diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2004-12-05 19:56:11 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2004-12-05 19:56:11 +0000 |
| commit | a23d72487189307f63465c7150f6ca3a0cb027b3 (patch) | |
| tree | 7f336d3e8c377e7ad411984ac5f313f5046a8c6f | |
| parent | 07bd3f83b401d8e9e9de3938e0a26c6e452660af (diff) | |
| download | pfsense-a23d72487189307f63465c7150f6ca3a0cb027b3.zip pfsense-a23d72487189307f63465c7150f6ca3a0cb027b3.tar.gz | |
Merge in m0n0wall 1.2b3 changes.
| -rw-r--r-- | etc/inc/interfaces.inc | 92 | ||||
| -rw-r--r-- | etc/inc/services.inc | 103 | ||||
| -rw-r--r-- | etc/inc/system.inc | 6 | ||||
| -rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 8 | ||||
| -rwxr-xr-x | usr/local/www/gui.css | 23 | ||||
| -rwxr-xr-x | usr/local/www/interfaces.php | 224 | ||||
| -rwxr-xr-x | usr/local/www/interfaces_opt.php | 13 | ||||
| -rwxr-xr-x | usr/local/www/interfaces_wan.php | 224 |
8 files changed, 422 insertions, 271 deletions
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 65e8b99..c0d88fb 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -329,22 +329,12 @@ function interfaces_wan_configure() { /* wait for processes to die */ sleep(2); - /* remove dhclient.conf, if it exists */ - if (file_exists("{$g['varetc_path']}/dhclient.conf")) { - unlink("{$g['varetc_path']}/dhclient.conf"); - } - /* remove mpd.conf, if it exists */ - if (file_exists("{$g['varetc_path']}/mpd.conf")) { - unlink("{$g['varetc_path']}/mpd.conf"); - } - /* remove mpd.links, if it exists */ - if (file_exists("{$g['varetc_path']}/mpd.links")) { - unlink("{$g['varetc_path']}/mpd.links"); - } - /* remove wanip, if it exists */ - if (file_exists("{$g['vardb_path']}/wanip")) { - unlink("{$g['vardb_path']}/wanip"); - } + unlink_if_exists("{$g['varetc_path']}/dhclient.conf"); + unlink_if_exists("{$g['varetc_path']}/mpd.conf"); + unlink_if_exists("{$g['varetc_path']}/mpd.links"); + unlink_if_exists("{$g['vardb_path']}/wanip"); + unlink_if_exists("{$g['varetc_path']}/nameservers.conf"); + } /* remove all addresses first */ @@ -389,9 +379,14 @@ function interfaces_wan_configure() { break; default: - mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " . - escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet'])); - + if (isset($wancfg['ispointtopoint']) && $wancfg['pointtopoint']) { + mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " . + escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet']) . + " " . escapeshellarg($wancfg['pointtopoint']) . " up"); + } else { + mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " . + escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet'])); + } /* install default route */ mwexec("/sbin/route delete default"); mwexec("/sbin/route add default " . escapeshellarg($wancfg['gateway'])); @@ -413,6 +408,9 @@ function interfaces_wan_configure() { /* restart ez-ipupdate */ services_dyndns_configure(); + /* force DNS update */ + services_dnsupdate_process(); + /* restart dnsmasq */ services_dnsmasq_configure(); } @@ -457,6 +455,16 @@ EOD; return 0; } +function interfaces_wan_dhcp_down() { + mwexec("/sbin/dhclient -r"); + sleep(3); +} + +function interfaces_wan_dhcp_up() { + interfaces_wan_dhcp_configure(); + sleep(3); +} + function interfaces_wan_pppoe_configure() { global $config, $g; @@ -509,8 +517,18 @@ EOD; set link mtu 1492 set ipcp yes vjcomp set ipcp ranges 0.0.0.0/0 0.0.0.0/0 + +EOD; + + if (isset($config['system']['dnsallowoverride'])) { + $mpdconf .= <<<EOD set ipcp enable req-pri-dns set ipcp enable req-sec-dns + +EOD; + } + + $mpdconf .= <<<EOD open iface EOD; @@ -544,6 +562,18 @@ EOD; return 0; } +function interfaces_wan_pppoe_down() { + global $g; + sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR2"); + sleep(3); +} + +function interfaces_wan_pppoe_up() { + global $g; + sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR1"); + sleep(3); +} + function interfaces_wan_pptp_configure() { global $config, $g; @@ -579,7 +609,7 @@ EOD; if (isset($pptpcfg['ondemand'])) { $mpdconf .= <<<EOD - set iface addrs {$pptpcfg['local']} {$pptpcfg['remote']} + set iface addrs 10.0.0.1 10.0.0.2 EOD; } @@ -595,8 +625,18 @@ EOD; set link accept chap set ipcp no vjcomp set ipcp ranges 0.0.0.0/0 0.0.0.0/0 + +EOD; + + if (isset($config['system']['dnsallowoverride'])) { + $mpdconf .= <<<EOD set ipcp enable req-pri-dns set ipcp enable req-sec-dns + +EOD; + } + + $mpdconf .= <<<EOD open EOD; @@ -634,6 +674,18 @@ EOD; return 0; } +function interfaces_wan_pptp_down() { + global $g; + sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR2"); + sleep(3); +} + +function interfaces_wan_pptp_up() { + global $g; + sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR1"); + sleep(3); +} + function interfaces_wan_bigpond_configure($curwanip) { global $config, $g; diff --git a/etc/inc/services.inc b/etc/inc/services.inc index bcc9dd9..cc98db1 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -418,17 +418,33 @@ function services_proxyarp_configure() { /* kill any running choparp */ killbyname("choparp"); - if (is_array($config['proxyarp']) && count($config['proxyarp']) && - (is_ipaddr($config['interfaces']['wan']['ipaddr']) || - ($config['interfaces']['wan']['ipaddr'] == "dhcp") || - ($config['interfaces']['wan']['ipaddr'] == "bigpond"))) { + if (is_array($config['proxyarp']) && count($config['proxyarp'])) { - if(isset($config['proxyarp']['proxyarpnet']['interface'])) - $args = $config['proxyarp']['proxyarpnet']['interface']; - else - $args = $config['interfaces']['wan']['if'] . " auto"; + $paa = array(); + /* group by interface */ foreach ($config['proxyarp']['proxyarpnet'] as $paent) { + if ($paent['interface']) + $if = $paent['interface']; + else + $if = "wan"; + + if (!is_array($paa[$if])) + $paa[$if] = array(); + + $paa[$if][] = $paent; + } + + foreach ($paa as $paif => $paents) { + if ($paif == "wan" && !(is_ipaddr($config['interfaces']['wan']['ipaddr']) || + ($config['interfaces']['wan']['ipaddr'] == "dhcp") || + ($config['interfaces']['wan']['ipaddr'] == "bigpond"))) + continue; + + $args = $config['interfaces'][$paif]['if'] . " auto"; + + foreach ($paents as $paent) { + if (isset($paent['network'])) $args .= " " . escapeshellarg($paent['network']); else if (isset($paent['range'])) @@ -438,6 +454,77 @@ function services_proxyarp_configure() { mwexec_bg("/usr/local/sbin/choparp " . $args); } + } +} + +function services_dnsupdate_process() { + global $config, $g; + + /* Dynamic DNS updating active? */ + if (isset($config['dnsupdate']['enable'])) { + + $wanip = get_current_wan_address(); + if ($wanip) { + + $keyname = $config['dnsupdate']['keyname']; + /* trailing dot */ + if (substr($keyname, -1) != ".") + $keyname .= "."; + + $hostname = $config['dnsupdate']['host']; + /* trailing dot */ + if (substr($hostname, -1) != ".") + $hostname .= "."; + + /* write private key file + this is dumb - public and private keys are the same for HMAC-MD5, + but nsupdate insists on having both */ + $fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.private", "w"); + $privkey .= <<<EOD +Private-key-format: v1.2 +Algorithm: 157 (HMAC) +Key: {$config['dnsupdate']['keydata']} + +EOD; + fwrite($fd, $privkey); + fclose($fd); + + /* write public key file */ + if ($config['dnsupdate']['keytype'] == "zone") { + $flags = 257; + $proto = 3; + } else if ($config['dnsupdate']['keytype'] == "host") { + $flags = 513; + $proto = 3; + } else if ($config['dnsupdate']['keytype'] == "user") { + $flags = 0; + $proto = 2; + } + + $fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.key", "w"); + fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$config['dnsupdate']['keydata']}\n"); + fclose($fd); + + /* generate update instructions */ + $upinst = "update delete {$config['dnsupdate']['host']} A\n"; + $upinst .= "update add {$config['dnsupdate']['host']} {$config['dnsupdate']['ttl']} A {$wanip}\n"; + $upinst .= "\n"; /* mind that trailing newline! */ + + $fd = fopen("{$g['varetc_path']}/nsupdatecmds", "w"); + fwrite($fd, $upinst); + fclose($fd); + + /* invoke nsupdate */ + $cmd = "/usr/sbin/nsupdate -k {$g['varetc_path']}:{$keyname}"; + if (isset($config['dnsupdate']['usetcp'])) + $cmd .= " -v"; + $cmd .= " {$g['varetc_path']}/nsupdatecmds"; + + mwexec_bg($cmd); + } + } + + return 0; } ?> diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 69470d6..afd25c6 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -237,7 +237,7 @@ EOD; if (isset($syslogcfg['system'])) { $syslogconf .= <<<EOD -*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local4.none;local7.none @{$syslogcfg['remoteserver']} +*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']} security.* @{$syslogcfg['remoteserver']} auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']} *.emerg @{$syslogcfg['remoteserver']} @@ -484,7 +484,7 @@ function system_do_shell_commands($early = 0) { } } -function system_do_extensions() { +function system_do_extensions($early = false) { global $config, $g; if (!is_dir("{$g['etc_path']}/inc/ext")) @@ -495,7 +495,7 @@ function system_do_extensions() { while (($extd = readdir($dh)) !== false) { if (($extd === ".") || ($extd === "..")) continue; - $rcfile = "{$g['etc_path']}/inc/ext/" . $extd . "/rc"; + $rcfile = "{$g['etc_path']}/inc/ext/" . $extd . "/" . ($early ? "rc.early" : "rc"); if (file_exists($rcfile)) passthru($rcfile); } diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 9f21b71..21186eb 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -151,6 +151,8 @@ if (isset($id) && $a_filter[$id]) { } else { /* defaults */ + if ($_GET['if']) + $pconfig['interface'] = $_GET['if']; $pconfig['type'] = "pass"; $pconfig['src'] = "any"; $pconfig['dst'] = "any"; @@ -340,7 +342,7 @@ if ($_POST) { write_config(); touch($d_filterconfdirty_path); - header("Location: firewall_rules.php"); + header("Location: firewall_rules.php?if=" . $_POST['interface']); exit; } } @@ -650,8 +652,8 @@ function dst_rep_change() { </select> <input name="srcendport_cust" type="text" size="5" value="<?php if (!$bfound && $pconfig['srcendport']) echo $pconfig['srcendport']; ?>"></td> </tr> </table> - <br> <span class="vexpl">Specify the port or port range for - the source of the packet for this rule.<br> + <span class="vexpl">Specify the port or port range for + the source of the packet for this rule. This is usually not equal to the destination port range (and is often "any"). <br> Hint: you can leave the <em>'to'</em> field empty if you only want to filter a single port</span></td> <tr> diff --git a/usr/local/www/gui.css b/usr/local/www/gui.css index 0c51fe6..b29e281 100755 --- a/usr/local/www/gui.css +++ b/usr/local/www/gui.css @@ -43,6 +43,11 @@ form { font-size: 13px; font-weight: bold; } +.formbtns { + font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; + font-size: 10px; + font-weight: bold; +} .vvcell { background-color: #FFFFC6; } @@ -125,7 +130,7 @@ a { border-right: 1px solid #999999; border-bottom: 1px solid #999999; font-size: 11px; - padding-right: 16px; + padding-right: 6px; padding-left: 6px; padding-top: 4px; padding-bottom: 4px; @@ -183,7 +188,7 @@ a { border-bottom: 1px solid #999999; border-left: 1px solid #999999; font-size: 11px; - padding-right: 16px; + padding-right: 6px; padding-left: 6px; padding-top: 4px; padding-bottom: 4px; @@ -206,7 +211,6 @@ a { .listt { font-size: 11px; padding-top: 5px; - padding-left: 4px; } .listhdrrns { background-color: #BBBBBB; @@ -240,6 +244,19 @@ a { padding-top: 5px; padding-bottom: 5px; } +.optsect_t { + border-right: 1px solid #999999; + background-color: #435370; + padding-right: 6px; + padding-left: 6px; + padding-top: 2px; + padding-bottom: 2px; +} +.optsect_s { + font-size: 11px; + color: #FFFFFF; + font-weight: bold; +} ul#tabnav { font-size: 11px; font-weight: bold; diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index 076650d..36498d1 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -1,22 +1,22 @@ #!/usr/local/bin/php -<?php +<?php /* interfaces_wan.php part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -37,11 +37,7 @@ $optcfg = &$config['interfaces']['wan']; $pconfig['username'] = $config['pppoe']['username']; $pconfig['password'] = $config['pppoe']['password']; $pconfig['provider'] = $config['pppoe']['provider']; - -$pconfig['bandwidth'] = $config['bandwidth']; -$pconfig['bandwidthtype'] = $config['bandwidthtype']; - -$pconfig['pppoe_dialondemand'] = $config['pppoe']['ondemand']; +$pconfig['pppoe_dialondemand'] = isset($config['pppoe']['ondemand']); $pconfig['pppoe_idletimeout'] = $config['pppoe']['timeout']; $pconfig['pptp_username'] = $config['pptp']['username']; @@ -49,7 +45,7 @@ $pconfig['pptp_password'] = $config['pptp']['password']; $pconfig['pptp_local'] = $config['pptp']['local']; $pconfig['pptp_subnet'] = $config['pptp']['subnet']; $pconfig['pptp_remote'] = $config['pptp']['remote']; -$pconfig['pptp_dialondemand'] = $config['pptp']['ondemand']; +$pconfig['pptp_dialondemand'] = isset($config['pptp']['ondemand']); $pconfig['pptp_idletimeout'] = $config['pptp']['timeout']; $pconfig['bigpond_username'] = $config['bigpond']['username']; @@ -73,14 +69,12 @@ if ($wancfg['ipaddr'] == "dhcp") { $pconfig['ipaddr'] = $wancfg['ipaddr']; $pconfig['subnet'] = $wancfg['subnet']; $pconfig['gateway'] = $wancfg['gateway']; + $pconfig['pointtopoint'] = $wancfg['pointtopoint']; } $pconfig['blockpriv'] = isset($wancfg['blockpriv']); $pconfig['spoofmac'] = $wancfg['spoofmac']; $pconfig['mtu'] = $wancfg['mtu']; -$pconfig['bandwidth'] = $wancfg['bandwidth']; -$pconfig['bandwidthtype'] = $wancfg['bandwidthtype']; -$pconfig['schedulertype'] = $wancfg['schedulertype']; /* Wireless interface? */ if (isset($optcfg['wireless'])) { @@ -121,7 +115,7 @@ if ($_POST) { $reqdfieldsn = explode(",", "BigPond username,BigPond password"); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); } - + if (($_POST['ipaddr'] && !is_ipaddr($_POST['ipaddr']))) { $input_errors[] = "A valid IP address must be specified."; } @@ -131,10 +125,13 @@ if ($_POST) { if (($_POST['gateway'] && !is_ipaddr($_POST['gateway']))) { $input_errors[] = "A valid gateway must be specified."; } + if (($_POST['pointtopoint'] && !is_ipaddr($_POST['pointtopoint']))) { + $input_errors[] = "A valid point-to-point IP address must be specified."; + } if (($_POST['provider'] && !is_domain($_POST['provider']))) { $input_errors[] = "The service name contains invalid characters."; } - if ($_POST['pppoe_idletimeout'] && !is_numericint($_POST['pppoe_idletimeout'])) { + if (($_POST['pppoe_idletimeout'] != "") && !is_numericint($_POST['pppoe_idletimeout'])) { $input_errors[] = "The idle timeout value must be an integer."; } if (($_POST['pptp_local'] && !is_ipaddr($_POST['pptp_local']))) { @@ -146,7 +143,7 @@ if ($_POST) { if (($_POST['pptp_remote'] && !is_ipaddr($_POST['pptp_remote']))) { $input_errors[] = "A valid PPTP remote IP address must be specified."; } - if ($_POST['pptp_idletimeout'] && !is_numericint($_POST['pptp_idletimeout'])) { + if (($_POST['pptp_idletimeout'] != "") && !is_numericint($_POST['pptp_idletimeout'])) { $input_errors[] = "The idle timeout value must be an integer."; } if (($_POST['bigpond_authserver'] && !is_domain($_POST['bigpond_authserver']))) { @@ -164,7 +161,7 @@ if ($_POST) { if ($_POST['mtu'] && (($_POST['mtu'] < 576) || ($_POST['mtu'] > 1500))) { $input_errors[] = "The MTU must be between 576 and 1500 bytes."; } - + /* Wireless interface? */ if (isset($optcfg['wireless'])) { $wi_input_errors = wireless_config_post(); @@ -174,13 +171,11 @@ if ($_POST) { } if (!$input_errors) { - + unset($wancfg['ipaddr']); unset($wancfg['subnet']); unset($wancfg['gateway']); - unset($wancfg['bandwidth']); - unset($wancfg['bandwidthtype']); - unset($wancfg['schedulertype']); + unset($wancfg['pointtopoint']); unset($wancfg['dhcphostname']); unset($config['pppoe']['username']); unset($config['pppoe']['password']); @@ -199,14 +194,13 @@ if ($_POST) { unset($config['bigpond']['authserver']); unset($config['bigpond']['authdomain']); unset($config['bigpond']['minheartbeatinterval']); - - $wancfg['bandwidth'] = $_POST['bandwidth']; - $wancfg['bandwidthtype'] = $_POST['bandwidthtype']; - + if ($_POST['type'] == "Static") { $wancfg['ipaddr'] = $_POST['ipaddr']; $wancfg['subnet'] = $_POST['subnet']; $wancfg['gateway'] = $_POST['gateway']; + if (isset($wancfg['ispointtopoint'])) + $wancfg['pointtopoint'] = $_POST['pointtopoint']; } else if ($_POST['type'] == "DHCP") { $wancfg['ipaddr'] = "dhcp"; $wancfg['dhcphostname'] = $_POST['dhcphostname']; @@ -215,7 +209,7 @@ if ($_POST) { $config['pppoe']['username'] = $_POST['username']; $config['pppoe']['password'] = $_POST['password']; $config['pppoe']['provider'] = $_POST['provider']; - $config['pppoe']['ondemand'] = $_POST['pppoe_dialondemand']; + $config['pppoe']['ondemand'] = $_POST['pppoe_dialondemand'] ? true : false; $config['pppoe']['timeout'] = $_POST['pppoe_idletimeout']; } else if ($_POST['type'] == "PPTP") { $wancfg['ipaddr'] = "pptp"; @@ -224,7 +218,7 @@ if ($_POST) { $config['pptp']['local'] = $_POST['pptp_local']; $config['pptp']['subnet'] = $_POST['pptp_subnet']; $config['pptp']['remote'] = $_POST['pptp_remote']; - $config['pptp']['ondemand'] = $_POST['pptp_dialondemand']; + $config['pptp']['ondemand'] = $_POST['pptp_dialondemand'] ? true : false; $config['pptp']['timeout'] = $_POST['pptp_idletimeout']; } else if ($_POST['type'] == "BigPond") { $wancfg['ipaddr'] = "bigpond"; @@ -234,13 +228,13 @@ if ($_POST) { $config['bigpond']['authdomain'] = $_POST['bigpond_authdomain']; $config['bigpond']['minheartbeatinterval'] = $_POST['bigpond_minheartbeatinterval']; } - $wancfg['schedulertype'] = $_POST['schedulertype']; + $wancfg['blockpriv'] = $_POST['blockpriv'] ? true : false; $wancfg['spoofmac'] = $_POST['spoofmac']; $wancfg['mtu'] = $_POST['mtu']; - + write_config(); - + $retval = 0; if (!file_exists($d_sysrebootreqd_path)) { config_lock(); @@ -410,73 +404,83 @@ function type_change(enable_change,enable_change_pptp) { <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> -<?php $schedulertype = $config['interfaces']['wan']['schedulertype']; ?> <p class="pgtitle">Interfaces: WAN</p> <?php if ($input_errors) print_input_errors($input_errors); ?> <?php if ($savemsg) print_info_box($savemsg); ?> <form action="interfaces_wan.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> + <tr> <td valign="middle"><strong>Type</strong></td> <td> <select name="type" class="formfld" id="type" onchange="type_change()"> <?php $opts = split(" ", "Static DHCP PPPoE PPTP BigPond"); foreach ($opts as $opt): ?> - <option <?php if ($opt == $pconfig['type']) echo "selected";?>> + <option <?php if ($opt == $pconfig['type']) echo "selected";?>> <?=htmlspecialchars($opt);?> </option> <?php endforeach; ?> </select></td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="4"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">General configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">General configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncell">MAC address</td> - <td class="vtable"> <input name="spoofmac" type="text" class="formfld" id="spoofmac" size="30" value="<?=htmlspecialchars($pconfig['spoofmac']);?>"> + <td class="vtable"> <input name="spoofmac" type="text" class="formfld" id="spoofmac" size="30" value="<?=htmlspecialchars($pconfig['spoofmac']);?>"> <br> - This field can be used to modify ("spoof") the MAC + This field can be used to modify ("spoof") the MAC address of the WAN interface<br> (may be required with some cable connections)<br> - Enter a MAC address in the following format: xx:xx:xx:xx:xx:xx + Enter a MAC address in the following format: xx:xx:xx:xx:xx:xx or leave blank</td> </tr> - <tr> + <tr> <td valign="top" class="vncell">MTU</td> - <td class="vtable"> <input name="mtu" type="text" class="formfld" id="mtu" size="8" value="<?=htmlspecialchars($pconfig['mtu']);?>"> + <td class="vtable"> <input name="mtu" type="text" class="formfld" id="mtu" size="8" value="<?=htmlspecialchars($pconfig['mtu']);?>"> <br> - If you enter a value in this field, then MSS clamping for - TCP connections to the value entered above minus 40 (TCP/IP - header size) will be in effect. If you leave this field blank, - an MTU of 1492 bytes for PPPoE and 1500 bytes for all other + If you enter a value in this field, then MSS clamping for + TCP connections to the value entered above minus 40 (TCP/IP + header size) will be in effect. If you leave this field blank, + an MTU of 1492 bytes for PPPoE and 1500 bytes for all other connection types will be assumed.</td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">Static IP configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">Static IP configuration</td> </tr> - <tr> + <tr> <td width="100" valign="top" class="vncellreq">IP address</td> <td class="vtable"> <input name="ipaddr" type="text" class="formfld" id="ipaddr" size="20" value="<?=htmlspecialchars($pconfig['ipaddr']);?>"> - / + / <select name="subnet" class="formfld" id="subnet"> - <?php for ($i = 32; $i > 0; $i--): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['subnet']) echo "selected"; ?>> + <?php + if (isset($wancfg['ispointtopoint'])) + $snmax = 32; + else + $snmax = 31; + for ($i = $snmax; $i > 0; $i--): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['subnet']) echo "selected"; ?>> <?=$i;?> </option> <?php endfor; ?> </select></td> - </tr> + </tr><?php if (isset($wancfg['ispointtopoint'])): ?> <tr> + <td valign="top" class="vncellreq">Point-to-point IP address </td> + <td class="vtable"> + <input name="pointtopoint" type="text" class="formfld" id="pointtopoint" size="20" value="<?=htmlspecialchars($pconfig['pointtopoint']);?>"> + </td> + </tr><?php endif; ?> + <tr> <td valign="top" class="vncellreq">Gateway</td> - <td class="vtable"> <input name="gateway" type="text" class="formfld" id="gateway" size="20" value="<?=htmlspecialchars($pconfig['gateway']);?>"> + <td class="vtable"> <input name="gateway" type="text" class="formfld" id="gateway" size="20" value="<?=htmlspecialchars($pconfig['gateway']);?>"> </td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> <tr> @@ -514,46 +518,42 @@ function type_change(enable_change,enable_change_pptp) { <br> The bandwidth setting will define the speed of the interface for traffic shaping. </td> </tr> - - <tr> - <td colspan="2" valign="top" height="16"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">DHCP client configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">DHCP client configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Hostname</td> <td class="vtable"> <input name="dhcphostname" type="text" class="formfld" id="dhcphostname" size="40" value="<?=htmlspecialchars($pconfig['dhcphostname']);?>"> <br> - The value in this field is sent as the DHCP client identifier - and hostname when requesting a DHCP lease. Some ISPs may require + The value in this field is sent as the DHCP client identifier + and hostname when requesting a DHCP lease. Some ISPs may require this (for client identification).</td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">PPPoE configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">PPPoE configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Username</td> - <td class="vtable"><input name="username" type="text" class="formfld" id="username" size="20" value="<?=htmlspecialchars($pconfig['username']);?>"> + <td class="vtable"><input name="username" type="text" class="formfld" id="username" size="20" value="<?=htmlspecialchars($pconfig['username']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Password</td> - <td class="vtable"><input name="password" type="text" class="formfld" id="password" size="20" value="<?=htmlspecialchars($pconfig['password']);?>"> + <td class="vtable"><input name="password" type="text" class="formfld" id="password" size="20" value="<?=htmlspecialchars($pconfig['password']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Service name</td> - <td class="vtable"><input name="provider" type="text" class="formfld" id="provider" size="20" value="<?=htmlspecialchars($pconfig['provider']);?>"> - <br> <span class="vexpl">Hint: this field can usually be left + <td class="vtable"><input name="provider" type="text" class="formfld" id="provider" size="20" value="<?=htmlspecialchars($pconfig['provider']);?>"> + <br> <span class="vexpl">Hint: this field can usually be left empty</span></td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Dial on demand</td> - <td class="vtable"><input name="pppoe_dialondemand" type="checkbox" id="pppoe_dialondemand" value="enable" <?php if ($pconfig['pppoe_dialondemand'] == "enable") echo "checked"; ?> onClick="enable_change(false)" > + <td class="vtable"><input name="pppoe_dialondemand" type="checkbox" id="pppoe_dialondemand" value="enable" <?php if ($pconfig['pppoe_dialondemand']) echo "checked"; ?> onClick="enable_change(false)" > <strong>Enable Dial-On-Demand mode</strong><br> This option causes the interface to operate in dial-on-demand mode, allowing you to have a <i>virtual full time</i> connection. The interface is configured, but the actual connection of the link is delayed until qualifying outgoing traffic is detected.</td> </tr> @@ -564,42 +564,42 @@ function type_change(enable_change,enable_change_pptp) { seconds<br> If no qualifying outgoing packets are transmitted for the specified number of seconds, the connection is brought down. An idle timeout of zero disables this feature.</td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">PPTP configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">PPTP configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Username</td> - <td class="vtable"><input name="pptp_username" type="text" class="formfld" id="pptp_username" size="20" value="<?=htmlspecialchars($pconfig['pptp_username']);?>"> + <td class="vtable"><input name="pptp_username" type="text" class="formfld" id="pptp_username" size="20" value="<?=htmlspecialchars($pconfig['pptp_username']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Password</td> - <td class="vtable"><input name="pptp_password" type="text" class="formfld" id="pptp_password" size="20" value="<?=htmlspecialchars($pconfig['pptp_password']);?>"> + <td class="vtable"><input name="pptp_password" type="text" class="formfld" id="pptp_password" size="20" value="<?=htmlspecialchars($pconfig['pptp_password']);?