smeserver-xt_geoip/contribs9/smeserver-xt_geoip-1.0.1-per_service.patch

diff -urN smeserver-xt_geoip-1.0.1.old/createlinks smeserver-xt_geoip-1.0.1/createlinks
--- smeserver-xt_geoip-1.0.1.old/createlinks    2019-04-24 15:05:21.000000000 +0400
+++ smeserver-xt_geoip-1.0.1/createlinks        2019-04-23 22:52:31.000000000 +0400
@@ -12,14 +12,16 @@
 # links to add
 
 # templates to expand
-for my $event (qw(xt_geoip-modify xt_geoip-update bootstrap-console-save console-save))
+for my $event (qw(xt_geoip-modify xt_geoip-update xt_geoip-service bootstrap-console-save console-save))
 {
     templates2events("/etc/rc.d/init.d/masq", $event);
     templates2events("/etc/crontab", $event);
     templates2events("/usr/share/xt_geoip/update_base", $event);
-    if ($event ne 'xt_geoip-modify') { 
-       event_link("smeserver-xt_geoip-download-action", $event, "10"); 
     }
+
+for my $event (qw(xt_geoip-update bootstrap-console-save console-save))
+{
+    event_link("smeserver-xt_geoip-download-action", $event, "10"); 
 }
 
 # services to launch on event
@@ -29,4 +31,10 @@
         "root/etc/e-smith/events/$event/services2adjust/masq");
 }
 
+for my $event (qw(xt_geoip-service))
+{
+    safe_symlink("adjust", 
+        "root/etc/e-smith/events/$event/services2adjust/masq");
+}
+
 # actions to perform
diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/XtServices smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/XtServices
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/db/configuration/defaults/masq/XtServices     1970-01-01 04:00:00.000000000 +0400
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/db/configuration/defaults/masq/XtServices 2019-04-24 14:38:38.000000000 +0400
@@ -0,0 +1 @@
+imaps,pop3s,sshd,ftp,ssmtpd
diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip       2019-04-24 15:05:21.000000000 +0400
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/xt_geoip   2019-04-25 20:56:40.000000000 +0400
@@ -129,4 +129,72 @@
            </trans>
     </entry>
 
+    <entry>
+           <base>SERVICE_DESCRIPTION</base>
+           <trans><![CDATA[ <h2> Per service filtering for Xtables GeoIP</h2><ul>
+               <li>If you want different filtering for certain services</li>
+               </ul><p><i></i></p> ]]>
+           </trans>
+    </entry>
+
+    <entry>
+           <base>LABEL_SERVICE</base>
+           <trans>Service name : </trans>
+    </entry>
+
+    <entry>
+           <base>PER_SERVICE_GEOIP</base>
+           <trans>-> Services</trans>
+    </entry>
+
+    <entry>
+           <base>ADD_SERVICE</base>
+           <trans>Add or modify a per service filtering</trans>
+    </entry>
+    
+    <entry>
+           <base>ADD_DESC</base>
+           <trans>You are choosing a particular country filtering for this service</trans>
+    </entry>
+    
+    <entry>
+           <base>REMOVE_SERVICE</base>
+           <trans>Delete a per service filtering</trans>
+    </entry>
+    
+    <entry>
+           <base>REMOVE_DESC</base>
+           <trans>You are deleting a filtering by service. The general filtering will then apply.</trans>
+    </entry>
+    
+    <entry>
+           <base>SERV_NOT_BAN</base>
+           <trans>Unfiltered service.</trans>
+    </entry>
+
+    <entry>
+           <base>NO_SERVICES</base>
+           <trans>No services.</trans>
+    </entry>
+
+    <entry>
+            <base>LABEL_SERV_BADCOUNTRIES_STATUS</base>
+            <trans>List of rejected country codes for the service : </trans>
+    </entry>
+
+    <entry>
+           <base>SUCCESSFULLY_DELETED_SERVICE</base>
+           <trans>Per service filtering successfully deleted... New filtering taken into account.</trans>    
+    </entry>
+
+    <entry>
+           <base>BADCOUNTRIES</base>
+           <trans>Blacklist</trans>    
+    </entry>
+
+    <entry>
+           <base>ERR_COUNTRY_MAX: {$ctr}</base>
+           <trans>Too many countries chosen: {$ctr}</trans>
+    </entry>
+
 </lexicon>
diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip  2019-04-24 15:05:21.000000000 +0400
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/xt_geoip      2019-04-25 20:56:24.000000000 +0400
@@ -43,15 +43,16 @@
 
