#!/bin/sh PATH=/bin:/usr/bin:/sbin:/usr/sbin:/var/mod/sbin . /usr/lib/libmodcgi.sh VERSION="1.0.5" # HTML QUERY STRING for remove option IPTABLES_DELETE_CHAIN="$(echo "$QUERY_STRING" | sed -e 's/^.*iptables//g' | sed -e 's/^.*chain=//g' | sed -e 's/&.*//g')" IPTABLES_DELETE_RULE="$(echo "$QUERY_STRING" | sed -e 's/^.*iptables//g' | sed -e 's/^.*remove=//g')" # Deleting Rule if [ $IPTABLES_DELETE_CHAIN ] && [ $IPTABLES_DELETE_RULE ]; then if [ $IPTABLES_DELETE_CHAIN = "PREROUTING" ] || [ $IPTABLES_DELETE_CHAIN = "POSTROUTING" ]; then SPECIAL='-t nat ' fi iptables $SPECIAL-D $IPTABLES_DELETE_CHAIN $IPTABLES_DELETE_RULE /var/mod/etc/init.d/rc.iptables save fi auto_chk=''; man_chk=''; if [ "$IPTABLES_ENABLED" = "yes" ]; then auto_chk=' checked'; else man_chk=' checked'; fi sec_begin 'Activation' cat << EOF
Version: $VERSION

EOF sec_end sec_begin 'iptables add/remove rule' cat << EOF

Add Insert
Chain
Position (ID) (only for Insert!)
Source AddressPort
Destination Address Port
Protocol
Input-Interface
Output-Interface
NAT


Action

EOF sec_end sec_begin 'iptables rules' iptables -vL --line-numbers >/var/tmp/test iptables -t nat -vL --line-numbers >>/var/tmp/test # Check if table can be listed lsmod | grep "iptable_filter" > /dev/null if [ $? -eq 1 ]; then echo "
NOTE: iptables is not running!" else sed -e "s/\*/x/g" /var/tmp/test > /var/tmp/iptables_tmp rm /var/tmp/test i=0 while read IPTABLES_LINE do if [[ $(echo ${IPTABLES_LINE} |grep -c "Chain") = 1 ]]; then # not first dataset, so close table CHAIN="$(echo ${IPTABLES_LINE}|grep "Chain"|sed -e "s/Chain //g"|sed -e "s/ .*//g")" if (( i > 0 )); then echo "" fi echo "
" echo "" echo "" echo "" echo "" echo "" echo "" echo "" echo "" echo "" echo "" echo "" echo "" echo "" echo "" i=i+1 else echo ${IPTABLES_LINE} | grep "^[1-9]" > /dev/null if [ $? = 0 ]; then echo "" echo "" echo "" echo "" echo "" if [ ! $(echo ${IPTABLES_LINE} | awk '{print $12}') ]; then echo "" else PORT="$(echo ${IPTABLES_LINE} | awk '{print $12}' | sed -e "s/.*://g")" SERVICE="$(cat /tmp/flash/iptables_services | grep :$PORT$ | sed -e "s/:.*//g")" echo "" fi if [ ! $(echo ${IPTABLES_LINE} | awk '{print $13}') ]; then echo "" else echo ${IPTABLES_LINE} | awk '{print $13}'|grep '^to:' > /dev/null if [ $? -eq 1 ]; then PORT="$(echo ${IPTABLES_LINE} | awk '{print $13}' | sed -e "s/.*://g")" SERVICE="$(cat /tmp/flash/iptables_services | grep :$PORT$ | sed -e "s/:.*//g")" echo "" else echo "" fi fi IMAGE="$(echo ${IPTABLES_LINE} | awk '{print $4}')" echo "" echo "" echo "" echo "" echo "" fi fi done < /var/tmp/iptables_tmp echo "
${IPTABLES_LINE}
IDSourceDestinationProtocolServiceServiceActioninoutConfigure
$(echo ${IPTABLES_LINE} | awk '{print $1}')$(echo ${IPTABLES_LINE} | awk '{print $9}')$(echo ${IPTABLES_LINE} | awk '{print $10}')$(echo ${IPTABLES_LINE} | awk '{print $5}')ANY$(echo ${IPTABLES_LINE} | awk '{print $12}' | sed -e "s/:.*//g"):$SERVICEANY$(echo ${IPTABLES_LINE} | awk '{print $13}' | sed -e "s/:.*//g"):$SERVICE$(echo ${IPTABLES_LINE} | awk '{print $13}')$(echo ${IPTABLES_LINE} | awk '{print $7}')$(echo ${IPTABLES_LINE} | awk '{print $8}')remove
" rm /var/tmp/iptables_tmp fi sec_end