put fas code into block (#393)

nodogsplash · Jul 25, 2019 · 42285dd · 42285dd
1 parent 310dfcc
commit 42285dd
Show file tree

Hide file tree

Showing 2 changed files with 61 additions and 61 deletions.
diff --git a/src/fw_iptables.c b/src/fw_iptables.c
@@ -369,8 +369,8 @@ iptables_fw_init(void)
 	char *gw_address = NULL;
 	char *gw_iprange = NULL;
 	int gw_port = 0;
-	char *fas_remoteip;
-	int fas_port;
+	char *fas_remoteip = NULL;
+	int fas_port = 0;
 	int traffic_control;
 	int set_mss, mss_value;
 	t_MAC *pt;
@@ -394,11 +394,14 @@ iptables_fw_init(void)
 		ICMP_TYPE = "icmp";
 	}
 
+	if (config->fas_port) {
+		fas_remoteip = safe_strdup(config->fas_remoteip);    /* must free */
+		fas_port = config->fas_port;
+	}
+
 	gw_address = safe_strdup(config->gw_address);    /* must free */
 	gw_iprange = safe_strdup(config->gw_iprange);    /* must free */
 	gw_port = config->gw_port;
-	fas_remoteip = safe_strdup(config->fas_remoteip);    /* must free */
-	fas_port = config->fas_port;
 	pt = config->trustedmaclist;
 	pb = config->blockedmaclist;
 	pa = config->allowedmaclist;

diff --git a/src/main.c b/src/main.c
@@ -278,67 +278,64 @@ main_loop(void)
 		httpdAddC404Content(webserver, http_nodogsplash_callback_404);
 	*/
 
-
-	if (config->fas_remoteip) {
-		if (is_addr(config->fas_remoteip) == 1) {
-			debug(LOG_INFO, "fasremoteip - %s - is a valid IPv4 address...", config->fas_remoteip);
+	if (config->fas_port) {
+		if (config->fas_remoteip) {
+			if (is_addr(config->fas_remoteip) == 1) {
+				debug(LOG_INFO, "fasremoteip - %s - is a valid IPv4 address...", config->fas_remoteip);
+			} else {
+				debug(LOG_ERR, "fasremoteip - %s - is NOT a valid IPv4 address format...", config->fas_remoteip);
+				debug(LOG_ERR, "Exiting...");
+				exit(1);
+			}
 		} else {
-			debug(LOG_ERR, "fasremoteip - %s - is NOT a valid IPv4 address format...", config->fas_remoteip);
-			debug(LOG_ERR, "Exiting...");
-			exit(1);
-		}
-	} else {
-		if (config->fas_port == 80) {
-			debug(LOG_ERR, "Invalid fasport - port 80 is reserved and cannot be used for local FAS...");
-			debug(LOG_ERR, "Exiting...");
-			exit(1);
+			if (config->fas_port == 80) {
+				debug(LOG_ERR, "Invalid fasport - port 80 is reserved and cannot be used for local FAS...");
+				debug(LOG_ERR, "Exiting...");
+				exit(1);
+			}
 		}
-	}
 
-	if (config->fas_key) {
-		/* PHP cli command can be php or php-cli depending on Linux version. */
-		if (execute_ret(msg, sizeof(msg) - 1, "php -v") == 0) {
-			safe_asprintf(&fasssl, "php");
-			debug(LOG_NOTICE, "SSL Provider is active");
-			debug(LOG_DEBUG, "SSL Provider: %s FAS key is: %s\n", &msg, config->fas_key);
-
-		} else if (execute_ret(msg, sizeof(msg) - 1, "php-cli -v") == 0) { 
-			safe_asprintf(&fasssl, "php-cli");
-			debug(LOG_NOTICE, "SSL Provider is active");
-			debug(LOG_DEBUG, "SSL Provider: %s FAS key is: %s\n", &msg, config->fas_key);
-		} else {
-			debug(LOG_ERR, "PHP packages PHP CLI and PHP OpenSSL are required");
-			debug(LOG_ERR, "Exiting...");
-			exit(1);
-		}
-		config->fas_ssl = safe_strdup(fasssl);
-		free(fasssl);
-		safe_asprintf(&phpcmd,
-			"echo '<?php "
-			"if (!extension_loaded (openssl)) {exit(1);"
-			"} ?>' | %s", config->fas_ssl);
-		if (execute_ret(msg, sizeof(msg) - 1, phpcmd) == 0) {
-			debug(LOG_NOTICE, "OpenSSL module is loaded\n");
-		} else {
-			debug(LOG_ERR, "OpenSSL PHP module is not loaded");
-			debug(LOG_ERR, "Exiting...");
-			exit(1);
+		if (config->fas_key) {
+			/* PHP cli command can be php or php-cli depending on Linux version. */
+			if (execute_ret(msg, sizeof(msg) - 1, "php -v") == 0) {
+				safe_asprintf(&fasssl, "php");
+				debug(LOG_NOTICE, "SSL Provider is active");
+				debug(LOG_DEBUG, "SSL Provider: %s FAS key is: %s\n", &msg, config->fas_key);
+
+			} else if (execute_ret(msg, sizeof(msg) - 1, "php-cli -v") == 0) {
+				safe_asprintf(&fasssl, "php-cli");
+				debug(LOG_NOTICE, "SSL Provider is active");
+				debug(LOG_DEBUG, "SSL Provider: %s FAS key is: %s\n", &msg, config->fas_key);
+			} else {
+				debug(LOG_ERR, "PHP packages PHP CLI and PHP OpenSSL are required");
+				debug(LOG_ERR, "Exiting...");
+				exit(1);
+			}
+			config->fas_ssl = safe_strdup(fasssl);
+			free(fasssl);
+			safe_asprintf(&phpcmd,
+				"echo '<?php "
+				"if (!extension_loaded (openssl)) {exit(1);"
+				"} ?>' | %s", config->fas_ssl);
+			if (execute_ret(msg, sizeof(msg) - 1, phpcmd) == 0) {
+				debug(LOG_NOTICE, "OpenSSL module is loaded\n");
+			} else {
+				debug(LOG_ERR, "OpenSSL PHP module is not loaded");
+				debug(LOG_ERR, "Exiting...");
+				exit(1);
+			}
+			free(phpcmd);
 		}
-		free(phpcmd);
-	}
-
-
 
-	/* Make sure fas_remoteip is set. Note: This does not enable FAS. */
-	if (!config->fas_remoteip) {
-		config->fas_remoteip = safe_strdup(config->gw_ip);
-	}
+		/* Make sure fas_remoteip is set. Note: This does not enable FAS. */
+		if (!config->fas_remoteip) {
+			config->fas_remoteip = safe_strdup(config->gw_ip);
+		}
 
-	if (config->fas_remotefqdn) {
-		debug(LOG_NOTICE, "FAS FQDN is: %s\n", config->fas_remotefqdn);
-	}
+		if (config->fas_remotefqdn) {
+			debug(LOG_NOTICE, "FAS FQDN is: %s\n", config->fas_remotefqdn);
+		}
 
-	if (config->fas_port) {
 		debug(LOG_NOTICE, "Forwarding Authentication is Enabled.\n");
 		if (config->fas_remotefqdn) {
 			safe_asprintf(&fasurl, "http://%s:%u%s",
@@ -351,10 +348,10 @@ main_loop(void)
 		}
 		debug(LOG_NOTICE, "FAS URL is %s\n", config->fas_url);
 		free(fasurl);
-	}
 
-	if (config->fas_secure_enabled == 0 && config->fas_port) {
-		debug(LOG_NOTICE, "Warning - Forwarding Authentication - Security is DISABLED.\n");
+		if (config->fas_secure_enabled == 0) {
+			debug(LOG_NOTICE, "Warning - Forwarding Authentication - Security is DISABLED.\n");
+		}
 	}
 
 	if (config->preauth) {