diff options
-rw-r--r-- | shorewall-config-html.lsp | 7 | ||||
-rw-r--r-- | shorewall-controller.lua | 329 | ||||
-rw-r--r-- | shorewall-html.lsp | 88 | ||||
-rw-r--r-- | shorewall-model.lua | 8 |
4 files changed, 405 insertions, 27 deletions
diff --git a/shorewall-config-html.lsp b/shorewall-config-html.lsp index 3523ed6..db97aa5 100644 --- a/shorewall-config-html.lsp +++ b/shorewall-config-html.lsp @@ -53,11 +53,9 @@ displayinfo(myform,tags,"viewonly") </DL> -<? local myform = form.config ?> <form name="cmd" action="" method="POST"> +<? local myform = form.config ?> <h1>CONFIGURATION</h1> - - <H2>Advanced configuration</H2> <H3>Parameters</H3> <DL> @@ -76,7 +74,6 @@ displayinfo(myform,tags) </DL> - <H3>Defince zones</H3> <DL> <? @@ -133,7 +130,7 @@ if (cmdform) and (cmdform[tags[1]]) then <? --]] ?> <? ----[[ DEBUG INFORMATION +--[[ DEBUG INFORMATION io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>") io.write(html.cfe_unpack(form)) io.write("</span>") diff --git a/shorewall-controller.lua b/shorewall-controller.lua index b2bc2bb..761500d 100644 --- a/shorewall-controller.lua +++ b/shorewall-controller.lua @@ -1,5 +1,11 @@ module(..., package.seeall) +-- This is the object/text used when we want to add a new record + +require("format") + +local newrecordtxt = "[New]" + local list_redir = function (self) self.conf.action = "status" self.conf.type = "redir" @@ -52,6 +58,254 @@ local function displaycmdsave(self) return cmdsave end +-- ################################################################################ +-- PUBLIC FUNCTIONS + +function edit_records(self,types,record) + local recorddetails = {} + local edit = {} + local config=self.model:getconfig() + + -- Split the record into a table + local recordtable = {} + for word in string.gmatch(record, "%S+") do + table.insert(recordtable, word) + end + + if (types == "params") then + table.insert(edit, cfe({ + name="field1", + value=recordtable[1], + label="Variable name", + })) + if (record == newrecordtxt) then + edit[1]["value"] = "VARIABLE=XXX" + end + end + + if (types == "interfaces") then + + -- Fetch the list of existing interfaces + local interfaceslist = {} +-- local interfaces, int_w_loaded, int_m_loaded = self:new("alpine-baselayout/interfaces") +-- if (int_m_loaded) then +-- interfaceslist = interfaces.worker.read(interfaces) +-- end + + -- Create a cfe-table of the existing records + local fieldnum = 1 + edit[fieldnum] = cfe({ + label="Zone", + name="field".. fieldnum, + value=recordtable[fieldnum], + type="select", + option={}, + debug=interfaceslist, + }) + for k,v in pairs(config.zones_list.option or {}) do + table.insert(edit[fieldnum]["option"], string.match(v, "^%s*(%S*)")) + end + + -- Create a cfe-table of the existing records + local fieldnum = 2 + edit[fieldnum] = cfe({ + label="Interfaces", + name="field".. fieldnum, + value=recordtable[fieldnum], + type="select", + option={}, + }) +-- for k,v in pairs(config.interfaces_list.option or {}) do +-- table.insert(edit[fieldnum]["option"], string.match(v, "^%s*(%S*)")) +-- end + + -- Create a cfe-table of the existing records + local fieldnum = 3 + edit[fieldnum] = cfe({ + label="Broadcast", + name="field".. fieldnum, + value=recordtable[fieldnum], + }) + + -- Create a cfe-table of the existing records + local fieldnum = 4 + edit[fieldnum] = cfe({ + label="Broadcast", + name="field".. fieldnum, + value=recordtable[fieldnum], + }) + end + + -- Display save button + local cmdsave = displaycmdsave() + cmdsave.disabled="yes" -- DEBUGGING + cmdsave.descr="This button is not yet programmed to work" -- DEBUGGING + + -- Display delete button + cmddelete = cfe({ name="cmddelete", + label="Delete this record", + value="Delete", + type="submit", + }) + cmddelete.disabled="yes" -- DEBUGGING + cmddelete.descr="This button is not yet programmed to work" -- DEBUGGING + + if (types == "zones") then + + -- Create a cfe-table of the existing records + local fieldnum = 1 + edit[fieldnum] = cfe({ + label="Zone", + name="field".. fieldnum, + value=recordtable[fieldnum], + }) + + -- Create a cfe-table of the existing records + local fieldnum = 2 + edit[fieldnum] = cfe({ + label="Type", + name="field".. fieldnum, + value=recordtable[fieldnum], + type="select", + option={"ipv4", "ipsec", "firewall",} + }) + -- IF the value is not one of the existing options, then warn and add this option. + for k,v in pairs(edit[fieldnum]["option"]) do + edit[fieldnum]["errtxt"] = "'" .. edit[fieldnum]["value"] .. "' is not a valid option!" + if (tostring(v) == tostring(edit[fieldnum]["value"])) then + edit[fieldnum]["errtxt"] = "" + break + end + end + -- Now add this option to the list (just to show what it was) + if (#edit[fieldnum]["errtxt"] > 0) then + table.insert(edit[fieldnum]["option"], edit[fieldnum]["value"]) + end + + -- Create a cfe-table of the existing records + local fieldnum = 3 + edit[fieldnum] = cfe({ + label="Options", + name="field".. fieldnum, + value=recordtable[fieldnum], + }) + + -- Create a cfe-table of the existing records + local fieldnum = 4 + edit[fieldnum] = cfe({ + label="IN Options", + name="field".. fieldnum, + value=recordtable[fieldnum], + }) + + -- Create a cfe-table of the existing records + local fieldnum = 5 + edit[fieldnum] = cfe({ + label="OUT Options", + name="field".. fieldnum, + value=recordtable[fieldnum], + }) + end + + if (types == "policy") then + + -- Create a cfe-table of the existing records + local fieldnum = 1 + edit[fieldnum] = cfe({ + label="Source zone", + name="field".. fieldnum, + value=recordtable[fieldnum], + type="select", + option=self.model.get_defined_zones(), + }) + table.insert(edit[fieldnum]["option"], "$FW") + table.insert(edit[fieldnum]["option"], "all") + -- IF the value is not one of the existing options, then warn and add this option. + for k,v in pairs(edit[fieldnum]["option"]) do + edit[fieldnum]["errtxt"] = "'" .. edit[fieldnum]["value"] .. "' is not a valid option!" + if (tostring(v) == tostring(edit[fieldnum]["value"])) then + edit[fieldnum]["errtxt"] = "" + break + end + end + -- Now add this option to the list (just to show what it was) + if (#edit[fieldnum]["errtxt"] > 0) then + table.insert(edit[fieldnum]["option"], edit[fieldnum]["value"]) + end + + + -- Create a cfe-table of the existing records + local fieldnum = 2 + edit[fieldnum] = cfe({ + label="Destination zone", + name="field".. fieldnum, + value=recordtable[fieldnum], + type="select", + option=self.model.get_defined_zones(), + }) + table.insert(edit[fieldnum]["option"], "$FW") + table.insert(edit[fieldnum]["option"], "all") + -- IF the value is not one of the existing options, then warn and add this option. + for k,v in pairs(edit[fieldnum]["option"]) do + edit[fieldnum]["errtxt"] = "'" .. edit[fieldnum]["value"] .. "' is not a valid option!" + if (tostring(v) == tostring(edit[fieldnum]["value"])) then + edit[fieldnum]["errtxt"] = "" + break + end + end + -- Now add this option to the list (just to show what it was) + if (#edit[fieldnum]["errtxt"] > 0) then + table.insert(edit[fieldnum]["option"], edit[fieldnum]["value"]) + end + + + -- Create a cfe-table of the existing records + local fieldnum = 3 + edit[fieldnum] = cfe({ + label="Policy", + name="field".. fieldnum, + value=recordtable[fieldnum], + type="select", + option={"ACCEPT","DROP","REJECT","CONTINUE","QUEUE","NONE"} + }) + -- IF the value is not one of the existing options, then warn and add this option. + for k,v in pairs(edit[fieldnum]["option"]) do + edit[fieldnum]["errtxt"] = "'" .. edit[fieldnum]["value"] .. "' is not a valid option!" + if (tostring(v) == tostring(edit[fieldnum]["value"])) then + edit[fieldnum]["errtxt"] = "" + break + end + end + -- Now add this option to the list (just to show what it was) + if (#edit[fieldnum]["errtxt"] > 0) then + table.insert(edit[fieldnum]["option"], edit[fieldnum]["value"]) + end + + -- Create a cfe-table of the existing records + local fieldnum = 4 + edit[fieldnum] = cfe({ + label="Log level", + name="field".. fieldnum, + value=recordtable[fieldnum], + }) + + -- Create a cfe-table of the existing records + local fieldnum = 5 + edit[fieldnum] = cfe({ + label="Burst:Limit", + name="field".. fieldnum, + value=recordtable[fieldnum], + }) + end + + return { + edit=edit, + cmdsave=cmdsave, + cmddelete=cmddelete, + clientdata=clientdata, + } +end + function status(self) return { status=self.model.getstatus() } end @@ -62,17 +316,46 @@ function config(self) -- Redirect if button is pressed if (self.clientdata.params_list_cmd) then - self.conf.action = "edit_params" + self.conf.action = "edit_records" + self.conf.type = "redir" + return edit_records(self,"params", self.clientdata.params_list) + end + + -- Redirect if button is pressed + if (self.clientdata.interfaces_list_cmd) then + self.conf.action = "edit_records" + self.conf.type = "redir" + return edit_records(self,"interfaces", self.clientdata.interfaces_list) + end + + -- Redirect if button is pressed + if (self.clientdata.zones_list_cmd) then + self.conf.action = "edit_records" + self.conf.type = "redir" + return edit_records(self,"zones", self.clientdata.zones_list) + end + + -- Redirect if button is pressed + if (self.clientdata.policies_list_cmd) then + self.conf.action = "edit_records" + self.conf.type = "redir" + return edit_records(self,"policy", self.clientdata.policies_list) + end + + -- Redirect if button is pressed + if (self.clientdata.rules_list_cmd) then + self.conf.action = "edit_records" self.conf.type = "redir" - error (self.conf) + return edit_records(self,"rules", self.clientdata.rules_list) end + -- Add a [New] record to the options - table.insert(config.interfaces_list.option, "[New]") - table.insert(config.zones_list.option, "[New]") - table.insert(config.policies_list.option, "[New]") - table.insert(config.rules_list.option, "[New]") - table.insert(config.params_list.option, "[New]") + table.insert(config.interfaces_list.option, newrecordtxt) + table.insert(config.zones_list.option, newrecordtxt) + table.insert(config.policies_list.option, newrecordtxt) + table.insert(config.rules_list.option, newrecordtxt) + table.insert(config.params_list.option, newrecordtxt) -- Add button config.params_list_cmd = cfe ({ @@ -90,7 +373,7 @@ function config(self) label="Edit above record", value="Edit", type="submit", - disabled="yes", +-- disabled="yes", }) config.interfaces_list_cmd.descr="Mark a item in above list before pressing [" .. config.interfaces_list_cmd.value .. "]" @@ -100,7 +383,7 @@ function config(self) label="Edit above record", value="Edit", type="submit", - disabled="yes", +-- disabled="yes", }) config.zones_list_cmd.descr="Mark a item in above list before pressing [" .. config.zones_list_cmd.value .. "]" @@ -110,7 +393,7 @@ function config(self) label="Edit above record", value="Edit", type="submit", - disabled="yes", +-- disabled="yes", }) config.policies_list_cmd.descr="Mark a item in above list before pressing [" .. config.policies_list_cmd.value .. "]" @@ -121,6 +404,7 @@ function config(self) value="Edit", type="submit", disabled="yes", + errtxt="This button is not yet programmed!", }) config.rules_list_cmd.descr="Mark a item in above list before pressing [" .. config.rules_list_cmd.value .. "]" @@ -132,7 +416,11 @@ function config(self) status=status, config=config, management = management, - + option={ script=ENV["SCRIPT_NAME"], + prefix=self.conf.prefix, + controller = self.conf.controller, + action = "expert", + link = ENV["SCRIPT_NAME"] .. self.conf.prefix .. self.conf.controller, }, clientdata=clientdata, } @@ -158,7 +446,8 @@ function check(self) option={ script=ENV["SCRIPT_NAME"], prefix=self.conf.prefix, controller = self.conf.controller, - action = "expert", }, + action = "expert", + link = ENV["SCRIPT_NAME"] .. self.conf.prefix .. self.conf.controller, }, cmdmanagement = cmdmanagement, management = management, config = config, @@ -186,7 +475,8 @@ function logfile(self) option={ script=ENV["SCRIPT_NAME"], prefix=self.conf.prefix, controller = self.conf.controller, - action = "expert", }, + action = "expert", + link = ENV["SCRIPT_NAME"] .. self.conf.prefix .. self.conf.controller, }, cmdmanagement = cmdmanagement, management = management, config = config, @@ -214,7 +504,8 @@ function expert(self) option={ script=ENV["SCRIPT_NAME"], prefix=self.conf.prefix, controller = self.conf.controller, - action = "expert", }, + action = "expert", + link = ENV["SCRIPT_NAME"] .. self.conf.prefix .. self.conf.controller, }, cmdmanagement = cmdmanagement, management = management, config = config, @@ -251,12 +542,12 @@ function edit(self) -- Display save button config.cmdsave = displaycmdsave() - return { option={ script=ENV["SCRIPT_NAME"], prefix=self.conf.prefix, controller = self.conf.controller, - action = "edit", }, + action = "edit", + link = ENV["SCRIPT_NAME"] .. self.conf.prefix .. self.conf.controller, }, cmdmanagement = cmdmanagement, modifications = modifications, management = management, @@ -268,10 +559,4 @@ function edit(self) end -function edit_params(self) - - return { - status=status, - } -end diff --git a/shorewall-html.lsp b/shorewall-html.lsp new file mode 100644 index 0000000..878e7ac --- /dev/null +++ b/shorewall-html.lsp @@ -0,0 +1,88 @@ +<? local form = ... ?> +<? +--[[ DEBUG INFORMATION +io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>") +io.write(html.cfe_unpack(form)) +io.write("</span>") +--]] +?> + +<? +function displayinfo(myform,tags,viewtype) + for k,v in pairs(tags) do + if (myform[v]) and (myform[v]["value"]) then + local val = myform[v] + io.write("\n\t<DT") + if (#val.errtxt > 0) then + val.class = "error" + io.write(" class='error'") + end + io.write(">" .. val.label .. "</DT>") + io.write("\n\t\t<DD>") + if (viewtype == "viewonly") then + io.write(val.value) + elseif (val.type == "radio") and (type(val.option) == "table") and (#val.option > 0) then + io.write("<span style='display:inline' class='" .. ( val.class or "") .. "'>") + for k1,v1 in pairs(val.option) do + io.write(tostring(v1.label) .. ":") + io.write("<input style='margin-right:20px;margin-left:5px;' type='radio' class='" .. ( val.class or "") .. "' name='" .. val.name .. "'") + if (tostring(val.value) == tostring(v1.value)) then io.write(" checked='yes'") end + io.write(" value='" .. v1.value .. "'>") + end + io.write("</input></span>") + else + io.write(html.form[val.type](val)) + end + if (val.descr) and (#val.descr > 0) then io.write("\n\t\t<P CLASS='descr'>" .. string.gsub(val.descr, "\n", "<BR>") .. "</P>") end + if (#val.errtxt > 0) then io.write("\n\t\t<P CLASS='error'>" .. string.gsub(val.errtxt, "\n", "<BR>") .. "</P>") end + io.write("\n\t\t</DD>\n") + end + end +end +?> + +<? +function displayinfo_special(myform) + for k,v in pairs(myform) do + if (v) and (v["value"]) then + io.write("\n\t<DT") + if (#v.errtxt > 0) then + v.class = "error" + io.write(" class='error'") + end + io.write(">" .. v.label .. "</DT>") + io.write("\n\t\t<DD>") + io.write(html.form[v.type](v)) + if (v.descr) and (#v.descr > 0) then io.write("\n\t\t<P CLASS='descr'>" .. string.gsub(v.descr, "\n", "<BR>") .. "</P>") end + if (#v.errtxt > 0) then io.write("\n\t\t<P CLASS='error'>" .. string.gsub(v.errtxt, "\n", "<BR>") .. "</P>") end + io.write("\n\t\t</DD>\n") + end + end +end +?> + + +<H1>EDIT PROPERTIES</H1> +<DL> +<? +local myform = form.edit +displayinfo_special(myform) +?> + +<? + +local tags = {"cmdsave", "cmddelete", } +local myform = form +displayinfo(myform,tags) +?> + +</DL> + +<? +--[[ DEBUG INFORMATION +io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>") +io.write(html.cfe_unpack(form)) +io.write("</span>") +--]] +?> + diff --git a/shorewall-model.lua b/shorewall-model.lua index 081f842..0375b06 100644 --- a/shorewall-model.lua +++ b/shorewall-model.lua @@ -141,6 +141,14 @@ function configcheck () return check end +function get_defined_zones () + local output = {} + for k,v in pairs(read_config("zones")) do + table.insert(output, string.match(v, "^%s*(%S*)")) + end + return output +end + function getlogfile () local logfile = {} local cmdaction = "cat /var/log/messages | grep Shorewall" |