/[smecontribs]/rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-per_serv.patch
ViewVC logotype

Annotation of /rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-per_serv.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (hide annotations) (download)
Wed May 1 21:34:13 2019 UTC (5 years, 7 months ago) by michel
Branch: MAIN
CVS Tags: smeserver-xt_geoip-1_0_1-18_el6_sme, smeserver-xt_geoip-1_0_1-20_el6_sme, smeserver-xt_geoip-1_0_1-14_el6_sme, smeserver-xt_geoip-1_0_1-17_el6_sme, smeserver-xt_geoip-1_0_1-24_el6_sme, smeserver-xt_geoip-1_0_1-23_el6_sme, smeserver-xt_geoip-1_0_1-26_el6_sme, smeserver-xt_geoip-1_0_1-25_el6_sme, smeserver-xt_geoip-1_0_1-12_el6_sme, smeserver-xt_geoip-1_0_1-16_el6_sme, smeserver-xt_geoip-1_0_1-15_el6_sme, smeserver-xt_geoip-1_0_1-22_el6_sme, smeserver-xt_geoip-1_0_1-21_el6_sme, smeserver-xt_geoip-1_0_1-13_el6_sme, smeserver-xt_geoip-1_0_1-19_el6_sme, HEAD
Changes since 1.1: +9 -8 lines
* Wed Apr 24 2019 Michel Begue <mab974@gmail.com> 1.0.1-12.sme
- add per service management of GeoIP bans [SME: 10760]

1 michel 1.1 diff -urN smeserver-xt_geoip-1.0.1.old/createlinks smeserver-xt_geoip-1.0.1/createlinks
2     --- smeserver-xt_geoip-1.0.1.old/createlinks 2019-05-02 00:12:10.000000000 +0400
3     +++ smeserver-xt_geoip-1.0.1/createlinks 2019-04-23 22:52:31.000000000 +0400
4     @@ -12,14 +12,16 @@
5     # links to add
6    
7     # templates to expand
8     -for my $event (qw(xt_geoip-modify xt_geoip-update bootstrap-console-save console-save))
9     +for my $event (qw(xt_geoip-modify xt_geoip-update xt_geoip-service bootstrap-console-save console-save))
10     {
11     templates2events("/etc/rc.d/init.d/masq", $event);
12     templates2events("/etc/crontab", $event);
13     templates2events("/usr/share/xt_geoip/update_base", $event);
14     - if ($event ne 'xt_geoip-modify') {
15     - event_link("smeserver-xt_geoip-download-action", $event, "10");
16     }
17     +
18     +for my $event (qw(xt_geoip-update bootstrap-console-save console-save))
19     +{
20     + event_link("smeserver-xt_geoip-download-action", $event, "10");
21     }
22    
23     # services to launch on event
24     @@ -29,4 +31,10 @@
25     "root/etc/e-smith/events/$event/services2adjust/masq");
26     }
27    
28     +for my $event (qw(xt_geoip-service))
29     +{
30     + safe_symlink("adjust",
31     + "root/etc/e-smith/events/$event/services2adjust/masq");
32     +}
33     +
34     # actions to perform
35     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/XtServices smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/XtServices
36     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/XtServices 1970-01-01 04:00:00.000000000 +0400
37     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/XtServices 2019-04-24 14:38:38.000000000 +0400
38     @@ -0,0 +1 @@
39     +imaps,pop3s,sshd,ftp,ssmtpd
40     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip
41     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-05-02 00:12:10.000000000 +0400
42     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-04-29 19:35:33.000000000 +0400
43     @@ -96,12 +96,12 @@
44    
45     <entry>
46     <base>IPT_LIST</base>
47     - <trans>Geoip ban</trans>
48     + <trans>Stats of XT-geoip prevented connections</trans>
49     </entry>
50    
51     <entry>
52     <base>SSH_LIST</base>
53     - <trans>Ssh errors</trans>
54     + <trans>Stats of SSH errors not blocked by XT-geoip</trans>
55     </entry>
56    
57     <entry>
58     @@ -129,4 +129,72 @@
59     </trans>
60     </entry>
61    
62     + <entry>
63     + <base>SERVICE_DESCRIPTION</base>
64     + <trans><![CDATA[ <h2> Per service filtering for Xtables GeoIP</h2><ul>
65     + <li>If you want different filtering for certain services</li>
66     + </ul><p><i></i></p> ]]>
67     + </trans>
68     + </entry>
69     +
70     + <entry>
71     + <base>LABEL_SERVICE</base>
72     + <trans>Service name : </trans>
73     + </entry>
74     +
75     + <entry>
76     + <base>PER_SERVICE_GEOIP</base>
77     + <trans>-> Services</trans>
78     + </entry>
79     +
80     + <entry>
81     + <base>ADD_SERVICE</base>
82     + <trans>Add or modify a per service filtering</trans>
83     + </entry>
84     +
85     + <entry>
86     + <base>ADD_DESC</base>
87     + <trans>You are choosing a particular country filtering for this service</trans>
88     + </entry>
89     +
90     + <entry>
91     + <base>REMOVE_SERVICE</base>
92     + <trans>Delete a per service filtering</trans>
93     + </entry>
94     +
95     + <entry>
96     + <base>REMOVE_DESC</base>
97     + <trans>You are deleting a filtering by service. The general filtering will then apply.</trans>
98     + </entry>
99     +
100     + <entry>
101     + <base>SERV_NOT_BAN</base>
102     + <trans>Unfiltered service.</trans>
103     + </entry>
104     +
105     + <entry>
106     + <base>NO_SERVICES</base>
107     + <trans>No services.</trans>
108     + </entry>
109     +
110     + <entry>
111     + <base>LABEL_SERV_BADCOUNTRIES_STATUS</base>
112     + <trans>List of rejected country codes for the service : </trans>
113     + </entry>
114     +
115     + <entry>
116     + <base>SUCCESSFULLY_DELETED_SERVICE</base>
117     + <trans>Per service filtering successfully deleted... New filtering taken into account.</trans>
118     + </entry>
119     +
120     + <entry>
121     + <base>BADCOUNTRIES</base>
122     + <trans>Blacklist</trans>
123     + </entry>
124     +
125     + <entry>
126     + <base>ERR_COUNTRY_MAX: {$ctr}</base>
127     + <trans>Too many countries chosen: {$ctr}</trans>
128     + </entry>
129     +
130     </lexicon>
131     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip
132     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip 2019-05-02 00:12:10.000000000 +0400
133     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip 2019-04-29 19:33:56.000000000 +0400
134     @@ -43,15 +43,16 @@
135    
136     <entry>
137     <base>XT_GEOIP_STATUS_DESCRIPTION</base>
138     - <trans><![CDATA[ <ul> <li>Le filtrage IP peut être activé ou désactivé à l'aide du bouton adéquat</li>
139     + <trans><![CDATA[ <h2>Filtrage général pour Xtables GeoIP </h2>
140     + <ul> <li>Le filtrage IP peut être activé ou désactivé à l'aide du bouton adéquat</li>
141     <li>Les codes des pays à bannir peut être saisis dans le champ correspondant</li>
142     <li>Une mise à jour immédiate de la table peut être demandée ici.</li></ul>
143     - <p><i>Attention à ne pas bannir les adresses IP nécessaires au fonctionnement de votre serveur !</i></p> <br><br> ]]></trans>
144     + <p><i>Attention à ne pas bannir les adresses IP nécessaires au fonctionnement de votre serveur !</i></p> <br> ]]></trans>
145     </entry>
146    
147     <entry>
148     <base>LABEL_BADCOUNTRIES_STATUS</base>
149     - <trans>Liste actuelle des codes pays rejetés : </trans>
150     + <trans>Liste générale des codes pays rejetés : </trans>
151     </entry>
152    
153     <entry>
154     @@ -60,12 +61,6 @@
155     </entry>
156    
157     <entry>
158     - <base>ERR_COUNTRY_MAX: {$ctr}</base>
159     - <trans>Code pays, maximum atteint: {$ctr}</trans>
160     - </entry>
161     -
162     -
163     - <entry>
164     <base>LABEL_BADCOUNTRIES</base>
165     <trans>Nouveaux codes pays à utiliser :</trans>
166     </entry>
167     @@ -98,14 +93,15 @@
168    
169     <entry>
170     <base>IPT_LIST</base>
171     - <trans>Geoip stop</trans>
172     + <trans>Stats des connexions évitées à l'aide de XT-geoip</trans>
173     </entry>
174    
175     <entry>
176     <base>SSH_LIST</base>
177     - <trans>Ssh erreurs</trans>
178     + <trans>Stats des erreurs SSH non bloquées par XT-geoip</trans>
179     </entry>
180    
181     +
182     <entry>
183     <base>STATS_GENERATED</base>
184     <trans>Statistiques générées</trans>
185     @@ -123,12 +119,80 @@
186    
187     <entry>
188     <base>STATS_DESCRIPTION</base>
189     - <trans><![CDATA[ <h3>Statistiques pour Xtables GeoIP</h3><ul>
190     + <trans><![CDATA[ <h2>Statistiques pour Xtables GeoIP </h2><ul>
191     <li>Pour 3 périodes : Jour, Semaine et Mois</li>
192     <li>Ips bloqués par pays triés par score</li>
193     <li>Erreurs Ssh par pays triées par score </li>
194     </ul><p><i>XX signifie Pays non trouvé !</i></p> ]]>
195     </trans>
196     </entry>
197     +
198     + <entry>
199     + <base>SERVICE_DESCRIPTION</base>
200     + <trans><![CDATA[ <h2> Filtrage par service pour Xtables GeoIP</h2><ul>
201     + <li>Si vous souhaitez un filtrage différent pour certains services</li>
202     + </ul><p><i></i></p> ]]>
203     + </trans>
204     + </entry>
205     +
206     + <entry>
207     + <base>LABEL_SERVICE</base>
208     + <trans>Nom du service : </trans>
209     + </entry>
210     +
211     + <entry>
212     + <base>PER_SERVICE_GEOIP</base>
213     + <trans>-> Services</trans>
214     + </entry>
215     +
216     + <entry>
217     + <base>ADD_SERVICE</base>
218     + <trans>Ajouter ou modifier un fitrage par service</trans>
219     + </entry>
220     +
221     + <entry>
222     + <base>ADD_DESC</base>
223     + <trans>Vous allez choisir un filtrage pays particulier pour ce service</trans>
224     + </entry>
225     +
226     + <entry>
227     + <base>REMOVE_SERVICE</base>
228     + <trans>Supprimer un fitrage par service</trans>
229     + </entry>
230     +
231     + <entry>
232     + <base>REMOVE_DESC</base>
233     + <trans>Vous allez supprimer un filtrage par service. Le filtrage général va alors s'appliquer.</trans>
234     + </entry>
235     +
236     + <entry>
237     + <base>SERV_NOT_BAN</base>
238     + <trans>Service non filtré.</trans>
239     + </entry>
240     +
241     + <entry>
242     + <base>NO_SERVICES</base>
243     + <trans>Aucun service.</trans>
244     + </entry>
245     +
246     + <entry>
247     + <base>LABEL_SERV_BADCOUNTRIES_STATUS</base>
248     + <trans>Liste des codes pays rejetés du service : </trans>
249     + </entry>
250     +
251     + <entry>
252     + <base>SUCCESSFULLY_DELETED_SERVICE</base>
253     + <trans>Suppression du service réussi... Nouveau filtrage pris en compte.</trans>
254     + </entry>
255     +
256     + <entry>
257     + <base>BADCOUNTRIES</base>
258     + <trans>Liste noire</trans>
259     + </entry>
260     +
261     + <entry>
262     + <base>ERR_COUNTRY_MAX: {$ctr}</base>
263     + <trans>Code(s) pays inexistant(s) sur le serveur: {$listerr}</trans>
264     + </entry>
265    
266     </lexicon>
267     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip
268     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-05-02 00:12:10.000000000 +0400
269     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-04-24 17:24:02.000000000 +0400
270     @@ -7,16 +7,54 @@
271     my $PATH_MODULE = "/lib/modules/$KERNEL/extra/xt_geoip.ko";
272     my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
273     my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
274     - if ($GP eq 'enabled' and $BC ne '')
275     + my $port;
276     + my $locPorts;
277     + my $servStatus;
278     + my $locBC;
279     + if ($GP eq 'enabled')
280     {
281     if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
282     {
283     - $OUT .= " ## xtables-addons GEOIP ##\n";
284     - $OUT .= " /sbin/iptables -A INPUT -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
285     - $OUT .= " /sbin/iptables -A INPUT -m geoip --src-cc $BC -j DROP\n";
286     - $OUT .= " ## xtables-addons GEOIP ##\n";
287     - } else
288     - { $OUT .= " # module xt_geoip not found for current kernel"; }
289     - } else
290     - { $OUT .= " # xt_geoip disabled or no 'BadCountries' defined\n"; }
291     + # to allow reload
292     + $OUT .=<<'EOF';
293     + # A blacklist chain for xtables-addons GEOIP
294     + /sbin/iptables --new-chain XTGeoIP
295     + /sbin/iptables --new-chain XTGeoIP_1
296     + /sbin/iptables --append XTGeoIP -j XTGeoIP_1
297     + /sbin/iptables --insert INPUT 1 \
298     + -j XTGeoIP
299     +EOF
300     + ##adding here for service specific
301     + $locPorts='';
302     +
303     + my @services = split(/,/, $masq{'XtServices'});
304     + foreach my $servName (@services)
305     + {
306     + $port = ${$servName}{'TCPPort'} || '';
307     + my $servStatus = ${$servName}{'status'} || 'disabled';
308     + my $servAccess = ${$servName}{'access'} || 'private';
309     + my $locBC = ${$servName}{'BadCountries'} || '';
310     + if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
311     + $locPorts .= "$port,";
312     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
313     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
314     + }
315     + }
316     +
317     + # block for other or all should move there
318     + if ($BC ne '') {
319     + if ($locPorts ne '') {
320     + $locPorts = substr $locPorts, 0, -1;
321     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
322     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
323     + } else {
324     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
325     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j DROP\n";
326     + }
327     + }
328     + $OUT .= " /sbin/iptables --append XTGeoIP_1" .
329     + " -j RETURN\n";
330     + ## end of add
331     + } else { $OUT .= " # module xt_geoip not found for current kernel\n"; }
332     + } else { $OUT .= " # xt_geoip disabled\n"; }
333     }
334     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip
335     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 1970-01-01 04:00:00.000000000 +0400
336     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 2019-04-24 17:24:22.000000000 +0400
337     @@ -0,0 +1,81 @@
338     +{
339     + my $BC = $masq{BadCountries} || '';
340     + my $GP = $masq{GeoIP} || 'disabled';
341     + my $KERNEL = `/bin/uname -r`;
342     + chomp($KERNEL);
343     + my $PATH_MODULE = "/lib/modules/$KERNEL/extra/xt_geoip.ko";
344     + my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
345     + my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
346     + my $port;
347     + my $locPorts;
348     + my $servStatus;
349     + my $locBC;
350     +
351     +
352     + # Find the current XTGeoIP_$$ chain, and create a new one.
353     + $OUT .=<<'EOF';
354     + OLD_XTGeoIP=$(get_safe_id XTGeoIP filter find)
355     + NEW_XTGeoIP=$(get_safe_id XTGeoIP filter new)
356     + /sbin/iptables --new-chain $NEW_XTGeoIP
357     +EOF
358     +
359     + if ($GP eq 'enabled' and $BC ne '')
360     + {
361     + if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
362     + {
363     + # add content here
364     + $locPorts = '';
365     + my @services = split(/,/, $masq{'XtServices'});
366     +
367     + foreach my $servName (@services)
368     + {
369     + $port = ${$servName}{'TCPPort'} || '';
370     + my $servStatus = ${$servName}{'status'} || 'disabled';
371     + my $servAccess = ${$servName}{'access'} || 'private';
372     + my $locBC = ${$servName}{'BadCountries'} || '';
373     + if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
374     + $locPorts .= "$port,";
375     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
376     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
377     + }
378     + }
379     +
380     + ##adding here for service specific
381     + # imaps 993
382     + #$locBC = $imaps{BadCountries} || '';
383     + #$servStatus = $imaps{'status'} || 'disabled';
384     + #$port = $imaps{'TCPPort'} || '993';
385     + #if ($servStatus eq 'enabled' and $locBC ne '') {
386     + # $locPorts .= "${port},";
387     + # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: IMAPS\"\n";
388     + # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
389     + #}
390     +
391     + # block for all or other ports should move there
392     + if ($BC ne '') {
393     + if ($locPorts ne '') {
394     + $locPorts = substr $locPorts, 0, -1;
395     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
396     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
397     + } else {
398     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
399     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j DROP\n";
400     + }
401     + }
402     + $OUT .= " /sbin/iptables --append \$NEW_XTGeoIP" .
403     + " -j RETURN\n";
404     + ## end of add
405     +
406     + }
407     + }
408     +
409     +
410     + # Having created a new XTGeoIP chain, activate it and destroy the old.
411     + $OUT .=<<'EOF';
412     + /sbin/iptables --replace XTGeoIP 1 \
413     + --jump $NEW_XTGeoIP
414     + /sbin/iptables --flush $OLD_XTGeoIP
415     + /sbin/iptables --delete-chain $OLD_XTGeoIP
416     +EOF
417     +
418     +}
419     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip
420     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip 2019-05-02 00:12:10.000000000 +0400
421     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip 2019-05-02 00:01:09.000000000 +0400
422     @@ -2,9 +2,9 @@
423     # vim: set ft=xml:
424    
425     #----------------------------------------------------------------------
426     -# heading : Administration
427     +# heading : Security
428     # description : GeoIP IP filtering
429     -# navigation : 4000 4900
430     +# navigation : 5000 5610
431     #----------------------------------------------------------------------
432     # copyright (C) 2007 Mitel Networks Corporation
433     #
434     @@ -67,11 +67,10 @@
435     header="/etc/e-smith/web/common/head.tmpl"
436     footer="/etc/e-smith/web/common/foot.tmpl">
437    
438     - <page name="First"
439     - pre-event="print_status_message()">
440     - # post-event="wherenext('Second')" >
441     - # Ssh Ipt Second
442     + <page name="First" pre-event="print_status_message()">
443     + # post-event="wherenext('Second')"
444     <description>XT_GEOIP_STATUS_DESCRIPTION</description>
445     +
446     <field
447     type="literal"
448     id="geoip"
449     @@ -100,7 +99,13 @@
450     <label> </label>
451     </field>
452    
453     - <field type="literal" id="client_label" value="">
454     + <field type="literal" id="service_label" value="">
455     + <description>SERVICE_DESCRIPTION</description>
456     + </field>
457     +
458     + <subroutine src="print_custom_button('PER_SERVICE_GEOIP', 'Service', '')"/>
459     +
460     + <field type="literal" id="stats_label" value="">
461     <description>STATS_DESCRIPTION</description>
462     </field>
463    
464     @@ -110,9 +115,9 @@
465     <subroutine src="print_button('NEXT')" />
466     </page>
467    
468     - <page name="Second"
469     - pre-event="turn_off_buttons"
470     - post-event="change_settings()">
471     +
472     +
473     + <page name="Second" pre-event="turn_off_buttons" post-event="change_settings()">
474    
475     <field
476     type="select"
477     @@ -153,9 +158,84 @@
478     </page>
479    
480    
481     - <page name="Stats"
482     - pre-event="generateStats"
483     - post-event="wherenext('First')" >
484     + <page name="Service" pre-event="print_status_message()" post-event="wherenext('First')">
485     + <description>SERVICE_DESCRIPTION</description>
486     + <field
487     + type="literal"
488     + id="badcountries"
489     + value="get_badcountries()">
490     + <label>LABEL_BADCOUNTRIES_STATUS</label>
491     + </field>
492     + <subroutine src="print_service_table()" />
493     + <subroutine src="print_button('NEXT')"/>
494     + </page>
495     +
496     +
497     +
498     + <page name="SrvModify" pre-event="turn_off_buttons()" post-event="modify_serv()">
499     +
500     + <title>ADD_SERVICE</title>
501     + <description>ADD_DESC</description>
502     +
503     + <field
504     + type="literal"
505     + id="service"
506     + value="get_srv_name()">
507     + <label>LABEL_SERVICE</label>
508     + </field>
509     +
510     + <field
511     + type="literal"
512     + id="badcountries"
513     + value="get_badcountries()">
514     + <label>LABEL_BADCOUNTRIES_STATUS</label>
515     + </field>
516     +
517     + <field
518     + type="text"
519     + id="masq_srv_badcountries"
520     + size="64"
521     + validation="srv_must_exist()">
522     + <label>LABEL_BADCOUNTRIES</label>
523     + <description>DESC_BADCOUNTRIES</description>
524     + </field>
525     +
526     + <field
527     + type="literal"
528     + id="srv_badcountries"
529     + value="get_srv_badcountries()">
530     + <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
531     + </field>
532     +
533     + <subroutine src="print_button('SAVE')" />
534     + </page>
535     +
536     +
537     + <page name="SrvRemove" pre-event="turn_off_buttons()" post-event="remove_serv()">
538     +
539     + <title>REMOVE_SERVICE</title>
540     + <description>REMOVE_DESC</description>
541     +
542     + <field
543     + type="literal"
544     + id="service"
545     + value="get_srv_name()">
546     + <label>LABEL_SERVICE</label>
547     + </field>
548     +
549     + <field
550     + type="literal"
551     + id="badcountries"
552     + value="get_srv_badcountries()">
553     + <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
554     + </field>
555     +
556     + <subroutine src="print_button('REMOVE')" />
557     +
558     + </page>
559     +
560     +
561     + <page name="Stats" pre-event="generateStats" post-event="wherenext('First')">
562     <subroutine src="print_button('NEXT')"/>
563     </page>
564    
565 michel 1.2
566 michel 1.1 diff -urN smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm
567     --- smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-05-02 00:12:10.000000000 +0400
568 michel 1.2 +++ smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-05-02 01:28:49.000000000 +0400
569 michel 1.1 @@ -11,6 +11,7 @@
570     use esmith::FormMagick;
571     use esmith::ConfigDB;
572     use esmith::util;
573     +use esmith::cgi;
574     use File::Basename;
575     use Exporter;
576     use POSIX qw(strftime);
577 michel 1.2 @@ -22,6 +23,15 @@
578     get_value
579     get_badcountries
580     get_geoip
581 michel 1.1 + print_service_table
582     + get_stat_geoip
583     + print_custom_button
584     + generateStats
585     + get_srv_name
586     + get_srv_badcountries
587     + remove_serv
588     + modify_serv
589     + srv_must_exist
590 michel 1.2 get_date_update
591     change_settings
592     must_exist
593 michel 1.1 @@ -214,7 +224,7 @@
594     my @mq_bcs = split /[,:]/, $q->param("masq_badcountries");
595     if (@mq_bcs) {
596     my $ctr = @mq_bcs;
597     - return $self->localise('ERR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
598     + return $self->localise('ERROR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
599    
600     foreach my $bcs (@mq_bcs) {
601     my $file = "/usr/share/xt_geoip/LE/" . $bcs . ".iv4";
602     @@ -248,7 +258,7 @@
603     $stats_type =~ /(.+)/; $stats_type = $1;
604     if ($stats_type ne "ipt" && $stats_type ne "ssh")
605     {
606     - print $q->p($q->b($self->localise('INVALID_STATS_TYPE').
