diff options
author | Ermal <eri@pfsense.org> | 2011-09-07 06:42:58 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2011-09-07 13:04:01 +0000 |
commit | b4792bf8fe3b1cef416c7135fea88c1a0b08800a (patch) | |
tree | d32a5fb188939e28cd42c92aa9b4cf6729ff4947 | |
parent | 9b55203f878786a2bbd0b7d5dda4474d2533695b (diff) | |
download | pfsense-b4792bf8fe3b1cef416c7135fea88c1a0b08800a.zip pfsense-b4792bf8fe3b1cef416c7135fea88c1a0b08800a.tar.gz |
Add the multi instance CP to master branch. This allows to define CP with different properties on different interfaces.
26 files changed, 1432 insertions, 794 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 0f76b81..536147e 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -50,14 +50,15 @@ require_once("radius.inc"); require_once("voucher.inc"); function get_default_captive_portal_html() { - global $config, $g; + global $config, $g, $cpzone; // Detect if vouchers are being used and default to the voucher page - if(isset($config['voucher']['enable'])) { + if(isset($config['voucher'][$cpzone]['enable'])) { $htmltext = <<<EOD <html> <body> <form method="post" action="\$PORTAL_ACTION\$"> <input name="redirurl" type="hidden" value="\$PORTAL_REDIRURL\$"> + <input name="zone" type="hidden" value="\$PORTAL_ZONE\$"> <center> <table cellpadding="6" cellspacing="0" width="550" height="380" style="border:1px solid #000000"> <tr height="10" bgcolor="#990000"> @@ -128,6 +129,7 @@ EOD; <body> <form method="post" action="\$PORTAL_ACTION\$"> <input name="redirurl" type="hidden" value="\$PORTAL_REDIRURL\$"> + <input name="zone" type="hidden" value="\$PORTAL_ZONE\$"> <center> <table cellpadding="6" cellspacing="0" width="550" height="380" style="border:1px solid #000000"> <tr height="10" bgcolor="#990000"> @@ -203,32 +205,52 @@ EOD; } function captiveportal_configure() { - global $config, $g; + global $config, $cpzone; - $captiveportallck = lock('captiveportal', LOCK_EX); + if (is_array($config['captiveportal'])) { + mwexec("/sbin/sysctl net.link.ether.ipfw=1"); + foreach ($config['captiveportal'] as $cpkey => $cp) { + $cpzone = $cpkey; + captiveportal_configure_zone($cp); + } + } else + mwexec("/sbin/sysctl net.link.ether.ipfw=0"); +} + +function captiveportal_ipfw_set_context($cpzone) { + mwexec("/usr/local/sbin/ipfw_context -s {$cpzone}", true); +} + +function captiveportal_configure_zone($cpcfg) { + global $config, $g, $cpzone; + + $captiveportallck = lock("captiveportal{$cpzone}", LOCK_EX); - if (isset($config['captiveportal']['enable'])) { + if (isset($cpcfg['enable'])) { if ($g['booting']) - echo "Starting captive portal... "; + echo "Starting captive portal({$cpcfg['zone']})... "; else - captiveportal_syslog("Restarting captive portal."); + captiveportal_syslog("Restarting captive portal({$cpcfg['zone']})."); /* kill any running mini_httpd */ - killbypid("{$g['varrun_path']}/lighty-CaptivePortal.pid"); - killbypid("{$g['varrun_path']}/lighty-CaptivePortal-SSL.pid"); + killbypid("{$g['varrun_path']}/lighty-{$cpzone}-CaptivePortal.pid"); + killbypid("{$g['varrun_path']}/lighty-{$cpzone}-CaptivePortal-SSL.pid"); /* remove old information */ - unlink_if_exists("{$g['vardb_path']}/captiveportal.db"); - unlink_if_exists("{$g['vardb_path']}/captiveportal_mac.db"); - unlink_if_exists("{$g['vardb_path']}/captiveportal_ip.db"); - unlink_if_exists("{$g['vardb_path']}/captiveportal_radius.db"); + unlink_if_exists("{$g['vardb_path']}/captiveportal_{$cpzone}.db"); + unlink_if_exists("{$g['vardb_path']}/captiveportal_mac_{$cpzone}.db"); + unlink_if_exists("{$g['vardb_path']}/captiveportal_ip_{$cpzone}.db"); + unlink_if_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db"); /* setup new database in case someone tries to access the status -> captive portal page */ - touch("{$g['vardb_path']}/captiveportal.db"); + touch("{$g['vardb_path']}/captiveportal_{$cpzone}.db"); /* kill any running minicron */ - killbypid("{$g['varrun_path']}/cp_prunedb.pid"); + killbypid("{$g['varrun_path']}/cp_prunedb_{$cpzone}.pid"); + + mwexec("/usr/local/sbin/ipfw_context -a {$cpzone}", true); + captiveportal_ipfw_set_context($cpzone); /* init ipfw rules */ captiveportal_init_rules(true); @@ -237,67 +259,69 @@ function captiveportal_configure() { captiveportal_radius_stop_all(); /* initialize minicron interval value */ - $croninterval = $config['captiveportal']['croninterval'] ? $config['captiveportal']['croninterval'] : 60; + $croninterval = $cpcfg['croninterval'] ? $cpcfg['croninterval'] : 60; /* double check if the $croninterval is numeric and at least 10 seconds. If not we set it to 60 to avoid problems */ if ((!is_numeric($croninterval)) || ($croninterval < 10)) $croninterval = 60; /* write portal page */ - if ($config['captiveportal']['page']['htmltext']) - $htmltext = base64_decode($config['captiveportal']['page']['htmltext']); + if ($cpcfg['page']['htmltext']) + $htmltext = base64_decode($cpcfg['page']['htmltext']); else { /* example/template page */ $htmltext = get_default_captive_portal_html(); } - $fd = @fopen("{$g['varetc_path']}/captiveportal.html", "w"); + $fd = @fopen("{$g['varetc_path']}/captiveportal_{$cpzone}.html", "w"); if ($fd) { // Special case handling. Convert so that we can pass this page // through the PHP interpreter later without clobbering the vars. + $htmltext = str_replace("\$PORTAL_ZONE\$", "#PORTAL_ZONE#", $htmltext); $htmltext = str_replace("\$PORTAL_REDIRURL\$", "#PORTAL_REDIRURL#", $htmltext); $htmltext = str_replace("\$PORTAL_MESSAGE\$", "#PORTAL_MESSAGE#", $htmltext); $htmltext = str_replace("\$CLIENT_MAC\$", "#CLIENT_MAC#", $htmltext); $htmltext = str_replace("\$CLIENT_IP\$", "#CLIENT_IP#", $htmltext); $htmltext = str_replace("\$ORIGINAL_PORTAL_IP\$", "#ORIGINAL_PORTAL_IP#", $htmltext); $htmltext = str_replace("\$PORTAL_ACTION\$", "#PORTAL_ACTION#", $htmltext); - if($config['captiveportal']['preauthurl']) { - $htmltext = str_replace("\$PORTAL_REDIRURL\$", "{$config['captiveportal']['preauthurl']}", $htmltext); - $htmltext = str_replace("#PORTAL_REDIRURL#", "{$config['captiveportal']['preauthurl']}", $htmltext); + if($cpcfg['preauthurl']) { + $htmltext = str_replace("\$PORTAL_REDIRURL\$", "{$cpcfg['preauthurl']}", $htmltext); + $htmltext = str_replace("#PORTAL_REDIRURL#", "{$cpcfg['preauthurl']}", $htmltext); } fwrite($fd, $htmltext); fclose($fd); } /* write error page */ - if ($config['captiveportal']['page']['errtext']) - $errtext = base64_decode($config['captiveportal']['page']['errtext']); + if ($cpcfg['page']['errtext']) + $errtext = base64_decode($cpcfg['page']['errtext']); else { /* example page */ $errtext = get_default_captive_portal_html(); } - $fd = @fopen("{$g['varetc_path']}/captiveportal-error.html", "w"); + $fd = @fopen("{$g['varetc_path']}/captiveportal-{$cpzone}-error.html", "w"); if ($fd) { // Special case handling. Convert so that we can pass this page // through the PHP interpreter later without clobbering the vars. + $errtext = str_replace("\$PORTAL_ZONE\$", "#PORTAL_ZONE#", $errtext); $errtext = str_replace("\$PORTAL_REDIRURL\$", "#PORTAL_REDIRURL#", $errtext); $errtext = str_replace("\$PORTAL_MESSAGE\$", "#PORTAL_MESSAGE#", $errtext); $errtext = str_replace("\$CLIENT_MAC\$", "#CLIENT_MAC#", $errtext); $errtext = str_replace("\$CLIENT_IP\$", "#CLIENT_IP#", $errtext); $errtext = str_replace("\$ORIGINAL_PORTAL_IP\$", "#ORIGINAL_PORTAL_IP#", $errtext); $errtext = str_replace("\$PORTAL_ACTION\$", "#PORTAL_ACTION#", $errtext); - if($config['captiveportal']['preauthurl']) { - $errtext = str_replace("\$PORTAL_REDIRURL\$", "{$config['captiveportal']['preauthurl']}", $errtext); - $errtext = str_replace("#PORTAL_REDIRURL#", "{$config['captiveportal']['preauthurl']}", $errtext); + if($cpcfg['preauthurl']) { + $errtext = str_replace("\$PORTAL_REDIRURL\$", "{$cpcfg['preauthurl']}", $errtext); + $errtext = str_replace("#PORTAL_REDIRURL#", "{$cpcfg['preauthurl']}", $errtext); } fwrite($fd, $errtext); fclose($fd); } - /* write error page */ - if ($config['captiveportal']['page']['logouttext']) - $logouttext = base64_decode($config['captiveportal']['page']['logouttext']); + /* write logout page */ + if ($cpcfg['page']['logouttext']) + $logouttext = base64_decode($cpcfg['page']['logouttext']); else { /* example page */ $logouttext = <<<EOD @@ -318,6 +342,7 @@ if (LogoutWin) { LogoutWin.document.write('<B>Click the button below to disconnect</B><P>'); LogoutWin.document.write('<FORM METHOD="POST" ACTION="<?=\$logouturl;?>">'); LogoutWin.document.write('<INPUT NAME="logout_id" TYPE="hidden" VALUE="<?=\$sessionid;?>">'); + LogoutWin.document.write('<INPUT NAME="zone" TYPE="hidden" VALUE="<?=\$cpzone;?>">'); LogoutWin.document.write('<INPUT NAME="logout" TYPE="submit" VALUE="Logout">'); LogoutWin.document.write('</FORM>'); LogoutWin.document.write('</DIV></BODY>'); @@ -334,7 +359,7 @@ document.location.href="<?=\$my_redirurl;?>"; EOD; } - $fd = @fopen("{$g['varetc_path']}/captiveportal-logout.html", "w"); + $fd = @fopen("{$g['varetc_path']}/captiveportal-{$cpzone}-logout.html", "w"); if ($fd) { fwrite($fd, $logouttext); fclose($fd); @@ -343,45 +368,53 @@ EOD; captiveportal_write_elements(); /* start up the webserving daemon */ - captiveportal_init_webgui(); + captiveportal_init_webguis($cpcfg); /* Kill any existing prunecaptiveportal processes */ - if(file_exists("{$g['varrun_path']}/cp_prunedb.pid")) - killbypid("{$g['varrun_path']}/cp_prunedb.pid"); + if(file_exists("{$g['varrun_path']}/cp_prunedb_{$cpzone}.pid")) + killbypid("{$g['varrun_path']}/cp_prunedb_{$cpzone}.pid"); /* start pruning process (interval defaults to 60 seconds) */ - mwexec("/usr/local/bin/minicron $croninterval {$g['varrun_path']}/cp_prunedb.pid " . - "/etc/rc.prunecaptiveportal"); + mwexec("/usr/local/bin/minicron $croninterval {$g['varrun_path']}/cp_prunedb_{$cpzone}.pid " . + "/etc/rc.prunecaptiveportal {$cpzone}"); /* generate radius server database */ captiveportal_init_radius_servers(); if ($g['booting']) - printf(gettext("done%s"), "\n"); + echo "done\n"; } else { - killbypid("{$g['varrun_path']}/lighty-CaptivePortal.pid"); - killbypid("{$g['varrun_path']}/lighty-CaptivePortal-SSL.pid"); - killbypid("{$g['varrun_path']}/cp_prunedb.pid"); + killbypid("{$g['varrun_path']}/lighty-{$cpzone}-CaptivePortal.pid"); + killbypid("{$g['varrun_path']}/lighty-{$cpzone}-CaptivePortal-SSL.pid"); + killbypid("{$g['varrun_path']}/cp_prunedb_{$cpzone}.pid"); + @unlink("{$g['varetc_path']}/captiveportal_{$cpzone}.html"); + @unlink("{$g['varetc_path']}/captiveportal-{$cpzone}-error.html"); + @unlink("{$g['varetc_path']}/captiveportal-{$cpzone}-logout.html"); captiveportal_radius_stop_all(); - mwexec("/sbin/sysctl net.link.ether.ipfw=0"); + mwexec("/usr/local/sbin/ipfw_context -d {$cpzone}", true); + + if (empty($config['captiveportal'])) + mwexec("/sbin/sysctl net.link.ether.ipfw=0"); /* unload ipfw */ - if (is_module_loaded("ipfw.ko")) - mwexec("/sbin/kldunload ipfw.ko"); - $listifs = get_configured_interface_list_by_realif(); - foreach ($listifs as $listrealif => $listif) { - if (!empty($listrealif)) { - if (does_interface_exist($listrealif)) { - pfSense_interface_flags($listrealif, -IFF_IPFW_FILTER); - $carpif = link_ip_to_carp_interface(find_interface_ip($listrealif)); - if (!empty($carpif)) { - $carpsif = explode(" ", $carpif); - foreach ($carpsif as $cpcarp) - pfSense_interface_flags($cpcarp, -IFF_IPFW_FILTER); - } + //if (is_module_loaded("ipfw.ko")) + // mwexec("/sbin/kldunload ipfw.ko"); + $listifs = get_configured_interface_list(); + $cpinterfaces = explode(",", $config['captiveportal'][$cpzone]['interface']); + foreach ($cpinterfaces as $cpifgrp) { + if (!isset($listifs[$cpifgrp])) + continue; + $listrealif = get_real_interface($cpifgrp); + if (does_interface_exist($listrealif)) { + pfSense_interface_flags($listrealif, -IFF_IPFW_FILTER); + $carpif = link_ip_to_carp_interface(find_interface_ip($listrealif)); + if (!empty($carpif)) { + $carpsif = explode(" ", $carpif); + foreach ($carpsif as $cpcarp) + pfSense_interface_flags($cpcarp, -IFF_IPFW_FILTER); } } } @@ -393,58 +426,65 @@ EOD; } function captiveportal_init_webgui() { - global $g, $config; + global $config, $cpzone; - if (!isset($config['captiveportal']['enable'])) - return; + if (is_array($config['captiveportal'])) { + foreach ($config['captiveportal'] as $cpkey => $cp) { + $cpzone = $cpkey; + captiveportal_init_webguis($cp); + } + } +} - if ($config['captiveportal']['maxprocperip']) - $maxproc = $config['captiveportal']['maxprocperip']; +function captiveportal_init_webguis($cpcfg) { + global $g, $config, $cpzone; + + if (!isset($cpcfg['enable'])) + return; + + if ($cpcfg['maxproc']) + $maxproc = $cpcfg['maxproc']; else $maxproc = 16; $use_fastcgi = true; - if (isset($config['captiveportal']['httpslogin'])) { - $cert = base64_decode($config['captiveportal']['certificate']); - if (isset($config['captiveportal']['cacertificate'])) - $cacert = base64_decode($config['captiveportal']['cacertificate']); + if (isset($cpcfg['httpslogin'])) { + $cert = base64_decode($cpcfg['certificate']); + if (isset($cpcfg['cacertificate'])) + $cacert = base64_decode($cpcfg['cacertificate']); else $cacert = ""; - $key = base64_decode($config['captiveportal']['private-key']); + $key = base64_decode($cpcfg['private-key']); /* generate lighttpd configuration */ - system_generate_lighty_config("{$g['varetc_path']}/lighty-CaptivePortal-SSL.conf", - $cert, $key, $cacert, "lighty-CaptivePortal-SSL.pid", "8001", "/usr/local/captiveportal/", - "cert-portal.pem", "ca-portal.pem", "1", $maxproc, $use_fastcgi, true); + system_generate_lighty_config("{$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal-SSL.conf", + $cert, $key, $cacert, "lighty-{$cpzone}-CaptivePortal-SSL.pid", $cpcfg['zoneid'] + 1, "/usr/local/captiveportal", + "cert-portal.pem", "ca-portal.pem", "1", $maxproc, $use_fastcgi, $cpzone); } /* generate lighttpd configuration */ - system_generate_lighty_config("{$g['varetc_path']}/lighty-CaptivePortal.conf", - "", "", "", "lighty-CaptivePortal.pid", "8000", "/usr/local/captiveportal/", - "cert-portal.pem", "ca-portal.pem", "1", $maxproc, $use_fastcgi, true); + system_generate_lighty_config("{$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal.conf", + "", "", "", "lighty-{$cpzone}-CaptivePortal.pid", $cpcfg['zoneid'], "/usr/local/captiveportal", + "cert-portal.pem", "ca-portal.pem", "1", $maxproc, $use_fastcgi, $cpzone); /* attempt to start lighttpd */ - $res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-CaptivePortal.conf"); + $res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal.conf"); /* fire up https instance */ - if (isset($config['captiveportal']['httpslogin'])) - $res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-CaptivePortal-SSL.conf"); + if (isset($cpcfg['httpslogin'])) + $res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal-SSL.conf"); } /* reinit will disconnect all users, be careful! */ function captiveportal_init_rules($reinit = false) { - global $config, $g; + global $config, $g, $cpzone; - if (!isset($config['captiveportal']['enable'])) + if (!isset($config['captiveportal'][$cpzone]['enable'])) return; $cpips = array(); $ifaces = get_configured_interface_list(); - foreach ($ifaces as $kiface => $kiface2) { - $tmpif = get_real_interface($kiface); - pfSense_interface_flags($tmpif, -IFF_IPFW_FILTER); - } - $cpinterfaces = explode(",", $config['captiveportal']['interface']); + $cpinterfaces = explode(",", $config['captiveportal'][$cpzone]['interface']); $firsttime = 0; foreach ($cpinterfaces as $cpifgrp) { if (!isset($ifaces[$cpifgrp])) @@ -461,6 +501,7 @@ function captiveportal_init_rules($reinit = false) { if (!empty($carpif)) { $carpsif = explode(" ", $carpif); foreach ($carpsif as $cpcarp) { + mwexec("/usr/local/sbin/ipfw_context -a {$cpzone} -n {$cpcarp}", true); pfSense_interface_flags($cpcarp, IFF_IPFW_FILTER); $carpip = find_interface_ip($cpcarp); if (is_ipaddr($carpip)) @@ -468,6 +509,7 @@ function captiveportal_init_rules($reinit = false) { } } $cpips[] = $cpipm; + mwexec("/usr/local/sbin/ipfw_context -a {$cpzone} -n {$tmpif}", true); pfSense_interface_flags($tmpif, IFF_IPFW_FILTER); } } @@ -479,7 +521,7 @@ function captiveportal_init_rules($reinit = false) { return false; if ($reinit == false) - $captiveportallck = lock('captiveportal'); + $captiveportallck = lock("captiveportal{$cpzone}"); /* init dummynet/ipfw rules number database */ captiveportal_init_ipfw_ruleno(); @@ -553,7 +595,7 @@ EOD; $rulenum++; /* Authenticated users rules. */ - if (isset($config['captiveportal']['peruserbw'])) { + if (isset($config['captiveportal'][$cpzone]['peruserbw'])) { $cprules .= "add {$rulenum} set 1 pipe tablearg ip from table(1) to any in\n"; $rulenum++; $cprules .= "add {$rulenum} set 1 pipe tablearg ip from any to table(2) out\n"; @@ -565,10 +607,10 @@ EOD; $rulenum++; } - $cprules .= <<<EOD + $cprules .= <<<EOD # redirect non-authenticated clients to captive portal -add 65531 set 1 fwd 127.0.0.1,8000 tcp from any to any in +add 65531 set 1 fwd 127.0.0.1,{$config['captiveportal'][$cpzone]['zoneid']} tcp from any to any in # let the responses from the captive portal web server back out add 65532 set 1 pass tcp from any to any out # block everything else @@ -604,9 +646,10 @@ EOD; $cprules = "{$tmprules}\n{$cprules}"; } - file_put_contents("{$g['tmp_path']}/ipfw.cp.rules", $cprules); - mwexec("/sbin/ipfw -q {$g['tmp_path']}/ipfw.cp.rules", true); - //@unlink("{$g['tmp_path']}/ipfw.cp.rules"); + file_put_contents("{$g['tmp_path']}/ipfw_{$cpzone}.cp.rules", $cprules); + captiveportal_ipfw_set_context($cpzone); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/ipfw_{$cpzone}.cp.rules", true); + //@unlink("{$g['tmp_path']}/ipfw_{$cpzone}.cp.rules"); if ($reinit == false) unlock($captiveportallck); @@ -623,23 +666,26 @@ EOD; * (password is in Base64 and only saved when reauthentication is enabled) */ function captiveportal_prune_old() { - global $g, $config; + global $g, $config, $cpzone; + + if (empty($cpzone)) + return; /* check for expired entries */ - if (empty($config['captiveportal']['timeout']) || - !is_numeric($config['captiveportal']['timeout'])) + if (empty($config['captiveportal'][$cpzone]['timeout']) || + !is_numeric($config['captiveportal'][$cpzone]['timeout'])) $timeout = 0; else - $timeout = $config['captiveportal']['timeout'] * 60; + $timeout = $config['captiveportal'][$cpzone]['timeout'] * 60; - if (empty($config['captiveportal']['idletimeout']) || - !is_numeric($config['captiveportal']['idletimeout'])) + if (empty($config['captiveportal'][$cpzone]['idletimeout']) || + !is_numeric($config['captiveportal'][$cpzone]['idletimeout'])) $idletimeout = 0; else - $idletimeout = $config['captiveportal']['idletimeout'] * 60; + $idletimeout = $config['captiveportal'][$cpzone]['idletimeout'] * 60; - if (!$timeout && !$idletimeout && !isset($config['captiveportal']['reauthenticate']) && - !isset($config['captiveportal']['radiussession_timeout']) && !isset($config['voucher']['enable'])) + if (!$timeout && !$idletimeout && !isset($config['captiveportal'][$cpzone]['reauthenticate']) && + !isset($config['captiveportal'][$cpzone]['radiussession_timeout']) && !isset($config['voucher'][$cpzone]['enable'])) return; $radiusservers = captiveportal_get_radius_servers(); @@ -698,7 +744,7 @@ function captiveportal_prune_old() { } /* if vouchers are configured, activate session timeouts */ - if (!$timedout && isset($config['voucher']['enable']) && !empty($cpentry[7])) { + if (!$timedout && isset($config['voucher'][$cpzone]['enable']) && !empty($cpentry[7])) { if ($pruning_time >= ($cpentry[0] + $cpentry[7])) { $timedout = true; $term_cause = 5; // Session-Timeout @@ -707,7 +753,7 @@ function captiveportal_prune_old() { } /* if radius session_timeout is enabled and the session_timeout is not null, then check if the user should be logged out */ - if (!$timedout && isset($config['captiveportal']['radiussession_timeout']) && !empty($cpentry[7])) { + if (!$timedout && isset($config['captiveportal'][$cpzone]['radiussession_timeout']) && !empty($cpentry[7])) { if ($pruning_time >= ($cpentry[0] + $cpentry[7])) { $timedout = true; $term_cause = 5; // Session-Timeout @@ -722,8 +768,8 @@ function captiveportal_prune_old() { /* do periodic RADIUS reauthentication? */ if (!