diff options
| author | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-06-28 16:55:51 -0300 |
|---|---|---|
| committer | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-06-28 16:55:51 -0300 |
| commit | 4842755397c92f1c16b50b16e01b28768f8b43c1 (patch) | |
| tree | 97f0dbf4361974041eccfd6bbf50d5c44836942d | |
| parent | f0b17f3f7226f819c94dfab4c9abc0f3e4962152 (diff) | |
| parent | 84924e76c44950387e387af7927f63d5822dfda4 (diff) | |
| download | pfsense-4842755397c92f1c16b50b16e01b28768f8b43c1.zip pfsense-4842755397c92f1c16b50b16e01b28768f8b43c1.tar.gz | |
Merge remote-tracking branch 'mainline/master' into inc
147 files changed, 565 insertions, 309 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 9d27da8..a7ec270 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -193,9 +193,11 @@ function & getUserEntry($name) { function & getUserEntryByUID($uid) { global $debug, $config; - foreach ($config['system']['user'] as & $user) - if ($user['uid'] == $uid) - return $user; + + if (is_array($config['system']['user'])) + foreach ($config['system']['user'] as & $user) + if ($user['uid'] == $uid) + return $user; return false; } @@ -208,9 +210,11 @@ function & getGroupEntry($name) { function & getGroupEntryByGID($gid) { global $debug, $config; - foreach ($config['system']['group'] as & $group) - if ($group['gid'] == $gid) - return $group; + + if (is_array($config['system']['group'])) + foreach ($config['system']['group'] as & $group) + if ($group['gid'] == $gid) + return $group; return false; } diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index 3595f45..3f655b1 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -167,16 +167,62 @@ function ca_create(& $ca, $keylen, $lifetime, $dn) { // generate a new key pair $res_key = openssl_pkey_new($args); + if (!$res_key) return false; // generate a certificate signing request $res_csr = openssl_csr_new($dn, $res_key, $args); + if (!$res_csr) return false; // self sign the certificate $res_crt = openssl_csr_sign($res_csr, null, $res_key, $lifetime, $args); + if (!$res_crt) return false; // export our certificate data - openssl_pkey_export($res_key, $str_key); - openssl_x509_export($res_crt, $str_crt); + if (!openssl_pkey_export($res_key, $str_key) || + !openssl_x509_export($res_crt, $str_crt)) + return false; + + // return our ca information + $ca['crt'] = base64_encode($str_crt); + $ca['prv'] = base64_encode($str_key); + $ca['serial'] = 0; + + return true; +} + +function ca_inter_create(& $ca, $keylen, $lifetime, $dn, $caref) { + // Create Intermediate Certificate Authority + $signing_ca =& lookup_ca($caref); + if (!$signing_ca) + return false; + + $signing_ca_res_crt = openssl_x509_read(base64_decode($signing_ca['crt'])); + $signing_ca_res_key = openssl_pkey_get_private(array(0 => base64_decode($signing_ca['prv']) , 1 => "")); + if (!$signing_ca_res_crt || !$signing_ca_res_key) return false; + $signing_ca_serial = ++$signing_ca['serial']; + + $args = array( + "digest_alg" => "sha1", + "private_key_bits" => (int)$keylen, + "private_key_type" => OPENSSL_KEYTYPE_RSA, + "encrypt_key" => false); + + // generate a new key pair + $res_key = openssl_pkey_new($args); + if (!$res_key) return false; + + // generate a certificate signing request + $res_csr = openssl_csr_new($dn, $res_key, $args); + if (!$res_csr) return false; + + // Sign the certificate + $res_crt = openssl_csr_sign($res_csr, $signing_ca_res_crt, $signing_ca_res_key, $lifetime, $args, $signing_ca_serial); + if (!$res_crt) return false; + + // export our certificate data + if (!openssl_pkey_export($res_key, $str_key) || + !openssl_x509_export($res_crt, $str_crt)) + return false; // return our ca information $ca['crt'] = base64_encode($str_crt); @@ -213,6 +259,7 @@ function cert_create(& $cert, $caref, $keylen, $lifetime, $dn) { $ca_str_key = base64_decode($ca['prv']); $ca_res_crt = openssl_x509_read($ca_str_crt); $ca_res_key = openssl_pkey_get_private(array(0 => $ca_str_key, 1 => "")); + if(!$ca_res_key) return false; $ca_serial = ++$ca['serial']; $args = array( @@ -223,17 +270,21 @@ function cert_create(& $cert, $caref, $keylen, $lifetime, $dn) { // generate a new key pair $res_key = openssl_pkey_new($args); + if(!$res_key) return false; // generate a certificate signing request $res_csr = openssl_csr_new($dn, $res_key, $args); + if(!$res_csr) return false; // self sign the certificate $res_crt = openssl_csr_sign($res_csr, $ca_res_crt, $ca_res_key, $lifetime, $args, $ca_serial); + if(!$res_crt) return false; // export our certificate data - openssl_pkey_export($res_key, $str_key); - openssl_x509_export($res_crt, $str_crt); + if (!openssl_pkey_export($res_key, $str_key) || + !openssl_x509_export($res_crt, $str_crt)) + return false; // return our certificate information $cert['caref'] = $caref; @@ -253,13 +304,16 @@ function csr_generate(& $cert, $keylen, $dn) { // generate a new key pair $res_key = openssl_pkey_new($args); + if(!$res_key) return false; // generate a certificate signing request $res_csr = openssl_csr_new($dn, $res_key, $args); + if(!$res_csr) return false; // export our request data - openssl_pkey_export($res_key, $str_key); - openssl_csr_export($res_csr, $str_csr); + if (!openssl_pkey_export($res_key, $str_key) || + !openssl_csr_export($res_csr, $str_csr)) + return false; // return our request information $cert['csr'] = base64_encode($str_csr); @@ -284,7 +338,7 @@ function csr_get_subject($str_crt, $decode = true) { $components = openssl_csr_get_subject($str_crt); - if (!is_array($components)) + if (empty($components) || !is_array($components)) return "unknown"; ksort($components); @@ -306,7 +360,7 @@ function cert_get_subject($str_crt, $decode = true) { $inf_crt = openssl_x509_parse($str_crt); $components = $inf_crt['subject']; - if (!is_array($components)) + if (empty($components) || !is_array($components)) return "unknown"; ksort($components); @@ -356,9 +410,10 @@ function cert_get_issuer($str_crt, $decode = true) { $inf_crt = openssl_x509_parse($str_crt); $components = $inf_crt['issuer']; - ksort($components); - if (!is_array($components)) + if (empty($components) || !is_array($components)) return "unknown"; + + ksort($components); foreach ($components as $a => $v) { if (!strlen($issuer)) $issuer = "{$a}={$v}"; diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 3ca5d3d..e21f719 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -277,8 +277,6 @@ function filter_configure_sync() { $rules .= "set limit table-entries {$config['system']['maximumtableentries']}\n"; } - //$rules .= discover_pkg_rules("pfearly"); - // Configure flowtable support if enabled. flowtable_configure(); @@ -559,7 +557,8 @@ function filter_generate_aliases() { $tableaddrs = "{$addrlist}{$extralias}"; if(empty($tableaddrs)) { $aliases .= "table <{$aliased['name']}> persist\n"; - $after_filter_configure_run[] = "/sbin/pfctl -T flush -t " . escapeshellarg($aliased['name']); + if (empty($aliased['address'])) + $after_filter_configure_run[] = "/sbin/pfctl -T flush -t " . escapeshellarg($aliased['name']); } else $aliases .= "table <{$aliased['name']}> { {$addrlist}{$extralias} } \n"; @@ -1350,7 +1349,7 @@ function filter_nat_rules_generate() { } /* PPTP subnet */ if(($config['pptpd']['mode'] == "server" ) && is_private_ip($config['pptpd']['remoteip'])) { - $pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'], long2ip32(ip2long($config['pptpd']['remoteip'])+$config['pptpd']['n_pptp_units'])); + $pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'], long2ip32(ip2long($config['pptpd']['remoteip'])+($config['pptpd']['n_pptp_units']-1))); $numberofnathosts += count($pptp_subnets); $tonathosts .= implode(" ", $pptp_subnets) . " "; } @@ -1623,7 +1622,7 @@ function filter_generate_user_rule_arr($rule) { } function filter_generate_address(& $rule, $target = "source", $isnat = false) { - global $FilterIflist; + global $FilterIflist, $config; $src = ""; if(isset($rule[$target]['any'])) { @@ -1665,9 +1664,8 @@ function filter_generate_address(& $rule, $target = "source", $isnat = false) { $src = "{$lansa}/{$lansn}"; break; case 'pptp': - $pptpsa = gen_subnet($FilterIflist['pptp']['sa'], $FilterIflist['pptp']['sn']); - $pptpsn = $FilterIflist['pptp']['sn']; - $src = "{$pptpsa}/{$pptpsn}"; + $pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'], long2ip32(ip2long($config['pptpd']['remoteip'])+($config['pptpd']['n_pptp_units']-1))); + $src = "{ " . implode(" ", $pptp_subnets) . " }"; break; case 'pppoe': /* XXX: This needs to be fixed somehow! */ @@ -2050,7 +2048,7 @@ function filter_rules_generate() { $pptpdcfg = $config['pptpd']; $ipfrules = ""; - //$ipfrules .= discover_pkg_rules("filter"); + $ipfrules .= discover_pkg_rules("pfearly"); /* relayd */ $ipfrules .= "anchor \"relayd/*\"\n"; @@ -2373,6 +2371,7 @@ EOD; $rule_arr = array_merge($rule_arr1,$rule_arr2); $ipfrules .= "\n# User-defined rules follow\n"; + $ipfrules .= "\nanchor \"userrules/*\"\n"; /* Generate user rule lines */ foreach($rule_arr as $rule) { if(isset($rule['disabled'])) diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index 6f8e0d0..d99a556 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -144,7 +144,8 @@ function ipsec_get_phase1_src(& $ph1ent) { */ function ipsec_get_phase1_dst(& $ph1ent) { global $g; - + if (!$ph1ent['remote-gateway']) + return false; $rg = $ph1ent['remote-gateway']; if (!is_ipaddr($rg)) { if(! $g['booting']) diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index cb35d99..bbecc0c 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -161,7 +161,7 @@ function openvpn_port_next($prot) { function openvpn_get_cipherlist() { $ciphers = array(); - $cipher_out = shell_exec('openvpn --show-ciphers | grep "default key" | awk \'{print $1, "(" $2 "-" $3 ")";}\''); + $cipher_out = shell_exec('/usr/local/sbin/openvpn --show-ciphers | /usr/bin/grep "default key" | /usr/bin/awk \'{print $1, "(" $2 "-" $3 ")";}\''); $cipher_lines = explode("\n", trim($cipher_out)); sort($cipher_lines); foreach ($cipher_lines as $line) { @@ -606,7 +606,7 @@ function openvpn_restart($mode, $settings) { /* start the new process */ $fpath = $g['varetc_path']."/openvpn/{$mode_id}.conf"; - mwexec_bg("nohup openvpn --config {$fpath}"); + mwexec_bg("/usr/local/sbin/openvpn --config {$fpath}"); if (!$g['booting']) send_event("filter reload"); diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index b735375..2f47f3c 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -316,11 +316,13 @@ function uninstall_package($pkg_name) { // Back up /usr/local/lib libraries first if // not running from the builder code. + // also take into account rrd binaries if(!$builder_package_install) { if(!file_exists("/tmp/pkg_libs.tgz")) { $static_output .= "Backing up libraries... "; update_output_window($static_output); exec("/usr/bin/tar czPf /tmp/pkg_libs.tgz `/bin/cat /etc/pfSense_md5.txt | /usr/bin/grep 'local/lib' | /usr/bin/awk '{ print $2 }' | /usr/bin/cut -d'(' -f2 | /usr/bin/cut -d')' -f1`"); + exec("/usr/bin/tar czPf /tmp/pkg_bins.tgz `/bin/cat /etc/pfSense_md5.txt | /usr/bin/grep 'rrd' | /usr/bin/awk '{ print $2 }' | /usr/bin/cut -d'(' -f2 | /usr/bin/cut -d')' -f1`"); $static_output .= "\n"; } } @@ -345,7 +347,9 @@ function uninstall_package($pkg_name) { $static_output .= "Cleaning up... "; update_output_window($static_output); exec("/usr/bin/tar xzPfU /tmp/pkg_libs.tgz -C /"); - @unlink("/tmp/pkg_libs.tgz"); + exec("/usr/bin/tar xzPfU /tmp/pkg_bins.tgz -C /"); + @unlink("/tmp/pkg_libs.tgz"); + @unlink("/tmp/pkg_bins.tgz"); } } @@ -491,7 +495,7 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = update_output_window($static_output); } } - $static_output .= " (extracting)"; + $static_output .= " (extracting)\n"; update_output_window($static_output); $slaveout = ""; exec("/usr/bin/tar --fast-read -O -f {$fetchto} -x +CONTENTS 2>&1", $slaveout); diff --git a/etc/inc/services.inc b/etc/inc/services.inc index 3f3225c..853ea78 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -978,8 +978,11 @@ function setup_wireless_olsr() { conf_mount_rw(); foreach($config['installedpackages']['olsrd']['config'] as $olsrd) { $olsr_enable = $olsrd['enable']; - if($olsr_enable <> "on") + if($olsr_enable <> "on") { + if (is_process_running("olsrd")) + mwexec("/usr/bin/killall olsrd", true); return; + } $fd = fopen("{$g['varetc_path']}/olsr.conf", "w"); if($olsrd['announcedynamicroute'] or $olsrd['enableannounce'] == "on") { @@ -1241,7 +1244,7 @@ EODAD; fclose($fd); } - if(is_process_running("olsrd")) + if (is_process_running("olsrd")) mwexec("/usr/bin/killall olsrd", true); sleep(2); diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index e7e632a..9588fb5 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -842,6 +842,46 @@ function upgrade_044_to_045() { function upgrade_045_to_046() { global $config; + /* Load up monitors that are in the default config for 2.0 but not in 1.2.3 + thus wouldn't be in an upgraded config. */ + $config['load_balancer']['monitor_type'] = array ( + array ( 'name' => 'ICMP', + 'type' => 'icmp', + 'descr' => 'ICMP', + 'options' => '', + ), + array ( 'name' => 'TCP', + 'type' => 'tcp', + 'descr' => 'Generic TCP', + 'options' => '', + ), + array ( 'name' => 'HTTP', + 'type' => 'http', + 'descr' => 'Generic HTTP', + 'options' => + array ( 'path' => '/', + 'host' => '', + 'code' => '200', + ), + ), + array ( 'name' => 'HTTPS', + 'type' => 'https', + 'descr' => 'Generic HTTPS', + 'options' => + array ( 'path' => '/', + 'host' => '', + 'code' => '200', + ), + ), + array ( 'name' => 'SMTP', + 'type' => 'send', + 'descr' => 'Generic SMTP', + 'options' => + array ( 'send' => 'EHLO nosuchhost', + 'expect' => '250-', + ), + ), + ); /* Upgrade load balancer from slb to relayd */ if (is_array($config['load_balancer']['virtual_server']) && count($config['load_balancer']['virtual_server'])) { $vs_a = &$config['load_balancer']['virtual_server']; @@ -857,6 +897,8 @@ function upgrade_045_to_046() { } /* Convert sitedown entries to pools and re-attach */ for ($i = 0; isset($vs_a[$i]); $i++) { + /* Set mode while we're here. */ + $vs_a[$i]['mode'] = "redirect_mode"; if (isset($vs_a[$i]['sitedown'])) { $pool = array(); $pool['type'] = 'server'; @@ -1299,6 +1341,8 @@ function upgrade_048_to_049() { $all['gid'] = 1998; $all['member'] = array(); + if (!is_array($config['system']['user'])) + $config['system']['user'] = array(); if (!is_array($config['system']['group'])) $config['system']['group'] = array(); @@ -1350,6 +1394,9 @@ function upgrade_048_to_049() { function upgrade_049_to_050() { global $config; + + if (!is_array($config['system']['user'])) + $config['system']['user'] = array(); /* update user privileges */ foreach ($config['system']['user'] as & $user) { $privs = array(); @@ -1562,7 +1609,7 @@ function upgrade_051_to_052() { $assigned = true; continue; } else if (substr($tmpstr, 0, 5) == "local") { - $localip = substr($tmpstr, 6); + $localip = substr($tmpstr, 5); $server['ipaddr'] = str_replace("\n", "", $localip); } else $cstmopts[] = $tmpcstmopt; @@ -1664,7 +1711,7 @@ function upgrade_051_to_052() { $assigned = true; continue; } else if (substr($tmpstr, 0, 5) == "local") { - $localip = substr($tmpstr, 6); + $localip = substr($tmpstr, 5); $client['ipaddr'] = str_replace("\n", "", $localip); } else $cstmopts[] = $tmpcstmopt; @@ -2056,6 +2103,7 @@ function upgrade_055_to_056() { function upgrade_056_to_057() { global $config; + if (!is_array($config['system']['user'])) $config['system']['user'] = array(); /* migrate captivate portal to user manager */ diff --git a/etc/inc/util.inc b/etc/inc/util.inc index e27c1b0..a87bf03 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -45,14 +45,14 @@ function isvalidpid($pid) { $output = ""; exec("/bin/pgrep -F {$pid}", $output, $retval); - return (intval($retval) == 0); + return (intval($retval) == 0); } function is_process_running($process) { $output = ""; exec("/bin/pgrep -ax {$process}", $output, $retval); - return (intval($retval) == 0); + return (intval($retval) == 0); } function isvalidproc($proc) { @@ -139,6 +139,9 @@ function unlock($cfglckkey = 0) { function send_event($cmd) { global $g; + if(!isset($g['event_address'])) + $g['event_address'] = "unix:///var/run/check_reload_status"; + $try = 0; while ($try < 3) { $fd = @fsockopen($g['event_address']); @@ -156,20 +159,23 @@ function send_event($cmd) { } function send_multiple_events($cmds) { - global $g; + global $g; + if(!isset($g['event_address'])) + $g['event_address'] = "unix:///var/run/check_reload_status"; + if (!is_array($cmds)) return; - $fd = fsockopen($g['event_address']); - if ($fd) { + $fd = fsockopen($g['event_address']); + if ($fd) { foreach ($cmds as $cmd) { - fwrite($fd, $cmd); - $resp = fread($fd, 4096); - if ($resp != "OK\n") - log_error("send_event: sent {$cmd} got {$resp}"); + fwrite($fd, $cmd); + $resp = fread($fd, 4096); + if ($resp != "OK\n") + log_error("send_event: sent {$cmd} got {$resp}"); } - fclose($fd); - } + fclose($fd); + } } function refcount_init($reference) { @@ -402,10 +408,10 @@ function is_ipaddroralias($ipaddr) { if (is_alias($ipaddr)) { if (is_array($config['aliases']['alias'])) { foreach ($config['aliases']['alias'] as $alias) { - if ($alias['name'] == $ipaddr && $alias['type'] != "port") + if ($alias['name'] == $ipaddr && $alias['type'] != "port") return true; } - } + } return false; } else return is_ipaddr($ipaddr); @@ -430,7 +436,6 @@ function is_subnet($subnet) { /* returns true if $subnet is a valid subnet in CIDR format or an alias thereof */ function is_subnetoralias($subnet) { - global $aliastable; if (isset($aliastable[$subnet]) && is_subnet($aliastable[$subnet])) @@ -484,7 +489,7 @@ function is_port($port) { $tmpports = explode(":", $port); foreach($tmpports as $tmpport) { if (getservbyname($tmpport, "tcp") || getservbyname($tmpport, "udp")) - continue; + continue; if (!ctype_digit($tmpport)) return false; else if ((intval($tmpport) < 1) || (intval($tmpport) > 65535)) @@ -495,28 +500,28 @@ function is_port($port) { /* returns true if $portrange is a valid TCP/UDP portrange ("<port>:<port>") */ function is_portrange($portrange) { - $ports = explode(":", $portrange); + $ports = explode(":", $portrange); - if(count($ports) == 2 && is_port($ports[0]) && is_port($ports[1])) - return true; - else - return false; + if(count($ports) == 2 && is_port($ports[0]) && is_port($ports[1])) + return true; + else + return false; } /* returns true if $port is a valid port number or an alias thereof */ function is_portoralias($port) { global $config; - if (is_alias($port)) { - if (is_array($config['aliases']['alias'])) { - foreach ($config['aliases']['alias'] as $alias) { - if ($alias['name'] == $port && $alias['type'] == "port") - return true; - } - } - return false; - } else - return is_port($port); + if (is_alias($port)) { + if (is_array($config['aliases']['alias'])) { + foreach ($config['aliases']['alias'] as $alias) { + if ($alias['name'] == $port && $alias['type'] == "port") + return true; + } + } + return false; + } else + return is_port($port); } /* returns true if $val is a valid shaper bandwidth value */ @@ -531,37 +536,37 @@ function get_configured_carp_interface_list() { $iflist = array(); if(is_array($config['virtualip']['vip'])) { - $viparr = &$config['virtualip']['vip']; - foreach ($viparr as $vip) { - switch ($vip['mode']) { - case "carp": - case "carpdev-dhcp": - $vipif = "vip" . $vip['vhid']; - $iflist[$vipif] = $vip['subnet']; - break; - } - } - } + $viparr = &$config['virtualip']['vip']; + foreach ($viparr as $vip) { + switch ($vip['mode']) { + case "carp": + case "carpdev-dhcp": + $vipif = "vip" . $vip['vhid']; + $iflist[$vipif] = $vip['subnet']; + break; + } + } + } return $iflist; } /* return the configured IP aliases list */ function get_configured_ip_aliases_list() { - global $config; + global $config; - $alias_list=array(); + $alias_list=array(); - if(is_array($config['virtualip']['vip'])) { - $viparr = &$config['virtualip']['vip']; - foreach ($viparr as $vip) { - if ($vip['mode']=="ipalias") { - $alias_list[$vip['subnet']] = $vip['interface']; - } - } - } + if(is_array($config['virtualip']['vip'])) { + $viparr = &$config['virtualip']['vip']; + foreach ($viparr as $vip) { + if ($vip['mode']=="ipalias") { + $alias_list[$vip['subnet']] = $vip['interface']; + } + } + } - return $alias_list; + return $alias_list; } @@ -711,7 +716,7 @@ function get_interface_list($mode = "active", $keyby = "physical", $vfaces = "") $ifstatus = preg_grep('/status:/', $ifconfig); foreach($ifstatus as $status) { $int = array_shift($intlist); - if(stristr($status, "active")) $upints[] = $int; + if(stristr($status, "active")) $upints[] = $int; } break; default: @@ -728,9 +733,9 @@ function get_interface_list($mode = "active", $keyby = "physical", $vfaces = "") array_shift($ipinfo); foreach($linkinfo as $link) { $friendly = ""; - $alink = explode(" ", $link); - $ifname = rtrim(trim($alink[0]), '*'); - /* trim out all numbers before checking for vfaces */ + $alink = explode(" ", $link); + $ifname = rtrim(trim($alink[0]), '*'); + /* trim out all numbers before checking for vfaces */ if (!in_array(array_shift(preg_split('/\d/', $ifname)), $vfaces) && !stristr($ifname, "_vlan") && !stristr($ifname, "_wlan")) { $toput = array( @@ -767,9 +772,9 @@ function get_interface_list($mode = "active", $keyby = "physical", $vfaces = "") } break; } - } - } - return $iflist; + } + } + return $iflist; } /****f* util/log_error @@ -781,12 +786,12 @@ function get_interface_list($mode = "active", $keyby = "physical", $vfaces = "") * null ******/ function log_error($error) { - global $g; - $page = $_SERVER['SCRIPT_NAME']; - syslog(LOG_WARNING, "$page: $error"); - if ($g['debug']) - syslog(LOG_WARNING, var_dump(debug_backtrace())); - return; + global $g; + $page = $_SERVER['SCRIPT_NAME']; + syslog(LOG_WARNING, "$page: $error"); + if ($g['debug']) + syslog(LOG_WARNING, var_dump(debug_backtrace())); + return; } /****f* util/log_auth @@ -798,12 +803,12 @@ function log_error($error) { * null ******/ function log_auth($error) { - global $g; - $page = $_SERVER['SCRIPT_NAME']; - syslog(LOG_AUTH, "$page: $error"); - if ($g['debug']) - syslog(LOG_WARNING, var_dump(debug_backtrace())); - return; + global $g; + $page = $_SERVER['SCRIPT_NAME']; + syslog(LOG_AUTH, "$page: $error"); + if ($g['debug']) + syslog(LOG_WARNING, var_dump(debug_backtrace())); + return; } /****f* util/exec_command @@ -817,9 +822,9 @@ function log_auth($error) { * This function returns the command's stdout and stderr. ******/ function exec_command($command) { - $output = array(); - exec($command . ' 2>&1 ', $output); - return(implode("\n", $output)); + $output = array(); + exec($command . ' 2>&1 ', $output); + return(implode("\n", $output)); } /* wrapper for exec() */ @@ -835,7 +840,7 @@ function mwexec($command, $mute = false) { $garbage = exec("$command 2>&1", $oarr, $retval); if(isset($config['system']['developerspew'])) - $mute = false; + $mute = false; if(($retval <> 0) && ($mute === false)) { $output = implode(" ", $oarr); log_error(sprintf(gettext("The command '%1\$s' returned exit code '%2\$d', the output was '%3\$s' "), $command, $retval, $output)); @@ -845,7 +850,6 @@ function mwexec($command, $mute = false) { /* wrapper for exec() in background */ function mwexec_bg($command) { - global $g; if ($g['debug']) { @@ -868,7 +872,6 @@ function unlink_if_exists($fn) { } /* make a global alias table (for faster lookups) */ function alias_make_table($config) { - global $aliastable; $aliastable = array(); @@ -882,7 +885,6 @@ function alias_make_table($config) { } /* check if an alias exists */ function is_alias($name) { - global $aliastable; return isset($aliastable[$name]); @@ -890,7 +892,6 @@ function is_alias($name) { /* expand a host or network alias, if necessary */ function alias_expand($name) { - global $aliastable; if (isset($aliastable[$name])) @@ -1021,21 +1022,21 @@ function mac_format($clientmac) { function resolve_retry($hostname, $retries = 5) { - if (is_ipaddr($hostname)) - return $hostname; + if (is_ipaddr($hostname)) + return $hostname; - for ($i = 0; $i < $retries; $i++) { - $ip = gethostbyname($hostname); + for ($i = 0; $i < $retries; $i++) { + $ip = gethostbyname($hostname); - if ($ip && $ip != $hostname) { - /* success */ - return $ip; - } + if ($ip && $ip != $hostname) { + /* success */ + return $ip; + } - sleep(1); - } + sleep(1); + } - return false; + return false; } function format_bytes($bytes) { @@ -1051,9 +1052,9 @@ function format_bytes($bytes) { } function update_filter_reload_status($text) { - global $g; + global $g; - file_put_contents("{$g['varrun_path']}/filter_reload_status", $text); + file_put_contents("{$g['varrun_path']}/filter_reload_status", $text); } /****f* util/return_dir_as_array @@ -1065,35 +1066,35 @@ function update_filter_reload_status($text) { * $dir_array - array containing the directory's contents. This array will be empty if the path specified is invalid. ******/ function return_dir_as_array($dir) { - $dir_array = array(); - if (is_dir($dir)) { - if ($dh = opendir($dir)) { - while (($file = readdir($dh)) !== false) { - $canadd = 0; - if($file == ".") $canadd = 1; - if($file == "..") $canadd = 1; - if($canadd == 0) - array_push($dir_array, $file); - } - closedir($dh); - } - } - return $dir_array; + $dir_array = array(); + if (is_dir($dir)) { + if ($dh = opendir($dir)) { + while (($file = readdir($dh)) !== false) { + $canadd = 0; + if($file == ".") $canadd = 1; + if($file == "..") $canadd = 1; + if($canadd == 0) + array_push($dir_array, $file); + } + closedir($dh); + } + } + return $dir_array; } function run_plugins($directory) { - global $config, $g; - - /* process packager manager custom rules */ - $files = return_dir_as_array($directory); - if (is_array($files)) { - foreach ($files as $file) { - if (stristr($file, ".sh") == true) - mwexec($directory . $file . " start"); - else if (!is_dir($directory . "/" . $file) && stristr($file,".inc")) - require_once($directory . "/" . $file); - } + global $config, $g; + + /* process packager manager custom rules */ + $files = return_dir_as_array($directory); + if (is_array($files)) { + foreach ($files as $file) { + if (stristr($file, ".sh") == true) + mwexec($directory . $file . " start"); + else if (!is_dir($directory . "/" . $file) && stristr($file,".inc")) + require_once($directory . "/" . $file); } + } } /* @@ -1101,13 +1102,13 @@ function run_plugins($directory) { * create directory if it doesn't already exist and isn't a file! */ function safe_mkdir($path, $mode=0755) { - global $g; + global $g; - if (!is_file($path) && !is_dir($path)) { - return @mkdir($path, $mode, true); - } else { - return false; - } + if (!is_file($path) && !is_dir($path)) { + return @mkdir($path, $mode, true); + } else { + return false; + } } /* @@ -1115,15 +1116,15 @@ function safe_mkdir($path, $mode=0755) { * create directory tree recursively (mkdir -p) */ function make_dirs($path, $mode = 0755) { - $base = ''; - foreach (explode('/', $path) as $dir) { - $base .= "/$dir"; - if (!is_dir($base)) { - if (!@mkdir($base, $mode)) - return false; - } - } - return true; + $base = ''; + foreach (explode('/', $path) as $dir) { + $base .= "/$dir"; + if (!is_dir($base)) { + if (!@mkdir($base, $mode)) + return false; + } + } + return true; } /* @@ -1194,57 +1195,57 @@ function set_sysctl($values) { * [0]real and [1]available */ function get_memory() { - $matches = ""; - if(file_exists("/var/log/dmesg.boot")) - $mem = `cat /var/log/dmesg.boot | grep memory`; - else - $mem = `dmesg -a | grep memory`; - if (preg_match_all("/avail memory.* \((.*)MB\)/", $mem, $matches)) - return array($matches[1][0], $matches[1][0]); - if(!$real && !$avail) { - $real = trim(`sysctl hw.physmem | cut -d' ' -f2`); - $avail = trim(`sysctl hw.realmem | cut -d' ' -f2`); - /* convert from bytes to megabytes */ - return array(($real/1048576),($avail/1048576)); - } + $matches = ""; + if(file_exists("/var/log/dmesg.boot")) + $mem = `cat /var/log/dmesg.boot | grep memory`; + else + $mem = `dmesg -a | grep memory`; + if (preg_match_all("/avail memory.* \((.*)MB\)/", $mem, $matches)) + return array($matches[1][0], $matches[1][0]); + if(!$real && !$avail) { + $real = trim(`sysctl hw.physmem | cut -d' ' -f2`); + $avail = trim(`sysctl hw.realmem | cut -d' ' -f2`); + /* convert from bytes to megabytes */ + return array(($real/1048576),($avail/1048576)); + } } function mute_kernel_msgs() { - global $config; - // Do not mute serial console. The kernel gets very very cranky - // and will start dishing you cannot control tty errors. - if(trim(file_get_contents("/etc/platform")) == "nanobsd") - return; - if($config['system']['enableserial']) - return; - exec("/sbin/conscontrol mute on"); + global $config; + // Do not mute serial console. The kernel gets very very cranky + // and will start dishing you cannot control tty errors. + if(trim(file_get_contents("/etc/platform")) == "nanobsd") + return; + if($config['system']['enableserial']) + return; + exec("/sbin/conscontrol mute on"); } function unmute_kernel_msgs() { - global $config; - // Do not mute serial console. The kernel gets very very cranky - // and will start dishing you cannot control tty errors. - if(trim(file_get_contents("/etc/platform")) == "nanobsd") - return; - exec("/sbin/conscontrol mute off"); + global $config; + // Do not mute serial console. The kernel gets very very cranky + // and will start dishing you cannot control tty errors. + if(trim(file_get_contents("/etc/platform")) == "nanobsd") + return; + exec("/sbin/conscontrol mute off"); } function start_devd() { global $g; - exec("/sbin/devd"); - sleep(1); + exec("/sbin/devd"); + sleep(1); } function is_interface_vlan_mismatch() { - global $config, $g; + global $config, $g; - if (is_array($config['vlans']['vlan'])) { - foreach ($config['vlans']['vlan'] as $vlan) { - if (does_interface_exist($vlan['if']) == false) + if (is_array($config['vlans']['vlan'])) { + foreach ($config['vlans']['vlan'] as $vlan) { + if (does_interface_exist($vlan['if']) == false) return true; - } - } + } + } return false; } @@ -1291,7 +1292,7 @@ function carp_sync_client() { * true/false ******/ function isAjax() { - return isset ($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest'; + return isset ($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest'; } /****f* util/timeout @@ -1451,51 +1452,51 @@ function is_file_included($file = "") { This function was borrowed from a comment on PHP.net at the following URL: http://www.php.net/manual/en/function.array-merge-recursive.php#73843 */ -function array_merge_recursive_unique($array0, $array1) -{ - $arrays = func_get_args(); - $remains = $arrays; +function array_merge_recursive_unique($array0, $array1) { - // We walk through each arrays and put value in the results (without - // considering previous value). - $result = array(); + $arrays = func_get_args(); + $remains = $arrays; - // loop available array - foreach($arrays as $array) { + // We walk through each arrays and put value in the results (without + // considering previous value). + $result = array(); - // The first remaining array is $array. We are processing it. So - // we remove it from remaing arrays. + // loop available array + foreach($arrays as $array) { + + // The first remaining array is $array. We are processing it. So + // we remove it from remaing arrays. array_shift($remains); - // We don't care non array param, like array_merge since PHP 5.0. - if(is_array($array)) { - // Loop values - foreach($array as $key => $value) { - if(is_array($value)) { - // we gather all remaining arrays that have such key available - $args = array(); - foreach($remains as $remain) { - if(array_key_exists($key, $remain)) { - array_push($args, $remain[$key]); - } - } - - if(count($args) > 2) { - // put the recursion - $result[$key] = call_user_func_array(__FUNCTION__, $args); - } else { - foreach($value as $vkey => $vval) { - $result[$key][$vkey] = $vval; - } - } - } else { - // simply put the value - $result[$key] = $value; - } - } - } - } - return $result; + // We don't care non array param, like array_merge since PHP 5.0. + if(is_array($array)) { + // Loop values + foreach($array as $key => $value) { + if(is_array($value)) { + // we gather all remaining arrays that have such key available + $args = array(); + foreach($remains as $remain) { + if(array_key_exists($key, $remain)) { + array_push($args, $remain[$key]); + } + } + + if(count($args) > 2) { + // put the recursion + $result[$key] = call_user_func_array(__FUNCTION__, $args); + } else { + foreach($value as $vkey => $vval) { + $result[$key][$vkey] = $vval; + } + } + } else { + // simply put the value + $result[$key] = $value; + } + } + } + } + return $result; } ?> diff --git a/etc/inc/vslb.inc b/etc/inc/vslb.inc index 980bcd0..c26b785 100644 --- a/etc/inc/vslb.inc +++ b/etc/inc/vslb.inc @@ -237,7 +237,19 @@ function relayd_configure() { if(is_array($vs_a)) { for ($i = 0; isset($vs_a[$i]); $i++) { switch($vs_a[$i]['mode']) { - case 'redirect_mode': { + case 'relay': + $conf .= "relay \"{$vs_a[$i]['name']}\" {\n"; + $conf .= " listen on {$vs_a[$i]['ipaddr']} port {$vs_a[$i]['port']}\n"; + $conf .= " protocol \"{$vs_a[$i]['relay_protocol']}\"\n"; + $conf .