Changeset 103

Timestamp:

Aug 3, 2008, 6:50:25 PM (16 years ago)

Author:

george

Message:

• Opraveno: Skripty pro generování nastavení služeb sítě. * Přidáno: Skript pro import online stavu počítačů z netwatch systému.

Location:

system

Files:

• backup/do-backup.php (modified) (1 diff)
• bandwidth2.php (modified) (1 diff)
• generate.php (modified) (1 diff)
• generators/dhcp.php (modified) (1 diff)
• generators/dhcp_routerboard.php (added)
• generators/dns.php (modified) (1 diff)
• generators/iptables.php (modified) (8 diffs)
• generators/netwatch.php (added)
• generators/traffic_shaping.php (modified) (11 diffs)
• generators/udp_forwarder.php (modified) (1 diff)
• generators/vpn.php (modified) (1 diff)
• mac_check.php (modified) (1 diff)
• netwatch_import.php (added)

system/backup/do-backup.php

@@ -1 +1 @@
 <?php
-include('/a/html/global.php');
+include('/a/www/centrala/global.php');
 $Database->select_db('backup');
 

system/bandwidth2.php

@@ -1 +1 @@
 <?php
 
-include_once('../html/global.php');
+include_once('/a/www/centrala/global.php');
 include_once('generators/global.php');
 

system/generate.php

@@ -1 +1 @@
 <?php
-include_once('../html/global.php');
+include_once('/a/www/centrala/global.php');
 
 $Period = 60; // seconds

system/generators/dhcp.php

@@ -1 +1 @@
 <?php
-include_once('../../html/global.php');
+include_once('/a/www/centrala/global.php');
 
 // Generate DHCP server configuration

system/generators/dns.php

@@ -1 +1 @@
 <?php
-include_once('../../html/global.php');
+include_once('/a/www/centrala/global.php');
 
 //$Serial = '2007070601';  // Should be changed on every change

system/generators/iptables.php

@@ -1 +1 @@
 <?php
-include_once('../../html/global.php');
+include_once('/a/www/centrala/global.php');
 
 // Generate firewall rules
-exec('iptables -t nat -F Block');
-exec('iptables -t nat -F POSTROUTING');
-exec('iptables -t nat -F PreroutingDNAT');
-//    exec('iptables -t nat -A Block -p tcp --destination-port 80 -j REDIRECT --to-ports 3128');
+exec('/sbin/iptables -t nat -F Block');
+exec('/sbin/iptables -t nat -F POSTROUTING');
+exec('/sbin/iptables -t nat -F PreroutingDNAT');
+//    exec('/sbin/iptables -t nat -A Block -p tcp --destination-port 80 -j REDIRECT --to-ports 3128');
 
