function rule_popup()
{
$tpl = new templates();
$page = CurrentPageName();
$q = new mysql_shorewall();
$sql = "SELECT * FROM `fw_zones`";
$results = $q->QUERY_SQL($sql);
$fw_zones[0] = "{all}";
while ($ligne = mysql_fetch_assoc($results)) {
$fw_zones[$ligne["ID"]] = "{$ligne["zone"]} - {$ligne["type"]}";
}
$bt_title = "{add}";
$ID = $_GET["ID"];
if (!is_numeric($ID)) {
$ID = 0;
}
if ($ID == 0) {
$title = $tpl->javascript_parse_text("{new_rule}");
}
if ($ID > 0) {
$bt_title = "{apply}";
$q = new mysql_shorewall();
if (!$q->FIELD_EXISTS("fw_rules", "RATELIM")) {
$q->QUERY_SQL("ALTER TABLE `fw_rules` ADD `RATELIM` smallint(1) NOT NULL DEFAULT 0, ADD`RATELIMIT` VARCHAR(100), ADD INDEX(`RATELIM`)");
}
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT * FROM fw_rules WHERE ID='{$ID}'"));
$title = $tpl->javascript_parse_text($ligne["rulename"]);
}
$PROTO["-"] = "{all}";
$PROTO["tcp"] = "TCP";
$PROTO["udp"] = "UDP";
$LIMIT_T["sec"] = "{second}";
$LIMIT_T["min"] = "{minute}";
$LIMIT_T["hour"] = "{hour}";
$LIMIT_T["day"] = "{day}";
$LIMIT_T["week"] = "{week}";
$LIMIT_T["month"] = "{month}";
$LIMITTD["a"] = "{all}";
$LIMITTD["s"] = "{source}";
$LIMITTD["d"] = "{destination}";
if (preg_match("#^(s|d|a):([0-9]+)\\/(.+?):([0-9]+)#", $ligne["RATELIMIT"], $re)) {
$LIMIT_D = $re[1];
$connections = $re[2];
$LIMIT_F = $re[3];
$BURST = $re[4];
}
if ($LIMIT_D == null) {
$LIMIT_D = "a";
}
if (!is_numeric($BURST)) {
$BURST = 5;
}
$t = time();
$html = "\n\t<div style='font-size:30px;margin-bottom:20px'>{$title}</div>\n\t<div style='width:98%' class=form>\n\t<table style='width:100%'>\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{name}:</td>\n\t\t<td>" . Field_text("rulename-{$t}", $ligne["rulename"], "font-size:16px;width:250px", null, null, null, false, "SaveCHK{$t}(event)") . "</td>\n\t</tr>\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{from}:</td>\n\t\t<td>" . Field_array_Hash($fw_zones, "zone_id_from-{$t}", $ligne["zone_id_from"], null, null, 0, "font-size:16px") . "</td>\n\t</tr>\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{to}:</td>\n\t\t<td>" . Field_array_Hash($fw_zones, "zone_id_to-{$t}", $ligne["zone_id_to"], null, null, 0, "font-size:16px") . "</td>\n\t</tr>\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{protocol}:</td>\n\t\t<td>" . Field_array_Hash($PROTO, "PROTO-{$t}", $ligne["PROTO"], null, null, 0, "font-size:16px") . "</td>\n\t</tr>\t\t\t\t\t\t\t\t\t\t\t\t\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{policy}:</td>\n\t\t<td>" . Field_array_Hash($q->RULES_POLICIES, "ACTION-{$t}", $ligne["ACTION"], null, null, 0, "font-size:16px") . "</td>\n\t</tr>\n\t<tr><td colspan=2> </td></tr>\t\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{RATELIM}:</td>\n\t\t<td>" . Field_checkbox("RATELIM", 1, $ligne["RATELIM"], "RATELIMCK()") . "</td>\n\t</tr>\t\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{direction}:</td>\n\t\t<td>" . Field_array_Hash($LIMITTD, "LIMIT_TD-{$t}", $LIMIT_D, null, null, 0, "font-size:16px") . "</td>\n\t</tr>\t\t\t\t\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{connections}:</td>\n\t\t<td>" . Field_text("connections-{$t}", $connections, "font-size:16px;width:90px", null, null, null, false, "SaveCHK{$t}(event)") . "</td>\n\t</tr>\t\t\t\t\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{per}:</td>\n\t\t<td>" . Field_array_Hash($LIMIT_T, "LIMIT_T-{$t}", $LIMIT_F, null, null, 