2 # Actually do a restore
4 require './itsecur-lib.pl';
5 &can_edit_error("restore");
6 &error_setup($text{'restore_err'});
10 if (!$in{'src_def'}) {
12 $in{'src'} .= "/firewall.zip";
14 -r $in{'src'} || &error_cleanup($text{'restore_esrc'});
18 $in{'file'} || &error_cleanup($text{'restore_efile'});
21 print FILE $in{'file'};
24 if (!$in{'pass_def'}) {
25 $in{'pass'} || &error_cleanup($text{'backup_epass'});
27 @what = split(/\0/, $in{'what'});
28 @what || &error_cleanup($text{'restore_ewhat'});
29 %what = map { $_, 1 } @what;
31 # Extract the zip file
32 $tempdir = &tempname();
33 mkdir($tempdir, 0700);
34 $pass = $in{'pass_def'} ? undef : "-P '$in{'pass'}'";
35 $out = &backquote_logged("(cd $tempdir && unzip $pass '$file') 2>&1 </dev/null");
36 &error_cleanup($text{'restore_epass2'}) if ($? && $out =~ /password/ &&
38 &error_cleanup($text{'restore_epass'}) if ($? && $out =~ /password/);
39 &error_cleanup($text{'restore_etar'}) if ($?);
41 # Work out the new state
42 @rules = &list_rules(&if_exists("rules"));
43 @services = &list_services(&if_exists("services"));
44 @groups = &list_groups(&if_exists("groups"));
45 ($natiface, @nats) = &get_nat(&if_exists("nat"));
46 @pats = &get_pat(&if_exists("pat"));
47 ($spoofiface, @spoofs) = &get_spoof(&if_exists("spoof"));
48 ($flood, $spoof) = &get_syn(&if_exists("syn"));
49 @times = &list_times(&if_exists("times"));
51 # Ensure that the new state would be consistent
52 %groups = map { $_->{'name'}, $_ } @groups;
53 %services = map { $_->{'name'}, $_ } @services;
54 %times = map { $_->{'name'}, $_ } @times;
56 foreach $g (split(/\s+/, $r->{'source'}), split(/\s+/, $r->{'dest'})) {
57 if ($g =~ /^\!?\@(.*)$/ && !$groups{$1}) {
58 push(@cerrs, &text('restore_egroup', "$1",
62 foreach $s (split(/,/, $r->{'service'})) {
63 if ($s ne "*" && !$services{$s}) {
64 push(@cerrs, &text('restore_eservice', $s,
68 if ($r->{'time'} ne "*" && !$times{$r->{'time'}}) {
69 push(@cerrs, &text('restore_etime', $r->{'time'},
74 if (!ref($n) && $n =~ /^\!?(.*)$/ && !$groups{$1}) {
75 push(@cerrs, &text('restore_enat', $1));
79 if (!$services{$p->{'service'}}) {
80 push(@cerrs, &text('restore_epat', $p->{'service'}));
84 if (!ref($n) && $n =~ /^\!?(.*)$/ && !$groups{$1}) {
85 push(@cerrs, &text('restore_enat', $1));
90 &header($text{'restore_title'}, "",
91 undef, undef, undef, undef, &apply_button());
94 print "<p>$text{'restore_cerr'}<br>\n";
102 &footer("", $text{'index_return'});
106 # Copy to the config directory
108 &lock_itsecur_files();
111 # Copy ipsec config to proper location
112 if (&has_ipsec() && -r "$tempdir/ipsec.conf") {
113 &lock_file($ipsec::config{'file'});
114 &lock_file($ipsec::config{'secrets'});
115 system("cp $tempdir/ipsec.conf $ipsec::config{'file'}");
116 system("cp $tempdir/ipsec.secrets $ipsec::config{'secrets'}");
117 &unlock_file($ipsec::config{'file'});
118 &unlock_file($ipsec::config{'secrets'});
121 elsif ($w eq "users") {
122 # Copy Webmin user files
123 &lock_file("$config_directory/miniserv.users");
124 &lock_file("$config_directory/webmin.acl");
125 system("cp $tempdir/miniserv.users $config_directory/miniserv.users");
126 system("cp $tempdir/webmin.acl $config_directory/webmin.acl");
127 foreach $a (glob("$tempdir/*.acl")) {
130 if ($fn ne "webmin.acl") {
131 &lock_file("$module_config_directory/$fn");
132 system("cp $a $module_config_directory/$fn");
133 &unlock_file("$module_config_directory/$fn");
136 &unlock_file("$config_directory/miniserv.users");
137 &unlock_file("$config_directory/webmin.acl");
140 elsif ($w eq "searches") {
141 # Copy searches directory
142 mkdir($searches_directory, 0755);
143 system("cp $tempdir/searches/* $searches_directory >/dev/null 2>&1");
145 elsif ($w eq "config") {
146 # Update module config - except system type
148 &read_file("$tempdir/config", \%newconfig);
149 $newconfig{'type'} = $config{'type'};
150 &write_file("$module_config_directory/config", \%newconfig);
153 if (-r "$tempdir/$w") {
154 system("cp $tempdir/$w $module_config_directory");
158 &unlock_itsecur_files();
161 &header($text{'restore_title'}, "",
162 undef, undef, undef, undef, &apply_button());
165 print "<p>",&text('restore_done'),"<p>\n";
169 &footer("", $text{'index_return'});
170 &remote_webmin_log("restore", undef, $in{'src_def'} ? undef : $in{'src'});
180 unlink($file) if ($in{'src_def'});
181 system("rm -rf $tempdir") if ($tempdir);
186 return -r "$tempdir/$_[0]" && $what{$_[0]} ? "$tempdir/$_[0]" : undef;