error_log("CBFWRD starting");
+
$config = new Config();
+if(isset($argv[1])) {
+ if($argv[1] == "boot") {
+ // we get called here on boot.
+ $config->bootHardware();
+ exit(0);
+ }
+}
+
// now we got into daemon modes
$cont = true;
while($cont) {
$comms = new Comms;
+ $config->loadConfig();
$comms->putConfig($config->getConfig());
$msg = $comms->waitForMessage();
//echo "Got message: $msg\n";
-
- $cont = false;
+ if($msg == "quit") $cont = false;
}
?>
\ No newline at end of file
--- /dev/null
+hostname <hostname>
+domainname <domainname>
+
+dns server <server addr>
+
+ntp server <ntp addr>
+
+login <username> auth <sha1password>
+
+admin via http on dev <device> from <context>
+admin via https on dev <device> from <context>
+
+interace dev devname address4 addr/mask
+interace dev devname address6 addr/mask
+interace dev devname zone zonename
+interace dev devname mtu|speed|duplex ...
+
+interface lag name <name> with <dev1> <dev2>....
+
+interface vlan <vlanid> name <name> from <dev>
+
+interface bridge name <name> with <dev1> <dev2> <dev3>...
+
+
+route4|6 default|addr to <address> dev <device>
+route4|6 default|addr to <address>
+route4|6 default|addr dev <device>
+
+rule add <ruletype> and log from <context> to <context> in zones <zonecontext>
+rule move <zonecontext> to <zonecontext>
+
+<ruletype> is reject, drop, accept
+
+nat add... need to figure this one out
+
+<context> is:
+object/type/name
+
+where type is, host, network... thats it for now
+
+zonecontext is:
+Zone/zonename/rulenumber
\ No newline at end of file
$this->msgres = msg_get_queue($MESSAGE_KEY, 0666);
}
- function getConfig()
+ function getConfig($type=0)
{
global $MESSAGE_KEY, $LOCKING_KEY, $STORE_KEY;
sem_acquire($this->semres);
$shm_space = shm_attach($STORE_KEY, 16*1024*1024);
- $config = shm_get_var($shm_space, 0);
+ $config = shm_get_var($shm_space, $type);
sem_release($this->semres);
return $config;
}
- function putConfig($config)
+
+ // type = 0 for the main config
+ // type = 1 for the boot hardware config
+ function putConfig($config, $type=0)
{
global $MESSAGE_KEY, $LOCKING_KEY, $STORE_KEY;
sem_acquire($this->semres);
$shm_space = shm_attach($STORE_KEY, 16*1024*1024);
- shm_put_var($shm_space, 0, $config);
+ shm_put_var($shm_space, $type, $config);
sem_release($this->semres);
}
$this->config_file = "../var/";
} else {
echo "No directory where i can create a config, bailing\n";
- exit(0);
+ $this->config["status"] = "unconf";
}
}
- if($this->config["status"] == "conf") {
-
- $this->loadConfig($this->config_file);
+
+
+ }
+ }
+
+ function bootHardware()
+ {
+ $this->findHardware();
+
+ $mycomm = new Comms();
+ $mycomm->putConfig($this->config, 1);
+
+ }
+
+ function loadConfig()
+ {
+ global $AM_DAEMON;
+
+ if($AM_DAEMON) {
+ if($this->config["status"] == "conf") {
+ $this->loadConfigFile($this->config_file);
+ $this->applyConfig();
$this->findHardware();
- print_r($this->config);
- $this->applyConfig();
- } else {
- // we go into firstrun mode
+ $mycomm = new Comms();
+ $mycomm->putConfig($this->config);
+ $this->boot_config = $mycomm->getConfig(1);
}
-
-
} else {
- // config comes from shm... we'll get there
- }
+ $mycomm = new Comms();
+ $this->config = $mycomm->getConfig(0);
+ $this->boot_config = $mycomm->getConfig(1);
+
+ }
}
function findHardware()
{
+
+
// first, network interfaces
$dh = opendir("/sys/class/net/");
while(($fname = readdir($dh)) !== false) {
return $this->config;
}
+ function getBootConfig()
+ {
+ return $this->boot_config;
+ }
+
function applyConfig()
{
global $AM_DAEMON;
return true;
}
- function loadConfig($file)
+ function loadConfigFile($file)
{
global $AM_DAEMON;
if(!$AM_DAEMON) return true;
}
- function saveConfig()
+ function saveConfigFile($file)
{
global $AM_DAEMON;
if(!$AM_DAEMON) return true;
private $config_file;
private $config;
+ private $boot_config;
};
?>
\ No newline at end of file
function CBFWZonesPage()
{
- return "hi";
+ $comms = new Comms();
+
+ $config = $comms->getConfig();
}
function CBFWInterfacesPage()
<?php
-$MENU_ITEMS["Zones"]["link"] = "$BASE_URL/zones";
-$MENU_ITEMS["Zones"]["name"] = "Zones";
-$MENU_ITEMS["Interfaces"]["link"] = "$BASE_URL/interfaces";
-$MENU_ITEMS["Interfaces"]["name"] = "Interfaces";
-$MENU_ITEMS["Objects"]["link"] = "$BASE_URL/objects";
-$MENU_ITEMS["Objects"]["name"] = "Objects";
-$MENU_ITEMS["Rules"]["link"] = "$BASE_URL/rules";
-$MENU_ITEMS["Rules"]["name"] = "Rules";
+$MENU_ITEMS["15_Zones"]["link"] = "$BASE_URL/zones";
+$MENU_ITEMS["15_Zones"]["name"] = "Zones";
+$MENU_ITEMS["20_Objects"]["link"] = "$BASE_URL/objects";
+$MENU_ITEMS["20_Objects"]["name"] = "Objects";
+$MENU_ITEMS["30_Rules"]["link"] = "$BASE_URL/rules";
+$MENU_ITEMS["30_Rules"]["name"] = "Rules";
+$MENU_ITEMS["10_Interfaces"]["link"] = "$BASE_URL/interfaces";
+$MENU_ITEMS["10_Interfaces"]["name"] = "Interfaces";
// if i believed in name spacing in php, i'd use it.
error_log("cbfwweb loaded");
switch($url_s[0]) {
case "zones":
- $bodycontent = CBFWZonesPage($url_s);
+ $bodyFunction = "CBFWZonesPage";
break;
case "interfaces":
- $bodycontent = CBFWInterfacesPage($url_s);
+ $bodyFunction = "CBFWInterfacesPage";
break;
case "objects":
- $bodycontent = CBFWObjectsPage($url_s);
+ $bodyFunction = "CBFWObjectsPage";
break;
case "rules":
- $bodycontent = CBFWRulesPage($url_s);
+ $bodyFunction = "CBFWRulesPage";
break;
default:
- $bodycontent = findUrl($url_s);
+ $bodyFunction = findUrl($url_s);
}
+ } else {
+ $bodyFunction = "CBFBuildHomePage";
}
- CBFWpageBuilder(null, null, $bodycontent);
+ CBFWpageBuilder(null, $bodyFunction);
}
}
+function CBFBuildHomePage($urls)
+{
+ echo "Must remember this, gotta rules could apply to multiple zones not just one<br>";
+ echo "i.e.: add rule reject from object/host/hostname to address6/2003::123 in zones Zone/zonename/rulenum Zone/zonename/rulenum";
+ $conf = new Config();
+ $conf->loadConfig();
+
+ echo "<pre>";
+ print_r($conf->getConfig());
+ echo "\n\n\n";
+ print_r($conf->getBootConfig());
+ echo "</pre>";
+
+}
+
function CBFWMenuBuilder()
{
global $BASE_URL, $MENU_ITEMS;
projects / CBFWR.git / commitdiff