$timedout && !empty($radiusservers)) { - if (isset($config['captiveportal']['radacct_enable'])) { - if ($config['captiveportal']['reauthenticateacct'] == "stopstart") { + if (isset($config['captiveportal'][$cpzone]['radacct_enable'])) { + if ($config['captiveportal'][$cpzone]['reauthenticateacct'] == "stopstart") { /* stop and restart accounting */ RADIUS_ACCOUNTING_STOP($cpentry[1], // ruleno $cpentry[4], // username @@ -733,6 +779,7 @@ function captiveportal_prune_old() { $cpentry[2], // clientip $cpentry[3], // clientmac 10); // NAS Request + captiveportal_ipfw_set_context($cpzone); exec("/sbin/ipfw table 1 entryzerostats {$cpentry[2]}"); exec("/sbin/ipfw table 2 entryzerostats {$cpentry[2]}"); RADIUS_ACCOUNTING_START($cpentry[1], // ruleno @@ -741,7 +788,7 @@ function captiveportal_prune_old() { $radiusservers, $cpentry[2], // clientip $cpentry[3]); // clientmac - } else if ($config['captiveportal']['reauthenticateacct'] == "interimupdate") { + } else if ($config['captiveportal'][$cpzone]['reauthenticateacct'] == "interimupdate") { RADIUS_ACCOUNTING_STOP($cpentry[1], // ruleno $cpentry[4], // username $cpentry[5], // sessionid @@ -755,7 +802,7 @@ function captiveportal_prune_old() { } /* check this user against RADIUS again */ - if (isset($config['captiveportal']['reauthenticate'])) { + if (isset($config['captiveportal'][$cpzone]['reauthenticate'])) { $auth_list = RADIUS_AUTHENTICATION($cpentry[4], // username base64_decode($cpentry[6]), // password $radiusservers, @@ -782,12 +829,12 @@ function captiveportal_prune_old() { /* remove a single client according to the DB entry */ function captiveportal_disconnect($dbent, $radiusservers,$term_cause = 1,$stop_time = null) { - global $g, $config; + global $g, $config, $cpzone; $stop_time = (empty($stop_time)) ? time() : $stop_time; /* this client needs to be deleted - remove ipfw rules */ - if (isset($config['captiveportal']['radacct_enable']) && !empty($radiusservers)) { + if (isset($config['captiveportal'][$cpzone]['radacct_enable']) && !empty($radiusservers)) { RADIUS_ACCOUNTING_STOP($dbent[1], // ruleno $dbent[4], // username $dbent[5], // sessionid @@ -801,6 +848,7 @@ function captiveportal_disconnect($dbent, $radiusservers,$term_cause = 1,$stop_t } if (is_ipaddr($dbent[2])) { + captiveportal_ipfw_set_context($cpzone); /* Delete client's ip entry from tables 3 and 4. */ mwexec("/sbin/ipfw table 1 delete {$dbent[2]}"); mwexec("/sbin/ipfw table 2 delete {$dbent[2]}"); @@ -813,7 +861,8 @@ function captiveportal_disconnect($dbent, $radiusservers,$term_cause = 1,$stop_t * These are the pipe numbers we use to control traffic shaping for each logged in user via captive portal * We could get an error if the pipe doesn't exist but everything should still be fine */ - if (isset($config['captiveportal']['peruserbw'])) { + if (isset($config['captiveportal'][$cpzone]['peruserbw'])) { + captiveportal_ipfw_set_context($cpzone); mwexec("/sbin/ipfw pipe " . ($dbent[1]+20000) . " delete"); mwexec("/sbin/ipfw pipe " . ($dbent[1]+20001) . " delete"); } @@ -822,11 +871,11 @@ function captiveportal_disconnect($dbent, $radiusservers,$term_cause = 1,$stop_t captiveportal_free_ipfw_ruleno($dbent[1]); // XMLRPC Call over to the master Voucher node - if(!empty($config['voucher']['vouchersyncdbip'])) { - $syncip = $config['voucher']['vouchersyncdbip']; - $syncport = $config['voucher']['vouchersyncport']; - $syncpass = $config['voucher']['vouchersyncpass']; - $vouchersyncusername = $config['voucher']['vouchersyncusername']; + if(!empty($config['voucher'][$cpzone]['vouchersyncdbip'])) { + $syncip = $config['voucher'][$cpzone]['vouchersyncdbip']; + $syncport = $config['voucher'][$cpzone]['vouchersyncport']; + $syncpass = $config['voucher'][$cpzone]['vouchersyncpass']; + $vouchersyncusername = $config['voucher'][$cpzone]['vouchersyncusername']; $remote_status = xmlrpc_sync_voucher_disconnect($dbent, $syncip, $syncport, $syncpass, $vouchersyncusername, $term_cause, $stop_time); } @@ -834,7 +883,7 @@ function captiveportal_disconnect($dbent, $radiusservers,$term_cause = 1,$stop_t /* remove a single client by sessionid */ function captiveportal_disconnect_client($sessionid, $term_cause = 1, $logoutReason = "LOGOUT") { - global $g, $config; + global $g, $config, $cpzone; $radiusservers = captiveportal_get_radius_servers(); $unsetindex = array(); @@ -856,9 +905,9 @@ function captiveportal_disconnect_client($sessionid, $term_cause = 1, $logoutRea /* send RADIUS acct stop for all current clients */ function captiveportal_radius_stop_all() { - global $config; + global $config, $cpzone; - if (!isset($config['captiveportal']['radacct_enable'])) + if (!isset($config['captiveportal'][$cpzone]['radacct_enable'])) return; $radiusservers = captiveportal_get_radius_servers(); @@ -907,15 +956,15 @@ function captiveportal_passthrumac_configure_entry($macent) { } function captiveportal_passthrumac_configure($lock = false) { - global $config, $g; + global $config, $g, $cpzone; $rules = ""; - if (is_array($config['captiveportal']['passthrumac'])) { + if (is_array($config['captiveportal'][$cpzone]['passthrumac'])) { $macdb = array(); - foreach ($config['captiveportal']['passthrumac'] as $macent) { + foreach ($config['captiveportal'][$cpzone]['passthrumac'] as $macent) { $rules .= captiveportal_passthrumac_configure_entry($macent); - $macdb[$macent['mac']]['active'] = true; + $macdb[$macent['mac']][$cpzone]['active'] = true; } } @@ -924,10 +973,10 @@ function captiveportal_passthrumac_configure($lock = false) { } function captiveportal_passthrumac_findbyname($username) { - global $config; + global $config, $cpzone; - if (is_array($config['captiveportal']['passthrumac'])) { - foreach ($config['captiveportal']['passthrumac'] as $macent) { + if (is_array($config['captiveportal'][$cpzone]['passthrumac'])) { + foreach ($config['captiveportal'][$cpzone]['passthrumac'] as $macent) { if ($macent['username'] == $username) return $macent; } @@ -1025,12 +1074,12 @@ function captiveportal_allowedip_configure_entry($ipent) { A change results in reloading the ruleset. */ function setup_dnsfilter_entries() { - global $g, $config; + global $g, $config, $cpzone; - $cp_filterdns_filename = "{$g['varetc_path']}/filterdns-captiveportal.conf"; + $cp_filterdns_filename = "{$g['varetc_path']}/filterdns-{$cpzone}-captiveportal.conf"; $cp_filterdns_conf = ""; - if (is_array($config['captiveportal']['allowedhostname'])) { - foreach ($config['captiveportal']['allowedhostname'] as $hostnameent) { + if (is_array($config['captiveportal'][$cpzone]['allowedhostname'])) { + foreach ($config['captiveportal'][$cpzone]['allowedhostname'] as $hostnameent) { $cp_filterdns_conf .= "ipfw {$hostnameent['hostname']} 3\n"; $cp_filterdns_conf .= "ipfw {$hostnameent['hostname']} 4\n"; $cp_filterdns_conf .= "ipfw {$hostnameent['hostname']} 7\n"; @@ -1038,28 +1087,28 @@ function setup_dnsfilter_entries() { } } file_put_contents($cp_filterdns_filename, $cp_filterdns_conf); - killbypid("{$g['tmp_path']}/filterdns-cpah.pid"); - mwexec("/usr/local/sbin/filterdns -p {$g['tmp_path']}/filterdns-cpah.pid -i 300 -c {$cp_filterdns_filename} -d 1"); + killbypid("{$g['tmp_path']}/filterdns-{$cpzone}-cpah.pid"); + mwexec("/usr/local/sbin/filterdns -p {$g['tmp_path']}/filterdns-{$cpzone}-cpah.pid -i 300 -c {$cp_filterdns_filename} -y {$cpzone} -d 1"); } function captiveportal_allowedhostname_configure() { - global $config, $g; + global $config, $g, $cpzone; $rules = "\n# captiveportal_allowedhostname_configure()\n"; setup_dnsfilter_entries(); - if (is_array($config['captiveportal']['allowedhostname'])) { - foreach ($config['captiveportal']['allowedhostname'] as $hostnameent) + if (is_array($config['captiveportal'][$cpzone]['allowedhostname'])) { + foreach ($config['captiveportal'][$cpzone]['allowedhostname'] as $hostnameent) $rules .= captiveportal_allowedip_configure_entry($hostnameent); } return $rules; } function captiveportal_allowedip_configure() { - global $config, $g; + global $config, $g, $cpzone; $rules = ""; - if (is_array($config['captiveportal']['allowedip'])) { - foreach ($config['captiveportal']['allowedip'] as $ipent) + if (is_array($config['captiveportal'][$cpzone]['allowedip'])) { + foreach ($config['captiveportal'][$cpzone]['allowedip'] as $ipent) $rules .= captiveportal_allowedip_configure_entry($ipent); } @@ -1068,9 +1117,11 @@ function captiveportal_allowedip_configure() { /* get last activity timestamp given client IP address */ function captiveportal_get_last_activity($ip) { + global $cpzone; $ipfwoutput = ""; + captiveportal_ipfw_set_context($cpzone); exec("/sbin/ipfw table 1 entrystats {$ip} 2>/dev/null", $ipfwoutput); /* Reading only from one of the tables is enough of approximation. */ if ($ipfwoutput[0]) { @@ -1083,31 +1134,31 @@ function captiveportal_get_last_activity($ip) { } function captiveportal_init_radius_servers() { - global $config, $g; + global $config, $g, $cpzone; /* generate radius server database */ - if ($config['captiveportal']['radiusip'] && (!isset($config['captiveportal']['auth_method']) || - ($config['captiveportal']['auth_method'] == "radius"))) { - $radiusip = $config['captiveportal']['radiusip']; - $radiusip2 = ($config['captiveportal']['radiusip2']) ? $config['captiveportal']['radiusip2'] : null; + if ($config['captiveportal'][$cpzone]['radiusip'] && (!isset($config['captiveportal'][$cpzone]['auth_method']) || + ($config['captiveportal'][$cpzone]['auth_method'] == "radius"))) { + $radiusip = $config['captiveportal'][$cpzone]['radiusip']; + $radiusip2 = ($config['captiveportal'][$cpzone]['radiusip2']) ? $config['captiveportal'][$cpzone]['radiusip2'] : null; - if ($config['captiveportal']['radiusport']) - $radiusport = $config['captiveportal']['radiusport']; + if ($config['captiveportal'][$cpzone]['radiusport']) + $radiusport = $config['captiveportal'][$cpzone]['radiusport']; else $radiusport = 1812; - if ($config['captiveportal']['radiusacctport']) - $radiusacctport = $config['captiveportal']['radiusacctport']; + if ($config['captiveportal'][$cpzone]['radiusacctport']) + $radiusacctport = $config['captiveportal'][$cpzone]['radiusacctport']; else $radiusacctport = 1813; - if ($config['captiveportal']['radiusport2']) - $radiusport2 = $config['captiveportal']['radiusport2']; + if ($config['captiveportal'][$cpzone]['radiusport2']) + $radiusport2 = $config['captiveportal'][$cpzone]['radiusport2']; else $radiusport2 = 1812; - $radiuskey = $config['captiveportal']['radiuskey']; - $radiuskey2 = ($config['captiveportal']['radiuskey2']) ? $config['captiveportal']['radiuskey2'] : null; + $radiuskey = $config['captiveportal'][$cpzone]['radiuskey']; + $radiuskey2 = ($config['captiveportal'][$cpzone]['radiuskey2']) ? $config['captiveportal'][$cpzone]['radiuskey2'] : null; - $cprdsrvlck = lock('captiveportalradius', LOCK_EX); - $fd = @fopen("{$g['vardb_path']}/captiveportal_radius.db", "w"); + $cprdsrvlck = lock("captiveportalradius{$cpzone}", LOCK_EX); + $fd = @fopen("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db", "w"); if (!$fd) { captiveportal_syslog("Error: cannot open radius DB file in captiveportal_configure().\n"); unlock($cprdsrvlck); @@ -1124,12 +1175,12 @@ function captiveportal_init_radius_servers() { /* read RADIUS servers into array */ function captiveportal_get_radius_servers() { - global $g; + global $g, $cpzone; - $cprdsrvlck = lock('captiveportalradius'); - if (file_exists("{$g['vardb_path']}/captiveportal_radius.db")) { + $cprdsrvlck = lock("captiveportalradius{$cpzone}"); + if (file_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db")) { $radiusservers = array(); - $cpradiusdb = file("{$g['vardb_path']}/captiveportal_radius.db", + $cpradiusdb = file("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); if ($cpradiusdb) { foreach($cpradiusdb as $cpradiusentry) { @@ -1209,13 +1260,13 @@ function radius($username,$password,$clientip,$clientmac,$type) { /* read captive portal DB into array */ function captiveportal_read_db($locked = false, $index = 5 /* sessionid by default */) { - global $g; + global $g, $cpzone; $cpdb = array(); if ($locked == false) - $cpdblck = lock('captiveportaldb'); - $fd = @fopen("{$g['vardb_path']}/captiveportal.db", "r"); + $cpdblck = lock("captiveportaldb{$cpzone}"); + $fd = @fopen("{$g['vardb_path']}/captiveportal_{$cpzone}.db", "r"); if ($fd) { while (!feof($fd)) { $line = trim(fgets($fd)); @@ -1234,10 +1285,10 @@ function captiveportal_read_db($locked = false, $index = 5 /* sessionid by defau /* write captive portal DB */ function captiveportal_write_db($cpdb, $locked = false, $remove = false) { - global $g; + global $g, $cpzone; if ($locked == false) - $cpdblck = lock('captiveportaldb', LOCK_EX); + $cpdblck = lock("captiveportaldb{$cpzone}", LOCK_EX); if (is_array($remove)) { if (!empty($remove)) { @@ -1251,7 +1302,7 @@ function captiveportal_write_db($cpdb, $locked = false, $remove = false) { } else return; //This makes sure no record removal calls } - $fd = @fopen("{$g['vardb_path']}/captiveportal.db", "w"); + $fd = @fopen("{$g['vardb_path']}/captiveportal_{$cpzone}.db", "w"); if ($fd) { foreach ($cpdb as $cpent) { fwrite($fd, join(",", $cpent) . "\n"); @@ -1263,8 +1314,10 @@ function captiveportal_write_db($cpdb, $locked = false, $remove = false) { } function captiveportal_write_elements() { - global $g, $config; + global $g, $config, $cpzone; + $cpcfg = $config['captiveportal'][$cpzone]; + /* delete any existing elements */ if (is_dir($g['captiveportal_element_path'])) { $dh = opendir($g['captiveportal_element_path']); @@ -1277,9 +1330,9 @@ function captiveportal_write_elements() { @mkdir($g['captiveportal_element_path']); } - if (is_array($config['captiveportal']['element'])) { + if (is_array($cpcfg['element'])) { conf_mount_rw(); - foreach ($config['captiveportal']['element'] as $data) { + foreach ($cpcfg['element'] as $data) { $fd = @fopen($g['captiveportal_element_path'] . '/' . $data['name'], "wb"); if (!$fd) { printf(gettext("Error: cannot open '%s' in captiveportal_write_elements()%s"), $data['name'], "\n"); @@ -1299,11 +1352,11 @@ function captiveportal_write_elements() { } function captiveportal_init_ipfw_ruleno($rulenos_start = 2000, $rulenos_range_max = 49899) { - global $g; + global $g, $cpzone; - @unlink("{$g['vardb_path']}/captiveportal.rules"); + @unlink("{$g['vardb_path']}/captiveportal_{$cpzone}.rules"); $rules = array_pad(array(), $rulenos_range_max - $rulenos_start, false); - file_put_contents("{$g['vardb_path']}/captiveportal.rules", serialize($rules)); + file_put_contents("{$g['vardb_path']}/captiveportal_{$cpzone}.rules", serialize($rules)); } /* @@ -1312,15 +1365,16 @@ function captiveportal_init_ipfw_ruleno($rulenos_start = 2000, $rulenos_range_ma * */ function captiveportal_get_next_ipfw_ruleno($rulenos_start = 2000, $rulenos_range_max = 49899, $usebw = false) { - global $config, $g; + global $config, $g, $cpzone; - if(!isset($config['captiveportal']['enable'])) + $cpcfg = $config['captiveportal'][$cpzone]; + if(!isset($cpcfg['enable'])) return NULL; - $cpruleslck = lock('captiveportalrules', LOCK_EX); + $cpruleslck = lock("captiveportalrules{$cpzone}", LOCK_EX); $ruleno = 0; - if (file_exists("{$g['vardb_path']}/captiveportal.rules")) { - $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules")); + if (file_exists("{$g['vardb_path']}/captiveportal_{$cpzone}.rules")) { + $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal_{$cpzone}.rules")); for ($ridx = 2; $ridx < ($rulenos_range_max - $rulenos_start); $ridx++) { if ($rules[$ridx]) { /* @@ -1328,13 +1382,13 @@ function captiveportal_get_next_ipfw_ruleno($rulenos_start = 2000, $rulenos_rang * and the out pipe ruleno + 1. This removes limitation that where present in * previous version of the peruserbw. */ - if (isset($config['captiveportal']['peruserbw']) || $usebw == true) + if (isset($cpcfg['peruserbw']) || $usebw == true) $ridx++; continue; } $ruleno = $ridx; $rules[$ridx] = "used"; - if (isset($config['captiveportal']['peruserbw']) || $usebw == true) + if (isset($cpcfg['peruserbw']) || $usebw == true) $rules[++$ridx] = "used"; break; } @@ -1343,37 +1397,40 @@ function captiveportal_get_next_ipfw_ruleno($rulenos_start = 2000, $rulenos_rang $rules[2] = "used"; $ruleno = 2; } - file_put_contents("{$g['vardb_path']}/captiveportal.rules", serialize($rules)); + file_put_contents("{$g['vardb_path']}/captiveportal_{$cpzone}.rules", serialize($rules)); unlock($cpruleslck); return $ruleno; } function captiveportal_free_ipfw_ruleno($ruleno, $usedbw = false) { - global $config, $g; + global $config, $g, $cpzone; - if(!isset($config['captiveportal']['enable'])) + $cpcfg = $config['captiveportal'][$cpzone]; + if(!isset($cpcfg['enable'])) return NULL; - $cpruleslck = lock('captiveportalrules', LOCK_EX); - if (file_exists("{$g['vardb_path']}/captiveportal.rules")) { - $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules")); + $cpruleslck = lock("captiveportalrules{$cpzone}", LOCK_EX); + if (file_exists("{$g['vardb_path']}/captiveportal_{$cpzone}.rules")) { + $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal_{$cpzone}.rules")); $rules[$ruleno] = false; - if (isset($config['captiveportal']['peruserbw']) || $usedbw == true) + if (isset($cpcfg['peruserbw']) || $usedbw == true) $rules[++$ruleno] = false; - file_put_contents("{$g['vardb_path']}/captiveportal.rules", serialize($rules)); + file_put_contents("{$g['vardb_path']}/captiveportal_{$cpzone}.rules", serialize($rules)); } unlock($cpruleslck); } function captiveportal_get_ipfw_passthru_ruleno($value) { - global $config, $g; + global $config, $g, $cpzone; - if(!isset($config['captiveportal']['enable'])) - return NULL; + $cpcfg = $config['captiveportal'][$cpzone]; + if(!isset($cpcfg['enable'])) + return NULL; - $cpruleslck = lock('captiveportalrules', LOCK_EX); - if (file_exists("{$g['vardb_path']}/captiveportal.rules")) { - $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules")); + $cpruleslck = lock("captiveportalrules{$cpzone}", LOCK_EX); + if (file_exists("{$g['vardb_path']}/captiveportal_{$cpzone}.rules")) { + $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal_{$cpzone}.rules")); + captiveportal_ipfw_set_context($cpzone); $ruleno = intval(`/sbin/ipfw show | /usr/bin/grep {$value} | /usr/bin/grep -v grep | /usr/bin/cut -d " " -f 1 | /usr/bin/head -n 1`); if ($rules[$ruleno]) { unlock($cpruleslck); @@ -1397,6 +1454,7 @@ function captiveportal_get_ipfw_passthru_ruleno($value) { */ function getVolume($ip) { + global $cpzone; $volume = array(); @@ -1408,6 +1466,7 @@ function getVolume($ip) { $ipfwout = ""; $matchesin = ""; $matchesout = ""; + captiveportal_ipfw_set_context($cpzone); exec("/sbin/ipfw table 1 entrystats {$ip}", $ipfwin); if ($ipfwin[0]) { $ipfwin = split(" ", $ipfwin[0]); @@ -1448,15 +1507,15 @@ function getNasID() function getNasIP() { - global $config; + global $config, $cpzone; - if (empty($config['captiveportal']['radiussrcip_attribute'])) { + if (empty($config['captiveportal'][$cpzone]['radiussrcip_attribute'])) { $nasIp = get_interface_ip(); } else { - if (is_ipaddr($config['captiveportal']['radiussrcip_attribute'])) - $nasIp = $config['captiveportal']['radiussrcip_attribute']; + if (is_ipaddr($config['captiveportal'][$cpzone]['radiussrcip_attribute'])) + $nasIp = $config['captiveportal'][$cpzone]['radiussrcip_attribute']; else - $nasIp = get_interface_ip($config['captiveportal']['radiussrcip_attribute']); + $nasIp = get_interface_ip($config['captiveportal'][$cpzone]['radiussrcip_attribute']); } if(!is_ipaddr($nasIp)) @@ -1466,9 +1525,9 @@ function getNasIP() } function portal_ip_from_client_ip($cliip) { - global $config; + global $config, $cpzone; - $interfaces = explode(",", $config['captiveportal']['interface']); + $interfaces = explode(",", $config['captiveportal'][$cpzone]['interface']); foreach ($interfaces as $cpif) { $ip = get_interface_ip($cpif); $sn = get_interface_subnet($cpif); @@ -1492,37 +1551,41 @@ function portal_ip_from_client_ip($cliip) { /* functions move from index.php */ function portal_reply_page($redirurl, $type = null, $message = null, $clientmac = null, $clientip = null, $username = null, $password = null) { - global $g, $config; + global $g, $config, $cpzone; /* Get captive portal layout */ if ($type == "redir") { header("Location: {$redirurl}"); return; } else if ($type == "login") - $htmltext = get_include_contents("{$g['varetc_path']}/captiveportal.html"); + $htmltext = get_include_contents("{$g['varetc_path']}/captiveportal_{$cpzone}.html"); else - $htmltext = get_include_contents("{$g['varetc_path']}/captiveportal-error.html"); + $htmltext = get_include_contents("{$g['varetc_path']}/captiveportal-{$cpzone}-error.html"); + + $cpcfg = $config['captiveportal'][$cpzone]; /* substitute the PORTAL_REDIRURL variable */ - if ($config['captiveportal']['preauthurl']) { - $htmltext = str_replace("\$PORTAL_REDIRURL\$", "{$config['captiveportal']['preauthurl']}", $htmltext); - $htmltext = str_replace("#PORTAL_REDIRURL#", "{$config['captiveportal']['preauthurl']}", $htmltext); + if ($config['captiveportal'][$cpzone]['preauthurl']) { + $htmltext = str_replace("\$PORTAL_REDIRURL\$", "{$config['captiveportal'][$cpzone]['preauthurl']}", $htmltext); + $htmltext = str_replace("#PORTAL_REDIRURL#", "{$config['captiveportal'][$cpzone]['preauthurl']}", $htmltext); } /* substitute other variables */ - if (isset($config['captiveportal']['httpslogin'])) { - $htmltext = str_replace("\$PORTAL_ACTION\$", "https://{$config['captiveportal']['httpsname']}:8001/", $htmltext); - $htmltext = str_replace("#PORTAL_ACTION#", "https://{$config['captiveportal']['httpsname']}:8001/", $htmltext); + if (isset($config['captiveportal'][$cpzone]['httpslogin'])) { + $httpsport = $cpcfg['zoneid'] + 1; + $htmltext = str_replace("\$PORTAL_ACTION\$", "https://{$config['captiveportal'][$cpzone]['httpsname']}:{$httpsport}/", $htmltext); + $htmltext = str_replace("#PORTAL_ACTION#", "https://{$config['captiveportal'][$cpzone]['httpsname']}:{$httpsport}/", $htmltext); } else { $ifip = portal_ip_from_client_ip($clientip); if (!$ifip) - $ourhostname = $config['system']['hostname'] . ":8000"; + $ourhostname = $config['system']['hostname'] . ":{$cpcfg['zoneid']}"; else - $ourhostname = "{$ifip}:8000"; + $ourhostname = "{$ifip}:{$cpcfg['zoneid']}"; $htmltext = str_replace("\$PORTAL_ACTION\$", "http://{$ourhostname}/", $htmltext); $htmltext = str_replace("#PORTAL_ACTION#", "http://{$ourhostname}/", $htmltext); } + $htmltext = str_replace("\$PORTAL_ZONE\$", htmlspecialchars($cpzone), $htmltext); $htmltext = str_replace("\$PORTAL_REDIRURL\$", htmlspecialchars($redirurl), $htmltext); $htmltext = str_replace("\$PORTAL_MESSAGE\$", htmlspecialchars($message), $htmltext); $htmltext = str_replace("\$CLIENT_MAC\$", htmlspecialchars($clientmac), $htmltext); @@ -1531,6 +1594,7 @@ function portal_reply_page($redirurl, $type = null, $message = null, $clientmac // Special handling case for captive portal master page so that it can be ran // through the PHP interpreter using the include method above. We convert the // $VARIABLE$ case to #VARIABLE# in /etc/inc/captiveportal.inc before writing out. + $htmltext = str_replace("#PORTAL_ZONE#", htmlspecialchars($cpzone), $htmltext); $htmltext = str_replace("#PORTAL_REDIRURL#", htmlspecialchars($redirurl), $htmltext); $htmltext = str_replace("#PORTAL_MESSAGE#", htmlspecialchars($message), $htmltext); $htmltext = str_replace("#CLIENT_MAC#", htmlspecialchars($clientmac), $htmltext); @@ -1542,9 +1606,9 @@ function portal_reply_page($redirurl, $type = null, $message = null, $clientmac } function portal_mac_radius($clientmac,$clientip) { - global $config ; + global $config, $cpzone; - $radmac_secret = $config['captiveportal']['radmac_secret']; + $radmac_secret = $config['captiveportal'][$cpzone]['radmac_secret']; /* authentication against the radius server */ $username = mac_format($clientmac); @@ -1559,7 +1623,7 @@ function portal_mac_radius($clientmac,$clientip) { function portal_allow($clientip,$clientmac,$username,$password = null, $attributes = null, $ruleno = null) { - global $redirurl, $g, $config, $type, $passthrumac, $_POST; + global $redirurl, $g, $config, $type, $passthrumac, $_POST, $cpzone; /* See if a ruleno is passed, if not start sessions because this means there isn't one atm */ if ($ruleno == null) @@ -1579,7 +1643,7 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut $radiusservers = captiveportal_get_radius_servers(); /* Do not allow concurrent login execution. */ - $cpdblck = lock('captiveportaldb', LOCK_EX); + $cpdblck = lock("captiveportaldb{$cpzone}", LOCK_EX); unset($sessionid); @@ -1591,12 +1655,12 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut $writecfg = false; /* Find an existing session */ - if ((isset($config['captiveportal']['noconcurrentlogins'])) && $passthrumac) { - if (isset($config['captiveportal']['passthrumacadd'])) { + if ((isset($config['captiveportal'][$cpzone]['noconcurrentlogins'])) && $passthrumac) { + if (isset($config['captiveportal'][$cpzone]['passthrumacadd'])) { $mac = captiveportal_passthrumac_findbyname($username); if (!empty($mac)) { if ($_POST['replacemacpassthru']) { - foreach ($config['captiveportal']['passthrumac'] as $idx => $macent) { + foreach ($config['captiveportal'][$cpzone]['passthrumac'] as $idx => $macent) { if ($macent['mac'] == $mac['mac']) { $macrules = ""; $ruleno = captiveportal_get_ipfw_passthru_ruleno($mac['mac']); @@ -1606,12 +1670,13 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut ++$ruleno; $macrules .= "delete {$ruleno}\n"; } - unset($config['captiveportal']['passthrumac'][$idx]); + unset($config['captiveportal'][$cpzone]['passthrumac'][$idx]); $mac['mac'] = $clientmac; - $config['captiveportal']['passthrumac'][] = $mac; + $config['captiveportal'][$cpzone]['passthrumac'][] = $mac; $macrules .= captiveportal_passthrumac_configure_entry($mac); - file_put_contents("{$g['tmp_path']}/macentry.rules.tmp", $macrules); - mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry.rules.tmp"); + file_put_contents("{$g['tmp_path']}/macentry_{$cpzone}.rules.tmp", $macrules); + captiveportal_ipfw_set_context($cpzone); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry_{$cpzone}.rules.tmp"); $writecfg = true; $sessionid = true; break; @@ -1649,7 +1714,7 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut unset($cpdb[$sid]); break; } - elseif ((isset($config['captiveportal']['noconcurrentlogins'])) && ($username != 'unauthenticated')) { + elseif ((isset($config['captiveportal'][$cpzone]['noconcurrentlogins'])) && ($username != 'unauthenticated')) { /* on the same username */ if (strcasecmp($cpentry[4], $username) == 0) { /* This user was already logged in so we disconnect the old one */ @@ -1673,41 +1738,44 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut * We don't need to add extra rules since traffic will pass due to the following kernel option * net.inet.ip.fw.one_pass: 1 */ - $peruserbw = isset($config['captiveportal']['peruserbw']); + $peruserbw = isset($config['captiveportal'][$cpzone]['peruserbw']); - $bw_up = isset($attributes['bw_up']) ? round(intval($attributes['bw_up'])/1000, 2) : $config['captiveportal']['bwdefaultup']; - $bw_down = isset($attributes['bw_down']) ? round(intval($attributes['bw_down'])/1000, 2) : $config['captiveportal']['bwdefaultdn']; + $bw_up = isset($attributes['bw_up']) ? round(intval($attributes['bw_up'])/1000, 2) : $config['captiveportal'][$cpzone]['bwdefaultup']; + $bw_down = isset($attributes['bw_down']) ? round(intval($attributes['bw_down'])/1000, 2) : $config['captiveportal'][$cpzone]['bwdefaultdn']; if ($passthrumac) { $mac = array(); $mac['mac'] = $clientmac; - if (isset($config['captiveportal']['passthrumacaddusername'])) + if (isset($config['captiveportal'][$cpzone]['passthrumacaddusername'])) $mac['username'] = $username; $mac['descr'] = "Auto added pass-through MAC for user {$username}"; if (!empty($bw_up)) $mac['bw_up'] = $bw_up; if (!empty($bw_down)) $mac['bw_down'] = $bw_down; - if (!is_array($config['captiveportal']['passthrumac'])) - $config['captiveportal']['passthrumac'] = array(); - $config['captiveportal']['passthrumac'][] = $mac; + if (!is_array($config['captiveportal'][$cpzone]['passthrumac'])) + $config['captiveportal'][$cpzone]['passthrumac'] = array(); + $config['captiveportal'][$cpzone]['passthrumac'][] = $mac; unlock($cpdblck); $macrules = captiveportal_passthrumac_configure_entry($mac); - file_put_contents("{$g['tmp_path']}/macentry.rules.tmp", $macrules); - mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry.rules.tmp"); + file_put_contents("{$g['tmp_path']}/macentry_{$cpzone}.rules.tmp", $macrules); + captiveportal_ipfw_set_context($cpzone); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry_{$cpzone}.rules.tmp"); $writecfg = true; } else { + captiveportal_ipfw_set_context($cpzone); + if ($peruserbw && !empty($bw_up) && is_numeric($bw_up)) { $bw_up_pipeno = $ruleno + 20000; //$bw_up /= 1000; // Scale to Kbit/s mwexec("/sbin/ipfw pipe {$bw_up_pipeno} config bw {$bw_up}Kbit/s queue 100"); - if (!isset($config['captiveportal']['nomacfilter'])) + if (!isset($config['captiveportal'][$cpzone]['nomacfilter'])) mwexec("/sbin/ipfw table 1 add {$clientip} mac {$clientmac} {$bw_up_pipeno}"); else mwexec("/sbin/ipfw table 1 add {$clientip} {$bw_up_pipeno}"); } else { - if (!isset($config['captiveportal']['nomacfilter'])) + if (!isset($config['captiveportal'][$cpzone]['nomacfilter'])) mwexec("/sbin/ipfw table 1 add {$clientip} mac {$clientmac}"); else mwexec("/sbin/ipfw table 1 add {$clientip}"); @@ -1717,12 +1785,12 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut //$bw_down /= 1000; // Scale to Kbit/s mwexec("/sbin/ipfw pipe {$bw_down_pipeno} config bw {$bw_down}Kbit/s queue 100"); - if (!isset($config['captiveportal']['nomacfilter'])) + if (!isset($config['captiveportal'][$cpzone]['nomacfilter'])) mwexec("/sbin/ipfw table 2 add {$clientip} mac {$clientmac} {$bw_down_pipeno}"); else mwexec("/sbin/ipfw table 2 add {$clientip} {$bw_down_pipeno}"); } else { - if (!isset($config['captiveportal']['nomacfilter'])) + if (!isset($config['captiveportal'][$cpzone]['nomacfilter'])) mwexec("/sbin/ipfw table 2 add {$clientip} mac {$clientmac}"); else mwexec("/sbin/ipfw table 2 add {$clientip}"); @@ -1740,7 +1808,7 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut captiveportal_write_db($cpdb, true); unlock($cpdblck); - if (isset($config['captiveportal']['radacct_enable']) && !empty($radiusservers)) { + if (isset($config['captiveportal'][$cpzone]['radacct_enable']) && !empty($radiusservers)) { $acct_val = RADIUS_ACCOUNTING_START($ruleno, $username, $sessionid, $radiusservers, $clientip, $clientmac); if ($acct_val == 1) @@ -1756,21 +1824,23 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut /* redirect user to desired destination */ if (!empty($attributes['url_redirection'])) $my_redirurl = $attributes['url_redirection']; - else if (!empty($config['captiveportal']['redirurl'])) - $my_redirurl = $config['captiveportal']['redirurl']; + else if (!empty($config['captiveportal'][$cpzone]['redirurl'])) + $my_redirurl = $config['captiveportal'][$cpzone]['redirurl']; else $my_redirurl = $redirurl; - if(isset($config['captiveportal']['logoutwin_enable']) && !$passthrumac) { + if(isset($config['captiveportal'][$cpzone]['logoutwin_enable']) && !$passthrumac) { - if (isset($config['captiveportal']['httpslogin'])) - $logouturl = "https://{$config['captiveportal']['httpsname']}:8001/"; - else { + if (isset($config['captiveportal'][$cpzone]['httpslogin'])) { + $httpsport = $config['captiveportal'][$cpzone]['zoneid'] + 1; + $logouturl = "https://{$config['captiveportal']['httpsname']}:{$httpsport}/"; + } else { $ifip = portal_ip_from_client_ip($clientip); + $httpport = $config['captiveportal'][$cpzone]['zoneid']; if (!$ifip) - $ourhostname = $config['system']['hostname'] . ":8000"; + $ourhostname = $config['system']['hostname'] . ":{$httpport}"; else - $ourhostname = "{$ifip}:8000"; + $ourhostname = "{$ifip}:{$httpport}"; $logouturl = "http://{$ourhostname}/"; } @@ -1779,7 +1849,7 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut else $message = 0; - include("{$g['varetc_path']}/captiveportal-logout.html"); + include("{$g['varetc_path']}/captiveportal-{$cpzone}-logout.html"); } else { header("Location: " . $my_redirurl); @@ -1796,22 +1866,22 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut * Active entries are updated according to the configuration. */ function portal_consume_passthrough_credit($clientmac) { - global $config; + global $config, $cpzone; - if (!empty($config['captiveportal']['freelogins_count']) && is_numeric($config['captiveportal']['freelogins_count'])) - $freeloginscount = $config['captiveportal']['freelogins_count']; + if (!empty($config['captiveportal'][$cpzone]['freelogins_count']) && is_numeric($config['captiveportal'][$cpzone]['freelogins_count'])) + $freeloginscount = $config['captiveportal'][$cpzone]['freelogins_count']; else return false; - if (!empty($config['captiveportal']['freelogins_resettimeout']) && is_numeric($config['captiveportal']['freelogins_resettimeout'])) - $resettimeout = $config['captiveportal']['freelogins_resettimeout']; + if (!empty($config['captiveportal'][$cpzone]['freelogins_resettimeout']) && is_numeric($config['captiveportal'][$cpzone]['freelogins_resettimeout'])) + $resettimeout = $config['captiveportal'][$cpzone]['freelogins_resettimeout']; else return false; if ($freeloginscount < 1 || $resettimeout <= 0 || !$clientmac) return false; - $updatetimeouts = isset($config['captiveportal']['freelogins_updatetimeouts']); + $updatetimeouts = isset($config['captiveportal'][$cpzone]['freelogins_updatetimeouts']); /* * Read database of used MACs. Lines are a comma-separated list @@ -1859,11 +1929,11 @@ function portal_consume_passthrough_credit($clientmac) { } function captiveportal_read_usedmacs_db() { - global $g; + global $g, $cpzone; - $cpumaclck = lock('captiveusedmacs'); - if (file_exists("{$g['vardb_path']}/captiveportal_usedmacs.db")) { - $usedmacs = file("{$g['vardb_path']}/captiveportal_usedmacs.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); + $cpumaclck = lock("captiveusedmacs{$cpzone}"); + if (file_exists("{$g['vardb_path']}/captiveportal_usedmacs_{$cpzone}.db")) { + $usedmacs = file("{$g['vardb_path']}/captiveportal_usedmacs_{$cpzone}.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); if (!$usedmacs) $usedmacs = array(); } else @@ -1874,10 +1944,10 @@ function captiveportal_read_usedmacs_db() { } function captiveportal_write_usedmacs_db($usedmacs) { - global $g; + global $g, $cpzone; - $cpumaclck = lock('captiveusedmacs', LOCK_EX); - @file_put_contents("{$g['vardb_path']}/captiveportal_usedmacs.db", implode("\n", $usedmacs)); + $cpumaclck = lock("captiveusedmacs{$cpzone}", LOCK_EX); + @file_put_contents("{$g['vardb_path']}/captiveportal_usedmacs_{$cpzone}.db", implode("\n", $usedmacs)); unlock($cpumaclck); } diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 8d1aede..d6d8cc8 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2287,41 +2287,45 @@ EOD; $ipfrules .= "block in quick from <virusprot> to any label \"virusprot overload table\"\n"; /* if captive portal is enabled, ensure that access to this port - * is allowed on a locked down interface - */ - if(isset($config['captiveportal']['enable'])) { - $cpinterfaces = explode(",", $config['captiveportal']['interface']); - $cpiflist = array(); - $cpiplist = array(); - foreach ($cpinterfaces as $cpifgrp) { - if(!isset($FilterIflist[$cpifgrp])) - continue; - $tmpif = get_real_interface($cpifgrp); - if(!empty($tmpif)) { - $cpiflist[] = "{$tmpif}"; - $cpipm = get_interface_ip($cpifgrp); - if(is_ipaddr($cpipm)) { - $carpif = link_ip_to_carp_interface($cpipm); - if (!empty($carpif)) { - $cpiflist[] = $carpif; - $carpsif = explode(" ", $carpif); - foreach ($carpsif as $cpcarp) { - $carpip = find_interface_ip($cpcarp); - if (is_ipaddr($carpip)) - $cpiplist[] = $carpip; - } - } - $cpiplist[] = $cpipm; - } - } - } - if (count($cpiplist) > 0 && count($cpiflist) > 0) { - $cpinterface = implode(" ", $cpiflist); - $cpaddresses = implode(" ", $cpiplist); - $ipfrules .= "pass in {$log} quick on { {$cpinterface} } proto tcp from any to { {$cpaddresses} } port { 8000 8001 } keep state(sloppy)\n"; - $ipfrules .= "pass out {$log} quick on { {$cpinterface} } proto tcp from any to any flags any keep state(sloppy)\n"; - } - } + * is allowed on a locked down interface + */ + if(is_array($config['captiveportal'])) { + foreach ($config['captiveportal'] as $cpcfg) { + $cpinterfaces = explode(",", $cpcfg['interface']); + $cpiflist = array(); + $cpiplist = array(); + foreach ($cpinterfaces as $cpifgrp) { + if(!isset($FilterIflist[$cpifgrp])) + continue; + $tmpif = get_real_interface($cpifgrp); + if(!empty($tmpif)) { + $cpiflist[] = "{$tmpif}"; + $cpipm = get_interface_ip($cpifgrp); + if(is_ipaddr($cpipm)) { + $carpif = link_ip_to_carp_interface($cpipm); + if (!empty($carpif)) { + $cpiflist[] = $carpif; + $carpsif = explode(" ", $carpif); + foreach ($carpsif as $cpcarp) { + $carpip = find_interface_ip($cpcarp); + if (is_ipaddr($carpip)) + $cpiplist[] = $carpip; + } + } + $cpiplist[] = $cpipm; + } + } + } + if (count($cpiplist) > 0 && count($cpiflist) > 0) { + $cpinterface = implode(" ", $cpiflist); + $cpaddresses = implode(" ", $cpiplist); + $portalias = $cpcfg['zoneid'] + 1; + $portalias .= " {$cpcfg['zoneid']}"; + $ipfrules .= "pass in {$log} quick on { {$cpinterface} } proto tcp from any to { {$cpaddresses} } port { {$portalias} } keep state(sloppy)\n"; + $ipfrules .= "pass out {$log} quick on { {$cpinterface} } proto tcp from any to any flags any keep state(sloppy)\n"; + } + } + } $bogontableinstalled = 0; foreach ($FilterIflist as $on => $oc) { diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 2f9a467..4c3afe1 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -91,7 +91,7 @@ $g = array( "disablecrashreporter" => false, "crashreporterurl" => "http://crashreporter.pfsense.org/crash_reporter.php", "debug" => false, - "latest_config" => "8.2", + "latest_config" => "8.3", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "101", "minimum_ram_warning_text" => "128 MB", diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 3d09273..b921469 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -834,9 +834,9 @@ function system_generate_lighty_config($filename, echo "system_generate_lighty_config() being called $mt\n"; } - if($captive_portal == true) { + if($captive_portal != false) { $captiveportal = ",\"mod_rewrite\""; - $captive_portal_rewrite = "url.rewrite-once = ( \"(.*captiveportal.*)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n"; + $captive_portal_rewrite = "url.rewrite-once = ( \"(.*captiveportal.*)\" => \"$1\", \"(.*)\" => \"/index.php?zone={$captive_portal}&redirurl=$1\" )\n"; $captive_portal_module = ""; $maxprocperip = $config['captiveportal']['maxprocperip']; if($maxprocperip and $maxprocperip > 0) @@ -914,6 +914,10 @@ EOC; if($fast_cgi_enable == true) { $module = "\"mod_fastcgi\", \"mod_cgi\""; + if ($captive_portal != false) + $fast_cgi_path = "{$g['tmp_path']}/php-fastcgi-{$captive_portal}.socket"; + else + $fast_cgi_path = "{$g['tmp_path']}/php-fastcgi.socket"; $cgi_config = ""; $fastcgi_config = <<<EOD #### fastcgi module @@ -921,7 +925,7 @@ EOC; fastcgi.server = ( ".php" => ( "localhost" => ( - "socket" => "{$g['tmp_path']}/php-fastcgi.socket", + "socket" => "{$fast_cgi_path}", "min-procs" => 0, "max-procs" => {$max_procs}, {$bin_environment} diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index 1abc8c5..00dc349 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -2646,4 +2646,16 @@ function upgrade_081_to_082() { /* enable the allow IPv6 toggle */ $config['system']['ipv6allow'] = true; } + +function upgrade_082_to_083() { + global $config; + /* Upgrade captiveportal config */ + if (!empty($config['captiveportal'])) { + $tmpcp = $config['captiveportal']; + $config['captiveportal'] = array(); + $config['captiveportal']['cpZone'] = array(); + $config['captiveportal']['cpZone'] = $tmpcp; + $config['captiveportal']['cpZone']['zoneid'] = 8000; + } +} ?> diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index 7f4ff08..36f9d8e 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -38,7 +38,7 @@ if(!function_exists('captiveportal_syslog')) require_once("captiveportal.inc"); function xmlrpc_sync_voucher_expire($vouchers, $syncip, $port, $password, $username) { - global $g, $config; + global $g, $config, $cpzone; require_once("xmlrpc.inc"); if($port == "443") $url = "https://{$syncip}"; @@ -50,7 +50,8 @@ function xmlrpc_sync_voucher_expire($vouchers, $syncip, $port, $password, $usern $execcmd = <<<EOF require_once('/etc/inc/captiveportal.inc'); require_once('/etc/inc/voucher.inc'); - voucher_expire('$vouchers'); + \$cpzone = $cpzone; + voucher_expire(\$vouchers); EOF; @@ -85,7 +86,7 @@ EOF; } function xmlrpc_sync_voucher_disconnect($dbent, $syncip, $port, $password, $username, $term_cause = "1", $stop_time = null) { - global $g, $config; + global $g, $config, $cpzone; require_once("xmlrpc.inc"); if($port == "443") $url = "https://{$syncip}"; @@ -97,6 +98,7 @@ function xmlrpc_sync_voucher_disconnect($dbent, $syncip, $port, $password, $user $execcmd = <<<EOF require_once('/etc/inc/captiveportal.inc'); require_once('/etc/inc/voucher.inc'); + \$cpzone = $cpzone; \$radiusservers = captiveportal_get_radius_servers(); captiveportal_disconnect(\$dbent, \$radiusservers, \$term_cause, \$stop_time); @@ -133,7 +135,7 @@ EOF; } function xmlrpc_sync_used_voucher($voucher_received, $syncip, $port, $password, $username) { - global $g, $config; + global $g, $config, $cpzone; require_once("xmlrpc.inc"); if($port == "443") $url = "https://{$syncip}"; @@ -144,10 +146,11 @@ function xmlrpc_sync_used_voucher($voucher_received, $syncip, $port, $password, $method = 'pfsense.exec_php'; $execcmd = <<<EOF require_once('/etc/inc/voucher.inc'); - \$timeleft = voucher_auth('$voucher_received'); + \$cpzone = $cpzone; + \$timeleft = voucher_auth({$voucher_received}); \$toreturn = array(); \$toreturn['timeleft'] = \$timeleft; - \$toreturn['voucher']['roll'] = \$config['voucher']['roll']; + \$toreturn['voucher']['roll'] = \$config['voucher'][$cpzone]['roll']; EOF; @@ -176,34 +179,34 @@ EOF; log_error("CaptivePortalVoucherSync XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); } $toreturn = XML_RPC_Decode($resp->value()); - if (is_array($toreturn['voucher']) && (count($toreturn['voucher']['roll']) <> count($config['voucher']['roll']))) { - $config['voucher']['roll'] = $toreturn['voucher']['roll']; + if (is_array($toreturn['voucher']) && (count($toreturn['voucher'][$cpzone]['roll']) <> count($config['voucher'][$cpzone]['roll']))) { + $config['voucher'][$cpzone]['roll'] = $toreturn['voucher']['roll']; write_config("Captive Portal Voucher database synchronized with {$url}"); - voucher_configure(true); + voucher_configure_zone(true); } return $toreturn['timeleft']; } function voucher_expire($voucher_received) { - global $g, $config; + global $g, $config, $cpzone; - $voucherlck = lock('voucher', LOCK_EX); + $voucherlck = lock("voucher{$cpzone}", LOCK_EX); // XMLRPC Call over to the master Voucher node - if(!empty($config['voucher']['vouchersyncdbip'])) { - $syncip = $config['voucher']['vouchersyncdbip']; - $syncport = $config['voucher']['vouchersyncport']; - $syncpass = $config['voucher']['vouchersyncpass']; - $vouchersyncusername = $config['voucher']['vouchersyncusername']; + if(!empty($config['voucher'][$cpzone]['vouchersyncdbip'])) { + $syncip = $config['voucher'][$cpzone]['vouchersyncdbip']; + $syncport = $config['voucher'][$cpzone]['vouchersyncport']; + $syncpass = $config['voucher'][$cpzone]['vouchersyncpass']; + $vouchersyncusername = $config['voucher'][$cpzone]['vouchersyncusername']; xmlrpc_sync_voucher_expire($voucher_received, $syncip, $syncport, $syncpass, $vouchersyncusername); } // read rolls into assoc array with rollid as key and minutes as value $tickets_per_roll = array(); $minutes_per_roll = array(); - if (is_array($config['voucher']['roll'])) { - foreach ($config['voucher']['roll'] as $rollent) { + if (is_array($config['voucher'][$cpzone]['roll'])) { + foreach ($config['voucher'][$cpzone]['roll'] as $rollent) { $tickets_per_roll[$rollent['number']] = $rollent['count']; $minutes_per_roll[$rollent['number']] = $rollent['minutes']; } @@ -223,7 +226,7 @@ function voucher_expire($voucher_received) { if (strlen($voucher) < 3) continue; // seems too short to be a voucher! - $result = exec("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher.cfg -k {$g['varetc_path']}/voucher.public -- $v"); + $result = exec("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher_{$cpzone}.cfg -k {$g['varetc_path']}/voucher_{$cpzone}.public -- $v"); list($status, $roll, $nr) = explode(" ", $result); if ($status == "OK") { // check if we have this ticket on a registered roll for this ticket @@ -299,27 +302,27 @@ function voucher_expire($voucher_received) { * but return a more verbose error and result message back */ function voucher_auth($voucher_received, $test = 0) { - global $g, $config; + global $g, $config, $cpzone, $dbc; - if (!isset($config['voucher']['enable'])) + if (!isset($config['voucher'][$cpzone]['enable'])) return 0; - $voucherlck = lock('voucher', LOCK_EX); + $voucherlck = lock("voucher{$cpzone}", LOCK_EX); // XMLRPC Call over to the master Voucher node - if(!empty($config['voucher']['vouchersyncdbip'])) { - $syncip = $config['voucher']['vouchersyncdbip']; - $syncport = $config['voucher']['vouchersyncport']; - $syncpass = $config['voucher']['vouchersyncpass']; - $vouchersyncusername = $config['voucher']['vouchersyncusername']; + if(!empty($config['voucher'][$cpzone]['vouchersyncdbip'])) { + $syncip = $config['voucher'][$cpzone]['vouchersyncdbip']; + $syncport = $config['voucher'][$cpzone]['vouchersyncport']; + $syncpass = $config['voucher'][$cpzone]['vouchersyncpass']; + $vouchersyncusername = $config['voucher'][$cpzone]['vouchersyncusername']; $remote_time_used = xmlrpc_sync_used_voucher($voucher_received, $syncip, $syncport, $syncpass, $vouchersyncusername); } // read rolls into assoc array with rollid as key and minutes as value $tickets_per_roll = array(); $minutes_per_roll = array(); - if (is_array($config['voucher']['roll'])) { - foreach ($config['voucher']['roll'] as $rollent) { + if (is_array($config['voucher'][$cpzone]['roll'])) { + foreach ($config['voucher'][$cpzone]['roll'] as $rollent) { $tickets_per_roll[$rollent['number']] = $rollent['count']; $minutes_per_roll[$rollent['number']] = $rollent['minutes']; } @@ -340,7 +343,7 @@ function voucher_auth($voucher_received, $test = 0) { if (strlen($voucher) < 3) continue; // seems too short to be a voucher! - $result = exec("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher.cfg -k {$g['varetc_path']}/voucher.public -- $v"); + $result = exec("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher_{$cpzone}.cfg -k {$g['varetc_path']}/voucher_{$cpzone}.public -- $v"); list($status, $roll, $nr) = explode(" ", $result); if ($status == "OK") { if (!$first_voucher) { @@ -415,7 +418,7 @@ function voucher_auth($voucher_received, $test = 0) { } // If we did a XMLRPC sync earlier check the timeleft - if (!empty($config['voucher']['vouchersyncdbip'])) + if (!empty($config['voucher'][$cpzone]['vouchersyncdbip'])) if($remote_time_used < $total_minutes) $total_minutes = $remote_time_used; @@ -455,9 +458,20 @@ function voucher_auth($voucher_received, $test = 0) { } function voucher_configure($sync = false) { - global $config, $g; + global $config, $g, $cpzone; - if (!isset($config['voucher']['enable'])) + if (is_array($config['voucher'])) { + foreach ($config['voucher'] as $voucherzone => $vcfg) { + $cpzone = $voucherzone; + voucher_configure_zone($sync); + } + } +} + +function voucher_configure_zone($sync = false) { + global $config, $g, $cpzone; + + if (!isset($config['voucher'][$cpzone]['enable'])) return 0; if ($g['booting']) @@ -465,11 +479,11 @@ function voucher_configure($sync = false) { if ($sync == true) captiveportal_syslog("Writing voucher db from sync data..."); - $voucherlck = lock('voucher', LOCK_EX); + $voucherlck = lock("voucher{$cpzone}", LOCK_EX); /* write public key used to verify vouchers */ - $pubkey = base64_decode($config['voucher']['publickey']); - $fd = fopen("{$g['varetc_path']}/voucher.public", "w"); + $pubkey = base64_decode($config['voucher'][$cpzone]['publickey']); + $fd = fopen("{$g['varetc_path']}/voucher_{$cpzone}.public", "w"); if (!$fd) { captiveportal_syslog("Voucher error: cannot write voucher.public\n"); unlock($voucherlck); @@ -477,26 +491,26 @@ function voucher_configure($sync = false) { } fwrite($fd, $pubkey); fclose($fd); - @chmod("{$g['varetc_path']}/voucher.public", 0600); + @chmod("{$g['varetc_path']}/voucher_{$cpzone}.public", 0600); /* write config file used by voucher binary to decode vouchers */ - $fd = fopen("{$g['varetc_path']}/voucher.cfg", "w"); + $fd = fopen("{$g['varetc_path']}/voucher_{$cpzone}.cfg", "w"); if (!$fd) { - printf(gettext("Error: cannot write voucher.cfg") . "\n"); + printf(gettext("Error: cannot write voucher.cfg") . "\n"); unlock($voucherlck); return 1; } - fwrite($fd, "{$config['voucher']['rollbits']},{$config['voucher']['ticketbits']},{$config['voucher']['checksumbits']},{$config['voucher']['magic']},{$config['voucher']['charset']}\n"); + fwrite($fd, "{$config['voucher'][$cpzone]['rollbits']},{$config['voucher'][$cpzone]['ticketbits']},{$config['voucher'][$cpzone]['checksumbits']},{$config['voucher'][$cpzone]['magic']},{$config['voucher'][$cpzone]['charset']}\n"); fclose($fd); - @chmod("{$g['varetc_path']}/voucher.cfg", 0600); + @chmod("{$g['varetc_path']}/voucher_{$cpzone}.cfg", 0600); unlock($voucherlck); - if (($g['booting'] || $sync == true) && is_array($config['voucher']['roll'])) { + if (($g['booting'] || $sync == true) && is_array($config['voucher'][$cpzone]['roll'])) { - $voucherlck = lock('voucher', LOCK_EX); + $voucherlck = lock("voucher{$cpzone}", LOCK_EX); // create active and used DB per roll on ramdisk from config - foreach ($config['voucher']['roll'] as $rollent) { + foreach ($config['voucher'][$cpzone]['roll'] as $rollent) { $roll = $rollent['number']; voucher_write_used_db($roll, $rollent['used']); @@ -528,25 +542,25 @@ function voucher_configure($sync = false) { * Bitstring must already be base64_encoded! */ function voucher_write_used_db($roll, $vdb) { - global $g; + global $g, $cpzone; - $fd = fopen("{$g['vardb_path']}/voucher_used_$roll.db", "w"); + $fd = fopen("{$g['vardb_path']}/voucher_{$cpzone}_used_$roll.db", "w"); if ($fd) { fwrite($fd, $vdb . "\n"); fclose($fd); } else - voucher_log(LOG_ERR, sprintf(gettext('cant write %1$s/voucher_used_%2$s.db'), $g['vardb_path'], $roll)); + voucher_log(LOG_ERR, sprintf(gettext('cant write %1$s/voucher_%s_used_%2$s.db'), $g['vardb_path'], $cpzone, $roll)); } /* return assoc array of active vouchers with activation timestamp * voucher is index. */ function voucher_read_active_db($roll) { - global $g; + global $g, $cpzone; $active = array(); $dirty = 0; - $file = "{$g['vardb_path']}/voucher_active_$roll.db"; + $file = "{$g['vardb_path']}/voucher_{$cpzone}_active_$roll.db"; if (file_exists($file)) { $fd = fopen($file, "r"); if ($fd) { @@ -574,11 +588,11 @@ function voucher_read_active_db($roll) { /* store array of active vouchers back to DB */ function voucher_write_active_db($roll, $active) { - global $g; + global $g, $cpzone; if (!is_array($active)) return; - $fd = fopen("{$g['vardb_path']}/voucher_active_$roll.db", "w"); + $fd = fopen("{$g['vardb_path']}/voucher_{$cpzone}_active_$roll.db", "w"); if ($fd) { foreach($active as $voucher => $value) fwrite($fd, "$voucher,$value\n"); @@ -588,7 +602,7 @@ function voucher_write_active_db($roll, $active) { /* return how many vouchers are marked used on a roll */ function voucher_used_count($roll) { - global $g; + global $g, $cpzone; $bitstring = voucher_read_used_db($roll); $max = strlen($bitstring) * 8; @@ -604,26 +618,27 @@ function voucher_used_count($roll) { } function voucher_read_used_db($roll) { - global $g; + global $g, $cpzone; $vdb = ""; - $file = "{$g['vardb_path']}/voucher_used_$roll.db"; + $file = "{$g['vardb_path']}/voucher_{$cpzone}_used_$roll.db"; if (file_exists($file)) { $fd = fopen($file, "r"); if ($fd) { $vdb = trim(fgets($fd)); fclose($fd); } else { - voucher_log(LOG_ERR, sprintf(gettext('cant read %1$s/voucher_used_%2$s.db'), $g['vardb_path'], $roll)); + voucher_log(LOG_ERR, sprintf(gettext('cant read %1$s/voucher_%s_used_%2$s.db'), $g['vardb_path'], $cpzone, $roll)); + voucher_log(LOG_ERR, "cant read {$g['vardb_path']}/voucher_{$cpzone}_used_$roll.db"); } } return base64_decode($vdb); } function voucher_unlink_db($roll) { - global $g; - @unlink("{$g['vardb_path']}/voucher_used_$roll.db"); - @unlink("{$g['vardb_path']}/voucher_active_$roll.db"); + global $g, $cpzone; + @unlink("{$g['vardb_path']}/voucher_{$cpzone}_used_$roll.db"); + @unlink("{$g['vardb_path']}/voucher_{$cpzone}_active_$roll.db"); } /* we share the log with captiveportal for now */ @@ -640,15 +655,26 @@ function voucher_log($priority, $message) { * Called during reboot -> system_reboot_cleanup() and every active voucher change */ function voucher_save_db_to_config() { - global $config, $g; + global $config, $g, $cpzone; + + if (is_array($config['voucher'])) { + foreach ($configure['voucher'] as $voucherzone => $vcfg) { + $cpzone = $voucherzone; + voucher_save_db_to_config_zone(); + } + } +} + +function voucher_save_db_to_confifg_zone() { + global $config, $g, $cpzone; - if (!isset($config['voucher']['enable'])) + if (!isset($config['voucher'][$cpzone]['enable'])) return; // no vouchers or don't want to save DB's - $voucherlck = lock('voucher', LOCK_EX); + $voucherlck = lock("voucher{$cpzone}", LOCK_EX); // walk all active rolls and save runtime DB's to flash - $a_roll = &$config['voucher']['roll']; + $a_roll = &$config['voucher'][$cpzone]['roll']; while (list($key, $value) = each($a_roll)) { $rollent = &$a_roll[$key]; $roll = $rollent['number']; diff --git a/etc/rc.prunecaptiveportal b/etc/rc.prunecaptiveportal index 798b196..ee6c943 100755 --- a/etc/rc.prunecaptiveportal +++ b/etc/rc.prunecaptiveportal @@ -38,6 +38,7 @@ require_once("filter.inc"); require_once("shaper.inc"); require_once("captiveportal.inc"); +$cpzone = str_replace("\n", "", $argv[1]); captiveportal_prune_old(); ?> diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 1bd9366..9ed509f 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -44,6 +44,9 @@ header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); header("Connection: close"); +$cpzone = $_REQUEST['zone']; +$cpcfg = $config['captiveportal'][$cpzone]; + $orig_host = $_ENV['HTTP_HOST']; $orig_request = $_REQUEST['redirurl']; $clientip = $_SERVER['REMOTE_ADDR']; @@ -56,36 +59,36 @@ if (!$clientip) { exit; } -if (isset($config['captiveportal']['httpslogin'])) - $ourhostname = $config['captiveportal']['httpsname'] . ":8001"; +if (isset($config['captiveportal'][$cpzone]['httpslogin'])) + $ourhostname = $config['captiveportal'][$cpzone]['httpsname'] . ($cpcfg['zoneid'] + 1); else { $ifip = portal_ip_from_client_ip($clientip); if (!$ifip) - $ourhostname = $config['system']['hostname'] . ":8000"; + $ourhostname = $config['system'][$cpzone]['hostname'] . ":{$cpcfg['zoneid']}"; else - $ourhostname = "{$ifip}:8000"; + $ourhostname = "{$ifip}:{$cpcfg['zoneid']}"; } if ($orig_host != $ourhostname) { /* the client thinks it's connected to the desired web server, but instead it's connected to us. Issue a redirect... */ - if (isset($config['captiveportal']['httpslogin'])) - header("Location: https://{$ourhostname}/index.php?redirurl=" . urlencode("http://{$orig_host}{$orig_request}")); + if (isset($config['captiveportal'][$cpzone]['httpslogin'])) + header("Location: https://{$ourhostname}/index.php?zone={$cpzone}&redirurl=" . urlencode("http://{$orig_host}{$orig_request}")); else - header("Location: http://{$ourhostname}/index.php?redirurl=" . urlencode("http://{$orig_host}{$orig_request}")); + header("Location: http://{$ourhostname}/index.php?zone={$cpzone}&redirurl=" . urlencode("http://{$orig_host}{$orig_request}")); exit; } -if (!empty($config['captiveportal']['redirurl'])) - $redirurl = $config['captiveportal']['redirurl']; +if (!empty($config['captiveportal'][$cpzone]['redirurl'])) + $redirurl = $config['captiveportal'][$cpzone]['redirurl']; else if (preg_match("/redirurl=(.*)/", $orig_request, $matches)) $redirurl = urldecode($matches[1]); else if ($_REQUEST['redirurl']) $redirurl = $_REQUEST['redirurl']; -$macfilter = !isset($config['captiveportal']['nomacfilter']); -$passthrumac = isset($config['captiveportal']['passthrumacadd']); +$macfilter = !isset($config['captiveportal'][$cpzone]['nomacfilter']); +$passthrumac = isset($config['captiveportal'][$cpzone]['passthrumacadd']); /* find MAC address for client */ $clientmac = arp_get_mac_by_ip($clientip); @@ -98,9 +101,9 @@ if (!$clientmac && ($macfilter || $passthrumac)) { } /* find out if we need RADIUS + RADIUSMAC or not */ -if (file_exists("{$g['vardb_path']}/captiveportal_radius.db")) { +if (file_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db")) { $radius_enable = TRUE; - if (isset($config['captiveportal']['radmac_enable'])) + if (isset($config['captiveportal'][$cpzone]['radmac_enable'])) $radmac_enable = TRUE; } @@ -149,14 +152,14 @@ EOD; // YES: user is good for $timecredit minutes. captiveportal_logportalauth($voucher,$clientmac,$clientip,"Voucher login good for $timecredit min."); } else { - portal_reply_page($redirurl, "error", $config['voucher']['msgexpired'] ? $config['voucher']['msgexpired']: $errormsg); + portal_reply_page($redirurl, "error", $config['voucher'][$cpzone]['msgexpired'] ? $config['voucher'][$cpzone]['msgexpired']: $errormsg); } } else if (-1 == $timecredit) { // valid but expired captiveportal_logportalauth($voucher,$clientmac,$clientip,"FAILURE","voucher expired"); - portal_reply_page($redirurl, "error", $config['voucher']['msgexpired'] ? $config['voucher']['msgexpired']: $errormsg); + portal_reply_page($redirurl, "error", $config['voucher'][$cpzone]['msgexpired'] ? $config['voucher'][$cpzone]['msgexpired']: $errormsg); } else { captiveportal_logportalauth($voucher,$clientmac,$clientip,"FAILURE"); - portal_reply_page($redirurl, "error", $config['voucher']['msgnoaccess'] ? $config['voucher']['msgnoaccess'] : $errormsg); + portal_reply_page($redirurl, "error", $config['voucher'][$cpzone]['msgnoaccess'] ? $config['voucher'][$cpzone]['msgnoaccess'] : $errormsg); } } else if ($_POST['accept'] && $radius_enable) { @@ -182,7 +185,7 @@ EOD; portal_reply_page($redirurl, "error", $errormsg); } -} else if ($_POST['accept'] && $config['captiveportal']['auth_method'] == "local") { +} else if ($_POST['accept'] && $config['captiveportal'][$cpzone]['auth_method'] == "local") { //check against local user manager $loginok = local_backed($_POST['auth_user'], $_POST['auth_pass']); @@ -193,7 +196,7 @@ EOD; captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"FAILURE"); portal_reply_page($redirurl, "error", $errormsg); } -} else if ($_POST['accept'] && $clientip && $config['captiveportal']['auth_method'] == "none") { +} else if ($_POST['accept'] && $clientip && $config['captiveportal'][$cpzone]['auth_method'] == "none") { captiveportal_logportalauth("unauthenticated",$clientmac,$clientip,"ACCEPT"); portal_allow($clientip, $clientmac, "unauthenticated"); } else { diff --git a/usr/local/captiveportal/radius_accounting.inc b/usr/local/captiveportal/radius_accounting.inc index 704c229..1f24e65 100644 --- a/usr/local/captiveportal/radius_accounting.inc +++ b/usr/local/captiveportal/radius_accounting.inc @@ -51,13 +51,13 @@ PEAR::loadExtension('bcmath'); function RADIUS_ACCOUNTING_START($ruleno, $username, $sessionid, $radiusservers, $clientip, $clientmac) { - global $config; + global $config, $cpzone; $retvalue = array(); $nas_mac = mac_format(get_interface_mac("wan")); $clientmac = mac_format($clientmac); $nas_port = intval($ruleno); - $radiusvendor = $config['captiveportal']['radiusvendor'] ? $config['captiveportal']['radiusvendor'] : null; + $radiusvendor = $config['captiveportal'][$cpzone]['radiusvendor'] ? $config['captiveportal'][$cpzone]['radiusvendor'] : null; switch($radiusvendor) { @@ -67,10 +67,10 @@ function RADIUS_ACCOUNTING_START($ruleno, $username, $sessionid, $radiusservers, break; default: - if (is_ipaddr($config['captiveportal']['radiussrcip_attribute'])) - $calledstationid = $config['captiveportal']['radiussrcip_attribute']; + if (is_ipaddr($config['captiveportal'][$cpzone]['radiussrcip_attribute'])) + $calledstationid = $config['captiveportal'][$cpzone]['radiussrcip_attribute']; else - $calledstationid = get_interface_ip($config['captiveportal']['radiussrcip_attribute']); + $calledstationid = get_interface_ip($config['captiveportal'][$cpzone]['radiussrcip_attribute']); $callingstationid = $clientmac; $callingstationid = $clientmac; } @@ -166,13 +166,13 @@ RADIUS ACCOUNTING STOP/UPDATE function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radiusservers,$clientip,$clientmac, $term_cause = 1, $interimupdate=false,$stop_time = null) { - global $config; + global $config, $cpzone; $retvalue = array(); $nas_mac = mac_format(get_interface_mac("wan")); $clientmac = mac_format($clientmac); $nas_port = intval($ruleno); - $radiusvendor = $config['captiveportal']['radiusvendor'] ? $config['captiveportal']['radiusvendor'] : null; + $radiusvendor = $config['captiveportal'][$cpzone]['radiusvendor'] ? $config['captiveportal'][$cpzone]['radiusvendor'] : null; $stop_time = (empty($stop_time)) ? time() : $stop_time; $session_time = $stop_time - $start_time; $volume = getVolume($clientip); diff --git a/usr/local/captiveportal/radius_authentication.inc b/usr/local/captiveportal/radius_authentication.inc index 142ab0e..28802ee 100644 --- a/usr/local/captiveportal/radius_authentication.inc +++ b/usr/local/captiveportal/radius_authentication.inc @@ -48,13 +48,13 @@ RADIUS AUTHENTICATION function RADIUS_AUTHENTICATION($username,$password,$radiusservers,$clientip,$clientmac,$ruleno) { - global $config; + global $config, $cpzone; $retvalue = array(); $nas_mac = mac_format(get_interface_mac(get_real_interface("wan"))); $clientmac = mac_format($clientmac); $nas_port = $ruleno; - $radiusvendor = $config['captiveportal']['radiusvendor'] ? $config['captiveportal']['radiusvendor'] : null; + $radiusvendor = $config['captiveportal'][$cpzone]['radiusvendor'] ? $config['captiveportal'][$cpzone]['radiusvendor'] : null; // Do we even need to set it to NULL? $retvalue['error'] = $retvalue['reply_message'] = $retvalue['url_redirection'] = $retvalue['session_timeout'] = $retvalue['idle_timeout'] = $retvalue['session_terminate_time'] = null; @@ -65,10 +65,10 @@ function RADIUS_AUTHENTICATION($username,$password,$radiusservers,$clientip,$cli $callingstationid = $clientip; break; default: - if (is_ipaddr($config['captiveportal']['radiussrcip_attribute'])) - $calledstationid = $config['captiveportal']['radiussrcip_attribute']; + if (is_ipaddr($config['captiveportal'][$cpzone]['radiussrcip_attribute'])) + $calledstationid = $config['captiveportal'][$cpzone]['radiussrcip_attribute']; else - $calledstationid = get_interface_ip($config['captiveportal']['radiussrcip_attribute']); + $calledstationid = get_interface_ip($config['captiveportal'][$cpzone]['radiussrcip_attribute']); $callingstationid = $clientmac; break; } diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 2f1db79..a54c697 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -47,65 +47,87 @@ require("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); -$pgtitle = array(gettext("Services"),gettext("Captive portal")); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; -if (!is_array($config['captiveportal'])) { - $config['captiveportal'] = array(); - $config['captiveportal']['page'] = array(); - $config['captiveportal']['timeout'] = 60; +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; } +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; + +$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); + if ($_GET['act'] == "viewhtml") { - echo base64_decode($config['captiveportal']['page']['htmltext']); + if (isset($cpzone) && $a_cp[$cpzone]) + echo base64_decode($pconfig['page']['htmltext']); exit; } else if ($_GET['act'] == "viewerrhtml") { - echo base64_decode($config['captiveportal']['page']['errtext']); + if (isset($cpzone) && $a_cp[$cpzone]) + echo base64_decode($pconfig['page']['errtext']); exit; } else if ($_GET['act'] == "viewlogouthtml") { - echo base64_decode($config['captiveportal']['page']['logouttext']); + if (isset($cpzone) && $a_cp[$cpzone]) + echo base64_decode($pconfig['page']['logouttext']); exit; } -$pconfig['cinterface'] = $config['captiveportal']['interface']; -$pconfig['maxprocperip'] = $config['captiveportal']['maxprocperip']; -$pconfig['timeout'] = $config['captiveportal']['timeout']; -$pconfig['idletimeout'] = $config['captiveportal']['idletimeout']; -$pconfig['freelogins_count'] = $config['captiveportal']['freelogins_count']; -$pconfig['freelogins_resettimeout'] = $config['captiveportal']['freelogins_resettimeout']; -$pconfig['freelogins_updatetimeouts'] = isset($config['captiveportal']['freelogins_updatetimeouts']); -$pconfig['enable'] = isset($config['captiveportal']['enable']); -$pconfig['auth_method'] = $config['captiveportal']['auth_method']; -$pconfig['radacct_enable'] = isset($config['captiveportal']['radacct_enable']); -$pconfig['radmac_enable'] = isset($config['captiveportal']['radmac_enable']); -$pconfig['radmac_secret'] = $config['captiveportal']['radmac_secret']; -$pconfig['reauthenticate'] = isset($config['captiveportal']['reauthenticate']); -$pconfig['reauthenticateacct'] = $config['captiveportal']['reauthenticateacct']; -$pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']); -$pconfig['httpsname'] = $config['captiveportal']['httpsname']; -$pconfig['preauthurl'] = strtolower($config['captiveportal']['preauthurl']); -$pconfig['cert'] = base64_decode($config['captiveportal']['certificate']); -$pconfig['cacert'] = base64_decode($config['captiveportal']['cacertificate']); -$pconfig['key'] = base64_decode($config['captiveportal']['private-key']); -$pconfig['logoutwin_enable'] = isset($config['captiveportal']['logoutwin_enable']); -$pconfig['peruserbw'] = isset($config['captiveportal']['peruserbw']); -$pconfig['bwdefaultdn'] = $config['captiveportal']['bwdefaultdn']; -$pconfig['bwdefaultup'] = $config['captiveportal']['bwdefaultup']; -$pconfig['nomacfilter'] = isset($config['captiveportal']['nomacfilter']); -$pconfig['noconcurrentlogins'] = isset($config['captiveportal']['noconcurrentlogins']); -$pconfig['redirurl'] = $config['captiveportal']['redirurl']; -$pconfig['radiusip'] = $config['captiveportal']['radiusip']; -$pconfig['radiusip2'] = $config['captiveportal']['radiusip2']; -$pconfig['radiusport'] = $config['captiveportal']['radiusport']; -$pconfig['radiusport2'] = $config['captiveportal']['radiusport2']; -$pconfig['radiusacctport'] = $config['captiveportal']['radiusacctport']; -$pconfig['radiuskey'] = $config['captiveportal']['radiuskey']; -$pconfig['radiuskey2'] = $config['captiveportal']['radiuskey2']; -$pconfig['radiusvendor'] = $config['captiveportal']['radiusvendor']; -$pconfig['radiussession_timeout'] = isset($config['captiveportal']['radiussession_timeout']); -$pconfig['radiussrcip_attribute'] = $config['captiveportal']['radiussrcip_attribute']; -$pconfig['passthrumacadd'] = isset($config['captiveportal']['passthrumacadd']); -$pconfig['passthrumacaddusername'] = isset($config['captiveportal']['passthrumacaddusername']); -$pconfig['radmac_format'] = $config['captiveportal']['radmac_format']; +if (isset($cpzone) && $a_cp[$cpzone]) { + $pconfig['zoneid'] = $a_cp[$cpzone]['zoneid']; + $pconfig['cinterface'] = $a_cp[$cpzone]['interface']; + $pconfig['maxproc'] = $a_cp[$cpzone]['maxproc']; + $pconfig['maxprocperip'] = $a_cp[$cpzone]['maxprocperip']; + $pconfig['timeout'] = $a_cp[$cpzone]['timeout']; + $pconfig['idletimeout'] = $a_cp[$cpzone]['idletimeout']; + $pconfig['freelogins_count'] = $a_cp[$cpzone]['freelogins_count']; + $pconfig['freelogins_resettimeout'] = $a_cp[$cpzone]['freelogins_resettimeout']; + $pconfig['freelogins_updatetimeouts'] = isset($a_cp[$cpzone]['freelogins_updatetimeouts']); + $pconfig['enable'] = isset($a_cp[$cpzone]['enable']); + $pconfig['pms_enabled'] = $a_cp[$cpzone]['pms_enabled']; + $pconfig['auth_method'] = $a_cp[$cpzone]['auth_method']; + $pconfig['radacct_enable'] = isset($a_cp[$cpzone]['radacct_enable']); + $pconfig['radmac_enable'] = isset($a_cp[$cpzone]['radmac_enable']); + $pconfig['radmac_secret'] = $a_cp[$cpzone]['radmac_secret']; + $pconfig['reauthenticate'] = isset($a_cp[$cpzone]['reauthenticate']); + $pconfig['reauthenticateacct'] = $a_cp[$cpzone]['reauthenticateacct']; + $pconfig['httpslogin_enable'] = isset($a_cp[$cpzone]['httpslogin']); + $pconfig['httpsname'] = $a_cp[$cpzone]['httpsname']; + $pconfig['preauthurl'] = strtolower($a_cp[$cpzone]['preauthurl']); + $pconfig['cert'] = base64_decode($a_cp[$cpzone]['certificate']); + $pconfig['cacert'] = base64_decode($a_cp[$cpzone]['cacertificate']); + $pconfig['key'] = base64_decode($a_cp[$cpzone]['private-key']); + $pconfig['logoutwin_enable'] = isset($a_cp[$cpzone]['logoutwin_enable']); + $pconfig['peruserbw'] = isset($a_cp[$cpzone]['peruserbw']); + $pconfig['bwdefaultdn'] = $a_cp[$cpzone]['bwdefaultdn']; + $pconfig['bwdefaultup'] = $a_cp[$cpzone]['bwdefaultup']; + $pconfig['nomacfilter'] = isset($a_cp[$cpzone]['nomacfilter']); + $pconfig['noconcurrentlogins'] = isset($a_cp[$cpzone]['noconcurrentlogins']); + $pconfig['redirurl'] = $a_cp[$cpzone]['redirurl']; + $pconfig['radiusip'] = $a_cp[$cpzone]['radiusip']; + $pconfig['radiusip2'] = $a_cp[$cpzone]['radiusip2']; + $pconfig['radiusport'] = $a_cp[$cpzone]['radiusport']; + $pconfig['radiusport2'] = $a_cp[$cpzone]['radiusport2']; + $pconfig['radiusacctport'] = $a_cp[$cpzone]['radiusacctport']; + $pconfig['radiuskey'] = $a_cp[$cpzone]['radiuskey']; + $pconfig['radiuskey2'] = $a_cp[$cpzone]['radiuskey2']; + $pconfig['radiusvendor'] = $a_cp[$cpzone]['radiusvendor']; + $pconfig['radiussession_timeout'] = isset($a_cp[$cpzone]['radiussession_timeout']); + $pconfig['radiussrcip_attribute'] = $a_cp[$cpzone]['radiussrcip_attribute']; + $pconfig['passthrumacadd'] = isset($a_cp[$cpzone]['passthrumacadd']); + $pconfig['passthrumacaddusername'] = isset($a_cp[$cpzone]['passthrumacaddusername']); + $pconfig['radmac_format'] = $a_cp[$cpzone]['radmac_format']; + $pconfig['page'] = array(); + if ($a_cp[$cpzone]['page']['htmltext']) + $pconfig['page']['htmltext'] = $a_cp[$cpzone]['page']['htmltext']; + if ($a_cp[$cpzone]['page']['errtext']) + $pconfig['page']['errtext'] = $a_cp[$cpzone]['page']['errtext']; + if ($a_cp[$cpzone]['page']['logouttext']) + $pconfig['page']['logouttext'] = $a_cp[$cpzone]['page']['logouttext']; +} if ($_POST) { @@ -114,16 +136,24 @@ if ($_POST) { /* input validation */ if ($_POST['enable']) { - $reqdfields = explode(" ", "cinterface"); - $reqdfieldsn = array(gettext("Interface")); + $reqdfields = explode(" ", "zone cinterface"); + $reqdfieldsn = array(gettext("Zone name"), gettext("Interface")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - /* make sure no interfaces are bridged */ - if (is_array($_POST['cinterface'])) - foreach ($pconfig['cinterface'] as $cpbrif) + /* make sure no interfaces are bridged or used on other zones */ + if (is_array($_POST['cinterface'])) { + foreach ($pconfig['cinterface'] as $cpbrif) { if (link_interface_to_bridge($cpbrif)) $input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is part of a bridge."), $cpbrif); + foreach ($a_cp as $cpkey => $cp) { + if ($cpkey != $cpzone || empty($cpzone)) { + if (in_array($cpbrif, explode(",", $cp['interface']))) + $input_errors[] = sprintf(gettext("The captive portal cannot be used on interface %s since it is used already on %s instance."), $cpbrif, $cp['zone']); + } + } + } + } if ($_POST['httpslogin_enable']) { if (!$_POST['cert'] || !$_POST['key']) { @@ -171,72 +201,110 @@ if ($_POST) { if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) { $input_errors[] = sprintf(gettext("A valid port number must be specified. [%s]"), $_POST['radiusacctport']); } - if ($_POST['maxprocperip'] && (!is_numeric($_POST['maxprocperip']) || ($_POST['maxprocperip'] < 4) || $_POST['maxprocperip'] > 100)) { + if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) || ($_POST['maxproc'] < 4) || ($_POST['maxproc'] > 100))) { + $input_errors[] = gettext("The total maximum number of concurrent connections must be between 4 and 100."); + } + $mymaxproc = $_POST['maxproc'] ? $_POST['maxproc'] : 16; + if ($_POST['maxprocperip'] && (!is_numeric($_POST['maxprocperip']) || ($_POST['maxprocperip'] > $mymaxproc))) { $input_errors[] = gettext("The maximum number of concurrent connections per client IP address may not be larger than the global maximum."); } if (!$input_errors) { + $newcp =& $a_cp[$cpzone]; + //$newcp['zoneid'] = $a_cp[$cpzone]['zoneid']; + if (empty($newcp['zoneid'])) { + $newcp['zoneid'] = 8000; + foreach ($a_cp as $keycpzone => $cp) + if ($cp['zoneid'] == $newcp['zoneid'] && $keycpzone != $cpzone) + $newcp['zoneid'] += 2; /* Resreve space for SSL config if needed */ + } + $oldifaces = $newcp['interface']; if (is_array($_POST['cinterface'])) - $config['captiveportal']['interface'] = implode(",", $_POST['cinterface']); - $config['captiveportal']['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false; - $config['captiveportal']['timeout'] = $_POST['timeout']; - $config['captiveportal']['idletimeout'] = $_POST['idletimeout']; - $config['captiveportal']['freelogins_count'] = $_POST['freelogins_count']; - $config['captiveportal']['freelogins_resettimeout'] = $_POST['freelogins_resettimeout']; - $config['captiveportal']['freelogins_updatetimeouts'] = $_POST['freelogins_updatetimeouts'] ? true : false; - $config['captiveportal']['enable'] = $_POST['enable'] ? true : false; - $config['captiveportal']['auth_method'] = $_POST['auth_method']; - $config['captiveportal']['radacct_enable'] = $_POST['radacct_enable'] ? true : false; - $config['captiveportal']['reauthenticate'] = $_POST['reauthenticate'] ? true : false; - $config['captiveportal']['radmac_enable'] = $_POST['radmac_enable'] ? true : false; - $config['captiveportal']['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false; - $config['captiveportal']['reauthenticateacct'] = $_POST['reauthenticateacct']; - $config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false; - $config['captiveportal']['httpsname'] = $_POST['httpsname']; - $config['captiveportal']['preauthurl'] = $_POST['preauthurl']; - $config['captiveportal']['peruserbw'] = $_POST['peruserbw'] ? true : false; - $config['captiveportal']['bwdefaultdn'] = $_POST['bwdefaultdn']; - $config['captiveportal']['bwdefaultup'] = $_POST['bwdefaultup']; - $config['captiveportal']['certificate'] = base64_encode($_POST['cert']); - $config['captiveportal']['cacertificate'] = base64_encode($_POST['cacert']); - $config['captiveportal']['private-key'] = base64_encode($_POST['key']); - $config['captiveportal']['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false; - $config['captiveportal']['nomacfilter'] = $_POST['nomacfilter'] ? true : false; - $config['captiveportal']['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false; - $config['captiveportal']['redirurl'] = $_POST['redirurl']; - $config['captiveportal']['radiusip'] = $_POST['radiusip']; - $config['captiveportal']['radiusip2'] = $_POST['radiusip2']; - $config['captiveportal']['radiusport'] = $_POST['radiusport']; - $config['captiveportal']['radiusport2'] = $_POST['radiusport2']; - $config['captiveportal']['radiusacctport'] = $_POST['radiusacctport']; - $config['captiveportal']['radiuskey'] = $_POST['radiuskey']; - $config['captiveportal']['radiuskey2'] = $_POST['radiuskey2']; - $config['captiveportal']['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false; - $config['captiveportal']['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false; - $config['captiveportal']['radiussrcip_attribute'] = $_POST['radiussrcip_attribute']; - $config['captiveportal']['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false; - $config['captiveportal']['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false; - $config['captiveportal']['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false; + $newcp['interface'] = implode(",", $_POST['cinterface']); + $newcp['maxproc'] = $_POST['maxproc']; + $newcp['maxprocperip'] = $_POST['maxprocperip'] ? $_POST['maxprocperip'] : false; + $newcp['timeout'] = $_POST['timeout']; + $newcp['idletimeout'] = $_POST['idletimeout']; + $newcp['freelogins_count'] = $_POST['freelogins_count']; + $newcp['freelogins_resettimeout'] = $_POST['freelogins_resettimeout']; + $newcp['freelogins_updatetimeouts'] = $_POST['freelogins_updatetimeouts'] ? true : false; + if ($_POST['enable']) + $newcp['enable'] = true; + else + unset($newcp['enable']); + if ($_POST['pms_enabled']) + $newcp['pms_enabled'] = $_POST['pms_enabled']; + else + unset($newcp['pms_enabled']); + $newcp['auth_method'] = $_POST['auth_method']; + $newcp['radacct_enable'] = $_POST['radacct_enable'] ? true : false; + $newcp['reauthenticate'] = $_POST['reauthenticate'] ? true : false; + $newcp['radmac_enable'] = $_POST['radmac_enable'] ? true : false; + $newcp['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false; + $newcp['reauthenticateacct'] = $_POST['reauthenticateacct']; + $newcp['httpslogin'] = $_POST['httpslogin_enable'] ? true : false; + $newcp['httpsname'] = $_POST['httpsname']; + $newcp['preauthurl'] = $_POST['preauthurl']; + $newcp['peruserbw'] = $_POST['peruserbw'] ? true : false; + $newcp['bwdefaultdn'] = $_POST['bwdefaultdn']; + $newcp['bwdefaultup'] = $_POST['bwdefaultup']; + $newcp['certificate'] = base64_encode($_POST['cert']); + $newcp['cacertificate'] = base64_encode($_POST['cacert']); + $newcp['private-key'] = base64_encode($_POST['key']); + $newcp['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false; + $newcp['nomacfilter'] = $_POST['nomacfilter'] ? true : false; + $newcp['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false; + $newcp['redirurl'] = $_POST['redirurl']; + $newcp['radiusip'] = $_POST['radiusip']; + $newcp['radiusip2'] = $_POST['radiusip2']; + $newcp['radiusport'] = $_POST['radiusport']; + $newcp['radiusport2'] = $_POST['radiusport2']; + $newcp['radiusacctport'] = $_POST['radiusacctport']; + $newcp['radiuskey'] = $_POST['radiuskey']; + $newcp['radiuskey2'] = $_POST['radiuskey2']; + $newcp['radiusvendor'] = $_POST['radiusvendor'] ? $_POST['radiusvendor'] : false; + $newcp['radiussession_timeout'] = $_POST['radiussession_timeout'] ? true : false; + $newcp['radiussrcip_attribute'] = $_POST['radiussrcip_attribute']; + $newcp['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false; + $newcp['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false; + $newcp['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false; + if (!is_array($newcp['page'])) + $newcp['page'] = array(); + $newcp['timeout'] = 60; /* file upload? */ if (is_uploaded_file($_FILES['htmlfile']['tmp_name'])) - $config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name'])); + $newcp['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name'])); if (is_uploaded_file($_FILES['errfile']['tmp_name'])) - $config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name'])); + $newcp['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name'])); if (is_uploaded_file($_FILES['logoutfile']['tmp_name'])) - $config['captiveportal']['page']['logouttext'] = base64_encode(file_get_contents($_FILES['logoutfile']['tmp_name'])); + $newcp['page']['logouttext'] = base64_encode(file_get_contents($_FILES['logoutfile']['tmp_name'])); write_config(); - $retval = 0; - $retval = captiveportal_configure(); + if (!empty($oldifaces) && $oldifaces != $newcp['interface']) { + $ocpinterfaces = explode(",", $oldifaces); + foreach ($ocpinterfaces as $cpifgrp) { + $listrealif = get_real_interface($cpifgrp); + if (does_interface_exist($listrealif)) { + pfSense_interface_flags($listrealif, -IFF_IPFW_FILTER); + $carpif = link_ip_to_carp_interface(find_interface_ip($listrealif)); + if (!empty($carpif)) { + $carpsif = explode(" ", $carpif); + foreach ($carpsif as $cpcarp) + pfSense_interface_flags($cpcarp, -IFF_IPFW_FILTER); + } + } + } + } - $savemsg = get_std_save_message($retval); - + captiveportal_configure_zone($newcp); + filter_configure(); + header("Location: services_captiveportal_zones.php"); + exit; + } else { if (is_array($_POST['cinterface'])) $pconfig['cinterface'] = implode(",", $_POST['cinterface']); - - filter_configure(); } } include("head.inc"); @@ -250,6 +318,7 @@ function enable_change(enable_change) { radius_endis = !((!endis && document.iform.auth_method[2].checked) || enable_change); document.iform.cinterface.disabled = endis; + //document.iform.maxproc.disabled = endis; document.iform.maxprocperip.disabled = endis; document.iform.idletimeout.disabled = endis; document.iform.freelogins_count.disabled = endis; @@ -272,6 +341,7 @@ function enable_change(enable_change) { document.iform.auth_method[0].disabled = endis; document.iform.auth_method[1].disabled = endis; document.iform.auth_method[2].disabled = endis; + document.iform.auth_method[3].disabled = endis; document.iform.radmac_enable.disabled = radius_endis; document.iform.httpslogin_enable.disabled = endis; document.iform.radmac_format.disabled = radius_endis; @@ -308,12 +378,12 @@ function enable_change(enable_change) { <tr><td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Captive portal"), true, "services_captiveportal.php"); - $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); - $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php"); - $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); - $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); + $tab_array[] = array(gettext("Captive portal(s)"), true, "services_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); ?> </td></tr> <tr> @@ -344,8 +414,7 @@ function enable_change(enable_change) { <td class="vtable"> <table cellpadding="0" cellspacing="0"> <tr> - <td><input name="maxprocperip" type="text" class="formfld unknown" id="maxprocperip" size="5" -value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client IP address (0 = no limit)"); ?></td> + <td><input name="maxprocperip" type="text" class="formfld unknown" id="maxprocperip" size="5" value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client IP address (0 = no limit)"); ?></td> </tr> </table> <?=gettext("This setting limits the number of concurrent connections to the captive portal HTTP(S) server. This does not set how many users can be logged in " . @@ -458,6 +527,14 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client <?=gettext("If this option is set, the captive portal will restrict each user who logs in to the specified default bandwidth. RADIUS can override the default settings. Leave empty or set to 0 for no limit."); ?> </td> </tr> <tr> + <td valign="top" class="vncell"><?=gettext("PMS authentication"); ?> </td> + <td class="vtable"> + <input name="pms_enabled" type="checkbox" class="formfld" id="pms_enabled" value="yes" <?php if ($pconfig['pms_enabled']) echo "checked"; ?>> + <strong><?=gettext("Enable PMS authentication"); ?></strong><br> + <?=gettext("If this option is set, users will be authenticated through the PMS backend if they fill the necessary information in the login page.");?> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Authentication"); ?></td> <td width="78%" class="vtable"> <table cellpadding="0" cellspacing="0"> @@ -586,8 +663,8 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client $ipaddr = get_interface_ip($ifdesc); if (is_ipaddr($ipaddr)) { $selected = ""; - if ($ifdesc == $pconfig['radiussrcip_attribute']) - $selected = "selected"; + if ($ipaddr == $pconfig['radiussrcip_attribute']) + $ifdesc = "selected"; echo "<option value='{$ifdesc}' {$selected}>{$ifdescr} - {$ipaddr}</option>\n"; } } @@ -695,18 +772,18 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client <?=gettext("Paste a certificate in X.509 PEM format here."); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Portal page contents"); ?></td> + <td width="22%" valign="top" class="vncell"><?=gettext("Portal page contents"); ?></td> <td width="78%" class="vtable"> <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld file" id="htmlfile"><br> <?php list($host) = explode(":", $_SERVER['HTTP_HOST']); - if(isset($config['captiveportal']['httpslogin'])) { - $href = "https://$host:8001"; + if($pconfig['zoneid']) { + $href = "https://{$host}:{$pconfig['zoneid']}"; } else { - $href = "http://$host:8000"; + $href = "http://{$host}:8000"; } ?> - <?php if ($config['captiveportal']['page']['htmltext']): ?> + <?php if ($pconfig['page']['htmltext']): ?> <a href="<?=$href?>" target="_new"><?=gettext("View current page"); ?></a> <br> <br> @@ -740,7 +817,7 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client <?=gettext("contents"); ?></td> <td class="vtable"> <input name="errfile" type="file" class="formfld file" id="errfile"><br> - <?php if ($config['captiveportal']['page']['errtext']): ?> + <?php if ($pconfig['page']['errtext']): ?> <a href="?act=viewerrhtml" target="_blank"><?=gettext("View current page"); ?></a> <br> <br> @@ -754,7 +831,7 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client <?=gettext("contents"); ?></td> <td class="vtable"> <input name="logoutfile" type="file" class="formfld file" id="logoutfile"><br> - <?php if ($config['captiveportal']['page']['logouttext']): ?> + <?php if ($pconfig['page']['logouttext']): ?> <a href="?act=viewlogouthtml" target="_blank"><?=gettext("View current page"); ?></a> <br> <br> @@ -764,7 +841,9 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client <tr> <td width="22%" valign="top"> </td> <td width="78%"> + <?php echo "<input name='zone' id='zone' type='hidden' value='{$cpzone}'/>"; ?> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onClick="enable_change(true)"> + <a href="services_captiveportal_zones.php"><input name="Cancel" type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onClick="enable_change(true)"></a> </td> </tr> <tr> @@ -785,4 +864,3 @@ enable_change(false); <?php include("fend.inc"); ?> </body> </html> - diff --git a/usr/local/www/services_captiveportal_filemanager.php b/usr/local/www/services_captiveportal_filemanager.php index 7bc61ec..2aa2329 100755 --- a/usr/local/www/services_captiveportal_filemanager.php +++ b/usr/local/www/services_captiveportal_filemanager.php @@ -44,9 +44,9 @@ function cpelementscmp($a, $b) { } function cpelements_sort() { - global $config; + global $config, $cpzone; - usort($config['captiveportal']['element'],"cpelementscmp"); + usort($config['captiveportal'][$cpzone]['element'],"cpelementscmp"); } $statusurl = "status_captiveportal.php"; @@ -59,12 +59,24 @@ require("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); -$pgtitle = array(gettext("Services"),gettext("Captive portal")); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; + +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; -if (!is_array($config['captiveportal']['element'])) - $config['captiveportal']['element'] = array(); +$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); -$a_element = &$config['captiveportal']['element']; +if (!is_array($a_cp[$cpzone]['element'])) + $a_cp[$cpzone]['element'] = array(); +$a_element =& $a_cp[$cpzone]['element']; // Calculate total size of all files $total_size = 0; @@ -108,21 +120,19 @@ if ($_POST) { write_config(); captiveportal_write_elements(); - header("Location: services_captiveportal_filemanager.php"); + header("Location: services_captiveportal_filemanager.php?zone={$cpzone}"); exit; } } -} else { - if (($_GET['act'] == "del") && $a_element[$_GET['id']]) { - conf_mount_rw(); - unlink_if_exists($g['captiveportal_path'] . "/" . $a_element[$id]['name']); - unset($a_element[$_GET['id']]); - write_config(); - captiveportal_write_elements(); - conf_mount_ro(); - header("Location: services_captiveportal_filemanager.php"); - exit; - } +} else if (($_GET['act'] == "del") && !empty($cpzone) && $a_element[$_GET['id']]) { + conf_mount_rw(); + unlink_if_exists($g['captiveportal_path'] . "/" . $a_element[$id]['name']); + unset($a_element[$_GET['id']]); + write_config(); + captiveportal_write_elements(); + conf_mount_ro(); + header("Location: services_captiveportal_filemanager.php?zone={$cpzone}"); + exit; } include("head.inc"); @@ -131,17 +141,18 @@ include("head.inc"); <?php include("fbegin.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <form action="services_captiveportal_filemanager.php" method="post" enctype="multipart/form-data" name="iform" id="iform"> +<input type="hidden" name="zone" id="zone" value="<?=$cpzone;?>" /> <?php if ($input_errors) print_input_errors($input_errors); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); - $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); - $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php"); - $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); - $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("File Manager"), true, "services_captiveportal_filemanager.php"); + $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("File Manager"), true, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); ?> </td></tr> <tr> @@ -154,22 +165,23 @@ include("head.inc"); <table border="0" cellspacing="0" cellpadding="1"> <tr> <td width="17" heigth="17"></td> - <td><a href="services_captiveportal_filemanager.php?act=add"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add file"); ?>" width="17" height="17" border="0"></a></td> + <td><a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>&act=add"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add file"); ?>" width="17" height="17" border="0"></a></td> </tr> </table> </td> </tr> - <?php $i = 0; foreach ($a_element as $element): ?> +<?php if (is_array($a_cp[$cpzone]['element'])): + $i = 0; foreach ($a_cp[$cpzone]['element'] as $element): ?> <tr> <td class="listlr"><?=htmlspecialchars($element['name']);?></td> <td class="listr" align="right"><?=format_bytes($element['size']);?></td> <td valign="middle" nowrap class="list"> - <a href="services_captiveportal_filemanager.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this file?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete file"); ?>" width="17" height="17" border="0"></a> + <a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this file?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete file"); ?>" width="17" height="17" border="0"></a> </td> </tr> - <?php $i++; endforeach; ?> + <?php $i++; endforeach; endif; ?> - <?php if (count($a_element) > 0): ?> + <?php if ($total_size > 0): ?> <tr> <td class="listlr" style="background-color: #eee"><strong><?=gettext("TOTAL"); ?></strong></td> <td class="listr" style="background-color: #eee" align="right"><strong><?=format_bytes($total_size);?></strong></td> @@ -182,7 +194,7 @@ include("head.inc"); <td class="listlr" colspan="2"><input type="file" name="new" class="formfld file" size="40" id="new"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Upload"); ?>"></td> <td valign="middle" nowrap class="list"> - <a href="services_captiveportal_filemanager.php"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("cancel"); ?>" width="17" height="17" border="0"></a> + <a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("cancel"); ?>" width="17" height="17" border="0"></a> </td> </tr> <?php else: ?> @@ -192,7 +204,7 @@ include("head.inc"); <table border="0" cellspacing="0" cellpadding="1"> <tr> <td width="17" heigth="17"></td> - <td><a href="services_captiveportal_filemanager.php?act=add"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add file"); ?>" width="17" height="17" border="0"></a></td> + <td><a href="services_captiveportal_filemanager.php?zone=<?=$cpzone;?>&act=add"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add file"); ?>" width="17" height="17" border="0"></a></td> </tr> </table> </td> @@ -212,7 +224,7 @@ include("head.inc"); <?=gettext("In addition, you can also upload .php files for execution. You can pass the filename " . "to your custom page from the initial page by using text similar to:"); ?> <br><br> - <tt><a href="/captiveportal-aup.php?redirurl=$PORTAL_REDIRURL$"><?=gettext("Acceptable usage policy"); ?></a></tt> + <tt><a href="/captiveportal-aup.php?zone=$PORTAL_ZONE$&redirurl=$PORTAL_REDIRURL$"><?=gettext("Acceptable usage policy"); ?></a></tt> <br><br> <?php printf(gettext("The total size limit for all files is %s."), format_bytes($g['captiveportal_element_sizelimit']));?></span> </td> @@ -222,4 +234,3 @@ include("head.inc"); <?php include("fend.inc"); ?> </body> </html> - diff --git a/usr/local/www/services_captiveportal_hostname.php b/usr/local/www/services_captiveportal_hostname.php index 3668a35..3955da8 100755 --- a/usr/local/www/services_captiveportal_hostname.php +++ b/usr/local/www/services_captiveportal_hostname.php @@ -50,22 +50,32 @@ require("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); -$pgtitle = array(gettext("Services"),gettext("Captive portal")); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; -if (!is_array($config['captiveportal']['allowedhostname'])) - $config['captiveportal']['allowedhostname'] = array(); +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; -$a_allowedhostnames = &$config['captiveportal']['allowedhostname'] ; +$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); -if ($_GET['act'] == "del") { - if ($a_allowedhostnames[$_GET['id']]) { +if ($_GET['act'] == "del" && !empty($cpzone)) { + $a_allowedhostnames =& $a_cp[$cpzone]['allowedhostname']; + if ($allowedhostnames[$_GET['id']]) { $ipent = $a_allowedhostnames[$_GET['id']]; - if (isset($config['captiveportal']['enable'])) { + if (isset($a_cp[$cpzone]['enable'])) { if (!empty($ipent['sn'])) $ipent['ip'] .= "/{$ipent['sn']}"; $ip = gethostbyname($ipent['ip']); if(is_ipaddr($ip)) { + captiveportal_ipfw_set_context($zone); mwexec("/sbin/ipfw table 3 delete {$ip}"); mwexec("/sbin/ipfw table 4 delete {$ip}"); mwexec("/sbin/ipfw table 5 delete {$ip}"); @@ -79,7 +89,7 @@ if ($_GET['act'] == "del") { unset($a_allowedhostnames[$_GET['id']]); write_config(); - header("Location: services_captiveportal_hostname.php"); + header("Location: services_captiveportal_hostname.php?zone={$cpzone}"); exit; } } @@ -90,17 +100,18 @@ include("head.inc"); <?php include("fbegin.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <form action="services_captiveportal_hostname.php" method="post"> +<input type="hidden" name="zone" id="zone" value="<?=$cpzone;?>" /> <?php if ($savemsg) print_info_box($savemsg); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); - $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); - $tab_array[] = array(gettext("Allowed IP Addresses"), false, "services_captiveportal_ip.php"); - $tab_array[] = array(gettext("Allowed Hostnames"), true, "services_captiveportal_hostname.php"); - $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); + $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed IP Addresses"), false, "services_captiveportal_ip.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed Hostnames"), true, "services_captiveportal_hostname.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); ?> </td></tr> @@ -108,19 +119,20 @@ include("head.inc"); <td class="tabcont"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="30%" class="listhdrr"><?=gettext("Hostname"); ?></td> - <td width="60%" class="listhdr"><?=gettext("Description"); ?></td> + <td width="60%" class="listhdrr"><?=gettext("Hostname"); ?></td> + <td width="40%" class="listhdr"><?=gettext("Description"); ?></td> <td width="10%" class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> <td width="17" heigth="17"></td> - <td><a href="services_captiveportal_hostname_edit.php"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> + <td><a href="services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> </tr> </table> </td> </tr> - <?php $i = 0; foreach ($a_allowedhostnames as $ip): ?> - <tr ondblclick="document.location='services_captiveportal_hostname_edit.php?id=<?=$i;?>'"> +<?php if (is_array($a_cp[$cpzone]['allowedhostname'])): + $i = 0; foreach ($a_cp[$cpzone]['allowedhostname'] as $ip): ?> + <tr ondblclick="document.location='services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>'"> <td class="listlr"> <?php if($ip['dir'] == "to") { @@ -139,17 +151,17 @@ include("head.inc"); <td class="listbg"> <?=htmlspecialchars($ip['descr']);?> </td> - <td valign="middle" nowrap class="list"> <a href="services_captiveportal_hostname_edit.php?id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit address"); ?>" width="17" height="17" border="0"></a> - <a href="services_captiveportal_hostname.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this address?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete address"); ?>" width="17" height="17" border="0"></a></td> + <td valign="middle" nowrap class="list"> <a href="services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit address"); ?>" width="17" height="17" border="0"></a> + <a href="services_captiveportal_hostname.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this address?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete address"); ?>" width="17" height="17" border="0"></a></td> </tr> - <?php $i++; endforeach; ?> + <?php $i++; endforeach; endif; ?> <tr> <td class="list" colspan="2"> </td> <td class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> <td width="17" heigth="17"></td> - <td><a href="services_captiveportal_hostname_edit.php"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> + <td><a href="services_captiveportal_hostname_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> </tr> </table> </td> diff --git a/usr/local/www/services_captiveportal_hostname_edit.php b/usr/local/www/services_captiveportal_hostname_edit.php index cc09459..f67ac6e 100755 --- a/usr/local/www/services_captiveportal_hostname_edit.php +++ b/usr/local/www/services_captiveportal_hostname_edit.php @@ -46,8 +46,8 @@ function allowedhostnamescmp($a, $b) { } function allowedhostnames_sort() { - global $g, $config; - usort($config['captiveportal']['allowedhostname'],"allowedhostname"); + global $g, $config, $cpzone; + usort($config['captiveportal'][$cpzone]['allowedhostname'],"allowedhostname"); } $statusurl = "status_captiveportal.php"; @@ -61,16 +61,29 @@ require("captiveportal.inc"); $pgtitle = array(gettext("Services"),gettext("Captive portal"),gettext("Edit allowed Hostname")); -if (!is_array($config['captiveportal']['allowedhostname'])) - $config['captiveportal']['allowedhostname'] = array(); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; -$a_allowedhostnames = &$config['captiveportal']['allowedhostname']; +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; +if (!is_array($a_cp[$cpzone]['allowedhostname'])) + $a_cp[$cpzone]['allowedhostname'] = array(); +$a_allowedhostnames = &$a_cp[$cpzone]['allowedhostname']; + if (isset($id) && $a_allowedhostnames[$id]) { + $pconfig['zone'] = $a_allowedhostnames[$id]['zone']; $pconfig['hostname'] = $a_allowedhostnames[$id]['hostname']; $pconfig['sn'] = $a_allowedhostnames[$id]['sn']; $pconfig['dir'] = $a_allowedhostnames[$id]['dir']; @@ -127,10 +140,10 @@ if ($_POST) { write_config(); - if (isset($config['captiveportal']['enable']) && is_module_loaded("ipfw.ko")) + if (isset($a_cp[$cpzone]['enable']) && is_module_loaded("ipfw.ko")) captiveportal_init_rules(); - header("Location: services_captiveportal_hostname.php"); + header("Location: services_captiveportal_hostname.php?zone={$cpzone}"); exit; } } @@ -188,6 +201,7 @@ include("head.inc"); <td width="22%" valign="top"> </td> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> + <input name="zone" type="hidden" value="<?=htmlspecialchars($cpzone);?>"> <?php if (isset($id) && $a_allowedhostnames[$id]): ?> <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php index d636f8a..b8e4dc4 100755 --- a/usr/local/www/services_captiveportal_ip.php +++ b/usr/local/www/services_captiveportal_ip.php @@ -48,20 +48,30 @@ require("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); -$pgtitle = array(gettext("Services"),gettext("Captive portal")); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; -if (!is_array($config['captiveportal']['allowedip'])) - $config['captiveportal']['allowedip'] = array(); +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; -$a_allowedips = &$config['captiveportal']['allowedip'] ; +$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); if ($_GET['act'] == "del") { + $a_allowedips =& $config['captiveportal'][$cpzone]['allowedip']; if ($a_allowedips[$_GET['id']]) { $ipent = $a_allowedips[$_GET['id']]; - if (isset($config['captiveportal']['enable'])) { + if (isset($config['captiveportal'][$cpzone]['enable'])) { if (!empty($ipent['sn'])) $ipent['ip'] .= "/{$ipent['sn']}"; + captiveportal_ipfw_set_context($cpzone); mwexec("/sbin/ipfw table 3 delete " . $ipent['ip']); mwexec("/sbin/ipfw table 4 delete " . $ipent['ip']); mwexec("/sbin/ipfw table 5 delete " . $ipent['ip']); @@ -74,7 +84,7 @@ if ($_GET['act'] == "del") { unset($a_allowedips[$_GET['id']]); write_config(); - header("Location: services_captiveportal_ip.php"); + header("Location: services_captiveportal_ip.php?zone={$cpzone}"); exit; } } @@ -85,17 +95,18 @@ include("head.inc"); <?php include("fbegin.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <form action="services_captiveportal_ip.php" method="post"> +<input type="hidden" name="zone" id="zone" value="<?=$cpzone;?>" /> <?php if ($savemsg) print_info_box($savemsg); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); - $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); - $tab_array[] = array(gettext("Allowed IP addresses"), true, "services_captiveportal_ip.php"); - $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); - $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); + $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed IP addresses"), true, "services_captiveportal_ip.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); ?> </td></tr> @@ -103,19 +114,20 @@ include("head.inc"); <td class="tabcont"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="30%" class="listhdrr"><?=gettext("IP address"); ?></td> - <td width="60%" class="listhdr"><?=gettext("Description"); ?></td> + <td width="40%" class="listhdrr"><?=gettext("IP address"); ?></td> + <td width="50%" class="listhdr"><?=gettext("Description"); ?></td> <td width="10%" class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> <td width="17" heigth="17"></td> - <td><a href="services_captiveportal_ip_edit.php"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> + <td><a href="services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> </tr> </table> </td> </tr> - <?php $i = 0; foreach ($a_allowedips as $ip): ?> - <tr ondblclick="document.location='services_captiveportal_ip_edit.php?id=<?=$i;?>'"> +<?php if (is_array($a_cp[$cpzone]['allowedip'])): + $i = 0; foreach ($a_cp[$cpzone]['allowedip'] as $ip): ?> + <tr ondblclick="document.location='services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>'"> <td class="listlr"> <?php if($ip['dir'] == "to") { @@ -138,17 +150,17 @@ include("head.inc"); <td class="listbg"> <?=htmlspecialchars($ip['descr']);?> </td> - <td valign="middle" nowrap class="list"> <a href="services_captiveportal_ip_edit.php?id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit address"); ?>" width="17" height="17" border="0"></a> - <a href="services_captiveportal_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this address?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete address"); ?>" width="17" height="17" border="0"></a></td> + <td valign="middle" nowrap class="list"> <a href="services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit address"); ?>" width="17" height="17" border="0"></a> + <a href="services_captiveportal_ip.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this address?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete address"); ?>" width="17" height="17" border="0"></a></td> </tr> - <?php $i++; endforeach; ?> + <?php $i++; endforeach; endif; ?> <tr> <td class="list" colspan="2"> </td> <td class="list"> <table border="0" cellspacing="0" cellpadding="1"> <tr> <td width="17" heigth="17"></td> - <td><a href="services_captiveportal_ip_edit.php"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> + <td><a href="services_captiveportal_ip_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> </tr> </table> </td> diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index 01d52a2..e397b21 100755 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -46,9 +46,9 @@ function allowedipscmp($a, $b) { } function allowedips_sort() { - global $g, $config; + global $g, $config, $cpzone; - usort($config['captiveportal']['allowedip'],"allowedipscmp"); + usort($config['captiveportal'][$cpzone]['allowedip'],"allowedipscmp"); } $statusurl = "status_captiveportal.php"; @@ -62,15 +62,27 @@ require("captiveportal.inc"); $pgtitle = array(gettext("Services"),gettext("Captive portal"),gettext("Edit allowed IP address")); -if (!is_array($config['captiveportal']['allowedip'])) - $config['captiveportal']['allowedip'] = array(); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; + +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} -$a_allowedips = &$config['captiveportal']['allowedip']; +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; +if (!is_array($config['captiveportal'][$cpzone]['allowedip'])) + $config['captiveportal'][$cpzone]['allowedip'] = array(); +$a_allowedips =& $config['captiveportal'][$cpzone]['allowedip']; + if (isset($id) && $a_allowedips[$id]) { $pconfig['ip'] = $a_allowedips[$id]['ip']; $pconfig['sn'] = $a_allowedips[$id]['sn']; @@ -135,17 +147,18 @@ if ($_POST) { write_config(); - if (isset($config['captiveportal']['enable']) && is_module_loaded("ipfw.ko")) { + if (isset($a_cp[$cpzone]['enable']) && is_module_loaded("ipfw.ko")) { $rules = ""; for ($i = 3; $i < 10; $i++) $rules .= "table {$i} delete {$oldip}\n"; $rules .= captiveportal_allowedip_configure_entry($ip); - file_put_contents("{$g['tmp_path']}/allowedip_tmp{$id}", $rules); - mwexec("/sbin/ipfw -q {$g['tmp_path']}/allowedip_tmp{$id}"); - @unlink("{$g['tmp_path']}/allowedip_tmp{$id}"); + file_put_contents("{$g['tmp_path']}/{$cpzone}_allowedip_tmp{$id}", $rules); + captiveportal_ipfw_set_context($cpzone); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/{$cpzone}_allowedip_tmp{$id}"); + @unlink("{$g['tmp_path']}/{$cpzone}_allowedip_tmp{$id}"); } - header("Location: services_captiveportal_ip.php"); + header("Location: services_captiveportal_ip.php?zone={$cpzone}"); exit; } } @@ -216,6 +229,7 @@ include("head.inc"); <td width="22%" valign="top"> </td> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> + <input name="zone" type="hidden" value="<?=htmlspecialchars($cpzone);?>"> <?php if (isset($id) && $a_allowedips[$id]): ?> <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php index f42ac80..83f88a2 100755 --- a/usr/local/www/services_captiveportal_mac.php +++ b/usr/local/www/services_captiveportal_mac.php @@ -47,13 +47,20 @@ require("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); -$pgtitle = array(gettext("Services"),gettext("Captive portal")); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; -if (!is_array($config['captiveportal']['passthrumac'])) - $config['captiveportal']['passthrumac'] = array(); +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} -$a_passthrumacs = &$config['captiveportal']['passthrumac'] ; +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; +$pgtitle = array(gettext("Services"),gettext("Captive portal"), $a_cp[$cpzone]['zone']); if ($_POST) { @@ -73,6 +80,14 @@ if ($_POST) { echo gettext("No entry exists yet!") ."\n"; exit; } + if (empty($_POST['zone'])) { + echo gettext("Please set the zone on which the operation should be allowed"); + exit; + } + if (!is_array($a_cp[$cpzone]['passthrumac'])) + $a_cp[$cpzone]['passthrumac'] = array(); + $a_passthrumacs =& $a_cp[$cpzone]['passthrumac']; + if ($_POST['username']) { $mac = captiveportal_passthrumac_findbyname($_POST['username']); if (!empty($mac)) @@ -92,6 +107,7 @@ if ($_POST) { $ruleno = captiveportal_get_ipfw_passthru_ruleno($_POST['delmac']); if ($ruleno) { captiveportal_free_ipfw_ruleno($ruleno, true); + captiveportal_ipfw_set_context($cpzone); mwexec("/sbin/ipfw delete {$ruleno}; /sbin/ipfw delete " . ++$ruleno); } unset($a_passthrumacs[$idx]); @@ -105,15 +121,17 @@ if ($_POST) { } if ($_GET['act'] == "del") { + $a_passthrumacs =& $a_cp[$cpzone]; if ($a_passthrumacs[$_GET['id']]) { $ruleno = captiveportal_get_ipfw_passthru_ruleno($a_passthrumacs[$_GET['id']]['mac']); if ($ruleno) { + captiveportal_ipfw_set_context($cpzone); captiveportal_free_ipfw_ruleno($ruleno); mwexec("/sbin/ipfw delete {$ruleno}; /sbin/ipfw delete " . ++$ruleno); } unset($a_passthrumacs[$_GET['id']]); write_config(); - header("Location: services_captiveportal_mac.php"); + header("Location: services_captiveportal_mac.php?zone={$cpzone}"); exit; } } @@ -124,6 +142,7 @@ include("head.inc"); <?php include("fbegin.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <form action="services_captiveportal_mac.php" method="post"> +<input type="hidden" name="zone" id="zone" value="<?=$cpzone;?>"/> <?php if ($savemsg) print_info_box($savemsg); ?> <?php if (is_subsystem_dirty('passthrumac')): ?><p> <?php print_info_box_np(gettext("The captive portal MAC address configuration has been changed.<br>You must apply the changes in order for them to take effect."));?><br> @@ -132,12 +151,12 @@ include("head.inc"); <tr><td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); - $tab_array[] = array(gettext("Pass-through MAC"), true, "services_captiveportal_mac.php"); - $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php"); - $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); - $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); + $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Pass-through MAC"), true, "services_captiveportal_mac.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); ?> </td></tr> @@ -145,25 +164,26 @@ include("head.inc"); <td class="tabcont"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="30%" class="listhdrr"><?=gettext("MAC address"); ?></td> - <td width="60%" class="listhdr"><?=gettext("Description"); ?></td> + <td width="40%" class="listhdrr"><?=gettext("MAC address"); ?></td> + <td width="50%" class="listhdr"><?=gettext("Description"); ?></td> <td width="10%" class="list"></td> </tr> - <?php $i = 0; foreach ($a_passthrumacs as $mac): ?> - <tr ondblclick="document.location='services_captiveportal_mac_edit.php?id=<?=$i;?>'"> +<?php if (is_array($a_cp[$cpzone]['passthrumac'])): + $i = 0; foreach ($a_cp[$cpzone]['passthrumac'] as $mac): ?> + <tr ondblclick="document.location='services_captiveportal_mac_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>'"> <td class="listlr"> <?=strtolower($mac['mac']);?> </td> <td class="listbg"> <?=htmlspecialchars($mac['descr']);?> </td> - <td valign="middle" nowrap class="list"> <a href="services_captiveportal_mac_edit.php?id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit host"); ?>" width="17" height="17" border="0"></a> - <a href="services_captiveportal_mac.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this host?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete host"); ?>" width="17" height="17" border="0"></a></td> + <td valign="middle" nowrap class="list"> <a href="services_captiveportal_mac_edit.php?zone=<?=$cpzone;?>&id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit host"); ?>" width="17" height="17" border="0"></a> + <a href="services_captiveportal_mac.php?zone=<?=$cpzone;?>&act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this host?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete host"); ?>" width="17" height="17" border="0"></a></td> </tr> - <?php $i++; endforeach; ?> + <?php $i++; endforeach; endif; ?> <tr> <td class="list" colspan="2"> </td> - <td class="list"> <a href="services_captiveportal_mac_edit.php"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add host"); ?>" width="17" height="17" border="0"></a></td> + <td class="list"> <a href="services_captiveportal_mac_edit.php?zone=<?=$cpzone;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add host"); ?>" width="17" height="17" border="0"></a></td> </tr> <tr> <td colspan="2" class="list"><span class="vexpl"><span class="red"><strong> diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php index 07f6d8c..9f590cb 100755 --- a/usr/local/www/services_captiveportal_mac_edit.php +++ b/usr/local/www/services_captiveportal_mac_edit.php @@ -43,9 +43,9 @@ function passthrumacscmp($a, $b) { } function passthrumacs_sort() { - global $config; + global $config, $cpzone; - usort($config['captiveportal']['passthrumac'],"passthrumacscmp"); + usort($config['captiveportal'][$cpzone]['passthrumac'],"passthrumacscmp"); } $statusurl = "status_captiveportal.php"; @@ -59,15 +59,27 @@ require("captiveportal.inc"); $pgtitle = array(gettext("Services"),gettext("Captive portal"),gettext("Edit pass-through MAC address")); -if (!is_array($config['captiveportal']['passthrumac'])) - $config['captiveportal']['passthrumac'] = array(); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; -$a_passthrumacs = &$config['captiveportal']['passthrumac']; +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; +if (!is_array($a_cp[$cpzone]['passthrumac'])) + $a_cp[$cpzone]['passthrumac'] = array(); +$a_passthrumacs = &$a_cp[$cpzone]['passthrumac']; + if (isset($id) && $a_passthrumacs[$id]) { $pconfig['mac'] = $a_passthrumacs[$id]['mac']; $pconfig['bw_up'] = $a_passthrumacs[$id]['bw_up']; @@ -138,11 +150,12 @@ if ($_POST) { } $rules .= captiveportal_passthrumac_configure_entry($mac); - file_put_contents("{$g['tmp_path']}/tmpmacedit{$id}", $rules); - mwexec("/sbin/ipfw -q {$g['tmp_path']}/tmpmacedit{$id}"); - @unlink("{$g['tmp_path']}/tmpmacedit{$id}"); + file_put_contents("{$g['tmp_path']}/{$cpzone}_tmpmacedit{$id}", $rules); + captiveportal_ipfw_set_context($cpzone); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/{$cpzone}_tmpmacedit{$id}"); + @unlink("{$g['tmp_path']}/{$cpzone}_tmpmacedit{$id}"); - header("Location: services_captiveportal_mac.php"); + header("Location: services_captiveportal_mac.php?zone={$cpzone}"); exit; } } @@ -156,7 +169,7 @@ include("head.inc"); <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Pass-through MAC address");?></td> </tr> - <tr> + <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("MAC address"); ?></td> <td width="78%" class="vtable"> <?=$mandfldhtml;?><input name="mac" type="text" class="formfld unknown" id="mac" size="17" value="<?=htmlspecialchars($pconfig['mac']);?>"> @@ -186,6 +199,7 @@ include("head.inc"); <td width="22%" valign="top"> </td> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> + <input name="zone" type="hidden" value="<?=htmlspecialchars($cpzone);?>"> <?php if (isset($id) && $a_passthrumacs[$id]): ?> <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> diff --git a/usr/local/www/services_captiveportal_vouchers.php b/usr/local/www/services_captiveportal_vouchers.php index 05bce04..df423a0 100644 --- a/usr/local/www/services_captiveportal_vouchers.php +++ b/usr/local/www/services_captiveportal_vouchers.php @@ -39,8 +39,18 @@ $statusurl = "status_captiveportal_vouchers.php"; $logurl = "diag_logs_auth.php"; +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; + +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + if ($_POST['postafterlogin']) $nocsrf= true; + require("guiconfig.inc"); require("functions.inc"); require("filter.inc"); @@ -65,77 +75,81 @@ EOF; exit; } -$pgtitle = array(gettext("Services"), gettext("Captive portal"), gettext("Vouchers")); +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; if (!is_array($config['voucher'])) $config['voucher'] = array(); -if (!is_array($config['voucher']['roll'])) - $config['voucher']['roll'] = array(); -if (!isset($config['voucher']['charset'])) - $config['voucher']['charset'] = '2345678abcdefhijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ'; -if (!isset($config['voucher']['rollbits'])) - $config['voucher']['rollbits'] = 16; -if (!isset($config['voucher']['ticketbits'])) - $config['voucher']['ticketbits'] = 10; -if (!isset($config['voucher']['checksumbits'])) - $config['voucher']['checksumbits'] = 5; -if (!isset($config['voucher']['magic'])) - $config['voucher']['magic'] = rand(); // anything slightly random will do +$pgtitle = array(gettext("Services"), gettext("Captive portal"), gettext("Vouchers"), $a_cp[$cpzone]['zone']); + +if (!is_array($config['voucher'][$cpzone]['roll'])) + $config['voucher'][$cpzone]['roll'] = array(); +if (!isset($config['voucher'][$cpzone]['charset'])) + $config['voucher'][$cpzone]['charset'] = '2345678abcdefhijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ'; +if (!isset($config['voucher'][$cpzone]['rollbits'])) + $config['voucher'][$cpzone]['rollbits'] = 16; +if (!isset($config['voucher'][$cpzone]['ticketbits'])) + $config['voucher'][$cpzone]['ticketbits'] = 10; +if (!isset($config['voucher'][$cpzone]['checksumbits'])) + $config['voucher'][$cpzone]['checksumbits'] = 5; +if (!isset($config['voucher'][$cpzone]['magic'])) + $config['voucher'][$cpzone]['magic'] = rand(); // anything slightly random will do -if (!isset($config['voucher']['publickey'])) { +if (!isset($config['voucher'][$cpzone]['publickey'])) { /* generate a random 64 bit RSA key pair using the voucher binary */ $fd = popen("/usr/local/bin/voucher -g 64", "r"); if ($fd !== false) { $output = fread($fd, 16384); pclose($fd); list($privkey, $pubkey) = explode("\0", $output); - $config['voucher']['publickey'] = base64_encode($pubkey); - $config['voucher']['privatekey'] = base64_encode($privkey); + $config['voucher'][$cpzone]['publickey'] = base64_encode($pubkey); + $config['voucher'][$cpzone]['privatekey'] = base64_encode($privkey); } } // Check for invalid or expired vouchers -if (!isset($config['voucher']['msgnoaccess'])) - $config['voucher']['msgnoaccess'] = gettext("Voucher invalid"); -if (!isset($config['voucher']['msgexpired'])) - $config['voucher']['msgexpired'] = gettext("Voucher expired"); +if (!isset($config['voucher'][$cpzone]['msgnoaccess'])) + $config['voucher'][$cpzone]['msgnoaccess'] = gettext("Voucher invalid"); +if (!isset($config['voucher'][$cpzone]['msgexpired'])) + $config['voucher'][$cpzone]['msgexpired'] = gettext("Voucher expired"); -$a_roll = &$config['voucher']['roll']; +$a_roll = &$config['voucher'][$cpzone]['roll']; if ($_GET['act'] == "del") { $id = $_GET['id']; if ($a_roll[$id]) { $roll = $a_roll[$id]['number']; - $voucherlck = lock('voucher'); + $voucherlck = lock("voucher{$cpzone}"); unset($a_roll[$id]); voucher_unlink_db($roll); unlock($voucherlck); write_config(); - header("Location: services_captiveportal_vouchers.php"); + header("Location: services_captiveportal_vouchers.php?zone={$cpzone}"); exit; } } /* print all vouchers of the selected roll */ else if ($_GET['act'] == "csv") { - $privkey = base64_decode($config['voucher']['privatekey']); + $privkey = base64_decode($config['voucher'][$cpzone]['privatekey']); if (strstr($privkey,"BEGIN RSA PRIVATE KEY")) { - $fd = fopen("{$g['varetc_path']}/voucher.private","w"); + $fd = fopen("{$g['varetc_path']}/voucher_{$cpzone}.private","w"); if (!$fd) { $input_errors[] = gettext("Cannot write private key file") . ".\n"; } else { - chmod("{$g['varetc_path']}/voucher.private", 0600); + chmod("{$g['varetc_path']}/voucher_{$cpzone}.private", 0600); fwrite($fd, $privkey); fclose($fd); - $a_voucher = &$config['voucher']['roll']; + $a_voucher = &$config['voucher'][$cpzone]['roll']; $id = $_GET['id']; if (isset($id) && $a_voucher[$id]) { $number = $a_voucher[$id]['number']; $count = $a_voucher[$id]['count']; header("Content-Type: application/octet-stream"); - header("Content-Disposition: attachment; filename=vouchers_roll$number.csv"); - system("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher.cfg -p {$g['varetc_path']}/voucher.private $number $count"); - unlink("{$g['varetc_path']}/voucher.private"); + header("Content-Disposition: attachment; filename=vouchers_{$cpzone}_roll{$number}.csv"); + system("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher_{$cpzone}.cfg -p {$g['varetc_path']}/voucher_{$cpzone}.private $number $count"); + unlink("{$g['varetc_path']}/voucher_{$cpzone}.private"); exit; } } @@ -144,20 +158,20 @@ else if ($_GET['act'] == "csv") { } } -$pconfig['enable'] = isset($config['voucher']['enable']); -$pconfig['charset'] = $config['voucher']['charset']; -$pconfig['rollbits'] = $config['voucher']['rollbits']; -$pconfig['ticketbits'] = $config['voucher']['ticketbits']; -$pconfig['checksumbits'] = $config['voucher']['checksumbits']; -$pconfig['magic'] = $config['voucher']['magic']; -$pconfig['publickey'] = base64_decode($config['voucher']['publickey']); -$pconfig['privatekey'] = base64_decode($config['voucher']['privatekey']); -$pconfig['msgnoaccess'] = $config['voucher']['msgnoaccess']; -$pconfig['msgexpired'] = $config['voucher']['msgexpired']; -$pconfig['vouchersyncdbip'] = $config['voucher']['vouchersyncdbip']; -$pconfig['vouchersyncport'] = $config['voucher']['vouchersyncport']; -$pconfig['vouchersyncpass'] = $config['voucher']['vouchersyncpass']; -$pconfig['vouchersyncusername'] = $config['voucher']['vouchersyncusername']; +$pconfig['enable'] = isset($config['voucher'][$cpzone]['enable']); +$pconfig['charset'] = $config['voucher'][$cpzone]['charset']; +$pconfig['rollbits'] = $config['voucher'][$cpzone]['rollbits']; +$pconfig['ticketbits'] = $config['voucher'][$cpzone]['ticketbits']; +$pconfig['checksumbits'] = $config['voucher'][$cpzone]['checksumbits']; +$pconfig['magic'] = $config['voucher'][$cpzone]['magic']; +$pconfig['publickey'] = base64_decode($config['voucher'][$cpzone]['publickey']); +$pconfig['privatekey'] = base64_decode($config['voucher'][$cpzone]['privatekey']); +$pconfig['msgnoaccess'] = $config['voucher'][$cpzone]['msgnoaccess']; +$pconfig['msgexpired'] = $config['voucher'][$cpzone]['msgexpired']; +$pconfig['vouchersyncdbip'] = $config['voucher'][$cpzone]['vouchersyncdbip']; +$pconfig['vouchersyncport'] = $config['voucher'][$cpzone]['vouchersyncport']; +$pconfig['vouchersyncpass'] = $config['voucher'][$cpzone]['vouchersyncpass']; +$pconfig['vouchersyncusername'] = $config['voucher'][$cpzone]['vouchersyncusername']; if ($_POST) { @@ -206,52 +220,54 @@ if ($_POST) { } if (!$input_errors) { + $newvoucher = array(); if ($_POST['enable'] == "yes") - $config['voucher']['enable'] = true; + $newvoucher['enable'] = true; else - unset($config['voucher']['enable']); + unset($newvoucher['enable']); if (empty($_POST['vouchersyncusername'])) { - $config['voucher']['charset'] = $_POST['charset']; - $config['voucher']['rollbits'] = $_POST['rollbits']; - $config['voucher']['ticketbits'] = $_POST['ticketbits']; - $config['voucher']['checksumbits'] = $_POST['checksumbits']; - $config['voucher']['magic'] = $_POST['magic']; - $config['voucher']['publickey'] = base64_encode($_POST['publickey']); - $config['voucher']['privatekey'] = base64_encode($_POST['privatekey']); - $config['voucher']['msgnoaccess'] = $_POST['msgnoaccess']; - $config['voucher']['msgexpired'] = $_POST['msgexpired']; + $newvoucher['charset'] = $_POST['charset']; + $newvoucher['rollbits'] = $_POST['rollbits']; + $newvoucher['ticketbits'] = $_POST['ticketbits']; + $newvoucher['checksumbits'] = $_POST['checksumbits']; + $newvoucher['magic'] = $_POST['magic']; + $newvoucher['publickey'] = base64_encode($_POST['publickey']); + $newvoucher['privatekey'] = base64_encode($_POST['privatekey']); + $newvoucher['msgnoaccess'] = $_POST['msgnoaccess']; + $newvoucher['msgexpired'] = $_POST['msgexpired']; + $config['voucher'][$cpzone] = $newvoucher; write_config(); - voucher_configure(); + voucher_configure_zone(); } else { - $config['voucher']['vouchersyncdbip'] = $_POST['vouchersyncdbip']; - $config['voucher']['vouchersyncport'] = $_POST['vouchersyncport']; - $config['voucher']['vouchersyncusername'] = $_POST['vouchersyncusername']; - $config['voucher']['vouchersyncpass'] = $_POST['vouchersyncpass']; - if($config['voucher']['vouchersyncpass'] && $config['voucher']['vouchersyncusername'] && - $config['voucher']['vouchersyncport'] && $config['voucher']['vouchersyncdbip']) { + $newvoucher['vouchersyncdbip'] = $_POST['vouchersyncdbip']; + $newvoucher['vouchersyncport'] = $_POST['vouchersyncport']; + $newvoucher['vouchersyncusername'] = $_POST['vouchersyncusername']; + $newvoucher['vouchersyncpass'] = $_POST['vouchersyncpass']; + if($newvoucher['vouchersyncpass'] && $newvoucher['vouchersyncusername'] && + $newvoucher['vouchersyncport'] && $newvoucher['vouchersyncdbip']) { // Synchronize the voucher DB from the master node require_once("xmlrpc.inc"); - if($config['voucher']['vouchersyncport'] == "443") - $url = "https://{$config['voucher']['vouchersyncdbip']}"; + if($newvoucher['vouchersyncport'] == "443") + $url = "https://{$newvoucher['vouchersyncdbip']}"; else - $url = "http://{$config['voucher']['vouchersyncdbip']}"; + $url = "http://{$newvoucher['vouchersyncdbip']}"; $execcmd = <<<EOF - \$toreturn['voucher'] = \$config['voucher']; + \$toreturn['voucher'] = \$config['voucher'][$cpzone]; unset(\$toreturn['vouchersyncport'], \$toreturn['vouchersyncpass'], \$toreturn['vouchersyncusername'], \$toreturn['vouchersyncdbip']); EOF; /* assemble xmlrpc payload */ $params = array( - XML_RPC_encode($config['voucher']['vouchersyncpass']), + XML_RPC_encode($newvoucher['vouchersyncpass']), XML_RPC_encode($execcmd) ); - $port = $config['voucher']['vouchersyncport']; + $port = $newvoucher['vouchersyncport']; log_error("voucher XMLRPC sync data {$url}:{$port}."); $msg = new XML_RPC_Message('pfsense.exec_php', $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); - $cli->setCredentials($config['voucher']['vouchersyncusername'], $config['voucher']['vouchersyncpass']); + $cli->setCredentials($newvoucher['vouchersyncusername'], $newvoucher['vouchersyncpass']); $resp = $cli->send($msg, "250"); if(!is_object($resp)) { $error = "A communications error occurred while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; @@ -276,37 +292,37 @@ EOF; } else { // If we received back the voucher roll and other information then store it. if($toreturn['voucher']['roll']) - $config['voucher']['roll'] = $toreturn['voucher']['roll']; + $config['voucher'][$cpzone]['roll'] = $toreturn['voucher']['roll']; if($toreturn['voucher']['rollbits']) - $config['voucher']['rollbits'] = $toreturn['voucher']['rollbits']; + $config['voucher'][$cpzone]['rollbits'] = $toreturn['voucher']['rollbits']; if($toreturn['voucher']['ticketbits']) - $config['voucher']['ticketbits'] = $toreturn['voucher']['ticketbits']; + $config['voucher'][$cpzone]['ticketbits'] = $toreturn['voucher']['ticketbits']; if($toreturn['voucher']['checksumbits']) - $config['voucher']['checksumbits'] = $toreturn['voucher']['checksumbits']; + $config['voucher'][$cpzone]['checksumbits'] = $toreturn['voucher']['checksumbits']; if($toreturn['voucher']['magic']) - $config['voucher']['magic'] = $toreturn['voucher']['magic']; + $config['voucher'][$cpzone]['magic'] = $toreturn['voucher']['magic']; if($toreturn['voucher']['publickey']) - $config['voucher']['publickey'] = $toreturn['voucher']['publickey']; + $config['voucher'][$cpzone]['publickey'] = $toreturn['voucher']['publickey']; if($toreturn['voucher']['privatekey']) - $config['voucher']['privatekey'] = $toreturn['voucher']['privatekey']; + $config['voucher'][$cpzone]['privatekey'] = $toreturn['voucher']['privatekey']; if($toreturn['voucher']['msgnoaccess']) - $config['voucher']['msgnoaccess'] = $toreturn['voucher']['msgnoaccess']; + $config['voucher'][$cpzone]['msgnoaccess'] = $toreturn['voucher']['msgnoaccess']; if($toreturn['voucher']['msgexpired']) - $config['voucher']['msgexpired'] = $toreturn['voucher']['msgexpired']; + $config['voucher'][$cpzone]['msgexpired'] = $toreturn['voucher']['msgexpired']; if($toreturn['voucher']['msgnoaccess']) - $config['voucher']['msgnoaccess'] = $toreturn['voucher']['msgnoaccess']; - $savemsg = sprintf(gettext("Voucher database has been synchronized from %1\$s:%2\$s"),$url,$port); + $config['voucher'][$cpzone]['msgnoaccess'] = $toreturn['voucher']['msgnoaccess']; + $savemsg = gettext("Voucher database has been synchronized from {$url}:{$port}"); write_config(); - voucher_configure(true); + voucher_configure_zone(true); } } } } - if($savemsg && isset($config['voucher']['enable']) && !isset($config['captiveportal']['enable'])) - $savemsg .= "<br/>"; - if (isset($config['voucher']['enable']) && !isset($config['captiveportal']['enable'])) - $savemsg .= gettext("Don't forget to configure and enable Captive Portal."); + if (!$input_errors) { + header("Location: services_captiveportal_vouchers.php?zone={$cpzone}"); + exit; + } } } include("head.inc"); @@ -384,12 +400,12 @@ function enable_change(enable_change) { <ul id="tabnav"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); - $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); - $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php"); - $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); - $tab_array[] = array(gettext("Vouchers"), true, "services_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); + $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Vouchers"), true, "services_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php?zone={$cpzone}"); display_top_tabs($tab_array, true); ?> </ul> @@ -439,9 +455,9 @@ function enable_change(enable_change) { <td valign="middle" nowrap class="list"> <div id='addeditdelete<?=$i?>'> <?php if ($pconfig['enable']): ?> - <a href="services_captiveportal_vouchers_edit.php?id=<?=$i; ?>"><img src="/themes/<?=$g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit voucher"); ?>" width="17" height="17" border="0" alt="<?=gettext("edit voucher"); ?>"></a> - <a href="services_captiveportal_vouchers.php?act=del&id=<?=$i; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this voucher? This makes all vouchers from this roll invalid"); ?>')"><img src="/themes/<?=$g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete vouchers"); ?>" width="17" height="17" border="0" alt="<?=gettext("delete vouchers"); ?>"></a> - <a href="services_captiveportal_vouchers.php?act=csv&id=<?=$i; ?>"><img src="/themes/<?=$g['theme']; ?>/images/icons/icon_log_s.gif" title="<?=gettext("generate vouchers for this roll to CSV file"); ?>" width="11" height="15" border="0" alt="<?=gettext("generate vouchers for this roll to CSV file"); ?>"></a> + <a href="services_captiveportal_vouchers_edit.php?zone=<?=$cpzone;?>&id=<?=$i; ?>"><img src="/themes/<?=$g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit voucher"); ?>" width="17" height="17" border="0" alt="<?=gettext("edit voucher"); ?>"></a> + <a href="services_captiveportal_vouchers.php?zone=<?=$cpzone;?>&act=del&id=<?=$i; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this voucher? This makes all vouchers from this roll invalid"); ?>')"><img src="/themes/<?=$g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete vouchers"); ?>" width="17" height="17" border="0" alt="<?=gettext("delete vouchers"); ?>"></a> + <a href="services_captiveportal_vouchers.php?zone=<?=$cpzone;?>&act=csv&id=<?=$i; ?>"><img src="/themes/<?=$g['theme']; ?>/images/icons/icon_log_s.gif" title="<?=gettext("generate vouchers for this roll to CSV file"); ?>" width="11" height="15" border="0" alt="<?=gettext("generate vouchers for this roll to CSV file"); ?>"></a> <?php endif;?> </div> </td> @@ -451,7 +467,7 @@ function enable_change(enable_change) { <td class="list" colspan="4"></td> <?php if ($pconfig['enable']) - echo "<td class=\"list\"><div id='addnewroll'> <a href=\"services_captiveportal_vouchers_edit.php\"><img src=\"/themes/{$g['theme']}/images/icons/icon_plus.gif\" title=\"" . gettext("add voucher") . "\" width=\"17\" height=\"17\" border=\"0\" alt=\"" . gettext("add voucher") . "\"></a></div></td>"; + echo "<td class=\"list\"><div id='addnewroll'> <a href=\"services_captiveportal_vouchers_edit.php?zone={$cpzone}\"><img src=\"/themes/{$g['theme']}/images/icons/icon_plus.gif\" title=\"" . gettext("add voucher") . "\" width=\"17\" height=\"17\" border=\"0\" alt=\"" . gettext("add voucher") . "\"></a></div></td>"; ?> </tr> </table> @@ -577,6 +593,7 @@ function enable_change(enable_change) { <tr> <td width="22%" valign="top"> </td> <td width="78%"> + <input type="hidden" name="zone" id="zone" value="<?=$cpzone;?>" /> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onClick="enable_change(true); before_save();"> <input type="button" class="formbtn" value="<?=gettext("Cancel"); ?>" onclick="history.back()"> </td> diff --git a/usr/local/www/services_captiveportal_vouchers_edit.php b/usr/local/www/services_captiveportal_vouchers_edit.php index 94724a9..97e03dd 100644 --- a/usr/local/www/services_captiveportal_vouchers_edit.php +++ b/usr/local/www/services_captiveportal_vouchers_edit.php @@ -47,28 +47,42 @@ require_once("voucher.inc"); $pgtitle = array(gettext("Services"), gettext("Captive portal"), gettext("Edit Voucher Rolls")); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; + +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; + if (!is_array($config['voucher'])) { $config['voucher'] = array(); } -if (!is_array($config['voucher']['roll'])) { - $config['voucher']['roll'] = array(); +if (!is_array($config['voucher'][$cpzone]['roll'])) { + $config['voucher'][$cpzone]['roll'] = array(); } -$a_roll = &$config['voucher']['roll']; +$a_roll = &$config['voucher'][$cpzone]['roll']; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; if (isset($id) && $a_roll[$id]) { + $pconfig['zone'] = $a_roll[$id]['zone']; $pconfig['number'] = $a_roll[$id]['number']; $pconfig['count'] = $a_roll[$id]['count']; $pconfig['minutes'] = $a_roll[$id]['minutes']; $pconfig['comment'] = $a_roll[$id]['comment']; } -$maxnumber = (1<<$config['voucher']['rollbits']) -1; // Highest Roll# -$maxcount = (1<<$config['voucher']['ticketbits']) -1; // Highest Ticket# +$maxnumber = (1<<$config['voucher'][$cpzone]['rollbits']) -1; // Highest Roll# +$maxcount = (1<<$config['voucher'][$cpzone]['ticketbits']) -1; // Highest Ticket# if ($_POST) { @@ -103,12 +117,13 @@ if ($_POST) { if (isset($id) && $a_roll[$id]) $rollent = $a_roll[$id]; + $rollent['zone'] = $_POST['zone']; $rollent['number'] = $_POST['number']; $rollent['minutes'] = $_POST['minutes']; $rollent['comment'] = $_POST['comment']; /* New Roll or modified voucher count: create bitmask */ - $voucherlck = lock('voucher'); + $voucherlck = lock("voucher{$cpzone}"); if ($_POST['count'] != $rollent['count']) { $rollent['count'] = $_POST['count']; $len = ($rollent['count']>>3) + 1; // count / 8 +1 @@ -142,7 +157,7 @@ if ($_POST) { write_config(); - header("Location: services_captiveportal_vouchers.php"); + header("Location: services_captiveportal_vouchers.php?zone={$cpzone}"); exit; } } @@ -190,6 +205,7 @@ include("head.inc"); <td width="22%" valign="top"> </td> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> + <input name="zone" type="hidden" value="<?=htmlspecialchars($cpzone);?>"> <?php if (isset($id) && $a_roll[$id]): ?> <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> <?php endif; ?> diff --git a/usr/local/www/services_captiveportal_zones.php b/usr/local/www/services_captiveportal_zones.php new file mode 100644 index 0000000..735cd20 --- /dev/null +++ b/usr/local/www/services_captiveportal_zones.php @@ -0,0 +1,113 @@ +<?php +/* + LICENSE +*/ + +##|+PRIV +##|*IDENT=page-services-captiveportalserver-zones +##|*NAME=Services: Captiveprotal Zones page +##|*DESCR=Allow access to the 'Services: CaptivePortal Zones' page. +##|*MATCH=services_captiveportal_zones.php* +##|-PRIV + +require("guiconfig.inc"); +require("functions.inc"); +require("filter.inc"); +require("shaper.inc"); +require("captiveportal.inc"); + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp = &$config['captiveportal']; + +if ($_GET['act'] == "del" && !empty($_GET['zone'])) { + $cpzone = $_GET['zone']; + if ($a_cp[$cpzone]) { + unset($a_cp[$cpzone]['enable']); + captiveportal_configure_zone($a_cp[$cpzone]); + unset($a_cp[$cpzone]); + if (isset($config['voucher'][$cpzone])) + unset($config['voucher'][$cpzone]); + write_config(); + header("Location: services_captiveportal_zones.php"); + exit; + } +} + +$pgtitle = array(gettext("Captiveportal"),gettext("Zones")); +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<form action="services_captiveportal_zones.php" method="post"> +<?php if ($savemsg) print_info_box($savemsg); ?> +<?php if (is_subsystem_dirty('captiveportal')): ?><p> +<?php print_info_box_np(gettext("The CaptivePortal entry list has been changed") . ".<br>" . gettext("You must apply the changes in order for them to take effect."));?> +<?php endif; ?> + +<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> +<tr> + <td width="15%" class="listhdrr"><?=gettext("Zone");?></td> + <td width="30%" class="listhdrr"><?=gettext("Interfaces");?></td> + <td width="10%" class="listhdrr"><?=gettext("Number of users");?></td> + <td width="40%" class="listhdrr"><?=gettext("Description");?></td> + <td width="5%" class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle" width="17"> </td> + <td valign="middle"><a href="services_captiveportal_zones_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new captiveportal instance");?>"></a></td> + </tr> + </table> + </td> +</tr> + <?php foreach ($a_cp as $cpzone => $cpitem): + if (!is_array($cpitem)) + continue; + ?> +<tr> + <td class="listlr" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> + <?=htmlspecialchars($cpitem['zone']);?> + </td> + <td class="listlr" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> + <?php $cpifaces = explode(",", $cpitem['interface']); + foreach ($cpifaces as $cpiface) + echo convert_friendly_interface_to_friendly_descr($cpiface) . " "; + ?> + </td> + <td class="listr" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> + <?=count(captiveportal_read_db());?> + </td> + <td class="listbg" ondblclick="document.location='services_captiveportal.php?zone=<?=$cpzone;?>';"> + <?=htmlspecialchars($cpitem['descr']);?> + </td> + <td valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="services_captiveportal.php?zone=<?=$cpzone?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("edit captiveportal instance"); ?>"></a></td> + <td><a href="services_captiveportal_zones.php?act=del&zone=<?=$cpzone;?>" onclick="return confirm('<?=gettext("Do you really want to delete this entry?");?>')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete captiveportal instance");?>"></a></td> + </tr> + </table> + </td> +</tr> + <?php endforeach; ?> +<tr> + <td class="list" colspan="4"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle" width="17"> </td> + <td valign="middle"><a href="services_captiveportal_zones_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new captiveportal instance");?>"></a></td> + </td> + </tr> + </table> + </td> +</tr> +</table> +</tr> +</table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/services_captiveportal_zones_edit.php b/usr/local/www/services_captiveportal_zones_edit.php new file mode 100644 index 0000000..169a761 --- /dev/null +++ b/usr/local/www/services_captiveportal_zones_edit.php @@ -0,0 +1,117 @@ +<?php +/* + services_captiveportal_mac_edit.php + Copyright (C) 2011 Ermal Luci + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: captiveportal +*/ + +##|+PRIV +##|*IDENT=page-services-captiveportal-editzones +##|*NAME=Services: Captive portal: Edit Zones page +##|*DESCR=Allow access to the 'Services: Captive portal: Edit Zones' page. +##|*MATCH=services_captiveportal_zones_edit.php* +##|-PRIV + +$statusurl = "status_captiveportal_zones_edit.php"; +$logurl = "diag_logs_auth.php"; + +require("guiconfig.inc"); +require("functions.inc"); +require("filter.inc"); +require("shaper.inc"); +require("captiveportal.inc"); + +$pgtitle = array(gettext("Services"),gettext("Captive portal"),gettext("Edit Zones")); + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; + +if ($_POST) { + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "zone"); + $reqdfieldsn = array(gettext("Zone name")); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + foreach ($a_cp as $cpkey => $cpent) { + if ($cpent['zone'] == $_POST['zone']){ + $input_errors[] = sprintf("[%s] %s.", $_POST['zone'], gettext("already exists")); + break; + } + } + + if (!$input_errors) { + $cpzone = strtolower($_POST['zone']); + $a_cp[$cpzone] = array(); + $a_cp[$cpzone]['zone'] = str_replace(" ", "", $_POST['zone']); + $a_cp[$cpzone]['descr'] = $_POST['descr']; + write_config(); + + header("Location: services_captiveportal.php?zone={$cpzone}"); + exit; + } +} +include("head.inc"); +?> +<?php include("fbegin.inc"); ?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php if ($input_errors) print_input_errors($input_errors); ?> + <form action="services_captiveportal_zones_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Captiveportal Zones");?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Zone name"); ?></td> + <td width="78%" class="vtable"> + <input name="zone" type="text" class="formfld unknown" id="zone" size="64"> + <br> + <span class="vexpl"><?=gettext("Zone name. Cannot contain spaces."); ?></span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" > + <br> <span class="vexpl"><?=gettext("You may enter a description here " . + "for your reference (not parsed)"); ?>.</span></td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Continue"); ?>"> + </td> + </tr> + </table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/status_captiveportal.php b/usr/local/www/status_captiveportal.php index 41787f3..fac8145 100755 --- a/usr/local/www/status_captiveportal.php +++ b/usr/local/www/status_captiveportal.php @@ -45,28 +45,21 @@ require("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); -if ($_GET['act'] == "del") { +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; + +if ($_GET['act'] == "del" && !empty($cpzone)) { captiveportal_disconnect_client($_GET['id']); - Header("Location: status_captiveportal.php"); + Header("Location: status_captiveportal.php?zone={$cpzone}"); exit; } -function clientcmp($a, $b) { - global $order; - return strcmp($a[$order], $b[$order]); -} - -$cpdb = array(); -if (file_exists("{$g['vardb_path']}/captiveportal.db")) { - $captiveportallck = lock('captiveportaldb'); - $cpcontents = file("/var/db/captiveportal.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); - unlock($captiveportallck); -} else - $cpcontents = array(); +$pgtitle = array(gettext("Status: Captive portal")); -$concurrent = count($cpcontents); - -$pgtitle = array(gettext("Status: Captive portal ({$concurrent})")); +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; include("head.inc"); @@ -79,39 +72,56 @@ include("head.inc"); flush(); -foreach ($cpcontents as $cpcontent) { - $cpent = explode(",", $cpcontent); - $sessionid = $cpent[5]; - if ($_GET['showact']) - $cpent[5] = captiveportal_get_last_activity($cpent[2]); - $cpdb[$sessionid] = $cpent; +function clientcmp($a, $b) { + global $order; + return strcmp($a[$order], $b[$order]); } -if ($_GET['order']) { - if ($_GET['order'] == "ip") - $order = 2; - else if ($_GET['order'] == "mac") - $order = 3; - else if ($_GET['order'] == "user") - $order = 4; - else if ($_GET['order'] == "lastact") - $order = 5; - else - $order = 0; - usort($cpdb, "clientcmp"); + +if (!empty($cpzone)) { + $cpdb = array(); + if (file_exists("{$g['vardb_path']}/captiveportal_{$cpzone}.db")) { + $captiveportallck = lock('captiveportaldb{$cpzone}'); + $cpcontents = file("/var/db/captiveportal_{$cpzone}.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); + unlock($captiveportallck); + } else + $cpcontents = array(); + + $concurrent = count($cpcontents); + + foreach ($cpcontents as $cpcontent) { + $cpent = explode(",", $cpcontent); + $sessionid = $cpent[5]; + if ($_GET['showact']) + $cpent[5] = captiveportal_get_last_activity($cpent[2]); + $cpdb[$sessionid] = $cpent; + } + if ($_GET['order']) { + if ($_GET['order'] == "ip") + $order = 2; + else if ($_GET['order'] == "mac") + $order = 3; + else if ($_GET['order'] == "user") + $order = 4; + else if ($_GET['order'] == "lastact") + $order = 5; + else + $order = 0; + usort($cpdb, "clientcmp"); + } } ?> -<?php if (isset($config['voucher']['enable'])): ?> +<?php if (!empty($cpzone) && isset($config['voucher'][$cpzone]['enable'])): ?> <form action="status_captiveportal.php" method="post" enctype="multipart/form-data" name="iform" id="iform"> <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="tab pane"> <tr><td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Active Users"), true, "status_captiveportal.php"); - $tab_array[] = array(gettext("Active Vouchers"), false, "status_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("Voucher Rolls"), false, "status_captiveportal_voucher_rolls.php"); - $tab_array[] = array(gettext("Test Vouchers"), false, "status_captiveportal_test.php"); + $tab_array[] = array(gettext("Active Users"), true, "status_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Active Vouchers"), false, "status_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Voucher Rolls"), false, "status_captiveportal_voucher_rolls.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Test Vouchers"), false, "status_captiveportal_test.php?zone={$cpzone}"); display_top_tabs($tab_array); ?> </td></tr> @@ -121,6 +131,32 @@ if ($_GET['order']) { <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> + <td width="20%" class="vncell" valign="top"> + <br/><?=gettext("Captive Portal Zone"); ?><br/<br/> + </td> + <td "class="vncell" width="30%" align="center"> + <form action="status_captiveportal.php" method="post" enctype="multipart/form-data" name="form1" id="form1"> + <select name="zone" class="formselect" onchange="document.form1.submit()"> + echo "<option value="">none</option>\n"; + <?php foreach ($a_cp as $cpkey => $cp) { + echo "<option value='{$cpkey}' "; + if ($cpzone == $cpkey) + echo "selected"; + echo ">" . htmlspecialchars($cp['zone']) . "</option>\n"; + } + ?> + </select> + <br/> + </form> + </td> + <td colspan="3" width="50%"></td> + </tr> + <tr><td colspan="5"><br/></tr> +<?php if (!empty($cpzone)): ?> + <tr> + <td colspan="5" valign="top" class="listtopic"><?=gettext("Captiveportal status");?></td> + </tr> + <tr> <td class="listhdrr"><a href="?order=ip&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("IP address");?></a></td> <td class="listhdrr"><a href="?order=mac&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("MAC address");?></a></td> <td class="listhdrr"><a href="?order=user&showact=<?=htmlspecialchars($_GET['showact']);?>"><?=gettext("Username");?></a></td> @@ -142,12 +178,12 @@ if ($_GET['order']) { <td class="listr"><?php if ($cpent[5]) echo htmlspecialchars(date("m/d/Y H:i:s", $cpent[5]));?></td> <?php endif; ?> <td valign="middle" class="list" nowrap> - <a href="?order=<?=$_GET['order'];?>&showact=<?=htmlspecialchars($_GET['showact']);?>&act=del&id=<?=$sid;?>" onclick="return confirm('<?=gettext("Do you really want to disconnect this client?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("Disconnect");?>"></a></td> + <a href="?zone=<?=$cpzone;?>&order=<?=$_GET['order'];?>&showact=<?=htmlspecialchars($_GET['showact']);?>&act=del&id=<?=$sid;?>" onclick="return confirm('<?=gettext("Do you really want to disconnect this client?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("Disconnect");?>"></a></td> </tr> -<?php endforeach; ?> +<?php endforeach; endif; ?> </table> -<?php if (isset($config['voucher']['enable'])): ?> +<?php if (!empty($cpzone) && isset($config['voucher'][$cpzone]['enable'])): ?> </td> </tr> </table> @@ -156,6 +192,7 @@ if ($_GET['order']) { <form action="status_captiveportal.php" method="get" style="margin: 14px;"> <input type="hidden" name="order" value="<?=$_GET['order'];?>" /> +<?php if (!empty($cpzone)): ?> <?php if ($_GET['showact']): ?> <input type="hidden" name="showact" value="0" /> <input type="submit" class="formbtn" value="<?=gettext("Don't show last activity");?>" /> @@ -163,6 +200,8 @@ if ($_GET['order']) { <input type="hidden" name="showact" value="1" /> <input type="submit" class="formbtn" value="<?=gettext("Show last activity");?>" /> <?php endif; ?> +<input type="hidden" name="zone" value="<?=$cpzone;?>" /> +<?php endif; ?> </form> <?php include("fend.inc"); ?> diff --git a/usr/local/www/status_captiveportal_test.php b/usr/local/www/status_captiveportal_test.php index 576a019..514fa21 100644 --- a/usr/local/www/status_captiveportal_test.php +++ b/usr/local/www/status_captiveportal_test.php @@ -42,10 +42,24 @@ require("shaper.inc"); require("captiveportal.inc"); require_once("voucher.inc"); -$pgtitle = array(gettext("Status"), gettext("Captive portal"), gettext("Test Vouchers")); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; + +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; + +$pgtitle = array(gettext("Status"), gettext("Captive portal"), gettext("Test Vouchers"), $a_cp[$cpzone]['zone']); include("head.inc"); include("fbegin.inc"); + ?> <form action="status_captiveportal_test.php" method="post" enctype="multipart/form-data" name="iform" id="iform"> @@ -53,10 +67,10 @@ include("fbegin.inc"); <tr><td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Active Users"), false, "status_captiveportal.php"); - $tab_array[] = array(gettext("Active Vouchers"), false, "status_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("Voucher Rolls"), false, "status_captiveportal_voucher_rolls.php"); - $tab_array[] = array(gettext("Test Vouchers"), true, "status_captiveportal_test.php"); + $tab_array[] = array(gettext("Active Users"), false, "status_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Active Vouchers"), false, "status_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Voucher Rolls"), false, "status_captiveportal_voucher_rolls.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Test Vouchers"), true, "status_captiveportal_test.php?zone={$cpzone}"); display_top_tabs($tab_array); ?> </td></tr> @@ -74,6 +88,7 @@ include("fbegin.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> + <input name="zone" type="hidden" value="<?=$cpzone;?>"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Submit"); ?>"> </td> </tr> diff --git a/usr/local/www/status_captiveportal_voucher_rolls.php b/usr/local/www/status_captiveportal_voucher_rolls.php index 3276c7b..f066fd7 100644 --- a/usr/local/www/status_captiveportal_voucher_rolls.php +++ b/usr/local/www/status_captiveportal_voucher_rolls.php @@ -41,12 +41,25 @@ require("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); require_once("voucher.inc"); -$pgtitle = array(gettext("Status"), gettext("Captive portal"), gettext("Voucher Rolls")); -if (!is_array($config['voucher']['roll'])) { - $config['voucher']['roll'] = array(); +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; + +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; +$pgtitle = array(gettext("Status"), gettext("Captive portal"), gettext("Voucher Rolls"), $a_cp[$cpzone]['zone']); + +if (!is_array($config['voucher'][$cpzone]['roll'])) { + $config['voucher'][$cpzone]['roll'] = array(); } -$a_roll = &$config['voucher']['roll']; +$a_roll = &$config['voucher'][$cpzone]['roll']; include("head.inc"); include("fbegin.inc"); @@ -57,10 +70,10 @@ include("fbegin.inc"); <tr><td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Active Users"), false, "status_captiveportal.php"); - $tab_array[] = array(gettext("Active Vouchers"), false, "status_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("Voucher Rolls"), true, "status_captiveportal_voucher_rolls.php"); - $tab_array[] = array(gettext("Test Vouchers"), false, "status_captiveportal_test.php"); + $tab_array[] = array(gettext("Active Users"), false, "status_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Active Vouchers"), false, "status_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Voucher Rolls"), true, "status_captiveportal_voucher_rolls.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Test Vouchers"), false, "status_captiveportal_test.php?zone={$cpzone}"); display_top_tabs($tab_array); ?> </td></tr> @@ -78,7 +91,7 @@ include("fbegin.inc"); <td class="listhdr"><?=gettext("ready"); ?></td> </tr> <?php - $voucherlck = lock('voucher'); + $voucherlck = lock("vouche{$cpzone}r"); $i = 0; foreach($a_roll as $rollent): $used = voucher_used_count($rollent['number']); $active = count(voucher_read_active_db($rollent['number']),$rollent['minutes']); diff --git a/usr/local/www/status_captiveportal_vouchers.php b/usr/local/www/status_captiveportal_vouchers.php index 4d3afd8..05d534e 100644 --- a/usr/local/www/status_captiveportal_vouchers.php +++ b/usr/local/www/status_captiveportal_vouchers.php @@ -41,24 +41,37 @@ require("filter.inc"); require("shaper.inc"); require("captiveportal.inc"); require_once("voucher.inc"); -$pgtitle = array(gettext("Status"), gettext("Captive portal"), gettext("Vouchers")); + +$cpzone = $_GET['zone']; +if (isset($_POST['zone'])) + $cpzone = $_POST['zone']; + +if (empty($cpzone)) { + header("Location: services_captiveportal_zones.php"); + exit; +} + +if (!is_array($config['captiveportal'])) + $config['captiveportal'] = array(); +$a_cp =& $config['captiveportal']; +$pgtitle = array(gettext("Status"), gettext("Captive portal"), gettext("Vouchers"), $a_cp[$cpzone]['zone']); function clientcmp($a, $b) { global $order; return strcmp($a[$order], $b[$order]); } -if (!is_array($config['voucher']['roll'])) { - $config['voucher']['roll'] = array(); +if (!is_array($config['voucher'][$cpzone]['roll'])) { + $config['voucher'][$cpzone]['roll'] = array(); } -$a_roll = $config['voucher']['roll']; +$a_roll = $config['voucher'][$cpzone]['roll']; $db = array(); foreach($a_roll as $rollent) { $roll = $rollent['number']; $minutes = $rollent['minutes']; - $active_vouchers = file("{$g['vardb_path']}/voucher_active_$roll.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); + $active_vouchers = file("{$g['vardb_path']}/voucher_{$cpzone}_active_$roll.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); foreach($active_vouchers as $voucher => $line) { list($voucher,$timestamp, $minutes) = explode(",", $line); $remaining = (($timestamp + 60*$minutes) - time()); @@ -87,10 +100,10 @@ include("fbegin.inc"); <tr><td class="tabnavtbl"> <?php $tab_array = array(); - $tab_array[] = array(gettext("Active Users"), false, "status_captiveportal.php"); - $tab_array[] = array(gettext("Active Vouchers"), true, "status_captiveportal_vouchers.php"); - $tab_array[] = array(gettext("Voucher Rolls"), false, "status_captiveportal_voucher_rolls.php"); - $tab_array[] = array(gettext("Test Vouchers"), false, "status_captiveportal_test.php"); + $tab_array[] = array(gettext("Active Users"), false, "status_captiveportal.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Active Vouchers"), true, "status_captiveportal_vouchers.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Voucher Rolls"), false, "status_captiveportal_voucher_rolls.php?zone={$cpzone}"); + $tab_array[] = array(gettext("Test Vouchers"), false, "status_captiveportal_test.php?zone={$cpzone}"); display_top_tabs($tab_array); ?> </td></tr> |