From patchwork Tue Mar 7 12:17:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 6671 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4PWDwn6ghzz3ww4 for ; Tue, 7 Mar 2023 12:17:45 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4PWDwl4Xqzzc6; Tue, 7 Mar 2023 12:17:43 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4PWDwl2fzhz2yYL; Tue, 7 Mar 2023 12:17:43 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4PWDwk1HNNz2xFl for ; Tue, 7 Mar 2023 12:17:42 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4PWDwj3XQxzRR; Tue, 7 Mar 2023 12:17:41 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1678191461; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=+IqeLKEAk3z1LqajLkdUvIQKAq4gy9m3Um1baOz6pAo=; b=B3sCnFZF+Z+2ojJdIBNwh/d0OH6VaC86leEqBZUadiD2mR8KDx6FPjScviJ/0rG00j7x30 m7M+VA6d3iKfzuDw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1678191461; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=+IqeLKEAk3z1LqajLkdUvIQKAq4gy9m3Um1baOz6pAo=; b=qTd/zq+1VGINWKQEM4tSCpDV8eHmFT3TfL1TxChJZ5XpGP3qP1LDpC1227dBSxLKFlh2yd 99bL2IWE+5WydjiwbQbJ8tmewY8N85X8T3nDxHcP+UGGOzoSHbewlxV9vT7GWIBrDNuM/R 4NXi6Z/5XQexehCdfvGxT9f61pm8a84BkrXQRcjYCUSLJHrTW8uLdZmuWQzyqnAstTYnvf g5G6HYEJrrZGtQw2EDFkZkTMTDubxY8Wp3L6ikqe47Ejsl1wlpyRoafLZ6K9s+aoSaVejn y5Y9sRkHp5UBuq1o/GYy1/Cio5mPrGIDgaGjxo9XDdKO+20Z1LzPvWGSSLqFpg== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 1/2] firewall: Silence warnings if blocklist logging is not set. Date: Tue, 7 Mar 2023 13:17:34 +0100 Message-Id: <20230307121735.6485-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Reference: #12979. Signed-off-by: Stefan Schantl --- config/firewall/rules.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index 1b628df16..80985ca53 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -761,7 +761,7 @@ sub ipblocklist () { } # Check if logging is enabled. - if($blocklistsettings{'LOGGING'} eq "on") { + if($blocklistsettings{'LOGGING'}) && ($blocklistsettings{'LOGGING'} eq "on")) { # Create logging rule. run("$IPTABLES -A ${blocklist}_DROP -j LOG -m limit --limit 10/second --log-prefix \"BLKLST_$blocklist \""); } From patchwork Tue Mar 7 12:17:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 6672 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4PWDwp2yhBz3xGB for ; Tue, 7 Mar 2023 12:17:46 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4PWDwm0yZtz1CQ; Tue, 7 Mar 2023 12:17:44 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4PWDwl3MVFz300C; Tue, 7 Mar 2023 12:17:43 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4PWDwk402pz2xFl for ; Tue, 7 Mar 2023 12:17:42 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4PWDwk1p3Pzc6; Tue, 7 Mar 2023 12:17:42 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1678191462; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OUxKxxkBN0UZWWLXVec014nIeIYotRIXuTo91LK4l4s=; b=o5LdlzPBWZmKQepA7F+vtiO44ESK/IIWBtVF2nHSULv2bvLUP0ZZRdExPiUGhjKT/wFQYv Y8Wq3e1DMzPh0SCQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1678191462; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OUxKxxkBN0UZWWLXVec014nIeIYotRIXuTo91LK4l4s=; b=iFoGWiaoFBkpq//Njam2wFJuMQ5KG/GbQOHTAJet+mCAUI/6CDsphWfIVD7WFYzGICIAiF To/2KDS9WrWNLa7DNSxBHlgyZQFZD3BXNzIVwuWG3v1N5d+eIrRurcq/r1h4VcfC4R31qF noYKEsLfA5SaRdIkTCKFYljPTisACT/iwhvgksBKU65DT8X6wTzke1/93jipZHO4/c9mOE FI7IRn5M2PqcdBLZbUEA2ctrJ770V0JnQU6Km2uptGsalZLBj8ncC/C3TYoeDwu6ixMWKL 0FK8ZqpsP3lqpDZ8MbAtp8q4j94ZsbKV27dv83d9oixgRIyXTDjItTNmSGQihQ== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH 2/2] ipblocklist.cgi: Fix settings checkbox handling Date: Tue, 7 Mar 2023 13:17:35 +0100 Message-Id: <20230307121735.6485-2-stefan.schantl@ipfire.org> In-Reply-To: <20230307121735.6485-1-stefan.schantl@ipfire.org> References: <20230307121735.6485-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Checkboxes does not submit any values if they are not checked. Default them to "off" in such a case. This fixes the issue not beeing able to disable the logging. Fixes #12979. Signed-off-by: Stefan Schantl Reviewed-by: Adolf Belka --- html/cgi-bin/ipblocklist.cgi | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/html/cgi-bin/ipblocklist.cgi b/html/cgi-bin/ipblocklist.cgi index bb438129c..b79eb155f 100644 --- a/html/cgi-bin/ipblocklist.cgi +++ b/html/cgi-bin/ipblocklist.cgi @@ -72,6 +72,10 @@ my @blocklists = &IPblocklist::get_blocklists(); # Process actions if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") { + # Assign checkbox values, in case they are not checked. + $cgiparams{'ENABLE'} = "off" unless($cgiparams{'ENABLE'}); + $cgiparams{'LOGGING'} = "off" unless($cgiparams{'LOGGING'}); + # Array to store if blocklists are missing on the system # and needs to be downloaded first. my @missing_blocklists = ();