Merge pull request #1897 from webmin/dev/firewalld-edit-configs-manually

Add support to edit FirewallD config files manually

firewalld/config

@@ -1,2 +1,3 @@
 firewall_cmd=firewall-cmd
 init_name=firewalld
+config_dir=/etc/firewalld

firewalld/config.info

@@ -1,2 +1,3 @@
 firewall_cmd=Full path to firewall-cmd program,0
 init_name=FirewallD init script name,0
+config_dir=FirewallD configuration directory,0

firewalld/edit_manual.cgi

@@ -0,0 +1,28 @@
+#!/usr/local/bin/perl
+# Show a page for manually editing FirewallD config files
+
+require './firewalld-lib.pl';
+&ui_print_header(undef, $text{'manual_title'}, "");
+&ReadParse();
+my @files = &unique(&get_config_files());
+my $file = $in{'file'} || $files[0];
+&indexof($file, @files) >= 0 || &error($text{'manual_efile'});
+
+# Show the file selector
+print &ui_form_start("edit_manual.cgi");
+print "<b>$text{'manual_editsel'}</b>\n";
+print &ui_select("file", $file, \@files),"\n";
+print &ui_submit($text{'manual_ok'});
+print &ui_form_end();
+
+# Show the file contents
+print &ui_form_start("save_manual.cgi", "form-data");
+print &ui_hidden("file", $file);
+print &ui_table_start(undef, undef, 2);
+$data = &read_file_contents($file);
+print &ui_table_row(undef, ui_textarea("data", $data, 20, 80), 2);
+print &ui_table_end();
+print &ui_form_end([ [ "save", $text{'save'} ] ]);
+
+&ui_print_footer("", $text{'index_return'});
+

firewalld/firewalld-lib.pl

@@ -495,4 +495,21 @@ $out = &backquote_logged(&$get_cmd('permanent')." 2>&1 </dev/null");
 return $? ? $out : undef;
 }
 
+sub get_config_files
+{
+my $conf_dir = $config{'config_dir'} || '/etc/firewalld';
+my @conf_files;
+my @dirpath = ($conf_dir);
+eval "use File::Find;";
+if (!$@) {
+	find(sub {
+		my $file = $File::Find::name;
+		push(@conf_files, $file)
+			if (-f $file && $file =~ /\.(conf|xml)$/);
+		}, @dirpath);
+	}
+push(@conf_files, "$conf_dir/direct.xml");
+return @conf_files;
+}
+
 1;

firewalld/index.cgi

@@ -76,6 +76,7 @@ if ($ok) {
 	                       $text{'index_sadd'}),
 		      &ui_link("edit_forward.cgi?new=1&zone=".&urlize($zone->{'name'}),
 	                       $text{'index_fadd'}),
+		      &ui_link("edit_manual.cgi", $text{'index_manual'}),
 		    );
 	if (@{$zone->{'services'}} || @{$zone->{'ports'}}) {
 		my @tds = ( "width=5" );

firewalld/lang/en

@@ -38,6 +38,14 @@ index_restart_firewalld=Reload FirewallD
 index_restart_firewallddesc=Reload the FirewallD server and apply the rules that were permanently created.
 index_listrules_restartdesc=List details about existing rich and direct FirewallD rules in $1 zone.
 index_dependent=Failed to restart $1 dependent service
+index_manual=Edit Config Files.
+
+manual_title=Edit Config Files
+manual_editsel=Edit FirewallD configuration file
+manual_err=Failed to save config file
+manual_efile=Selected configuration file is not valid
+manual_ok=Edit
+
 
 port_edit=Edit Port
 port_create=Add Port

firewalld/save_manual.cgi

@@ -0,0 +1,19 @@
+#!/usr/local/bin/perl
+# Update the manually edited FirewallD config file
+
+require './firewalld-lib.pl';
+&ReadParseMime();
+&error_setup($text{'manual_err'});
+my @files = &unique(&get_config_files());
+my $file = $in{'file'};
+&indexof($file, @files) >= 0 || &error($text{'manual_efile'});
+
+$in{'data'} =~ s/\r//g;
+
+&open_lock_tempfile(my $data, ">$file");
+&print_tempfile($data, $in{'data'});
+&close_tempfile($data);
+
+&webmin_log("manual", undef, $file);
+&redirect("");
+