     <entry>
            <base>XT_GEOIP_STATUS_DESCRIPTION</base>
-           <trans><![CDATA[ <ul> <li>Le filtrage IP peut être activé ou désactivé à l'aide du bouton adéquat</li>
+           <trans><![CDATA[ <h2>Filtrage général pour Xtables GeoIP </h2>
+           <ul> <li>Le filtrage IP peut être activé ou désactivé à l'aide du bouton adéquat</li>
                <li>Les codes des pays à bannir peut être saisis dans le champ correspondant</li>
                <li>Une mise à jour immédiate de la table peut être demandée ici.</li></ul>
-               <p><i>Attention à ne pas bannir les adresses IP nécessaires au fonctionnement de votre serveur !</i></p> <br><br> ]]></trans>
+               <p><i>Attention à ne pas bannir les adresses IP nécessaires au fonctionnement de votre serveur !</i></p> <br> ]]></trans>
     </entry>
 
     <entry>
             <base>LABEL_BADCOUNTRIES_STATUS</base>
-            <trans>Liste actuelle des codes pays rejetés : </trans>
+            <trans>Liste générale des codes pays rejetés : </trans>
     </entry>
 
     <entry>
@@ -60,12 +61,6 @@
     </entry>
 
     <entry>
-           <base>ERR_COUNTRY_MAX: {$ctr}</base>
-           <trans>Code pays, maximum atteint: {$ctr}</trans>
-    </entry>
-
-
-    <entry>
            <base>LABEL_BADCOUNTRIES</base>
            <trans>Nouveaux codes pays à utiliser :</trans>
     </entry>
@@ -123,12 +118,80 @@
 
     <entry>
            <base>STATS_DESCRIPTION</base>
-           <trans><![CDATA[ <h3>Statistiques pour Xtables GeoIP</h3><ul>
+           <trans><![CDATA[ <h2>Statistiques pour Xtables GeoIP </h2><ul>
                <li>Pour 3 périodes : Jour, Semaine et Mois</li>
                <li>Ips bloqués par pays triés par score</li>
                <li>Erreurs Ssh par pays triées par score </li>
                </ul><p><i>XX signifie Pays non trouvé !</i></p> ]]>
            </trans>
     </entry>
+
+    <entry>
+           <base>SERVICE_DESCRIPTION</base>
+           <trans><![CDATA[ <h2> Filtrage par service pour Xtables GeoIP</h2><ul>
+               <li>Si vous souhaitez un filtrage différent pour certains services</li>
+               </ul><p><i></i></p> ]]>
+           </trans>
+    </entry>
+
+    <entry>
+           <base>LABEL_SERVICE</base>
+           <trans>Nom du service : </trans>
+    </entry>
+
+    <entry>
+           <base>PER_SERVICE_GEOIP</base>
+           <trans>-> Services</trans>
+    </entry>
+
+    <entry>
+           <base>ADD_SERVICE</base>
+           <trans>Ajouter ou modifier un fitrage par service</trans>
+    </entry>
+    
+    <entry>
+           <base>ADD_DESC</base>
+           <trans>Vous allez choisir un filtrage pays particulier pour ce service</trans>
+    </entry>
+    
+    <entry>
+           <base>REMOVE_SERVICE</base>
+           <trans>Supprimer un fitrage par service</trans>
+    </entry>
+    
+    <entry>
+           <base>REMOVE_DESC</base>
+           <trans>Vous allez supprimer un filtrage par service. Le filtrage général va alors s'appliquer.</trans>
+    </entry>
+    
+    <entry>
+           <base>SERV_NOT_BAN</base>
+           <trans>Service non filtré.</trans>
+    </entry>
+
+    <entry>
+           <base>NO_SERVICES</base>
+           <trans>Aucun service.</trans>
+    </entry>
+
+    <entry>
+            <base>LABEL_SERV_BADCOUNTRIES_STATUS</base>
+            <trans>Liste des codes pays rejetés du service : </trans>
+    </entry>
+
+    <entry>
+           <base>SUCCESSFULLY_DELETED_SERVICE</base>
+           <trans>Suppression du service réussi... Nouveau filtrage pris en compte.</trans>    
+    </entry>
+
+    <entry>
+           <base>BADCOUNTRIES</base>
+           <trans>Liste noire</trans>    
+    </entry>
+
+    <entry>
+           <base>ERR_COUNTRY_MAX: {$ctr}</base>
+           <trans>Code(s) pays inexistant(s) sur le serveur: {$listerr}</trans>
+    </entry>
     
 </lexicon>
diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip     2019-04-24 15:05:21.000000000 +0400
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/40Xt_Geoip 2019-04-24 17:24:02.000000000 +0400
@@ -7,16 +7,54 @@
     my $PATH_MODULE = "/lib/modules/$KERNEL/extra/xt_geoip.ko";
     my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
     my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
-    if ($GP eq 'enabled' and $BC ne '')
+    my $port;
+    my $locPorts;
+    my $servStatus;
+    my $locBC;
+    if ($GP eq 'enabled')
     {
         if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
         {
-           $OUT .= "    ## xtables-addons GEOIP ##\n";
-           $OUT .= "    /sbin/iptables -A INPUT -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
-           $OUT .= "    /sbin/iptables -A INPUT -m geoip --src-cc $BC -j DROP\n";
-           $OUT .= "    ## xtables-addons GEOIP ##\n";
-       } else
-           { $OUT .= "    # module xt_geoip not found for current kernel"; }
-    } else
-       { $OUT .= "    # xt_geoip disabled or no 'BadCountries' defined\n"; }
+            # to allow reload      
+            $OUT .=<<'EOF';
+   # A blacklist chain for xtables-addons GEOIP
+    /sbin/iptables --new-chain XTGeoIP
+    /sbin/iptables --new-chain XTGeoIP_1
+    /sbin/iptables --append XTGeoIP -j XTGeoIP_1
+    /sbin/iptables --insert INPUT 1 \
+       -j XTGeoIP
+EOF
+    ##adding here for service specific
+    $locPorts='';
+    
+       my @services = split(/,/, $masq{'XtServices'});
+       foreach my $servName (@services) 
+       {
+           $port = ${$servName}{'TCPPort'} || '';
+           my $servStatus = ${$servName}{'status'} || 'disabled';
+           my $servAccess = ${$servName}{'access'} || 'private';
+           my $locBC = ${$servName}{'BadCountries'} || '';
+           if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
+               $locPorts .= "$port,";
+                $OUT .= "    /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
+                $OUT .= "    /sbin/iptables -A XTGeoIP_1 -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
+           }
+       }
+
+    # block for other or all should move there
+    if ($BC ne '') {
+       if ($locPorts ne '') {
+               $locPorts = substr $locPorts, 0, -1;
+                $OUT .= "    /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
+                $OUT .= "    /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip -m multiport ! --dports $locPorts  --src-cc $BC -j DROP\n";
+       } else {
+                $OUT .= "    /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
+                $OUT .= "    /sbin/iptables -A XTGeoIP_1 -p tcp -m geoip --src-cc $BC -j DROP\n";
+        }
+    }
+    $OUT .= "    /sbin/iptables --append  XTGeoIP_1" .
+                " -j RETURN\n";
+    ## end of add
+    } else { $OUT .= "    # module xt_geoip not found for current kernel\n"; }
+    } else { $OUT .= "    # xt_geoip disabled\n"; }
 }
diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip       1970-01-01 04:00:00.000000000 +0400
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustXt_Geoip   2019-04-24 17:24:22.000000000 +0400
@@ -0,0 +1,81 @@
+{
+    my $BC = $masq{BadCountries} || '';
+    my $GP = $masq{GeoIP} || 'disabled';
+    my $KERNEL = `/bin/uname -r`;
+    chomp($KERNEL);
+    my $PATH_MODULE = "/lib/modules/$KERNEL/extra/xt_geoip.ko";
+    my $PATH2_MODULE = "/lib/modules/$KERNEL/weak-updates/xt_geoip.ko";
+    my $PATH3_MODULE = "/lib/modules/$KERNEL/weak-updates/xtables-addons/xt_geoip.ko";
+    my $port;
+    my $locPorts;
+    my $servStatus;
+    my $locBC;
+
+
+    # Find the current XTGeoIP_$$ chain, and create a new one.
+    $OUT .=<<'EOF';
+    OLD_XTGeoIP=$(get_safe_id XTGeoIP filter find)
+    NEW_XTGeoIP=$(get_safe_id XTGeoIP filter new)
+    /sbin/iptables --new-chain $NEW_XTGeoIP
+EOF
+
+    if ($GP eq 'enabled' and $BC ne '')
+    {
+        if (-s $PATH_MODULE || -s $PATH2_MODULE || -s $PATH3_MODULE)
+        {
+        # add content here
+       $locPorts = '';
+       my @services = split(/,/, $masq{'XtServices'});
+       
+       foreach my $servName (@services) 
+       {
+           $port = ${$servName}{'TCPPort'} || '';
+           my $servStatus = ${$servName}{'status'} || 'disabled';
+           my $servAccess = ${$servName}{'access'} || 'private';
+           my $locBC = ${$servName}{'BadCountries'} || '';
+           if ($port ne '' and $servStatus eq 'enabled' and $servAccess eq 'public' and $locBC ne '') {
+               $locPorts .= "$port,";
+                $OUT .= "    /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: $servName\"\n";
+                $OUT .= "    /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
+           }
+       }
+
+            ##adding here for service specific
+                # imaps 993
+                #$locBC = $imaps{BadCountries} || '';
+                #$servStatus = $imaps{'status'} || 'disabled';
+                #$port = $imaps{'TCPPort'} || '993';
+                #if ($servStatus eq 'enabled' and $locBC ne '') {
+               #       $locPorts .= "${port},";
+                #        $OUT .= "    /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j ULOG --ulog-prefix \"GeoIP BAN: IMAPS\"\n";
+                #        $OUT .= "    /sbin/iptables -A \$NEW_XTGeoIP -m geoip --src-cc $locBC -p tcp --dport $port -j DROP\n";
+                #}
+
+                # block for all or other ports should move there
+                if ($BC ne '') {
+                   if ($locPorts ne '') {
+                       $locPorts = substr $locPorts, 0, -1;
+                        $OUT .= "    /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: OTHER\"\n";
+                        $OUT .= "    /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip -m multiport ! --dports $locPorts  --src-cc $BC -j DROP\n";
+                   } else {
+                        $OUT .= "    /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j ULOG --ulog-prefix \"GeoIP BAN: ALL\"\n";
+                        $OUT .= "    /sbin/iptables -A \$NEW_XTGeoIP -p tcp -m geoip --src-cc $BC -j DROP\n";
+                   }
+                }
+                $OUT .= "    /sbin/iptables --append  \$NEW_XTGeoIP" .
+                " -j RETURN\n";
+            ## end of add
+
+        }
+    }
+
+
+    # Having created a new XTGeoIP chain, activate it and destroy the old.
+    $OUT .=<<'EOF';
+    /sbin/iptables --replace XTGeoIP 1 \
+            --jump $NEW_XTGeoIP
+    /sbin/iptables --flush $OLD_XTGeoIP
+    /sbin/iptables --delete-chain $OLD_XTGeoIP
+EOF
+
+}
diff -urN smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip
--- smeserver-xt_geoip-1.0.1.old/root/etc/e-smith/web/functions/xt_geoip        2019-04-24 15:05:21.000000000 +0400
+++ smeserver-xt_geoip-1.0.1/root/etc/e-smith/web/functions/xt_geoip    2019-04-25 21:05:02.000000000 +0400
@@ -67,11 +67,10 @@
     header="/etc/e-smith/web/common/head.tmpl"
     footer="/etc/e-smith/web/common/foot.tmpl">
 
-    <page name="First" 
-           pre-event="print_status_message()">
-           # post-event="wherenext('Second')" >
-            # Ssh Ipt Second
+    <page name="First" pre-event="print_status_message()">
+           # post-event="wherenext('Second')"
        <description>XT_GEOIP_STATUS_DESCRIPTION</description>
+
        <field
             type="literal"
             id="geoip"
@@ -100,7 +99,13 @@
            <label> </label>
        </field>        
 
-        <field type="literal" id="client_label" value="">
+        <field type="literal" id="service_label" value="">
+            <description>SERVICE_DESCRIPTION</description>
+        </field>
+
+        <subroutine src="print_custom_button('PER_SERVICE_GEOIP', 'Service', '')"/>
+
+        <field type="literal" id="stats_label" value="">
             <description>STATS_DESCRIPTION</description>
         </field>
 
@@ -110,9 +115,9 @@
        <subroutine src="print_button('NEXT')" />
     </page>
 
-    <page name="Second" 
-       pre-event="turn_off_buttons"
-        post-event="change_settings()">
+
+
+    <page name="Second" pre-event="turn_off_buttons" post-event="change_settings()">
        
        <field
             type="select"
@@ -153,9 +158,84 @@
     </page>
 
 
-    <page name="Stats" 
-       pre-event="generateStats" 
-        post-event="wherenext('First')" >
+    <page name="Service" pre-event="print_status_message()" post-event="wherenext('First')">
+        <description>SERVICE_DESCRIPTION</description>
+       <field
+           type="literal"
+           id="badcountries"
+           value="get_badcountries()">
+           <label>LABEL_BADCOUNTRIES_STATUS</label>
+       </field>        
+        <subroutine src="print_service_table()" />
+       <subroutine src="print_button('NEXT')"/>
+    </page>
+
+
+
+    <page name="SrvModify" pre-event="turn_off_buttons()" post-event="modify_serv()">
+
+        <title>ADD_SERVICE</title>
+        <description>ADD_DESC</description>
+
+       <field
+           type="literal"
+           id="service"
+           value="get_srv_name()">
+           <label>LABEL_SERVICE</label>
+       </field>
+
+       <field
+           type="literal"
+           id="badcountries"
+           value="get_badcountries()">
+           <label>LABEL_BADCOUNTRIES_STATUS</label>
+       </field>        
+
+       <field
+           type="text"
+           id="masq_srv_badcountries"
+           size="64"
+           validation="srv_must_exist()">
+           <label>LABEL_BADCOUNTRIES</label>
+           <description>DESC_BADCOUNTRIES</description>
+       </field>
+               
+       <field
+           type="literal"
+           id="srv_badcountries"
+           value="get_srv_badcountries()">
+           <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
+       </field>
+
+        <subroutine src="print_button('SAVE')" />
+    </page>
+
+
+    <page name="SrvRemove" pre-event="turn_off_buttons()" post-event="remove_serv()">
+
+        <title>REMOVE_SERVICE</title>
+        <description>REMOVE_DESC</description>
+
+       <field
+           type="literal"
+           id="service"
+           value="get_srv_name()">
+           <label>LABEL_SERVICE</label>
+       </field>
+
+       <field
+           type="literal"
+           id="badcountries"
+           value="get_srv_badcountries()">
+           <label>LABEL_SERV_BADCOUNTRIES_STATUS</label>
+       </field>        
+
+        <subroutine src="print_button('REMOVE')" />
+
+    </page>
+
+
+    <page name="Stats" pre-event="generateStats"  post-event="wherenext('First')">
        <subroutine src="print_button('NEXT')"/>
     </page>
 
