|
version 1.381, 2021/04/18 02:08:46
|
version 1.382, 2021/04/29 17:45:22
|
|
Line 7423 sub print_wafproxy {
|
Line 7423 sub print_wafproxy {
|
| $itemcount ++; |
$itemcount ++; |
| $css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; |
$css_class = $itemcount%2 ? ' class="LC_odd_row"' : ''; |
| my ($nowafstyle,$wafstyle,$curr_remotip,$currwafdisplay,$vpndircheck,$vpnaliascheck, |
my ($nowafstyle,$wafstyle,$curr_remotip,$currwafdisplay,$vpndircheck,$vpnaliascheck, |
| $currwafvpn,$wafrangestyle); |
$currwafvpn,$wafrangestyle,$alltossl,$ssltossl); |
| $wafstyle = ' style="display:none;"'; |
$wafstyle = ' style="display:none;"'; |
| $nowafstyle = ' style="display:table-row;"'; |
$nowafstyle = ' style="display:table-row;"'; |
| $currwafdisplay = ' style="display: none"'; |
$currwafdisplay = ' style="display: none"'; |
| $wafrangestyle = ' style="display: none"'; |
$wafrangestyle = ' style="display: none"'; |
| $curr_remotip = 'n'; |
$curr_remotip = 'n'; |
| |
$ssltossl = ' checked="checked"'; |
| if ($showdom) { |
if ($showdom) { |
| $wafstyle = ' style="display:table-row;"'; |
$wafstyle = ' style="display:table-row;"'; |
| $nowafstyle = ' style="display:none;"'; |
$nowafstyle = ' style="display:none;"'; |
|
Line 7440 sub print_wafproxy {
|
Line 7441 sub print_wafproxy {
|
| $currwafdisplay = ' style="display:table-row"'; |
$currwafdisplay = ' style="display:table-row"'; |
| $wafrangestyle = ' style="display:inline-block;"'; |
$wafrangestyle = ' style="display:inline-block;"'; |
| } |
} |
| |
if ($values{$dom}{'sslopt'}) { |
| |
$alltossl = ' checked="checked"'; |
| |
$ssltossl = ''; |
| |
} |
| } |
} |
| if (($values{$dom}{'vpnint'} ne '') || ($values{$dom}{'vpnext'} ne '')) { |
if (($values{$dom}{'vpnint'} ne '') || ($values{$dom}{'vpnext'} ne '')) { |
| $vpndircheck = ' checked="checked"'; |
$vpndircheck = ' checked="checked"'; |
|
Line 7478 sub print_wafproxy {
|
Line 7483 sub print_wafproxy {
|
| 'name="wafproxy_ipheader" />'. |
'name="wafproxy_ipheader" />'. |
| '</td></tr>'."\n". |
'</td></tr>'."\n". |
| '<tr id="wafproxy_trust"'.$currwafdisplay.'><td>'. |
'<tr id="wafproxy_trust"'.$currwafdisplay.'><td>'. |
| $lt{'trusted'}.': '. |
$lt{'trusted'}.':<br />'. |
| '<textarea name="wafproxy_trusted" rows="3" cols="80">'. |
'<textarea name="wafproxy_trusted" rows="3" cols="80">'. |
| $values{$dom}{'trusted'}.'</textarea>'. |
$values{$dom}{'trusted'}.'</textarea>'. |
| '</td></tr>'."\n". |
'</td></tr>'."\n". |
|
Line 7491 sub print_wafproxy {
|
Line 7496 sub print_wafproxy {
|
| $lt{'vpnaliased'}.'</label></span></td></tr>'; |
$lt{'vpnaliased'}.'</label></span></td></tr>'; |
| foreach my $item ('vpnint','vpnext') { |
foreach my $item ('vpnint','vpnext') { |
| $datatable .= '<tr id="wafproxy_show_'.$item.'"'.$currwafvpn.'>'. |
$datatable .= '<tr id="wafproxy_show_'.$item.'"'.$currwafvpn.'>'. |
| '<td valign="top">'.$lt{$item}.': '. |
'<td valign="top">'.$lt{$item}.':<br />'. |
| '<textarea name="wafproxy_'.$item.'" rows="3" cols="80">'. |
'<textarea name="wafproxy_'.$item.'" rows="3" cols="80">'. |
| $values{$dom}{$item}.'</textarea>'. |
$values{$dom}{$item}.'</textarea>'. |
| '</td></tr>'."\n"; |
'</td></tr>'."\n"; |
| } |
} |
| $datatable .= '</table></td></tr>'; |
$datatable .= '<tr><td><hr /></td></tr>'."\n". |
| |
'<tr>'. |
| |
'<td valign="top">'.$lt{'sslopt'}.':<br /><span class="LC_nobreak">'. |
| |
'<label><input type="radio" name="wafproxy_sslopt"'.$alltossl.' value="1" />'. |
| |
$lt{'alltossl'}.'</label>'.(' 'x2). |
| |
'<label><input type="radio" name="wafproxy_sslopt"'.$ssltossl.' value="0" />'. |
| |
$lt{'ssltossl'}.'</label></span></td></tr>'."\n". |
| |
'</table></td></tr>'; |
| } |
} |
| if (keys(%otherdoms)) { |
if (keys(%otherdoms)) { |
| foreach my $domain (sort(keys(%otherdoms))) { |
foreach my $domain (sort(keys(%otherdoms))) { |
|
Line 7505 sub print_wafproxy {
|
Line 7517 sub print_wafproxy {
|
| $datatable .= '<tr'.$css_class.'>'. |
$datatable .= '<tr'.$css_class.'>'. |
| '<td class="LC_left_item">'.&mt('Domain: [_1]',$domain).'</td>'. |
'<td class="LC_left_item">'.&mt('Domain: [_1]',$domain).'</td>'. |
| '<td class="LC_left_item"><table>'; |
'<td class="LC_left_item"><table>'; |
| foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') { |
foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') { |
| my $showval = &mt('None'); |
my $showval = &mt('None'); |
| |
if ($item eq 'ssl') { |
| |
$showval = $lt{'ssltossl'}; |
| |
} |
| if ($values{$domain}{$item}) { |
if ($values{$domain}{$item}) { |
| $showval = $values{$domain}{$item}; |
$showval = $values{$domain}{$item}; |
| |
if ($item eq 'ssl') { |
| |
$showval = $lt{'alltossl'}; |
| |
} |
| } |
} |
| $datatable .= '<tr>'. |
$datatable .= '<tr>'. |
| '<td>'.$lt{$item}.': '.$showval.'</td></tr>'; |
'<td>'.$lt{$item}.': '.$showval.'</td></tr>'; |
|
Line 7531 sub wafproxy_titles {
|
Line 7549 sub wafproxy_titles {
|
| vpnaliased => 'via aliased hostname (WAF)', |
vpnaliased => 'via aliased hostname (WAF)', |
| vpnint => 'Internal IP Range(s) for VPN sessions', |
vpnint => 'Internal IP Range(s) for VPN sessions', |
| vpnext => 'IP Range(s) for backend WAF connections', |
vpnext => 'IP Range(s) for backend WAF connections', |
| ssloptions => 'Forwarding http/https', |
sslopt => 'Forwarding http/https', |
| alltossl => 'WAF forwards both http and https requests to https', |
alltossl => 'WAF forwards both http and https requests to https', |
| ssltossl => 'WAF forwards http requests to http and https to https', |
ssltossl => 'WAF forwards http requests to http and https to https', |
| ); |
); |
|
Line 19826 sub modify_wafproxy {
|
Line 19844 sub modify_wafproxy {
|
| if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') { |
if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') { |
| %curralias = %{$domconfig{'wafproxy'}{'alias'}}; |
%curralias = %{$domconfig{'wafproxy'}{'alias'}}; |
| } |
} |
| foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') { |
foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') { |
| $currvalue{$item} = $domconfig{'wafproxy'}{$item}; |
$currvalue{$item} = $domconfig{'wafproxy'}{$item}; |
| } |
} |
| } |
} |
|
Line 19862 sub modify_wafproxy {
|
Line 19880 sub modify_wafproxy {
|
| vpnint => 'internal IP range(s) for VPN sessions(s)', |
vpnint => 'internal IP range(s) for VPN sessions(s)', |
| vpnext => 'IP range(s) for backend WAF connections', |
vpnext => 'IP range(s) for backend WAF connections', |
| ); |
); |
| foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') { |
foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') { |
| my $possible = $env{'form.wafproxy_'.$item}; |
my $possible = $env{'form.wafproxy_'.$item}; |
| $possible =~ s/^\s+|\s+$//g; |
$possible =~ s/^\s+|\s+$//g; |
| if ($possible ne '') { |
if ($possible ne '') { |
|
Line 19874 sub modify_wafproxy {
|
Line 19892 sub modify_wafproxy {
|
| if ($wafproxy{'remoteip'} eq 'h') { |
if ($wafproxy{'remoteip'} eq 'h') { |
| $wafproxy{$item} = $possible; |
$wafproxy{$item} = $possible; |
| } |
} |
| |
} elsif ($item eq 'sslopt') { |
| |
if ($possible =~ /^0|1$/) { |
| |
$wafproxy{$item} = $possible; |
| |
} |
| } else { |
} else { |
| my (@ok,$count); |
my (@ok,$count); |
| if (($item eq 'vpnint') || ($item eq 'vpnext')) { |
if (($item eq 'vpnint') || ($item eq 'vpnext')) { |
|
Line 19936 sub modify_wafproxy {
|
Line 19958 sub modify_wafproxy {
|
| if ($putresult eq 'ok') { |
if ($putresult eq 'ok') { |
| my $cachetime = 24*60*60; |
my $cachetime = 24*60*60; |
| my (%domdefaults,$updatedomdefs); |
my (%domdefaults,$updatedomdefs); |
| foreach my $item ('ipheader','trusted','vpnint','vpnext') { |
foreach my $item ('ipheader','trusted','vpnint','vpnext','sslopt') { |
| if ($changes{$item}) { |
if ($changes{$item}) { |
| unless ($updatedomdefs) { |
unless ($updatedomdefs) { |
| %domdefaults = &Apache::lonnet::get_domain_defaults($dom); |
%domdefaults = &Apache::lonnet::get_domain_defaults($dom); |
|
Line 19973 sub modify_wafproxy {
|
Line 19995 sub modify_wafproxy {
|
| } |
} |
| } |
} |
| $output = &mt('Changes were made to Web Application Firewall/Reverse Proxy').'<ul>'; |
$output = &mt('Changes were made to Web Application Firewall/Reverse Proxy').'<ul>'; |
| foreach my $item ('alias','remoteip','ipheader','trusted','vpnint','vpnext') { |
foreach my $item ('alias','remoteip','ipheader','trusted','vpnint','vpnext','sslopt') { |
| if ($changes{$item}) { |
if ($changes{$item}) { |
| if ($item eq 'alias') { |
if ($item eq 'alias') { |
| my $numaliased = 0; |
my $numaliased = 0; |
|
Line 20037 sub modify_wafproxy {
|
Line 20059 sub modify_wafproxy {
|
| } else { |
} else { |
| $output .= '<li>'.&mt('IP Range(s) for backend WAF connections deleted').'</li>'; |
$output .= '<li>'.&mt('IP Range(s) for backend WAF connections deleted').'</li>'; |
| } |
} |
| |
} elsif ($item eq 'sslopt') { |
| |
if ($wafproxy{$item}) { |
| |
$output .= '<li>'.&mt('WAF/Reverse Proxy expected to forward requests to https on LON-CAPA node, regardless of original protocol in web browser (http or https).').'</li>'; |
| |
} else { |
| |
$output .= '<li>'.&mt('WAF/Reverse Proxy expected to preserve original protocol in web browser (either http or https) when forwarding to LON-CAPA node.').'</li>'; |
| |
} |
| } |
} |
| } |
} |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to domainprefs.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / interface