diff options
| author | Seth Mos <seth.mos@dds.nl> | 2011-05-04 10:58:40 +0200 |
|---|---|---|
| committer | Seth Mos <seth.mos@dds.nl> | 2011-05-04 10:58:40 +0200 |
| commit | 2fb056d81ae0a45bea2c759b8ce3079441cd4eef (patch) | |
| tree | a251908b44e17ecff156615402aa22b115233009 | |
| parent | ab1047d46dce9538154b38f1eab3b753634327f1 (diff) | |
| download | pfsense-2fb056d81ae0a45bea2c759b8ce3079441cd4eef.zip pfsense-2fb056d81ae0a45bea2c759b8ce3079441cd4eef.tar.gz | |
More DHCPv6 server fixes, split the function out into seperate v4 and v6. Make the router advertisement stand alone on the dhcp server page.
| -rw-r--r-- | etc/inc/services.inc | 374 | ||||
| -rw-r--r-- | usr/local/www/services_dhcpv6.php | 158 | ||||
| -rw-r--r-- | usr/local/www/services_dhcpv6_edit.php | 40 |
3 files changed, 276 insertions, 296 deletions
diff --git a/etc/inc/services.inc b/etc/inc/services.inc index 6b3ca80..c8402a8 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -48,17 +48,10 @@ function services_rtadvd_configure() { echo "services_rtadvd_configure() being called $mt\n"; } - if($g['services_dhcp_server_enable'] == false) - return; - if(is_process_running("rtadvd")) { mwexec("killall -9 rtadvd", true); } - /* DHCP enabled on any interfaces? */ - if (!is_dhcp_server_enabled()) - return 0; - if (!is_array($config['dhcpdv6'])) $config['dhcpdv6'] = array(); @@ -92,7 +85,11 @@ EOD; /* Currently for DHCP interfaces only, openvpn? */ $rtadvdnum = 0; foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) { + if($dhcpv6ifconf['mode'] == "disabled") + continue; + $rtadvdnum++; + /* It appears we can not advertise the gateway IP (carp) * rtadvd[44205]: <sock_open> IPV6_JOIN_GROUP(link) on vip1: Can't assign requested address if($dhcpv6ifconf['gateway'] <> "") { @@ -139,18 +136,48 @@ EOD; function services_dhcpd_configure() { global $config, $g; + + /* configure DHCPD chroot once */ + $fd = fopen("{$g['tmp_path']}/dhcpd.sh","w"); + $status = `mount | grep "{$g['dhcpd_chroot_path']}/dev"`; + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n"); + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n"); + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n"); + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n"); + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n"); + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/run\n"); + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n"); + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n"); + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n"); + fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n"); + fwrite($fd, "cp /lib/libc.so.* {$g['dhcpd_chroot_path']}/lib/\n"); + fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n"); + fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n"); + if(!trim($status)) + fwrite($fd, "mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n"); + fclose($fd); + mwexec("/bin/sh {$g['tmp_path']}/dhcpd.sh"); + + services_dhcpdv4_configure(); + services_dhcpdv6_configure(); + services_rtadvd_configure(); + return; + +} +function services_dhcpdv4_configure() { + global $config, $g; if($g['services_dhcp_server_enable'] == false) return; if(isset($config['system']['developerspew'])) { $mt = microtime(); - echo "services_dhcpd_configure($if) being called $mt\n"; + echo "services_dhcpdv4_configure($if) being called $mt\n"; } /* kill any running dhcpd */ if(is_process_running("dhcpd")) { - mwexec("killall dhcpd", true); + killbypid("{$g['dhcpd_chroot_path']}{$g['varrun_path']}/dhcpd.pid/dhcpd.pid"); } /* DHCP enabled on any interfaces? */ @@ -163,27 +190,6 @@ function services_dhcpd_configure() { if($olsrd['enable']) $is_olsr_enabled = true; - /* configure DHCPD chroot */ - $fd = fopen("{$g['tmp_path']}/dhcpd.sh","w"); - $status = `mount | grep "{$g['dhcpd_chroot_path']}/dev"`; - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/run\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n"); - fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n"); - fwrite($fd, "cp /lib/libc.so.