Commit | Line | Data |
---|---|---|
dfb0d0d7 AC |
1 | <% val you = Init.getUserId (); |
2 | val yourname = Init.getUserName (); | |
3 | ||
3d2ed222 AC |
4 | val nodeNum = case $"node" of |
5 | "" => 2 | |
6 | | node => Web.stoi node; | |
7 | val nodeName = Init.nodeName nodeNum; | |
8 | ||
dfb0d0d7 AC |
9 | val uname = case $"uname" of |
10 | "" => yourname | |
11 | | uname => uname; | |
12 | ||
3d2ed222 AC |
13 | val socks = Sec.socketPerms {node = nodeNum, uname = uname}; |
14 | val tpe = Sec.isTpe {node = nodeNum, uname = uname}; | |
15 | val cron = Sec.cronAllowed {node = nodeNum, uname = uname}; | |
16 | val ftp = Sec.ftpAllowed {node = nodeNum, uname = uname}; | |
dfb0d0d7 AC |
17 | |
18 | ref showNormal = true; | |
19 | ||
20 | @header [("title", ["Security settings"])]; | |
21 | ||
22 | if $"cmd" = "socks" then | |
23 | showNormal := false; | |
24 | val socks = $"socks"; | |
3d2ed222 AC |
25 | %>Are you sure you want to request that socket permissions for <b><% Web.html uname %></b> on <b><% Web.html nodeName %></b> be changed to <b><% Web.html socks %></b>?<br> |
26 | <a href="sec?cmd=socks2&node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&socks=<% Web.urlEncode socks %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
dfb0d0d7 | 27 | elseif $"cmd" = "socks2" then |
3d2ed222 | 28 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": change socket permissions to ", $"socks"], msg = $"msg"}; |
dfb0d0d7 | 29 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 30 | %><h3>Error sending e-mail notification</h3><% |
dfb0d0d7 | 31 | end |
b6dd1aaf | 32 | %><h3>Request added</h3><% |
dfb0d0d7 AC |
33 | |
34 | elseif $"cmd" = "tpe" then | |
35 | showNormal := false; | |
36 | val tpe = iff $"tpe" = "yes" then "on" else "off"; | |
3d2ed222 AC |
37 | %>Are you sure you want to request that trusted-path-executables-only for <b><% Web.html uname %></b> on <b><% Web.html nodeName %></b> be turned <b><% tpe %></b>?<br> |
38 | <a href="sec?cmd=tpe2&node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&tpe=<% tpe %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
dfb0d0d7 | 39 | elseif $"cmd" = "tpe2" then |
3d2ed222 | 40 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": turn tpe ", $"tpe"], msg = $"msg"}; |
dfb0d0d7 | 41 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 42 | %><h3>Error sending e-mail notification</h3><% |
dfb0d0d7 | 43 | end |
b6dd1aaf | 44 | %><h3>Request added</h3><% |
dfb0d0d7 | 45 | |
e510b9bd AC |
46 | elseif $"cmd" = "cron" then |
47 | showNormal := false; | |
48 | val cron = iff $"cron" = "yes" then "enabled" else "disabled"; | |
3d2ed222 AC |
49 | %>Are you sure you want to request that <tt>cron</tt> permissions for <b><% Web.html uname %></b> on <b><% Web.html nodeName %></b> be <b><% cron %></b>?<br> |
50 | <a href="sec?cmd=cron2&node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&cron=<% cron %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
e510b9bd AC |
51 | elseif $"cmd" = "cron2" then |
52 | val cron = iff $"cron" = "enabled" then "enable" else "disable"; | |
3d2ed222 | 53 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": ", cron, " cron access"], msg = $"msg"}; |
e510b9bd | 54 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 55 | %><h3>Error sending e-mail notification</h3><% |
e510b9bd | 56 | end |
b6dd1aaf | 57 | %><h3>Request added</h3><% |
e510b9bd | 58 | |
f432bce2 AC |
59 | elseif $"cmd" = "ftp" then |
60 | showNormal := false; | |
61 | val ftp = iff $"ftp" = "yes" then "enabled" else "disabled"; | |
3d2ed222 AC |
62 | %>Are you sure you want to request that FTP permissions for <b><% Web.html uname %></b> on <b><% Web.html nodeName %></b> be <b><% ftp %></b>?<br> |
63 | <a href="sec?cmd=ftp2&node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&ftp=<% ftp %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
f432bce2 AC |
64 | elseif $"cmd" = "ftp2" then |
65 | val ftp = iff $"ftp" = "enabled" then "enable" else "disable"; | |
3d2ed222 | 66 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": ", ftp, " FTP access"], msg = $"msg"}; |
f432bce2 | 67 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 68 | %><h3>Error sending e-mail notification</h3><% |
f432bce2 | 69 | end |
b6dd1aaf | 70 | %><h3>Request added</h3><% |
f432bce2 | 71 | |
e510b9bd AC |
72 | elseif $"cmd" = "rule" then |
73 | showNormal := false; | |
74 | val rule = $"rule"; | |
308f44e7 AC |
75 | |
76 | if Sec.validRule rule then | |
77 | %>Are you sure you want to request the firewall rule <b><% Web.html uname %> <% Web.html rule %></b> on <b><% Web.html nodeName %></b>?<br> | |
3d2ed222 | 78 | <a href="sec?cmd=rule2&node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&rule=<% Web.urlEncode rule %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% |
308f44e7 AC |
79 | else |
80 | %>"<% Web.html rule %>" is not a valid firewall rule! Please reread <a href="http://wiki.hcoop.net/wiki/FirewallRules">the instructions</a>, and remember to leave off the initial username portion.<% | |
81 | end | |
82 | ||
e510b9bd | 83 | elseif $"cmd" = "rule2" then |
308f44e7 AC |
84 | val rule = $"rule"; |
85 | ||
86 | if Sec.validRule rule then | |
87 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat ["Add firewall rule \"", uname, " ", rule, "\""], msg = $"msg"}; | |
88 | if not (Sec.Req.notifyNew id) then | |
89 | %><h3>Error sending e-mail notification</h3><% | |
90 | end | |
91 | %><h3>Request added</h3><% | |
92 | else | |
93 | %>"<% Web.html rule %>" is not a valid firewall rule! Please reread <a href="http://wiki.hcoop.net/wiki/FirewallRules">the instructions</a>, and remember to leave off the initial username portion.<% | |
e510b9bd | 94 | end |
e510b9bd AC |
95 | |
96 | elseif $"modRule" <> "" then | |
97 | showNormal := false; | |
98 | val oldRule = $"modRule"; | |
99 | val rule = $"rule" | |
100 | if oldRule = rule then | |
101 | %>You didn't modify the textbox for this rule before clicking the button, so there is no request to be made.<% | |
102 | else | |
3d2ed222 AC |
103 | %>Are you sure you want to request that firewall rule <b><% Web.html uname %> <% Web.html oldRule %></b> be replaced by <b><% Web.html uname %> <% Web.html rule %></b> on <b><% Web.html nodeName %></b>?<br> |
104 | <a href="sec?node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&modRule2=<% Web.urlEncode oldRule %>&rule=<% Web.urlEncode rule %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
e510b9bd AC |
105 | end |
106 | elseif $"modRule2" <> "" then | |
3d2ed222 | 107 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat ["Change firewall rule \"", uname, " ", $"modRule2", "\" to \"", uname, " ", $"rule", "\""], msg = $"msg"}; |
e510b9bd | 108 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 109 | %><h3>Error sending e-mail notification</h3><% |
e510b9bd | 110 | end |
b6dd1aaf | 111 | %><h3>Request added</h3><% |
e510b9bd AC |
112 | |
113 | elseif $"delRule" <> "" then | |
114 | showNormal := false; | |
115 | val oldRule = $"delRule"; | |
3d2ed222 AC |
116 | %>Are you sure you want to request that firewall rule <b><% Web.html uname %> <% Web.html oldRule %></b> on <b><% Web.html nodeName %></b> be <b>deleted</bD>?<br> |
117 | <a href="sec?node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&delRule2=<% Web.urlEncode oldRule %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
e510b9bd | 118 | elseif $"delRule2" <> "" then |
3d2ed222 | 119 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat ["Delete firewall rule \"", uname, " ", $"delRule2", "\""], msg = $"msg"}; |
e510b9bd | 120 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 121 | %><h3>Error sending e-mail notification</h3><% |
e510b9bd | 122 | end |
b6dd1aaf | 123 | %><h3>Request added</h3><% |
e510b9bd | 124 | |
dfb0d0d7 AC |
125 | elseif $"cmd" = "open" then |
126 | showNormal := false; | |
127 | Group.requireGroupName "server"; | |
b6dd1aaf | 128 | %><h3>Open requests</h3> |
dfb0d0d7 AC |
129 | <a href="sec?cmd=list">List all requests</a><% |
130 | ||
131 | foreach (name, req) in Sec.Req.listOpen () do %> | |
132 | <br><hr><br> | |
b6dd1aaf AC |
133 | <table class="blanks"> |
134 | <tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
6b8b767b | 135 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td></tr> |
3d2ed222 | 136 | <tr> <td>Node:</td> <td><% Web.html (Init.nodeName (#node req)) %></td> </tr> |
b6dd1aaf AC |
137 | <tr> <td>Request:</td> <td><% #data req %></td> </tr> |
138 | <tr> <td>Msg:</td> <td colspan="2"><% Web.html (#msg req) %></td> </tr> | |
dfb0d0d7 AC |
139 | </table> |
140 | ||
141 | <br> | |
142 | <a href="sec?mod=<% #id req %>">[Modify]</a> | |
143 | <a href="sec?del=<% #id req %>">[Delete]</a><br> | |
144 | ||
145 | <% end | |
146 | ||
147 | elseif $"cmd" = "list" then | |
148 | showNormal := false; | |
149 | Group.requireGroupName "server" | |
b6dd1aaf | 150 | %><h3>All requests</h3><% |
dfb0d0d7 AC |
151 | |
152 | foreach (name, req) in Sec.Req.list () do %> | |
153 | <br><hr><br> | |
b6dd1aaf AC |
154 | <table class="blanks"> |
155 | <tr> <td>By:</td> <td colspan="2"><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
6b8b767b | 156 | <tr> <td>Time:</td> <td colspan="2"><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td></tr> |
3d2ed222 | 157 | <tr> <td>Node:</td> <td><% Web.html (Init.nodeName (#node req)) %></td> </tr> |
b6dd1aaf AC |
158 | <tr> <td>Request:</td> <td><% #data req %></td> </tr> |
159 | <tr> <td>Reason:</td> <td colspan="2"><% Web.html (#msg req) %></td> </tr> | |
dfb0d0d7 AC |
160 | </table> |
161 | ||
162 | <br> | |
163 | <a href="sec?mod=<% #id req %>">[Modify]</a> | |
164 | <a href="sec?del=<% #id req %>">[Delete]</a> | |
165 | ||
166 | <% end | |
167 | ||
168 | elseif $"mod" <> "" then | |
169 | showNormal := false; | |
170 | Group.requireGroupName "server"; | |
171 | val id = Web.stoi ($"mod"); | |
172 | val req = Sec.Req.lookup id; | |
173 | val user = Init.lookupUser (#usr req) %> | |
b6dd1aaf | 174 | <h3>Handle request</h3> |
dfb0d0d7 AC |
175 | |
176 | <form action="sec" method="post"> | |
177 | <input type="hidden" name="save" value="<% id %>"> | |
b6dd1aaf AC |
178 | <table class="blanks"> |
179 | <tr> <td>Requestor:</td> <td><a href="user?id=<% #usr req %>"><% #name user %></a></td> </tr> | |
6b8b767b | 180 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td></tr> |
b6dd1aaf | 181 | <tr> <td>Status:</td> <td><select name="status"> |
dfb0d0d7 AC |
182 | <option value="0"<% if #status req = Sec.Req.NEW then %> selected<% end %>>New</option> |
183 | <option value="1"<% if #status req = Sec.Req.INSTALLED then %> selected<% end %>>Installed</option> | |
184 | <option value="2"<% if #status req = Sec.Req.REJECTED then %> selected<% end %>>Rejected</option> | |
185 | </select></td> </tr> | |
3d2ed222 AC |
186 | <tr> <td>Node:</td> <td><select name="node"> |
187 | <% foreach node in Init.listNodes () do %> | |
188 | <option value="<% #id node %>"<% if nodeNum = #node req then %> selected<% end %>><% Web.html (#name node) %> (<% Web.html (#descr node) %>)</option> | |
189 | <% end %></select></td> </tr> | |
b6dd1aaf AC |
190 | <tr> <td>Request:</td> <td><input name="req" value="<% #data req %>"></td> </tr> |
191 | <tr> <td>Message:</td> <td><textarea name="msg" rows="10" cols="80" wrap="soft"><% Web.html (#msg req) %></textarea></td> </tr> | |
dfb0d0d7 AC |
192 | <tr> <td><input type="submit" value="Save"></td> </tr> |
193 | </table> | |
194 | </form> | |
195 | ||
196 | <% elseif $"save" <> "" then | |
197 | showNormal := false; | |
198 | Group.requireGroupName "server"; | |
199 | val id = Web.stoi ($"save"); | |
200 | val req = Sec.Req.lookup id; | |
201 | val oldStatus = #status req; | |
202 | val newStatus = Sec.Req.statusFromInt (Web.stoi ($"status")); | |
3d2ed222 | 203 | Sec.Req.modify {req with node = nodeNum, data = $"req", msg = $"msg", status = newStatus}; |
8812fb4d AC |
204 | if not (Sec.Req.notifyMod {old = oldStatus, new = newStatus, changer = Init.getUserName(), req = id}) then |
205 | %><h3>Error sending e-mail notification</h3><% | |
dfb0d0d7 | 206 | end |
b6dd1aaf | 207 | %><h3>Request modified</h3> |
dfb0d0d7 AC |
208 | Back to: <a href="sec?cmd=open">open requests</a>, <a href="sec?cmd=list">all requests</a> |
209 | ||
210 | <% elseif $"del" <> "" then | |
211 | showNormal := false; | |
212 | Group.requireGroupName "server"; | |
213 | val id = Web.stoi ($"del"); | |
214 | val req = Sec.Req.lookup id; | |
215 | val user = Init.lookupUser (#usr req) | |
3d2ed222 | 216 | %><h3>Are you sure you want to delete request by <% #name user %> for "<% #data req %>" on <% Web.html (Init.nodeName (#node req)) %>?</h3> |
dfb0d0d7 AC |
217 | <a href="sec?del2=<% id %>">Yes, I'm sure!</a> |
218 | ||
219 | <% elseif $"del2" <> "" then | |
220 | showNormal := false; | |
221 | Group.requireGroupName "server"; | |
222 | val id = Web.stoi ($"del2"); | |
223 | Sec.Req.delete id | |
b6dd1aaf | 224 | %><h3>Request deleted</b><h3> |
dfb0d0d7 AC |
225 | Back to: <a href="sec?cmd=open">open requests</a>, <a href="sec?cmd=list">all requests</a> |
226 | ||
227 | <% end; | |
228 | ||
229 | if showNormal then %> | |
230 | ||
3d2ed222 AC |
231 | <table class="blanks"> |
232 | <form action="sec" method="post"> | |
233 | <input type="hidden" name="uname" value="<% Web.html uname %>"> | |
234 | <tr> <td>Machines:</td> <td><select name="node"> | |
235 | <% foreach node in Init.listNodes () do %> | |
236 | <option value="<% #id node %>"<% if nodeNum = #id node then %> selected<% end %>><% Web.html (#name node) %> (<% Web.html (#descr node) %>)</option> | |
237 | <% end %></select></td> | |
238 | <td><input type="submit" value="Switch"></td> </tr> | |
239 | </form> | |
dfb0d0d7 | 240 | <form action="sec" method="post"> |
3d2ed222 AC |
241 | <input type="hidden" name="node" value="<% nodeNum %>"> |
242 | <tr> <td>Your users:</td> <td><select name="uname"> | |
dfb0d0d7 AC |
243 | <% foreach name in (yourname :: Sec.findSubusers yourname) do %> |
244 | <option value="<% name %>"<% if uname = name then %> selected<% end %>><% name %></option> | |
3d2ed222 AC |
245 | <% end %></select></td> |
246 | <td><input type="submit" value="Switch"></td> </tr> | |
247 | </form> | |
248 | </table> | |
dfb0d0d7 | 249 | |
a4adbfb9 | 250 | <!--h3>Request socket permissions change</h3> |
dfb0d0d7 | 251 | |
2d7faa73 AC |
252 | <p>You need to request socket permissions before you are able to open any network connections. While you will be limited by firewall rules even then, any requests for firewall rules you enter in the "Reason" blank here <b>will be ignored</b>. Please use the separate form at the bottom of this page for that. There is no need to wait until a request for socket permissions has been granted before starting to request firewall rules.</p> |
253 | ||
4d46d3eb AC |
254 | <p>Keep in mind that, if your request is granted, it will never apply to existing log-in sessions. Close them and re-connect to take advantage of your new privileges.</p> |
255 | ||
dfb0d0d7 | 256 | <form action="sec" method="post"> |
3d2ed222 | 257 | <input type="hidden" name="node" value="<% nodeNum %>"> |
dfb0d0d7 AC |
258 | <input type="hidden" name="uname" value="<% uname %>"> |
259 | <input type="hidden" name="cmd" value="socks"> | |
b6dd1aaf AC |
260 | <table class="blanks"> |
261 | <tr> <td>New permissions:</td> <td><select name="socks"> | |
dfb0d0d7 AC |
262 | <option value="none"<% if socks = Sec.NADA then %> selected<% end %>>None</option> |
263 | <option value="any"<% if socks = Sec.ANY then %> selected<% end %>>Any</option> | |
264 | <option value="client"<% if socks = Sec.CLIENT_ONLY then %> selected<% end %>>Client only</option> | |
265 | <option value="server"<% if socks = Sec.SERVER_ONLY then %> selected<% end %>>Server only</option> | |
266 | </select></td> </tr> | |
b6dd1aaf | 267 | <tr> <td>Reason:</td> <td><textarea name="msg" wrap="soft" rows="3" cols="80"></textarea></td> </tr> |
dfb0d0d7 AC |
268 | <tr> <td><input type="submit" value="Request"></td> </tr> |
269 | </table> | |
270 | </form> | |
271 | ||
b6dd1aaf | 272 | <h3>Request change to your execute permissions</h3> |
dfb0d0d7 AC |
273 | |
274 | <form action="sec" method="post"> | |
3d2ed222 | 275 | <input type="hidden" name="node" value="<% nodeNum %>"> |
dfb0d0d7 AC |
276 | <input type="hidden" name="uname" value="<% uname %>"> |
277 | <input type="hidden" name="cmd" value="tpe"> | |
b6dd1aaf AC |
278 | <table class="blanks"> |
279 | <tr> <td>Trusted path executables only?</td> <td><select name="tpe"> | |
dfb0d0d7 AC |
280 | <option value="no"<% if not tpe then %> selected<% end %>>No</option> |
281 | <option value="yes"<% if tpe then %> selected<% end %>>Yes</option> | |
282 | </select></td> </tr> | |
b6dd1aaf | 283 | <tr> <td>Reason:</td> <td><textarea name="msg" wrap="soft" rows="3" cols="80"></textarea></td> </tr> |
dfb0d0d7 AC |
284 | <tr> <td><input type="submit" value="Request"></td> </tr> |
285 | </table> | |
a4adbfb9 | 286 | </form--> |
dfb0d0d7 | 287 | |
b6dd1aaf | 288 | <h3>Request change to your <tt>cron</tt> permissions</h3> |
e510b9bd AC |
289 | |
290 | <form action="sec" method="post"> | |
3d2ed222 | 291 | <input type="hidden" name="node" value="<% nodeNum %>"> |
e510b9bd AC |
292 | <input type="hidden" name="uname" value="<% uname %>"> |
293 | <input type="hidden" name="cmd" value="cron"> | |
b6dd1aaf AC |
294 | <table class="blanks"> |
295 | <tr> <td>Allowed to use cron?</td> <td><select name="cron"> | |
18eeb749 | 296 | <option value="no"<% if not cron then %> selected<% end %>>No</option> |
e510b9bd AC |
297 | <option value="yes"<% if cron then %> selected<% end %>>Yes</option> |
298 | </select></td> </tr> | |
b6dd1aaf | 299 | <tr> <td>Reason:</td> <td><textarea name="msg" wrap="soft" rows="3" cols="80"></textarea></td> </tr> |
e510b9bd AC |
300 | <tr> <td><input type="submit" value="Request"></td> </tr> |
301 | </table> | |
302 | </form> | |
303 | ||
b6dd1aaf | 304 | <h3>Request change to your FTP permissions</h3> |
f432bce2 | 305 | |
18eeb749 AC |
306 | <p>Please read <a href="http://wiki.hcoop.net/wiki/FileTransfer">our wiki instructions on file transfer</a> before requesting FTP access. Almost everyone should use alternative protocols to FTP that provide superior security benefits.</p> |
307 | ||
f432bce2 | 308 | <form action="sec" method="post"> |
3d2ed222 | 309 | <input type="hidden" name="node" value="<% nodeNum %>"> |
f432bce2 AC |
310 | <input type="hidden" name="uname" value="<% uname %>"> |
311 | <input type="hidden" name="cmd" value="ftp"> | |
b6dd1aaf AC |
312 | <table class="blanks"> |
313 | <tr> <td>Allowed to use FTP?</td> <td><select name="ftp"> | |
f432bce2 AC |
314 | <option value="no"<% if not ftp then %> selected<% end %>>No</option> |
315 | <option value="yes"<% if ftp then %> selected<% end %>>Yes</option> | |
316 | </select></td> </tr> | |
b6dd1aaf | 317 | <tr> <td>Reason:</td> <td><textarea name="msg" wrap="soft" rows="3" cols="80"></textarea></td> </tr> |
f432bce2 AC |
318 | <tr> <td><input type="submit" value="Request"></td> </tr> |
319 | </table> | |
320 | </form> | |
321 | ||
3d2ed222 | 322 | <% val rules = Sec.findFirewallRules {node = nodeNum, uname = uname}; |
e510b9bd AC |
323 | switch rules of |
324 | _::_ => %> | |
b6dd1aaf | 325 | <h3>Your firewall rules</h3> |
e510b9bd AC |
326 | |
327 | <% foreach rule in rules do %> | |
328 | <form action="sec" method="post"> | |
3d2ed222 | 329 | <input type="hidden" name="node" value="<% nodeNum %>"> |
e510b9bd AC |
330 | <input type="hidden" name="uname" value="<% uname %>"> |
331 | <input type="hidden" name="modRule" value="<% Web.html rule %>"> | |
332 | <input name="rule" value="<% Web.html rule %>"> | |
333 | <a href="sec?delRule=<% Web.urlEncode rule %>">[Request deletion]</a> | |
334 | <input type="submit" value="Request change"> | |
335 | </form><br> | |
336 | <% end | |
337 | end%> | |
338 | ||
1bb18394 AC |
339 | <h3>Request a new firewall rule</h3> |
340 | ||
99061f22 | 341 | <p><b>This form isn't needed yet to allow you to use any port. However, if you request a rule here, you can be sure it will be added when we first implement firewalls on our new servers. Otherwise, your custom services may stop working.</b></p> |
e510b9bd AC |
342 | |
343 | <p>You can find a description of rule formats <a href="http://wiki.hcoop.net/wiki/FirewallRules">on our wiki</a>. Enter here the rule you want, without the initial <tt>user</tt> portion.</p> | |
344 | ||
4d46d3eb | 345 | <p>Please note that <b>your firewall rule will be useless</b> if you don't first request the corresponding socket privileges at the top of this page. Also, common ports like 80 (HTTP) are open to everyone with socket permissions. Verify that you can't access a port after socket permissions have been granted before requesting a special rule here.</p> |
18eeb749 | 346 | |
b986395e AC |
347 | <p>We very rarely grant requests for Client rules that don't include remote host whitelists. For example, important security concerns make it a bad idea for us to give anybody blanket IRC permissions. Instead, request specific servers. We will refuse such requests that include networks that are popularly considered fronts for illegal activity.</p> |
348 | ||
e510b9bd | 349 | <form action="sec" method="post"> |
3d2ed222 | 350 | <input type="hidden" name="node" value="<% nodeNum %>"> |
e510b9bd AC |
351 | <input type="hidden" name="uname" value="<% uname %>"> |
352 | <input type="hidden" name="cmd" value="rule"> | |
b6dd1aaf AC |
353 | <table class="blanks"> |
354 | <tr> <td>Rule</td> <td><input name="rule" size="80"></td> </tr> | |
355 | <tr> <td>Reason:</td> <td><textarea name="msg" wrap="soft" rows="3" cols="80"></textarea></td> </tr> | |
e510b9bd AC |
356 | <tr> <td><input type="submit" value="Request"></td> </tr> |
357 | </table> | |
1bb18394 | 358 | </form> |
e510b9bd | 359 | |
dfb0d0d7 AC |
360 | <% end %> |
361 | ||
362 | <% @footer[] %> |