/[smecontribs]/rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-per_serv.patch
ViewVC logotype

Contents of /rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-per_serv.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Wed May 1 20:43:25 2019 UTC (5 years, 7 months ago) by michel
Branch: MAIN
* Wed Apr 24 2019 Michel Begue <mab974@gmail.com> 1.0.1-12.sme
- add per service management of GeoIP bans [SME: 10760]

1 diff -urN smeserver-xt_geoip-1.0.1.old/createlinks smeserver-xt_geoip-1.0.1/createlinks
2 --- smeserver-xt_geoip-1.0.1.old/createlinks 2019-05-02 00:12:10.000000000 +0400
3 +++ smeserver-xt_geoip-1.0.1/createlinks 2019-04-23 22:52:31.000000000 +0400
4 @@ -12,14 +12,16 @@
5 # links to add
6
7 # templates to expand
8 -for my $event (qw(xt_geoip-modify xt_geoip-update bootstrap-console-save console-save))
9 +for my $event (qw(xt_geoip-modify xt_geoip-update xt_geoip-service bootstrap-console-save console-save))
10 {
11 templates2events("/etc/rc.d/init.d/masq", $event);
12 templates2events("/etc/crontab", $event);
13 templates2events("/usr/share/xt_geoip/update_base", $event);
14 - if ($event ne 'xt_geoip-modify') {
15 - event_link("smeserver-xt_geoip-download-action", $event, "10");
16 }
17 +
18 +for my $event (qw(xt_geoip-update bootstrap-console-save console-save))
19 +{
20 + event_link("smeserver-xt_geoip-download-action", $event, "10");
21 }
22
23 # services to launch on event
24 @@ -29,4 +31,10 @@
25 "root/etc/e-smith/events/$event/services2adjust/masq");
26 }
27
28 +for my $event (qw(xt_geoip-service))
29 +{
30 + safe_symlink("adjust",
31 + "root/etc/e-smith/events/$event/services2adjust/masq");
32 +}
33 +
34 # actions to perform
35 diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/XtServices smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/XtServices
36 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/XtServices 1970-01-01 04:00:00.000000000 +0400
37 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/XtServices 2019-04-24 14:38:38.000000000 +0400
38 @@ -0,0 +1 @@
39 +imaps,pop3s,sshd,ftp,ssmtpd
40 diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip
41 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-05-02 00:12:10.000000000 +0400
42 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-04-29 19:35:33.000000000 +0400
43 @@ -96,12 +96,12 @@
44
45 <entry>
46 <base>IPT_LIST</base>
47 - <trans>Geoip ban</trans>
48 + <trans>Stats of XT-geoip prevented connections</trans>
49 </entry>
50
51 <entry>
52 <base>SSH_LIST</base>
53 - <trans>Ssh errors</trans>
54 + <trans>Stats of SSH errors not blocked by XT-geoip</trans>
55 </entry>
56
57 <entry>
58 @@ -129,4 +129,72 @@
59 </trans>
60 </entry>
61
62 + <entry>
63 + <base>SERVICE_DESCRIPTION</base>
64 + <trans><![CDATA[ <h2> Per service filtering for Xtables GeoIP</h2><ul>
65 + <li>If you want different filtering for certain services</li>
66 + </ul><p><i></i></p> ]]>
67 + </trans>
68 + </entry>
69 +
70 + <entry>
71 + <base>LABEL_SERVICE</base>
72 + <trans>Service name : </trans>
73 + </entry>
74 +
75 + <entry>
76 + <base>PER_SERVICE_GEOIP</base>
77 + <trans>-> Services</trans>
78 + </entry>
79 +
80 + <entry>
81 + <base>ADD_SERVICE</base>
82 + <trans>Add or modify a per service filtering</trans>
83 + </entry>
84 +
85 + <entry>
86 + <base>ADD_DESC</base>
87 + <trans>You are choosing a particular country filtering for this service</trans>
88 + </entry>
89 +
90 + <entry>
91 + <base>REMOVE_SERVICE</base>
92 + <trans>Delete a per service filtering</trans>
93 + </entry>
94 +
95 + <entry>
96 + <base>REMOVE_DESC</base>
97 + <trans>You are deleting a filtering by service. The general filtering will then apply.</trans>
98 + </entry>
99 +
100 + <entry>
101 + <base>SERV_NOT_BAN</base>
102 + <trans>Unfiltered service.</trans>
103 + </entry>
104 +
105 + <entry>
106 + <base>NO_SERVICES</base>
107 + <trans>No services.</trans>
108 + </entry>
109 +
110 + <entry>
111 + <base>LABEL_SERV_BADCOUNTRIES_STATUS</base>
112 + <trans>List of rejected country codes for the service : </trans>
113 + </entry>
114 +
115 + <entry>
116 + <base>SUCCESSFULLY_DELETED_SERVICE</base>
117 + <trans>Per service filtering successfully deleted... New filtering taken into account.</trans>
118 + </entry>
119 +
120 + <entry>
121 + <base>BADCOUNTRIES</base>
122 + <trans>Blacklist</trans>
123 + </entry>
124 +
125 + <entry>
126 + <base>ERR_COUNTRY_MAX: {$ctr}</base>
127 + <trans>Too many countries chosen: {$ctr}</trans>
128 + </entry>
129 +
130 </lexicon>
131 diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip
132 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip 2019-05-02 00:12:10.000000000 +0400
133 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip 2019-04-29 19:33:56.000000000 +0400
134 @@ -43,15 +43,16 @@
135
136 <entry>
137 <base>XT_GEOIP_STATUS_DESCRIPTION</base>
138 - <trans><![CDATA[ <ul> <li>Le filtrage IP peut être activé ou désactivé à l'aide du bouton adéquat</li>
139 + <trans><![CDATA[ <h2>Filtrage général pour Xtables GeoIP </h2>
140 + <ul> <li>Le filtrage IP peut être activé ou désactivé à l'aide du bouton adéquat</li>
141 <li>Les codes des pays à bannir peut être saisis dans le champ correspondant</li>
142 <li>Une mise à jour immédiate de la table peut être demandée ici.</li></ul>
143 - <p><i>Attention à ne pas bannir les adresses IP nécessaires au fonctionnement de votre serveur !</i></p> <br><br> ]]></trans>
144 + <p><i>Attention à ne pas bannir les adresses IP nécessaires au fonctionnement de votre serveur !</i></p> <br> ]]></trans>
145 </entry>
146
147 <entry>
148 <base>LABEL_BADCOUNTRIES_STATUS</base>
149 - <trans>Liste actuelle des codes pays rejetés : </trans>
150 + <trans>Liste générale des codes pays rejetés : </trans>
151 </entry>
152
153 <entry>
154 @@ -60,12 +61,6 @@
155 </entry>
156
157 <entry>
158 - <base>ERR_COUNTRY_MAX: {$ctr}</base>
159 - <trans>Code pays, maximum atteint: {$ctr}</trans>
160 - </entry>
161 -
162 -
163 - <entry>
164 <base>LABEL_BADCOUNTRIES</base>
165 <trans>Nouveaux codes pays à utiliser :</trans>
166 </entry>
167 @@ -98,14 +93,15 @@
168
169 <entry>
170 <base>IPT_LIST</base>
171 - <trans>Geoip stop</trans>
172 + <trans>Stats des connexions évitées à l'aide de XT-geoip</trans>
173 </entry>
174
175 <entry>
176 <base>SSH_LIST</base>
177 - <trans>Ssh erreurs</trans>
178 + <trans>Stats des erreurs SSH non bloquées par XT-geoip</trans>
179 </entry>
180
181 +
182 <entry>
183 <base>STATS_GENERATED</base>
184 <trans>Statistiques générées</trans>
185 @@ -123,12 +119,80 @@
186
187 <entry>
188 <base>STATS_DESCRIPTION</base>
189 - <trans><![CDATA[ <h3>Statistiques pour Xtables GeoIP</h3><ul>
190 + <trans><![CDATA[ <h2>Statistiques pour Xtables GeoIP </h2><ul>
191 <li>Pour 3 périodes : Jour, Semaine et Mois</li>
192 <li>Ips bloqués par pays triés par score</li>
193 <li>Erreurs Ssh par pays triées par score </li>
194 </ul><p><i>XX signifie Pays non trouvé !</i></p> ]]>
195 </trans>
196 </entry>
197 +
198 + <entry>
199 + <base>SERVICE_DESCRIPTION</base>
200 + <trans><![CDATA[ <h2> Filtrage par service pour Xtables GeoIP</h2><ul>
201 + <li>Si vous souhaitez un filtrage différent pour certains services</li>
202 + </ul><p><i></i></p> ]]>
203 + </trans>
204 + </entry>
205 +
206 + <entry>
207 + <base>LABEL_SERVICE</base>
208 + <trans>Nom du service : </trans>
209 + </entry>
210 +
211 + <entry>
212 + <base>PER_SERVICE_GEOIP</base>
213 + <trans>-> Services</trans>
214 + </entry>
215 +
216 + <entry>
217 + <base>ADD_SERVICE</base>
218 + <trans>Ajouter ou modifier un fitrage par service</trans>
219 + </entry>
220 +
221 + <entry>
222 + <base>ADD_DESC</base>
223 + <trans>Vous allez choisir un filtrage pays particulier pour ce service</trans>
224 + </entry>
225 +
226 + <entry>
227 + <base>REMOVE_SERVICE</base>
228 + <trans>Supprimer un fitrage par service</trans>
229 + </entry>
230 +
231 + <entry>
232 + <base>REMOVE_DESC</base>
233 + <trans>Vous allez supprimer un filtrage par service. Le filtrage général va alors s'appliquer.</trans>
234 + </entry>
235 +
236 + <entry>
237 + <base>SERV_NOT_BAN</base>
238 + <trans>Service non filtré.</trans>
239 + </entry>
240 +
241 + <entry>
242 + <base>NO_SERVICES</base>
243 + <trans>Aucun service.</trans>
244 + </entry>
245 +
246 + <entry>
247 + <base>LABEL_SERV_BADCOUNTRIES_STATUS</base>
248 + <trans>Liste des codes pays rejetés du service : </trans>
249 + </entry>
250 +
251 + <entry>
252 + <base>SUCCESSFULLY_DELETED_SERVICE</base>
253 + <trans>Suppression du service réussi... Nouveau filtrage pris en compte.</trans>
254 + </entry>
255 +
256 + <entry>
257 + <base>BADCOUNTRIES</base>
258 + <trans>Liste noire</trans>
259 + </entry>
260 +
261 + <entry>
262 + <base>ERR_COUNTRY_MAX: {$ctr}</base>
263 + <trans>Code(s) pays inexistant(s) sur le serveur: {$listerr}</trans>
264 + </entry>
265
266 </lexicon>
267 diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip
268 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-05-02 00:12:10.000000000 +0400
269 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-04-24 17:24:02.000000000 +0400
270 @@ -7,16 +7,54 @@
271 my $PATH_MODULE = "/lib/modules/$KERNEL/extra/xt_geoip.ko";
272 my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
273 my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
274 - if ($GP eq 'enabled' and $BC ne '')
275 + my $port;
276 + my $locPorts;
277 + my $servStatus;
278 + my $locBC;
279 + if ($GP eq 'enabled')
280 {
281 if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
282 {
283 - $OUT .= " ## xtables-addons GEOIP ##\n";
284 - $OUT .= " /sbin/iptables -A INPUT -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
285 - $OUT .= " /sbin/iptables -A INPUT -m geoip --src-cc $BC -j DROP\n";
286 - $OUT .= " ## xtables-addons GEOIP ##\n";
287 - } else
288 - { $OUT .= " # module xt_geoip not found for current kernel"; }
289 - } else
290 - { $OUT .= " # xt_geoip disabled or no 'BadCountries' defined\n"; }
291 + # to allow reload
292 + $OUT .=<<'EOF';
293 + # A blacklist chain for xtables-addons GEOIP
294 + /sbin/iptables --new-chain XTGeoIP
295 + /sbin/iptables --new-chain XTGeoIP_1
296 + /sbin/iptables --append XTGeoIP -j XTGeoIP_1
297 + /sbin/iptables --insert INPUT 1 \
298 + -j XTGeoIP
299 +EOF
300 + ##adding here for service specific
301 + $locPorts='';
302 +
303 + my @services = split(/,/, $masq{'XtServices'});
304 + foreach my $servName (@services)
305 + {
306 + $port = ${$servName}{'TCPPort'} || '';
307 + my $servStatus = ${$servName}{'status'} || 'disabled';
308 + my $servAccess = ${$servName}{'access'} || 'private';
309 + my $locBC = ${$servName}{'BadCountries'} || '';
310 + if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
311 + $locPorts .= "$port,";
312 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
313 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
314 + }
315 + }
316 +
317 + # block for other or all should move there
318 + if ($BC ne '') {
319 + if ($locPorts ne '') {
320 + $locPorts = substr $locPorts, 0, -1;
321 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
322 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
323 + } else {
324 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
325 + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j DROP\n";
326 + }
327 + }
328 + $OUT .= " /sbin/iptables --append XTGeoIP_1" .
329 + " -j RETURN\n";
330 + ## end of add
331 + } else { $OUT .= " # module xt_geoip not found for current kernel\n"; }
332 + } else { $OUT .= " # xt_geoip disabled\n"; }
333 }
334 diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip
335 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 1970-01-01 04:00:00.000000000 +0400
336 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 2019-04-24 17:24:22.000000000 +0400
337 @@ -0,0 +1,81 @@
338 +{
339 + my $BC = $masq{BadCountries} || '';
340 + my $GP = $masq{GeoIP} || 'disabled';
341 + my $KERNEL = `/bin/uname -r`;
342 + chomp($KERNEL);
343 + my $PATH_MODULE = "/lib/modules/$KERNEL/extra/xt_geoip.ko";
344 + my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
345 + my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
346 + my $port;
347 + my $locPorts;
348 + my $servStatus;
349 + my $locBC;
350 +
351 +
352 + # Find the current XTGeoIP_$$ chain, and create a new one.
353 + $OUT .=<<'EOF';
354 + OLD_XTGeoIP=$(get_safe_id XTGeoIP filter find)
355 + NEW_XTGeoIP=$(get_safe_id XTGeoIP filter new)
356 + /sbin/iptables --new-chain $NEW_XTGeoIP
357 +EOF
358 +
359 + if ($GP eq 'enabled' and $BC ne '')
360 + {
361 + if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
362 + {
363 + # add content here
364 + $locPorts = '';
365 + my @services = split(/,/, $masq{'XtServices'});
366 +
367 + foreach my $servName (@services)
368 + {
369 + $port = ${$servName}{'TCPPort'} || '';
370 + my $servStatus = ${$servName}{'status'} || 'disabled';
371 + my $servAccess = ${$servName}{'access'} || 'private';
372 + my $locBC = ${$servName}{'BadCountries'} || '';
373 + if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
374 + $locPorts .= "$port,";
375 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
376 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
377 + }
378 + }
379 +
380 + ##adding here for service specific
381 + # imaps 993
382 + #$locBC = $imaps{BadCountries} || '';
383 + #$servStatus = $imaps{'status'} || 'disabled';
384 + #$port = $imaps{'TCPPort'} || '993';
385 + #if ($servStatus eq 'enabled' and $locBC ne '') {
386 + # $locPorts .= "${port},";
387 + # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: IMAPS\"\n";
388 + # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
389 + #}
390 +
391 + # block for all or other ports should move there
392 + if ($BC ne '') {
393 + if ($locPorts ne '') {
394 + $locPorts = substr $locPorts, 0, -1;
395 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
396 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
397 + } else {
398 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
399 + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j DROP\n";
400 + }
401 + }
402 + $OUT .= " /sbin/iptables --append \$NEW_XTGeoIP" .
403 + " -j RETURN\n";
404 + ## end of add
405 +
406 + }
407 + }
408 +
409 +
410 + # Having created a new XTGeoIP chain, activate it and destroy the old.
411 + $OUT .=<<'EOF';
412 + /sbin/iptables --replace XTGeoIP 1 \
413 + --jump $NEW_XTGeoIP
414 + /sbin/iptables --flush $OLD_XTGeoIP
415 + /sbin/iptables --delete-chain $OLD_XTGeoIP
416 +EOF
417 +
418 +}
419 diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip
420 --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip 2019-05-02 00:12:10.000000000 +0400
421 +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip 2019-05-02 00:01:09.000000000 +0400
422 @@ -2,9 +2,9 @@
423 # vim: set ft=xml:
424
425 #----------------------------------------------------------------------
426 -# heading : Administration
427 +# heading : Security
428 # description : GeoIP IP filtering
429 -# navigation : 4000 4900
430 +# navigation : 5000 5610
431 #----------------------------------------------------------------------
432 # copyright (C) 2007 Mitel Networks Corporation
433 #
434 @@ -67,11 +67,10 @@
435 header="/etc/e-smith/web/common/head.tmpl"
436 footer="/etc/e-smith/web/common/foot.tmpl">
437
438 - <page name="First"
439 - pre-event="print_status_message()">
440 - # post-event="wherenext('Second')" >
441 - # Ssh Ipt Second
442 + <page name="First" pre-event="print_status_message()">
443 + # post-event="wherenext('Second')"
444 <description>XT_GEOIP_STATUS_DESCRIPTION</description>
445 +
446 <field
447 type="literal"
448 id="geoip"
449 @@ -100,7 +99,13 @@
450 <label> </label>
451 </field>
452
453 - <field type="literal" id="client_label" value="">
454 + <field type="literal" id="service_label" value="">
455 + <description>SERVICE_DESCRIPTION</description>
456 + </field>
457 +
458 + <subroutine src="print_custom_button('PER_SERVICE_GEOIP', 'Service', '')"/>
459 +
460 + <field type="literal" id="stats_label" value="">
461 <description>STATS_DESCRIPTION</description>
462 </field>
463
464 @@ -110,9 +115,9 @@
465 <subroutine src="print_button('NEXT')" />
466 </page>
467
468 - <page name="Second"
469 - pre-event="turn_off_buttons"
470 - post-event="change_settings()">
471 +
472 +
473 + <page name="Second" pre-event="turn_off_buttons" post-event="change_settings()">
474
475 <field
476 type="select"
477 @@ -153,9 +158,84 @@
478 </page>
479
480
481 - <page name="Stats"
482 - pre-event="generateStats"
483 - post-event="wherenext('First')" >
484 + <page name="Service" pre-event="print_status_message()" post-event="wherenext('First')">
485 + <description>SERVICE_DESCRIPTION</description>
486 + <field
487 + type="literal"
488 + id="badcountries"
489 + value="get_badcountries()">
490 + <label>LABEL_BADCOUNTRIES_STATUS</label>
491 + </field>
492 + <subroutine src="print_service_table()" />
493 + <subroutine src="print_button('NEXT')"/>
494 + </page>
495 +
496 +
497 +
498 + <page name="SrvModify" pre-event="turn_off_buttons()" post-event="modify_serv()">
499 +
500 + <title>ADD_SERVICE</title>
501 + <description>ADD_DESC</description>
502 +
503 + <field
504 + type="literal"
505 + id="service"
506 + value="get_srv_name()">
507 + <label>LABEL_SERVICE</label>
508 + </field>
509 +
510 + <field
511 + type="literal"
512 + id="badcountries"
513 + value="get_badcountries()">
514 + <label>LABEL_BADCOUNTRIES_STATUS</label>
515 + </field>
516 +
517 + <field
518 + type="text"
519 + id="masq_srv_badcountries"
520 + size="64"
521 + validation="srv_must_exist()">
522 + <label>LABEL_BADCOUNTRIES</label>
523 + <description>DESC_BADCOUNTRIES</description>
524 + </field>
525 +
526 + <field
527 + type="literal"
528 + id="srv_badcountries"
529 + value="get_srv_badcountries()">
530 + <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
531 + </field>
532 +
533 + <subroutine src="print_button('SAVE')" />
534 + </page>
535 +
536 +
537 + <page name="SrvRemove" pre-event="turn_off_buttons()" post-event="remove_serv()">
538 +
539 + <title>REMOVE_SERVICE</title>
540 + <description>REMOVE_DESC</description>
541 +
542 + <field
543 + type="literal"
544 + id="service"
545 + value="get_srv_name()">
546 + <label>LABEL_SERVICE</label>
547 + </field>
548 +
549 + <field
550 + type="literal"
551 + id="badcountries"
552 + value="get_srv_badcountries()">
553 + <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
554 + </field>
555 +
556 + <subroutine src="print_button('REMOVE')" />
557 +
558 + </page>
559 +
560 +
561 + <page name="Stats" pre-event="generateStats" post-event="wherenext('First')">
562 <subroutine src="print_button('NEXT')"/>
563 </page>
564
565 diff -urN smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm
566 --- smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-05-02 00:12:10.000000000 +0400
567 +++ smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-04-25 20:33:34.000000000 +0400
568 @@ -11,6 +11,7 @@
569 use esmith::FormMagick;
570 use esmith::ConfigDB;
571 use esmith::util;
572 +use esmith::cgi;
573 use File::Basename;
574 use Exporter;
575 use POSIX qw(strftime);
576 @@ -25,6 +26,15 @@
577 get_date_update
578 change_settings
579 must_exist
580 + print_service_table
581 + get_stat_geoip
582 + print_custom_button
583 + generateStats
584 + get_srv_name
585 + get_srv_badcountries
586 + remove_serv
587 + modify_serv
588 + srv_must_exist
589 );
590
591 our $VERSION = sprintf '%d.%03d', q$Revision: 0.01 $ =~ /: (\d+).(\d+)/;
592 @@ -214,7 +224,7 @@
593 my @mq_bcs = split /[,:]/, $q->param("masq_badcountries");
594 if (@mq_bcs) {
595 my $ctr = @mq_bcs;
596 - return $self->localise('ERR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
597 + return $self->localise('ERROR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
598
599 foreach my $bcs (@mq_bcs) {
600 my $file = "/usr/share/xt_geoip/LE/" . $bcs . ".iv4";
601 @@ -248,7 +258,7 @@
602 $stats_type =~ /(.+)/; $stats_type = $1;
603 if ($stats_type ne "ipt" && $stats_type ne "ssh")
604 {
605 - print $q->p($q->b($self->localise('INVALID_STATS_TYPE').
606 + print $q->p($q->b($self->localise('INVALID_STATS_TYPE')." ".
607 $stats_type));
608 return '';
609 } else {
610 @@ -270,8 +280,174 @@
611 print "</pre>\n";
612
613 print $q->h3($self->localise('END_OF_STATS'));
614 + $self->wherenext('First');
615 return '';
616 }
617 }
618
619 +sub get_srv_name
620 +{
621 + my ($self) = @_;
622 + return $self->cgi->param('name');
623 +}
624 +
625 +sub get_srv_badcountries
626 +{
627 + my ($self) = @_;
628 + my $name = $self->cgi->param('name');
629 + return $db->get_prop($name, "BadCountries");
630 +}
631 +
632 +sub print_service_table {
633 + my $self = shift;
634 + my $q = $self->{cgi};
635 + my $servname = $self->localise('NAME');
636 + my $port = $self->localise('PORT');
637 + my $status = $self->localise('STATUS');
638 + my $access = $self->localise('ACCESS');
639 + my $servBC = $self->localise('BADCOUNTRIES');
640 + my $modify = $self->localise('MODIFY');
641 + my $remove = $self->localise('REMOVE');
642 + my $action_h = $self->localise('ACTION');
643 +
644 + my @services = split(/,/, $db->get_prop("masq", "XtServices"));
645 + #my @services = ('imaps','pop3s','sshd','ftp','ssmtpd');
646 +
647 + unless ( scalar @services )
648 + {
649 + print $q->Tr($q->td($self->localise('NO_SERVICES')));
650 + return "";
651 + }
652 +
653 + print $q->start_table({-CLASS => "sme-border"}),"\n";
654 + print $q->Tr (
655 + esmith::cgi::genSmallCell($q, $servname,"header"),
656 + esmith::cgi::genSmallCell($q, $port,"header"),
657 + esmith::cgi::genSmallCell($q, $status,"header"),
658 + esmith::cgi::genSmallCell($q, $access,"header"),
659 + esmith::cgi::genSmallCell($q, $servBC,"header"),
660 + esmith::cgi::genSmallCell($q, $action_h,"header", 2)),"\n";
661 +
662 + my $scriptname = basename($0);
663 +
664 + foreach my $servname (@services)
665 + {
666 + my $i = $db->get($servname);
667 +
668 + my $port = $i->prop('TCPPort');
669 + my $status = $i->prop('status');
670 + my $access = $i->prop('access');
671 + my $servBC = $i->prop('BadCountries') || ' ';
672 +
673 + my $params = $self->build_serv_cgi_params($servname, $i->props());
674 +
675 + my $href = "$scriptname?$params&action=modify&wherenext=";
676 +
677 + my $actionModify = '&nbsp;';
678 + $actionModify .= $q->a({href => "${href}SrvModify"},$modify)
679 + . '&nbsp;';
680 +
681 + my $actionRemove = '&nbsp;';
682 + $actionRemove .= $q->a({href => "${href}SrvRemove"}, $remove)
683 + . '&nbsp';
684 +
685 + my $color = 'red';
686 + if ($status eq 'disabled' || $access ne 'public') { $color = 'green'; }
687 + print $q->Tr (
688 + esmith::cgi::genSmallCell($q, $servname,"normal"),
689 + esmith::cgi::genSmallCell($q, $port,"normal"),
690 + esmith::cgi::genSmallCell($q, $status,"header"),
691 + esmith::cgi::genSmallCell($q, $access,"header"),
692 + esmith::cgi::genSmallCell($q, "<font color='$color'>" . $servBC . "</font>","header"),
693 + esmith::cgi::genSmallCell($q, $actionModify,"normal"),
694 + esmith::cgi::genSmallCell($q, $actionRemove,"normal"));
695 + }
696 +
697 + print $q->end_table,"\n";
698 +
699 + return "";
700 +}
701 +
702 +sub build_serv_cgi_params {
703 + my ($self, $servname, %oldprops) = @_;
704 +
705 + my %props = (
706 + page => 0,
707 + page_stack => "",
708 + name => $servname,
709 + );
710 +
711 + return $self->props_to_query_string(\%props);
712 +}
713 +
714 +sub remove_serv {
715 + my ($self) = @_;
716 + my $name = $self->cgi->param('name');
717 + if (my $serv = $db->get($name)) {
718 + my $servBC = $serv->prop('BadCountries') || '';
719 + if ($servBC ne '') {
720 + $db->set_prop($name, "BadCountries", '');
721 + # Untaint $name before use in system()
722 + # $name =~ /(.+)/; $name = $1;
723 + if (system ("/sbin/e-smith/signal-event", "xt_geoip-service") == 0)
724 + {
725 + return $self->success("SUCCESSFULLY_DELETED_SERVICE");
726 + } else {
727 + return $self->error("ERROR_WHILE_DELETING_SERVICE");
728 + }
729 + } else {
730 + return $self->success('NO_CHANGE');
731 + }
732 +
733 + } else {
734 + $self->error('CANT_FIND_SERV');
735 + }
736 + $self->wherenext('First');
737 +}
738 +
739 +sub modify_serv {
740 + my ($self) = @_;
741 + my $name = $self->cgi->param('name');
742 + if (my $serv = $db->get($name)) {
743 + my $servBC = $serv->prop('BadCountries') || '';
744 +
745 + my $q = $self->{'cgi'};
746 + my $n_servBC = $q->param("masq_srv_badcountries") || $servBC;
747 +
748 + if ($n_servBC eq $servBC) {
749 + return $self->success("NO_CHANGE")
750 + }
751 + $db->set_prop($name, "BadCountries", $n_servBC);
752 +
753 + if (system ( "/sbin/e-smith/signal-event", "xt_geoip-service" ) == 0 )
754 + {
755 + return $self->success("SUCCESS");
756 + } else {
757 + return $self->error("ERROR_UPDATING");
758 + }
759 + } else {
760 + $self->error('CANT_FIND_SERV');
761 + }
762 + $self->wherenext('First');
763 +}
764 +
765 +sub srv_must_exist
766 +{
767 + my $self = shift;
768 + my $q = $self->{cgi};
769 + my $listerr = "";
770 + my @mq_bcs = split /[,:]/, $q->param("masq_srv_badcountries");
771 + if (@mq_bcs) {
772 + my $ctr = @mq_bcs;
773 + return $self->localise('ERROR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
774 +
775 + foreach my $bcs (@mq_bcs) {
776 + my $file = "/usr/share/xt_geoip/LE/" . $bcs . ".iv4";
777 + if (! -f $file) { $listerr .= $bcs . ","; }
778 + }
779 + return $self->localise('ERR_COUNTRY_NOT_EXIST: {$listerr}', {listerr=> "$listerr"}) if $listerr;
780 + }
781 + return 'OK';
782 +}
783 +
784 1;

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed