smeserver-manager/sme10/smeserver-manager-0.1.0-portforwarding-localnetwork-cleanup.patch

diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Localnetworks.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Localnetworks.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Localnetworks.pm    2020-04-07 07:05:13.511766797 +0100
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Localnetworks.pm        2020-04-07 06:44:00.000000000 +0100
@@ -13,9 +13,6 @@
 use esmith::util;
 use esmith::HostsDB;
 
-#use esmith::AccountsDB;
-#our $cdb = esmith::ConfigDB->open || die "Couldn't open configuration db";
-
 my $network_db = esmith::NetworksDB->open() || die("Couldn't open networks db");
 my $ret = "OK";
 
@@ -73,7 +70,6 @@
    if ( $trt eq 'ADD1' ) {
                #Add a network - called after new network details filled in
         my %ret = add_network($c);     
-        #die(%ret);
         #Return to list page if success        
         if ((index($ret{ret},"SUCCESS") != -1))  {
                        $trt = "LIST";
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Portforwarding.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Portforwarding.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Portforwarding.pm   1970-01-01 01:00:00.000000000 +0100
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/Controller/Portforwarding.pm       2020-04-06 12:31:00.000000000 +0100
@@ -0,0 +1,407 @@
+package SrvMngr::Controller::Portforwarding;
+
+use strict;
+use warnings;
+use Mojo::Base 'Mojolicious::Controller';
+
+use Locale::gettext;
+use SrvMngr::I18N;
+use SrvMngr qw(theme_list init_session_cgi);
+#use Regexp::Common qw /net/;
+
+use Data::Dumper;
+use esmith::util;
+use esmith::HostsDB;
+
+our $db = esmith::ConfigDB->open
+    || die "Can't open configuration database: $!\n";
+our $tcp_db = esmith::ConfigDB->open('portforward_tcp')
+    || die "Can't open portforward_tcp database: $!\n";
+our $udp_db = esmith::ConfigDB->open('portforward_udp')
+    || die "Can't open portforward_udp database: $!\n";
+
+
+my %ret = ();
+
+use constant FALSE => 0;
+use constant TRUE  => 1;
+
+sub main {
+
+    my $c = shift;
+    $c->app->log->info( $c->log_req );
+
+    my %pf_datas = ();
+    $pf_datas{return} = "";
+    my $title = $c->l('pf_FORM_TITLE');
+    my $modul = '';
+
+    $pf_datas{trt} = 'LIST';
+
+    my @tcpforwards = $tcp_db->get_all;
+    my @udpforwards = $udp_db->get_all;
+    my $empty = 1 if not @tcpforwards and not @udpforwards;
+
+     $c->stash(
+        title         => $title,
+        modul         => $modul,
+        pf_datas      => \%pf_datas,
+        tcpforwards =>\@tcpforwards,
+        udpforwards =>\@udpforwards,
+        empty => $empty
+    );
+    $c->render( template => 'portforwarding' );
+}
+
+sub do_display {
+
+    my $c = shift;
+    $c->app->log->info( $c->log_req );
+    #my $pf_datas = $c->stash('pf_datas');
+    my $portforwards = $c->stash('portforwards');
+
+    my $rt           = $c->current_route;
+    my $trt          = ( $c->param('trt') || 'LIST' );
+
+
+    $trt = 'DEL'  if ( $rt eq 'portforwardingdel' );
+    $trt = 'ADD'  if ( $rt eq 'portforwardingadd' );
+    $trt = 'ADD1'  if ( $rt eq 'portforwardingadd1' );
+    $trt = 'DEL1' if ( $rt eq 'portforwardingdel1' );
+
+    my %pf_datas = ();
+    my $title    = $c->l('pf_FORM_TITLE');
+    my $modul    = '';
+
+ 
+    if ( $trt eq 'ADD' ) {
+               # Add a portforward- called from the list panel
+               # Nothing to do here...as just need template to display fields to input data.