>"> </td> </tr> - <tr> + <tr> <td width="100" valign="top" class="vncellreq">Local IP address</td> <td class="vtable"> <input name="pptp_local" type="text" class="formfld" id="pptp_local" size="20" value="<?=htmlspecialchars($pconfig['pptp_local']);?>"> - / + / <select name="pptp_subnet" class="formfld" id="pptp_subnet"> - <?php for ($i = 32; $i > 0; $i--): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['pptp_subnet']) echo "selected"; ?>> + <?php for ($i = 31; $i > 0; $i--): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['pptp_subnet']) echo "selected"; ?>> <?=$i;?> </option> <?php endfor; ?> </select></td> </tr> - <tr> + <tr> <td width="100" valign="top" class="vncellreq">Remote IP address</td> - <td class="vtable"> <input name="pptp_remote" type="text" class="formfld" id="pptp_remote" size="20" value="<?=htmlspecialchars($pconfig['pptp_remote']);?>"> + <td class="vtable"> <input name="pptp_remote" type="text" class="formfld" id="pptp_remote" size="20" value="<?=htmlspecialchars($pconfig['pptp_remote']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Dial on demand</td> - <td class="vtable"><input name="pptp_dialondemand" type="checkbox" id="pptp_dialondemand" value="enable" <?php if ($pconfig['pptp_dialondemand'] == "enable") echo "checked"; ?> onClick="enable_change_pptp(false)" > + <td class="vtable"><input name="pptp_dialondemand" type="checkbox" id="pptp_dialondemand" value="enable" <?php if ($pconfig['pptp_dialondemand']) echo "checked"; ?> onClick="enable_change_pptp(false)" > <strong>Enable Dial-On-Demand mode</strong><br> This option causes the interface to operate in dial-on-demand mode, allowing you to have a <i>virtual full time</i> connection. The interface is configured, but the actual connection of the link is delayed until qualifying outgoing traffic is detected.</td> </tr> @@ -610,29 +610,29 @@ function type_change(enable_change,enable_change_pptp) { seconds<br> If no qualifying outgoing packets are transmitted for the specified number of seconds, the connection is brought down. An idle timeout of zero disables this feature.</td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">BigPond Cable configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">BigPond Cable configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Username</td> - <td class="vtable"><input name="bigpond_username" type="text" class="formfld" id="bigpond_username" size="20" value="<?=htmlspecialchars($pconfig['bigpond_username']);?>"> + <td class="vtable"><input name="bigpond_username" type="text" class="formfld" id="bigpond_username" size="20" value="<?=htmlspecialchars($pconfig['bigpond_username']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Password</td> - <td class="vtable"><input name="bigpond_password" type="text" class="formfld" id="bigpond_password" size="20" value="<?=htmlspecialchars($pconfig['bigpond_password']);?>"> + <td class="vtable"><input name="bigpond_password" type="text" class="formfld" id="bigpond_password" size="20" value="<?=htmlspecialchars($pconfig['bigpond_password']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Authentication server</td> <td class="vtable"><input name="bigpond_authserver" type="text" class="formfld" id="bigpond_authserver" size="20" value="<?=htmlspecialchars($pconfig['bigpond_authserver']);?>"> <br> <span class="vexpl">If this field is left empty, the default ("dce-server") is used. </span></td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Authentication domain</td> <td class="vtable"><input name="bigpond_authdomain" type="text" class="formfld" id="bigpond_authdomain" size="20" value="<?=htmlspecialchars($pconfig['bigpond_authdomain']);?>"> <br> @@ -647,30 +647,28 @@ function type_change(enable_change,enable_change_pptp) { seconds<br> Setting this to a sensible value (e.g. 60 seconds) can protect against DoS attacks. </td> </tr> - - <?php /* Wireless interface? */ if (isset($optcfg['wireless'])) wireless_config_print(); ?> - <tr> + <tr> <td height="16" colspan="2" valign="top"></td> </tr> - <tr> + <tr> <td valign="middle"> </td> - <td class="vtable"> <input name="blockpriv" type="checkbox" id="blockpriv" value="yes" <?php if ($pconfig['blockpriv'] == "yes") echo "checked"; ?>> + <td class="vtable"> <input name="blockpriv" type="checkbox" id="blockpriv" value="yes" <?php if ($pconfig['blockpriv']) echo "checked"; ?>> <strong>Block private networks</strong><br> - When set, this option blocks traffic from IP addresses that + When set, this option blocks traffic from IP addresses that are reserved for private<br> - networks as per RFC 1918 (10/8, 172.16/12, 192.168/16) as + networks as per RFC 1918 (10/8, 172.16/12, 192.168/16) as well as loopback addresses<br> - (127/8). You should generally leave this option turned on, + (127/8). You should generally leave this option turned on, unless your WAN network<br> lies in such a private address space, too.</td> </tr> - <tr> + <tr> <td width="100" valign="top"> </td> - <td> <br> <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change_pptp(true)&&enable_change(true)"> + <td> <br> <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change_pptp(true)&&enable_change(true)"> </td> </tr> </table> diff --git a/usr/local/www/interfaces_opt.php b/usr/local/www/interfaces_opt.php index 3c8f560..c2f4226 100755 --- a/usr/local/www/interfaces_opt.php +++ b/usr/local/www/interfaces_opt.php @@ -159,13 +159,10 @@ if ($_POST) { <script language="JavaScript"> <!-- function enable_change(enable_over) { - if ((document.iform.bridge.selectedIndex == 0) || enable_over) { - document.iform.ipaddr.disabled = 0; - document.iform.subnet.disabled = 0; - } else { - document.iform.ipaddr.disabled = 1; - document.iform.subnet.disabled = 1; - } + var endis; + endis = !((document.iform.bridge.selectedIndex == 0) || enable_over); + document.iform.ipaddr.disabled = endis; + document.iform.subnet.disabled = endis; } function gen_bits(ipaddr) { if (ipaddr.search(/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/) != -1) { @@ -220,7 +217,7 @@ function ipaddr_change() { <td colspan="2" valign="top" height="16"></td> </tr> <tr> - <td colspan="2" valign="top" class="vnsepcell">IP configuration</td> + <td colspan="2" valign="top" class="listtopic">IP configuration</td> </tr> <tr> <td width="22%" valign="top" class="vncellreq">Bridge with</td> diff --git a/usr/local/www/interfaces_wan.php b/usr/local/www/interfaces_wan.php index 076650d..36498d1 100755 --- a/usr/local/www/interfaces_wan.php +++ b/usr/local/www/interfaces_wan.php @@ -1,22 +1,22 @@ #!/usr/local/bin/php -<?php +<?php /* interfaces_wan.php part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -37,11 +37,7 @@ $optcfg = &$config['interfaces']['wan']; $pconfig['username'] = $config['pppoe']['username']; $pconfig['password'] = $config['pppoe']['password']; $pconfig['provider'] = $config['pppoe']['provider']; - -$pconfig['bandwidth'] = $config['bandwidth']; -$pconfig['bandwidthtype'] = $config['bandwidthtype']; - -$pconfig['pppoe_dialondemand'] = $config['pppoe']['ondemand']; +$pconfig['pppoe_dialondemand'] = isset($config['pppoe']['ondemand']); $pconfig['pppoe_idletimeout'] = $config['pppoe']['timeout']; $pconfig['pptp_username'] = $config['pptp']['username']; @@ -49,7 +45,7 @@ $pconfig['pptp_password'] = $config['pptp']['password']; $pconfig['pptp_local'] = $config['pptp']['local']; $pconfig['pptp_subnet'] = $config['pptp']['subnet']; $pconfig['pptp_remote'] = $config['pptp']['remote']; -$pconfig['pptp_dialondemand'] = $config['pptp']['ondemand']; +$pconfig['pptp_dialondemand'] = isset($config['pptp']['ondemand']); $pconfig['pptp_idletimeout'] = $config['pptp']['timeout']; $pconfig['bigpond_username'] = $config['bigpond']['username']; @@ -73,14 +69,12 @@ if ($wancfg['ipaddr'] == "dhcp") { $pconfig['ipaddr'] = $wancfg['ipaddr']; $pconfig['subnet'] = $wancfg['subnet']; $pconfig['gateway'] = $wancfg['gateway']; + $pconfig['pointtopoint'] = $wancfg['pointtopoint']; } $pconfig['blockpriv'] = isset($wancfg['blockpriv']); $pconfig['spoofmac'] = $wancfg['spoofmac']; $pconfig['mtu'] = $wancfg['mtu']; -$pconfig['bandwidth'] = $wancfg['bandwidth']; -$pconfig['bandwidthtype'] = $wancfg['bandwidthtype']; -$pconfig['schedulertype'] = $wancfg['schedulertype']; /* Wireless interface? */ if (isset($optcfg['wireless'])) { @@ -121,7 +115,7 @@ if ($_POST) { $reqdfieldsn = explode(",", "BigPond username,BigPond password"); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); } - + if (($_POST['ipaddr'] && !is_ipaddr($_POST['ipaddr']))) { $input_errors[] = "A valid IP address must be specified."; } @@ -131,10 +125,13 @@ if ($_POST) { if (($_POST['gateway'] && !is_ipaddr($_POST['gateway']))) { $input_errors[] = "A valid gateway must be specified."; } + if (($_POST['pointtopoint'] && !is_ipaddr($_POST['pointtopoint']))) { + $input_errors[] = "A valid point-to-point IP address must be specified."; + } if (($_POST['provider'] && !is_domain($_POST['provider']))) { $input_errors[] = "The service name contains invalid characters."; } - if ($_POST['pppoe_idletimeout'] && !is_numericint($_POST['pppoe_idletimeout'])) { + if (($_POST['pppoe_idletimeout'] != "") && !is_numericint($_POST['pppoe_idletimeout'])) { $input_errors[] = "The idle timeout value must be an integer."; } if (($_POST['pptp_local'] && !is_ipaddr($_POST['pptp_local']))) { @@ -146,7 +143,7 @@ if ($_POST) { if (($_POST['pptp_remote'] && !is_ipaddr($_POST['pptp_remote']))) { $input_errors[] = "A valid PPTP remote IP address must be specified."; } - if ($_POST['pptp_idletimeout'] && !is_numericint($_POST['pptp_idletimeout'])) { + if (($_POST['pptp_idletimeout'] != "") && !is_numericint($_POST['pptp_idletimeout'])) { $input_errors[] = "The idle timeout value must be an integer."; } if (($_POST['bigpond_authserver'] && !is_domain($_POST['bigpond_authserver']))) { @@ -164,7 +161,7 @@ if ($_POST) { if ($_POST['mtu'] && (($_POST['mtu'] < 576) || ($_POST['mtu'] > 1500))) { $input_errors[] = "The MTU must be between 576 and 1500 bytes."; } - + /* Wireless interface? */ if (isset($optcfg['wireless'])) { $wi_input_errors = wireless_config_post(); @@ -174,13 +171,11 @@ if ($_POST) { } if (!$input_errors) { - + unset($wancfg['ipaddr']); unset($wancfg['subnet']); unset($wancfg['gateway']); - unset($wancfg['bandwidth']); - unset($wancfg['bandwidthtype']); - unset($wancfg['schedulertype']); + unset($wancfg['pointtopoint']); unset($wancfg['dhcphostname']); unset($config['pppoe']['username']); unset($config['pppoe']['password']); @@ -199,14 +194,13 @@ if ($_POST) { unset($config['bigpond']['authserver']); unset($config['bigpond']['authdomain']); unset($config['bigpond']['minheartbeatinterval']); - - $wancfg['bandwidth'] = $_POST['bandwidth']; - $wancfg['bandwidthtype'] = $_POST['bandwidthtype']; - + if ($_POST['type'] == "Static") { $wancfg['ipaddr'] = $_POST['ipaddr']; $wancfg['subnet'] = $_POST['subnet']; $wancfg['gateway'] = $_POST['gateway']; + if (isset($wancfg['ispointtopoint'])) + $wancfg['pointtopoint'] = $_POST['pointtopoint']; } else if ($_POST['type'] == "DHCP") { $wancfg['ipaddr'] = "dhcp"; $wancfg['dhcphostname'] = $_POST['dhcphostname']; @@ -215,7 +209,7 @@ if ($_POST) { $config['pppoe']['username'] = $_POST['username']; $config['pppoe']['password'] = $_POST['password']; $config['pppoe']['provider'] = $_POST['provider']; - $config['pppoe']['ondemand'] = $_POST['pppoe_dialondemand']; + $config['pppoe']['ondemand'] = $_POST['pppoe_dialondemand'] ? true : false; $config['pppoe']['timeout'] = $_POST['pppoe_idletimeout']; } else if ($_POST['type'] == "PPTP") { $wancfg['ipaddr'] = "pptp"; @@ -224,7 +218,7 @@ if ($_POST) { $config['pptp']['local'] = $_POST['pptp_local']; $config['pptp']['subnet'] = $_POST['pptp_subnet']; $config['pptp']['remote'] = $_POST['pptp_remote']; - $config['pptp']['ondemand'] = $_POST['pptp_dialondemand']; + $config['pptp']['ondemand'] = $_POST['pptp_dialondemand'] ? true : false; $config['pptp']['timeout'] = $_POST['pptp_idletimeout']; } else if ($_POST['type'] == "BigPond") { $wancfg['ipaddr'] = "bigpond"; @@ -234,13 +228,13 @@ if ($_POST) { $config['bigpond']['authdomain'] = $_POST['bigpond_authdomain']; $config['bigpond']['minheartbeatinterval'] = $_POST['bigpond_minheartbeatinterval']; } - $wancfg['schedulertype'] = $_POST['schedulertype']; + $wancfg['blockpriv'] = $_POST['blockpriv'] ? true : false; $wancfg['spoofmac'] = $_POST['spoofmac']; $wancfg['mtu'] = $_POST['mtu']; - + write_config(); - + $retval = 0; if (!file_exists($d_sysrebootreqd_path)) { config_lock(); @@ -410,73 +404,83 @@ function type_change(enable_change,enable_change_pptp) { <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> -<?php $schedulertype = $config['interfaces']['wan']['schedulertype']; ?> <p class="pgtitle">Interfaces: WAN</p> <?php if ($input_errors) print_input_errors($input_errors); ?> <?php if ($savemsg) print_info_box($savemsg); ?> <form action="interfaces_wan.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> + <tr> <td valign="middle"><strong>Type</strong></td> <td> <select name="type" class="formfld" id="type" onchange="type_change()"> <?php $opts = split(" ", "Static DHCP PPPoE PPTP BigPond"); foreach ($opts as $opt): ?> - <option <?php if ($opt == $pconfig['type']) echo "selected";?>> + <option <?php if ($opt == $pconfig['type']) echo "selected";?>> <?=htmlspecialchars($opt);?> </option> <?php endforeach; ?> </select></td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="4"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">General configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">General configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncell">MAC address</td> - <td class="vtable"> <input name="spoofmac" type="text" class="formfld" id="spoofmac" size="30" value="<?=htmlspecialchars($pconfig['spoofmac']);?>"> + <td class="vtable"> <input name="spoofmac" type="text" class="formfld" id="spoofmac" size="30" value="<?=htmlspecialchars($pconfig['spoofmac']);?>"> <br> - This field can be used to modify ("spoof") the MAC + This field can be used to modify ("spoof") the MAC address of the WAN interface<br> (may be required with some cable connections)<br> - Enter a MAC address in the following format: xx:xx:xx:xx:xx:xx + Enter a MAC address in the following format: xx:xx:xx:xx:xx:xx or leave blank</td> </tr> - <tr> + <tr> <td valign="top" class="vncell">MTU</td> - <td class="vtable"> <input name="mtu" type="text" class="formfld" id="mtu" size="8" value="<?=htmlspecialchars($pconfig['mtu']);?>"> + <td class="vtable"> <input name="mtu" type="text" class="formfld" id="mtu" size="8" value="<?=htmlspecialchars($pconfig['mtu']);?>"> <br> - If you enter a value in this field, then MSS clamping for - TCP connections to the value entered above minus 40 (TCP/IP - header size) will be in effect. If you leave this field blank, - an MTU of 1492 bytes for PPPoE and 1500 bytes for all other + If you enter a value in this field, then MSS clamping for + TCP connections to the value entered above minus 40 (TCP/IP + header size) will be in effect. If you leave this field blank, + an MTU of 1492 bytes for PPPoE and 1500 bytes for all other connection types will be assumed.</td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">Static IP configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">Static IP configuration</td> </tr> - <tr> + <tr> <td width="100" valign="top" class="vncellreq">IP address</td> <td class="vtable"> <input name="ipaddr" type="text" class="formfld" id="ipaddr" size="20" value="<?=htmlspecialchars($pconfig['ipaddr']);?>"> - / + / <select name="subnet" class="formfld" id="subnet"> - <?php for ($i = 32; $i > 0; $i--): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['subnet']) echo "selected"; ?>> + <?php + if (isset($wancfg['ispointtopoint'])) + $snmax = 32; + else + $snmax = 31; + for ($i = $snmax; $i > 0; $i--): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['subnet']) echo "selected"; ?>> <?=$i;?> </option> <?php endfor; ?> </select></td> - </tr> + </tr><?php if (isset($wancfg['ispointtopoint'])): ?> <tr> + <td valign="top" class="vncellreq">Point-to-point IP address </td> + <td class="vtable"> + <input name="pointtopoint" type="text" class="formfld" id="pointtopoint" size="20" value="<?=htmlspecialchars($pconfig['pointtopoint']);?>"> + </td> + </tr><?php endif; ?> + <tr> <td valign="top" class="vncellreq">Gateway</td> - <td class="vtable"> <input name="gateway" type="text" class="formfld" id="gateway" size="20" value="<?=htmlspecialchars($pconfig['gateway']);?>"> + <td class="vtable"> <input name="gateway" type="text" class="formfld" id="gateway" size="20" value="<?=htmlspecialchars($pconfig['gateway']);?>"> </td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> <tr> @@ -514,46 +518,42 @@ function type_change(enable_change,enable_change_pptp) { <br> The bandwidth setting will define the speed of the interface for traffic shaping. </td> </tr> - - <tr> - <td colspan="2" valign="top" height="16"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">DHCP client configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">DHCP client configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Hostname</td> <td class="vtable"> <input name="dhcphostname" type="text" class="formfld" id="dhcphostname" size="40" value="<?=htmlspecialchars($pconfig['dhcphostname']);?>"> <br> - The value in this field is sent as the DHCP client identifier - and hostname when requesting a DHCP lease. Some ISPs may require + The value in this field is sent as the DHCP client identifier + and hostname when requesting a DHCP lease. Some ISPs may require this (for client identification).</td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">PPPoE configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">PPPoE configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Username</td> - <td class="vtable"><input name="username" type="text" class="formfld" id="username" size="20" value="<?=htmlspecialchars($pconfig['username']);?>"> + <td class="vtable"><input name="username" type="text" class="formfld" id="username" size="20" value="<?=htmlspecialchars($pconfig['username']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Password</td> - <td class="vtable"><input name="password" type="text" class="formfld" id="password" size="20" value="<?=htmlspecialchars($pconfig['password']);?>"> + <td class="vtable"><input name="password" type="text" class="formfld" id="password" size="20" value="<?=htmlspecialchars($pconfig['password']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Service name</td> - <td class="vtable"><input name="provider" type="text" class="formfld" id="provider" size="20" value="<?=htmlspecialchars($pconfig['provider']);?>"> - <br> <span class="vexpl">Hint: this field can usually be left + <td class="vtable"><input name="provider" type="text" class="formfld" id="provider" size="20" value="<?=htmlspecialchars($pconfig['provider']);?>"> + <br> <span class="vexpl">Hint: this field can usually be left empty</span></td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Dial on demand</td> - <td class="vtable"><input name="pppoe_dialondemand" type="checkbox" id="pppoe_dialondemand" value="enable" <?php if ($pconfig['pppoe_dialondemand'] == "enable") echo "checked"; ?> onClick="enable_change(false)" > + <td class="vtable"><input name="pppoe_dialondemand" type="checkbox" id="pppoe_dialondemand" value="enable" <?php if ($pconfig['pppoe_dialondemand']) echo "checked"; ?> onClick="enable_change(false)" > <strong>Enable Dial-On-Demand mode</strong><br> This option causes the interface to operate in dial-on-demand mode, allowing you to have a <i>virtual full time</i> connection. The interface is configured, but the actual connection of the link is delayed until qualifying outgoing traffic is detected.</td> </tr> @@ -564,42 +564,42 @@ function type_change(enable_change,enable_change_pptp) { seconds<br> If no qualifying outgoing packets are transmitted for the specified number of seconds, the connection is brought down. An idle timeout of zero disables this feature.</td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">PPTP configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">PPTP configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Username</td> - <td class="vtable"><input name="pptp_username" type="text" class="formfld" id="pptp_username" size="20" value="<?=htmlspecialchars($pconfig['pptp_username']);?>"> + <td class="vtable"><input name="pptp_username" type="text" class="formfld" id="pptp_username" size="20" value="<?=htmlspecialchars($pconfig['pptp_username']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Password</td> - <td class="vtable"><input name="pptp_password" type="text" class="formfld" id="pptp_password" size="20" value="<?=htmlspecialchars($pconfig['pptp_password']);?>"> + <td class="vtable"><input name="pptp_password" type="text" class="formfld" id="pptp_password" size="20" value="<?=htmlspecialchars($pconfig['pptp_password']);?>"> </td> </tr> - <tr> + <tr> <td width="100" valign="top" class="vncellreq">Local IP address</td> <td class="vtable"> <input name="pptp_local" type="text" class="formfld" id="pptp_local" size="20" value="<?=htmlspecialchars($pconfig['pptp_local']);?>"> - / + / <select name="pptp_subnet" class="formfld" id="pptp_subnet"> - <?php for ($i = 32; $i > 0; $i--): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['pptp_subnet']) echo "selected"; ?>> + <?php for ($i = 31; $i > 0; $i--): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['pptp_subnet']) echo "selected"; ?>> <?=$i;?> </option> <?php endfor; ?> </select></td> </tr> - <tr> + <tr> <td width="100" valign="top" class="vncellreq">Remote IP address</td> - <td class="vtable"> <input name="pptp_remote" type="text" class="formfld" id="pptp_remote" size="20" value="<?=htmlspecialchars($pconfig['pptp_remote']);?>"> + <td class="vtable"> <input name="pptp_remote" type="text" class="formfld" id="pptp_remote" size="20" value="<?=htmlspecialchars($pconfig['pptp_remote']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Dial on demand</td> - <td class="vtable"><input name="pptp_dialondemand" type="checkbox" id="pptp_dialondemand" value="enable" <?php if ($pconfig['pptp_dialondemand'] == "enable") echo "checked"; ?> onClick="enable_change_pptp(false)" > + <td class="vtable"><input name="pptp_dialondemand" type="checkbox" id="pptp_dialondemand" value="enable" <?php if ($pconfig['pptp_dialondemand']) echo "checked"; ?> onClick="enable_change_pptp(false)" > <strong>Enable Dial-On-Demand mode</strong><br> This option causes the interface to operate in dial-on-demand mode, allowing you to have a <i>virtual full time</i> connection. The interface is configured, but the actual connection of the link is delayed until qualifying outgoing traffic is detected.</td> </tr> @@ -610,29 +610,29 @@ function type_change(enable_change,enable_change_pptp) { seconds<br> If no qualifying outgoing packets are transmitted for the specified number of seconds, the connection is brought down. An idle timeout of zero disables this feature.</td> </tr> - <tr> + <tr> <td colspan="2" valign="top" height="16"></td> </tr> - <tr> - <td colspan="2" valign="top" class="vnsepcell">BigPond Cable configuration</td> + <tr> + <td colspan="2" valign="top" class="listtopic">BigPond Cable configuration</td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Username</td> - <td class="vtable"><input name="bigpond_username" type="text" class="formfld" id="bigpond_username" size="20" value="<?=htmlspecialchars($pconfig['bigpond_username']);?>"> + <td class="vtable"><input name="bigpond_username" type="text" class="formfld" id="bigpond_username" size="20" value="<?=htmlspecialchars($pconfig['bigpond_username']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncellreq">Password</td> - <td class="vtable"><input name="bigpond_password" type="text" class="formfld" id="bigpond_password" size="20" value="<?=htmlspecialchars($pconfig['bigpond_password']);?>"> + <td class="vtable"><input name="bigpond_password" type="text" class="formfld" id="bigpond_password" size="20" value="<?=htmlspecialchars($pconfig['bigpond_password']);?>"> </td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Authentication server</td> <td class="vtable"><input name="bigpond_authserver" type="text" class="formfld" id="bigpond_authserver" size="20" value="<?=htmlspecialchars($pconfig['bigpond_authserver']);?>"> <br> <span class="vexpl">If this field is left empty, the default ("dce-server") is used. </span></td> </tr> - <tr> + <tr> <td valign="top" class="vncell">Authentication domain</td> <td class="vtable"><input name="bigpond_authdomain" type="text" class="formfld" id="bigpond_authdomain" size="20" value="<?=htmlspecialchars($pconfig['bigpond_authdomain']);?>"> <br> @@ -647,30 +647,28 @@ function type_change(enable_change,enable_change_pptp) { seconds<br> Setting this to a sensible value (e.g. 60 seconds) can protect against DoS attacks. </td> </tr> - - <?php /* Wireless interface? */ if (isset($optcfg['wireless'])) wireless_config_print(); ?> - <tr> + <tr> <td height="16" colspan="2" valign="top"></td> </tr> - <tr> + <tr> <td valign="middle"> </td> - <td class="vtable"> <input name="blockpriv" type="checkbox" id="blockpriv" value="yes" <?php if ($pconfig['blockpriv'] == "yes") echo "checked"; ?>> + <td class="vtable"> <input name="blockpriv" type="checkbox" id="blockpriv" value="yes" <?php if ($pconfig['blockpriv']) echo "checked"; ?>> <strong>Block private networks</strong><br> - When set, this option blocks traffic from IP addresses that + When set, this option blocks traffic from IP addresses that are reserved for private<br> - networks as per RFC 1918 (10/8, 172.16/12, 192.168/16) as + networks as per RFC 1918 (10/8, 172.16/12, 192.168/16) as well as loopback addresses<br> - (127/8). You should generally leave this option turned on, + (127/8). You should generally leave this option turned on, unless your WAN network<br> lies in such a private address space, too.</td> </tr> - <tr> + <tr> <td width="100" valign="top"> </td> - <td> <br> <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change_pptp(true)&&enable_change(true)"> + <td> <br> <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change_pptp(true)&&enable_change(true)"> </td> </tr> </table> |
