| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | package SrvMngr::Controller::Remoteaccess; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #---------------------------------------------------------------------- | 
					
						
							|  |  |  | # heading     : Network | 
					
						
							|  |  |  | # description : Remote access | 
					
						
							|  |  |  | # navigation  : 6000 400 | 
					
						
							|  |  |  | #---------------------------------------------------------------------- | 
					
						
							|  |  |  | # | 
					
						
							|  |  |  | # routes : end | 
					
						
							|  |  |  | #---------------------------------------------------------------------- | 
					
						
							|  |  |  | use strict; | 
					
						
							|  |  |  | use warnings; | 
					
						
							|  |  |  | use Mojo::Base 'Mojolicious::Controller'; | 
					
						
							|  |  |  | use Locale::gettext; | 
					
						
							|  |  |  | use SrvMngr::I18N; | 
					
						
							|  |  |  | use SrvMngr qw(theme_list init_session ip_number subnet_mask get_reg_mask); | 
					
						
							|  |  |  | use esmith::ConfigDB; | 
					
						
							|  |  |  | use esmith::util; | 
					
						
							|  |  |  | use File::Basename; | 
					
						
							|  |  |  | use Exporter; | 
					
						
							|  |  |  | use Carp; | 
					
						
							|  |  |  | use Socket qw( inet_aton ); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | #our @ISA = qw(esmith::FormMagick Exporter); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | our @EXPORT = qw( networkAccess_list passwordLogin_list get_ssh_permit_root_login get_ssh_access get_telnet_mode
 | 
					
						
							|  |  |  |     get_ftp_access  get_ftp_password_login_access | 
					
						
							|  |  |  |     get_value get_prop get_ssh_password_auth | 
					
						
							|  |  |  |     validate_network_and_mask ip_number_or_blank subnet_mask_or_blank | 
					
						
							|  |  |  |     get_ipsecrw_sessions pptp_and_dhcp_range | 
					
						
							|  |  |  | ); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | #		get_pptp_sessions | 
					
						
							|  |  |  | our $db = esmith::ConfigDB->open || warn "Couldn't open configuration database"; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | sub main { | 
					
						
							|  |  |  |     my $c = shift; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $c->app->log->info($c->log_req); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $title     = $c->l('rma_FORM_TITLE'); | 
					
						
							|  |  |  |     my $notif     = ''; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     my %rma_datas = (); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $db = esmith::ConfigDB->open || warn "Couldn't open configuration database"; | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     #$rma_datas{ipsecrwSess}  = $c->get_ipsecrw_sessions(); | 
					
						
							|  |  |  |     #$rma_datas{pptpSessions} = $c->get_pptp_sessions(); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     $rma_datas{sshAccess}                 = $c->get_ssh_access(); | 
					
						
							|  |  |  |     $rma_datas{sshPermitRootLogin}        = $c->get_ssh_permit_root_login(); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     $rma_datas{sshPasswordAuthentication} = $c->get_ssh_password_auth(); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     $rma_datas{sshTCPPort}                = $c->get_ssh_port(); | 
					
						
							|  |  |  |     $rma_datas{ftpAccess}                 = $c->get_ftp_access(); | 
					
						
							|  |  |  |     $rma_datas{ftpPasswordAccess}         = $c->get_ftp_password_login_access(); | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     #$rma_datas{telnetAccess} = $c->get_telnet_access; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $c->stash(title => $title, notif => $notif, rma_datas => \%rma_datas); | 
					
						
							|  |  |  |     $c->render(template => 'remoteaccess'); | 
					
						
							|  |  |  | } ## end sub main | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub do_action { | 
					
						
							|  |  |  |     my $c = shift; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $c->app->log->info($c->log_req); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     my $title = $c->l('rma_FORM_TITLE'); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my ($result, $res, $trt) = ''; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     my %rma_datas = (); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $db = esmith::ConfigDB->open || warn "Couldn't open configuration database"; | 
					
						
							|  |  |  |     $rma_datas{ipsecrwSess}  = ($c->param('IpsecrwSess')  || ''); | 
					
						
							|  |  |  |     $rma_datas{ipsecrwReset} = ($c->param('IpsecrwReset') || ''); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  |     #$rma_datas{pptpSessions} = ($c->param ('PptpSessions') || '0'); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $rma_datas{validFromNetwork} = ($c->param('ValidFromNetwork') || ''); | 
					
						
							|  |  |  |     $rma_datas{validFromMask}    = ($c->param('ValidFromMask')    || ''); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | ##	my @remove = $q->param('validFromRemove');  ???????? the first one only !! | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my @vals = $c->param('Remove_nets'); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     $rma_datas{remove_nets} = join ',', @vals; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $rma_datas{sshaccess}                 = ($c->param('SshAccess')                 || 'off'); | 
					
						
							|  |  |  |     $rma_datas{sshPermitRootLogin}        = ($c->param('SshPermitRootLogin')        || 'no'); | 
					
						
							|  |  |  |     $rma_datas{sshPasswordAuthentication} = ($c->param('SshPasswordAuthentication') || 'no'); | 
					
						
							|  |  |  |     $rma_datas{sshTCPPort}                = ($c->param('SshTCPPort')                || '22'); | 
					
						
							|  |  |  |     $rma_datas{ftpAccess}                 = ($c->param('FtpAccess')                 || 'off'); | 
					
						
							|  |  |  |     $rma_datas{ftpPasswordAccess}         = ($c->param('FtpPasswordAccess')         || 'private'); | 
					
						
							|  |  |  |     $rma_datas{telnetAccess}              = ($c->param('TelnetAccess')              || 'off'); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  |     # validate | 
					
						
							|  |  |  |     my $v = $c->validation; | 
					
						
							|  |  |  |     return $c->render('remoteaccess') unless $v->has_data; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     #$v->optional('PptpSessions')->num(0, 999)->is_valid; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($c->param('ValidFromNetwork') ne "") { | 
					
						
							|  |  |  |         $v->optional('ValidFromNetwork')->size(7, 15)->is_valid; | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($c->param('ValidFromMask') ne "") { | 
					
						
							|  |  |  |         $v->optional('ValidFromMask')->size(7, 15)->is_valid; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |     $v->required('SshTCPPort')->num(1, 65535)->is_valid; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     $result .= 'field validation error' if $v->has_error; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if (!$result) { | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         # controls | 
					
						
							|  |  |  |         #$res = pptp_and_dhcp_range( $c, $rma_datas{pptpSessions} ); | 
					
						
							|  |  |  |         #$result .= $res . ' ' unless $res eq 'OK'; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |         $res = ip_number_or_blank($c, $rma_datas{validFromNetwork}); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         $result .= $res . ' ' unless $res eq 'OK'; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |         $res = subnet_mask_or_blank($c, $rma_datas{validFromMask}); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         $result .= $res . ' ' unless $res eq 'OK'; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |         $res = validate_network_and_mask($c, $rma_datas{validFromNetwork}, $rma_datas{validFromMask}); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         $result .= $res . ' ' unless $res eq 'OK'; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         #$result .= ' blocked for testing !' . $rma_datas{remove_nets}; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     } ## end if (!$result) | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if (!$result) { | 
					
						
							|  |  |  |         $res = change_settings($c, %rma_datas); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |         $result .= $res unless $res eq 'OK'; | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  |     if ($result eq "") { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         $result = $c->l('rma_SUCCESS'); | 
					
						
							|  |  |  |         $trt    = 'SUC'; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $c->stash(title => $title, notif => $result, rma_datas => \%rma_datas); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     #return $c->render( template => 'remoteaccess' ); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($trt eq 'SUC') { | 
					
						
							|  |  |  |         $c->stash(title => $title, modul => $result); | 
					
						
							|  |  |  |         return $c->render(template => 'module'); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return $c->render(template => 'remoteaccess'); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     #$c->redirect_to('/remoteaccess'); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub do_action | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub networkAccess_list { | 
					
						
							|  |  |  |     my $c = shift; | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     return [ | 
					
						
							|  |  |  |         [ $c->l('rma_NO_ACCESS')         => 'off' ], | 
					
						
							|  |  |  |         [ $c->l('NETWORKS_ALLOW_LOCAL')  => 'private' ], | 
					
						
							| 
									
										
										
										
											2025-02-18 16:16:36 +00:00
										 |  |  |         [ $c->l('NETWORKS_ALLOW_PUBLIC') => 'normal' ] | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     ]; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub networkAccess_list | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub passwordLogin_list { | 
					
						
							|  |  |  |     my $c = shift; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return [ [ $c->l('rma_PASSWORD_LOGIN_PRIVATE') => 'private' ], [ $c->l('rma_PASSWORD_LOGIN_PUBLIC') => 'public' ] ]; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | sub get_prop { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my ($c, $item, $prop) = @_; | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     warn "You must specify a record key"    unless $item; | 
					
						
							|  |  |  |     warn "You must specify a property name" unless $prop; | 
					
						
							|  |  |  |     my $record = $db->get($item) or warn "Couldn't get record for $item"; | 
					
						
							|  |  |  |     return $record ? $record->prop($prop) : undef; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub get_prop | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub get_value { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $c    = shift; | 
					
						
							|  |  |  |     my $item = shift; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return ($db->get($item)->value()); | 
					
						
							|  |  |  | } ## end sub get_value | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub get_ftp_access { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my $status = get_prop('', 'ftp', 'status') || 'disabled'; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     return 'off' unless $status eq 'enabled'; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my $access = get_prop('', 'ftp', 'access') || 'private'; | 
					
						
							|  |  |  |     return ($access eq 'public') ? 'normal' : 'private'; | 
					
						
							|  |  |  | } ## end sub get_ftp_access | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | #sub get_pptp_sessions { | 
					
						
							|  |  |  | #  my $status = get_prop('','pptpd','status'); | 
					
						
							|  |  |  | #  if (defined($status) && ($status eq 'enabled')) { | 
					
						
							|  |  |  | #    return(get_prop('','pptpd','sessions') || 'no'); | 
					
						
							|  |  |  | #  return '0'; | 
					
						
							|  |  |  | #} | 
					
						
							|  |  |  | sub get_ssh_permit_root_login { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return (get_prop('', 'sshd', 'PermitRootLogin') || 'no'); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | sub get_ssh_password_auth { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return (get_prop('', 'sshd', 'PasswordAuthentication') || 'yes'); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | sub get_ssh_access { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my $status = get_prop('', 'sshd', 'status'); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if (defined($status) && ($status eq 'enabled')) { | 
					
						
							|  |  |  |         my $access = get_prop('', 'sshd', 'access'); | 
					
						
							|  |  |  |         $access = ($access eq 'public') ? 'public' : 'private'; | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         return ($access); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     } else { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         return ('off'); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub get_ssh_access | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub get_ssh_port { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return (get_prop('$c', 'sshd', 'TCPPort') || '22'); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | sub get_ftp_password_login_access { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my $status = get_prop('', 'ftp', 'status') || 'disabled'; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     return 'private' unless $status eq 'enabled'; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my $access = get_prop('', 'ftp', 'LoginAccess') || 'private'; | 
					
						
							|  |  |  |     return ($access eq 'public') ? 'public' : 'private'; | 
					
						
							|  |  |  | } ## end sub get_ftp_password_login_access | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub get_telnet_mode { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $telnet = $db->get('telnet'); | 
					
						
							|  |  |  |     return ('off') unless $telnet; | 
					
						
							|  |  |  |     my $status = $telnet->prop('status') || 'disabled'; | 
					
						
							|  |  |  |     return ('off') unless $status eq 'enabled'; | 
					
						
							|  |  |  |     my $access = $telnet->prop('access') || 'private'; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return ($access eq "public") ? "public" : "private"; | 
					
						
							|  |  |  | } ## end sub get_telnet_mode | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  | sub get_ipsecrw_sessions { | 
					
						
							|  |  |  |     my $status = $db->get('ipsec')->prop('RoadWarriorStatus'); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  |     if (defined($status) && ($status eq 'enabled')) { | 
					
						
							|  |  |  |         return ($db->get('ipsec')->prop('RoadWarriorSessions') || '0'); | 
					
						
							|  |  |  |     } else { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         return ('0'); | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub get_ipsecrw_sessions | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub get_ipsecrw_status { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return undef unless ($db->get('ipsec')); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     return $db->get('ipsec')->prop('RoadWarriorStatus'); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | sub pptp_and_dhcp_range { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $c           = shift; | 
					
						
							|  |  |  |     my $val         = shift || 0; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my $dhcp_status = $db->get_prop('dhcpd', 'status') || 'disabled'; | 
					
						
							|  |  |  |     my $dhcp_end    = $db->get_prop('dhcpd', 'end') || ''; | 
					
						
							|  |  |  |     my $dhcp_start  = $db->get_prop('dhcpd', 'start') || ''; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($dhcp_status eq 'enabled') { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         my $ip_start = unpack 'N', inet_aton($dhcp_start); | 
					
						
							|  |  |  |         my $ip_end   = unpack 'N', inet_aton($dhcp_end); | 
					
						
							|  |  |  |         my $ip_count = $ip_end - $ip_start; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |         return 'OK' if ($val < $ip_count); | 
					
						
							|  |  |  |         return $c->l('rma_NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE'); | 
					
						
							|  |  |  |     } else { | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |         return 'OK'; | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub pptp_and_dhcp_range | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub _get_valid_from { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my $c   = shift; | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $rec = $db->get('httpd-admin'); | 
					
						
							|  |  |  |     return undef unless ($rec); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my @vals = (split ',', ($rec->prop('ValidFrom') || '')); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     return @vals; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub _get_valid_from | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub ip_number_or_blank { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $c  = shift; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     my $ip = shift; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if (!defined($ip) || $ip eq "") { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         return 'OK'; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return ip_number($c, $ip); | 
					
						
							|  |  |  | } ## end sub ip_number_or_blank | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub subnet_mask_or_blank { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $c    = shift; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     my $mask = shift; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if (!defined($mask) || $mask eq "") { | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |         return "OK"; | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     chomp $mask; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return (subnet_mask($mask) ne 'OK') | 
					
						
							|  |  |  |         ? $c->l('rma_INVALID_SUBNET_MASK') . " (" . $mask . ")" | 
					
						
							|  |  |  |         : 'OK'; | 
					
						
							|  |  |  | } ## end sub subnet_mask_or_blank | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub validate_network_and_mask { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $c    = shift; | 
					
						
							|  |  |  |     my $net  = shift || ""; | 
					
						
							|  |  |  |     my $mask = shift || ""; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($net xor $mask) { | 
					
						
							|  |  |  |         return $c->l('rma_ERR_INVALID_PARAMS' . " (" . $net . "/" . $mask . ")"); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     } | 
					
						
							|  |  |  |     return 'OK'; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub validate_network_and_mask | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub change_settings { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my ($c, %rma_datas) = @_; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  |     #------------------------------------------------------------ | 
					
						
							|  |  |  |     # good; go ahead and change the access. | 
					
						
							|  |  |  |     #------------------------------------------------------------ | 
					
						
							|  |  |  |     my $rec = $db->get('telnet'); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     if ($rec) { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |         if ($rma_datas{telnetAccess} eq "off") { | 
					
						
							|  |  |  |             $rec->set_prop('status', 'disabled'); | 
					
						
							|  |  |  |         } else { | 
					
						
							|  |  |  |             $rec->set_prop('status', 'enabled'); | 
					
						
							|  |  |  |             $rec->set_prop('access', $rma_datas{telnetAccess}); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     } ## end if ($rec) | 
					
						
							|  |  |  |     $rec = $db->get('sshd') || $db->new_record('sshd', { type => 'service' }); | 
					
						
							|  |  |  |     $rec->set_prop('TCPPort', $rma_datas{sshTCPPort}); | 
					
						
							|  |  |  |     $rec->set_prop('status', ($rma_datas{sshaccess} eq "off" ? 'disabled' : 'enabled')); | 
					
						
							|  |  |  |     $rec->set_prop('access',                 $rma_datas{sshaccess}); | 
					
						
							|  |  |  |     $rec->set_prop('PermitRootLogin',        $rma_datas{sshPermitRootLogin}); | 
					
						
							|  |  |  |     $rec->set_prop('PasswordAuthentication', $rma_datas{sshPasswordAuthentication}); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     $rec = $db->get('ftp'); | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     if ($rec) { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |         if ($rma_datas{ftpAccess} eq "off") { | 
					
						
							|  |  |  |             $rec->set_prop('status',      'disabled'); | 
					
						
							|  |  |  |             $rec->set_prop('access',      'private'); | 
					
						
							|  |  |  |             $rec->set_prop('LoginAccess', 'private'); | 
					
						
							|  |  |  |         } elsif ($rma_datas{ftpAccess} eq "normal") { | 
					
						
							|  |  |  |             $rec->set_prop('status',      'enabled'); | 
					
						
							|  |  |  |             $rec->set_prop('access',      'public'); | 
					
						
							|  |  |  |             $rec->set_prop('LoginAccess', $rma_datas{ftpPasswordAccess}); | 
					
						
							|  |  |  |         } else { | 
					
						
							|  |  |  |             $rec->set_prop('status',      'enabled'); | 
					
						
							|  |  |  |             $rec->set_prop('access',      'private'); | 
					
						
							|  |  |  |             $rec->set_prop('LoginAccess', $rma_datas{ftpPasswordAccess}); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     } ## end if ($rec) | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     #	if ($rma_datas{pptpSessions} == 0) { | 
					
						
							|  |  |  |     #	$db->get('pptpd')->set_prop('status', 'disabled'); | 
					
						
							|  |  |  |     #    } else { | 
					
						
							|  |  |  |     #	$db->get('pptpd')->set_prop('status', 'enabled'); | 
					
						
							|  |  |  |     #	$db->get('pptpd')->set_prop('sessions', $rma_datas{pptpSessions}); | 
					
						
							|  |  |  |     #    } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($rma_datas{validFromNetwork} && $rma_datas{validFromMask}) { | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |         unless (add_new_valid_from($c, $rma_datas{validFromNetwork}, $rma_datas{validFromMask})) { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |             return $c->l('rma_ERROR_UPDATING_CONFIGURATION') . 'new net'; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     } ## end if ($rma_datas{validFromNetwork...}) | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($rma_datas{remove_nets}) { | 
					
						
							|  |  |  |         unless (remove_valid_from($c, $rma_datas{remove_nets})) { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |             return $c->l('rma_ERROR_UPDATING_CONFIGURATION') . 'del net'; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     } ## end if ($rma_datas{remove_nets...}) | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     # reset ipsec roadwarrior CA,server,client certificates | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($rma_datas{ipsecrwReset}) { | 
					
						
							|  |  |  |         system('/sbin/e-smith/roadwarrior', 'reset_certs') == 0 | 
					
						
							|  |  |  |             or return $c->l('rma_ERROR_UPDATING_CONFIGURATION') . 'rst ipsec'; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($rma_datas{ipsecrwSess}) { | 
					
						
							|  |  |  |         set_ipsecrw_sessions($c, $rma_datas{ipsecrwSess}); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     unless (system("/sbin/e-smith/signal-event", "remoteaccess-update") == 0) { | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |         return $c->l('rma_ERROR_UPDATING_CONFIGURATION'); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |     return 'OK'; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub change_settings | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub set_ipsecrw_sessions { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $c        = shift; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     my $sessions = shift; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if (defined $sessions) { | 
					
						
							|  |  |  |         $db->get('ipsec')->set_prop('RoadWarriorSessions', $sessions); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         if (int($sessions) > 0) { | 
					
						
							|  |  |  |             $db->get('ipsec')->set_prop('RoadWarriorStatus', 'enabled'); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     } ## end if (defined $sessions) | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  |     return ''; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub set_ipsecrw_sessions | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub add_new_valid_from { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $c    = shift; | 
					
						
							|  |  |  |     my $net  = shift; | 
					
						
							|  |  |  |     my $mask = shift; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     # we transform bit mask to regular mask | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $mask = get_reg_mask($net, $mask); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $rec = $db->get('httpd-admin'); | 
					
						
							|  |  |  |     return $c->error('ERR_NO_RECORD') unless $rec; | 
					
						
							|  |  |  |     my $prop = $rec->prop('ValidFrom') || ''; | 
					
						
							|  |  |  |     my @vals = split /,/, $prop; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     return '' if (grep /^$net\/$mask$/, @vals);    # already have this entry | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     if ($prop ne '') { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         $prop .= ",$net/$mask"; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     } else { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         $prop = "$net/$mask"; | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $rec->set_prop('ValidFrom', $prop); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     return 1; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub add_new_valid_from | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							|  |  |  | sub remove_valid_from { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $c           = shift; | 
					
						
							|  |  |  |     my $remove_nets = shift; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     my @remove      = split /,/, $remove_nets; | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     #	my @remove = $c->param('Remove_nets'); | 
					
						
							|  |  |  |     my @vals = $c->_get_valid_from(); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     foreach my $entry (@remove) { | 
					
						
							|  |  |  |         return undef unless $entry; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |         my ($net, $mask) = split(/\//, $entry); | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         unless (@vals) { | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |             print STDERR "ERROR: unable to load ValidFrom property from conf db\n"; | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |             return undef; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2024-03-22 14:54:28 +11:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         # what if we don't have a mask because someone added an entry from | 
					
						
							|  |  |  |         # the command line? by the time we get here, the panel will have | 
					
						
							|  |  |  |         # added a 32 bit mask, so we don't know for sure if the value in db | 
					
						
							|  |  |  |         # is $net alone or $net/255.255.255.255. we have to check for both | 
					
						
							|  |  |  |         # in this special case... | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |         @vals = (grep { $entry ne $_ && $net ne $_ } @vals); | 
					
						
							|  |  |  |     } ## end foreach my $entry (@remove) | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     my $prop; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     if (@vals) { | 
					
						
							|  |  |  |         $prop = join ',', @vals; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     } else { | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |         $prop = ''; | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  |     $db->get('httpd-admin')->set_prop('ValidFrom', $prop); | 
					
						
							| 
									
										
										
										
											2024-11-26 16:38:31 +00:00
										 |  |  |     return 1; | 
					
						
							| 
									
										
										
										
											2025-01-14 12:49:31 +00:00
										 |  |  | } ## end sub remove_valid_from | 
					
						
							|  |  |  | 1; |