+
+    }
+
+   if ( $trt eq 'ADD1' ) {
+               #Add a port forward - called after new pf details filled in
+        my %ret = add_portforward($c); 
+        #Return to list page if success        
+        if ((index($ret{ret},"SUCCESS") != -1))  {
+                       $trt = "LIST";
+               } else {
+                       #Error - return to Add page
+                       $trt = "ADD";
+               }       
+               $c->stash(ret=>\%ret);
+    }
+
+    if ( $trt eq 'DEL1' ) {
+               ##After Remove clicked on Delete network panel
+               my $sport = $c->param("sport") || '';
+               my $proto = $c->param("proto") || '';
+       #work out which protocol        
+        my $fdb;
+        if ($proto eq 'TCP') {
+            $fdb = $tcp_db;
+        }
+        else {
+            $fdb = $udp_db;
+        }
+               #check that the sport is in the db
+               my $entry = $fdb->get($sport) || die("Unable to find sport and proto $sport $proto");
+        $entry->delete;
+               system( "/sbin/e-smith/signal-event", "portforwarding-update") == 0
+                 or ( die($c->l('pf_ERR_NONZERO_RETURN_EVENT')));
+               $trt = "LIST";
+               my %ret = (ret=>"pf_SUCCESS");
+               $c->stash(ret=>\%ret);
+    }
+
+    if ( $trt eq 'DEL' ) {
+               ##Initial delete panel requiring confirmation
+               my $sport = $c->param("sport") || '';
+               my $proto = $c->param("proto") || '';
+       $c->stash(sport=>$sport);
+       #work out which protocol        
+        my $fdb;
+        if ($proto eq 'TCP') {
+            $fdb = $tcp_db;
+        }
+        else {
+            $fdb = $udp_db;
+        }
+               #pull out details and pass to template
+               my $entry = $fdb->get($sport) || die("Unable to find sport and proto $sport $proto");
+        $pf_datas{proto} = $proto;
+        $pf_datas{sport} = $sport;
+        $pf_datas{dhost} = $entry->prop('DestHost');
+        $pf_datas{dport} = $entry->prop('DestPort') || '';
+        $pf_datas{cmmnt}  = $entry->prop('Comment') || '';
+        $pf_datas{allow}  = $entry->prop('AllowHosts') || '';        
+     }
+
+    if ( $trt eq 'LIST' ) {
+               #List all the port forwards
+               my @tcpforwards = $tcp_db->get_all;
+               my @udpforwards = $udp_db->get_all;
+               my $empty = 1 if not @tcpforwards and not @udpforwards;
+
+               $c->stash(
+                       tcpforwards =>\@tcpforwards,
+                       udpforwards =>\@udpforwards,
+                       empty => $empty
+               );
+
+               #my %forwards = (TCP=>@tcpforwards,UDP=>@udpforwards);
+               #$c->stash(portforwarding => %forwards);
+    }
+
+    $pf_datas{'trt'} = $trt;  
+    $c->stash( title => $title, modul => $modul, pf_datas => \%pf_datas );
+    $c->render( template => 'portforwarding' );
+}
+
+sub add_portforward {
+       my $c = shift;
+       my $sport = $c->param("sport") || '';
+       my $proto = $c->param("proto") || '';
+       #work out which protocol        
+       my $fdb;
+       if ($proto eq 'TCP') {
+               $fdb = $tcp_db;
+       }
+       else {
+               $fdb = $udp_db;
+       }
+       #Get the values 
+       my $proto = $c->param("proto");
+       my $sport = $c->param("sport");
+       my $dport = $c->param("dport");
+       my $dhost = get_destination_host($c);
+       my $cmmnt = $c->param("commnt") || "";
+       my $allow = $c->param("allow") || "";
+       my $deny = (($c->param("allow")) ? "0.0.0.0/0" : "");
+       $proto =~ s/^\s+|\s+$//g;
+       $sport =~ s/^\s+|\s+$//g;
+       $dport =~ s/^\s+|\s+$//g;
+       $dhost =~ s/^\s+|\s+$//g;
+       #Validate the values
+       %ret=validate_source_port($c) ; unless (index($ret{ret},"SUCCESS")!= -1) {return %ret;}
+       %ret=validate_allowed_hosts($c) ; if (index($ret{ret},"SUCCESS")== -1) {return %ret;}
+       %ret=validate_destination_port($c) ; if (index($ret{ret},"SUCCESS")== -1) {return %ret;}
+       %ret=validate_destination_host($c) ; if (index($ret{ret},"SUCCESS")== -1) {return %ret;}
+    # and then write it to the DB and tell the exec about it.        
+       my $entry = $fdb->get($sport) || $fdb->new_record($sport, { type => 'forward' });
+       $entry->set_prop('DestHost', $dhost);
+       $entry->set_prop('DestPort', $dport) if $dport;
+       $entry->set_prop('Comment', $cmmnt);
+       $entry->set_prop('AllowHosts', $allow);
+       $entry->set_prop('DenyHosts', $deny);
+       system( "/sbin/e-smith/signal-event", "portforwarding-update") == 0
+      or ( return (ret=>'pf_ERR_NONZERO_RETURN_EVENT' ));
+    my %ret = (ret=>"pf_SUCCESS");
+    return %ret;
+    
+}
+
+sub get_destination_host
+{
+    my $q = shift;
+    my $dhost = $q->param("dhost");
+    my $localip = $db->get_prop('InternalInterface', 'IPAddress');
+    my $external_ip = $db->get_prop('ExternalInterface', 'IPAddress') || $localip;
+
+    if ($dhost =~ /^(127.0.0.1|$localip|$external_ip)$/i)
+    {
+        # localhost token gets expanded at runtime to current external IP
+        $dhost = 'localhost';
+    }
+    return $dhost;
+}
+
+sub validate_source_port {
+    my $q = shift;
+    my $sport = $q->param('sport');
+    $sport =~ s/^\s+|\s+$//g;
+    # If this is a port range, split it up and validate it individually.
+    my @ports = ();
+    if ($sport =~ /-/)
+    {
+        @ports = split /-/, $sport;
+        if (@ports > 2)
+        {
+            #$self->debug_msg("found more than 2 ports: @ports");
+            return (ret=>'pf_ERR_BADPORT');
+        }
+    }
+    else
+    {
+        push @ports, $sport;
+    }
+    #$self->debug_msg("the ports array is: @ports");
+    foreach my $port (@ports)
+    {
+        #$self->debug_msg("looping on port $port");
+        if (! isValidPort($port))
+        {
+            #$self->debug_msg("returning: " . $self->localise('ERR_BADPORT'));
+            return (ret=>'pf_ERR_BADPORT');
+        }
+    }
+    # Now, lets screen any duplicates. 
+    my $protocol = $q->param('protocol');
+    my @forwards = ();
+
+    # Grab the existing rules for this protocol.
+    if ($protocol eq 'TCP') {
+        @forwards = map { $_->key } $tcp_db->get_all;
+    } elsif ($protocol eq 'UDP') {
+        @forwards = map { $_->key } $udp_db->get_all;
+    }
+    foreach my $psport (@forwards)
+    {
+        if (detect_collision($sport, $psport))
+        {
+            return (ret=>'pf_ERR_PORT_COLLISION');
+        }
+    }
+    return (ret=>"pf_SUCCESS");
+}
+
+sub detect_collision
+{
+    my $port_a = shift;
+    my $port_b = shift;
+    
+    # If they're both single ports, see if they're the same.
+    if (($port_a !~ /-/) && ($port_b !~ /-/))
+    {
+        return $port_a eq $port_b;
+    }
+    # If port_a is not a range but port_b is, is a in b?
+    elsif ($port_a !~ /-/)
+    {
+        my ($b1, $b2) = split /-/, $port_b;
+        return (($port_a >= $b1) && ($port_a <= $b2));
+    }
+    elsif ($port_b !~ /-/)
+    {
+        my ($a1, $a2) = split /-/, $port_a;
+        return (($port_b >= $a1) && ($port_b <= $a2));
+    }
+    else
+    {
+        # They're both ranges. Do they overlap?
+        my ($a1, $a2) = split /-/, $port_a;
+        my ($b1, $b2) = split /-/, $port_b;
+        # They can overlap in two ways. Either a1 is in b, or b1 is in a.
+        if (($a1 >= $b1) && ($a1 <= $b2))
+        {
+            return TRUE;
+        }
+        elsif (($b1 >= $a1) && ($b1 <= $a2))
+        {
+            return TRUE;
+        }
+        return FALSE;
+    }
+}
+
+
+sub validate_destination_port {
+    my $c = shift;
+    my $dport = $c->param('dport');
+    $dport =~ s/^\s+|\s+$//g;
+    # If the dport is empty, that's ok. 
+    return (ret=>'pf_SUCCESS') if not $dport;
+
+    # If this is a port range, split it up and validate it individually.
+    my @ports = ();
+    if ($dport =~ /-/)
+    {
+        @ports = split /-/, $dport;
+        if (@ports > 2)
+        {
+            #$self->debug_msg("found more than 2 ports: @ports");
+            return (ret=>'pf_ERR_BADPORT');
+        }
+    }
+    else
+    {
+        push @ports, $dport;
+    }
+    #$self->debug_msg("the ports array is: @ports");
+
+    foreach my $port (@ports)
+    {
+        #$self->debug_msg("looping on port $port");
+        if (! isValidPort($port))
+        {
+            #$self->debug_msg("returning: " . $self->localise('ERR_BADPORT'));
+            return (ret=>'pf_ERR_BADPORT');
+        }
+    }
+    return (ret=>'pf_SUCCESS');
+}
+
+
+sub isValidPort() {
+    my $port = shift;
+
+    return FALSE unless defined $port;
+
+    if (($port =~ /^\d+$/) &&
+        ($port > 0) &&
+        ($port < 65536))
+    {
+        return TRUE;
+    }
+    else {
+        return FALSE;
+    }
+}
+
+sub validate_destination_host {
+    my $c = shift;
+    my $dhost = $c->param('dhost');
+    $dhost =~ s/^\s+|\s+$//g;
+
+    my $localip = $db->get_prop('InternalInterface', 'IPAddress');
+    my $external_ip = $db->get_prop('ExternalInterface', 'IPAddress') || $localip;
+
+    if ($dhost =~ /^(localhost|127.0.0.1|$localip|$external_ip)$/i)
+    {
+        # localhost token gets expanded at runtime to current external IP
+        $c->param(-name=>'dhost', -value=>'localhost');
+        return (ret=>'pf_SUCCESS');
+    }
+
+    my $systemmode = $db->get_value('SystemMode');
+
+    if ($systemmode eq 'serveronly') {
+        return (ret=>'pf_IN_SERVERONLY');
+    }
+
+    if (isValidIP($dhost)) {
+        return (ret=>'pf_SUCCESS');
+    }
+    else {
+        return (ret=>'pf_ERR_BADIP');
+    }
+}
+
+sub validate_allowed_hosts {
+    my $c = shift;
+    my $ahost = $c->param('allow');
+    $ahost =~ s/^\s+|\s+$//g;
+
+    my %valid_ahost_list = (ret=>"pf_SUCCESS");
+
+    foreach (split(/[\s,]+/, $ahost)) {
+        my $valid_ipnet = 0;
+        $valid_ipnet = 1 if ($_ =~ m/^\d+\.\d+\.\d+\.\d+$/);
+        $valid_ipnet = 1 if ($_ =~ m/^\d+\.\d+\.\d+\.\d+\/\d+$/);
+        %valid_ahost_list = (ret=>"pf_ERR_BADAHOST") if ($valid_ipnet != 1);
+    }
+
+    return %valid_ahost_list;
+}
+1;
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/I18N/en.pm smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/I18N/en.pm
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/I18N/en.pm     2020-04-07 07:05:11.686749826 +0100
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/lib/SrvMngr/I18N/en.pm 2020-04-07 09:29:08.436312695 +0100
@@ -1818,6 +1818,115 @@
   handle this nonstandard subnet mask. The simpler specification
   <b>{$simpleMask}</b> will be used instead.
   </p>',
+  
+            'pf_FORM_TITLE' => 
+        'Configure Port Forwarding',
+        'pf_FIRST_PAGE_DESCRIPTION' => 
+        '<p>
+                You can use this panel to modify your firewall rules so
+                as to open a specific port on this server and forward it
+                to another port on another host.  Doing so will permit
+                incoming traffic to directly access a private host on
+                your LAN.
+            </p>
+            <p>
+                WARNING: Misuse of this feature can seriously compromise the
+                security of your network. Do not use this feature
+                lightly, or without fully understanding the implications
+                of your actions.
