Skip to content

Commit 7369d6b

Browse files
serghey-rodinserghey-rodin
committed
firewall web interface
1 parent ce86649 commit 7369d6b

8 files changed

Lines changed: 599 additions & 0 deletions

File tree

web/add/firewall/index.php

Lines changed: 76 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,76 @@
1+
<?php
2+
// Init
3+
error_reporting(NULL);
4+
ob_start();
5+
session_start();
6+
$TAB = 'FIREWALL';
7+
8+
// Main include
9+
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
10+
11+
// Check user
12+
if ($_SESSION['user'] != 'admin') {
13+
header("Location: /list/user");
14+
exit;
15+
}
16+
17+
// Check POST request
18+
if (!empty($_POST['ok'])) {
19+
20+
// Check empty fields
21+
if (empty($_POST['v_action'])) $errors[] = __('action');
22+
if (empty($_POST['v_protocol'])) $errors[] = __('protocol');
23+
if (empty($_POST['v_port'])) $errors[] = __('port');
24+
if (empty($_POST['v_ip'])) $errors[] = __('ip address');
25+
if (!empty($errors[0])) {
26+
foreach ($errors as $i => $error) {
27+
if ( $i == 0 ) {
28+
$error_msg = $error;
29+
} else {
30+
$error_msg = $error_msg.", ".$error;
31+
}
32+
}
33+
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
34+
}
35+
36+
// Protect input
37+
$v_action = escapeshellarg($_POST['v_action']);
38+
$v_protocol = escapeshellarg($_POST['v_protocol']);
39+
$v_port = str_replace(" ",",", $_POST['v_port']);
40+
$v_port = preg_replace('/\,+/', ',', $v_port);
41+
$v_port = trim($v_port, ",");
42+
$v_port = escapeshellarg($v_port);
43+
$v_ip = escapeshellarg($_POST['v_ip']);
44+
$v_comment = escapeshellarg($_POST['v_comment']);
45+
46+
// Add firewall rule
47+
if (empty($_SESSION['error_msg'])) {
48+
exec (VESTA_CMD."v-add-sys-firewall-rule ".$v_action." ".$v_protocol." ".$v_port." ".$v_ip." ".$v_comment, $output, $return_var);
49+
check_return_code($return_var,$output);
50+
unset($output);
51+
}
52+
53+
// Flush field values on success
54+
if (empty($_SESSION['error_msg'])) {
55+
$_SESSION['ok_msg'] = __('RULE_CREATED_OK');
56+
unset($v_port);
57+
unset($v_ip);
58+
unset($v_comment);
59+
}
60+
}
61+
62+
// Header
63+
include($_SERVER['DOCUMENT_ROOT'].'/templates/header.html');
64+
65+
// Panel
66+
top_panel($user,$TAB);
67+
68+
// Display body
69+
include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/add_firewall.html');
70+
71+
// Flush session messages
72+
unset($_SESSION['error_msg']);
73+
unset($_SESSION['ok_msg']);
74+
75+
// Footer
76+
include($_SERVER['DOCUMENT_ROOT'].'/templates/footer.html');

web/bulk/firewall/index.php

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
<?php
2+
// Init
3+
error_reporting(NULL);
4+
ob_start();
5+
session_start();
6+
7+
// Main include
8+
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
9+
10+
// Check user
11+
if ($_SESSION['user'] != 'admin') {
12+
header("Location: /list/user");
13+
exit;
14+
}
15+
16+
17+
$rule = $_POST['rule'];
18+
$action = $_POST['action'];
19+
20+
switch ($action) {
21+
case 'delete': $cmd='v-delete-sys-firewall-rule';
22+
break;
23+
case 'suspend': $cmd='v-suspend-sys-firewall-rule';
24+
break;
25+
case 'unsuspend': $cmd='v-unsuspend-sys-firewall-rule';
26+
break;
27+
default: header("Location: /list/firewall/"); exit;
28+
}
29+
30+
foreach ($rule as $value) {
31+
$value = escapeshellarg($value);
32+
exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
33+
$restart = 'yes';
34+
}
35+
36+
header("Location: /list/firewall/");

web/delete/firewall/index.php

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
<?php
2+
// Init
3+
error_reporting(NULL);
4+
ob_start();
5+
session_start();
6+
7+
// Main include
8+
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
9+
10+
// Check user
11+
if ($_SESSION['user'] != 'admin') {
12+
header("Location: /list/user");
13+
exit;
14+
}
15+
16+
if (!empty($_GET['rule'])) {
17+
$v_rule = escapeshellarg($_GET['rule']);
18+
exec (VESTA_CMD."v-delete-sys-firewall-rule ".$v_rule, $output, $return_var);
19+
}
20+
check_return_code($return_var,$output);
21+
unset($output);
22+
23+
$back = $_SESSION['back'];
24+
if (!empty($back)) {
25+
header("Location: ".$back);
26+
exit;
27+
}
28+
29+
header("Location: /list/firewall/");
30+
exit;

web/edit/firewall/index.php

Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
<?php
2+
// Init
3+
error_reporting(NULL);
4+
ob_start();
5+
session_start();
6+
$TAB = 'FIREWALL';
7+
8+
// Main include
9+
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
10+
11+
// Check user
12+
if ($_SESSION['user'] != 'admin') {
13+
header("Location: /list/user");
14+
exit;
15+
}
16+
17+
// Check ip argument
18+
if (empty($_GET['rule'])) {
19+
header("Location: /list/firewall/");
20+
exit;
21+
}
22+
23+
// List rule
24+
$v_rule = escapeshellarg($_GET['rule']);
25+
exec (VESTA_CMD."v-list-sys-firewall-rule ".$v_rule." 'json'", $output, $return_var);
26+
check_return_code($return_var,$output);
27+
$data = json_decode(implode('', $output), true);
28+
unset($output);
29+
30+
// Parse rule
31+
$v_rule = $_GET['rule'];
32+
$v_action = $data[$v_rule]['ACTION'];
33+
$v_protocol = $data[$v_rule]['PROTOCOL'];
34+
$v_port = $data[$v_rule]['PORT'];
35+
$v_ip = $data[$v_rule]['IP'];
36+
$v_comment = $data[$v_rule]['COMMENT'];
37+
$v_date = $data[$v_rule]['DATE'];
38+
$v_time = $data[$v_rule]['TIME'];
39+
$v_suspended = $data[$v_rule]['SUSPENDED'];
40+
if ( $v_suspended == 'yes' ) {
41+
$v_status = 'suspended';
42+
} else {
43+
$v_status = 'active';
44+
}
45+
46+
// Check POST request
47+
if (!empty($_POST['save'])) {
48+
$v_rule = escapeshellarg($_GET['rule']);
49+
$v_action = escapeshellarg($_POST['v_action']);
50+
$v_protocol = escapeshellarg($_POST['v_protocol']);
51+
$v_port = escapeshellarg($_POST['v_port']);
52+
$v_ip = escapeshellarg($_POST['v_ip']);
53+
$v_comment = escapeshellarg($_POST['v_comment']);
54+
55+
// Change Status
56+
exec (VESTA_CMD."v-change-sys-firewall-rule ".$v_rule." ".$v_action." ".$v_protocol." ".$v_port." ".$v_ip." ".$v_comment, $output, $return_var);
57+
check_return_code($return_var,$output);
58+
unset($output);
59+
60+
$v_rule = $_GET['v_rule'];
61+
$v_action = $_POST['v_action'];
62+
$v_protocol = $_POST['v_protocol'];
63+
$v_port = $_POST['v_port'];
64+
$v_ip = $_POST['v_ip'];
65+
$v_comment = $_POST['v_comment'];
66+
67+
// Set success message
68+
if (empty($_SESSION['error_msg'])) {
69+
$_SESSION['ok_msg'] = __('Changes has been saved.');
70+
}
71+
}
72+
73+
// Header
74+
include($_SERVER['DOCUMENT_ROOT'].'/templates/header.html');
75+
76+
// Panel
77+
top_panel($user,$TAB);
78+
79+
// Display body
80+
include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/edit_firewall.html');
81+
82+
// Flush session messages
83+
unset($_SESSION['error_msg']);
84+
unset($_SESSION['ok_msg']);
85+
86+
// Footer
87+
include($_SERVER['DOCUMENT_ROOT'].'/templates/footer.html');

web/list/firewall/index.php

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
<?php
2+
session_start();
3+
4+
$TAB = 'FIREWALL';
5+
6+
// Main include
7+
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
8+
9+
// Check user
10+
if ($_SESSION['user'] != 'admin') {
11+
header("Location: /list/user");
12+
exit;
13+
}
14+
15+
// Header
16+
include($_SERVER['DOCUMENT_ROOT'].'/templates/header.html');
17+
18+
// Panel
19+
top_panel($user,$TAB);
20+
21+
// Data
22+
exec (VESTA_CMD."v-list-sys-firewall json", $output, $return_var);
23+
$data = json_decode(implode('', $output), true);
24+
$data = array_reverse($data, true);
25+
unset($output);
26+
include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_firewall.html');
27+
28+
// Back uri
29+
$_SESSION['back'] = $_SERVER['REQUEST_URI'];
30+
31+
// Footer
32+
include($_SERVER['DOCUMENT_ROOT'].'/templates/footer.html');
33+

web/templates/admin/add_firewall.html

Lines changed: 121 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,121 @@
1+
<?php
2+
$back = $_SESSION['back'];
3+
if (empty($back)) {
4+
$back = "location.href='/list/firewall/'";
5+
} else {
6+
$back = "location.href='".$back."'";
7+
}
8+
?>
9+
<table class="submenu">
10+
<tr>
11+
<td style="padding: 20px 10px;" ><a class="name"><b><?php print __('Adding Firewall Rule');?></b></a>
12+
<?php
13+
if (!empty($_SESSION['error_msg'])) {
14+
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
15+
} else {
16+
if (!empty($_SESSION['ok_msg'])) {
17+
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
18+
}
19+
}
20+
?>
21+
</td>
22+
</tr>
23+
</table>
24+
</div>
25+
26+
<form id="vstobjects" name="v_add_ip" method="post">
27+
<script type="text/javascript">
28+
function elementHideShow(elementToHideOrShow) {
29+
var el = document.getElementById(elementToHideOrShow);
30+
if (el.style.display == "block") {
31+
el.style.display = "none";
32+
} else {
33+
el.style.display = "block";
34+
}
35+
}
36+
</script>
37+
38+
<table class='data'>
39+
<tr class="data-add">
40+
<td class="data-dotted">
41+
<table class="data-col1">
42+
<tr><td></td></tr>
43+
</table>
44+
</td>
45+
<td class="data-dotted">
46+
<table class="data-col2" width="600px">
47+
<tr>
48+
<td class="vst-text step-top">
49+
<?php print __('Action') ?>
50+
</td>
51+
</tr>
52+
<tr>
53+
<td>
54+
<select class="vst-list" name="v_action">
55+
<option value="DROP" <?php if ((!empty($v_action)) && ( $v_action == "'DROP'" )) echo 'selected'?>><?php print __('DROP') ?></option>
56+
<option value="ACCEPT" <?php if ((!empty($v_action)) && ( $v_action == "'ACCEPT'" )) echo 'selected'?>><?php print __('ACCEPT') ?></option>
57+
</select>
58+
</td>
59+
</tr>
60+
<tr>
61+
<td class="vst-text input-label">
62+
<?php print __('Protocol') ?>
63+
</td>
64+
</tr>
65+
<tr>
66+
<td>
67+
<select class="vst-list" name="v_protocol">
68+
<option value="TCP" <?php if ((!empty($v_protocol)) && ( $v_protocol == "'TCP'" )) echo 'selected'?>><?php print __('TCP') ?></option>
69+
<option value="UDP" <?php if ((!empty($v_protocol)) && ( $v_protocol == "'UDP'" )) echo 'selected'?>><?php print __('UDP') ?></option>
70+
<option value="ICMP" <?php if ((!empty($v_protocol)) && ( $v_protocol == "'ICMP'" )) echo 'selected'?>><?php print __('ICMP') ?></option>
71+
</select>
72+
</td>
73+
</tr>
74+
75+
76+
<tr>
77+
<td class="vst-text input-label">
78+
<?php print __('Port');?> <span class="optional">(<?php print __('ranges are acceptable');?>)</span>
79+
</td>
80+
</tr>
81+
<tr>
82+
<td>
83+
<input type="text" size="20" class="vst-input" name="v_port" <?php if (!empty($v_port)) echo "value=".$v_port; ?>>
84+
</td>
85+
</tr>
86+
<tr>
87+
<td class="vst-text input-label">
88+
<?php print __('IP Address');?> <span class="optional">(<?php print __('CDIR format is supported');?>)</span>
89+
</td>
90+
</tr>
91+
<tr>
92+
<td>
93+
<input type="text" size="20" class="vst-input" name="v_ip" <?php if (!empty($v_ip)) echo "value=".$v_ip; ?>>
94+
</td>
95+
</tr>
96+
<tr>
97+
<td class="vst-text input-label">
98+
<?php print __('Comment');?> <span class="optional">(<?php print __('optional');?>)</span>
99+
</td>
100+
</tr>
101+
<tr>
102+
<td>
103+
<input type="text" size="20" class="vst-input" name="v_comment" maxlength="8" <?php if (!empty($v_comment)) echo "value=".$v_comment; ?>>
104+
</td>
105+
</tr>
106+
107+
</table>
108+
<table class="data-col2">
109+
<tr>
110+
<td class="step-top" width="116px">
111+
<input type="submit" name="ok" value="<?php print __('Add');?>" class="button">
112+
</td>
113+
<td class="step-top">
114+
<input type="button" class="button" value="<?php print __('Back');?>" onclick="<?php echo $back ?>">
115+
</td>
116+
</tr>
117+
</table>
118+
</td>
119+
</tr>
120+
</table>
121+
</from>

0 commit comments

Comments
 (0)