Changeset 240 for trunk/system


Ignore:
Timestamp:
Aug 2, 2009, 12:19:41 PM (15 years ago)
Author:
george
Message:
  • Přidáno: Podpora pro zasílání dat po menších balících pro třídu Routerboard.
  • Upraveno: Generování NATu uzpůsobeno pro třídu Routerboard.
Location:
trunk/system
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/system/generators/nat_routerboard.php

    r235 r240  
    22
    33if(isset($_SERVER['REMOTE_ADDR'])) die();
    4 include_once('../../global.php');
     4include('../../global.php');
     5include('../routerboard.php');
     6$Path = array('ip', 'firewall', 'nat');
     7
     8$Routerboard = new Routerboard($Config['MainRouter']['HostName']);
     9$Routerboard->UserName = $Config['MainRouter']['UserName'];
     10$Routerboard->Timeout = $Config['MainRouter']['ConnectTimeout'];
    511
    612$InetInterface = $Config['MainRouter']['InetInterface'];
    713
    8 $Commands = array();
    9 $Commands[] = '/ip firewall nat { remove [find] }';
    10 
     14$Items = array();
    1115$DbResult = $Database->query('SELECT Member.*, Subject.Name FROM Member JOIN Subject ON Member.Subject = Subject.Id');
    1216while($Member = $DbResult->fetch_assoc())
     
    2125    $Name = RouterOSIdent($Name);
    2226    echo($Name.'('.$Interface['LocalIP'].'), ');
    23     $Commands[] = ' /ip firewall nat add chain=srcnat src-address='.$Interface['LocalIP'].' out-interface='.$InetInterface.' action=src-nat to-addresses='.$Interface['ExternalIP'].' comment="'.$Name.'"';
    24     $Commands[] = ' /ip firewall nat add chain=dstnat dst-address='.$Interface['ExternalIP'].' in-interface='.$InetInterface.' action=dst-nat to-addresses='.$Interface['LocalIP'].' comment="'.$Name.'"';
    25 
    26     // Temporary old incoming public subnet range
    27     $ExternalIPParts = explode('.', $Interface['ExternalIP']);
    28     $ExternalIPParts[0] = 85;
    29     $ExternalIPParts[1] = 92;
    30     $ExternalIPParts[2] = 50;
    31     $Interface['ExternalIP'] = implode('.', $ExternalIPParts);
    32     $Commands[] = ' /ip firewall nat add chain=dstnat dst-address='.$Interface['ExternalIP'].' in-interface='.$InetInterface.' action=dst-nat to-addresses='.$Interface['LocalIP'].' comment="'.$Name.'"';
     27    $Items[] = array('chain' => 'srcnat', 'src-address' => $Interface['LocalIP'], 'out-interface' => $InetInterface, 'action' => 'src-nat',  'to-addresses' => $Interface['ExternalIP'], 'comment' => $Name);
     28    $Items[] = array('chain' => 'dstnat', 'dst-address' => $Interface['ExternalIP'], 'in-interface' => $InetInterface, 'action' => 'dst-nat', 'to-addresses' => $Interface['LocalIP'], 'comment' => $Name);
    3329  }
    3430
     
    4137    $Range = CIDRToAddressRange($Subnet['ExtAddressRange'], $Subnet['ExtMask']);
    4238    $Range = $Range['From'].'-'.$Range['To'];
    43     $Commands[] = ' /ip firewall nat add chain=srcnat src-address='.$Subnet['AddressRange'].'/'.$Subnet['Mask'].' out-interface='.$InetInterface.' action=src-nat to-addresses='.$Range.' comment="'.$Subnet['Name'].'"';
     39    $Items[] = array('chain' => 'srcnat', 'src-address' => $Subnet['AddressRange'].'/'.$Subnet['Mask'], 'out-interface' => $InetInterface, 'action' => 'src-nat', 'to-addresses' => $Range, 'comment' => $Subnet['Name']);
    4440    $Range = CIDRToAddressRange($Subnet['AddressRange'], $Subnet['Mask']);
    4541    $Range = $Range['From'].'-'.$Range['To'];
    46     $Commands[] = ' /ip firewall nat add chain=dstnat dst-address='.$Subnet['ExtAddressRange'].'/'.$Subnet['ExtMask'].' in-interface='.$InetInterface.' action=dst-nat to-addresses='.$Range.' comment="'.$Subnet['Name'].'"';
     42    $Items[] = array('chain' => 'dstnat', 'dst-address' => $Subnet['ExtAddressRange'].'/'.$Subnet['ExtMask'], 'in-interface' => $InetInterface, 'action' => 'dst-nat',  'to-addresses' => $Range, 'comment' => $Subnet['Name']);
    4743  }
    4844  echo("\n");
     
    5046
    5147// Masquerade hosts without public ip
    52 $Commands[] = ' /ip firewall nat add chain=srcnat out-interface='.$InetInterface.' action=masquerade comment="Default NAT"';     
     48$Items[] = array('chain' => 'srcnat', 'out-interface' => $InetInterface, 'action' => 'masquerade', 'comment' => 'Default_NAT');     
    5349// Redirect DNS port
    54 $Commands[] = ' /ip firewall nat add chain=dstnat dst-address=212.111.4.174 protocol=tcp dst-port=53 in-interface='.$InetInterface.' action=dst-nat to-address=192.168.0.1 to-ports=53 comment="DNS redirection UDP"';
    55 $Commands[] = ' /ip firewall nat add chain=dstnat dst-address=212.111.4.174 protocol=udp dst-port=53 in-interface='.$InetInterface.' action=dst-nat to-address=192.168.0.1 to-ports=53 comment="DNS redirection UDP"';
     50$Items[] = array('chain' => 'dstnat', 'dst-address' => '212.111.4.174', 'protocol' => 'tcp', 'dst-port' => 53, 'in-interface' => $InetInterface, 'action' => 'dst-nat', 'to-addresses' => '192.168.0.1', 'to-ports' => 53, 'comment' => 'DNS_redirection_UDP');
     51$Items[] = array('chain' => 'dstnat', 'dst-address' => '212.111.4.174', 'protocol' => 'udp', 'dst-port' => 53, 'in-interface' => $InetInterface, 'action' => 'dst-nat', 'to-addresses' => '192.168.0.1', 'to-ports' => 53, 'comment' => 'DNS_redirection_UDP');
    5652
    57 $Commands = addslashes(implode(';', $Commands));
    58 $Command = '/usr/bin/ssh -o ConnectTimeout=5 -l '.$Config['MainRouter']['UserName'].' -i id_dsa '.$Config['MainRouter']['HostName'].' "'.$Commands.'"';
    59 $Output = array();
    60 //echo($Command."\n");
    61 exec($Command, $Output);
    62 //array_pop($Output);
    63 //print_r($Output);
    64 
    65 /*
    66 // SMTP NAT port 25
    67 $DbResult = $Database->select('hosts', '*', 'name="mail"');
    68 $Row = $DbResult->fetch_array();
    69 exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d 212.111.4.174 -j DROP');
    70 exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP']);
    71 exec('/sbin/iptables -t nat -A PreroutingDNAT -p tcp -m tcp --dport 25 -d '.$Row['external_ip'].' -j ACCEPT');
    72 exec('/sbin/iptables -t nat -A POSTROUTING -p tcp -m tcp --dport 25 -s 212.111.4.174 -o eth1 -j SNAT --to-source '.$Row['external_ip']);
    73 
    74 // Local network NAT
    75 $DbResult = $Database->select('hosts', '*', 'name="gate"');
    76 $Row = $DbResult->fetch_array();
    77 exec('/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.0.0 -o eth1 -j SNAT --to-source '.$Row['external_ip']);
    78 //exec('/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/255.0.0.0 -o eth1 -j SNAT --to-source '.$Row['external_ip']);
    79 //exec('/sbin/iptables -t nat -A POSTROUTING -s 212.111.16.94 -o eth1 -j MASQUERADE');
    80 
    81 exec('/sbin/iptables-save>/etc/sysconfig/iptables');
    82 */
     53$Routerboard->ListUpdate($Path, array('chain', 'dst-address', 'in-interface', 'src-address', 'out-interface', 'to-ports', 'dst-port', 'protocol', 'action', 'to-addresses', 'comment'), $Items);
    8354
    8455?>
  • trunk/system/routerboard.php

    r239 r240  
    99  var $Password;
    1010  var $PrivateKey = 'id_dsa';
     11  var $MaxBurstLineCount = 100;
    1112 
    1213  function __construct($HostName = 'localhost', $UserName = 'admin', $Password = '')
     
    1819
    1920  function Execute($Commands)
     21  {
     22    $Output = array();
     23    if(is_array($Commands))
     24    {
     25      $I = 0;
     26      $Batch = array();
     27      while($I < count($Commands))
     28      {
     29        if(($I % $this->MaxBurstLineCount) == 0)
     30        {
     31          if(count($Batch) > 0)
     32            $Output = array_merge($Output, $this->ExecuteBatch(implode(';', $Batch)));
     33          $Batch = array();
     34        }
     35        $Batch[] = $Commands[$I];
     36        $I++;
     37      }
     38      if(count($Batch) > 0)
     39       $Output = array_merge($Output, $this->ExecuteBatch(implode(';', $Batch)));
     40    } else
     41      $Output = array_merge($Output, $this->ExecuteBatch($Commands));
     42    return($Output);
     43  }
     44 
     45  function ExecuteBatch($Commands)
    2046  {   
    21     if(is_array($Commands)) $Commands = implode(';', $Commands);
    2247    $Commands = trim($Commands);
    2348    if($Commands != '')
     
    2752      $Commands = str_replace('$', '\$', $Commands);
    2853      $Command = $this->SSHPath.' -o ConnectTimeout='.$this->Timeout.' -l '.$this->UserName.' -i '.$this->PrivateKey.' '.$this->HostName.' "'.$Commands.'"';
    29       //echo($Command);
     54      echo($Command);
    3055      exec($Command, $Output);
    3156    } else $Output = '';
    32     //print_r($Output);
     57    print_r($Output);
    3358    return($Output);
    3459  }
     
    76101      {
    77102        $Value = explode('=', $ResultLinePart);
    78         $ListItem[$Properties[$Value[0]]] = $Value[1];
     103        if(count($Value) > 1) $ListItem[$Properties[$Value[0]]] = $Value[1];
     104          else $ListItem[$Properties[$Value[0]]] = '';
    79105      }
    80106      $List[] = $ListItem;
     
    91117  {
    92118    $List = $this->ListGet($Path, $Properties, $Condition);
    93     //print_r($List);
    94     //print_r($Values);
    95119    $Commands = array();
     120   
     121    // Add empty properties to values
     122    foreach($Values as $Index => $Item)
     123    {
     124      foreach($Properties as $Property)
     125      {
     126        if(!array_key_exists($Property, $Item))
     127           $Item[$Property] = '';
     128      }
     129      $Values[$Index] = $Item;     
     130    }
     131   
     132    print_r($List);
     133    print_r($Values);
    96134   
    97135    // Erase all items not existed in $Values
     
    103141        foreach($ListItem as $Index => $Property)
    104142        {
    105           $Prop .= $Index.'="'.$Property.'" ';
     143          if($Property != '') $Prop .= $Index.'="'.$Property.'" ';
    106144        }
    107145        $Prop = substr($Prop, 0, -1);
     
    118156        foreach($ListItem as $Index => $Property)
    119157        {
    120           $Prop .= $Index.'='.$Property.' ';
     158          if($Property != '') $Prop .= $Index.'="'.$Property.'" ';
    121159        }
    122160        $Prop = substr($Prop, 0, -1);
     
    124162      }
    125163    }
    126     //print_r($Commands);
     164    print_r($Commands);
    127165    return($this->Execute($Commands));   
    128166  }
Note: See TracChangeset for help on using the changeset viewer.