michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-02-03 06:03:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add ability to configure allowed IP/CIDR

Browse Source 
https://forum.virtualmin.com/t/ip-white-listing/131804/6?u=ilia
This commit is contained in:
Ilia Ross
2025-02-02 19:41:56 +02:00
parent f08df0a858
commit db213c812a
3 changed files with 29 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
firewalld/index.cgi
View File

@@ -148,16 +148,21 @@ if ($ok) {
print &ui_form_end();
}
# Block given IP
# Allow/block given IP
my $blockip_placeholder =
&text('index_blockip_placeholder', '1.2.3.4', '2001:db8::1/64');
print "<br>".&ui_form_start("block_ip.cgi");
print &ui_hidden("zone", $zone->{'name'});
print &ui_submit($text{'index_blockip_go'}, "block"),
&ui_textbox("ip", undef, 21, undef, undef,
"placeholder='$blockip_placeholder'")."&nbsp;".
&ui_checkbox("permanent", 1,
$text{'index_blockip_permanent'}, 1);
foreach my $action (['allow', $text{'index_allowip_go'},
$text{'index_allowip_permanent'}],
['block', $text{'index_blockip_go'},
$text{'index_blockip_permanent'}]) {
print "<br>".&ui_form_start("manage_ip.cgi");
print &ui_hidden("zone", $zone->{'name'});
print &ui_submit($action->[1], $action->[0]),
&ui_textbox("ip", undef, 21, undef, undef,
"placeholder='$blockip_placeholder'")."&nbsp;".
&ui_checkbox("permanent", 1, $action->[2], 1);
print &ui_form_end();
}
print &ui_form_end();
print &ui_hr();

3
firewalld/lang/en
View File

@@ -38,6 +38,9 @@ index_blockip_go=Block IP/CIDR
index_blockip_placeholder=$1 or $2
index_blockip_permanent=Permanent block
block_err=Failed to block IP
index_allowip_go=Allow IP/CIDR
index_allowip_permanent=Permanent allow
allow_err=Failed to allow IP
block_eip=Invalid IP address or CIDR range
index_listrules=List FirewallD Rules
index_restart_firewalld=Reload FirewallD

16
firewalld/block_ip.cgi → firewalld/manage_ip.cgi
View File

@@ -7,9 +7,14 @@ no warnings 'redefine';
no warnings 'uninitialized';
require './firewalld-lib.pl';
our (%in, %text);
&error_setup($text{'block_err'});
&ReadParse();
# Setup error messages
my $allow = $in{'allow'} ? 1 : 0;
# Get the type
&error_setup($allow ? $text{'allow_err'} : $text{'block_err'});
# Get the zone
my @zones = &list_firewalld_zones();
my ($zone) = grep { $_->{'name'} eq $in{'zone'} } @zones;
@@ -27,8 +32,13 @@ $ip =~ s/\Q$mask\E// if ($mask);
# Block the IP
my $perm = $in{'permanent'} ? 'perm' : '';
my ($out, $rs) = &rich_rule('add',
{ 'rule' => &construct_rich_rule('source address' => "$ip$mask"),
'zone' => $zone->{'name'}, 'permanent' => $perm });
{ 'rule' =>
&construct_rich_rule(
'source address' => "$ip$mask",
'action' => $allow ? 'accept' : undef,
'priority' => $allow ? -32767 : -32766,
),
'zone' => $zone->{'name'}, 'permanent' => $perm });
&error($out) if ($rs);
&apply_firewalld() if ($perm);