Changeset 873 for trunk/Modules/NetworkConfigLinux/Generators/IPTables.php
- Timestamp:
- Apr 6, 2020, 11:17:40 PM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Modules/NetworkConfigLinux/Generators/IPTables.php
r790 r873 1 1 <?php 2 if (isset($_SERVER['REMOTE_ADDR'])) die();2 if (isset($_SERVER['REMOTE_ADDR'])) die(); 3 3 include_once('../../../Common/Global.php'); 4 4 … … 14 14 // Blocking according IP address 15 15 $DbResult = $Database->select('users', '*', 'inet = 0'); 16 while ($User = $DbResult->fetch_array())16 while ($User = $DbResult->fetch_array()) 17 17 { 18 18 $DbResult2 = $Database->select('hosts', '*', "block<2 AND MAC!='' AND user=".$User['id']); 19 while ($Row = $DbResult2->fetch_array())19 while ($Row = $DbResult2->fetch_array()) 20 20 { 21 21 exec('/sbin/iptables -t nat -A Block -s '.$Row['IP'].' -j Local'); … … 23 23 } 24 24 $DbResult = $Database->select('users', '*', 'inet = 1'); 25 while ($User = $DbResult->fetch_array())25 while ($User = $DbResult->fetch_array()) 26 26 { 27 27 $DbResult2 = $Database->select('hosts','*',"block<2 AND MAC!='' AND vpn=1 AND user=".$User['id']); 28 while ($Row = $DbResult2->fetch_array())28 while ($Row = $DbResult2->fetch_array()) 29 29 { 30 30 exec('/sbin/iptables -t nat -A Block -s '.$Row['IP'].' -j Local'); … … 36 36 // Blocking according MAC address 37 37 $DbResult = $Database->select('users', '*'); 38 while ($User = $DbResult->fetch_array())38 while ($User = $DbResult->fetch_array()) 39 39 { 40 40 //echo($User['fullname']."\n"); 41 41 $DbResult2 = $Database->select('hosts', '*', '(block < 2) AND (MAC != "") AND (user='.$User['id'].') AND (IP != external_ip) ORDER BY id DESC'); 42 while ($Row = $DbResult2->fetch_array())42 while ($Row = $DbResult2->fetch_array()) 43 43 { 44 44 //echo(' '.$Row['name']." ".$Row['MAC']." "); 45 if ($User['inet'] == 0)45 if ($User['inet'] == 0) 46 46 { 47 //if (($Row['block'] == 0) and ($Row['type'] == 1)) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");47 //if (($Row['block'] == 0) and ($Row['type'] == 1)) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy"); 48 48 // else exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local"); 49 49 } else { 50 if ($Row['vpn'] == 0)50 if ($Row['vpn'] == 0) 51 51 { 52 52 $CZFreeLocalIP = $Row['IP']; 53 53 //echo($Row['external_ip']."\n"); 54 //if ($Row['name'] == 'TBC')54 //if ($Row['name'] == 'TBC') 55 55 //{ 56 56 // exec('/sbin/iptables -t nat -A PreroutingDNAT -m tcp -p tcp --dport 3724 -d '.$Row['external_ip'].' -j DNAT --to-destination '.$Row['IP'].':3725'); 57 57 // exec('/sbin/iptables -t nat -A POSTROUTING -m tcp -p tcp -s '.$Row['IP'].' --sport 3725 -o '.$InetInterface.' -j SNAT --to-source '.$Row['external_ip'].':3724'); 58 58 //} 59 if (strtolower($Row['name']) != 'gate')59 if (strtolower($Row['name']) != 'gate') 60 60 { 61 if ($Row['external_ip'] != '')61 if ($Row['external_ip'] != '') 62 62 { 63 63 echo($Row['name'].'='.$Row['external_ip']."\n"); … … 75 75 //echo('vpn'); 76 76 //exec('/sbin/iptables -t nat -A PreroutingDNAT -s '.$Row['IP'].' -p udp -m udp --dport 55556 -j DROP'); 77 if ($Row['external_ip'] != '') exec('/sbin/iptables -t nat -A PreroutingDNAT -d '.$Row['external_ip'].' -j ACCEPT');77 if ($Row['external_ip'] != '') exec('/sbin/iptables -t nat -A PreroutingDNAT -d '.$Row['external_ip'].' -j ACCEPT'); 78 78 exec('/sbin/iptables -t nat -A Block -s '.ToVpnIp($Row)." -j Proxy"); 79 79 80 //if ($Row['vpn'] == 1)80 //if ($Row['vpn'] == 1) 81 81 //{ 82 82 //exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Local"); 83 //} else if ($Row['vpn'] == 2) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy");83 //} else if ($Row['vpn'] == 2) exec('/sbin/iptables -t nat -A Block -m mac --mac-source '.$Row['MAC']." -j Proxy"); 84 84 } 85 if ($Row['czfree_ip'] != '')85 if ($Row['czfree_ip'] != '') 86 86 { 87 87 // CZFree
Note:
See TracChangeset
for help on using the changeset viewer.
