servName}{'BadCountries'} || '';
95 + my $reverse = ( ( ${$servName}{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": "";
96 if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
97 - $locPorts .= "$port,";
98 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
99 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
100 + push @locPorts, $port;
101 + my $multi = ( $port =~ /[,:]/ )? "-m multiport --dports" : "--dport";
102 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
103 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j DROP\n";
104 }
105 }
106
107 # block for other or all should move there
108 if ($BC ne '') {
109 - if ($locPorts ne '') {
110 - $locPorts = substr $locPorts, 0, -1;
111 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
112 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
113 + my $reverse = ( ( $masq{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": "";
114 + my $others = ( ( $masq{'XTGeoipOther'} || 'enabled') eq "disabled") ? 1 : 0;
115 + @locPorts = () unless $others;
116 + if (@locPorts != 0) {
117 + my $LocPorts = join ',', @locPorts;
118 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
119 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j DROP\n";
120 } else {
121 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
122 - $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j DROP\n";
123 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
124 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip $reverse --src-cc $BC -j DROP\n";
125 }
126 }
127 $OUT .= " /sbin/iptables --append XTGeoIP_1" .
128 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip
129 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 2019-07-23 03:16:53.293411435 +0200
130 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 2019-07-22 00:35:29.000000000 +0200
131 @@ -7,11 +7,11 @@
132 my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
133 my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
134 my $port;
135 - my $locPorts;
136 + my @locPorts;
137 my $servStatus;
138 my $locBC;
139
140 - # to allow reload without locking just after initial install
141 + # to allow reload without locking just after initial install
142 $OUT .=<<'EOF';
143 iptables -n --list XTGeoIP >/dev/null 2>&1
144 test=$?
145 @@ -36,8 +36,28 @@
146 {
147 if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
148 {
149 - # add content here
150 - $locPorts = '';
151 +
152 +# do not block LAN
153 + my $locals = "@locals";
154 + if (@locals)
155 + {
156 + # Make a new local_chk chain and add any networks found in networks db
157 + foreach my $local (@locals)
158 + {
159 + # If the network is a remote vpn subnet, restrict it to the ipsec0
160 + # interface.
161 + my ($net, $msk) = split /\//, $local;
162 + my $netrec = $nets->get($net);
163 + die "Can't find network $net in networks db!\n" unless $netrec;
164 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -s $local";
165 + if (($netrec->prop('remoteVPNSubnet') || 'no') eq 'yes')
166 + {
167 + $OUT .= " --in-interface ipsec0";
168 + }
169 + $OUT .= " -j RETURN\n";
170 + }
171 + }
172 +
173 my @services = split(/,/, $masq{'XtServices'});
174
175 foreach my $servName (@services)
176 @@ -46,33 +66,27 @@
177 my $servStatus = ${$servName}{'status'} || 'disabled';
178 my $servAccess = ${$servName}{'access'} || 'private';
179 my $locBC = ${$servName}{'BadCountries'} || '';
180 + my $reverse = ( ( ${$servName}{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": "";
181 if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
182 - $locPorts .= "$port,";
183 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
184 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
185 + push @locPorts, $port;
186 + my $multi = ( $port =~ /[,:]/ )? "-m multiport --dports" : "--dport";
187 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
188 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip $reverse --src-cc $locBC -p tcp $multi $port -j DROP\n";
189 }
190 }
191
192 - ##adding here for service specific
193 - # imaps 993
194 - #$locBC = $imaps{BadCountries} || '';
195 - #$servStatus = $imaps{'status'} || 'disabled';
196 - #$port = $imaps{'TCPPort'} || '993';
197 - #if ($servStatus eq 'enabled' and $locBC ne '') {
198 - # $locPorts .= "${port},";
199 - # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: IMAPS\"\n";
200 - # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
201 - #}
202 -
203 # block for all or other ports should move there
204 if ($BC ne '') {
205 - if ($locPorts ne '') {
206 - $locPorts = substr $locPorts, 0, -1;
207 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
208 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
209 + my $reverse = ( ( $masq{'XTGeoipRev'} || 'disabled' ) eq "enabled" )? "!": "";
210 + my $others = ( ( $masq{'XTGeoipOther'} || 'disabled') eq "enabled") ? 1 : 0;
211 + @locPorts = () unless $others;
212 + if (@locPorts != 0) {
213 + my $LocPorts = join ',', @locPorts;
214 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
215 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $LocPorts $reverse --src-cc $BC -j DROP\n";
216 } else {
217 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
218 - $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j DROP\n";
219 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip $reverse --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
220 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip $reverse --src-cc $BC -j DROP\n";
221 }
222 }
223 $OUT .= " /sbin/iptables --append \$NEW_XTGeoIP" .
224 diff -Nur smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip
225 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip 2019-07-23 03:16:53.279411436 +0200
226 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip 2019-07-23 02:18:09.000000000 +0200
227 @@ -81,7 +81,7 @@
228 <field
229 type="literal"
230 id="badcountries"
231 - value="get_badcountries()">
232 + value="get_badcountries(1)">
233 <label>LABEL_BADCOUNTRIES_STATUS</label>
234 </field>
235
236 @@ -102,7 +102,6 @@
237 <field type="literal" id="service_label" value="">
238 <description>SERVICE_DESCRIPTION</description>
239 </field>
240 -
241 <subroutine src="print_custom_button('PER_SERVICE_GEOIP', 'Service', '')"/>
242
243 <field type="literal" id="stats_label" value="">
244 @@ -128,10 +127,20 @@
245 <description>DESC_GEOIP</description>
246 </field>
247
248 + <field
249 + type="select"
250 + id="masq_reverse"
251 + options="'enabled' => '!=', 'disabled' => '=='"
252 + value="get_reverse('masq','XTGeoipRev')">
253 + <label>LABEL_REVERSE_MATCH</label>
254 + <description>DESC_REVERSE_MATCH</description>
255 + </field>
256 +
257 <field
258 type="text"
259 id="masq_badcountries"
260 size="64"
261 + value="get_badcountries(0)"
262 validation="must_exist()">
263 <label>LABEL_BADCOUNTRIES</label>
264 <description>DESC_BADCOUNTRIES</description>
265 @@ -140,9 +149,18 @@
266 <field
267 type="literal"
268 id="badcountries"
269 - value="get_badcountries()">
270 + value="get_badcountries(1)">
271 <label>LABEL_BADCOUNTRIES_STATUS</label>
272 </field>
273 +
274 + <field
275 + type="select"
276 + id="masq_others"
277 + options="'enabled' => 'enabled', 'disabled' => 'disabled'"
278 + value="get_reverse('masq','XTGeoipOther')">
279 + <label>LABEL_OTHERS</label>
280 + <description>DESC_OTHERS</description>
281 + </field>
282
283 <field
284 type="select"
285 @@ -163,7 +181,7 @@
286 <field
287 type="literal"
288 id="badcountries"
289 - value="get_badcountries()">
290 + value="get_badcountries(1)">
291 <label>LABEL_BADCOUNTRIES_STATUS</label>
292 </field>
293 <subroutine src="print_service_table()" />
294 @@ -187,14 +205,24 @@
295 <field
296 type="literal"
297 id="badcountries"
298 - value="get_badcountries()">
299 + value="get_badcountries(1)">
300 <label>LABEL_BADCOUNTRIES_STATUS</label>
301 </field>
302
303 + <field
304 + type="select"
305 + id="masq_srv_reverse"
306 + options="'enabled' => '!=', 'disabled' => '=='"
307 + value="get_reverse('','XTGeoipRev')">
308 + <label>LABEL_REVERSE_MATCH</label>
309 + <description>DESC_REVERSE_MATCH</description>
310 + </field>
311 +
312 <field
313 type="text"
314 id="masq_srv_badcountries"
315 size="64"
316 + value="get_srv_badcountries(0)"
317 validation="srv_must_exist()">
318 <label>LABEL_BADCOUNTRIES</label>
319 <description>DESC_BADCOUNTRIES</description>
320 @@ -203,7 +231,7 @@
321 <field
322 type="literal"
323 id="srv_badcountries"
324 - value="get_srv_badcountries()">
325 + value="get_srv_badcountries(1)">
326 <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
327 </field>
328
329 diff -Nur smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm
330 --- smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-07-24 00:42:22.094158127 +0200
331 +++ smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-07-23 02:49:15.000000000 +0200
332 @@ -23,6 +23,7 @@
333 get_value
334 get_badcountries
335 get_geoip
336 + get_reverse
337 print_service_table
338 get_stat_geoip
339 print_custom_button
340 @@ -139,7 +140,12 @@
341
342 sub get_badcountries
343 {
344 - return $db->get_prop("masq", "BadCountries");
345 + my $self = shift;
346 + my $full = shift;
347 + my $badc=$db->get_prop("masq", "BadCountries")||"";
348 + return $badc unless $full ;
349 + my $rev = (($db->get_prop("masq", "XTGeoipRev")||"disabled") eq "enabled") ? "!=" : "==";
350 + return "$rev $badc ";
351 }
352
353 =head2 get_geoip
354 @@ -152,6 +158,20 @@
355 return $db->get_prop("masq", "GeoIP") || 'disabled';
356 }
357
358 +=head2 get_reverse
359 +
360 +method to retrieve the value of geoip for the form
361 +=cut
362 +
363 +sub get_reverse
364 +{
365 + my $fm = shift;
366 + my $item = shift;
367 + my $prop = shift;
368 + $item = ($item eq 'masq') ? $item : $fm->cgi->param('name');
369 + return $db->get_prop("$item", "$prop") || "disabled";
370 +}
371 +
372 =head2 get_stat_geoip
373
374 method to retrieve the status of geoip for the form
375 @@ -189,15 +209,23 @@
376
377 my $mq_bc = get_badcountries();
378 my $mq_gp = get_geoip();
379 - my $n_mq_bc = $q->param("masq_badcountries") || $mq_bc;
380 + my $masq = $db->get('masq') || "disabled";
381 + my $mq_rv = $masq->prop('XTGeoipRev') || 'disabled';
382 + my $mq_ot = $masq->prop('XTGeoipOther') || 'disabled';
383 +
384 + my $n_mq_bc = $q->param("masq_badcountries");
385 my $n_mq_gp = $q->param("masq_geoip") || $mq_gp;
386 my $n_upd_gp = $q->param("update_geoip") || '';
387 -
388 - if (($n_mq_bc eq $mq_bc) && ($n_mq_gp eq $mq_gp) && ($n_upd_gp eq 'NO')) {
389 + my $n_mq_rv = $q->param("masq_reverse") || $mq_rv ;
390 + my $n_mq_ot = $q->param("masq_others") || $mq_ot ;
391 +
392 + if (($n_mq_bc eq $mq_bc) && ($n_mq_gp eq $mq_gp) && ($n_upd_gp eq 'NO') && ($n_mq_rv eq $mq_rv) && ($n_mq_ot eq $mq_ot)) {
393 return $self->success("NO_CHANGE")
394 }
395 $db->set_prop("masq", "BadCountries", $n_mq_bc);
396 $db->set_prop("masq", "GeoIP", $n_mq_gp);
397 + $db->set_prop("masq", "XTGeoipRev", $n_mq_rv);
398 + $db->set_prop("masq", "XTGeoipOther", $n_mq_ot);
399
400 my $eventloc = "xt_geoip-modify";
401 $eventloc = "xt_geoip-update" if $n_upd_gp eq 'YES';
402 @@ -293,9 +321,13 @@
403
404 sub get_srv_badcountries
405 {
406 - my ($self) = @_;
407 + my $self = shift;
408 my $name = $self->cgi->param('name');
409 - return $db->get_prop($name, "BadCountries");
410 + my $full = shift;
411 + my $badc=$db->get_prop($name, "BadCountries")||"";
412 + return $badc unless $full ;
413 + my $rev = (($db->get_prop($name, "XTGeoipRev")||"disabled") eq "enabled") ? "!=" : "==";
414 + return "$rev $badc ";
415 }
416
417 sub print_service_table {
418 @@ -338,6 +370,7 @@
419 my $status = $i->prop('status');
420 my $access = $i->prop('access');
421 my $servBC = $i->prop('BadCountries') || ' ';
422 + my $servRev = (( $i->prop('XTGeoipRev')|| 'disabled') eq 'disabled' )? '==': '!=';
423
424 my $params = $self->build_serv_cgi_params($servname, $i->props());
425
426 @@ -352,13 +385,15 @@
427 . '&nbsp';
428
429 my $color = 'red';
430 - if ($status eq 'disabled' || $access ne 'public') { $color = 'green'; }
431 + my $deco= "none";
432 + if ($servRev eq '!=' ) { $color = 'green'; }
433 + if ($status eq 'disabled' || $access ne 'public') { $color = 'grey'; $deco= "line-through"; }
434 print $q->Tr (
435 esmith::cgi::genSmallCell($q, $servname,"normal"),
436 esmith::cgi::genSmallCell($q, $port,"normal"),
437 - esmith::cgi::genSmallCell($q, $status,"header"),
438 - esmith::cgi::genSmallCell($q, $access,"header"),
439 - esmith::cgi::genSmallCell($q, "<font color='$color'>" . $servBC . "</font>","header"),
440 + esmith::cgi::genSmallCell($q, $status,"normal"),
441 + esmith::cgi::genSmallCell($q, $access,"normal"),
442 + esmith::cgi::genSmallCell($q, "<font color='$color' style='text-decoration: $deco'>" . "$servRev $servBC" . "</font>","normal"),
443 esmith::cgi::genSmallCell($q, $actionModify,"normal"),
444 esmith::cgi::genSmallCell($q, $actionRemove,"normal"));
445 }
446 @@ -386,7 +421,8 @@
447 if (my $serv = $db->get($name)) {
448 my $servBC = $serv->prop('BadCountries') || '';
449 if ($servBC ne '') {
450 - $db->set_prop($name, "BadCountries", '');
451 + my $tps = $db->set_prop_and_delete($name, "BadCountries");
452 + $tps = $db->get_prop_and_delete($name, "XTGeoipRev");
453 # Untaint $name before use in system()
454 # $name =~ /(.+)/; $name = $1;
455 if (system ("/sbin/e-smith/signal-event", "xt_geoip-service") == 0)
456 @@ -410,14 +446,17 @@
457 my $name = $self->cgi->param('name');
458 if (my $serv = $db->get($name)) {
459 my $servBC = $serv->prop('BadCountries') || '';
460 + my $servRev = $serv->prop('XTGeoipRev') || 'disabled';
461
462 my $q = $self->{'cgi'};
463 - my $n_servBC = $q->param("masq_srv_badcountries") || $servBC;
464 -
465 - if ($n_servBC eq $servBC) {
466 + my $n_servBC = $q->param("masq_srv_badcountries");
467 + my $n_servRev = $q->param("masq_srv_reverse") || $servRev;
468 +
469 + if ($n_servBC eq $servBC && $n_servRev eq $servRev ) {
470 return $self->success("NO_CHANGE")
471 }
472 $db->set_prop($name, "BadCountries", $n_servBC);
473 + $db->set_prop($name, "XTGeoipRev", $n_servRev);
474
475 if (system ( "/sbin/e-smith/signal-event", "xt_geoip-service" ) == 0 )
476 {

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed