📄 policyview.c
字号:
GTK_STOCK_ADD, GTK_RESPONSE_ACCEPT, NULL); gtk_container_set_border_width (GTK_CONTAINER (dialog), 8); g_signal_connect (G_OBJECT (dialog), "response", G_CALLBACK (rule_dialog_response_cb), NULL); /* Keep the dialog from being destroyed */ g_signal_connect (G_OBJECT (dialog), "delete-event", G_CALLBACK (rule_dialog_delete_request_cb), NULL); va_start (ap, title); gint arg = va_arg (ap, gint); while (arg != -1) { char *widget_title; widget_title = va_arg (ap, char *); if (arg == RULE_HOST_SELECTOR) { add_host_selector (widget_title, dialog); } else if (arg == RULE_SERVICE_SELECTOR) { add_service_selector (widget_title, dialog); } else if (arg == RULE_TARGET_SELECTOR) { TargetMask mask; mask = va_arg (ap, TargetMask); add_target_selector (widget_title, mask, dialog); } else if (arg == RULE_FORWARD_SELECTOR) { add_forward_selector (widget_title, dialog); } else if (arg == RULE_COMMENT) { add_comment_space (widget_title, dialog); } arg = va_arg (ap, gint); } va_end (ap); gtk_window_set_resizable (GTK_WINDOW (dialog), FALSE); return dialog;}static voiddialog_update_nat_widgets (GtkWidget *dialog){ GtkWidget *element; element = g_object_get_data (G_OBJECT (dialog), "target_selector_lan"); if (element) gtk_widget_set_sensitive (element, preferences_get_bool (PREFS_FW_NAT));}voidpolicyview_edit_rule (void){ GtkWidget *dialog; GtkTreeSelection *selected; GtkTreeModel *model; GtkTreeIter *iter; if (modifying_view != NULL) return; iter = g_new (GtkTreeIter, 1); selected = gtk_tree_view_get_selection (selected_view); modifying_view = selected_view; dialog = g_object_get_data (G_OBJECT (modifying_view), "dialog"); if (gtk_tree_selection_get_selected (selected, &model, iter)) { GtkTreePath* path; gint pos; gchar *data; gchar *comment; gchar *buf; GtkWidget *element; path = gtk_tree_model_get_path (model, iter); pos = gtk_tree_path_get_indices(path)[0]; if (GTK_WIDGET (modifying_view) == in_allow_from || GTK_WIDGET (modifying_view) == out_deny_from || GTK_WIDGET (modifying_view) == out_deny_to || GTK_WIDGET (modifying_view) == out_allow_from || GTK_WIDGET (modifying_view) == out_allow_to) { gtk_tree_model_get (model, iter, 0, &data, -1); element = g_object_get_data (G_OBJECT (dialog), "host_selector"); gtk_entry_set_text (GTK_ENTRY (element), data); gtk_tree_model_get (model, iter, 1, &comment, -1); } else if (GTK_WIDGET (modifying_view) == in_allow_service || GTK_WIDGET (modifying_view) == out_deny_service || GTK_WIDGET (modifying_view) == out_allow_service) { gchar *service, *port, *target; gtk_tree_model_get (model, iter, 0, &service, 1, &port, 2, &target, -1); element = g_object_get_data (G_OBJECT (dialog), "service_selector_service"); element = gtk_bin_get_child (GTK_BIN (element)); gtk_entry_set_text (GTK_ENTRY (element), service); element = g_object_get_data (G_OBJECT (dialog), "service_selector_port"); gtk_entry_set_text (GTK_ENTRY (element), port); if (g_str_equal (target, "everyone")) { element = g_object_get_data (G_OBJECT (dialog), "target_selector_anyone"); } else if (g_str_equal (target, "firewall")) { element = g_object_get_data (G_OBJECT (dialog), "target_selector_firewall"); } else if (g_str_equal (target, "lan")) { element = g_object_get_data (G_OBJECT (dialog), "target_selector_lan"); } else { GtkWidget *entry; entry = g_object_get_data (G_OBJECT (dialog), "target_selector_host"); gtk_entry_set_text (GTK_ENTRY (entry), target); element = g_object_get_data (G_OBJECT (dialog), "target_selector_ip"); } gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (element), TRUE); gtk_tree_model_get (model, iter, 3, &comment, -1); } else if (GTK_WIDGET (modifying_view) == in_forward) { gchar *service, *port, *target_host, *target_port; gtk_tree_model_get (model, iter, 0, &service, 1, &port, 2, &target_host, 3, &target_port, -1); element = g_object_get_data (G_OBJECT (dialog), "service_selector_service"); element = gtk_bin_get_child (GTK_BIN (element)); gtk_entry_set_text (GTK_ENTRY (element), service); element = g_object_get_data (G_OBJECT (dialog), "service_selector_port"); gtk_entry_set_text (GTK_ENTRY (element), port); element = g_object_get_data (G_OBJECT (dialog), "forward_selector_host"); gtk_entry_set_text (GTK_ENTRY (element), target_host); element = g_object_get_data (G_OBJECT (dialog), "forward_selector_port"); gtk_entry_set_text (GTK_ENTRY (element), target_port); gtk_tree_model_get (model, iter, 4, &comment, -1); } element = g_object_get_data (G_OBJECT (dialog), "comment"); buf = malloc (strlen (comment)); unescape_string (comment, buf); gtk_entry_set_text (GTK_ENTRY (element), buf); g_free (comment); g_object_set_data (G_OBJECT (dialog), "editing", iter); g_object_set_data (G_OBJECT (dialog), "position", (gint *)pos); dialog_update_nat_widgets (dialog); gtk_widget_show_all (dialog); gtk_tree_path_free (path); }}voidpolicyview_add_rule (void){ GtkWidget *dialog; if (modifying_view != NULL) return; modifying_view = selected_view; dialog = g_object_get_data (G_OBJECT (modifying_view), "dialog"); dialog_update_nat_widgets (dialog); gtk_widget_show_all (dialog);}voidpolicyview_remove_rule (void){ GtkTreeSelection *selected; GtkTreeModel *model; GtkTreeIter iter; selected = gtk_tree_view_get_selection (selected_view); if (gtk_tree_selection_get_selected (selected, &model, &iter)) { GtkTreePath* path; gint pos; gchar *rule_file; path = gtk_tree_model_get_path (model, &iter); pos = gtk_tree_path_get_indices(path)[0]; gtk_list_store_remove (GTK_LIST_STORE (model), &iter); /* Remove from the view */ rule_file = g_object_get_data (G_OBJECT (selected_view), "rule_file"); remove_line_from_file (rule_file, pos); /* Remove from the rule file*/ if (g_strrstr (rule_file, "inbound")) { if (selected_view == GTK_TREE_VIEW (in_forward)) modifications_require_restart = TRUE; else modified_inbound = TRUE; } else modified_outbound = TRUE; gtk_tree_path_free (path); menus_policy_edit_enabled (FALSE); menus_policy_remove_enabled (FALSE); if (preferences_get_bool (PREFS_APPLY_POLICY_INSTANTLY)) policyview_apply (); else menus_policy_apply_enabled (TRUE); }}/* [ ruleview_button_cb ] * Pop up an menu when right clicking the ruleview */static gbooleanruleview_button_cb (GtkTreeView *view, GdkEventButton *event, GtkWidget *menu){ gboolean retval = FALSE; if (selected_view != view) { menus_policy_edit_enabled (FALSE); menus_policy_remove_enabled (FALSE); } else if (gtk_tree_selection_count_selected_rows(gtk_tree_view_get_selection (view))) { menus_policy_edit_enabled (TRUE); menus_policy_remove_enabled (TRUE); } selected_view = view; menus_policy_add_enabled (TRUE); switch (event->button) { case 1: break; case 3: gtk_menu_popup (GTK_MENU (menu), NULL, NULL, NULL, NULL, event->button, event->time); retval = TRUE; break; } return retval;}static gbooleanruleview_selection_cb (GtkTreeView *view, gboolean arg1, gpointer data){ menus_policy_edit_enabled (TRUE); menus_policy_remove_enabled (TRUE); return TRUE;}static voidset_outbound_mode (GtkToggleButton *toggle){ preferences_set_bool (PREFS_FW_RESTRICTIVE_OUTBOUND_MODE, gtk_toggle_button_get_active (toggle)); modifications_require_restart = TRUE; if (preferences_get_bool (PREFS_APPLY_POLICY_INSTANTLY)) policyview_apply (); else menus_policy_apply_enabled (TRUE);}voidpolicyview_reload_inbound_policy (void){ gint retval; gchar *arg[3] = {"firestarter.sh", "reload-inbound-policy", NULL}; gchar *output; GError *error = NULL; if (g_spawn_sync (FIRESTARTER_RULES_DIR "/firestarter", arg, NULL, G_SPAWN_STDERR_TO_DEV_NULL, NULL, NULL, &output, /* Standard output */ NULL, /* Standard error */ &retval, &error) != TRUE) { printf ("Error spawning shell process: %s\n", error->message); } printf ("%s", output); if (retval != 0) { retval = WEXITSTATUS (retval); error_dialog (_("Failed to apply policy"), _("Failed to apply inbound policy"), g_strconcat (_("There was an error when applying the inbound policy:"), "\n", output, NULL), Firestarter.window); } g_free (output);}voidpolicyview_reload_outbound_policy (void){ gint retval; gchar *arg[3] = {"firestarter.sh", "reload-outbound-policy", NULL}; gchar *output; GError *error = NULL; if (g_spawn_sync (FIRESTARTER_RULES_DIR "/firestarter", arg, NULL, G_SPAWN_STDERR_TO_DEV_NULL, NULL, NULL, &output, /* Standard output */ NULL, /* Standard error */ &retval, &error) != TRUE) { printf ("Error spawning shell process: %s\n", error->message); } printf ("%s", output); if (retval != 0) { retval = WEXITSTATUS (retval); error_dialog (_("Failed to apply policy"), _("Failed to apply outbound policy"), g_strconcat (_("There was an error when applying the outbound policy:"), "\n", output, NULL), Firestarter.window); } g_free (output);}voidpolicyview_apply (void){ if (modifications_require_restart) { /* Reload the whole firewall */ scriptwriter_output_configuration (); start_firewall (); } else { /* Only reload the policy group(s) modified */ if (modified_inbound) policyview_reload_inbound_policy (); if (modified_outbound) policyview_reload_outbound_policy (); } modified_inbound = modified_outbound = modifications_require_restart = FALSE; menus_policy_apply_enabled (FALSE);}static voidclear_ruleview (GtkWidget *view){ GtkTreeModel *model; model = gtk_tree_view_get_model (GTK_TREE_VIEW (view)); gtk_list_store_clear (GTK_LIST_STORE (model));}voidpolicyview_create_rule (RuleType type, Hit *h){ gchar *data = NULL; gchar *path = NULL; GtkWidget *view = NULL; if (type == RULETYPE_INBOUND_ALLOW_FROM) { data = g_strconcat (h->source, ", ", NULL); view = in_allow_from; path = POLICY_IN_ALLOW_FROM; } else if (type == RULETYPE_INBOUND_ALLOW_SERVICE) { data = g_strconcat (h->service, ", ", h->port, ", everyone", ", ", NULL); view = in_allow_service; path = POLICY_IN_ALLOW_SERVICE; } else if (type == RULETYPE_INBOUND_ALLOW_SERVICE_FROM) { data = g_strconcat (h->service, ", ", h->port, ", ", h->source, ", ", NULL); view = in_allow_service; path = POLICY_IN_ALLOW_SERVICE; } else if (type == RULETYPE_OUTBOUND_ALLOW_TO) { data = g_strconcat (h->destination, ", ", NULL);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -