[ Avaa Bypassed ]

Upload:

Command:

www-data@3.144.134.101: ~ $ 
#!/usr/bin/perl
# Create, update or delete a firewall rule

require './ipfw-lib.pl';
&ReadParse();
&error_setup($text{'save_err'});

$rules = &get_config();
if ($in{'new'}) {
	# Find the last editable rule
	if ($rules->[@$rules-1]->{'num'} == 65535 &&
	    @$rules > 1) {
		$lastidx = $rules->[@$rules-2]->{'index'};
		}
	else {
		$lastidx = $rules->[@$rules-1]->{'index'};
		}

	# Work out where to insert, and what number to use
	if ($in{'before'} ne '') {
		# Adding before some rule
		local $pn = $in{'before'} == 0 ? 0 :
			    $rules->[$in{'before'}-1]->{'num'};
		$rule = { 'num' => ($rules->[$in{'before'}]->{'num'}+$pn)/2 };
		splice(@$rules, $in{'before'}, 0, $rule);
		}
	elsif ($in{'after'} ne '') {
		# Adding after some rule
		local $nn = $in{'after'} == $lastidx ?
				$rules->[$in{'after'}]->{'num'}+200 :
				$rules->[$in{'after'}+1]->{'num'};
		$rule = { 'num' => ($rules->[$in{'after'}]->{'num'}+$nn)/2 };
		splice(@$rules, $in{'after'}+1, 0, $rule);
		}
	elsif (!$in{'num_def'}) {
		# At specified number
		$in{'num'} =~ /^\d+$/ && $in{'num'} >= 0 && $in{'num'} < 65536
			|| &error($text{'save_enum'});
		$rule = { 'num' => $in{'num'} };
		my $found = 0;
		for(my $i=0; $i<@$rules; $i++) {
			if ($rules->[$i]->{'num'} >= $in{'num'}) {
				splice(@$rules, $i, 0, $rule);
				$found++;
				last;
				}
			}
		push(@$rules, $rule) if (!$found);
		}
	elsif (!@$rules) {
		# First rule
		$rule = { 'num' => '00100' };
		push(@$rules, $rule);
		}
	else {
		# At end or before last deny-all rule
		$rule = { 'num' => $rules->[$lastidx]->{'num'}+100 };
		splice(@$rules, $lastidx+1, 0, $rule);
		}
	$rule->{'num'} = sprintf "%5.5d", $rule->{'num'};
	}
else {
	$rule = $rules->[$in{'idx'}];
	delete($rule->{'text'});
	}

if ($in{'delete'}) {
	# Just remove this rule
	splice(@$rules, $in{'idx'}, 1);
	}
else {
	# Validate inputs and contruct the rule object
	$in{'cmt'} =~ s/\r//g;
	$rule->{'cmt'} = $in{'cmt'};

	# Parse rule action and arg
	$rule->{'action'} = $in{'action'};
	if ($in{'action'} eq "skipto") {
		$in{'action_skipto'} =~ /^\d+$/ ||
			&error($text{'save_eskipto'});
		$rule->{'aarg'} = $in{'action_skipto'};
		}
	elsif ($in{'action'} eq "fwd") {
		&check_ipaddress($in{'action_fwdip'}) ||
			&error($text{'save_efwdip'});
		if ($in{'action_fwdport'} eq "") {
			$rule->{'aarg'} = $in{'action_fwdip'};
			}
		else {
			$in{'action_fwdport'} =~ /^\d+$/ ||
				&error($text{'save_efwdport'});
			$rule->{'aarg'} = $in{'action_fwdip'}.",".
					  $in{'action_fwdport'};
			}
		}
	elsif ($in{'action'} eq "divert" || $in{'action'} eq "pipe" ||
	       $in{'action'} eq "queue" || $in{'action'} eq "tee") {
		$in{'action_port'} =~ /^\d+$/ ||
			&error($text{'save_eteeport'});
		$rule->{'aarg'} = $in{'action_port'};
		}
	elsif ($in{'action'} eq "unreach") {
		$rule->{'aarg'} = $in{'action_unreach'};
		}
	else {
		delete($rule->{'aarg'});
		}

	# Parse protocol
	if ($in{'proto_orblock'}) {
		$rule->{'proto'} = &parse_orblock("proto");
		}
	else {
		$rule->{'proto'} = $in{'proto'};
		}

	# Parse in/out option
	delete($rule->{'in'});
	delete($rule->{'out'});
	delete($rule->{'in_not'});
	delete($rule->{'out_not'});
	if ($in{'inout'} == 1) {
		$rule->{'in'} = 1;
		}
	elsif ($in{'inout'} == 2) {
		$rule->{'out'} = 1;
		}

	# Parse via interface
	$rule->{'via'} = &parse_interface("via");

	# Parse logging level
	if ($in{'log'}) {
		$rule->{'log'} = 1;
		if ($in{'logamount'} ne "") {
			$in{'logamount'} =~ /^\d+$/ ||
				&error($text{'save_elogamount'});
			$rule->{'logamount'} = $in{'logamount'};
			}
		else {
			delete($rule->{'logamount'});
			}
		}
	else {
		$rule->{'log'} = 0;
		}

	# Parse source and destination
	foreach $s ("from", "to") {
		# IP address
		if ($in{$s."_orblock"}) {
			$rule->{$s} = &parse_orblock($s);
			}
		elsif ($in{$s."_mode"} == 0) {
			$rule->{$s} = "any";
			}
		elsif ($in{$s."_mode"} == 1) {
			$rule->{$s} = "me";
			}
		else {
			&to_ipaddress($in{$s}) ||
			    ($in{$s} =~ /^([0-9\.]+)\/(\d+)$/ &&
			     &check_ipaddress("$1")) ||
			    ($in{$s} =~ /^([0-9\.]+)\/(\d+)\{([0-9,]+)\}$/ &&
			     &check_ipaddress("$1") &&
			     $ipfw_version >= 2) ||
				&error($text{'save_e'.$s});
			$rule->{$s} = $in{$s};
			}

		# Port numbers
		if ($in{$s."_ports_orblock"}) {
			# XXX could be optional?
			$rule->{$s."_ports"} = &parse_orblock($s."_ports");
			}
		elsif ($in{$s."_ports_mode"} == 0) {
			delete($rule->{$s."_ports"});
			}
		else {
			local $p = $rule->{'proto'};
			$p eq "tcp" || $p eq "udp" || $p eq "ip" ||
			    $ipfw_version >= 2 ||
				&error($text{'save_eportsproto'.$s});
			$in{$s."_ports"} =~ /^\d+$/ ||
			  getservbyname($in{$s."_ports"}, $p) ||
			  $in{$s."_ports"} =~ /^\d+\-\d+$/ ||
			  ($in{$s."_ports"} =~ /^([a-z0-9]+)\-([a-z0-9]+)$/i &&
			   getservbyname($1, $p) && getservbyname($2, $p)) ||
			  $in{$s."_ports"} =~ /^([a-z0-9]+)(,[a-z0-9]+)*$/ ||
			  ($in{$s."_ports"} =~ /^([a-z0-9]+|([a-z0-9]+)\-([a-z0-9]+))(,[a-z0-9]+|,([a-z0-9]+)\-([a-z0-9]+))*$/ &&
			   $ipfw_version >= 2) ||
				&error($text{'save_eports'.$s});
			$rule->{$s."_ports"} = $in{$s."_ports"};
			$rule->{$s."_ports_not"} = $in{$s."_ports_not"}
				if ($ipfw_version >= 2);
			}
		}
	$rule->{'xmit'} = &parse_interface("xmit");
	$rule->{'recv'} = &parse_interface("recv");

	# XXX multiple options

	# Parse various options
	&parse_yes_no_ignored("established");
	&parse_yes_no_ignored("keep-state");
	&parse_yes_no_ignored("bridged");
	&parse_yes_no_ignored("frag");
	&parse_yes_no_ignored("setup");

	# Parse MAC address
	if ($ipfw_version >= 2) {
		if ($in{'mac1_def'} && $in{'mac2_def'}) {
			delete($rule->{'mac'});
			}
		else {
			local @mac;
			if ($in{'mac2_def'}) {
				push(@mac, "any");
				}
			else {
				$in{'mac2'} =~ /^[0-9a-f]{2}(:[0-9a-f]{2}){5}(\/\d+)?$/ || &error($text{'save_emac2'});
				push(@mac, $in{'mac2'});
				}
			if ($in{'mac1_def'}) {
				push(@mac, "any");
				}
			else {
				$in{'mac1'} =~ /^[0-9a-f]{2}(:[0-9a-f]{2}){5}(\/\d+)?$/ || &error($text{'save_emac1'});
				push(@mac, $in{'mac1'});
				}
			$rule->{'mac'} = \@mac;
			}
		}

	# Parse UID and GID
	if ($in{'uid_def'}) {
		delete($rule->{'uid'});
		}
	elsif ($in{'uid'} =~ /^#(\d+)$/) {
		$rule->{'uid'} = $1;
		}
	else {
		defined($rule->{'uid'} = getpwnam($in{'uid'})) ||
			&error($text{'save_euid'});
		}
	if ($in{'gid_def'}) {
		delete($rule->{'gid'});
		}
	elsif ($in{'gid'} =~ /^#(\d+)$/) {
		$rule->{'gid'} = $1;
		}
	else {
		defined($rule->{'gid'} = getgrnam($in{'gid'})) ||
			&error($text{'save_egid'});
		}

	# Parse ICMP types
	if ($in{'icmptypes'}) {
		$rule->{'proto'} eq 'icmp' || &error($text{'save_eicmptypes'});
		$rule->{'icmptypes'} = join(",", split(/\0/, $in{'icmptypes'}));
		}
	else {
		delete($rule->{'icmptypes'});
		}

	# Parse tcp flags
	if ($in{'tcpflags'}) {
		$rule->{'proto'} eq 'tcp' || &error($text{'save_etcpflags'});
		$rule->{'tcpflags'} = join(",", split(/\0/, $in{'tcpflags'}));
		}
	else {
		delete($rule->{'tcpflags'});
		}

	# Parse limit directive
	if ($in{'limit'}) {
		$in{'limit2'} =~ /^\d+$/ || &error($text{'save_elimit'});
		$rule->{'limit'} = [ $in{'limit'}, $in{'limit2'} ];
		}
	else {
		delete($rule->{'limit'});
		}

	# Parse dst-port and src-port directive
	foreach $ds ('dst', 'src') {
		if (!$in{$ds.'port_def'}) {
			local @dstports = split(/[ ,]+/, $in{$ds.'port'});
			foreach $p (@dstports) {
				&valid_port($p, $rule->{'proto'}) ||
					&error($text{'save_e'.$ds.'port'});
				}
			$rule->{$ds.'-port'} = \@dstports;
			}
		else {
			delete($rule->{$ds.'-port'});
			}
		}
	}

# Save all rules
&lock_file($ipfw_file);
&save_config($rules);
&unlock_file($ipfw_file);
&copy_to_cluster();
&webmin_log($in{'delete'} ? "delete" : $in{'new'} ? "create" : "modify",
	    "rule", $rule->{'action'}, $rule);
&redirect("");

# parse_interface(name)
sub parse_interface
{
local $iface = $in{$_[0]} eq "other" ? $in{$_[0]."_other"} : $in{$_[0]};
return undef if (!$iface);
$iface =~ /^\S+$/ || &error($text{'save_e'.$_[0]});
return $iface;
}

# parse_orblock(name)
sub parse_orblock
{
$in{$_[0]} =~ /\S/ || &error(&text('save_eorblock'.$_[0])); 
return [ split(/\s+/, $in{$_[0]}) ];
}

# parse_yes_no_ignored(name)
sub parse_yes_no_ignored
{
if ($in{$_[0]} == 0) {
	delete($rule->{$_[0]});
	}
elsif ($in{$_[0]} == 1) {
	$rule->{$_[0]} = 1;
	$rule->{$_[0]."_not"} = 0;
	}
elsif ($in{$_[0]} == 2) {
	$rule->{$_[0]} = 1;
	$rule->{$_[0]."_not"} = 1;
	}
}

Filemanager

DIR : / usr/ share/ webmin/ ipfw/
Name Type Size Permission Actions
images Folder 0755
lang Folder 0755
CHANGELOG File 1.04 KB 0644
apply.cgi File 293 B 0755
bootup.cgi File 240 B 0755
cluster.cgi File 1.98 KB 0755
cluster_add.cgi File 1.79 KB 0755
cluster_delete.cgi File 470 B 0755
config File 89 B 0644
config.info File 472 B 0644
config.info.ca File 433 B 0644
config.info.de File 539 B 0644
config.info.nl File 426 B 0644
convert.cgi File 274 B 0755
edit_rule.cgi File 10.16 KB 0755
index.cgi File 6.36 KB 0755
install_check.pl File 484 B 0755
ipfw-lib.pl File 17.42 KB 0755
log_parser.pl File 569 B 0755
module.info File 170 B 0644
module.info.af File 0 B 0644
module.info.af.auto File 114 B 0644
module.info.ar File 0 B 0644
module.info.ar.auto File 169 B 0644
module.info.be File 0 B 0644
module.info.be.auto File 192 B 0644
module.info.bg File 0 B 0644
module.info.bg.auto File 208 B 0644
module.info.ca File 106 B 0644
module.info.cs File 0 B 0644
module.info.cs.auto File 108 B 0644
module.info.da File 0 B 0644
module.info.da.auto File 105 B 0644
module.info.de File 117 B 0644
module.info.el File 0 B 0644
module.info.el.auto File 222 B 0644
module.info.es File 0 B 0644
module.info.es.auto File 99 B 0644
module.info.eu File 0 B 0644
module.info.eu.auto File 105 B 0644
module.info.fa File 0 B 0644
module.info.fa.auto File 171 B 0644
module.info.fi File 0 B 0644
module.info.fi.auto File 113 B 0644
module.info.fr File 0 B 0644
module.info.fr.auto File 117 B 0644
module.info.he File 0 B 0644
module.info.he.auto File 157 B 0644
module.info.hr File 0 B 0644
module.info.hr.auto File 112 B 0644
module.info.hu File 0 B 0644
module.info.hu.auto File 139 B 0644
module.info.it File 0 B 0644
module.info.it.auto File 112 B 0644
module.info.ja File 0 B 0644
module.info.ja.auto File 158 B 0644
module.info.ko File 0 B 0644
module.info.ko.auto File 125 B 0644
module.info.lt File 0 B 0644
module.info.lt.auto File 120 B 0644
module.info.lv File 0 B 0644
module.info.lv.auto File 121 B 0644
module.info.ms File 0 B 0644
module.info.ms.auto File 114 B 0644
module.info.mt File 0 B 0644
module.info.mt.auto File 110 B 0644
module.info.nl File 21 B 0644
module.info.nl.auto File 98 B 0644
module.info.no File 0 B 0644
module.info.no.auto File 115 B 0644
module.info.pl File 0 B 0644
module.info.pl.auto File 102 B 0644
module.info.pt File 0 B 0644
module.info.pt.auto File 99 B 0644
module.info.pt_BR File 0 B 0644
module.info.pt_BR.auto File 105 B 0644
module.info.ro File 0 B 0644
module.info.ro.auto File 114 B 0644
module.info.ru File 0 B 0644
module.info.ru.auto File 171 B 0644
module.info.sk File 0 B 0644
module.info.sk.auto File 106 B 0644
module.info.sl File 0 B 0644
module.info.sl.auto File 120 B 0644
module.info.sv File 0 B 0644
module.info.sv.auto File 111 B 0644
module.info.th File 0 B 0644
module.info.th.auto File 177 B 0644
module.info.tr File 0 B 0644
module.info.tr.auto File 140 B 0644
module.info.uk File 0 B 0644
module.info.uk.auto File 194 B 0644
module.info.ur File 0 B 0644
module.info.ur.auto File 235 B 0644
module.info.vi File 0 B 0644
module.info.vi.auto File 139 B 0644
module.info.zh File 0 B 0644
module.info.zh.auto File 95 B 0644
module.info.zh_TW File 0 B 0644
module.info.zh_TW.auto File 101 B 0644
move.cgi File 561 B 0755
save_rule.cgi File 8.19 KB 0755
setup.cgi File 4.14 KB 0755
start.pl File 271 B 0755
stop.pl File 254 B 0755
unapply.cgi File 257 B 0755

© 2025 Coded By Avaa Code.