/[smecontribs]/rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-per_service.patch
ViewVC logotype

Annotation of /rpms/smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-per_service.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (hide annotations) (download)
Mon Apr 29 16:44:07 2019 UTC (5 years, 6 months ago) by michel
Branch: MAIN
CVS Tags: smeserver-xt_geoip-1_0_1-11_el6_sme
Changes since 1.1: +1 -15 lines
* Wed Apr 24 2019 Michel Begue <mab974@gmail.com> 1.0.1-11.sme
- add per service management of GeoIP bans [SME: 10760]

1 michel 1.1 diff -urN smeserver-xt_geoip-1.0.1.old/createlinks smeserver-xt_geoip-1.0.1/createlinks
2     --- smeserver-xt_geoip-1.0.1.old/createlinks 2019-04-24 15:05:21.000000000 +0400
3     +++ smeserver-xt_geoip-1.0.1/createlinks 2019-04-23 22:52:31.000000000 +0400
4     @@ -12,14 +12,16 @@
5     # links to add
6    
7     # templates to expand
8     -for my $event (qw(xt_geoip-modify xt_geoip-update bootstrap-console-save console-save))
9     +for my $event (qw(xt_geoip-modify xt_geoip-update xt_geoip-service bootstrap-console-save console-save))
10     {
11     templates2events("/etc/rc.d/init.d/masq", $event);
12     templates2events("/etc/crontab", $event);
13     templates2events("/usr/share/xt_geoip/update_base", $event);
14     - if ($event ne 'xt_geoip-modify') {
15     - event_link("smeserver-xt_geoip-download-action", $event, "10");
16     }
17     +
18     +for my $event (qw(xt_geoip-update bootstrap-console-save console-save))
19     +{
20     + event_link("smeserver-xt_geoip-download-action", $event, "10");
21     }
22    
23     # services to launch on event
24     @@ -29,4 +31,10 @@
25     "root/etc/e-smith/events/$event/services2adjust/masq");
26     }
27    
28     +for my $event (qw(xt_geoip-service))
29     +{
30     + safe_symlink("adjust",
31     + "root/etc/e-smith/events/$event/services2adjust/masq");
32     +}
33     +
34     # actions to perform
35     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/XtServices smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/XtServices
36     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/XtServices 1970-01-01 04:00:00.000000000 +0400
37     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/XtServices 2019-04-24 14:38:38.000000000 +0400
38     @@ -0,0 +1 @@
39     +imaps,pop3s,sshd,ftp,ssmtpd
40     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip
41     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-04-24 15:05:21.000000000 +0400
42     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip 2019-04-25 20:56:40.000000000 +0400
43     @@ -129,4 +129,72 @@
44     </trans>
45     </entry>
46    
47     + <entry>
48     + <base>SERVICE_DESCRIPTION</base>
49     + <trans><![CDATA[ <h2> Per service filtering for Xtables GeoIP</h2><ul>
50     + <li>If you want different filtering for certain services</li>
51     + </ul><p><i></i></p> ]]>
52     + </trans>
53     + </entry>
54     +
55     + <entry>
56     + <base>LABEL_SERVICE</base>
57     + <trans>Service name : </trans>
58     + </entry>
59     +
60     + <entry>
61     + <base>PER_SERVICE_GEOIP</base>
62     + <trans>-> Services</trans>
63     + </entry>
64     +
65     + <entry>
66     + <base>ADD_SERVICE</base>
67     + <trans>Add or modify a per service filtering</trans>
68     + </entry>
69     +
70     + <entry>
71     + <base>ADD_DESC</base>
72     + <trans>You are choosing a particular country filtering for this service</trans>
73     + </entry>
74     +
75     + <entry>
76     + <base>REMOVE_SERVICE</base>
77     + <trans>Delete a per service filtering</trans>
78     + </entry>
79     +
80     + <entry>
81     + <base>REMOVE_DESC</base>
82     + <trans>You are deleting a filtering by service. The general filtering will then apply.</trans>
83     + </entry>
84     +
85     + <entry>
86     + <base>SERV_NOT_BAN</base>
87     + <trans>Unfiltered service.</trans>
88     + </entry>
89     +
90     + <entry>
91     + <base>NO_SERVICES</base>
92     + <trans>No services.</trans>
93     + </entry>
94     +
95     + <entry>
96     + <base>LABEL_SERV_BADCOUNTRIES_STATUS</base>
97     + <trans>List of rejected country codes for the service : </trans>
98     + </entry>
99     +
100     + <entry>
101     + <base>SUCCESSFULLY_DELETED_SERVICE</base>
102     + <trans>Per service filtering successfully deleted... New filtering taken into account.</trans>
103     + </entry>
104     +
105     + <entry>
106     + <base>BADCOUNTRIES</base>
107     + <trans>Blacklist</trans>
108     + </entry>
109     +
110     + <entry>
111     + <base>ERR_COUNTRY_MAX: {$ctr}</base>
112     + <trans>Too many countries chosen: {$ctr}</trans>
113     + </entry>
114     +
115     </lexicon>
116     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip
117     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip 2019-04-24 15:05:21.000000000 +0400
118     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip 2019-04-25 20:56:24.000000000 +0400
119     @@ -43,15 +43,16 @@
120    
121     <entry>
122     <base>XT_GEOIP_STATUS_DESCRIPTION</base>
123     - <trans><![CDATA[ <ul> <li>Le filtrage IP peut être activé ou désactivé à l'aide du bouton adéquat</li>
124     + <trans><![CDATA[ <h2>Filtrage général pour Xtables GeoIP </h2>
125     + <ul> <li>Le filtrage IP peut être activé ou désactivé à l'aide du bouton adéquat</li>
126     <li>Les codes des pays à bannir peut être saisis dans le champ correspondant</li>
127     <li>Une mise à jour immédiate de la table peut être demandée ici.</li></ul>
128     - <p><i>Attention à ne pas bannir les adresses IP nécessaires au fonctionnement de votre serveur !</i></p> <br><br> ]]></trans>
129     + <p><i>Attention à ne pas bannir les adresses IP nécessaires au fonctionnement de votre serveur !</i></p> <br> ]]></trans>
130     </entry>
131    
132     <entry>
133     <base>LABEL_BADCOUNTRIES_STATUS</base>
134     - <trans>Liste actuelle des codes pays rejetés : </trans>
135     + <trans>Liste générale des codes pays rejetés : </trans>
136     </entry>
137    
138     <entry>
139     @@ -60,12 +61,6 @@
140     </entry>
141    
142     <entry>
143     - <base>ERR_COUNTRY_MAX: {$ctr}</base>
144     - <trans>Code pays, maximum atteint: {$ctr}</trans>
145     - </entry>
146     -
147     -
148     - <entry>
149     <base>LABEL_BADCOUNTRIES</base>
150     <trans>Nouveaux codes pays à utiliser :</trans>
151     </entry>
152     @@ -123,12 +118,80 @@
153    
154     <entry>
155     <base>STATS_DESCRIPTION</base>
156     - <trans><![CDATA[ <h3>Statistiques pour Xtables GeoIP</h3><ul>
157     + <trans><![CDATA[ <h2>Statistiques pour Xtables GeoIP </h2><ul>
158     <li>Pour 3 périodes : Jour, Semaine et Mois</li>
159     <li>Ips bloqués par pays triés par score</li>
160     <li>Erreurs Ssh par pays triées par score </li>
161     </ul><p><i>XX signifie Pays non trouvé !</i></p> ]]>
162     </trans>
163     </entry>
164     +
165     + <entry>
166     + <base>SERVICE_DESCRIPTION</base>
167     + <trans><![CDATA[ <h2> Filtrage par service pour Xtables GeoIP</h2><ul>
168     + <li>Si vous souhaitez un filtrage différent pour certains services</li>
169     + </ul><p><i></i></p> ]]>
170     + </trans>
171     + </entry>
172     +
173     + <entry>
174     + <base>LABEL_SERVICE</base>
175     + <trans>Nom du service : </trans>
176     + </entry>
177     +
178     + <entry>
179     + <base>PER_SERVICE_GEOIP</base>
180     + <trans>-> Services</trans>
181     + </entry>
182     +
183     + <entry>
184     + <base>ADD_SERVICE</base>
185     + <trans>Ajouter ou modifier un fitrage par service</trans>
186     + </entry>
187     +
188     + <entry>
189     + <base>ADD_DESC</base>
190     + <trans>Vous allez choisir un filtrage pays particulier pour ce service</trans>
191     + </entry>
192     +
193     + <entry>
194     + <base>REMOVE_SERVICE</base>
195     + <trans>Supprimer un fitrage par service</trans>
196     + </entry>
197     +
198     + <entry>
199     + <base>REMOVE_DESC</base>
200     + <trans>Vous allez supprimer un filtrage par service. Le filtrage général va alors s'appliquer.</trans>
201     + </entry>
202     +
203     + <entry>
204     + <base>SERV_NOT_BAN</base>
205     + <trans>Service non filtré.</trans>
206     + </entry>
207     +
208     + <entry>
209     + <base>NO_SERVICES</base>
210     + <trans>Aucun service.</trans>
211     + </entry>
212     +
213     + <entry>
214     + <base>LABEL_SERV_BADCOUNTRIES_STATUS</base>
215     + <trans>Liste des codes pays rejetés du service : </trans>
216     + </entry>
217     +
218     + <entry>
219     + <base>SUCCESSFULLY_DELETED_SERVICE</base>
220     + <trans>Suppression du service réussi... Nouveau filtrage pris en compte.</trans>
221     + </entry>
222     +
223     + <entry>
224     + <base>BADCOUNTRIES</base>
225     + <trans>Liste noire</trans>
226     + </entry>
227     +
228     + <entry>
229     + <base>ERR_COUNTRY_MAX: {$ctr}</base>
230     + <trans>Code(s) pays inexistant(s) sur le serveur: {$listerr}</trans>
231     + </entry>
232    
233     </lexicon>
234     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip
235     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-04-24 15:05:21.000000000 +0400
236     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-04-24 17:24:02.000000000 +0400
237     @@ -7,16 +7,54 @@
238     my $PATH_MODULE = "/lib/modules/$KERNEL/extra/xt_geoip.ko";
239     my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
240     my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
241     - if ($GP eq 'enabled' and $BC ne '')
242     + my $port;
243     + my $locPorts;
244     + my $servStatus;
245     + my $locBC;
246     + if ($GP eq 'enabled')
247     {
248     if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
249     {
250     - $OUT .= " ## xtables-addons GEOIP ##\n";
251     - $OUT .= " /sbin/iptables -A INPUT -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
252     - $OUT .= " /sbin/iptables -A INPUT -m geoip --src-cc $BC -j DROP\n";
253     - $OUT .= " ## xtables-addons GEOIP ##\n";
254     - } else
255     - { $OUT .= " # module xt_geoip not found for current kernel"; }
256     - } else
257     - { $OUT .= " # xt_geoip disabled or no 'BadCountries' defined\n"; }
258     + # to allow reload
259     + $OUT .=<<'EOF';
260     + # A blacklist chain for xtables-addons GEOIP
261     + /sbin/iptables --new-chain XTGeoIP
262     + /sbin/iptables --new-chain XTGeoIP_1
263     + /sbin/iptables --append XTGeoIP -j XTGeoIP_1
264     + /sbin/iptables --insert INPUT 1 \
265     + -j XTGeoIP
266     +EOF
267     + ##adding here for service specific
268     + $locPorts='';
269     +
270     + my @services = split(/,/, $masq{'XtServices'});
271     + foreach my $servName (@services)
272     + {
273     + $port = ${$servName}{'TCPPort'} || '';
274     + my $servStatus = ${$servName}{'status'} || 'disabled';
275     + my $servAccess = ${$servName}{'access'} || 'private';
276     + my $locBC = ${$servName}{'BadCountries'} || '';
277     + if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
278     + $locPorts .= "$port,";
279     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
280     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
281     + }
282     + }
283     +
284     + # block for other or all should move there
285     + if ($BC ne '') {
286     + if ($locPorts ne '') {
287     + $locPorts = substr $locPorts, 0, -1;
288     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
289     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
290     + } else {
291     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
292     + $OUT .= " /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j DROP\n";
293     + }
294     + }
295     + $OUT .= " /sbin/iptables --append XTGeoIP_1" .
296     + " -j RETURN\n";
297     + ## end of add
298     + } else { $OUT .= " # module xt_geoip not found for current kernel\n"; }
299     + } else { $OUT .= " # xt_geoip disabled\n"; }
300     }
301     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip
302     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 1970-01-01 04:00:00.000000000 +0400
303     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip 2019-04-24 17:24:22.000000000 +0400
304     @@ -0,0 +1,81 @@
305     +{
306     + my $BC = $masq{BadCountries} || '';
307     + my $GP = $masq{GeoIP} || 'disabled';
308     + my $KERNEL = `/bin/uname -r`;
309     + chomp($KERNEL);
310     + my $PATH_MODULE = "/lib/modules/$KERNEL/extra/xt_geoip.ko";
311     + my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
312     + my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
313     + my $port;
314     + my $locPorts;
315     + my $servStatus;
316     + my $locBC;
317     +
318     +
319     + # Find the current XTGeoIP_$$ chain, and create a new one.
320     + $OUT .=<<'EOF';
321     + OLD_XTGeoIP=$(get_safe_id XTGeoIP filter find)
322     + NEW_XTGeoIP=$(get_safe_id XTGeoIP filter new)
323     + /sbin/iptables --new-chain $NEW_XTGeoIP
324     +EOF
325     +
326     + if ($GP eq 'enabled' and $BC ne '')
327     + {
328     + if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
329     + {
330     + # add content here
331     + $locPorts = '';
332     + my @services = split(/,/, $masq{'XtServices'});
333     +
334     + foreach my $servName (@services)
335     + {
336     + $port = ${$servName}{'TCPPort'} || '';
337     + my $servStatus = ${$servName}{'status'} || 'disabled';
338     + my $servAccess = ${$servName}{'access'} || 'private';
339     + my $locBC = ${$servName}{'BadCountries'} || '';
340     + if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
341     + $locPorts .= "$port,";
342     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
343     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
344     + }
345     + }
346     +
347     + ##adding here for service specific
348     + # imaps 993
349     + #$locBC = $imaps{BadCountries} || '';
350     + #$servStatus = $imaps{'status'} || 'disabled';
351     + #$port = $imaps{'TCPPort'} || '993';
352     + #if ($servStatus eq 'enabled' and $locBC ne '') {
353     + # $locPorts .= "${port},";
354     + # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: IMAPS\"\n";
355     + # $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
356     + #}
357     +
358     + # block for all or other ports should move there
359     + if ($BC ne '') {
360     + if ($locPorts ne '') {
361     + $locPorts = substr $locPorts, 0, -1;
362     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
363     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j DROP\n";
364     + } else {
365     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
366     + $OUT .= " /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j DROP\n";
367     + }
368     + }
369     + $OUT .= " /sbin/iptables --append \$NEW_XTGeoIP" .
370     + " -j RETURN\n";
371     + ## end of add
372     +
373     + }
374     + }
375     +
376     +
377     + # Having created a new XTGeoIP chain, activate it and destroy the old.
