From 4c537d0fd837c5f00993e010dc5369a30ebd7362 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Sun, 7 Jun 2015 22:57:40 -0700
Subject: [PATCH] Firewall service creation

---
 firewalld/edit_port.cgi    |  2 +-
 firewalld/edit_serv.cgi    |  3 ++-
 firewalld/firewalld-lib.pl |  1 +
 firewalld/lang/en          |  1 +
 firewalld/save_port.cgi    |  2 +-
 firewalld/save_serv.cgi    | 42 ++++++++++++++++++++++++++++++++++++++
 6 files changed, 48 insertions(+), 3 deletions(-)
 create mode 100644 firewalld/save_serv.cgi

diff --git a/firewalld/edit_port.cgi b/firewalld/edit_port.cgi
index 40cd44a12..dfec0833d 100644
--- a/firewalld/edit_port.cgi
+++ b/firewalld/edit_port.cgi
@@ -64,5 +64,5 @@ else {
 			     [ 'delete', $text{'delete'} ] ]);
 	}
 
-&ui_print_footer("index.cgi?zone=".&urlize($in{'zone'}),
+&ui_print_footer("index.cgi?zone=".&urlize($zone->{'name'}),
 	         $text{'index_return'});
diff --git a/firewalld/edit_serv.cgi b/firewalld/edit_serv.cgi
index e7d0bbdce..cbb7cdff8 100644
--- a/firewalld/edit_serv.cgi
+++ b/firewalld/edit_serv.cgi
@@ -23,6 +23,7 @@ else {
 print &ui_form_start("save_serv.cgi", "post");
 print &ui_hidden("zone", $in{'zone'});
 print &ui_hidden("id", $in{'id'});
+print &ui_hidden("new", $in{'new'});
 print &ui_table_start($text{'serv_header'}, undef, 2);
 
 # Zone name
@@ -42,5 +43,5 @@ else {
 			     [ 'delete', $text{'delete'} ] ]);
 	}
 
-&ui_print_footer("index.cgi?zone=".&urlize($in{'zone'}),
+&ui_print_footer("index.cgi?zone=".&urlize($zone->{'name'}),
 	         $text{'index_return'});
diff --git a/firewalld/firewalld-lib.pl b/firewalld/firewalld-lib.pl
index 3b57c6b88..a93ffda8f 100644
--- a/firewalld/firewalld-lib.pl
+++ b/firewalld/firewalld-lib.pl
@@ -6,6 +6,7 @@
 # XXX install_check
 # XXX set zones for interfaces
 # XXX detect use of firewalld in iptables modules
+# XXX locking and logging
 
 BEGIN { push(@INC, ".."); };
 use strict;
diff --git a/firewalld/lang/en b/firewalld/lang/en
index 33365b5ae..18ea65c02 100644
--- a/firewalld/lang/en
+++ b/firewalld/lang/en
@@ -44,5 +44,6 @@ serv_edit=Edit Service
 serv_create=Add Service
 serv_header=Allowed service options
 serv_name=Service to allow
+serv_err=Failed to save service
 
 check_ecmd=The FirewallD control command $1 was not found on your system
diff --git a/firewalld/save_port.cgi b/firewalld/save_port.cgi
index c87cfd703..e2b062af8 100644
--- a/firewalld/save_port.cgi
+++ b/firewalld/save_port.cgi
@@ -58,4 +58,4 @@ else {
 	}
 &webmin_log($in{'delete'} ? 'delete' : $in{'new'} ? 'create' : 'update',
 	    'port', $logport);
-&redirect("");
+&redirect("index.cgi?zone=".&urlize($zone->{'name'}));
diff --git a/firewalld/save_serv.cgi b/firewalld/save_serv.cgi
new file mode 100644
index 000000000..2b1d452e5
--- /dev/null
+++ b/firewalld/save_serv.cgi
@@ -0,0 +1,42 @@
+#!/usr/local/bin/perl
+# Create, update or delete a service
+
+use strict;
+use warnings;
+require 'firewalld-lib.pl';
+our (%in, %text);
+&error_setup($text{'serv_err'});
+&ReadParse();
+
+# Get the zone and rule
+my @zones = &list_firewalld_zones();
+my ($zone) = grep { $_->{'name'} eq $in{'zone'} } @zones;
+$zone || &error($text{'port_ezone'});
+my $oldserv;
+if ($in{'id'}) {
+	$oldserv = $in{'id'};
+	}
+
+my $logserv;
+if ($in{'delete'}) {
+	# Just remove the existing rule
+	my $err = &delete_firewalld_service($zone, $oldserv);
+	&error($err) if ($err);
+	$logserv = $oldserv;
+	}
+else {
+	# Validate inputs
+	my $serv = $in{'serv'};
+
+	# Create or update allowed port
+	if (!$in{'new'}) {
+		my $err = &delete_firewalld_service($zone, $oldserv);
+		&error($err) if ($err);
+		}
+	my $err = &create_firewalld_service($zone, $serv);
+	&error($err) if ($err);
+	$logserv = $serv;
+	}
+&webmin_log($in{'delete'} ? 'delete' : $in{'new'} ? 'create' : 'update',
+	    'serv', $logserv);
+&redirect("index.cgi?zone=".&urlize($zone->{'name'}));