Accueil Explorer Aide
Connexion
yosoyhendrix
/
hestiacp
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: ca3cc3345b
Branches Tags
hestiacp
/
web
/
add
/
firewall
/
index.php

index.php 2.6 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125 
  1. <?php
    2. 

  2. use function Hestiacp\quoteshellarg\quoteshellarg;
    3. 

  3. 

  4. ob_start();
    5. 

  5. $TAB = "FIREWALL";
    6. 

  6. 

  7. // Main include
    8. 

  8. include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
    9. 

  9. 

  10. // Check user
    11. 

  11. if ($_SESSION["userContext"] != "admin") {
    12. 

  12. 	header("Location: /list/user");
    13. 

  13. 	exit();
    14. 

  14. }
    15. 

  15. 

  16. // Get ipset lists
    17. 

  17. exec(HESTIA_CMD . "v-list-firewall-ipset 'json'", $output, $return_var);
    18. 

  18. check_return_code($return_var, $output);
    19. 

  19. $data = json_decode(implode("", $output), true);
    20. 

  20. unset($output);
    21. 

  21. 

  22. $ipset_lists = [];
    23. 

  23. foreach ($data as $key => $value) {
    24. 

  24. 	if (isset($value["SUSPENDED"]) && $value["SUSPENDED"] === "yes") {
    25. 

  25. 		continue;
    26. 

  26. 	}
    27. 

  27. 	if (isset($value["IP_VERSION"]) && $value["IP_VERSION"] !== "v4") {
    28. 

  28. 		continue;
    29. 

  29. 	}
    30. 

  30. 	array_push($ipset_lists, ["name" => $key]);
    31. 

  31. }
    32. 

  32. $ipset_lists_json = json_encode($ipset_lists);
    33. 

  33. 

  34. // Check POST request
    35. 

  35. if (!empty($_POST["ok"])) {
    36. 

  36. 	// Check token
    37. 

  37. 	// Check token
    38. 

  38. 	verify_csrf($_POST);
    39. 

  39. 

  40. 	// Check empty fields
    41. 

  41. 	if (empty($_POST["v_action"])) {
    42. 

  42. 		$errors[] = _("Action");
    43. 

  43. 	}
    44. 

  44. 	if (empty($_POST["v_protocol"])) {
    45. 

  45. 		$errors[] = _("Protocol");
    46. 

  46. 	}
    47. 

  47. 	if (empty($_POST["v_port"]) && strlen($_POST["v_port"]) == 0) {
    48. 

  48. 		$errors[] = _("Port");
    49. 

  49. 	}
    50. 

  50. 	if (empty($_POST["v_ip"])) {
    51. 

  51. 		$errors[] = _("IP Address");
    52. 

  52. 	}
    53. 

  53. 	if (!empty($errors[0])) {
    54. 

  54. 		foreach ($errors as $i => $error) {
    55. 

  55. 			if ($i == 0) {
    56. 

  56. 				$error_msg = $error;
    57. 

  57. 			} else {
    58. 

  58. 				$error_msg = $error_msg . ", " . $error;
    59. 

  59. 			}
    60. 

  60. 		}
    61. 

  61. 		$_SESSION["error_msg"] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
    62. 

  62. 	}
    63. 

  63. 

  64. 	// Protect input
    65. 

  65. 	$v_action = quoteshellarg($_POST["v_action"]);
    66. 

  66. 	$v_protocol = quoteshellarg($_POST["v_protocol"]);
    67. 

  67. 	$v_port = str_replace(" ", ",", $_POST["v_port"]);
    68. 

  68. 	$v_port = preg_replace("/\,+/", ",", $v_port);
    69. 

  69. 	$v_port = trim($v_port, ",");
    70. 

  70. 	$v_port = quoteshellarg($v_port);
    71. 

  71. 	$v_ip = quoteshellarg($_POST["v_ip"]);
    72. 

  72. 	$v_comment = quoteshellarg($_POST["v_comment"]);
    73. 

  73. 

  74. 	// Add firewall rule
    75. 

  75. 	if (empty($_SESSION["error_msg"])) {
    76. 

  76. 		exec(
    77. 

  77. 			HESTIA_CMD .
    78. 

  78. 				"v-add-firewall-rule " .
    79. 

  79. 				$v_action .
    80. 

  80. 				" " .
    81. 

  81. 				$v_ip .
    82. 

  82. 				" " .
    83. 

  83. 				$v_port .
    84. 

  84. 				" " .
    85. 

  85. 				$v_protocol .
    86. 

  86. 				" " .
    87. 

  87. 				$v_comment,
    88. 

  88. 			$output,
    89. 

  89. 			$return_var,
    90. 

  90. 		);
    91. 

  91. 		check_return_code($return_var, $output);
    92. 

  92. 		unset($output);
    93. 

  93. 	}
    94. 

  94. 

  95. 	// Flush field values on success
    96. 

  96. 	if (empty($_SESSION["error_msg"])) {
    97. 

  97. 		$_SESSION["ok_msg"] = _("Rule has been created successfully.");
    98. 

  98. 		unset($v_port);
    99. 

  99. 		unset($v_ip);
    100. 

  100. 		unset($v_comment);
    101. 

  101. 	}
    102. 

  102. }
    103. 

  103. 

  104. if (empty($v_action)) {
    105. 

  105. 	$v_action = "";
    106. 

  106. }
    107. 

  107. if (empty($v_protocol)) {
    108. 

  108. 	$v_protocol = "";
    109. 

  109. }
    110. 

  110. if (empty($v_port)) {
    111. 

  111. 	$v_port = "";
    112. 

  112. }
    113. 

  113. if (empty($v_ip)) {
    114. 

  114. 	$v_ip = "";
    115. 

  115. }
    116. 

  116. if (empty($v_comment)) {
    117. 

  117. 	$v_comment = "";
    118. 

  118. }
    119. 

  119. 

  120. // Render
    121. 

  121. render_page($user, $TAB, "add_firewall");
    122. 

  122. 

  123. // Flush session messages
    124. 

  124. unset($_SESSION["error_msg"]);
    125. 

  125. unset($_SESSION["ok_msg"]);
    126.