378     + $OUT .=<<'EOF';
379     + /sbin/iptables --replace XTGeoIP 1 \
380     + --jump $NEW_XTGeoIP
381     + /sbin/iptables --flush $OLD_XTGeoIP
382     + /sbin/iptables --delete-chain $OLD_XTGeoIP
383     +EOF
384     +
385     +}
386     diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip
387     --- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip 2019-04-24 15:05:21.000000000 +0400
388     +++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip 2019-04-25 21:05:02.000000000 +0400
389     @@ -67,11 +67,10 @@
390     header="/etc/e-smith/web/common/head.tmpl"
391     footer="/etc/e-smith/web/common/foot.tmpl">
392    
393     - <page name="First"
394     - pre-event="print_status_message()">
395     - # post-event="wherenext('Second')" >
396     - # Ssh Ipt Second
397     + <page name="First" pre-event="print_status_message()">
398     + # post-event="wherenext('Second')"
399     <description>XT_GEOIP_STATUS_DESCRIPTION</description>
400     +
401     <field
402     type="literal"
403     id="geoip"
404     @@ -100,7 +99,13 @@
405     <label> </label>
406     </field>
407    
408     - <field type="literal" id="client_label" value="">
409     + <field type="literal" id="service_label" value="">
410     + <description>SERVICE_DESCRIPTION</description>
411     + </field>
412     +
413     + <subroutine src="print_custom_button('PER_SERVICE_GEOIP', 'Service', '')"/>
414     +
415     + <field type="literal" id="stats_label" value="">
416     <description>STATS_DESCRIPTION</description>
417     </field>
418    
419     @@ -110,9 +115,9 @@
420     <subroutine src="print_button('NEXT')" />
421     </page>
422    
423     - <page name="Second"
424     - pre-event="turn_off_buttons"
425     - post-event="change_settings()">
426     +
427     +
428     + <page name="Second" pre-event="turn_off_buttons" post-event="change_settings()">
429    
430     <field
431     type="select"
432     @@ -153,9 +158,84 @@
433     </page>
434    
435    
436     - <page name="Stats"
437     - pre-event="generateStats"
438     - post-event="wherenext('First')" >
439     + <page name="Service" pre-event="print_status_message()" post-event="wherenext('First')">
440     + <description>SERVICE_DESCRIPTION</description>
441     + <field
442     + type="literal"
443     + id="badcountries"
444     + value="get_badcountries()">
445     + <label>LABEL_BADCOUNTRIES_STATUS</label>
446     + </field>
447     + <subroutine src="print_service_table()" />
448     + <subroutine src="print_button('NEXT')"/>
449     + </page>
450     +
451     +
452     +
453     + <page name="SrvModify" pre-event="turn_off_buttons()" post-event="modify_serv()">
454     +
455     + <title>ADD_SERVICE</title>
456     + <description>ADD_DESC</description>
457     +
458     + <field
459     + type="literal"
460     + id="service"
461     + value="get_srv_name()">
462     + <label>LABEL_SERVICE</label>
463     + </field>
464     +
465     + <field
466     + type="literal"
467     + id="badcountries"
468     + value="get_badcountries()">
469     + <label>LABEL_BADCOUNTRIES_STATUS</label>
470     + </field>
471     +
472     + <field
473     + type="text"
474     + id="masq_srv_badcountries"
475     + size="64"
476     + validation="srv_must_exist()">
477     + <label>LABEL_BADCOUNTRIES</label>
478     + <description>DESC_BADCOUNTRIES</description>
479     + </field>
480     +
481     + <field
482     + type="literal"
483     + id="srv_badcountries"
484     + value="get_srv_badcountries()">
485     + <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
486     + </field>
487     +
488     + <subroutine src="print_button('SAVE')" />
489     + </page>
490     +
491     +
492     + <page name="SrvRemove" pre-event="turn_off_buttons()" post-event="remove_serv()">
493     +
494     + <title>REMOVE_SERVICE</title>
495     + <description>REMOVE_DESC</description>
496     +
497     + <field
498     + type="literal"
499     + id="service"
500     + value="get_srv_name()">
