+++ /dev/null
-#!/usr/bin/perl -U
-
-### Firewall control perl script drived by opengatesrv.cgi ###
-
-($ipfwpath,$rulenumber,$clientaddr,$userid,$macaddr,$userproperty)=@ARGV;
-close STDOUT; close STDERR; close STDIN;
-
-system "$ipfwpath","-q","add","$rulenumber",
- "allow","ip","from","$clientaddr","to","any";
-
-system "$ipfwpath","-q","add","$rulenumber",
- "allow","ip","from","any","to","$clientaddr";
-
-
-exit 0;
-__END__
-########### Above line is the end of interpreting#############
-
- PARAMETERS
-
- $ipfwpath = path to ipfw command
- $rulenumber= ipfw rule number. one number for one client
- $clientaddr= client machine's IP address
- $userid = user's ID. Auth server ID is attached, if entered.
- $macaddr = MAC address for the client machine
- $userproperty = user property acquired from user database
- (Need to edit comm-userdb.c to use this option).
-
- CAUTIONS
-
-*Be care to execute quickly and without delay.
- This script runs in EXCLUSIVE mode.
-
-*Be care to add least rule set.
- The rules are added PER each client.
-
-*Be care to eliminate bug and security hole.
- At modification, debug it perfectly in stand along mode.
-
-*If possible, the rule should be written in rc.firewall.
- Following can be written in rc.firewall
- Deny some protocol though authentication passed.
- Allow to access some server without authentication.
-
-*Following might be written in this script.
- Deny guest users to access internal network.
- Deny a client having specific MAC address.
- Forward some service to proxy server after authentication.
- (Last one might be written in rc.firewall as the rule of other
- side interface which is not used by opengate)
-
- SIMPLE SCRIPT
-
-If you are confused, return to the following default script.
-=====================================================
-#!/usr/bin/perl
-
-# get parameters
-($ipfwpath,$rulenumber,$clientaddr,$userid,$macaddr)=@ARGV;
-
-# close web server I/O
-close STDOUT; close STDERR; close STDIN;
-
-# allow all packets incomming to the client.
-system "$ipfwpath","-q","add","$rulenumber",
- "allow","ip","from","any","to","$clientaddr";
-
-# allow all packets outgoing from the client.
-system "$ipfwpath","-q","add","$rulenumber",
- "allow","ip","from","$clientaddr","to","any";
-
-exit 0;
-__END__
-======================================================
-
char terminateurl[BUFFMAXLN];
char httpkeepUrl[BUFFMAXLN];
char portStr[WORDMAXLN];
+ char *acceptDoc;
char *startPageUrl=GetConfValue("StartPage/Url");
int startPageType=atoi(GetConfValue("StartPage/Type"));
char *opengateDir=GetConfValue("OpengateDir");
- /* create path to acceptdoc */
+ /* select proper accept doc */
switch(watchMode[0]){
+
+ /* HTTP watch mode */
case 'H':
- snprintf(acceptdoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
- GetConfValue("OpengateDir"),language,GetConfValue("AcceptDocHttp"));
+ /* HTTP Keep-Alive is not standard in http/1.0 */
+ if(strcmp(getenv("SERVER_PROTOCOL"),"HTTP/1.0")!=0){
+ acceptDoc=GetConfValue("AcceptDocHttp");
+ } else {
+ acceptDoc=GetConfValue("AcceptDocJava");
+ }
break;
+
+ /* JAVA watch mode */
case 'J':
- snprintf(acceptdoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
- GetConfValue("OpengateDir"),language,GetConfValue("AcceptDocJava"));
+ acceptDoc=GetConfValue("AcceptDocJava");
break;
+
+ /* TIMEOUT watch mode */
case 'T':
- snprintf(acceptdoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
- GetConfValue("OpengateDir"),language,GetConfValue("AcceptDocTime"));
+ acceptDoc=GetConfValue("AcceptDocTime");
break;
+
default:
err_msg("ERR at %s#%d: Unknown watch mode [%s]",__FILE__,__LINE__,watchMode);
- snprintf(acceptdoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
- GetConfValue("OpengateDir"),language,GetConfValue("AcceptDocJava"));
+ acceptDoc=GetConfValue("AcceptDocJava");
}
+ /* create path to acceptdoc */
+ snprintf(acceptdoc, BUFFMAXLN, "%s%s/%s/%s",GetConfValue("DocumentRoot"),
+ GetConfValue("OpengateDir"),language,acceptDoc);
+
+
snprintf(acceptdoc2url, BUFFMAXLN,
"http://%s%s/%s/%s",GetConfValue("OpengateServerName"),
GetConfValue("OpengateDir"),language,GetConfValue("AcceptDoc2"));