diff options
| -rw-r--r-- | shorewall-controller.lua | 113 | ||||
| -rw-r--r-- | shorewall-edit-html.lsp | 28 | ||||
| -rw-r--r-- | shorewall-list-html.lsp | 10 | ||||
| -rw-r--r-- | shorewall-model.lua | 60 | ||||
| -rw-r--r-- | shorewall-module.lua | 4 | ||||
| -rw-r--r-- | shorewall-read-html.lsp | 67 |
6 files changed, 139 insertions, 143 deletions
diff --git a/shorewall-controller.lua b/shorewall-controller.lua index 34bbc11..0b9b3ac 100644 --- a/shorewall-controller.lua +++ b/shorewall-controller.lua @@ -1,114 +1,33 @@ module(..., package.seeall) -local list_redir = function(self) - self.conf.action = "read" - self.conf.type = "redir" - error(self.conf) +-- Cause an http redirect to our "read" action +-- We use the self.conf table because it already has prefix,controller,etc +-- The redir code is defined in the application error handler (acf-controller) +local list_redir = function (self) + self.conf.action = "read" + self.conf.type = "redir" + error (self.conf) end -local cfgfile -local service - mvc={} mvc.on_load = function(self, parent) - cfgfile = self:new("cfgfile") - service = self:new("service") - if (self.worker[self.conf.action] == nil) or (self.conf.action == "init") then - self.worker[self.conf.action] = list_redir(self) - end + if (self.worker[self.conf.action] == nil ) or ( self.conf.action == "init" ) then + self.worker[self.conf.action] = list_redir(self) + end end --- Public methods --- <prefix>/hostname/get -local function getNotes(self) - ret = {} - for k,v in pairs(cfgfile.model:list(nil)) do - if v.status then - ret[#ret + 1] = { - content = "There are some configuration changes. Please do not forget to save." - } - break - end - end - return ret -end read = function(self) - return { - list=cfgfile.model:list(function(x) return x.app == "firewall" end), - script=ENV["SCRIPT_NAME"], - prefix=self.conf.prefix, - controller=self.conf.controller, - action="update", - note=getNotes(self), - } + return ( {programstats = self.model:get_status(), url = ENV["SCRIPT_NAME"] .. self.conf.prefix .. self.conf.controller } ) end -update = function(self) - local id = tonumber(self.clientdata.id) or -1 - local result - local data - - result, data = cfgfile.model:get(id) - if not result then return list_redir(self) end - - if self.clientdata.cmd then - for k,v in pairs (data) do - if self.clientdata[k] then - data[k].value = self.clientdata[k] - end - end - result, data = cfgfile.model:set(id, data) - if result then return list_redir(self) end - end - - data.cmd = cfe { type="action", value="save", label="action" } - return cfe{ type="form", - option={ script=ENV["SCRIPT_NAME"], - prefix=self.conf.prefix, - controller = self.conf.controller, - action = "update", - extra = ""}, - value = data} +list = function(self) + return ( {filelist = self.model:get_filelist(), url = ENV["SCRIPT_NAME"] .. self.conf.prefix .. self.conf.controller } ) end -local function serviceAction(self, action) - local id = tonumber(self.clientdata.id) or -1 - local svc = service.model:list("firewall") - local ret = { - script=ENV["SCRIPT_NAME"], - prefix=self.conf.prefix, - controller = self.conf.controller, - action={}, - title="Firewall", - text={}, - active={ id=id } - } - for i,s in pairs(svc) do - for i,a in ipairs(s.actions) do - ret.action[#ret.action + 1] = { - name = a, - section = s.name .. " (" .. tostring(s.status) .. ")", - id = s.id, - label = a, - } - end - end - if self.clientdata[action] then - local result, report = service.model:update(id, action) - local label = "Error" - if result then - ret.active.action = action - label = "Report" - end - ret.text[#ret.text + 1] = { label=label, content=report } - end - ret.note=getNotes(self) - return ret +edit = function (self) + local filename = self.clientdata.name or "" + return ( {filecontent = self.model:get_filecontent(filename), url = ENV["SCRIPT_NAME"] .. self.conf.prefix .. self.conf.controller } ) end -start = function(self) return serviceAction(self, "start") end -stop = function(self) return serviceAction(self, "stop") end -restart = function(self) return serviceAction(self, "restart") end - diff --git a/shorewall-edit-html.lsp b/shorewall-edit-html.lsp new file mode 100644 index 0000000..3e12554 --- /dev/null +++ b/shorewall-edit-html.lsp @@ -0,0 +1,28 @@ +<? local view = ... ?> +<html> +<body> +<h1>Edit configuration</h1> + +<h2>Details</h2> + +<dt>File name</dt> +<dd><?= view.filecontent.filedetails.longname ?></dd> + +<dt>File size</dt> +<dd><?= view.filecontent.filedetails.size ?></dd> + +<dt>Last modified</dt> +<dd><?= view.filecontent.filedetails.mtime ?></dd> + +<dt>Mode</dt> +<dd><?= view.filecontent.filedetails.mode ?></dd> + +<dt>Owner:Group</dt> +<dd><?= view.filecontent.filedetails.uid ?>:<?= view.filecontent.filedetails.gid ?></dd> + +<h2>Content</h2> +<textarea name="" style="width:100%;height:400px;"><?= view.filecontent.value ?></textarea> + + +</body> +</html> diff --git a/shorewall-list-html.lsp b/shorewall-list-html.lsp new file mode 100644 index 0000000..424349a --- /dev/null +++ b/shorewall-list-html.lsp @@ -0,0 +1,10 @@ +<? local view = ... ?> + +<h1>Firewall configuration</h1> + +<h2>EXISTING FILES</h2> + +<? for i = 1, table.maxn(view.filelist) do ?> + <dt><?= html.link{value = view.url .. "/edit?name=" .. view.filelist[i].name , label=view.filelist[i].name } ?></dt> + <dd><i>Last modified:</i> <?= view.filelist[i].filedetails.mtime ?></dd> +<? end ?> diff --git a/shorewall-model.lua b/shorewall-model.lua new file mode 100644 index 0000000..bf42891 --- /dev/null +++ b/shorewall-model.lua @@ -0,0 +1,60 @@ +-- shorewall model methods +module (..., package.seeall) + +local function XXXfile_info ( path ) + local file = io.popen("ls -lh " .. path ) + local file_info_result = file:read("*a") or "unknown" + file:close() + local size,lastmod = string.match(file_info_result, "^%S+%s+%S+%s+%S+%s+%S+%s+(%S+)%s+(%S+%s+%S+%s+%S+)" ) + return {lastmod=lastmod,size=size, longname=path} +end +local function file_info ( path ) + require("posix") + filedetails = posix.stat(path) + filedetails.longname = path + return filedetails +end + + +function get_status () + local f,error = io.popen("/sbin/shorewall status") + local fake = f:read("*l") + local fake = f:read("*l") + local programstatus = f:read("*l") + local programstate = f:read("*l") + f:close() + local f,error = io.popen("/sbin/shorewall version") + local programversion = f:read("*l") + f:close() + return {programversion=programversion,programstatus=programstatus,programstate=programstate} +end + + +function get_filelist () + local filepath = "/etc/shorewall/" + local listed_files = {} + local k,v + for name in posix.files(filepath) do + if not string.match(name, "^%.") and not string.match(name, "^Makefile") then + local filedetails = file_info(filepath .. name) + table.insert ( listed_files , {name=name, longname=filepath .. name, filedetails=filedetails} ) + end + end + return listed_files +end + +function get_filecontent (self, name) + local path = "/etc/shorewall/" .. name + local available_files = get_filelist() + for k,v in pairs(available_files) do + if ( available_files[k].name == name ) then + local file = io.open( path ) + local file_result = file:read("*a") or "unknown" + file:close() + local filedetails = file_info(path) + file_content = cfe{name=name, value=file_result, filedetails=filedetails} + end + end + return file_content +end + diff --git a/shorewall-module.lua b/shorewall-module.lua deleted file mode 100644 index a05ae0d..0000000 --- a/shorewall-module.lua +++ /dev/null @@ -1,4 +0,0 @@ --- shorewall model methods -module (..., package.seeall) - - diff --git a/shorewall-read-html.lsp b/shorewall-read-html.lsp index 21f614f..af700b1 100644 --- a/shorewall-read-html.lsp +++ b/shorewall-read-html.lsp @@ -4,95 +4,78 @@ <h2>GENERAL</h2> -<dt>shorewall.conf</dt> +<dt><?= html.link{value = view.url .. "/edit?name=shorewall.conf", label="shorewall.conf" } ?></dt> <dd>Modify global configuration settings.</dd> -<dt>params</dt> +<dt><?= html.link{value = view.url .. "/edit?name=params", label="params" } ?></dt> <dd>Define variables used in the other configuratino files.</dd> -<dt>zones</dt> +<dt><?= html.link{value = view.url .. "/edit?name=zones", label="zones" } ?></dt> <dd>Name network partions. Firewal rules are applied to defined zones.</dd> -<dt>interfaces</dt> +<dt><?= html.link{value = view.url .. "/edit?name=interfaces", label="interfaces" } ?></dt> <dd>Map physical interfaces to named zones.</dd> -<dt>hosts</dt> +<dt><?= html.link{value = view.url .. "/edit?name=hosts", label="hosts" } ?></dt> <dd>Map individual hosts or networks to named zones.</dd> <h2>FIREWALLING</h2> -<dt>policy</dt> +<dt><?= html.link{value = view.url .. "/edit?name=policy", label="policy" } ?></dt> <dd>Set default rules (policies) for zones.</dd> -<dt>rules</dt> +<dt><?= html.link{value = view.url .. "/edit?name=rules", label="rules" } ?></dt> <dd>Define exceptions to policies.</dd> -<dt>routestopped</dt> +<dt><?= html.link{value = view.url .. "/edit?name=routestopped", label="routestopped" } ?></dt> <dd>Define hosts that can access this host when the firewall is "stopped".</dd> -<dt>tunnels</dt> +<dt><?= html.link{value = view.url .. "/edit?name=tunnels", label="tunnels" } ?></dt> <dd>Specify ipsec tunel endpoints.</dd> -<dt>blacklist</dt> +<dt><?= html.link{value = view.url .. "/edit?name=blacklist", label="blacklist" } ?></dt> <dd>List ip addresses or names that should be denied all access to the firewall.</dd> <h2>NAT</h2> -<dt>masq</dt> +<dt><?= html.link{value = view.url .. "/edit?name=masq", label="masq" } ?></dt> <dd>Define dynamic Masquerading or DNAT tables.</dd> -<dt>nat</dt> +<dt><?= html.link{value = view.url .. "/edit?name=nat", label="nat" } ?></dt> <dd>Define static Network Address Translation tables.</dd> <h2>QOS</h2> -<dt>tos</dt> +<dt><?= html.link{value = view.url .. "/edit?name=tos", label="tos" } ?></dt> <dd>Specify type of service markers for packets traversing the firewall.</dd> -<dt>tcdevices</dt> +<dt><?= html.link{value = view.url .. "/edit?name=tcdevices", label="tcdevices" } ?></dt> <dd>Define traffic control devices.</dd> -<dt>tcclasses</dt> +<dt><?= html.link{value = view.url .. "/edit?name=tcclasses", label="tcclasses" } ?></dt> <dd>Define traffic control classes.</dd> -<dt>tcrules</dt> +<dt><?= html.link{value = view.url .. "/edit?name=tcrules", label="tcrules" } ?></dt> <dd>Define traffic control rules.</dd> <h2>OTHER</h2> -<dt>View all files/configs</dt> +<dt><?= html.link{value = view.url .. "/list", label="View all files/configs" } ?></dt> <dd>Provide a autogenerated list of files in '/etc/shorewall'.</dd> <h2>SYSTEM INFO</h2> <dt>Program version</dt> -<dd><?= view.version ?></dd> +<dd><?= view.programstats.programversion ?></dd> + +<dt>Program status</dt> +<dd><?= view.programstats.programstatus ?></dd> + +<dt>Program state</dt> +<dd><?= view.programstats.programstate ?></dd> + <h2>MANAGEMENT</h2> <dt>Program Status</dt> <dd>[running|not]</dd> - -<? --Status Block - for i,item in ipairs(view.note or {}) do - ?><p class='error'><?= item.content ?></p><? - end -?> - -<table border=0> -<? local sct="" -for i,item in ipairs(view.list) do - if item.section ~= sct then - ?><tr><td colspan='3'><h2><?= item.section ?></td></tr><? - sct = item.section - end - ?><tr><td><?= item.status or '' ?><? - ?><td><?= html.link{ - value = view.script .. view.prefix .. view.controller .. "/" - .. view.action .. "?id=" .. tostring(item.id), - label=item.name - } - ?></td><td><?= item.descr - ?></td></tr><? -end -- vim: set filetype=lua : ?> -</table> |