1 |
#!/usr/bin/perl |
2 |
|
3 |
# Copyright (C) 2006 Mandriva |
4 |
# Olivier Blin <blino@mandriva.com> |
5 |
# |
6 |
# This program is free software; you can redistribute it and/or modify |
7 |
# it under the terms of the GNU General Public License as published by |
8 |
# the Free Software Foundation; either version 2, or (at your option) |
9 |
# any later version. |
10 |
# |
11 |
# This program is distributed in the hope that it will be useful, |
12 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 |
# GNU General Public License for more details. |
15 |
# |
16 |
# You should have received a copy of the GNU General Public License |
17 |
# along with this program; if not, write to the Free Software |
18 |
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
19 |
|
20 |
use strict; |
21 |
|
22 |
use lib qw(/usr/lib/libDrakX); |
23 |
|
24 |
# i18n: IMPORTANT: to get correct namespace (drakx-net instead of libDrakX) |
25 |
BEGIN { unshift @::textdomains, 'drakx-net' } |
26 |
use standalone; |
27 |
|
28 |
use common; |
29 |
use network::invictus; |
30 |
use network::network; |
31 |
use detect_devices; |
32 |
use mygtk2 qw(gtknew); |
33 |
use ugtk2 qw(:create :helpers :wrappers :dialogs); |
34 |
|
35 |
$ugtk2::wm_icon = 'invictus-16'; |
36 |
my $title = N("Invictus Firewall"); |
37 |
my $w = ugtk2->new($title); |
38 |
$::main_window = $w->{real_window}; #- so that transient_for is defined for wait messages and dialogs |
39 |
|
40 |
my $net = {}; |
41 |
network::network::read_net_conf($net); |
42 |
my @interfaces = detect_devices::get_lan_interfaces; |
43 |
|
44 |
my $invictus = {}; |
45 |
network::invictus::read_config($invictus); |
46 |
|
47 |
my %interface_addresses = map { $_ => { |
48 |
real_address => gtknew('Entry', text => $invictus->{ucarp}{$_}{SRCIP}), |
49 |
virtual_address => gtknew('Entry', text => $invictus->{ucarp}{$_}{VIRTIP}), |
50 |
vid => do { my $w = gtknew('Entry', text => $invictus->{ucarp}{$_}{VHID}); $w->set_width_chars(5); $w }, |
51 |
} } @interfaces; |
52 |
|
53 |
my $master_checkbutton = gtknew('CheckButton', text => N("Start as master"), active => do { |
54 |
my $m = find { $_->{TAKEOVER} } values %{$invictus->{ucarp}}; |
55 |
$m && text2bool($m->{TAKEOVER}); |
56 |
}); |
57 |
my $password_entry = gtknew('Entry', text => do { |
58 |
my $p = find { $_->{PASSWORD} } values %{$invictus->{ucarp}}; |
59 |
$p && $p->{PASSWORD}; |
60 |
}); |
61 |
$password_entry->set_visibility(0); |
62 |
my $ct_sync_interface_list; |
63 |
my $cmarkbit_entry; |
64 |
|
65 |
sub apply_invictus_firewall() { |
66 |
require interactive; |
67 |
my $in = 'interactive'->vnew; |
68 |
$in->do_pkgs->ensure_is_installed('invictus-firewall', '/etc/rc.d/init.d/ct_sync') or return; |
69 |
$in->do_pkgs->ensure_is_installed('ucarp', '/etc/rc.d/init.d/ucarp') or return; |
70 |
|
71 |
my $password = $password_entry->get_text; |
72 |
$password or err_dialog(N("Error"), N("A password is required.")), return; |
73 |
foreach (@interfaces) { |
74 |
@{$invictus->{ucarp}{$_}}{qw(INTERFACE SRCIP VIRTIP VHID PASSWORD TAKEOVER)} = ( |
75 |
$_, |
76 |
(map { $_->get_text } @{$interface_addresses{$_}}{qw(real_address virtual_address vid)}), |
77 |
$password, |
78 |
bool2yesno($master_checkbutton->get_active), |
79 |
); |
80 |
} |
81 |
network::invictus::write_config($invictus); |
82 |
|
83 |
require services; |
84 |
services::enable('ct_sync'); |
85 |
services::enable('ucarp'); |
86 |
} |
87 |
|
88 |
sub update_ct_sync_state() { |
89 |
my $enable_ct_sync = text2bool($invictus->{ct_sync}{ENABLE}); |
90 |
$_->set_sensitive($enable_ct_sync) foreach $ct_sync_interface_list, $cmarkbit_entry; |
91 |
foreach my $interface (@interfaces) { |
92 |
my $enable = !$enable_ct_sync || $interface ne $invictus->{ct_sync}{INTERFACE}; |
93 |
$_->set_sensitive($enable) foreach values %{$interface_addresses{$interface}}; |
94 |
} |
95 |
} |
96 |
|
97 |
gtkadd($w->{window}, |
98 |
gtknew('VBox', spacing => 5, children_tight => [ |
99 |
$::isEmbedded ? () : Gtk2::Banner->new('invictus-52', $title), |
100 |
gtknew('WrappedLabel', text => N("This tool allows to set up network interfaces failover and firewall replication.")), |
101 |
gtknew('Frame', border_width => 5, |
102 |
text => N("Network redundancy (leave empty if interface is not used)"), |
103 |
child => gtknew('VBox', border_width => 10, children_tight => [ |
104 |
gtknew('Table', children => [ |
105 |
[ N("Interface"), N("Real address"), N("Virtual shared address"), N("Virtual ID") ], |
106 |
(map { |
107 |
[ $_, @{$interface_addresses{$_}}{qw(real_address virtual_address vid)} ]; |
108 |
} @interfaces), |
109 |
]), |
110 |
gtknew('HBox', spacing => 5, children_tight => [ N("Password"), $password_entry ]), |
111 |
$master_checkbutton, |
112 |
])), |
113 |
gtknew('Frame', border_width => 5, |
114 |
text => N("Firewall replication"), |
115 |
child => gtknew('VBox', border_width => 10, children_tight => [ |
116 |
gtknew('CheckButton', text => N("Synchronize firewall conntrack tables"), |
117 |
active => text2bool($invictus->{ct_sync}{ENABLE}), |
118 |
toggled => sub { |
119 |
$invictus->{ct_sync}{ENABLE} = bool2yesno($_[0]->get_active); |
120 |
update_ct_sync_state(); |
121 |
}), |
122 |
gtknew('HBox', spacing => 5, children => [ |
123 |
0, N("Synchronization network interface"), |
124 |
1, $ct_sync_interface_list = |
125 |
gtknew('ComboBox', list => \@interfaces, text => $invictus->{ct_sync}{INTERFACE}, |
126 |
changed => sub { |
127 |
$invictus->{ct_sync}{INTERFACE} = $_[0]->get_active_text; |
128 |
update_ct_sync_state(); |
129 |
}), |
130 |
]), |
131 |
gtknew('HBox', spacing => 5, children_tight => [ |
132 |
N("Connection mark bit"), |
133 |
$cmarkbit_entry = |
134 |
gtknew('ComboBox', list => [ 0 .. 31 ], text => $invictus->{ct_sync}{CMARKBIT}, changed => sub { |
135 |
$invictus->{ct_sync}{CMARKBIT} = $_[0]->get_active_text; |
136 |
}), |
137 |
]), |
138 |
])), |
139 |
gtknew('HButtonBox', layout => 'edge', children_tight => [ |
140 |
gtknew('Button', text => N("Apply"), clicked => \&apply_invictus_firewall), |
141 |
gtknew('Button', text => N("Quit"), clicked => sub { $w->exit }), |
142 |
]), |
143 |
]), |
144 |
); |
145 |
|
146 |
|
147 |
|
148 |
|
149 |
update_ct_sync_state(); |
150 |
|
151 |
$w->main; |