501     + <label>LABEL_SERVICE</label>
502     + </field>
503     +
504     + <field
505     + type="literal"
506     + id="badcountries"
507     + value="get_srv_badcountries()">
508     + <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
509     + </field>
510     +
511     + <subroutine src="print_button('REMOVE')" />
512     +
513     + </page>
514     +
515     +
516     + <page name="Stats" pre-event="generateStats" post-event="wherenext('First')">
517     <subroutine src="print_button('NEXT')"/>
518     </page>
519    
520     diff -urN smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm
521     --- smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-04-24 15:05:21.000000000 +0400
522     +++ smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm 2019-04-25 20:33:34.000000000 +0400
523     @@ -11,6 +11,7 @@
524     use esmith::FormMagick;
525     use esmith::ConfigDB;
526     use esmith::util;
527     +use esmith::cgi;
528     use File::Basename;
529     use Exporter;
530     use POSIX qw(strftime);
531    
532 michel 1.2 our $VERSION = sprintf '%d.%03d', q$Revision: 1.1 $ =~ /: (\d+).(\d+)/;
533 michel 1.1 @@ -214,7 +224,7 @@
534     my @mq_bcs = split /[,:]/, $q->param("masq_badcountries");
535     if (@mq_bcs) {
536     my $ctr = @mq_bcs;
537     - return $self->localise('ERR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
538     + return $self->localise('ERROR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
539    
540     foreach my $bcs (@mq_bcs) {
541     my $file = "/usr/share/xt_geoip/LE/" . $bcs . ".iv4";
542     @@ -248,7 +258,7 @@
543     $stats_type =~ /(.+)/; $stats_type = $1;
544     if ($stats_type ne "ipt" && $stats_type ne "ssh")
545     {
546     - print $q->p($q->b($self->localise('INVALID_STATS_TYPE').
547     + print $q->p($q->b($self->localise('INVALID_STATS_TYPE')." ".
548     $stats_type));
549     return '';
550     } else {
551     @@ -270,8 +280,174 @@
552     print "</pre>\n";
553    
554     print $q->h3($self->localise('END_OF_STATS'));
555     + $self->wherenext('First');
556     return '';
557     }
558     }
559    
560     +sub get_srv_name
561     +{
562     + my ($self) = @_;
563     + return $self->cgi->param('name');
564     +}
565     +
566     +sub get_srv_badcountries
567     +{
568     + my ($self) = @_;
569     + my $name = $self->cgi->param('name');
570     + return $db->get_prop($name, "BadCountries");
571     +}
572     +
573     +sub print_service_table {
574     + my $self = shift;
575     + my $q = $self->{cgi};
576     + my $servname = $self->localise('NAME');
577     + my $port = $self->localise('PORT');
578     + my $status = $self->localise('STATUS');
579     + my $access = $self->localise('ACCESS');
580     + my $servBC = $self->localise('BADCOUNTRIES');
581     + my $modify = $self->localise('MODIFY');
582     + my $remove = $self->localise('REMOVE');
583     + my $action_h = $self->localise('ACTION');
584     +
585     + my @services = split(/,/, $db->get_prop("masq", "XtServices"));
586     + #my @services = ('imaps','pop3s','sshd','ftp','ssmtpd');
587     +
588     + unless ( scalar @services )
589     + {
590     + print $q->Tr($q->td($self->localise('NO_SERVICES')));
591     + return "";
592     + }
593     +
594     + print $q->start_table({-CLASS => "sme-border"}),"\n";
595     + print $q->Tr (
596     + esmith::cgi::genSmallCell($q, $servname,"header"),
597     + esmith::cgi::genSmallCell($q, $port,"header"),
598     + esmith::cgi::genSmallCell($q, $status,"header"),
599     + esmith::cgi::genSmallCell($q, $access,"header"),
600     + esmith::cgi::genSmallCell($q, $servBC,"header"),
601     + esmith::cgi::genSmallCell($q, $action_h,"header", 2)),"\n";
602     +
603     + my $scriptname = basename($0);
604     +
605     + foreach my $servname (@services)
606     + {
607     + my $i = $db->get($servname);
608     +
609     + my $port = $i->prop('TCPPort');
610     + my $status = $i->prop('status');
