Firewall service creation

2026-03-20 16:50:24 +00:00 · 2015-06-07 22:57:40 -07:00
parent 95a4c2c956
commit 4c537d0fd8
6 changed files with 48 additions and 3 deletions
--- a/firewalld/edit_port.cgi
+++ b/firewalld/edit_port.cgi
@@ -64,5 +64,5 @@ else {
 			     [ 'delete', $text{'delete'} ] ]);
 	}

-&ui_print_footer("index.cgi?zone=".&urlize($in{'zone'}),
+&ui_print_footer("index.cgi?zone=".&urlize($zone->{'name'}),
 	         $text{'index_return'});
--- a/firewalld/edit_serv.cgi
+++ b/firewalld/edit_serv.cgi
@@ -23,6 +23,7 @@ else {
 print &ui_form_start("save_serv.cgi", "post");
 print &ui_hidden("zone", $in{'zone'});
 print &ui_hidden("id", $in{'id'});
+print &ui_hidden("new", $in{'new'});
 print &ui_table_start($text{'serv_header'}, undef, 2);

 # Zone name
@@ -42,5 +43,5 @@ else {
 			     [ 'delete', $text{'delete'} ] ]);
 	}

-&ui_print_footer("index.cgi?zone=".&urlize($in{'zone'}),
+&ui_print_footer("index.cgi?zone=".&urlize($zone->{'name'}),
 	         $text{'index_return'});
--- a/firewalld/firewalld-lib.pl
+++ b/firewalld/firewalld-lib.pl
@@ -6,6 +6,7 @@
 # XXX install_check
 # XXX set zones for interfaces
 # XXX detect use of firewalld in iptables modules
+# XXX locking and logging

 BEGIN { push(@INC, ".."); };
 use strict;
--- a/firewalld/lang/en
+++ b/firewalld/lang/en
@@ -44,5 +44,6 @@ serv_edit=Edit Service
 serv_create=Add Service
 serv_header=Allowed service options
 serv_name=Service to allow
+serv_err=Failed to save service

 check_ecmd=The FirewallD control command $1 was not found on your system
--- a/firewalld/save_port.cgi
+++ b/firewalld/save_port.cgi
@@ -58,4 +58,4 @@ else {
 	}
 &webmin_log($in{'delete'} ? 'delete' : $in{'new'} ? 'create' : 'update',
 	    'port', $logport);
-&redirect("");
+&redirect("index.cgi?zone=".&urlize($zone->{'name'}));
--- a/firewalld/save_serv.cgi
+++ b/firewalld/save_serv.cgi
@@ -0,0 +1,42 @@
+#!/usr/local/bin/perl
+# Create, update or delete a service
+
+use strict;
+use warnings;
+require 'firewalld-lib.pl';
+our (%in, %text);
+&error_setup($text{'serv_err'});
+&ReadParse();
+
+# Get the zone and rule
+my @zones = &list_firewalld_zones();
+my ($zone) = grep { $_->{'name'} eq $in{'zone'} } @zones;
+$zone || &error($text{'port_ezone'});
+my $oldserv;
+if ($in{'id'}) {
+	$oldserv = $in{'id'};
+	}
+
+my $logserv;
+if ($in{'delete'}) {
+	# Just remove the existing rule
+	my $err = &delete_firewalld_service($zone, $oldserv);
+	&error($err) if ($err);
+	$logserv = $oldserv;
+	}
+else {
+	# Validate inputs
+	my $serv = $in{'serv'};
+
+	# Create or update allowed port
+	if (!$in{'new'}) {
+		my $err = &delete_firewalld_service($zone, $oldserv);
+		&error($err) if ($err);
+		}
+	my $err = &create_firewalld_service($zone, $serv);
+	&error($err) if ($err);
+	$logserv = $serv;
+	}
+&webmin_log($in{'delete'} ? 'delete' : $in{'new'} ? 'create' : 'update',
+	    'serv', $logserv);
+&redirect("index.cgi?zone=".&urlize($zone->{'name'}));