function getPorts($pDB)
{
$jsonObject = new PaloSantoJSON();
$oPort = new paloSantoPortService($pDB);
$protocol = getParameter("protocol");
if ($protocol == "TCP") {
$Ports = $oPort->getTCPortNumbers();
} else {
$Ports = $oPort->getUDPortNumbers();
}
$arrPort['ANY'] = _tr('ANY');
foreach ($Ports as $key => $value) {
$arrPort[$value['id']] = $value['name'];
}
$jsonObject->set_message($arrPort);
return $jsonObject->createJSON();
}
function addRemovePortsUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf)
{
// Listar los usuarios y preparar el combo de usuarios disponibles
$pACL = new paloACL($arrConf['elastix_dsn']['acl']);
$id_user = getParameter('id_user');
$userlist = $pACL->getUsers();
$cbo_users = array();
foreach ($userlist as $userinfo) {
$cbo_users[$userinfo[0]] = $userinfo[1] . ' - ' . $userinfo[2];
}
// Verificar si el usuario existe
if (!is_null($id_user)) {
if (!isset($cbo_users[$id_user])) {
Header("Location: ?menu={$module_name}");
return NULL;
}
} else {
$id_user = $userlist[0][0];
}
$ps = new paloSantoPortService($pDB);
$pk = new paloSantoPortKnockUsers($pDB);
// Construir lista de puertos autorizados
$userauth = $pk->listAuthorizationsForUser($id_user);
$portauths = array();
if (is_array($userauth)) {
foreach ($userauth as $auth) {
$portauths[$auth['id_port']] = $auth['id'];
}
}
$portlist = $ps->ObtainPuertos($ps->ObtainNumPuertos('', ''), 0, '', '');
$listaIdPuertos = array();
foreach ($portlist as $portinfo) {
$listaIdPuertos[] = $portinfo['id'];
}
if (isset($_POST['apply']) && is_array($_POST['auth_port'])) {
// Se requiere aplicar lista de cambios
$listaNuevosPuertos = array_keys($_POST['auth_port']);
$bReglasBorradas = FALSE;
// Borrar la autorización de todos los puertos que ya no aparecen
$bExito = TRUE;
foreach ($portauths as $id_port => $id_auth) {
if (!in_array($id_port, $listaNuevosPuertos)) {
if (!$pk->deleteAuthorization($id_auth)) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", $pk->errMsg);
$bExito = FALSE;
break;
} else {
unset($portauths[$id_port]);
$bReglasBorradas = TRUE;
}
}
}
if (!$bExito) {
break;
}
// Ingresar la autorización de los puertos nuevos
foreach ($listaNuevosPuertos as $id_port) {
if (in_array($id_port, $listaIdPuertos) && !isset($portauths[$id_port])) {
$id_nueva_auth = $pk->insertAuthorization($id_user, $id_port);
if (is_null($id_nueva_auth)) {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", $pk->errMsg);
$bExito = FALSE;
break;
} else {
$portauths[$id_port] = $id_nueva_auth;
}
}
}
if ($bExito) {
if ($bReglasBorradas) {
// Ejecutar iptables para revocar las reglas del usuario
require_once "modules/sec_rules/libs/paloSantoRules.class.php";
$pr = new paloSantoRules($pDB);
$pr->activateRules();
}
Header("Location: ?menu={$module_name}");
return NULL;
}
}
$data = array();
if (is_array($portlist)) {
foreach ($portlist as $portinfo) {
$id_port = $portinfo['id'];
$protocol_details = '';
switch ($portinfo['protocol']) {
case 'TCP':
case 'UDP':
$protocol_details = (stripos($portinfo['details'], ':') === false ? _tr('Port') : _tr('Ports')) . ' ' . $portinfo['details'];
break;
case 'ICMP':
$arr = explode(':', $portinfo['details']);
if (isset($arr[1])) {
$protocol_details = _tr('Type') . ": " . $arr[0] . " " . _tr('Code') . ": " . $arr[1];
}
break;
default:
$protocol_details = _tr('Protocol Number') . ': ' . $portinfo['details'];
break;
}
$data[] = array("<input type=\"checkbox\" name=\"auth_port[{$id_port}]\" " . (isset($portauths[$id_port]) ? 'checked="checked"' : '') . ' />', htmlentities($portinfo['name'], ENT_COMPAT, 'UTF-8'), htmlentities($portinfo['protocol'], ENT_COMPAT, 'UTF-8'), $protocol_details);
}
}
$oGrid = new paloSantoGrid($smarty);
$oGrid->setTitle(_tr('Add/remove ports for user'));
$oGrid->setColumns(array('', _tr('Port'), _tr('Protocol'), _tr('Details')));
$oGrid->addSubmitAction('apply', _tr('Apply changes'), "modules/{$module_name}/images/Check.png");
$oGrid->addComboAction('id_user', _tr('User'), $cbo_users, $id_user, 'refresh', 'submit();');
// Construcción de la vista de puertos autorizados
$oGrid->pagingShow(false);
$url = array("menu" => $module_name);
$oGrid->setURL($url);
$oGrid->setData($data);
return $oGrid->fetchGrid();
}
function deletePuertos($smarty, $module_name, $local_templates_dir, &$pDB, $arrConf)
{
$oPalo = new paloSantoPortService($pDB);
$str_msj_error = "";
foreach ($_POST as $key => $value) {
if ($value == "on") {
$port = "";
if (!$oPalo->isPortInService($key, $port)) {
if ($oPalo->deletePuerto($key) == false) {
$str_msj_error .= $oPalo->errMsg . "<br />";
}
} else {
$str_msj_error .= _tr("Port used in a firewall rule") . ": {$port['name']}. " . _tr("You have to delete the rule related in order to delete this port") . "<br />";
}
}
}
if (strlen($str_msj_error) == 0) {
$smarty->assign("mb_title", _tr("Message"));
$smarty->assign("mb_message", _tr("Delete correctly"));
} else {
$smarty->assign("mb_title", _tr("ERROR"));
$smarty->assign("mb_message", $str_msj_error);
}
return reportPuertos($smarty, $module_name, $local_templates_dir, $pDB, $arrConf);
}