 // Blocking according IP address
@@ -15 +15 @@
   while($Row = $DbResult2->fetch_array())
   {
-    exec('iptables -t nat -A Block -s '.$Row['IP'].' -j Local');
+    exec('/sbin/iptables -t nat -A Block -s '.$Row['IP'].' -j Local');
   }
 }
@@ -24 +24 @@
   while($Row = $DbResult2->fetch_array())
   {
-    exec('iptables -t nat -A Block -s '.$Row['IP'].' -j Local');
+    exec('/sbin/iptables -t nat -A Block -s '.$Row['IP'].' -j Local');
   }
 }
@@ -39 +39 @@
     if($User['inet'] == 0)
     {
-      if(($Row['block'] == 0) and ($Row['type'] == 1)) exec('iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
-        else exec('iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local");
+      if(($Row['block'] == 0) and ($Row['type'] == 1)) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
+        else exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local");
     } else {
       if($Row['vpn'] == 0) 
@@ -48 +48 @@
         if($Row['name'] == 'TBC')
         {
-          exec('iptables -t nat -A PreroutingDNAT -m tcp -p tcp --dport 3724 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP'].':3725');  
-          exec('iptables -t nat -A POSTROUTING -m tcp -p tcp -s '.$Row['IP'].' --sport 3725 -o eth1 -j SNAT --to-source '.$Row['external_ip'].':3724');  
+          exec('/sbin/iptables -t nat -A PreroutingDNAT -m tcp -p tcp --dport 3724 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP'].':3725');  
+          exec('/sbin/iptables -t nat -A POSTROUTING -m tcp -p tcp -s '.$Row['IP'].' --sport 3725 -o eth1 -j SNAT --to-source '.$Row['external_ip'].':3724');  
         }
         if(strtolower($Row['name']) != 'centrala')
@@ -55 +55 @@
           if($Row['external_ip'] != '')
           {
-            exec('iptables -t nat -A PreroutingDNAT -i eth1 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']);  
-            exec('iptables -t nat -A PreroutingDNAT -i eth1 -d '.$Row['external_ip'].' -j ACCEPT');  
-            exec('iptables -t nat -A POSTROUTING -s '.$Row['IP'].' -o eth1 -j SNAT --to-source '.$Row['external_ip']);  
+            exec('/sbin/iptables -t nat -A PreroutingDNAT -i eth1 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']);  
+            exec('/sbin/iptables -t nat -A PreroutingDNAT -i eth1 -d '.$Row['external_ip'].' -j ACCEPT');  
+            exec('/sbin/iptables -t nat -A POSTROUTING -s '.$Row['IP'].' -o eth1 -j SNAT --to-source '.$Row['external_ip']);  
           }
-          exec('iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
+          exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
         }
       }
@@ -66 +66 @@
         $CZFreeLocalIP = $Row['external_ip'];
  //echo('vpn');
-        //exec('iptables -t nat -A PreroutingDNAT -s '.$Row['IP'].' -p udp -m udp --dport 55556 -j DROP');  
-        if($Row['external_ip'] != '') exec('iptables -t nat -A PreroutingDNAT -d '.$Row['external_ip'].' -j ACCEPT');  
-        exec('iptables -t nat -A Block -s '.ToVpnIp($Row)." -j Proxy");
+        //exec('/sbin/iptables -t nat -A PreroutingDNAT -s '.$Row['IP'].' -p udp -m udp --dport 55556 -j DROP');  
+        if($Row['external_ip'] != '') exec('/sbin/iptables -t nat -A PreroutingDNAT -d '.$Row['external_ip'].' -j ACCEPT');  
+        exec('/sbin/iptables -t nat -A Block -s '.ToVpnIp($Row)." -j Proxy");
 
         if($Row['vpn'] == 1) 
         {
-          exec('iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local");
-        } else if($Row['vpn'] == 2) exec('iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
+          exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local");
+        } else if($Row['vpn'] == 2) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");
       }
       if($Row['czfree_ip'] != '')
       {
         // CZFree
-        exec('iptables -t nat -A PreroutingDNAT -i tun0 -d '.$Row['czfree_ip'].' -j DNAT --to-destination '.$CZFreeLocalIP);  
-        exec('iptables -t nat -A PreroutingDNAT -i tun0 -d '.$Row['czfree_ip'].' -j ACCEPT');  
-        exec('iptables -t nat -A POSTROUTING -s '.$CZFreeLocalIP.' -o tun0 -j SNAT --to-source '.$Row['czfree_ip']);  
+        exec('/sbin/iptables -t nat -A PreroutingDNAT -i tun0 -d '.$Row['czfree_ip'].' -j DNAT --to-destination '.$CZFreeLocalIP);  
+        exec('/sbin/iptables -t nat -A PreroutingDNAT -i tun0 -d '.$Row['czfree_ip'].' -j ACCEPT');  
+        exec('/sbin/iptables -t nat -A POSTROUTING -s '.$CZFreeLocalIP.' -o tun0 -j SNAT --to-source '.$Row['czfree_ip']);  
       }
     }
@@ -90 +90 @@
 $DbResult = $Database->select('hosts', '*', 'name="MAIL"');
 $Row = $DbResult->fetch_array();
-exec('iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d 212.111.4.174 -j DROP');  
-exec('iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']);  
-exec('iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j ACCEPT');  
-exec('iptables -t nat -A POSTROUTING -p tcp -m tcp --dport 25 -s 212.111.4.174 -o eth1 -j SNAT --to-source '.$Row['external_ip']);  
+exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d 212.111.4.174 -j DROP');  
+exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']);  
+exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j ACCEPT');  
+exec('/sbin/iptables -t nat -A POSTROUTING -p tcp -m tcp --dport 25 -s 212.111.4.174 -o eth1 -j SNAT --to-source '.$Row['external_ip']);  
 
 // Local network NAT
 $DbResult = $Database->select('hosts', '*', 'name="GATE"');
 $Row = $DbResult->fetch_array();
-exec('iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.0.0 -o eth1 -j SNAT --to-source '.$Row['external_ip']);
-//exec('iptables -t nat -A POSTROUTING -s 10.0.0.0/255.0.0.0 -o eth1 -j SNAT --to-source '.$Row['external_ip']);
-//exec('iptables -t nat -A POSTROUTING -s 212.111.16.94 -o eth1 -j MASQUERADE');
+exec('/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.0.0 -o eth1 -j SNAT --to-source '.$Row['external_ip']);
+//exec('/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/255.0.0.0 -o eth1 -j SNAT --to-source '.$Row['external_ip']);
+//exec('/sbin/iptables -t nat -A POSTROUTING -s 212.111.16.94 -o eth1 -j MASQUERADE');
 
 exec('/sbin/iptables-save>/etc/sysconfig/iptables');

system/generators/traffic_shaping.php

@@ -3 +3 @@
 $Enabled = 1;
 $ClassesEnabled = 1;
-include_once('../../html/global.php');
-include_once('../../html/finance/include.php');
+include_once('/a/www/centrala/global.php');
+include_once('/a/www/centrala/finance/include.php');
 NactiMesicniParametry(0);
 
@@ -28 +28 @@
   $File = fopen('/a/bin/htb.sh', 'w+');
   fputs($File, "#!/bin/sh\n");
-  exec('iptables -t mangle -F FORWARD');
-  exec('iptables -t mangle -F INPUT');
-  exec('iptables -t mangle -F OUTPUT');
-  exec('iptables -t mangle -F PREROUTING');
-  exec('iptables -t mangle -F POSTROUTING');
+  exec('/sbin/iptables -t mangle -F FORWARD');
+  exec('/sbin/iptables -t mangle -F INPUT');
+  exec('/sbin/iptables -t mangle -F OUTPUT');
+  exec('/sbin/iptables -t mangle -F PREROUTING');
+  exec('/sbin/iptables -t mangle -F POSTROUTING');
   if($Enabled)
   {
-    exec('iptables -t mangle -A FORWARD -j MARK --set-mark 0');
-    exec('iptables -t mangle -i eth1 -A FORWARD -j MARK --set-mark 1');
-    exec('iptables -t mangle -o eth1 -A FORWARD -j MARK --set-mark 1');
+    exec('/sbin/iptables -t mangle -A FORWARD -j MARK --set-mark 0');
+    exec('/sbin/iptables -t mangle -i eth1 -A FORWARD -j MARK --set-mark 1');
+    exec('/sbin/iptables -t mangle -o eth1 -A FORWARD -j MARK --set-mark 1');
   }
 
@@ -43 +43 @@
   
   // In going traffic
-  fputs($File, "tc qdisc del dev imq0 root\n");
+  fputs($File, "/sbin/tc qdisc del dev imq0 root\n");
   if($Enabled)
   { 
-    fputs($File, "tc qdisc add dev imq0 root handle 1:0 htb default 2\n");
-    fputs($FileClassInfo, "1:1 Z�ladn�t�a\n");
-    fputs($File, "tc class add dev imq0 parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedIn."kbit quantum 1500\n");
+    fputs($File, "/sbin/tc qdisc add dev imq0 root handle 1:0 htb default 2\n");
+    fputs($FileClassInfo, "1:1 Základní\n");
+    fputs($File, "/sbin/tc class add dev imq0 parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedIn."kbit quantum 1500\n");
     fputs($FileClassInfo, "1:2 Internet zdarma\n");
-    fputs($File, "tc class add dev imq0 parent 1:1 classid 1:".$FreeInetClass." htb rate 32kbit prio 3 quantum 1500\n");
-    fputs($File, "tc qdisc add dev imq0 parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");
+    fputs($File, "/sbin/tc class add dev imq0 parent 1:1 classid 1:".$FreeInetClass." htb rate 32kbit prio 3 quantum 1500\n");
+    fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");
   }
   // Out going traffic
-  fputs($File, "tc qdisc del dev imq1 root\n");
+  fputs($File, "/sbin/tc qdisc del dev imq1 root\n");
   if($Enabled)
   {
-    fputs($File, "tc qdisc add dev imq1 root handle 1:0 htb default 2\n");
-    fputs($File, "tc class add dev imq1 parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedOut."kbit quantum 1500\n");
-    fputs($File, "tc class add dev imq1 parent 1:1 classid 1:".$FreeInetClass." htb rate 32kbit prio 3 quantum 1500\n");
-    fputs($File, "tc qdisc add dev imq1 parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");
+    fputs($File, "/sbin/tc qdisc add dev imq1 root handle 1:0 htb default 2\n");
+    fputs($File, "/sbin/tc class add dev imq1 parent 1:0 classid 1:1 htb rate ".$TotalMaxSpeedOut."kbit quantum 1500\n");
+    fputs($File, "/sbin/tc class add dev imq1 parent 1:1 classid 1:".$FreeInetClass." htb rate 32kbit prio 3 quantum 1500\n");
+    fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$FreeInetClass." handle ".$FreeInetClass.": sfq perturb 10\n");
   }
   
@@ -75 +75 @@
 
   // VoIP in going traffic
-  fputs($File, "tc class add dev imq0 parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedIn."kbit ceil ".$VoipMaxSpeedIn."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");
-  fputs($File, "tc qdisc add dev imq0 parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");
-  fputs($File, "tc filter add dev imq0 parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");
+  fputs($File, "/sbin/tc class add dev imq0 parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedIn."kbit ceil ".$VoipMaxSpeedIn."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");
+  fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");
+  fputs($File, "/sbin/tc filter add dev imq0 parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");
   // VoIP out going traffic
-  fputs($File, "tc class add dev imq1 parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedOut."kbit ceil ".$VoipMaxSpeedOut."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");
-  fputs($File, "tc qdisc add dev imq1 parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");
-  fputs($File, "tc filter add dev imq1 parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");
+  fputs($File, "/sbin/tc class add dev imq1 parent 1:1 classid 1:".$VoipClassId." htb rate ".$VoipSpeedOut."kbit ceil ".$VoipMaxSpeedOut."kbit quantum 12000 burst 6k cburst 3k prio ".$Prio."\n");
+  fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$VoipClassId." handle ".$VoipClassId.": sfq perturb 10\n");
+  fputs($File, "/sbin/tc filter add dev imq1 parent 1:0 protocol ip handle ".$VoipClassId." fw flowid 1:".$VoipClassId."\n");
   fputs($FileClassInfo, '1:'.$VoipClassId." VoIP\n");
 
@@ -96 +96 @@
   $AllUsersClassId = $ClassId;
   $ClassId = $ClassId + 1;
-  fputs($File, "tc class add dev imq0 parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedIn."kbit prio 1 quantum 1500\n");
-  fputs($File, "tc class add dev imq1 parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedOut."kbit prio 1 quantum 1500\n");
-  fputs($FileClassInfo, '1:'.$AllUsersClassId." Vichni uivatel�n");
+  fputs($File, "/sbin/tc class add dev imq0 parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedIn."kbit prio 1 quantum 1500\n");
+  fputs($File, "/sbin/tc class add dev imq1 parent 1:1 classid 1:".$AllUsersClassId." htb rate ".$UsersMaxSpeedOut."kbit prio 1 quantum 1500\n");
+  fputs($FileClassInfo, '1:'.$AllUsersClassId." Všichni uživatelé\n");
 
   // Torrent sharing
@@ -107 +107 @@
 
   // Torrent out going traffic
-  fputs($File, "tc class add dev imq1 parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");
-  fputs($File, "tc qdisc add dev imq1 parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");
-  fputs($File, "tc filter add dev imq1 parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");
+  fputs($File, "/sbin/tc class add dev imq1 parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");
+  fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");
+  fputs($File, "/sbin/tc filter add dev imq1 parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");
   fputs($FileClassInfo, '1:'.$TorrentClassId." Torrent\n");
   // Torrent in going traffic
-  fputs($File, "tc class add dev imq0 parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");
-  fputs($File, "tc qdisc add dev imq0 parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");
-  fputs($File, "tc filter add dev imq0 parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");
+  fputs($File, "/sbin/tc class add dev imq0 parent 1:".$AllUsersClassId." classid 1:".$TorrentClassId." htb rate ".$TorrentSpeedOut."kbit ceil ".$UsersMaxSpeedOut."kbit prio ".$Prio." quantum 1500\n");
+  fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$TorrentClassId." handle ".$TorrentClassId.":0 sfq perturb 10\n");
+  fputs($File, "/sbin/tc filter add dev imq0 parent 1:0 protocol ip handle ".$TorrentClassId." fw flowid 1:".$TorrentClassId."\n");
   fputs($FileClassInfo, '1:'.$TorrentClassId." Torrent\n");
 
@@ -129 +129 @@
 
     fputs($File, "# === ".$User['fullname']." ===\n");
-    fputs($File, "tc class add dev imq0 parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio 1 quantum ".$Quantum."\n");
-    //fputs($File, "tc qdisc add dev imq0 parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");
-    //fputs($File, "tc class add dev imq0 parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedIn."bit prio 1\n");
-    fputs($File, "tc class add dev imq1 parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio 1 quantum ".$Quantum."\n");
-    //fputs($File, "tc qdisc add dev imq1 parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");
-    //fputs($File, "tc class add dev imq1 parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedOut."bit prio 1\n");
+    fputs($File, "/sbin/tc class add dev imq0 parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio 1 quantum ".$Quantum."\n");
+    //fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");
+    //fputs($File, "/sbin/tc class add dev imq0 parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedIn."bit prio 1\n");
+    fputs($File, "/sbin/tc class add dev imq1 parent 1:".$AllUsersClassId." classid 1:".$UserClassId." htb rate ".$SpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio 1 quantum ".$Quantum."\n");
+    //fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$UserClassId." handle ".$UserClassId.":0 htb r2q 10\n");
+    //fputs($File, "/sbin/tc class add dev imq1 parent ".$UserClassId.":0 classid ".$UserClassId.":".$UserClassId." htb rate ".$UserMaxSpeedOut."bit prio 1\n");
     fputs($FileClassInfo, '1:'.$UserClassId.' '.$User['fullname']."\n");
 
@@ -184 +184 @@
         if($Host['name'] == 'GAME') 
         {
-          exec('iptables -t mangle -F game-server');      
+          exec('/sbin/iptables -t mangle -F game-server');        
                 $TableOut = 'game-server';
                 $TableIn = 'game-server';
@@ -191 +191 @@
 
         // In going traffic
-        exec('iptables -t mangle -A '.$TableIn.' -i eth1 -d '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId); 
-              fputs($File, "tc class add dev imq0 parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio ".$Prio." quantum ".$Quantum."\n");
-              fputs($File, "tc qdisc add dev imq0 parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");
-            //fputs($File, "tc filter add dev imq0 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");
-            fputs($File, "tc filter add dev imq0 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$HostClassId."\n");
+        exec('/sbin/iptables -t mangle -A '.$TableIn.' -i eth1 -d '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId); 
+              fputs($File, "/sbin/tc class add dev imq0 parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedIn."bit ceil ".$UserMaxSpeedIn."bit prio ".$Prio." quantum ".$Quantum."\n");
+              fputs($File, "/sbin/tc qdisc add dev imq0 parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");
+            //fputs($File, "/sbin/tc filter add dev imq0 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");
+            fputs($File, "/sbin/tc filter add dev imq0 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$HostClassId."\n");
         
         // Out going traffic
-        exec('iptables -t mangle -A '.$TableOut.' -o eth1 -s '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId);
-        fputs($File, "tc class add dev imq1 parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio ".$Prio." quantum ".$Quantum."\n");
-              fputs($File, "tc qdisc add dev imq1 parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");
-              //fputs($File, "tc filter add dev imq1 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");
-              fputs($File, "tc filter add dev imq1 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$HostClassId."\n");
+        exec('/sbin/iptables -t mangle -A '.$TableOut.' -o eth1 -s '.$Host['IP'].$Protocol." -j MARK --set-mark ".$HostClassId);
+        fputs($File, "/sbin/tc class add dev imq1 parent 1:".$UserClassId." classid 1:".$HostClassId." htb rate ".$HostSpeedOut."bit ceil ".$UserMaxSpeedOut."bit prio ".$Prio." quantum ".$Quantum."\n");
+              fputs($File, "/sbin/tc qdisc add dev imq1 parent 1:".$HostClassId." handle ".$HostClassId.":0 sfq perturb 10\n");
+              //fputs($File, "/sbin/tc filter add dev imq1 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$UserClassId."\n");
+              fputs($File, "/sbin/tc filter add dev imq1 parent 1:0 protocol ip handle ".$HostClassId." fw flowid 1:".$HostClassId."\n");
                //echo($Row['id'].',');
       }
@@ -208 +208 @@
       if($Tarify[$User['inet_tarif_now']]['group_id'] == 3)
       {
-        //exec('iptables -t mangle -A '.$TableIn.' -i eth1 -d '.$Host['IP'].$Protocol." -j MARK --set-mark ".$FreeInetClass); 
-        //exec('iptables -t mangle -A '.$TableOut.' -o eth1 -s '.$Host['IP'].$Protocol." -j MARK --set-mark ".$FreeInetClass);
+        //exec('/sbin/iptables -t mangle -A '.$TableIn.' -i eth1 -d '.$Host['IP'].$Protocol." -j MARK --set-mark ".$FreeInetClass); 
+        //exec('/sbin/iptables -t mangle -A '.$TableOut.' -o eth1 -s '.$Host['IP'].$Protocol." -j MARK --set-mark ".$FreeInetClass);
       }
       // VoIP devices
       if(($Host['name'] == 'HAJDA-VOIP') || ($Host['name'] == 'NAVRATIL-VOIP')) 
       {
-        exec('iptables -t mangle -A '.$TableIn." -i eth1 -d ".$Host['IP']." -p udp -j MARK --set-mark ".$VoipClassId);
-        exec('iptables -t mangle -A '.$TableOut." -o eth1 -s ".$Host['IP']." -p udp -j MARK --set-mark ".$VoipClassId);
+        exec('/sbin/iptables -t mangle -A '.$TableIn." -i eth1 -d ".$Host['IP']." -p udp -j MARK --set-mark ".$VoipClassId);
+        exec('/sbin/iptables -t mangle -A '.$TableOut." -o eth1 -s ".$Host['IP']." -p udp -j MARK --set-mark ".$VoipClassId);
       } else 
       if($Host['name'] == 'GAME')
       {
-        exec('iptables -t mangle -A FORWARD -o eth1 -s '.$Host['IP']." -j game-server"); 
-        exec('iptables -t mangle -A FORWARD -i eth1 -d '.$Host['IP']." -j game-server"); 
+        exec('/sbin/iptables -t mangle -A FORWARD -o eth1 -s '.$Host['IP']." -j game-server"); 
+        exec('/sbin/iptables -t mangle -A FORWARD -i eth1 -d '.$Host['IP']." -j game-server"); 
     
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -j MARK --set-mark ".$TorrentClassId);
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -j MARK --set-mark ".$TorrentClassId);
-        //exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 10886 -j MARK --set-mark ".$TorrentClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -j MARK --set-mark ".$TorrentClassId);
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -j MARK --set-mark ".$TorrentClassId);
+        //exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 10886 -j MARK --set-mark ".$TorrentClassId);
         // default torrents
-        //exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 10886 -j MARK --set-mark ".$TorrentClassId);
+        //exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 10886 -j MARK --set-mark ".$TorrentClassId);
 
         // Local services
-              exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p icmp -j MARK --set-mark ".$HostClassId); // ICMP
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p icmp -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 6969 -j MARK --set-mark ".$HostClassId); // web torrent
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 6969 -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 80 -j MARK --set-mark ".$HostClassId);   // web
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 80 -j MARK --set-mark ".$HostClassId); 
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 21 -j MARK --set-mark ".$HostClassId);    // FTP
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 21 -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 8085 -j MARK --set-mark ".$HostClassId);  // wow game server
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 8085 -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 3724 -j MARK --set-mark ".$HostClassId);  // wow login server
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 3724 -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 22 -j MARK --set-mark ".$HostClassId);    // wow game server
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 22 -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 443 -j MARK --set-mark ".$HostClassId);   // https
-              exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 443 -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 27015 -j MARK --set-mark ".$HostClassId); // Counter Strike
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 27015 -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 5905 -j MARK --set-mark ".$HostClassId);  // VNC
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 5905 -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 5906 -j MARK --set-mark ".$HostClassId);  // VNC
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 5906 -j MARK --set-mark ".$HostClassId);
+              exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p icmp -j MARK --set-mark ".$HostClassId); // ICMP
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p icmp -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 6969 -j MARK --set-mark ".$HostClassId); // web torrent
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 6969 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 80 -j MARK --set-mark ".$HostClassId);   // web
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 80 -j MARK --set-mark ".$HostClassId); 
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 21 -j MARK --set-mark ".$HostClassId);    // FTP
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 21 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 8085 -j MARK --set-mark ".$HostClassId);  // wow game server
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 8085 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 3724 -j MARK --set-mark ".$HostClassId);  // wow login server
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 3724 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 22 -j MARK --set-mark ".$HostClassId);    // wow game server
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 22 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 443 -j MARK --set-mark ".$HostClassId);   // https
+              exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 443 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 27015 -j MARK --set-mark ".$HostClassId); // Counter Strike
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 27015 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 5905 -j MARK --set-mark ".$HostClassId);  // VNC
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 5905 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --sport 5906 -j MARK --set-mark ".$HostClassId);  // VNC
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --dport 5906 -j MARK --set-mark ".$HostClassId);
         
         // Remote services
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --dport 443 -j MARK --set-mark ".$HostClassId);   // https
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --sport 443 -j MARK --set-mark ".$HostClassId);
-        exec('iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --dport 80 -j MARK --set-mark ".$HostClassId);   // http
-        exec('iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --sport 80 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --dport 443 -j MARK --set-mark ".$HostClassId);   // https
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --sport 443 -j MARK --set-mark ".$HostClassId);
+        exec('/sbin/iptables -t mangle -A game-server -o eth1 -s '.$Host['IP']." -p tcp --dport 80 -j MARK --set-mark ".$HostClassId);   // http
+        exec('/sbin/iptables -t mangle -A game-server -i eth1 -d '.$Host['IP']." -p tcp --sport 80 -j MARK --set-mark ".$HostClassId);
         
       }
@@ -268 +268 @@
   
   // In going traffic
-  // exec('iptables -t mangle -A FORWARD -m mark --mark 1 -j LOG --log-prefix "TRAFFIC " --log-level info');
-  exec('iptables -t mangle -A FORWARD -i eth1 -j IMQ --todev 0');
-  exec('iptables -t mangle -A INPUT -i eth1 -j IMQ --todev 0');
+  // exec('/sbin/iptables -t mangle -A FORWARD -m mark --mark 1 -j LOG --log-prefix "TRAFFIC " --log-level info');
+  exec('/sbin/iptables -t mangle -A FORWARD -i eth1 -j IMQ --todev 0');
+  exec('/sbin/iptables -t mangle -A INPUT -i eth1 -j IMQ --todev 0');
   // Out going traffic
-  exec('iptables -t mangle -A FORWARD -o eth1 -j IMQ --todev 1');
-  exec('iptables -t mangle -A OUTPUT -o eth1 -j IMQ --todev 1');
+  exec('/sbin/iptables -t mangle -A FORWARD -o eth1 -j IMQ --todev 1');
+  exec('/sbin/iptables -t mangle -A OUTPUT -o eth1 -j IMQ --todev 1');
   exec('/sbin/iptables-save >/etc/sysconfig/iptables');
   fclose($File);

system/generators/udp_forwarder.php

@@ -1 +1 @@
 <?php
-include_once('../../html/global.php');
+include_once('/a/www/centrala/global.php');
 
 // Generate UDP forwarded ports list

system/generators/vpn.php

@@ -1 +1 @@
 <?php
-include_once('../../html/global.php');
+include_once('/a/www/centrala/global.php');
 
 // Generate security corfiguration for PPTP 

system/mac_check.php

@@ -1 +1 @@
 <?php
-include_once('../html/global.php');
+include_once('/a/www/centrala/global.php');
 
 echo("Checking hosts config...\n");