607     + print $q->p($q->b($self->localise('INVALID_STATS_TYPE')." ".
608     $stats_type));
609     return '';
610     } else {
611     @@ -270,8 +280,174 @@
612     print "</pre>\n";
613    
614     print $q->h3($self->localise('END_OF_STATS'));
615     + $self->wherenext('First');
616     return '';
617     }
618     }
619    
620     +sub get_srv_name
621     +{
622     + my ($self) = @_;
623     + return $self->cgi->param('name');
624     +}
625     +
626     +sub get_srv_badcountries
627     +{
628     + my ($self) = @_;
629     + my $name = $self->cgi->param('name');
630     + return $db->get_prop($name, "BadCountries");
631     +}
632     +
633     +sub print_service_table {
634     + my $self = shift;
635     + my $q = $self->{cgi};
636     + my $servname = $self->localise('NAME');
637     + my $port = $self->localise('PORT');
638     + my $status = $self->localise('STATUS');
639     + my $access = $self->localise('ACCESS');
640     + my $servBC = $self->localise('BADCOUNTRIES');
641     + my $modify = $self->localise('MODIFY');
642     + my $remove = $self->localise('REMOVE');
643     + my $action_h = $self->localise('ACTION');
644     +
645     + my @services = split(/,/, $db->get_prop("masq", "XtServices"));
646     + #my @services = ('imaps','pop3s','sshd','ftp','ssmtpd');
647     +
648     + unless ( scalar @services )
649     + {
650     + print $q->Tr($q->td($self->localise('NO_SERVICES')));
651     + return "";
652     + }
653     +
654     + print $q->start_table({-CLASS => "sme-border"}),"\n";
655     + print $q->Tr (
656     + esmith::cgi::genSmallCell($q, $servname,"header"),
657     + esmith::cgi::genSmallCell($q, $port,"header"),
658     + esmith::cgi::genSmallCell($q, $status,"header"),
659     + esmith::cgi::genSmallCell($q, $access,"header"),
660     + esmith::cgi::genSmallCell($q, $servBC,"header"),
661     + esmith::cgi::genSmallCell($q, $action_h,"header", 2)),"\n";
662     +
663     + my $scriptname = basename($0);
664     +
665     + foreach my $servname (@services)
666     + {
667     + my $i = $db->get($servname);
668     +
669     + my $port = $i->prop('TCPPort');
670     + my $status = $i->prop('status');
671     + my $access = $i->prop('access');
672     + my $servBC = $i->prop('BadCountries') || ' ';
673     +
674     + my $params = $self->build_serv_cgi_params($servname, $i->props());
675     +
676     + my $href = "$scriptname?$params&action=modify&wherenext=";
677     +
678     + my $actionModify = '&nbsp;';
679     + $actionModify .= $q->a({href => "${href}SrvModify"},$modify)
680     + . '&nbsp;';
681     +
682     + my $actionRemove = '&nbsp;';
683     + $actionRemove .= $q->a({href => "${href}SrvRemove"}, $remove)
684     + . '&nbsp';
685     +
686     + my $color = 'red';
687     + if ($status eq 'disabled' || $access ne 'public') { $color = 'green'; }
688     + print $q->Tr (
689     + esmith::cgi::genSmallCell($q, $servname,"normal"),
690     + esmith::cgi::genSmallCell($q, $port,"normal"),
691     + esmith::cgi::genSmallCell($q, $status,"header"),
692     + esmith::cgi::genSmallCell($q, $access,"header"),