611     + my $access = $i->prop('access');
612     + my $servBC = $i->prop('BadCountries') || ' ';
613     +
614     + my $params = $self->build_serv_cgi_params($servname, $i->props());
615     +
616     + my $href = "$scriptname?$params&action=modify&wherenext=";
617     +
618     + my $actionModify = '&nbsp;';
619     + $actionModify .= $q->a({href => "${href}SrvModify"},$modify)
620     + . '&nbsp;';
621     +
622     + my $actionRemove = '&nbsp;';
623     + $actionRemove .= $q->a({href => "${href}SrvRemove"}, $remove)
624     + . '&nbsp';
625     +
626     + my $color = 'red';
627     + if ($status eq 'disabled' || $access ne 'public') { $color = 'green'; }
628     + print $q->Tr (
629     + esmith::cgi::genSmallCell($q, $servname,"normal"),
630     + esmith::cgi::genSmallCell($q, $port,"normal"),
631     + esmith::cgi::genSmallCell($q, $status,"header"),
632     + esmith::cgi::genSmallCell($q, $access,"header"),
633     + esmith::cgi::genSmallCell($q, "<font color='$color'>" . $servBC . "</font>","header"),
634     + esmith::cgi::genSmallCell($q, $actionModify,"normal"),
635     + esmith::cgi::genSmallCell($q, $actionRemove,"normal"));
636     + }
637     +
638     + print $q->end_table,"\n";
639     +
640     + return "";
641     +}
642     +
643     +sub build_serv_cgi_params {
644     + my ($self, $servname, %oldprops) = @_;
645     +
646     + my %props = (
647     + page => 0,
648     + page_stack => "",
649     + name => $servname,
650     + );
651     +
652     + return $self->props_to_query_string(\%props);
653     +}
654     +
655     +sub remove_serv {
656     + my ($self) = @_;
657     + my $name = $self->cgi->param('name');
658     + if (my $serv = $db->get($name)) {
659     + my $servBC = $serv->prop('BadCountries') || '';
660     + if ($servBC ne '') {
661     + $db->set_prop($name, "BadCountries", '');
662     + # Untaint $name before use in system()
663     + # $name =~ /(.+)/; $name = $1;
664     + if (system ("/sbin/e-smith/signal-event", "xt_geoip-service") == 0)
665     + {
666     + return $self->success("SUCCESSFULLY_DELETED_SERVICE");
667     + } else {
668     + return $self->error("ERROR_WHILE_DELETING_SERVICE");
669     + }
670     + } else {
671     + return $self->success('NO_CHANGE');
672     + }
673     +
674     + } else {
675     + $self->error('CANT_FIND_SERV');
676     + }
677     + $self->wherenext('First');
678     +}
679     +
680     +sub modify_serv {
681     + my ($self) = @_;
682     + my $name = $self->cgi->param('name');
683     + if (my $serv = $db->get($name)) {
684     + my $servBC = $serv->prop('BadCountries') || '';
685     +
686     + my $q = $self->{'cgi'};
687     + my $n_servBC = $q->param("masq_srv_badcountries") || $servBC;
688     +
689     + if ($n_servBC eq $servBC) {
690     + return $self->success("NO_CHANGE")
691     + }
692     + $db->set_prop($name, "BadCountries", $n_servBC);
693     +
694     + if (system ( "/sbin/e-smith/signal-event", "xt_geoip-service" ) == 0 )
695     + {
696     + return $self->success("SUCCESS");
697     + } else {
698     + return $self->error("ERROR_UPDATING");
699     + }
700     + } else {
701     + $self->error('CANT_FIND_SERV');
702     + }
703     + $self->wherenext('First');
704     +}
705     +
706     +sub srv_must_exist
707     +{
708     + my $self = shift;
709     + my $q = $self->{cgi};
710     + my $listerr = "";
711     + my @mq_bcs = split /[,:]/, $q->param("masq_srv_badcountries");
712     + if (@mq_bcs) {
713     + my $ctr = @mq_bcs;
714     + return $self->localise('ERROR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
715     +
716     + foreach my $bcs (@mq_bcs) {
717     + my $file = "/usr/share/xt_geoip/LE/" . $bcs . ".iv4";
718     + if (! -f $file) { $listerr .= $bcs . ","; }
719     + }
720     + return $self->localise('ERR_COUNTRY_NOT_EXIST: {$listerr}', {listerr=> "$listerr"}) if $listerr;
721     + }
722     + return 'OK';
723     +}
724     +
725     1;

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed