function getPorts($pDB) { $jsonObject = new PaloSantoJSON(); $oPort = new paloSantoPortService($pDB); $protocol = getParameter("protocol"); if ($protocol == "TCP") { $Ports = $oPort->getTCPortNumbers(); } else { $Ports = $oPort->getUDPortNumbers(); } $arrPort['ANY'] = _tr('ANY'); foreach ($Ports as $key => $value) { $arrPort[$value['id']] = $value['name']; } $jsonObject->set_message($arrPort); return $jsonObject->createJSON(); }
function addRemovePortsUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf) { // Listar los usuarios y preparar el combo de usuarios disponibles $pACL = new paloACL($arrConf['elastix_dsn']['acl']); $id_user = getParameter('id_user'); $userlist = $pACL->getUsers(); $cbo_users = array(); foreach ($userlist as $userinfo) { $cbo_users[$userinfo[0]] = $userinfo[1] . ' - ' . $userinfo[2]; } // Verificar si el usuario existe if (!is_null($id_user)) { if (!isset($cbo_users[$id_user])) { Header("Location: ?menu={$module_name}"); return NULL; } } else { $id_user = $userlist[0][0]; } $ps = new paloSantoPortService($pDB); $pk = new paloSantoPortKnockUsers($pDB); // Construir lista de puertos autorizados $userauth = $pk->listAuthorizationsForUser($id_user); $portauths = array(); if (is_array($userauth)) { foreach ($userauth as $auth) { $portauths[$auth['id_port']] = $auth['id']; } } $portlist = $ps->ObtainPuertos($ps->ObtainNumPuertos('', ''), 0, '', ''); $listaIdPuertos = array(); foreach ($portlist as $portinfo) { $listaIdPuertos[] = $portinfo['id']; } if (isset($_POST['apply']) && is_array($_POST['auth_port'])) { // Se requiere aplicar lista de cambios $listaNuevosPuertos = array_keys($_POST['auth_port']); $bReglasBorradas = FALSE; // Borrar la autorización de todos los puertos que ya no aparecen $bExito = TRUE; foreach ($portauths as $id_port => $id_auth) { if (!in_array($id_port, $listaNuevosPuertos)) { if (!$pk->deleteAuthorization($id_auth)) { $smarty->assign("mb_title", _tr("ERROR")); $smarty->assign("mb_message", $pk->errMsg); $bExito = FALSE; break; } else { unset($portauths[$id_port]); $bReglasBorradas = TRUE; } } } if (!$bExito) { break; } // Ingresar la autorización de los puertos nuevos foreach ($listaNuevosPuertos as $id_port) { if (in_array($id_port, $listaIdPuertos) && !isset($portauths[$id_port])) { $id_nueva_auth = $pk->insertAuthorization($id_user, $id_port); if (is_null($id_nueva_auth)) { $smarty->assign("mb_title", _tr("ERROR")); $smarty->assign("mb_message", $pk->errMsg); $bExito = FALSE; break; } else { $portauths[$id_port] = $id_nueva_auth; } } } if ($bExito) { if ($bReglasBorradas) { // Ejecutar iptables para revocar las reglas del usuario require_once "modules/sec_rules/libs/paloSantoRules.class.php"; $pr = new paloSantoRules($pDB); $pr->activateRules(); } Header("Location: ?menu={$module_name}"); return NULL; } } $data = array(); if (is_array($portlist)) { foreach ($portlist as $portinfo) { $id_port = $portinfo['id']; $protocol_details = ''; switch ($portinfo['protocol']) { case 'TCP': case 'UDP': $protocol_details = (stripos($portinfo['details'], ':') === false ? _tr('Port') : _tr('Ports')) . ' ' . $portinfo['details']; break; case 'ICMP': $arr = explode(':', $portinfo['details']); if (isset($arr[1])) { $protocol_details = _tr('Type') . ": " . $arr[0] . " " . _tr('Code') . ": " . $arr[1]; } break; default: $protocol_details = _tr('Protocol Number') . ': ' . $portinfo['details']; break; } $data[] = array("<input type=\"checkbox\" name=\"auth_port[{$id_port}]\" " . (isset($portauths[$id_port]) ? 'checked="checked"' : '') . ' />', htmlentities($portinfo['name'], ENT_COMPAT, 'UTF-8'), htmlentities($portinfo['protocol'], ENT_COMPAT, 'UTF-8'), $protocol_details); } } $oGrid = new paloSantoGrid($smarty); $oGrid->setTitle(_tr('Add/remove ports for user')); $oGrid->setColumns(array('', _tr('Port'), _tr('Protocol'), _tr('Details'))); $oGrid->addSubmitAction('apply', _tr('Apply changes'), "modules/{$module_name}/images/Check.png"); $oGrid->addComboAction('id_user', _tr('User'), $cbo_users, $id_user, 'refresh', 'submit();'); // Construcción de la vista de puertos autorizados $oGrid->pagingShow(false); $url = array("menu" => $module_name); $oGrid->setURL($url); $oGrid->setData($data); return $oGrid->fetchGrid(); }
function deletePuertos($smarty, $module_name, $local_templates_dir, &$pDB, $arrConf) { $oPalo = new paloSantoPortService($pDB); $str_msj_error = ""; foreach ($_POST as $key => $value) { if ($value == "on") { $port = ""; if (!$oPalo->isPortInService($key, $port)) { if ($oPalo->deletePuerto($key) == false) { $str_msj_error .= $oPalo->errMsg . "<br />"; } } else { $str_msj_error .= _tr("Port used in a firewall rule") . ": {$port['name']}. " . _tr("You have to delete the rule related in order to delete this port") . "<br />"; } } } if (strlen($str_msj_error) == 0) { $smarty->assign("mb_title", _tr("Message")); $smarty->assign("mb_message", _tr("Delete correctly")); } else { $smarty->assign("mb_title", _tr("ERROR")); $smarty->assign("mb_message", $str_msj_error); } return reportPuertos($smarty, $module_name, $local_templates_dir, $pDB, $arrConf); }