b.larik

M0n0wall is firewall software based on a bare-bones version of FreeBSD.

The firewall is configured via PHP scripts.

Since I use SIP spoofing in combination with my ADSL connection. I need functionality which isn’t supported by m0n0wall out of the box.

Thanks to Maurice I found out how to make SIP spoofing work with m0n0wall. The solution is not 100%, because when the network interface goes down for a reason, the spoof settings won’t be restored. I decided to write a quick hack, so I can remotely run commands on m0n0wall.

It’s a ruby script which can be run from the command line.

Save the code below to a file named m0n0wall_exec.rb and, make it executable and change the follwing variables to satisfy your need:

• ssl : true for ssl mode false for no ssl
• url : the ip/host from your m0n0wall
• user : the username to access the webgui
• pass : the password to access the webgui

You can run commands like:

./m0n0wall_exec.rb "/sbin/ifconfig sis1" "ls /"

m0n0wall_exec.rb

#!/usr/bin/env ruby

require 'net/http'
require 'net/https'
begin 
   require 'rubygems'
   require 'html/htmltokenizer'
rescue
   require 'html/htmltokenizer'
end

# change here
ssl  = true
url  = '192.168.1.254'
user = 'admin'
pass = 'secret'

# Don't change below
port = ssl ? 443 : 80

http  = Net::HTTP.new(url,port)

if ssl
   http.use_ssl = true
   http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end

http.start() {|http|
  req = Net::HTTP::Post.new('/exec.php')
  req.basic_auth(user, pass)

  ARGV.each { |cmd|
     req.set_form_data({'txtCommand' => cmd})
     response = http.request(req)
     toke = HTMLTokenizer.new(response.body) 
     toke.getTag("pre")
     puts toke.getText("form").chop.gsub(/\&lt\;/,'<').gsub(/\&gt\;/,'>')
   }
}

I’m NOT responsible for any damage this script can cause. And yes, the script will probably break when the HTML source changes of exec.php.