hw_partner
/
urmic_mpeg2_transcoder
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

starting to develop port wise listuning

This commit is contained in:
Devdatt Bhatt 2026-06-07 23:28:18 +00:00
parent 6fdee9f381
commit b408dc90e5
1 changed files with 84 additions and 195 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

261
html/network.php
View File

@ -9,203 +9,92 @@ License text:
https://github.com/shreebhattji/Urmi/blob/main/licence.md
*/
include 'header.php' ?>
<?php
$jsonFile = __DIR__ . '/firewall.json';
<div class="container">
<h2>Network Interfaces</h2>
<table class="table table-striped">
<thead>
<tr>
<th>Interface Name</th>
<th>IP Address</th>
<th>MAC Address</th>
<th>Status</th>
</tr>
</thead>
<tbody>
<?php
// Get network interfaces excluding specific ones
$interfaces = [];
$defaults = [
'80' => '',
'443' => '',
];
// Get all interfaces using ip command
$output = [];
exec('ip addr show', $output);
$data = $defaults;
$current_interface = null;
$interface_data = [];
if (is_file($jsonFile)) {
$stored = json_decode(file_get_contents($jsonFile), true);
if (is_array($stored)) {
$data = $stored;
}
}
foreach ($output as $line) {
// Match interface name
if (preg_match('/^\d+:\s+([a-zA-Z0-9]+):/', $line, $matches)) {
$current_interface = $matches[1];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Skip interfaces we want to exclude
if (strpos($current_interface, 'enx') === 0) {
$current_interface = null;
continue;
}
exec("echo y | sudo ufw reset");
exec("sudo ufw default allow outgoing");
exec("sudo ufw default deny incoming");
exec("sudo ufw allow proto udp to 224.0.0.0/4");
exec("sudo ufw route allow proto udp to 224.0.0.0/4");
exec("sudo ufw deny out to 239.255.254.254 port 39000 proto udp");
if ($current_interface === 'lo') {
$current_interface = null;
continue;
}
foreach ($defaults as $port => $_) {
$data[$port] = trim($_POST["port_$port"] ?? '');
}
// Check if interface is a bridge or docker interface
if (strpos($current_interface, 'docker') === 0 ||
strpos($current_interface, 'br-') === 0 ||
strpos($current_interface, 'veth') === 0) {
$current_interface = null;
continue;
}
$tmp = $jsonFile . '.tmp';
file_put_contents(
$tmp,
json_encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)
);
rename($tmp, $jsonFile);
$interface_data[$current_interface] = [
'name' => $current_interface,
'ip' => '',
'mac' => '',
'status' => 'down'
];
}
foreach ($data as $port => $value) {
$tmp = array_filter(
array_map('trim', explode(',', (string)$value)),
'strlen'
);
if (count($tmp) > 0) {
foreach ($tmp as $ip) {
exec("sudo ufw allow from " . $ip . " to any port " . $port . " proto tcp");
// Extract IP address
if ($current_interface && preg_match('/inet\s+(\d+\.\d+\.\d+\.\d+)/', $line, $matches)) {
$interface_data[$current_interface]['ip'] = $matches[1];
}
// Extract MAC address
if ($current_interface && preg_match('/link\/ether\s+([a-f0-9:]+)/', $line, $matches)) {
$interface_data[$current_interface]['mac'] = $matches[1];
}
// Check if interface is up
if ($current_interface && strpos($line, 'state UP') !== false) {
$interface_data[$current_interface]['status'] = 'up';
}
}
} else {
exec("sudo ufw allow " . $port);
}
}
exec("sudo ufw allow from 172.16.111.112 to 172.16.111.111 port 80");
exec("sudo ufw allow from 172.16.111.112 to 172.16.111.111 port 443");
exec("sudo ufw --force enable");
exec("sudo ufw reload");
}
?>
?>
<style>
body {
font-family: system-ui, sans-serif;
background: #f5f7fa;
}
.container {
max-width: 520px;
margin: 40px auto;
background: #fff;
padding: 24px;
border-radius: 10px;
box-shadow: 0 10px 30px rgba(0, 0, 0, .08);
}
h2 {
margin-bottom: 20px;
font-size: 20px;
}
.row {
margin-bottom: 16px;
}
label {
display: block;
font-weight: 600;
margin-bottom: 6px;
}
input[type=text] {
width: 100%;
padding: 16px 14px;
border-radius: 8px;
border: 1px solid #ccc;
font-size: 11px;
line-height: 1.4;
}
textarea {
width: 100%;
padding: 14px;
border-radius: 8px;
border: 1px solid #ccc;
font-size: 13px;
line-height: 1.5;
resize: vertical;
}
input[type=text]:invalid {
border-color: #d33;
}
small {
color: #666;
}
input[type=text]:focus {
outline: none;
border-color: #2563eb;
box-shadow: 0 0 0 2px rgba(37, 99, 235, .15);
}
button {
margin-top: 20px;
padding: 12px 18px;
border: none;
border-radius: 8px;
background: #2563eb;
color: #fff;
font-size: 15px;
cursor: pointer;
}
button:hover {
background: #1e4ed8;
}
</style>
<script>
function validateIPs(input) {
if (!input.value.trim()) return true;
const ips = input.value.split(',').map(i => i.trim());
const ipv4 =
/^(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}$/;
const ipv6 =
/^(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|::1|::)$/;
for (const ip of ips) {
if (!(ipv4.test(ip) || ipv6.test(ip))) {
return false;
// Display the filtered interfaces
foreach ($interface_data as $interface) {
if (!empty($interface['ip']) || !empty($interface['mac'])) {
echo "<tr>";
echo "<td>" . htmlspecialchars($interface['name']) . "</td>";
echo "<td>" . htmlspecialchars($interface['ip']) . "</td>";
echo "<td>" . htmlspecialchars($interface['mac']) . "</td>";
echo "<td>" . htmlspecialchars($interface['status']) . "</td>";
echo "</tr>";
}
}
}
return true;
}
function attachValidation() {
document.querySelectorAll('input[type=text]').forEach(inp => {
inp.addEventListener('input', () => {
inp.setCustomValidity(
validateIPs(inp) ? '' : 'Invalid IPv4 or IPv6 address'
);
});
});
}
window.onload = attachValidation;
</script>
<div class="containerindex">
<div class="grid">
<div class="card wide">
<h2>Limit Access</h2>
<form method="post">
<?php foreach ($data as $port => $value): ?>
<div class="row">
<label>Port <?= htmlspecialchars($port) ?></label>
<textarea
name="port_<?= $port ?>"
rows="2"
placeholder="IPv4, IPv6 (comma separated)"><?= htmlspecialchars($value) ?></textarea>
<small>Example: 192.168.1.10/24, 2001:db8::1</small>
</div>
<?php endforeach; ?>
<button type="submit">Limit Access</button>
<br>
<br>
<br>
<br>
</form>
</div>
</div>
?>
</tbody>
</table>
</div>
<?php include 'footer.php' ?>