= " forward to <{$vs_a[$i]['pool']}> port {$pools[$vs_a[$i]['pool']]['port']} {$check_a[$pools[$vs_a[$i]['pool']]['monitor']]} \n"; + + if (isset($vs_a[$i]['sitedown']) && strlen($vs_a[$i]['sitedown']) > 0) + $conf .= " forward to <{$vs_a[$i]['sitedown']}> port {$pools[$vs_a[$i]['pool']]['port']} {$check_a[$pools[$vs_a[$i]['pool']]['monitor']]} \n"; + $conf .= "}\n"; + break; + /* Default to Redirect Mode */ + case 'redirect_mode': + default: $conf .= "redirect \"{$vs_a[$i]['name']}\" {\n"; $conf .= " listen on {$vs_a[$i]['ipaddr']} port {$vs_a[$i]['port']}\n"; $conf .= " forward to <{$vs_a[$i]['pool']}> port {$pools[$vs_a[$i]['pool']]['port']} {$check_a[$pools[$vs_a[$i]['pool']]['monitor']]} \n"; @@ -251,18 +263,6 @@ function relayd_configure() { $conf .= "}\n"; break; - } - case 'relay': { - $conf .= "relay \"{$vs_a[$i]['name']}\" {\n"; - $conf .= " listen on {$vs_a[$i]['ipaddr']} port {$vs_a[$i]['port']}\n"; - $conf .= " protocol \"{$vs_a[$i]['relay_protocol']}\"\n"; - $conf .= " forward to <{$vs_a[$i]['pool']}> port {$pools[$vs_a[$i]['pool']]['port']} {$check_a[$pools[$vs_a[$i]['pool']]['monitor']]} \n"; - - if (isset($vs_a[$i]['sitedown']) && strlen($vs_a[$i]['sitedown']) > 0) - $conf .= " forward to <{$vs_a[$i]['sitedown']}> port {$pools[$vs_a[$i]['pool']]['port']} {$check_a[$pools[$vs_a[$i]['pool']]['monitor']]} \n"; - $conf .= "}\n"; - break; - } } } } @@ -359,7 +359,13 @@ if [ "$PLATFORM" = "pfSense" ]; then /usr/local/bin/php -q /etc/ecl.php fi -nohup /usr/bin/nice -n20 /usr/local/sbin/check_reload_status +if [ -f /etc/rc.custom_boot_early ]; then + /bin/echo -n "Launching /etc/rc.custom_boot_early..."; + /etc/rc.custom_boot_early + echo "Done" +fi + +/usr/bin/nice -n20 /usr/local/sbin/check_reload_status # let the PHP-based configuration subsystem set up the system now echo -n "Launching the init system..." diff --git a/etc/rc.php_ini_setup b/etc/rc.php_ini_setup index 99efc39..670411c 100755 --- a/etc/rc.php_ini_setup +++ b/etc/rc.php_ini_setup @@ -116,8 +116,9 @@ PHPMODULES="$PHPMODULES zmq" PHPMODULES="$PHPMODULES ssh2" # pfSense extensions PHPMODULES="$PHPMODULES pfSense" -# ion cube -PHPMODULES="$PHPMODULES ioncube_loader" + +PHP_ZEND_MODULES="" +PHP_ZEND_MODULES_TS="" # Modules previously included. # can be turned on by touching @@ -178,6 +179,12 @@ EOF if [ ! -d /etc/php_dynamodules ]; then /bin/mkdir /etc/php_dynamodules fi +if [ ! -d /etc/php_dynamodules_zend ]; then + /bin/mkdir /etc/php_dynamodules_zend +fi +if [ ! -d /etc/php_dynamodules_zend_ts ]; then + /bin/mkdir /etc/php_dynamodules_zend_ts +fi # Read in dynamodules if [ -d /etc/php_dynamodules ]; then @@ -185,6 +192,18 @@ if [ -d /etc/php_dynamodules ]; then PHPMODULES="$PHPMODULES $DYNA_MODULES" fi +# Read in zend modules +if [ -d /etc/php_dynamodules_zend ]; then + DYNA_MODULES=`/bin/ls /etc/php_dynamodules_zend/` + PHP_ZEND_MODULES="$PHP_ZEND_MODULES $DYNA_MODULES" +fi + +# Read in zend threaded modules +if [ -d /etc/php_dynamodules_zend_ts ]; then + DYNA_MODULES=`/bin/ls /etc/php_dynamodules_zend_ts/` + PHP_ZEND_MODULES_TS="$PHP_ZEND_MODULES_TS $DYNA_MODULES" +fi + # Loop through and generate modules to load. # Take into account modules built into php. for EXT in $PHPMODULES; do @@ -203,6 +222,22 @@ for EXT in $PHPMODULES; do fi done +# Zend modules +for EXT in $PHP_ZEND_MODULES; do + # Ensure extension exists before adding. + if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then + echo "zend_extension=${EXTENSIONSDIR}/${EXT}.so" >> /usr/local/lib/php.ini + fi +done + +# Zend threaded modules +for EXT in $PHP_ZEND_MODULES_TS; do + # Ensure extension exists before adding. + if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then + echo "zend_extension_ts=${EXTENSIONSDIR}/${EXT}.so" >> /usr/local/lib/php.ini + fi +done + # Get amount of ram installed on this system RAM=`/sbin/sysctl hw.realmem | /usr/bin/awk '{print $2/1000000}' | /usr/bin/awk -F '.' '{print $1}'` export RAM diff --git a/etc/rc.restart_webgui b/etc/rc.restart_webgui index e74f201..05eab12 100755 --- a/etc/rc.restart_webgui +++ b/etc/rc.restart_webgui @@ -10,7 +10,7 @@ require("rrd.inc"); echo "Restarting webConfigurator..."; -sigkillbyname("lighttpd", "INT"); +sigkillbyname("lighttpd", "KILL"); while (is_process_running("lighttpd")) { echo '.'; diff --git a/usr/local/sbin/ovpn-linkdown b/usr/local/sbin/ovpn-linkdown index 112317f..b300aed 100755 --- a/usr/local/sbin/ovpn-linkdown +++ b/usr/local/sbin/ovpn-linkdown @@ -1,5 +1,5 @@ #!/bin/sh -/sbin/pfctl -b $4 -b $5 +# /sbin/pfctl -b $4 -b $5 # delete the node just in case mpd cannot do that /bin/rm -f /var/etc/nameserver_$1 /bin/rm -f /tmp/$1_router diff --git a/usr/local/sbin/ovpn-linkup b/usr/local/sbin/ovpn-linkup index 613822c..b613a9a 100755 --- a/usr/local/sbin/ovpn-linkup +++ b/usr/local/sbin/ovpn-linkup @@ -2,10 +2,10 @@ # let the configuration system know that the ip has changed. #/usr/local/sbin/pfSctl -c "interface newip $interface" -if [ -n $route_vpn_gateway ]; then +if [ "" != "$route_vpn_gateway" ]; then /bin/echo $route_vpn_gateway > /tmp/$1_router else - /bin/echo $4 > /tmp/$1_router + /bin/echo $5 > /tmp/$1_router fi /usr/bin/touch /tmp/$1up # reload filter diff --git a/usr/local/sbin/ppp-linkdown b/usr/local/sbin/ppp-linkdown index f6a78b9..1170d2f 100755 --- a/usr/local/sbin/ppp-linkdown +++ b/usr/local/sbin/ppp-linkdown @@ -6,7 +6,7 @@ fi if [ -f "/tmp/${interface}_defaultgw" ]; then route delete default $4 fi -/sbin/pfctl -b $3 -b $4 +# /sbin/pfctl -b $3 -b $4 # delete the node just in case mpd cannot do that /usr/sbin/ngctl shutdown $1: if [ -f "/var/etc/nameserver_$1" ]; then diff --git a/usr/local/sbin/vpn-linkdown b/usr/local/sbin/vpn-linkdown index e67a8a0..1d533cb 100755 --- a/usr/local/sbin/vpn-linkdown +++ b/usr/local/sbin/vpn-linkdown @@ -2,4 +2,4 @@ # record logout /usr/bin/logger -p local3.info "logout,$1,$4,$5" -/sbin/pfctl -b $3 -b $4 +# /sbin/pfctl -b $3 -b $4 diff --git a/usr/local/www/diag_packet_capture.php b/usr/local/www/diag_packet_capture.php index 2ffba1d..df482e2 100644 --- a/usr/local/www/diag_packet_capture.php +++ b/usr/local/www/diag_packet_capture.php @@ -35,6 +35,9 @@ ##|*MATCH=diag_packet_capture.php* ##|-PRIV +if ($_POST['downloadbtn'] == gettext("Download Capture")) + $nocsrf = true; + $pgtitle = array(gettext("Diagnostics"), gettext("Packet Capture")); require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); @@ -92,6 +95,7 @@ if ($_POST) { header("Content-Disposition: attachment; filename=$fn"); header("Content-Length: $fs"); readfile($fp.$fn); + exit; } } else { $do_tcpdump = false; diff --git a/usr/local/www/diag_routes.php b/usr/local/www/diag_routes.php index f8e2926..2a61223 100644 --- a/usr/local/www/diag_routes.php +++ b/usr/local/www/diag_routes.php @@ -86,7 +86,7 @@ include('head.inc'); $name = ($tabindex == 0 ? 'IPv4' : 'IPv6'); ?> <table class="tabcont" width="100%" cellspacing="0" cellpadding="6" border="0"> -<tr><td class="listbg" colspan="<?=$elements?>"><strong><?=$name;?></strong></font></td></tr> +<tr><td class="listtopic" colspan="<?=$elements?>"><strong><?=$name;?></strong></font></td></tr> <?php foreach (explode("\n", $table) as $i => $line) { if ($i == 0) continue; diff --git a/usr/local/www/diag_traceroute.php b/usr/local/www/diag_traceroute.php index 6c9df57..91736df 100755 --- a/usr/local/www/diag_traceroute.php +++ b/usr/local/www/diag_traceroute.php @@ -114,7 +114,7 @@ if (!isset($do_traceroute)) { </tr> <tr> <td valign="top" colspan="2"> - <p><span class="vexpl"><span class="red"><b><?=gettext("Note:");?></b></span><?=gettext("Traceroute may take a while to complete. You may hit the Stop button on your browser at any time to see the progress of failed traceroutes.");?><p> + <p><span class="vexpl"><span class="red"><b><?=gettext("Note: ");?></b></span><?=gettext("Traceroute may take a while to complete. You may hit the Stop button on your browser at any time to see the progress of failed traceroutes.");?></span><p> <? if ($do_traceroute) { echo "<font face='terminal' size='2'>"; echo("<br><strong>" . gettext("Traceroute output:") . "</strong><br>"); @@ -133,7 +133,7 @@ if (!isset($do_traceroute)) { <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <span class="vexpl"><b><?=gettext("Note:");?></b></span><?=gettext("Multi-wan is not supported from this utility currently.");?> + <span class="vexpl"><b><?=gettext("Note: ");?></b><?=gettext("Multi-wan is not supported from this utility currently.");?></span> </td> </tr> </table> diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index acebe3c..97493bf 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -639,7 +639,7 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Associated filter rule");?></td> <td width="78%" class="vtable"> - <span class="red"><strong><?=gettext("NOTE: ");?></strong></span><?=gettext("This is associated to a NAT rule.");?><br /> + <span class="red"><strong><?=gettext("Note: ");?></strong></span><?=gettext("This is associated to a NAT rule.");?><br /> <?=gettext("You cannot edit the interface, protocol, source, or destination of associated filter rules.");?><br /> <br /> <?php @@ -1084,7 +1084,7 @@ include("head.inc"); <?=gettext("State Timeout in seconds");?> </p> - <p><strong><?=gettext("NOTE: Leave fields blank to disable that feature.");?></strong></p> + <p><strong><?=gettext("Note: Leave fields blank to disable that feature.");?></strong></p> </div> </td> </tr> @@ -1142,7 +1142,7 @@ include("head.inc"); <option value="sloppy state" <?php if($pconfig['statetype'] == "sloppy state") echo "selected"; ?>><?=gettext("sloppy state");?></option> <option value="synproxy state"<?php if($pconfig['statetype'] == "synproxy state") echo "selected"; ?>><?=gettext("synproxy state");?></option> <option value="none"<?php if($pconfig['statetype'] == "none") echo "selected"; ?>><?=gettext("none");?></option> - </select><br><?=gettext("HINT: Select which type of state tracking mechanism you would like to use. If in doubt, use keep state.");?> + </select><br><?=gettext("Hint: Select which type of state tracking mechanism you would like to use. If in doubt, use keep state.");?> <p> <table width="90%"> <tr><td width="25%"><ul><li><?=gettext("keep state");?></li></ul></td><td><?=gettext("Works with all IP protocols.");?></td></tr> @@ -1162,7 +1162,7 @@ include("head.inc"); </div> <div id="shownoxmlrpcadv" <?php if (empty($pconfig['nosync'])) echo "style='display:none'"; ?>> <input type="checkbox" name="nosync"<?php if($pconfig['nosync']) echo " CHECKED"; ?>><br> - <?=gettext("HINT: This prevents the rule from automatically syncing to other CARP members.");?> + <?=gettext("Hint: This prevents the rule from automatically syncing to other CARP members.");?> </div> </td> </tr> diff --git a/usr/local/www/interfaces_assign.php b/usr/local/www/interfaces_assign.php index 3e35b0e..88efcbd 100755 --- a/usr/local/www/interfaces_assign.php +++ b/usr/local/www/interfaces_assign.php @@ -154,9 +154,10 @@ if (is_array($config['openvpn'])) { } if ($_POST['apply']) { - if (file_exists("/var/run/interface_mismatch_reboot_needed")) + if (file_exists("/var/run/interface_mismatch_reboot_needed")) { system_reboot(); - else { + $rebootingnow = true; + } else { write_config(); $retval = 0; @@ -370,11 +371,14 @@ if ($_GET['act'] == "add" && (count($config['interfaces']) < count($portlist))) include("head.inc"); if(file_exists("/var/run/interface_mismatch_reboot_needed")) - if ($_POST) - $savemsg = gettext("Reboot is needed. Please apply the settings in order to reboot."); - else + if ($_POST) { + if($rebootingnow) + $savemsg = gettext("The system is now rebooting. Please wait."); + else + $savemsg = gettext("Reboot is needed. Please apply the settings in order to reboot."); + } else { $savemsg = gettext("Interface mismatch detected. Please resolve the mismatch and click Save. The firewall will reboot afterwards."); - + } ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> diff --git a/usr/local/www/interfaces_vlan_edit.php b/usr/local/www/interfaces_vlan_edit.php index 08f1a53..b6cea47 100755 --- a/usr/local/www/interfaces_vlan_edit.php +++ b/usr/local/www/interfaces_vlan_edit.php @@ -98,11 +98,16 @@ if ($_POST) { if (!$input_errors) { if (isset($id) && $a_vlans[$id]) { if (($a_vlans[$id]['if'] != $_POST['if']) || ($a_vlans[$id]['tag'] != $_POST['tag'])) { - if (!empty($a_vlans[$id]['vlanif'])) + if (!empty($a_vlans[$id]['vlanif'])) { + $confif = convert_real_interface_to_friendly_interface_name($vlan['vlanif']); // Destroy previous vlan pfSense_interface_destroy($a_vlans[$id]['vlanif']); - else + } else { pfSense_interface_destroy("{$a_vlans[$id]['if']}_vlan{$a_vlans[$id]['tag']}"); + $confif = convert_real_interface_to_friendly_interface_name("{$a_vlans[$id]['if']}_vlan{$a_vlans[$id]['tag']}"); + } + if ($confif <> "") + $config['interfaces'][$confif]['if'] = "{$_POST['if']}_vlan{$_POST['tag']}"; } } $vlan = array(); @@ -122,7 +127,6 @@ if ($_POST) { write_config(); - $confif = convert_real_interface_to_friendly_interface_name($vlan['vlanif']); if ($confif <> "") interface_configure($confif); diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index 9f883cd..64b1fa9 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -464,7 +464,7 @@ if ($pkg['tabs'] <> "") { $value = $_POST[$fieldname]; if (is_array($value)) $value = implode(',', $value); } else { - if (isset($id) && $a_pkg[$id] && $a_pkg[$id][$fieldname]) + if (isset($id) && $a_pkg[$id]) $value = $a_pkg[$id][$fieldname]; else $value = $pkga['default_value']; diff --git a/usr/local/www/services_captiveportal_hostname_edit.php b/usr/local/www/services_captiveportal_hostname_edit.php index a199341..cc09459 100755 --- a/usr/local/www/services_captiveportal_hostname_edit.php +++ b/usr/local/www/services_captiveportal_hostname_edit.php @@ -118,17 +118,11 @@ if ($_POST) { $ip['bw_up'] = $_POST['bw_up']; if ($_POST['bw_down']) $ip['bw_down'] = $_POST['bw_down']; - if (isset($id) && $a_allowedhostnames[$id]) { - $oldip = $a_allowedhostnames[$id]['hostname']; - if (!empty($a_allowedhostnames[$id]['sn'])) - $oldip .= "/{$a_allowedhostnames[$id]['sn']}"; + if (isset($id) && $a_allowedhostnames[$id]) $a_allowedhostnames[$id] = $ip; - } else { - $oldip = $ip['hostname']; - if (!empty($$ip['sn'])) - $oldip .= "/{$$ip['sn']}"; + else $a_allowedhostnames[] = $ip; - } + allowedhostnames_sort(); write_config(); diff --git a/usr/local/www/status_captiveportal_test.php b/usr/local/www/status_captiveportal_test.php index c6d1dab..576a019 100644 --- a/usr/local/www/status_captiveportal_test.php +++ b/usr/local/www/status_captiveportal_test.php @@ -42,9 +42,10 @@ require("shaper.inc"); require("captiveportal.inc"); require_once("voucher.inc"); +$pgtitle = array(gettext("Status"), gettext("Captive portal"), gettext("Test Vouchers")); + include("head.inc"); include("fbegin.inc"); -$pgtitle = array(gettext("Status"), gettext("Captive portal"), gettext("Test Vouchers")); ?> <form action="status_captiveportal_test.php" method="post" enctype="multipart/form-data" name="iform" id="iform"> diff --git a/usr/local/www/status_rrd_graph.php b/usr/local/www/status_rrd_graph.php index 4505a02..e548530 100755 --- a/usr/local/www/status_rrd_graph.php +++ b/usr/local/www/status_rrd_graph.php @@ -607,7 +607,7 @@ function get_dates($curperiod, $graph) { } /* generate update events utilizing prototype $('') feature */ echo "\n"; - echo "\t\t\$('{$graph}-{$curoption}-{$curdatabase}').src='status_rrd_graph_img.php?start={$start}&end={$end}&graph={$graph}&database={$curdatabase}&style={$curstyle}&tmp=' + randomid;\n"; + echo "\t\t\$('{$graph}-{$curoption}-{$curdatabase}').src='status_rrd_graph_img.php?start={$start}&graph={$graph}&database={$curdatabase}&style={$curstyle}&tmp=' + randomid;\n"; } } ?> diff --git a/usr/local/www/status_rrd_graph_settings.php b/usr/local/www/status_rrd_graph_settings.php index a4b562e..85061ba 100755 --- a/usr/local/www/status_rrd_graph_settings.php +++ b/usr/local/www/status_rrd_graph_settings.php @@ -62,8 +62,11 @@ $periods = array("absolute" => gettext("Absolute Timespans"), "current" => gettext("Current Period"), "previous" => gettext("Previous Period")); -if ($_POST) { - +if ($_POST['ResetRRD']) { + mwexec('/bin/rm /var/db/rrd/*'); + $retval = enable_rrd_graphing(); + $savemsg = "RRD data has been cleared. New RRD files have been generated."; +} elseif ($_POST) { unset($input_errors); $pconfig = $_POST; @@ -223,6 +226,12 @@ include("head.inc"); </td> </tr> <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="ResetRRD" type="submit" class="formbtn" value="<?=gettext("Reset RRD Data");?>" onclick="return confirm('<?=gettext('Do you really want to reset the RRD graphs? This will erase all graph data.');?>')"> + </td> + </tr> + <tr> <td width="22%" height="53" valign="top"> </td> <td width="78%"><strong><span class="red"><?=gettext("Note:");?></span></strong><br> <?=gettext("Graphs will not be allowed to be recreated within a 1 minute interval, please " . diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index 4965fb9..d1150a2 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -267,7 +267,7 @@ function prot_change() { <div class="tabcont"> <span class="vexpl"> <span class="red"> - <strong><?=gettext("NOTE:"); ?> </strong> + <strong><?=gettext("Note:"); ?> </strong> </span> <?=gettext("The options on this page are intended for use by advanced users only."); ?> <br/> diff --git a/usr/local/www/system_advanced_misc.php b/usr/local/www/system_advanced_misc.php index 2264365..c31bc92 100644 --- a/usr/local/www/system_advanced_misc.php +++ b/usr/local/www/system_advanced_misc.php @@ -339,7 +339,7 @@ function maxmss_checked(obj) { <td colspan="2" valign="top" class="listtopic"><?=gettext("IP Security"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Security Assocications"); ?></td> + <td width="22%" valign="top" class="vncell"><?=gettext("Security Associations"); ?></td> <td width="78%" class="vtable"> <input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if ($pconfig['preferoldsa_enable']) echo "checked"; ?> /> <strong><?=gettext("Prefer older IPsec SAs"); ?></strong> diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index fad6b34..b6b1097 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -543,9 +543,9 @@ function select_clicked() { <td> <input name="ldapauthcontainers" type="text" class="formfld unknown" id="ldapauthcontainers" size="40" value="<?=htmlspecialchars($pconfig['ldap_authcn']);?>"/> <input type="button" onClick="select_clicked();" value="<?=gettext("Select");?>"> - <br /><?=gettext("NOTE: Semi-Colon separated. This will be prepended to the search base dn above or you can specify full container path.");?> - <br /><?=gettext("EXAMPLE: CN=Users;DC=example");?> - <br /><?=gettext("EXAMPLE: CN=Users,DC=example,DC=com;OU=OtherUsers,DC=example,DC=com ");?> + <br /><?=gettext("Note: Semi-Colon separated. This will be prepended to the search base dn above or you can specify full container path.");?> + <br /><?=gettext("Example: CN=Users;DC=example");?> + <br /><?=gettext("Example: CN=Users,DC=example,DC=com;OU=OtherUsers,DC=example,DC=com ");?> </td> </tr> </table> diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php index a4b60af..9a18c87 100644 --- a/usr/local/www/system_camanager.php +++ b/usr/local/www/system_camanager.php @@ -42,7 +42,8 @@ require_once("certs.inc"); $ca_methods = array( "existing" => gettext("Import an existing Certificate Authority"), - "internal" => gettext("Create an internal Certificate Authority")); + "internal" => gettext("Create an internal Certificate Authority"), + "intermediate" => gettext("Create an intermediate Certificate Authority")); $ca_keylens = array( "512", "1024", "2048", "4096"); @@ -154,7 +155,7 @@ if ($act == "expkey") { if ($_POST) { - $input_errors = array(); + unset($input_errors); $pconfig = $_POST; /* input validation */ @@ -183,6 +184,22 @@ if ($_POST) { gettext("Distinguished name Email Address"), gettext("Distinguished name Common Name")); } + if ($pconfig['method'] == "intermediate") { + $reqdfields = explode(" ", + "descr caref keylen lifetime dn_country dn_state dn_city ". + "dn_organization dn_email dn_commonname"); + $reqdfieldsn = array( + gettext("Descriptive name"), + gettext("Signing Certificate Authority"), + gettext("Key length"), + gettext("Lifetime"), + gettext("Distinguished name Country Code"), + gettext("Distinguished name State or Province"), + gettext("Distinguished name City"), + gettext("Distinguished name Organization"), + gettext("Distinguished name Email Address"), + gettext("Distinguished name Common Name")); + } do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if ($pconfig['method'] != "existing") @@ -226,10 +243,11 @@ if ($_POST) { if (!empty($pconfig['key'])) $ca['prv'] = base64_encode($pconfig['key']); } else { + $old_err_level = error_reporting(0); /* otherwise openssl_ functions throw warings directly to a page screwing menu tab */ if ($pconfig['method'] == "existing") ca_import($ca, $pconfig['cert'], $pconfig['key'], $pconfig['serial']); - if ($pconfig['method'] == "internal") { + else if ($pconfig['method'] == "internal") { $dn = array( 'countryName' => $pconfig['dn_country'], 'stateOrProvinceName' => $pconfig['dn_state'], @@ -237,8 +255,29 @@ if ($_POST) { 'organizationName' => $pconfig['dn_organization'], 'emailAddress' => $pconfig['dn_email'], 'commonName' => $pconfig['dn_commonname']); - ca_create($ca, $pconfig['keylen'], $pconfig['lifetime'], $dn); + if (!ca_create($ca, $pconfig['keylen'], $pconfig['lifetime'], $dn)){ + while($ssl_err = openssl_error_string()){ + $input_errors = array(); + array_push($input_errors, "openssl library returns: " . $ssl_err); + } + } } + else if ($pconfig['method'] == "intermediate") { + $dn = array( + 'countryName' => $pconfig['dn_country'], + 'stateOrProvinceName' => $pconfig['dn_state'], + 'localityName' => $pconfig['dn_city'], + 'organizationName' => $pconfig['dn_organization'], + 'emailAddress' => $pconfig['dn_email'], + 'commonName' => $pconfig['dn_commonname']); + if (!ca_inter_create($ca, $pconfig['keylen'], $pconfig['lifetime'], $dn, $pconfig['caref'])){ + while($ssl_err = openssl_error_string()){ + $input_errors = array(); + array_push($input_errors, "openssl library returns: " . $ssl_err); + } + } + } + error_reporting($old_err_level); } if (isset($id) && $a_ca[$id]) @@ -246,7 +285,8 @@ if ($_POST) { else $a_ca[] = $ca; - write_config(); + if (!$input_errors) + write_config(); // pfSenseHeader("system_camanager.php"); } @@ -268,10 +308,17 @@ function method_change() { case 0: document.getElementById("existing").style.display=""; document.getElementById("internal").style.display="none"; + document.getElementById("intermediate").style.display="none"; break; case 1: document.getElementById("existing").style.display="none"; document.getElementById("internal").style.display=""; + document.getElementById("intermediate").style.display="none"; + break; + case 2: + document.getElementById("existing").style.display="none"; + document.getElementById("internal").style.display=""; + document.getElementById("intermediate").style.display=""; break; } } @@ -385,6 +432,23 @@ function method_change() { <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate Authority");?></td> </tr> + <tr id='intermediate'> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Signing Certificate Authority");?></td> + <td width="78%" class="vtable"> + <select name='caref' id='caref' class="formselect" onChange='internalca_change()'> + <?php + foreach( $a_ca as $ca): + if (!$ca['prv']) + continue; + $selected = ""; + if ($pconfig['caref'] == $ca['refid']) + $selected = "selected"; + ?> + <option value="<?=$ca['refid'];?>"<?=$selected;?>><?=$ca['descr'];?></option> + <?php endforeach; ?> + </select> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td> <td width="78%" class="vtable"> diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index 87b8d91..6b0d81e 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -240,6 +240,8 @@ if ($_POST) { $cert['descr'] = $pconfig['descr']; + $old_err_level = error_reporting(0); /* otherwise openssl_ functions throw warings directly to a page screwing menu tab */ + if ($pconfig['method'] == "import") cert_import($cert, $pconfig['cert'], $pconfig['key']); @@ -252,8 +254,13 @@ if ($_POST) { 'emailAddress' => $pconfig['dn_email'], 'commonName' => $pconfig['dn_commonname']); - cert_create($cert, $pconfig['caref'], $pconfig['keylen'], - $pconfig['lifetime'], $dn); + if (!cert_create($cert, $pconfig['caref'], $pconfig['keylen'], + $pconfig['lifetime'], $dn)){ + while($ssl_err = openssl_error_string()){ + $input_errors = array(); + array_push($input_errors, "openssl library returns: " . $ssl_err); + } + } } if ($pconfig['method'] == "external") { @@ -265,8 +272,15 @@ if ($_POST) { 'emailAddress' => $pconfig['csr_dn_email'], 'commonName' => $pconfig['csr_dn_commonname']); - csr_generate($cert, $pconfig['csr_keylen'], $dn); + if(!csr_generate($cert, $pconfig['csr_keylen'], $dn)){ + while($ssl_err = openssl_error_string()){ + $input_errors = array(); + array_push($input_errors, "openssl library returns: " . $ssl_err); + } + } } + error_reporting($old_err_level); + if (isset($id) && $a_cert[$id]) $a_cert[$id] = $cert; else @@ -275,7 +289,8 @@ if ($_POST) { $a_user[$userid]['cert'][] = $cert['refid']; } - write_config(); + if (!$input_errors) + write_config(); if ($userid) pfSenseHeader("system_usermanager.php?act=edit&id={$userid}"); @@ -940,7 +955,7 @@ function internalca_change() { </tr> <tr> <td> </td> - <td colspan="3">NOTE: You can only delete a certificate if it is not currently in use.</td> + <td colspan="3"><?=gettext("Note: You can only delete a certificate if it is not currently in use.");?></td> </tr> </table> diff --git a/usr/local/www/themes/_corporate/images/icons/favicon.ico b/usr/local/www/themes/_corporate/images/icons/favicon.ico Binary files differnew file mode 100644 index 0000000..3440bf2 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/favicon.ico diff --git a/usr/local/www/themes/_corporate/images/icons/icon_advanced.gif b/usr/local/www/themes/_corporate/images/icons/icon_advanced.gif Binary files differnew file mode 100644 index 0000000..3ede1ff --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_advanced.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_advanced_s.gif b/usr/local/www/themes/_corporate/images/icons/icon_advanced_s.gif Binary files differnew file mode 100644 index 0000000..b233549 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_advanced_s.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_alias_host.gif b/usr/local/www/themes/_corporate/images/icons/icon_alias_host.gif Binary files differnew file mode 100644 index 0000000..ad43e17 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_alias_host.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_alias_net.gif b/usr/local/www/themes/_corporate/images/icons/icon_alias_net.gif Binary files differnew file mode 100644 index 0000000..abd1b8b --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_alias_net.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_alias_port.gif b/usr/local/www/themes/_corporate/images/icons/icon_alias_port.gif Binary files differnew file mode 100644 index 0000000..4acf2aa --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_alias_port.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_alias_url.gif b/usr/local/www/themes/_corporate/images/icons/icon_alias_url.gif Binary files differnew file mode 100644 index 0000000..660571e --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_alias_url.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_alias_url_reload.gif b/usr/local/www/themes/_corporate/images/icons/icon_alias_url_reload.gif Binary files differnew file mode 100644 index 0000000..55c1c4a --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_alias_url_reload.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_chain.png b/usr/local/www/themes/_corporate/images/icons/icon_chain.png Binary files differnew file mode 100644 index 0000000..12db07a --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_chain.png diff --git a/usr/local/www/themes/_corporate/images/icons/icon_ifalias.gif b/usr/local/www/themes/_corporate/images/icons/icon_ifalias.gif Binary files differnew file mode 100644 index 0000000..0c569a7 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_ifalias.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_ifalias_d.gif b/usr/local/www/themes/_corporate/images/icons/icon_ifalias_d.gif Binary files differnew file mode 100644 index 0000000..faa84d4 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_ifalias_d.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_info_pkg.gif b/usr/local/www/themes/_corporate/images/icons/icon_info_pkg.gif Binary files differnew file mode 100644 index 0000000..cd3a532 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_info_pkg.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_right.gif b/usr/local/www/themes/_corporate/images/icons/icon_right.gif Binary files differnew file mode 100644 index 0000000..fdf2d8b --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_right.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_system-group-grey.png b/usr/local/www/themes/_corporate/images/icons/icon_system-group-grey.png Binary files differnew file mode 100644 index 0000000..d7b964d --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_system-group-grey.png diff --git a/usr/local/www/themes/_corporate/images/icons/icon_system-group.png b/usr/local/www/themes/_corporate/images/icons/icon_system-group.png Binary files differnew file mode 100644 index 0000000..1c974f2 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_system-group.png diff --git a/usr/local/www/themes/_corporate/images/icons/icon_system-user-grey.png b/usr/local/www/themes/_corporate/images/icons/icon_system-user-grey.png Binary files differnew file mode 100644 index 0000000..2f6047d --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_system-user-grey.png diff --git a/usr/local/www/themes/_corporate/images/icons/icon_system-user.png b/usr/local/www/themes/_corporate/images/icons/icon_system-user.png Binary files differnew file mode 100644 index 0000000..ef82156 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_system-user.png diff --git a/usr/local/www/themes/_corporate/images/icons/icon_system_lock_screen.png b/usr/local/www/themes/_corporate/images/icons/icon_system_lock_screen.png Binary files differnew file mode 100644 index 0000000..30f306d --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_system_lock_screen.png diff --git a/usr/local/www/themes/_corporate/images/icons/icon_wzd_nsaved.png b/usr/local/www/themes/_corporate/images/icons/icon_wzd_nsaved.png Binary files differnew file mode 100644 index 0000000..21cb27d --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_wzd_nsaved.png diff --git a/usr/local/www/themes/_corporate/images/icons/icon_wzd_saved.png b/usr/local/www/themes/_corporate/images/icons/icon_wzd_saved.png Binary files differnew file mode 100644 index 0000000..ab82946 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_wzd_saved.png diff --git a/usr/local/www/themes/_corporate/images/icons/in.gif b/usr/local/www/themes/_corporate/images/icons/in.gif Binary files differnew file mode 100644 index 0000000..f1da771 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/in.gif diff --git a/usr/local/www/themes/_corporate/images/icons/in_d.gif b/usr/local/www/themes/_corporate/images/icons/in_d.gif Binary files differnew file mode 100644 index 0000000..18e26be --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/in_d.gif diff --git a/usr/local/www/themes/_corporate/images/icons/out.gif b/usr/local/www/themes/_corporate/images/icons/out.gif Binary files differnew file mode 100644 index 0000000..1a1d1d5 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/out.gif diff --git a/usr/local/www/themes/_corporate/images/icons/out_d.gif b/usr/local/www/themes/_corporate/images/icons/out_d.gif Binary files differnew file mode 100644 index 0000000..879f1da --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/out_d.gif diff --git a/usr/local/www/themes/code-red/images/icons/icon_advanced.gif b/usr/local/www/themes/code-red/images/icons/icon_advanced.gif Binary files differnew file mode 100644 index 0000000..3ede1ff --- /dev/null +++ b/usr/local/www/themes/code-red/images/icons/icon_advanced.gif diff --git a/usr/local/www/themes/code-red/images/icons/icon_advanced_s.gif b/usr/local/www/themes/code-red/images/icons/icon_advanced_s.gif Binary files differnew file mode 100644 index 0000000..b233549 --- /dev/null +++ b/usr/local/www/themes/code-red/images/icons/icon_advanced_s.gif diff --git a/usr/local/www/themes/code-red/images/icons/icon_chain.png b/usr/local/www/themes/code-red/images/icons/icon_chain.png Binary files differnew file mode 100644 index 0000000..12db07a --- /dev/null +++ b/usr/local/www/themes/code-red/images/icons/icon_chain.png diff --git a/usr/local/www/themes/metallic/images/icons/icon_chain.png b/usr/local/www/themes/metallic/images/icons/icon_chain.png Binary files differnew file mode 100644 index 0000000..12db07a --- /dev/null +++ b/usr/local/www/themes/metallic/images/icons/icon_chain.png diff --git a/usr/local/www/themes/nervecenter/images/icons/icon_chain.png b/usr/local/www/themes/nervecenter/images/icons/icon_chain.png Binary files differnew file mode 100644 index 0000000..12db07a --- /dev/null +++ b/usr/local/www/themes/nervecenter/images/icons/icon_chain.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/favicon.ico b/usr/local/www/themes/pfsense-dropdown/images/icons/favicon.ico Binary files differnew file mode 100644 index 0000000..3440bf2 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/favicon.ico diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_host.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_host.gif Binary files differnew file mode 100644 index 0000000..ad43e17 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_host.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_net.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_net.gif Binary files differnew file mode 100644 index 0000000..abd1b8b --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_net.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_port.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_port.gif Binary files differnew file mode 100644 index 0000000..4acf2aa --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_port.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_url.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_url.gif Binary files differnew file mode 100644 index 0000000..660571e --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_url.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_url_reload.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_url_reload.gif Binary files differnew file mode 100644 index 0000000..55c1c4a --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_alias_url_reload.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_chain.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_chain.png Binary files differnew file mode 100644 index 0000000..12db07a --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_chain.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_de.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_de.png Binary files differnew file mode 100644 index 0000000..069cbbe --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_de.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_en.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_en.png Binary files differnew file mode 100644 index 0000000..bd7f9a5 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_en.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_es.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_es.png Binary files differnew file mode 100644 index 0000000..434776c --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_es.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_pt_BR.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_pt_BR.png Binary files differnew file mode 100644 index 0000000..f786349 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_flag_pt_BR.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_cert.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_cert.png Binary files differnew file mode 100644 index 0000000..48a34b6 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_cert.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_file.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_file.png Binary files differnew file mode 100644 index 0000000..48a9ed2 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_file.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_group.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_group.png Binary files differnew file mode 100644 index 0000000..7d929c0 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_group.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_host.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_host.png Binary files differnew file mode 100644 index 0000000..867ef2c --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_host.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_imp.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_imp.png Binary files differnew file mode 100644 index 0000000..f667cfc --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_imp.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_mail.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_mail.png Binary files differnew file mode 100644 index 0000000..d2d4548 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_mail.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_pwd.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_pwd.png Binary files differnew file mode 100644 index 0000000..06b53a1 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_pwd.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_search.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_search.png Binary files differnew file mode 100644 index 0000000..33de926 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_search.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_time.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_time.png Binary files differnew file mode 100644 index 0000000..aa8300a --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_time.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_unknown.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_unknown.png Binary files differnew file mode 100644 index 0000000..1857d0e --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_unknown.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_url.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_url.png Binary files differnew file mode 100644 index 0000000..cf56792 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_url.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_user.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_user.png Binary files differnew file mode 100644 index 0000000..e00eebe --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_frmfld_user.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_ifalias.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_ifalias.gif Binary files differnew file mode 100644 index 0000000..0c569a7 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_ifalias.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_ifalias_d.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_ifalias_d.gif Binary files differnew file mode 100644 index 0000000..faa84d4 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_ifalias_d.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_info_pkg.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_info_pkg.gif Binary files differnew file mode 100644 index 0000000..cd3a532 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_info_pkg.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_plus_bl.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_plus_bl.gif Binary files differnew file mode 100644 index 0000000..8dcd7c0 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_plus_bl.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_plus_bl_p.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_plus_bl_p.gif Binary files differnew file mode 100644 index 0000000..0c79849 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_plus_bl_p.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_plus_p.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_plus_p.gif Binary files differnew file mode 100644 index 0000000..eb41284 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_plus_p.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-group-grey.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-group-grey.png Binary files differnew file mode 100644 index 0000000..d7b964d --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-group-grey.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-group.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-group.png Binary files differnew file mode 100644 index 0000000..1c974f2 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-group.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-user-grey.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-user-grey.png Binary files differnew file mode 100644 index 0000000..2f6047d --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-user-grey.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-user.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-user.png Binary files differnew file mode 100644 index 0000000..ef82156 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system-user.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system_lock_screen.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system_lock_screen.png Binary files differnew file mode 100644 index 0000000..30f306d --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system_lock_screen.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system_logout.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system_logout.png Binary files differnew file mode 100644 index 0000000..9bbb6c7 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_system_logout.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_trapped.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_trapped.gif Binary files differnew file mode 100644 index 0000000..ffeb2cd --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_trapped.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_wzd_nsaved.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_wzd_nsaved.png Binary files differnew file mode 100644 index 0000000..21cb27d --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_wzd_nsaved.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_wzd_saved.png b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_wzd_saved.png Binary files differnew file mode 100644 index 0000000..ab82946 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_wzd_saved.png diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/in.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/in.gif Binary files differnew file mode 100644 index 0000000..f1da771 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/in.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/in_d.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/in_d.gif Binary files differnew file mode 100644 index 0000000..18e26be --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/in_d.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/out.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/out.gif Binary files differnew file mode 100644 index 0000000..1a1d1d5 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/out.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/out_d.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/out_d.gif Binary files differnew file mode 100644 index 0000000..879f1da --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/out_d.gif diff --git a/usr/local/www/themes/pfsense/images/icons/favicon.ico b/usr/local/www/themes/pfsense/images/icons/favicon.ico Binary files differnew file mode 100644 index 0000000..3440bf2 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/favicon.ico diff --git a/usr/local/www/themes/pfsense/images/icons/icon_alias_host.gif b/usr/local/www/themes/pfsense/images/icons/icon_alias_host.gif Binary files differnew file mode 100644 index 0000000..ad43e17 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_alias_host.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_alias_net.gif b/usr/local/www/themes/pfsense/images/icons/icon_alias_net.gif Binary files differnew file mode 100644 index 0000000..abd1b8b --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_alias_net.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_alias_port.gif b/usr/local/www/themes/pfsense/images/icons/icon_alias_port.gif Binary files differnew file mode 100644 index 0000000..4acf2aa --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_alias_port.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_alias_url.gif b/usr/local/www/themes/pfsense/images/icons/icon_alias_url.gif Binary files differnew file mode 100644 index 0000000..660571e --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_alias_url.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_alias_url_reload.gif b/usr/local/www/themes/pfsense/images/icons/icon_alias_url_reload.gif Binary files differnew file mode 100644 index 0000000..55c1c4a --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_alias_url_reload.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_chain.png b/usr/local/www/themes/pfsense/images/icons/icon_chain.png Binary files differnew file mode 100644 index 0000000..12db07a --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_chain.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_flag_de.png b/usr/local/www/themes/pfsense/images/icons/icon_flag_de.png Binary files differnew file mode 100644 index 0000000..069cbbe --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_flag_de.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_flag_en.png b/usr/local/www/themes/pfsense/images/icons/icon_flag_en.png Binary files differnew file mode 100644 index 0000000..bd7f9a5 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_flag_en.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_flag_es.png b/usr/local/www/themes/pfsense/images/icons/icon_flag_es.png Binary files differnew file mode 100644 index 0000000..434776c --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_flag_es.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_flag_pt_BR.png b/usr/local/www/themes/pfsense/images/icons/icon_flag_pt_BR.png Binary files differnew file mode 100644 index 0000000..f786349 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_flag_pt_BR.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_cert.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_cert.png Binary files differnew file mode 100644 index 0000000..48a34b6 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_cert.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_file.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_file.png Binary files differnew file mode 100644 index 0000000..48a9ed2 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_file.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_group.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_group.png Binary files differnew file mode 100644 index 0000000..7d929c0 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_group.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_host.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_host.png Binary files differnew file mode 100644 index 0000000..867ef2c --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_host.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_imp.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_imp.png Binary files differnew file mode 100644 index 0000000..f667cfc --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_imp.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_mail.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_mail.png Binary files differnew file mode 100644 index 0000000..d2d4548 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_mail.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_pwd.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_pwd.png Binary files differnew file mode 100644 index 0000000..06b53a1 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_pwd.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_search.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_search.png Binary files differnew file mode 100644 index 0000000..33de926 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_search.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_time.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_time.png Binary files differnew file mode 100644 index 0000000..aa8300a --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_time.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_unknown.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_unknown.png Binary files differnew file mode 100644 index 0000000..1857d0e --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_unknown.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_url.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_url.png Binary files differnew file mode 100644 index 0000000..cf56792 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_url.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_frmfld_user.png b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_user.png Binary files differnew file mode 100644 index 0000000..e00eebe --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_frmfld_user.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_ifalias.gif b/usr/local/www/themes/pfsense/images/icons/icon_ifalias.gif Binary files differnew file mode 100644 index 0000000..0c569a7 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_ifalias.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_ifalias_d.gif b/usr/local/www/themes/pfsense/images/icons/icon_ifalias_d.gif Binary files differnew file mode 100644 index 0000000..faa84d4 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_ifalias_d.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_plus_bl.gif b/usr/local/www/themes/pfsense/images/icons/icon_plus_bl.gif Binary files differnew file mode 100644 index 0000000..8dcd7c0 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_plus_bl.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_plus_bl_p.gif b/usr/local/www/themes/pfsense/images/icons/icon_plus_bl_p.gif Binary files differnew file mode 100644 index 0000000..0c79849 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_plus_bl_p.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_plus_p.gif b/usr/local/www/themes/pfsense/images/icons/icon_plus_p.gif Binary files differnew file mode 100644 index 0000000..eb41284 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_plus_p.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_system-group-grey.png b/usr/local/www/themes/pfsense/images/icons/icon_system-group-grey.png Binary files differnew file mode 100644 index 0000000..d7b964d --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_system-group-grey.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_system-group.png b/usr/local/www/themes/pfsense/images/icons/icon_system-group.png Binary files differnew file mode 100644 index 0000000..1c974f2 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_system-group.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_system-user-grey.png b/usr/local/www/themes/pfsense/images/icons/icon_system-user-grey.png Binary files differnew file mode 100644 index 0000000..2f6047d --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_system-user-grey.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_system-user.png b/usr/local/www/themes/pfsense/images/icons/icon_system-user.png Binary files differnew file mode 100644 index 0000000..ef82156 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_system-user.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_system_lock_screen.png b/usr/local/www/themes/pfsense/images/icons/icon_system_lock_screen.png Binary files differnew file mode 100644 index 0000000..30f306d --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_system_lock_screen.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_system_logout.png b/usr/local/www/themes/pfsense/images/icons/icon_system_logout.png Binary files differnew file mode 100644 index 0000000..9bbb6c7 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_system_logout.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_trapped.gif b/usr/local/www/themes/pfsense/images/icons/icon_trapped.gif Binary files differnew file mode 100644 index 0000000..ffeb2cd --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_trapped.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_wzd_nsaved.png b/usr/local/www/themes/pfsense/images/icons/icon_wzd_nsaved.png Binary files differnew file mode 100644 index 0000000..21cb27d --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_wzd_nsaved.png diff --git a/usr/local/www/themes/pfsense/images/icons/icon_wzd_saved.png b/usr/local/www/themes/pfsense/images/icons/icon_wzd_saved.png Binary files differnew file mode 100644 index 0000000..ab82946 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_wzd_saved.png diff --git a/usr/local/www/themes/pfsense/images/icons/in.gif b/usr/local/www/themes/pfsense/images/icons/in.gif Binary files differnew file mode 100644 index 0000000..f1da771 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/in.gif diff --git a/usr/local/www/themes/pfsense/images/icons/in_d.gif b/usr/local/www/themes/pfsense/images/icons/in_d.gif Binary files differnew file mode 100644 index 0000000..18e26be --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/in_d.gif diff --git a/usr/local/www/themes/pfsense/images/icons/out.gif b/usr/local/www/themes/pfsense/images/icons/out.gif Binary files differnew file mode 100644 index 0000000..1a1d1d5 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/out.gif diff --git a/usr/local/www/themes/pfsense/images/icons/out_d.gif b/usr/local/www/themes/pfsense/images/icons/out_d.gif Binary files differnew file mode 100644 index 0000000..879f1da --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/out_d.gif diff --git a/usr/local/www/themes/the_wall/images/icons/icon_chain.png b/usr/local/www/themes/the_wall/images/icons/icon_chain.png Binary files differnew file mode 100644 index 0000000..12db07a --- /dev/null +++ b/usr/local/www/themes/the_wall/images/icons/icon_chain.png diff --git a/usr/local/www/vpn_ipsec_phase1.php b/usr/local/www/vpn_ipsec_phase1.php index b4890ad..8ec2504 100644 --- a/usr/local/www/vpn_ipsec_phase1.php +++ b/usr/local/www/vpn_ipsec_phase1.php @@ -139,6 +139,11 @@ if ($_POST) { /* input validation */ $method = $pconfig['authentication_method']; + // Unset ca and cert if not required to avaoid storing in config + if ($method == "pre_shared_key" || method == "xauth_psk_server"){ + unset($pconfig['caref']); + unset($pconfig['certref']); + } // Only require PSK here for normal PSK tunnels (not mobile) or xauth. // For RSA methods, require the CA/Cert. |
