frox/save_acl.cgi

   1 #!/usr/local/bin/perl
   2 # Save access control options
   3
   4 require './frox-lib.pl';
   5 &ReadParse();
   6 &error_setup($text{'acl_err'});
   7 $conf = &get_config();
   8
   9 &save_opt_textbox($conf, "Timeout", \&check_timeout);
  10 &save_opt_textbox($conf, "MaxForks", \&check_forks);
  11 &save_opt_textbox($conf, "MaxForksPerHost", \&check_forks);
  12 &save_opt_textbox($conf, "MaxTransferRate", \&check_rate);
  13 &save_yesno($conf, "DoNTP");
  14 &save_opt_textbox($conf, "NTPAddress", \&check_ntp);
  15
  16 for($i=0; defined($in{"action_$i"}); $i++) {
  17         next if (!$in{"action_$i"});
  18         local @val;
  19         push(@val, $in{"action_$i"});
  20         if ($in{"src_${i}_def"}) {
  21                 push(@val, "*");
  22                 }
  23         else {
  24                 &valid_srcdest($in{"src_$i"}) ||
  25                         &error(&text('acl_esrc', $i+1));
  26                 push(@val, $in{"src_$i"});
  27                 }
  28         push(@val, "-");
  29         if ($in{"dest_${i}_def"}) {
  30                 push(@val, "*");
  31                 }
  32         else {
  33                 &valid_srcdest($in{"dest_$i"}) ||
  34                         &error(&text('acl_edest', $i+1));
  35                 push(@val, $in{"dest_$i"});
  36                 }
  37         if (!$in{"ports_${i}_def"}) {
  38                 foreach $p (split(/,/, $in{"ports_$i"})) {
  39                         $p =~ /^\d+$/ || $p =~ /^\d+\-\d+$/ ||
  40                                 &error(&text('acl_eports', $i+1));
  41                         }
  42                 push(@val, $in{"ports_$i"});
  43                 }
  44         push(@acl, join(" ", @val));
  45         }
  46 @acl || &error($text{'acl_enone'});
  47 &save_directive($conf, "ACL", \@acl);
  48
  49 &lock_file($config{'frox_conf'});
  50 &flush_file_lines();
  51 &unlock_file($config{'frox_conf'});
  52 &webmin_log("acl");
  53 &redirect("");
  54
  55 sub check_timeout
  56 {
  57 return $_[0] =~ /^\d+$/ ? undef : $text{'acl_etimeout'};
  58 }
  59
  60 sub check_forks
  61 {
  62 return $_[0] =~ /^\d+$/ ? undef : $text{'acl_eforks'};
  63 }
  64
  65 sub check_rate
  66 {
  67 return $_[0] =~ /^\d+$/ ? undef : $text{'acl_erate'};
  68 }
  69
  70 sub check_ntp
  71 {
  72 return $_[0] =~ /^(\S+):(\d+)$/ && &to_ipaddress("$1") ? undef
  73                                                      : $text{'acl_entp'};
  74 }
  75
  76
  77 sub valid_srcdest
  78 {
  79 return &to_ipaddress($_[0]) ||
  80            ($_[0] =~ /^([0-9\.]+)\/(\d+)$/ &&
  81             &check_ipaddress($1) && $2 > 0 && $2 <= 32) ||
  82            ($_[0] =~ /^([0-9\.]+)\/([0-9\.]+)$/ &&
  83             &check_ipaddress($1) && &check_ipaddress($2));
  84 }
  85