inserimento gestione utenze VPN

firewall/firewall_library.php

@@ -2,10 +2,11 @@
 function genera () {
 
 //	$file_in	= 	"/etc/sysconfig/scripts/SuSEfirewall2-custom"; 
-	$file_in	= 	"tmp/fw.new";
+//	$file_in	= 	"tmp/fw.new";
-	$file_out 	= 	"tmp/fw.new";
+//	$file_out 	= 	"tmp/fw.new";
+	$FW_conf = carica_conf ("Firewall");
 
-	$FW 		= file ($file_in);
+	$FW 		= file ($FW_conf['file_in']);
 	$prima 		= array ();
 	$dopo 		= array ();
 	$vecchie_u 	= array ();
@@ -51,16 +52,15 @@ function genera () {
 		elimina ($regola);
 	}
 
-
 	$new = array_merge($prima,$nuove_ext[1], $dopo);
-	file_put_contents ($file_out, $new, LOCK_EX);
+	file_put_contents ($FW_conf['file_out'], $new, LOCK_EX);
-
+	$comando = "sudo cp ".$FW_conf['file_out']." ".$FW_conf['file_in'];
+	exec ($comando);
 }
 
 function genera_ext () {
-	global $UTENTE, $DB_ID, $CONF;
+	global $UTENTE, $DB_ID, $CONF, $FW_conf;
 
-	$FW_conf = carica_conf ("Firewall");
 
 	$query = "	SELECT
 				firewall_versoesterno_regole.id,

firewall/firewall_vpn.php

@@ -0,0 +1,104 @@
+<?php
+include_once ("../core/config.php");
+$UTENTE = login();
+$DIRITTI = diritti('Admin');
+view_top();
+$FW_conf = carica_conf ("Firewall");
+
+if (isset($_POST['utenza'])) {
+	$utenza 		= 	$_POST['utenza'];
+	list($tipo, $ip) 	= 	explode(" ", $_POST['ip']);
+
+	$query = "	INSERT INTO
+				firewall_vpn
+			SET
+				utenza = '$utenza',
+				ip = '$ip',
+				tipo = '$tipo',
+				data = NOW(),
+				attivo = 1
+	";
+	$res = mysql_query( $query, $DB_ID );
+}
+
+$query = "	SELECT
+			ip
+		FROM
+			firewall_vpn
+";
+$res_ip = mysql_query( $query, $DB_ID );
+while( $row = mysql_fetch_assoc( $res_ip) ) { $listaip[] = $row['ip']; }
+
+$tabella = new html (0,"90%",array(3,3,2,15,2,15,2,15,0));
+?>
+<form name="" method="post">
+	<tr>
+		<td rowspan=2 colspan=2 class="spazioh"><input type="image" src="<?php print $CONF['base_url'] ?>/img/addresource.png" border="0" alt="Inserisci" /></td>
+		<td rowspan=2 class="spaziov"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="descrizione">Utenza</td>
+		<td rowspan=2 class="spaziov"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="descrizione">Accesso VPN</td>
+		<td rowspan=2 colspan=3 class="spaziov"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+	</tr>
+	<tr>
+		<td class="colip"><input type="text" size="14" name="utenza"></td>
+		<td class="colip">
+			<select name="ip">
+				<option value="" selected="selected">---</option>
+<?php for ($i = ip2long($FW_conf['OVPN_min']); $i <= ip2long($FW_conf['OVPN_max']); $i++ ) { 
+	if (in_array(long2ip($i), $listaip) ) continue; ?>
+				<option value="OpenVPN <?php print long2ip($i) ?>">OpenVPN <?php print long2ip($i) ?></option>
+<?php } 
+for ($i = ip2long($FW_conf['PPTP_min']); $i <= ip2long($FW_conf['PPTP_max']); $i++ ) { 
+	if (in_array(long2ip($i), $listaip) ) continue; ?>
+				<option value="PPTP <?php print long2ip($i) ?>">PPTP <?php print long2ip($i) ?></option>
+<?php } ?>
+			</select>
+		</td>
+	</tr>
+</form>
+<?php
+$tabella->riga();
+$query = "	SELECT 
+			id,
+			utenza,
+			tipo,
+			ip,
+			DATE_FORMAT(data, '%d.%m.%Y %H:%i:%s') AS data,
+			attivo
+		FROM 
+			firewall_vpn
+		ORDER BY
+			utenza
+	";
+
+$res = mysql_query( $query, $DB_ID );
+while ($dato = mysql_fetch_array ( $res )) {
+?>
+	<tr>
+		<td rowspan=2 class="col3btn">
+<?php	if ($dato['attivo']) { ?>
+		<a href="firewall_gest.php?azione=regolaext_down&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/attivo.gif" ALT="Regola attiva" TITLE="Regola attiva"></a>
+<?php	} else { ?>
+		<a href="firewall_gest.php?azione=regolaext_up&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/non_attivo.gif" ALT="Regola non attiva" TITLE="Regola non attiva"></a>
+<?php	} ?>
+		</td>
+		<td rowspan=2 class="spazioh"><a href="firewall_gest.php?azione=regolaext_rm&id=<?php print $dato['id']?>"><img src="<?php print $CONF['base_url'] ?>/img/trash.png"></a></td>
+		<td rowspan=2 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td rowspan=2 class="descrizione"><?php print $dato['utenza'] ?></td>
+		<td rowspan=2 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td class="descrizione"><?php print $dato['tipo'] ?></td>
+		<td rowspan=2 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		<td rowspan=2 class="descrizione"><?php print $dato['data'] ?></td>
+		<td rowspan=2 class="spazioh"><img src="<?php print $CONF['base_url'] ?>/img/spazio.gif"></td>
+		</td>
+	</tr>
+	<tr>
+		<td class="textl"><?php print $dato['ip'] ?></td>
+	</tr>
+<?php
+$tabella->riga();
+} 
+$tabella->close();
+view_footer(); 
+?>

firewall/tmp/fw.new

@@ -1,16 +1,16 @@
 fw_custom_after_chain_creation() {
 
 	# REGOLE DINAMICHE
-### START REGOLA-U1  ###
+### START REGOLA-U1 PERMANENTE ###
 iptables -N REGOLA-U1
-iptables -I REGOLA-U1 -p tcp -o bond0 -s 192.168.1.1 --sport 25 -d 151.1.219.70 --dport 443 -j ACCEPT
+iptables -I REGOLA-U1 -p tcp -o  -s 192.168.1.1 --sport 25 -d 151.1.219.70 --dport 443 -j ACCEPT
-iptables -I REGOLA-U1 -p tcp -i bond0 -d 192.168.1.1 --dport 25 -s 151.1.219.70 --sport 443 -j ACCEPT
+iptables -I REGOLA-U1 -p tcp -i  -d 192.168.1.1 --dport 25 -s 151.1.219.70 --sport 443 -j ACCEPT
 iptables -I FORWARD -j REGOLA-U1
-### STOP REGOLA-U1  ###
+### STOP REGOLA-U1 PERMANENTE ###
 ### START REGOLA-U3  ###
 iptables -N REGOLA-U3
-iptables -I REGOLA-U3 -p udp -o bond0 -s 192.168.1.3 --sport 45 -d 151.1.219.70 --dport 6754 -j ACCEPT
+iptables -I REGOLA-U3 -p udp -o  -s 192.168.1.3 --sport 45 -d 151.1.219.70 --dport 6754 -j ACCEPT
-iptables -I REGOLA-U3 -p udp -i bond0 -d 192.168.1.3 --dport 45 -s 151.1.219.70 --sport 6754 -j ACCEPT
+iptables -I REGOLA-U3 -p udp -i  -d 192.168.1.3 --dport 45 -s 151.1.219.70 --sport 6754 -j ACCEPT
 iptables -I FORWARD -j REGOLA-U3
 ### STOP REGOLA-U3  ###
 	# FINE REGOLE DINAMICHE