0, "font-size:16px") . "</td>\n\t</tr>\t\t\t\t\n\t<tr>\n\t\t<td class=legend style='font-size:16px'>{burst}:</td>\n\t\t<td>" . Field_text("burst-{$t}", $BURST, "font-size:16px;width:90px", null, null, null, false, "SaveCHK{$t}(event)") . "</td>\n\t</tr>\t\t\t\t\n\t<tr>\n\t\t<td colspan=2 align='right'>" . button($bt_title, "Save{$t}()", 18) . "</td>\n\t</tr>\t\t\n\t</table>\n<script>\nvar xSave{$t}= function (obj) {\n\tvar res=obj.responseText;\n\tif (res.length>3){alert(res);}\n\tvar ID={$ID};\n\t\$('#flexRT{$_GET["t"]}').flexReload();\n\t\$('#flexRT{$_GET["tt"]}').flexReload();\n\tExecuteByClassName('SearchFunction');\n\tif(ID==0){YahooWinHide();}\n}\n\nfunction SaveCHK{$t}(e){\n\tif(!checkEnter(e)){return;}\n\tSave{$t}();\n}\n\t\n\nfunction Save{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('rule-save', '{$ID}');\n\tXHR.appendData('zone_id_from', encodeURIComponent(document.getElementById('zone_id_from-{$t}').value));\n\tXHR.appendData('zone_id_to', encodeURIComponent(document.getElementById('zone_id_to-{$t}').value));\n\tXHR.appendData('rulename', encodeURIComponent(document.getElementById('rulename-{$t}').value));\n\tXHR.appendData('PROTO', encodeURIComponent(document.getElementById('PROTO-{$t}').value));\n\t\n\tXHR.appendData('LIMIT_TD',document.getElementById('LIMIT_TD-{$t}').value);\n\tXHR.appendData('LIMIT_T',document.getElementById('LIMIT_T-{$t}').value);\n\tXHR.appendData('connections',document.getElementById('connections-{$t}').value);\n\tXHR.appendData('burst',document.getElementById('burst-{$t}').value);\n\tXHR.appendData('ACTION',document.getElementById('ACTION-{$t}').value);\n\t\n\t\n\t\n\tif(document.getElementById('RATELIM').checked){\n\t\tXHR.appendData('RATELIM',1);\n\t}else{\n\t\tXHR.appendData('RATELIM',0);\n\t}\n\t\n\t\n\tXHR.sendAndLoad('{$page}', 'POST',xSave{$t});\n\t\t\n\t}\nfunction RATELIMCK(){\n\tdocument.getElementById('LIMIT_TD-{$t}').disabled=true;\n\tdocument.getElementById('LIMIT_T-{$t}').disabled=true;\n\tdocument.getElementById('connections-{$t}').disabled=true;\n\tdocument.getElementById('burst-{$t}').disabled=true;\n\t\n\tif(!document.getElementById('RATELIM').checked){return;}\n\tdocument.getElementById('LIMIT_TD-{$t}').disabled=false;\n\tdocument.getElementById('LIMIT_T-{$t}').disabled=false;\n\tdocument.getElementById('connections-{$t}').disabled=false;\n\tdocument.getElementById('burst-{$t}').disabled=false;\t\n\t\n\t\n}\nRATELIMCK();\n</script>\t";
echo $tpl->_ENGINE_parse_body($html);
}
function items()
{
$tpl = new templates();
$MyPage = CurrentPageName();
$q = new mysql_shorewall();
$t = $_GET["t"];
$search = '%';
$table = "fw_masq";
$page = 1;
$FORCE_FILTER = "AND `eth`='{$_GET["eth"]}'";
$total = 0;
if (!$q->FIELD_EXISTS("fw_masq", "zOrder")) {
$sql = "ALTER TABLE `fw_masq` ADD `zOrder` INT( 3 ) NOT NULL DEFAULT '0'";
$q->QUERY_SQL($sql, 'artica_backup');
}
if (isset($_POST["sortname"])) {
if ($_POST["sortname"] != null) {
$ORDER = "ORDER BY {$_POST["sortname"]} {$_POST["sortorder"]}";
}
}
if (isset($_POST['page'])) {
$page = $_POST['page'];
}
$searchstring = string_to_flexquery();
if ($searchstring != null) {
$sql = "SELECT COUNT(*) as TCOUNT FROM `{$table}` WHERE 1 {$FORCE_FILTER} {$searchstring}";
$ligne = mysql_fetch_array($q->QUERY_SQL($sql));
$total = $ligne["TCOUNT"];
} else {
$total = $q->COUNT_ROWS($table);
}
if (isset($_POST['rp'])) {
$rp = $_POST['rp'];
}
$pageStart = ($page - 1) * $rp;
if (is_numeric($rp)) {
$limitSql = "LIMIT {$pageStart}, {$rp}";
}
$sql = "SELECT * FROM `{$table}` WHERE 1 {$searchstring} {$FORCE_FILTER} {$ORDER} {$limitSql}";
$results = $q->QUERY_SQL($sql);
$no_rule = $tpl->_ENGINE_parse_body("{no_rule}");
$data = array();
$data['page'] = $page;
$data['total'] = $total;
$data['rows'] = array();
if (!$q->ok) {
json_error_show($q->mysql_error . "<br>{$sql}", 1);
}
if (mysql_num_rows($results) == 0) {
json_error_show("no data", 1);
}
$fontsize = "16";
while ($ligne = mysql_fetch_assoc($results)) {
$color = "black";
$options_text = null;
$delete = imgsimple("delete-32.png", null, "Delete{$t}('{$ligne["ID"]}')");
$ip = new system_nic($ligne["INTERFACE"]);
$interface = "{$ip->NICNAME} - " . $ligne["INTERFACE"];
$linkprovider = "<a href=\"javascript:blur();\"\n\t\tstyle='font-size:{$fontsize}px;text-decoration:underline'\n\t\tOnClick=\"javascript:Loadjs('{$MyPage}?masq-js=yesð={$_GET["eth"]}&ID={$ligne["ID"]}&t={$_GET["t"]}');\">";
$data['rows'][] = array('id' => $ligne['ID'], 'cell' => array("<span style='font-size:{$fontsize}px;font-weight:normal;color:{$color}'>{$linkprovider}{$ligne["SOURCE"]}</a></span>", "<img src='img/arrow-right-24.png'>", "<span style='font-size:{$fontsize}px;font-weight:normal;color:{$color}'>{$interface}</a></span>", "<span style='font-size:{$fontsize}px;font-weight:normal;color:{$color}'>{$linkInterface}{$ligne["ADDRESS"]}</a></span>", "<span style='font-size:{$fontsize}px;font-weight:normal;color:{$color}'>{$delete}</span>"));
}
echo json_encode($data);
}
function zone_save()
{
$q = new mysql_shorewall();
if (!$q->FIELD_EXISTS("fw_zones", "eth")) {
$q->QUERY_SQL("ALTER TABLE `fw_zones` ADD `eth` varchar(20) NULL, ADD INDEX (`eth`)");
if (!$q->ok) {
echo $q->mysql_error;
return;
}
}
if (!$q->FIELD_EXISTS("fw_zones", "zOrder")) {
$q->QUERY_SQL("ALTER TABLE `fw_zones` ADD `zOrder` INT(3) NULL, ADD INDEX (`zOrder`)");
if (!$q->ok) {
echo $q->mysql_error;
return;
}
}
$_POST["zone"] = trim($_POST["zone"]);
if (strlen($_POST["zone"]) > 5) {
echo "Network zone {$_POST["netzone"]} at most 5 characters long\n";
return;
}
if (is_numeric(substr($_POST["zone"], 0, 1))) {
echo "Network Zone Must start with a letter\n";
return;
}
if ($q->ZONES_RESERVED_WORDS[$_POST["zone"]]) {
echo "Network zone '{$_POST["zone"]}' is a reserved word\n";
return;
}
$table = "fw_zones";
$editF = false;
$ID = $_POST["zone-save"];
unset($_POST["zone-save"]);
while (list($key, $value) = each($_POST)) {
$value = url_decode_special_tool($value);
$fields[] = "`{$key}`";
$values[] = "'" . mysql_escape_string2($value) . "'";
$edit[] = "`{$key}`='" . mysql_escape_string2($value) . "'";
}
$sql_edit = "UPDATE `{$table}` SET " . @implode(",", $edit) . " WHERE ID='{$ID}'";
$sql = "INSERT IGNORE INTO `{$table}` (" . @implode(",", $fields) . ") VALUES (" . @implode(",", $values) . ")";
if ($ID > 0) {
$sql = $sql_edit;
}
$q->QUERY_SQL($sql);
if (!$q->ok) {
echo "Mysql error: `{$q->mysql_error}`";
return;
}
$tpl = new templates();
$tpl->javascript_parse_text("{success}");
}
