#!/bin/sh
export DATE="8.10.2008";SCRIPT=${0#/rom}
export TITLE="Verwaltung: Port-Forwarding"
. ${SCRIPT%/*}/cgi-bin-pre.sh
cat<<EOF
<H1>Verwaltung: Port-Forwarding</H1>
EOF
if [ "$REQUEST_METHOD" = "POST" ]; then
read QUERY_STRING
fi
if [ -z "$QUERY_STRING" ]; then
ff_portfw="$(nvram get ff_portfw)"
else
while [ "${#QUERY_STRING}" != "0" ]; do
name="${QUERY_STRING%%=*}"
QUERY_STRING="${QUERY_STRING#*=}"
value="${QUERY_STRING%%&*}"
if echo "$QUERY_STRING" | grep -q "&" -; then
QUERY_STRING="${QUERY_STRING#*&}"
else
QUERY_STRING=""
fi
case $name in
ff_portfw_wan)
ff_portfw_wan="$value"
;;
delIP)
if echo "${QUERY_STRING#*=}" | grep -q IP -; then
while true ; do
QUERY_STRING="${QUERY_STRING#*&}"
if [ "${QUERY_STRING%%=*}" = "IP" ]; then break; fi
done
else
QUERY_STRING=""
fi
;;
delPort)
if echo "${QUERY_STRING#*&}" | grep -q Port -; then
while true ; do
QUERY_STRING="${QUERY_STRING#*&}"
if [ "${QUERY_STRING%%=*}" = "Port" ]; then break; fi
if [ "${QUERY_STRING%%=*}" = "IP" ]; then break; fi
done
else
QUERY_STRING=""
fi
;;
IP)
if [ "${#value}" != "0" ] ; then ff_portfw=$ff_portfw" $value:" ; fi
;;
Port)
QUERY_STRING="${QUERY_STRING#*=}"
Range="${QUERY_STRING%%&*}"
QUERY_STRING="${QUERY_STRING#*&}"
name3="${QUERY_STRING%%=*}"
if [ "$name3" = "tcp" ] || [ "$name3" = "udp" ]; then
if [ "${#value}" = "0" ] && [ "${#Range}" = "0" ]; then
QUERY_STRING="delPort=Entferne&Port=&Range=&$QUERY_STRING"
elif [ "${#value}" != "0" ] && [ "${#Range}" != "0" ] ; then
ff_portfw=$ff_portfw"$value-$Range/"
elif [ "${#value}" != "0" ] && [ "${#Range}" = "0" ] ; then
ff_portfw=$ff_portfw"${value}/"
elif [ "${#value}" = "0" ] && [ "${#Range}" != "0" ] ; then
ff_portfw=$ff_portfw"${Range}/"
fi
fi
;;
tcp)
if [ "${QUERY_STRING%%=*}" = "udp" ] ; then
ff_portfw="$ff_portfw""tu,"
if echo "$QUERY_STRING" | grep -q "&" -; then
QUERY_STRING="${QUERY_STRING#*&}"
else
QUERY_STRING=""
fi
else
ff_portfw="$ff_portfw""t,"
fi
;;
udp)
ff_portfw="$ff_portfw""u,"
;;
post_portfw)
post_portfw="1"
;;
post_abort)
post_abort="1"
;;
esac
done
fi
if [ -z "$post_abort" ] && [ -z "$post_portfw" ]; then
cat<<EOF
<FORM ACTION="portfw.html" METHOD="POST">
<TABLE CLASS="shadow0" CELLPADDING="0" CELLSPACING="0"><TR><TD><TABLE CLASS="shadow1" CELLPADDING="0" CELLSPACING="0"><TR><TD><TABLE CLASS="shadow2" CELLPADDING="0" CELLSPACING="0"><TR><TD><TABLE BORDER="0" CLASS="form">
<TR><TD>
Verwendete IP - Adresse:
</TD>
<TD>
<INPUT CLASS="radio" NAME="ff_portfw_wan" TYPE="RADIO" VALUE="0"$(if [ "$(nvram get ff_portfw_wan)" != "1" ];then echo ' checked="checked"';fi)>Drahtlos
</TD>
<TD>
<INPUT CLASS="radio" NAME="ff_portfw_wan" TYPE="RADIO" VALUE="1"$(if [ "$(nvram get ff_portfw_wan)" = "1" ];then echo ' checked="checked"';fi)>WAN
</TD>
</TR>
<TR>
<TD COLSPAN="5">
EOF
for FWTARGET in $ff_portfw; do
DESTIP=${FWTARGET%%:*}
DPORTS=${FWTARGET#*:}
cat<<EOF
</TD>
</TR>
<TR
TITLE="IP-Adresse, an die Anfragen an die folgenden Ports weitergeleitet werden sollen.">
<TD><INPUT NAME="delIP" TITLE="Zieladresse löschen" TYPE="submit" VALUE="Entferne"></TD>
<TD>Ziel-IP-Adresse:</TD>
<TD COLSPAN="3"><INPUT TYPE="text" NAME="IP" SIZE="15" MAXLENGTH="15" VALUE="$DESTIP">
EOF
while [ ${#DPORTS} != "0" ]; do
PORTPROTO=${DPORTS%%,*}
DPORT=${PORTPROTO%/*}
if echo $DPORT | grep -q - -; then
PORTRANGE=${DPORT#*-}
DPORT=${DPORT%-*}
else
PORTRANGE=""
fi
PROTO=${PORTPROTO#*/}
tcp="" udp=""
case $PROTO in
t)
tcp=' CHECKED="CHECKED"'
;;
u)
udp=' CHECKED="CHECKED"'
;;
tu)
tcp=' CHECKED="CHECKED"'
udp=' CHECKED="CHECKED"'
;;
esac
DPORTS=${DPORTS#*,}
cat<<EOF
</TD>
</TR>
<TR
TITLE="Weiterzuleitende Ports einstellen.">
<TD><INPUT NAME="delPort" TITLE="Port(bereich) löschen" TYPE="submit" VALUE="Entferne"></TD>
<TD>Port:</TD>
<TD><INPUT TYPE="text" NAME="Port" SIZE="5" MAXLENGTH="5" VALUE="$DPORT"></TD>
<TD>- <INPUT TYPE="text" NAME="Range" SIZE="5" MAXLENGTH="5" VALUE="$PORTRANGE"></TD>
<TD><INPUT TYPE="checkbox" NAME="tcp" $tcp> tcp
<INPUT TYPE="checkbox" NAME="udp" $udp> udp
EOF
done
cat<<EOF
</TD>
</TR>
<TR>
<TD COLSPAN="2"><INPUT NAME="new" TITLE="Zusätzlichen Port(bereich) anlegen" TYPE="submit" VALUE="Neue Ports anlegen"></TD>
<TD><INPUT TYPE="text" NAME="Port" SIZE="5" MAXLENGTH="5" VALUE=""></TD>
<TD>- <INPUT TYPE="text" NAME="Range" SIZE="5" MAXLENGTH="5" VALUE=""></TD>
<TD><INPUT TYPE="checkbox" NAME="tcp"> tcp
<INPUT TYPE="checkbox" NAME="udp"> udp
EOF
done
cat<<EOF
</TD>
</TR>
<TR>
<TD>Ziel-IP-Adresse:</TD>
<TD><INPUT TYPE="text" NAME="IP" SIZE="15" MAXLENGTH="15" VALUE=""></TD>
<TD COLSPAN="3"><INPUT NAME="new" TITLE="Zusätzliche Ziel-IP-Adresse anlegen" TYPE="submit" VALUE="Anlegen"></TD>
</TR>
<TR>
<TD> </TD>
<TD COLSPAN="4"></TD>
</TR>
<TR>
<TD COLSPAN="5"><INPUT NAME="post_portfw" TITLE="Die Einstellungen übernehmen. Diese werden erst nach einem Neustart wirksam." TYPE="SUBMIT" VALUE="Übernehmen"> <INPUT NAME="post_abort" TITLE="Abbruch dieser Dialogseite" TYPE="SUBMIT" VALUE="Abbruch"></TD>
</TR>
</TABLE></TD></TR></TABLE></TD></TR></TABLE></TD></TR></TABLE></FORM>
EOF
else
DIRTY=
if [ -n "$post_portfw" ]; then
ff_portfw="$(echo $ff_portfw|sed -e 's/^ //;s/ /+/g')"
for V in ff_portfw; do
eval "C=\$$V"
C=$(unescape $C)
if [ "$C" != "$(nvram get $V)" ]; then
DIRTY=1
nvram set $V="$C"
fi
done
if [ $ff_portfw_wan != "$(nvram get ff_portfw_wan)" ]; then
DIRTY=1
nvram set ff_portfw_wan="$ff_portfw_wan"
fi
fi
if [ -n "$DIRTY" ]; then
nvram commit>/dev/null 2>&1
# import netparam
. /etc/functions.sh
export NVRAM_wan_ifname
export NVRAM_lan_ifname
export NVRAM_lan_ifnames
eval $(/usr/bin/netparam)
if iptables -t nat -nL portfw >/dev/null 2>&1; then
# kill old rules
trap - INT QUIT TSTP
set stop
. /etc/local.fw-portfw
fi
# create new rules
trap - INT QUIT TSTP
set start
. /etc/local.fw-portfw
cat<<EOF
<TABLE BORDER="0" CLASS="note">
<TR>
<TD>Die geänderten Einstellungen wurden
übernommen. Die Einstellungen sind sofort aktiv.</TD>
</TR>
</TABLE>
EOF
else
cat<<EOF
<TABLE BORDER="0" CLASS="note">
<TR>
<TD>Es wurden keine Einstellungen geändert.</TD>
</TR>
</TABLE>
EOF
fi
fi
. ${SCRIPT%/*}/cgi-bin-post.sh