diff -urN smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm
--- smeserver-xt_geoip-1.0.1.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm   2019-04-24 15:05:21.000000000 +0400
+++ smeserver-xt_geoip-1.0.1/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/xt_geoip.pm       2019-04-25 20:33:34.000000000 +0400
@@ -11,6 +11,7 @@
 use esmith::FormMagick;
 use esmith::ConfigDB;
 use esmith::util;
+use esmith::cgi;
 use File::Basename;
 use Exporter;
 use POSIX qw(strftime);
 
 our $VERSION = sprintf '%d.%03d', q$Revision: 1.2 $ =~ /: (\d+).(\d+)/;
@@ -214,7 +224,7 @@
     my @mq_bcs = split /[,:]/, $q->param("masq_badcountries");
     if (@mq_bcs) {
        my $ctr = @mq_bcs;
-       return $self->localise('ERR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
+       return $self->localise('ERROR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
 
        foreach my $bcs (@mq_bcs) {
            my $file = "/usr/share/xt_geoip/LE/" . $bcs . ".iv4";
@@ -248,7 +258,7 @@
         $stats_type =~ /(.+)/; $stats_type = $1;
        if ($stats_type ne "ipt" && $stats_type ne "ssh")
        {
-               print $q->p($q->b($self->localise('INVALID_STATS_TYPE').
+               print $q->p($q->b($self->localise('INVALID_STATS_TYPE')." ".
                        $stats_type));
                return '';
        } else  {
@@ -270,8 +280,174 @@
        print "</pre>\n";
 
        print $q->h3($self->localise('END_OF_STATS'));
+       $self->wherenext('First');
        return '';
        }
 }
 
+sub get_srv_name
+{
+    my ($self) = @_;
+    return $self->cgi->param('name');
+}
+
+sub get_srv_badcountries
+{
+    my ($self) = @_;
+    my $name = $self->cgi->param('name');
+    return $db->get_prop($name, "BadCountries");
+}
+
+sub print_service_table {
+    my $self = shift;
+    my $q = $self->{cgi};
+    my $servname        = $self->localise('NAME');
+    my $port   = $self->localise('PORT');
+    my $status         = $self->localise('STATUS');
+    my $access         = $self->localise('ACCESS');
+    my $servBC         = $self->localise('BADCOUNTRIES');
+    my $modify      = $self->localise('MODIFY');
+    my $remove      = $self->localise('REMOVE');
+    my $action_h    = $self->localise('ACTION');
+
+    my @services = split(/,/, $db->get_prop("masq", "XtServices"));
+    #my @services = ('imaps','pop3s','sshd','ftp','ssmtpd');
+
+    unless ( scalar @services )
+    {
+        print $q->Tr($q->td($self->localise('NO_SERVICES')));
+        return "";
+    }
+
+    print $q->start_table({-CLASS => "sme-border"}),"\n";
+    print $q->Tr (
+                  esmith::cgi::genSmallCell($q, $servname,"header"),
+                  esmith::cgi::genSmallCell($q, $port,"header"),
+                  esmith::cgi::genSmallCell($q, $status,"header"),
+                  esmith::cgi::genSmallCell($q, $access,"header"),
+                  esmith::cgi::genSmallCell($q, $servBC,"header"),
+                  esmith::cgi::genSmallCell($q, $action_h,"header", 2)),"\n";
+
+    my $scriptname = basename($0);
+
+    foreach my $servname (@services) 
+    {
+       my $i = $db->get($servname);
+
+        my $port = $i->prop('TCPPort');
+        my $status = $i->prop('status');
+        my $access = $i->prop('access');
+        my $servBC = $i->prop('BadCountries') || ' ';
+
+        my $params = $self->build_serv_cgi_params($servname, $i->props());
+
+        my $href = "$scriptname?$params&action=modify&wherenext=";
+
+        my $actionModify = '&nbsp;';
+       $actionModify .= $q->a({href => "${href}SrvModify"},$modify)
+                 . '&nbsp;';
+
+        my $actionRemove = '&nbsp;';
+            $actionRemove .= $q->a({href => "${href}SrvRemove"}, $remove) 
+                  . '&nbsp';
+
+       my $color = 'red';
+       if ($status eq 'disabled' || $access ne 'public') { $color = 'green'; }
+        print $q->Tr (
+            esmith::cgi::genSmallCell($q, $servname,"normal"),
+            esmith::cgi::genSmallCell($q, $port,"normal"),
+            esmith::cgi::genSmallCell($q, $status,"header"),
+            esmith::cgi::genSmallCell($q, $access,"header"),
+            esmith::cgi::genSmallCell($q, "<font color='$color'>" . $servBC . "</font>","header"),
+            esmith::cgi::genSmallCell($q, $actionModify,"normal"),
+            esmith::cgi::genSmallCell($q, $actionRemove,"normal"));
+    }
+
+    print $q->end_table,"\n";
+
+    return "";
+}
+
+sub build_serv_cgi_params {
+    my ($self, $servname, %oldprops) = @_;
+
+    my %props = (
+        page    => 0,
+        page_stack => "",
+        name => $servname,
+    );
+
+    return $self->props_to_query_string(\%props);
+}
+
+sub remove_serv {
+    my ($self) = @_;
+    my $name = $self->cgi->param('name');
+    if (my $serv = $db->get($name)) {
+       my $servBC = $serv->prop('BadCountries') || '';
+        if ($servBC ne '') {
+           $db->set_prop($name, "BadCountries", '');
+            # Untaint $name before use in system()
+            # $name =~ /(.+)/; $name = $1;
+            if (system ("/sbin/e-smith/signal-event", "xt_geoip-service") == 0) 
+            {
+                return $self->success("SUCCESSFULLY_DELETED_SERVICE");
+            } else {
+                return $self->error("ERROR_WHILE_DELETING_SERVICE");
+            }
+        } else {
+            return $self->success('NO_CHANGE');
+        }
+
+    } else {
+        $self->error('CANT_FIND_SERV');
+    }
+    $self->wherenext('First');
+}
+
+sub modify_serv {
+    my ($self) = @_;
+    my $name = $self->cgi->param('name');
+    if (my $serv = $db->get($name)) {
+       my $servBC = $serv->prop('BadCountries') || '';
+
+       my $q = $self->{'cgi'};
+       my $n_servBC = $q->param("masq_srv_badcountries") || $servBC;
+       
+       if ($n_servBC eq $servBC) {
+           return $self->success("NO_CHANGE")
+       }
+       $db->set_prop($name, "BadCountries", $n_servBC);
+
+        if (system ( "/sbin/e-smith/signal-event",  "xt_geoip-service" ) == 0 )
+       {
+           return $self->success("SUCCESS");
+        } else {
+           return $self->error("ERROR_UPDATING");
+        }
+    } else {    
+        $self->error('CANT_FIND_SERV');
+    }
+    $self->wherenext('First');
+}
+
+sub srv_must_exist
+{
+    my $self = shift;
+    my $q = $self->{cgi};
+    my $listerr = "";
+    my @mq_bcs = split /[,:]/, $q->param("masq_srv_badcountries");
+    if (@mq_bcs) {
+       my $ctr = @mq_bcs;
+       return $self->localise('ERROR_COUNTRY_MAX: {$ctr}', {ctr=> "$ctr"}) if ($ctr > 50);
+
+       foreach my $bcs (@mq_bcs) {
+           my $file = "/usr/share/xt_geoip/LE/" . $bcs . ".iv4";
+           if (! -f $file)  { $listerr .= $bcs . ","; }
+       }
+       return $self->localise('ERR_COUNTRY_NOT_EXIST: {$listerr}', {listerr=> "$listerr"}) if $listerr;
+    }
+    return 'OK';
+}
+
 1;