summaryrefslogtreecommitdiffstats
path: root/perl-install
diff options
context:
space:
mode:
Diffstat (limited to 'perl-install')
-rw-r--r--perl-install/standalone/net_applet115
1 files changed, 17 insertions, 98 deletions
diff --git a/perl-install/standalone/net_applet b/perl-install/standalone/net_applet
index 23f3c4a04..f9b8f79d3 100644
--- a/perl-install/standalone/net_applet
+++ b/perl-install/standalone/net_applet
@@ -9,12 +9,8 @@ use Digest::MD5;
use network::netconnect;
use network::tools;
-use Net::DBus;
-use Net::DBus::Binding::Watch;
-use Gtk2::Helper;
-use Socket;
use mygtk2 qw(gtknew);
-use POSIX qw(strftime);
+use network::activefw;
use Gtk2::TrayIcon;
@@ -81,7 +77,14 @@ if ($opt eq '--force' || $opt eq '-f') { setAutoStart('TRUE') }
shouldStart() or die "$onstartupfile should be set to TRUE or use net_applet --force";
-my ($dbus_con, $dbus_daemon, $interactive_ids) = initDBus();
+my $activefw = activefw->new(sub {
+ my ($con, $msg) = @_;
+ handle_attack($msg->get_args_list) if
+ $msg->get_interface eq "com.mandrakesoft.activefirewall" &&
+ $msg->get_path eq "/com/mandrakesoft/activefirewall" &&
+ $msg->get_member eq "Attack";
+});
+my $interactive_ids = $activefw->get_mode;
checkNetwork();
cronNetwork();
@@ -164,7 +167,7 @@ sub setState {
}
$menu->append(gtkshow(Gtk2::SeparatorMenuItem->new));
$menu->append(gtkshow(gtksignal_connect(gtkset_active(Gtk2::CheckMenuItem->new_with_label(N("Interactive intrusion detection")), $interactive_ids),
- toggled => sub { setInteractiveIDS(to_bool($_[0]->get_active)) })));
+ toggled => sub { $activefw->set_interactive(to_bool($_[0]->get_active)) })));
$menu->append(gtkshow(gtksignal_connect(gtkset_active(Gtk2::CheckMenuItem->new_with_label(N("Always launch on startup")), shouldStart()),
toggled => sub { setAutoStart(uc(bool2text($_[0]->get_active))) })));
$menu->append(gtksignal_connect(gtkshow(Gtk2::MenuItem->new_with_label(N("Quit"))), activate => sub { mainQuit() }));
@@ -179,70 +182,14 @@ sub setAutoStart {
output_p $onstartupfile,
qq(AUTOSTART=$state
);
-}
-
-sub setDBusWatch {
- my ($con) = @_;
- $con->set_watch_callbacks(sub {
- my ($con, $watch) = @_;
- my $flags = $watch->get_flags;
- if ($flags & &Net::DBus::Binding::Watch::READABLE) {
- Gtk2::Helper->add_watch($watch->get_fileno, 'in', sub {
- $watch->handle(&Net::DBus::Binding::Watch::READABLE);
- $con->dispatch;
- 1;
- });
- }
- #- do nothing for WRITABLE watch, we dispatch when needed
- }, undef, undef); #- do nothing when watch is disabled or toggled yet
-}
-
-sub initDBus {
- my $bus = Net::DBus->system;
- my $con = $bus->{connection};
-
- $con->add_filter(sub {
- my ($con, $msg) = @_;
- if ($msg->get_interface eq "com.mandrakesoft.activefirewall" &&
- $msg->get_path eq "/com/mandrakesoft/activefirewall") {
- $msg->get_member eq "Attack" and handleAttack($msg->get_args_list);
- }
- });
- $con->add_match("type='signal',interface='com.mandrakesoft.activefirewall'");
-
- setDBusWatch($con);
- $con->dispatch;
-
- my $service = $bus->get_service("com.mandrakesoft.activefirewall.daemon");
- my $daemon = $service->get_object("/com/mandrakesoft/activefirewall", "com.mandrakesoft.activefirewall.daemon");
-
- my $mode;
- eval {
- $mode = $daemon->GetMode;
- };
- if ($@) {
- print "exception: $@\n";
- $con->dispatch;
- return;
- }
- return $con, $daemon, $mode;
}
-sub handleAttack {
+sub handle_attack {
my ($seq, $timestamp, $indev, $prefix, $sensor, $protocol, $addr, $port, $icmp_type) = @_;
- my $ip_addr = inet_ntoa(pack('N', $addr));
- #- try to resolve address, timeout after 2 seconds
- my $hostname;
- eval {
- local $SIG{ALRM} = sub { die "ALARM" };
- alarm 2;
- $hostname = gethostbyaddr(inet_aton($ip_addr), AF_INET);
- alarm 0;
- };
- $hostname ||= $ip_addr;
-
- my $service = getservbyport($port, undef) || $port;
+ my $ip_addr = activefw::get_ip($addr);
+ my $hostname = activefw::resolve_address($ip_addr);
+ my $service = activefw::get_service($port);
my $msg = $prefix eq "SCAN" ? N("A port scanning attack has been attempted by %s.", $hostname)
: $prefix eq "SERV" ? N("The %s service has been attacked by %s.", $service , $hostname)
@@ -270,18 +217,18 @@ sub handleAttack {
gtknew('HBox', children_loose => [
gtknew('HButtonBox', layout => 'start', children_loose => [
gtknew('Button', text => N("No"),
- clicked => sub { dbus_blacklist($seq, 0); Gtk2->main_quit })
+ clicked => sub { $activefw->blacklist($seq, 0); Gtk2->main_quit })
]),
gtknew('HButtonBox', layout => 'end', children_loose => [
my $ok = gtknew('Button', text => N("Yes"),
- clicked => sub { dbus_blacklist($seq, 1); Gtk2->main_quit })
+ clicked => sub { $activefw->blacklist($seq, 1); Gtk2->main_quit })
])
]),
gtkadd(Gtk2::Expander->new(N("Attack details")),
gtknew('HBox', children => [
0, gtknew('Label', text => " "),
1, gtknew('VBox', children_loose => [
- N("Attack time: %s", strftime("%c", localtime($timestamp))),
+ N("Attack time: %s", activefw::format_date($timestamp),
N("Network interface: %s", $indev),
N("Attack type: %s", $prefix),
if_($protocol, N("Protocol: %s", $protocol)),
@@ -295,32 +242,4 @@ sub handleAttack {
]));
$ok->grab_focus;
$w->main;
-
- #- blacklist or allow attacker
-}
-
-sub dbus_blacklist {
- my ($seq, $blacklist) = @_;
- eval {
- $dbus_daemon->Blacklist(Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $seq),
- Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $blacklist));
- };
- if ($@) {
- print "exception: $@\n";
- $dbus_con->dispatch;
- return;
- }
-}
-
-sub setInteractiveIDS {
- my ($mode) = @_;
- print "setting new IDS mode: $mode\n";
- eval {
- $dbus_daemon->SetMode(Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $mode));
- };
- if ($@) {
- print "exception: $@\n";
- $dbus_con->dispatch;
- return;
- }
}