+            </p>
+        ',
+        'pf_CREATE_RULE' => 
+        'Create portforwarding rule',
+        'pf_SUMMARY_ADD_DESC' => 
+        'The following summarizes the port-forwarding rule
+            that you are about to add. If you are satisfied with the rule,
+            click the &quot;Add&quot; button. If you are not, click the
+            &quot;Cancel&quot; button.
+        ',
+        'pf_SUMMARY_REMOVE_DESC' => 
+        'The following summarizes the port-forwarding rule
+            that you are about to remove. If you are sure you want to 
+            remove the rule, click the &quot;Remove&quot; button. If not,
+            click the &quot;Cancel&quot; button.
+        ',
+        'pf_SHOW_FORWARDS' => 
+        '
+    Below you will find a table summarizing the current
+            port-forwarding rules installed on this server. Click on the
+            &quot;Remove&quot; link to remove the corresponding rule.
+    ',
+        'pf_NO_FORWARDS' => 
+        'There are currently no forwarded ports on the system.',
+        'pf_CREATE_PAGE_DESCRIPTION' => 
+        '<![CDATA[
+            <p>Select the protocol, the port you wish to forward, the
+                destination host, and the port on the destination host
+                that you wish to forward to. If you wish to specify a port
+                range, enter the lower and upper boundaries separated by a
+                hyphen. The destination port may be left blank, which will
+                instruct the firewall to leave the source port 
+                unaltered.</p>
+            ]]>
+        ',
+        'pf_LABEL_SOURCE_PORT' => 
+        'Source Port(s)',
+        'pf_LABEL_PROTOCOL' => 
+        'Protocol',
+        'pf_LABEL_DESTINATION_PORT' => 
+        'Destination Port(s)',
+        'pf_LABEL_DESTINATION_HOST' => 
+        'Destination Host IP Address',
+        'pf_LABEL_RULE_COMMENT' => 
+        'Rule Comment',
+        'pf_LABEL_ALLOW_HOSTS' => 
+        'Allow Hosts',
+        'pf_Port forwarding' => 
+        'Port forwarding',
+        'pf_SUCCESS' => 
+        'Your change to the port forwarding rules has been
+        successfully saved.
+        ',
+        'pf_RULE_COMMENT' => 
+        'Rule Comment',
+        'pf_ALLOW_HOSTS' => 
+        'Allow Hosts',
+        'pf_ERR_NO_MASQ_RECORD' => 
+        'Cannot retrieve masq record from the configuration
+        database.',
+        'pf_ERR_UNSUPPORTED_MODE' => 
+        'Unsupported mode.',
+        'pf_ERR_CANNOT_REMOVE_NORULE' => 
+        'Cannot remove non-existant rule.',
+        'pf_ERR_NONZERO_RETURN_EVENT' => 
+        'Event returned a non-zero return value.',
+        'pf_ERR_BADPORT' => 
+        'The ports must be a positive integer less than 
+        65536.',
+        'pf_ERR_BADIP' => 
+        'This does not appear to be an IP address. You must use
+        dotted-quad notation, and each of the four numbers should be less
+        than 256. ie: 192.168.0.5',
+        'pf_ERR_DUPRULE' => 
+        'This rule has already been added, it cannot be added
+        twice.',
+        'pf_ERR_PORT_COLLISION' => 
+        '
+            ERROR: This port or port range conflicts with an existing
+            rule. Please modify this new rule, or remove the old rule.
+        ',
+        'pf_ERR_BADAHOST' => 
+        '
+            This does not appear to be a valid IP address list.
+            ie: 192.168.0.1,192.168.1.1/24
+        ',
+        'pf_IN_SERVERONLY' => 
+        '
+            This server is currently in serveronly mode and portforwarding
+    is possible only to localhost.
+        ',
+
+
 
 );
 
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/script/srvmngr.pl smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/script/srvmngr.pl
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/script/srvmngr.pl  2020-04-07 07:05:11.930752095 +0100
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/script/srvmngr.pl      2020-04-07 09:30:58.028331856 +0100
@@ -114,6 +114,16 @@
 $r->post('/localnetworksdel1')->to('localnetworks#do_display')->name('localnetworksdel1');
 $r->get('/localnetworksdel1')->to('localnetworks#do_display')->name('localnetworksdel1');
 
+$r->get('/portforwarding')->to('portforwarding#main')->name('portforwarding');
+$r->post('/portforwarding')->to('portforwarding#do_display')->name('portforwarding');
+$r->post('/portforwardingdel')->to('portforwarding#do_display')->name('portforwardingdel');
+$r->post('/portforwardingadd')->to('portforwarding#do_display')->name('portforwardingadd');
+$r->post('/portforwardingadd1')->to('portforwarding#do_display')->name('portforwardingadd1');
+$r->get('/portforwardingadd1')->to('portforwarding#do_display')->name('portforwardingadd1');
+$r->get('/portforwardingdel')->to('portforwarding#do_display')->name('portforwardingdel');
+$r->post('/portforwardingdel1')->to('portforwarding#do_display')->name('portforwardingdel1');
+$r->get('/portforwardingdel1')->to('portforwarding#do_display')->name('portforwardingdel1');
+
 $r->get('/printers')->to('printers#main')->name('printers');
 $r->post('/printers')->to('printers#do_display')->name('printeradd');
 $r->get('/printers2')->to('printers#do_update')->name('printernet');
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_ln_list.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_ln_list.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_ln_list.html.ep 2020-04-07 07:05:13.512766806 +0100
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_ln_list.html.ep     2020-04-07 06:45:00.000000000 +0100
@@ -50,7 +50,7 @@
                                %=l 'NETWORK'
                                </th>
                                <th class='sme-border'>
-                               %=l 'SUBNET_MASK'
+                               %=l 'ln_SUBNET_MASK'
                                </th>
 
                        <th class='sme-border'>
@@ -78,7 +78,8 @@
                                        %= t td => (class => 'sme-border') => $num_hosts
                                        %= t td => (class => 'sme-border') => $localnetwork->prop('Router')
                                        %  if ($removable eq "yes") {
-                                               <td class='sme-border'><a href="/server-manager2/localnetworksdel?trt=DEL&localnetwork=<%= $localnetwork->key%>"><%=l 'REMOVE'%></a></td>
+                                               <td class='sme-border'>
+                                               <a href="/server-manager2/localnetworksdel?trt=DEL&localnetwork=<%= $localnetwork->key%>"><%=l 'REMOVE'%></a></td>
                                        % } else {
                                                <td class='sme-border'> </td> 
                                        %}
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_add.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_add.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_add.html.ep  1970-01-01 01:00:00.000000000 +0100
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_add.html.ep      2020-04-06 07:01:00.000000000 +0100
@@ -0,0 +1,83 @@
+<div id='pf_add'>
+
+       % my $retref= $c->stash("ret");
+       % my %ret;
+       % unless (length($retref)) {%ret = (ret=>"");}
+       % else {%ret = %$retref;}
+       
+       % my @vars = split(",",$ret{vars});
+       % my $var1 = @vars[0];
+       % my $var2 = @vars[1];
+       % my $var3 = @vars[2];
+       % my $var4 = @vars[3];
+       % my $var5 = @vars[4];
+       % my $var6 = @vars[5];
+
+       %if ($ret{'ret'} eq "") {
+       
+       %} elsif (index($ret{ret},"SUCCESS") != -1) {
+          <div class='success'>
+              <h2> Operation Status Report</h2>
+                       %= $c->l($ret{ret},$var1,$var2,$var3,$var4,$var5,$var6);
+               </div>
+          %} else { 
+          <div class='sme-error'>
+              <h2> Operation Status Report - Error</h2>
+                       %= $c->l($ret{ret},$var1,$var2,$var3,$var4,$var5,$var6);
+       </div>
+       %}
+       <br />
+    % my $btn = l('ADD');
+    
+   % if ($config->{debug} == 1) {
+       <p>
+       %= dumper $c->current_route
+       %= dumper $c->stash("ret")
+       </p>
+    % }
+     
+    %= form_for '/portforwardingadd1' => (method => 'POST') => begin
+               <h2>
+               %=l "pf_CREATE_RULE"
+               </h2>
+                       <p>
+                               %=l "pf_SUMMARY_ADD_DESC"
+                       </p><br>
+                       <span class=label>
+                               %=l "pf_LABEL_PROTOCOL"
+                       </span><span class=data>
+                               %=select_field  'proto'=>["TCP","UDP"]
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_LABEL_SOURCE_PORT"
+                       </span><span class=data>
+                               %=text_field 'sport'
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_LABEL_DESTINATION_PORT"
+                       </span>
+                       <span class=data>
+                               %=text_field 'dport'
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_LABEL_DESTINATION_HOST"
+                       </span>
+                       <span class=data>
+                               %=text_field 'dhost'
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_ALLOW_HOSTS"
+                       </span>
+                       <span class=data>
+                               %=text_field 'allow'
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_RULE_COMMENT"
+                       </span>
+                       <span class=data>
+                               %=text_field 'cmmnt'
+                       </span><br><br>
+               %= submit_button "$btn", class => 'action'
+       %end
+
+</div>
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_del.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_del.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_del.html.ep  1970-01-01 01:00:00.000000000 +0100
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_del.html.ep      2020-04-06 06:25:00.000000000 +0100
@@ -0,0 +1,63 @@
+<div id='ln_del'>
+
+    % my $btn = l('REMOVE');
+    % my $proto = $pf_datas->{proto};
+    % my $sport = $pf_datas->{sport};
+    % my $dport = $pf_datas->{dport};
+    % my $dhost = $pf_datas->{dhost};
+    % my $cmmnt = $pf_datas->{cmmnt};
+    % my $allow = $pf_datas->{allow};
+    
+   % if ($config->{debug} == 1) {
+       <p>
+       %= dumper $c->current_route
+       %= dumper $c->stash("ret")
+    %= dumper %$pf_datas
+       </p>
+    % }
+     
+    %= form_for '/portforwardingdel1' => (method => 'POST') => begin
+        <br>
+               %= l "pf_SUMMARY_REMOVE_DESC"
+                       </p><br>
+                       <span class=label>
+                               %=l "pf_LABEL_PROTOCOL"
+                       </span><span class=data>
+                               %=$proto
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_LABEL_SOURCE_PORT"
+                       </span><span class=data>
+                               %=$sport
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_LABEL_DESTINATION_HOST"
+                       </span>
+                       <span class=data>
+                               %=$dport
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_LABEL_DESTINATION_PORT"
+                       </span>
+                       <span class=data>
+                               %=$dhost
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_RULE_COMMENT"
+                       </span>
+                       <span class=data>
+                               %=$cmmnt
+                       </span><br><br>
+                       <span class=label>
+                               %=l "pf_ALLOW_HOSTS"
+                       </span>
+                       <span class=data>
+                               %=$allow
+                       </span><br><br>
+               %#}
+                       %= hidden_field sport=>$sport
+                       %= hidden_field proto=>$proto
+               %= submit_button "$btn", class => 'action'
+       %end
+
+</div>
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_list.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_list.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_list.html.ep 1970-01-01 01:00:00.000000000 +0100
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/partials/_pf_list.html.ep     2020-04-06 07:35:00.000000000 +0100
@@ -0,0 +1,107 @@
+<div id='pf_list'>
+    % my $btn = l('pf_CREATE_RULE');
+    %= form_for '/portforwardingadd' => (method => 'POST') => begin
+
+       % my $retref= $c->stash("ret");
+       % my %ret;
+       % unless (length($retref)) {%ret = (ret=>"");}
+       % else {%ret = %$retref;}
+ 
+    % my $numtcpforwards = @$tcpforwards;
+       % my $numudpforwards = @$udpforwards;
+
+       % my @vars = split(",",$ret{vars});
+       % my $var1 = @vars[0];
+       % my $var2 = @vars[1];
+       % my $var3 = @vars[2];
+       % my $var4 = @vars[3];
+       % my $var5 = @vars[4];
+       % my $var6 = @vars[5];
+
+
+
+       %if ($ret{ret} eq "") {
+               %=l "pf_FIRST_PAGE_DESCRIPTION"
+       %} elsif (index($ret{ret},"SUCCESS") != -1) {
+          <div class='success'>
+              <h2> Operation Status Report</h2>
+                       %= $c->l($ret{ret},$var1,$var2,$var3,$var4,$var5,$var6);
+               </div>
+          %} else { 
+          <div class='sme-error'>
+              <h2> Operation Status Report - Error</h2>
+                       %= $c->l($ret{ret},$var1,$var2,$var3,$var4,$var5,$var6);
+       </div>
+       %}
+       <br><br>
+       %= submit_button "$btn", class => 'action'
+       <br>
+
+    %  if ($empty){
+            <br>
+                       %=l 'pf_NO_FORWARDS'
+    %  } else {
+        <br>
+               <table class="sme-border"><tbody>
+               <tr>
+                               <th class='sme-border'>
+                               %=l 'pf_LABEL_PROTOCOL'
+                               </th>
+                               <th class='sme-border'>
+                               %=l 'pf_LABEL_SOURCE_PORT'
+                               </th>
+
+                               <th class='sme-border'>
+                               %=l 'pf_LABEL_DESTINATION_HOST'
+                               </th>
+
+                               <th class='sme-border'>
+                               %=l 'pf_LABEL_DESTINATION_PORT'
+                               </th>
+
+                               <th class='sme-border'>
+                               %=l 'pf_ALLOW_HOSTS'
+                               </th>
+
+
+                               <th class='sme-border'>
+                               %=l 'pf_RULE_COMMENT'
+                               </th>
+
+                               <th class='sme-border' '>
+                               %=l 'ACTION'
+                               </th>
+                       </tr>
+
+               % my %forwards = ();
+               % $forwards{TCP} = $tcpforwards;
+               % $forwards{UDP} = $udpforwards;
+
+        % foreach my $proto (sort keys %forwards) {
+
+        %    if (@{ $forwards{$proto} }) {
+        %        foreach my $entry (@{ $forwards{$proto} }) {
+                       <tr>
+        %           my $sport = $entry->key;
+        %           my $dhost = $entry->prop('DestHost');
+        %           my $dport = $entry->prop('DestPort') || '';
+        %           my $cmmnt  = $entry->prop('Comment') || '';
+        %           my $allow  = $entry->prop('AllowHosts') || '';
+               %=                      t td => (class => 'sme-border') => $proto
+               %=                      t td => (class => 'sme-border') => $sport
+               %=                      t td => (class => 'sme-border') => $dhost
+               %=                      t td => (class => 'sme-border') => $dport
+               %=                      t td => (class => 'sme-border') => $allow
+               %=                      t td => (class => 'sme-border') => $cmmnt
+                                               <td class='sme-border'>
+                                               <a href="/server-manager2/portforwardingdel?trt=DEL&sport=<%= $sport%>&proto=<%= $proto%>"><%=l 'REMOVE'%></a></td>
+                       </tr>
+         %       }
+         %   }
+        %}
+               %= hidden_field 'trt' => $pf_datas->{trt}
+       %}
+       </tbody>
+       </table>
+    % end    
+</div>
diff -urN smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/portforwarding.html.ep smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/portforwarding.html.ep
--- smeserver-manager-0.1.0.old/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/portforwarding.html.ep    1970-01-01 01:00:00.000000000 +0100
+++ smeserver-manager-0.1.0/root/etc/e-smith/web/panels/manager2/cgi-bin/srvmngr/themes/default/templates/portforwarding.html.ep        2020-04-05 14:15:00.000000000 +0100
@@ -0,0 +1,32 @@
+% layout 'default', title => "Sme server 2 - Port Forwards", share_dir => './';
+
+% content_for 'module' => begin
+<div id="module">
+
+    % if ($config->{debug} == 1) {
+       <p>
+               %= dumper "<pf>".$c->current_route
+               %= dumper $c->stash("ret")
+               %= dumper $c->stash("portforwarding")
+               %  my $ref = $pf_datas->{portforwarding};
+               %= dumper $ref->{TCP}->[0]."</pf>"
+       </p>
+    % }
+    
+    <h1><%= $title%></h1>
+     %= $modul
+
+    % if ($pf_datas->{trt} eq 'ADD') {
+               %= include 'partials/_pf_add'
+    %} elsif ($pf_datas->{trt} eq 'ADD1') {
+           %= include 'partials/_pf_add'
+    %} elsif ($pf_datas->{trt} eq 'DEL') {
+           %= include 'partials/_pf_del'
+       %} elsif ($pf_datas->{trt} eq 'DEL1'){
+               %= include 'partials/_pf_list'
+       %} else {
+               %= include 'partials/_pf_list'
+       %}
+
+</div>
+%end