693     + esmith::cgi::genSmallCell($q, "<font color='$color'>" . $servBC . "</font>","header"),
694     + esmith::cgi::genSmallCell($q, $actionModify,"normal"),
695     + esmith::cgi::genSmallCell($q, $actionRemove,"normal"));
696     + }
697     +
698     + print $q->end_table,"\n";
699     +
700     + return "";
701     +}
702     +
703     +sub build_serv_cgi_params {
704     + my ($self, $servname, %oldprops) = @_;
705     +
706     + my %props = (
707     + page => 0,
708     + page_stack => "",
709     + name => $servname,
710     + );
711     +
712     + return $self->props_to_query_string(\%props);
713     +}
714     +
715     +sub remove_serv {
716     + my ($self) = @_;
717     + my $name = $self->cgi->param('name');
718     + if (my $serv = $db->get($name)) {
719     + my $servBC = $serv->prop('BadCountries') || '';
720     + if ($servBC ne '') {
721     + $db->set_prop($name, "BadCountries", '');
722     + # Untaint $name before use in system()
723     + # $name =~ /(.+)/; $name = $1;
724     + if (system ("/sbin/e-smith/signal-event", "xt_geoip-service") == 0)
725     + {
726     + return $self->success("SUCCESSFULLY_DELETED_SERVICE");
727     + } else {
728     + return $self->error("ERROR_WHILE_DELETING_SERVICE");
729     + }
730     + } else {
731     + return $self->success('NO_CHANGE');
732     + }
733     +
734     + } else {
735     + $self->error('CANT_FIND_SERV');
736     + }
737     + $self->wherenext('First');
738     +}
739     +
740     +sub modify_serv {
741     + my ($self) = @_;
742     + my $name = $self->cgi->param('name');
743     + if (my $serv = $db->get($name)) {
744     + my $servBC = $serv->prop('BadCountries') || '';
745     +
746     + my $q = $self->{'cgi'};
747     + my $n_servBC = $q->param("masq_srv_badcountries") || $servBC;
748     +
749     + if ($n_servBC eq $servBC) {
750     + return $self->success("NO_CHANGE")
751     + }
752     + $db->set_prop($name, "BadCountries", $n_servBC);
753     +
754     + if (system ( "/sbin/e-smith/signal-event", "xt_geoip-service" ) == 0 )
755     + {
756     + return $self->success("SUCCESS");
757     + } else {
758     + return $self->error("ERROR_UPDATING");
759     + }
760     + } else {
761     + $self->error('CANT_FIND_SERV');
762     + }
763     + $self->wherenext('First');
764     +}
765     +
766     +sub srv_must_exist
767     +{
768     + my $self = shift;
769     + my $q = $self->{cgi};
770     + my $listerr = "";
771     + my @mq_bcs = split /[,:]/, $q->param("masq_srv_badcountries");
772     + if (@mq_bcs) {
773     + my $ctr = @mq_bcs;
774     + return $self->localise('ERROR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
775     +
776     + foreach my $bcs (@mq_bcs) {
777     + my $file = "/usr/share/xt_geoip/LE/" . $bcs . ".iv4";
778     + if (! -f $file) { $listerr .= $bcs . ","; }
779     + }
780     + return $self->localise('ERR_COUNTRY_NOT_EXIST: {$listerr}', {listerr=> "$listerr"}) if $listerr;
781     + }
782     + return 'OK';
783     +}
784     +
785     1;

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed