function updateFirewallRules($firstrun = false) { // Signature validation and firewall driver global $v, $driver, $services, $thissvc; // Flush cache, read what the system thinks the firewall rules are. $driver->refreshCache(); // Delete our safemode flag if it exists. if (file_exists("/var/run/firewalld.safemode")) { unlink("/var/run/firewalld.safemode"); } // Make sure the rules haven't been disturbed, and aren't corrupt if (!$firstrun && !$driver->validateRunning()) { // This is bad. wall("Firewall Rules corrupted! Restarting in 5 seconds"); Lock::unLock($thissvc); // Wait 4 seconds to give incron a chance to catch up sleep(4); // Restart me. fclose(fopen("/var/spool/asterisk/incron/firewall.firewall", "a")); exit; } $getservices = getServices(); // Make sure we actually received stuff.. if (!isset($getservices['smartports'])) { return false; } // Root-only updates: // SSH is only readable by root $ssh = $services->getService("ssh"); if ($ssh['guess'] == true) { throw new \Exception("Root user unable to retrieve sshd port! This is a bug!"); } $getservices['services']['ssh']['fw'] = $ssh['fw']; $zones = array("reject" => "reject", "external" => "external", "other" => "other", "internal" => "internal", "trusted" => "trusted"); // This is the list of services we should have. $validservices = array(); foreach ($getservices['services'] as $s => $settings) { // Keep this service for later $validservices[$s] = $s; // Make sure the service is configured correctly if (isset($settings['fw'])) { $driver->updateService($s, $settings['fw']); } else { $driver->updateService($s, false); } // Assign the service to the required zones $myzones = array("addto" => array(), "removefrom" => $zones); if (!empty($settings['zones']) && is_array($settings['zones'])) { foreach ($settings['zones'] as $z) { unset($myzones['removefrom'][$z]); $myzones['addto'][$z] = $z; } } $driver->updateServiceZones($s, $myzones); } // Update RTP rules $rtp = $getservices['smartports']['rtp']; // UDPTL is T38. $udptl = $getservices['smartports']['udptl']; $driver->setRtpPorts($rtp, $udptl); // Update our knownhosts targets $driver->updateTargets($getservices); // And permit our registrations through $driver->updateRegistrations($getservices['smartports']['registrations']); // Update blacklist $driver->updateBlacklist($getservices['blacklist']); // Update our custom ports $custrules = $getservices['custom']; foreach ($custrules as $id => $rule) { // Keep this service for later $validservices[$id] = $id; $c = $rule['custfw']; // If it has a comma, it's multiple ports. $requestedports = explode(",", $c['port']); $realports = array(); // Have we been given a range? (eg, "1234:5678") foreach ($requestedports as $port) { if (strpos($port, ":") !== false) { // Sanity check that the numbers are in the correct order, and are, in fact, // numbers. $range = explode(":", $c['port']); if (!isset($range[1])) { // This is invalid, we need two digits continue; } $start = (int) $range[0]; $end = (int) $range[1]; if ($start > $end) { $lowest = $end; $highest = $start; } else { $lowest = $start; $highest = $end; } if ($lowest < 1 || $highest > 65534) { // Invalid continue; } $realports[] = "{$lowest}:{$highest}"; } else { // It should just be a number. $realnum = (int) $port; if ($realnum > 65534 || $realnum < 1) { continue; } $realports[] = $realnum; } } // Create our '$ports' array for the driver. $ports = array(); if ($c['protocol'] == "both" || $c['protocol'] == "tcp") { foreach ($realports as $p) { $ports[] = array("protocol" => "tcp", "port" => $p); } } if ($rule['custfw']['protocol'] == "both" || $rule['custfw']['protocol'] == "udp") { foreach ($realports as $p) { $ports[] = array("protocol" => "udp", "port" => $p); } } $driver->updateService($id, $ports); // Assign the service to the required zones $myzones = array("addto" => array(), "removefrom" => $zones); foreach ($rule['zones'] as $z) { unset($myzones['removefrom'][$z]); $myzones['addto'][$z] = $z; } $driver->updateServiceZones($id, $myzones); } // Update the Host DDNS entries. $driver->updateHostZones($getservices['hostmaps']); // Now, purge any services that no longer exist $active = $driver->getActiveServices(); foreach ($active as $as) { if (!isset($validservices[$as])) { // This should be removed $driver->removeService($as); } } // Set the firewall to drop or reject mode. if ($getservices['dropinvalid']) { $driver->setRejectMode(true, false); } else { $driver->setRejectMode(false, false); } }
} } else { $pagination = have_wall(array('firstchar' => isset($_GET['firstchar']) ? $_GET['firstchar'] : '')); echo '<div class="title">My Wall <span style="float: right;">' . ($pagination['results'] ? $pagination['results'] . ' ' . (is_first($pagination['results']) ? 'coupon' : 'coupons') : 'Nothing found yet') . '</span></div>'; echo '<div style="margin-bottom: 20px;"> <ul class="category"> <li class="active">Coupons</li>'; if (theme_has_products()) { echo '<li><a href="' . get_update(array('type' => 'products', 'page' => 1)) . '">Products</a></li>'; } echo '</ul> </div>'; if ($pagination['results']) { foreach (wall(array('firstchar' => isset($_GET['firstchar']) ? $_GET['firstchar'] : '')) as $item) { echo '<article class="array_item"> <div class="table"> <div class="left"> <img src="' . store_avatar($item->store_img) . '" alt=""> <span class="rating"><span style="width:' . $item->stars * 16 . 'px;"></span></span> <a href="' . $item->store_reviews_link . '">' . $item->reviews . ' reviews</a>'; echo !empty($item->cashback) ? '<span class="cashback-points" data-ttip="Great! Use it and you\'ll receive ' . $item->cashback . ' points.">' . $item->cashback . '</span> ' : ''; echo '</div> <div class="right"> <a href="' . $item->link . '" class="title">' . $item->title . '</a> More coupons for <a href="' . $item->store_link . '">' . $item->store_name . '</a> <div class="description">' . (!empty($item->description) ? nl2br($item->description) : 'no description') . '</div>