* {$g['dhcpd_chroot_path']}/lib/\n"); - fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n"); - fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n"); - if(!trim($status)) - fwrite($fd, "mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n"); - fclose($fd); - mwexec("/bin/sh {$g['tmp_path']}/dhcpd.sh"); - if ($g['booting']) { if ($g['platform'] != "pfSense") { /* restore the leases, if we have them */ @@ -196,25 +202,13 @@ function services_dhcpd_configure() { log_error("DHCP leases restore failed exited with $dhcpreturn, the error is: $dhcprestore\n"); } } - if (file_exists("{$g['cf_conf_path']}/dhcp6leases.tgz")) { - $dhcprestore = ""; - $dhcpreturn = ""; - exec("cd /;LANG=C /usr/bin/tar -xzf {$g['cf_conf_path']}/dhcp6leases.tgz 2>&1", $dhcprestore, $dhcpreturn); - $dhcprestore = implode(" ", $dhcprestore); - if($dhcpreturn <> 0) { - log_error("DHCP leases v6 restore failed exited with $dhcpreturn, the error is: $dhcprestore\n"); - } - } } } $syscfg = $config['system']; if (!is_array($config['dhcpd'])) $config['dhcpd'] = array(); - if (!is_array($config['dhcpdv6'])) - $config['dhcpdv6'] = array(); $dhcpdcfg = $config['dhcpd']; - $dhcpdv6cfg = $config['dhcpdv6']; $Iflist = get_configured_interface_list(); if ($g['booting']) @@ -224,9 +218,8 @@ function services_dhcpd_configure() { /* write dhcpd.conf */ $fd = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", "w"); - $fdv6 = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpdv6.conf", "w"); - if ((!$fd) || (! $fdv6)) { - printf("Error: cannot open dhcpd.conf or dhcpdv6.conf in services_dhcpd_configure().\n"); + if (!$fd) { + printf("Error: cannot open dhcpd.conf in services_dhcpdv4_configure().\n"); return 1; } @@ -242,14 +235,6 @@ function services_dhcpd_configure() { } } } - $custoptionsv6 = ""; - foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) { - if(is_array($dhcpv6ifconf['numberoptions']) && is_array($dhcpv6ifconf['numberoptions']['item'])) { - foreach($dhcpv6ifconf['numberoptions']['item'] as $itemv6idx => $itemv6) { - $custoptionsv6 .= "option custom-{$dhcpv6if}-{$itemv6idx} code {$itemv6['number']} = text;\n"; - } - } - } $dhcpdconf = <<<EOD @@ -267,34 +252,13 @@ ping-check true; EOD; - $dhcpdv6conf = <<<EOD - -option domain-name "{$syscfg['domain']}"; -option ldap-server code 95 = text; -option domain-search-list code 119 = text; -{$custoptions} -default-lease-time 7200; -max-lease-time 86400; -log-facility local7; -ddns-update-style none; -one-lease-per-client true; -deny duplicates; -ping-check true; - -EOD; - if(!isset($dhcpifconf['disableauthoritative'])) $dhcpdconf .= "authoritative;\n"; - if(!isset($dhcpv6ifconf['disableauthoritative'])) - $dhcpdv6conf .= "authoritative;\n"; if(isset($dhcpifconf['alwaysbroadcast'])) $dhcpdconf .= "always-broadcast on\n"; - if(isset($dhcpv6ifconf['alwaysbroadcast'])) - $dhcpdv6conf .= "always-broadcast on\n"; $dhcpdifs = array(); - $dhcpdv6ifs = array(); /* loop through and determine if we need to setup * failover peer "bleh" entries @@ -357,64 +321,6 @@ EOPP; $dhcpnum++; } } - $dhcpv6num = 0; - foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) { - - interfaces_staticarp_configure($dhcpv6if); - - if (!isset($dhcpv6ifconf['enable'])) - continue; - - if($dhcpv6ifconf['failover_peerip'] <> "") { - $intv6 = guess_interface_from_ip($dhcpv6ifconf['failover_peerip']); - $intipv6 = find_interface_ipv6($intv6); - $real_dhcpv6if = convert_friendly_interface_to_real_interface_name($dhcpv6if); - /* - * yep, failover peer is defined. - * does it match up to a defined vip? - */ - $skew = 110; - $a_vip = &$config['virtualip']['vip']; - if(is_array($a_vip)) { - foreach ($a_vip as $vipent) { - if($intv6 == $real_dhcpv6if) { - /* this is the interface! */ - if(is_numeric($vipent['advskew']) && ($vipent['advskew'] < "20")) - $skew = 0; - } - } - } else { - log_error("Warning! DHCPv6 Failover setup and no CARP virtual IPv6's defined!"); - } - if($skew > 10) { - $typev6 = "secondary"; - $dhcpdv6conf_pri = "mclt 600;\n"; - $my_portv6 = "520"; - $peer_portv6 = "519"; - } else { - $my_portv6 = "519"; - $peer_portv6 = "520"; - $typev6 = "primary"; - $dhcpdv6conf_pri = "split 128;\n"; - $dhcpdv6conf_pri .= " mclt 600;\n"; - } - $dhcpdv6conf .= <<<EOPP -failover peer "dhcpv6{$dhcpv6num}" { - {$typev6}; - address {$intipv6}; - port {$my_portv6}; - peer address {$dhcpv6ifconf['failover_peerip']}; - peer port {$peer_portv6}; - max-response-delay 10; - max-unacked-updates 10; - {$dhcpdv6conf_pri} - load balance max seconds 3; -} - -EOPP; - $dhcpv6num++; - } - } $dhcpnum = 0; @@ -577,6 +483,180 @@ EOD; $dhcpdifs[] = get_real_interface($dhcpif); } + fwrite($fd, $dhcpdconf); + fclose($fd); + + /* create an empty leases database */ + touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases"); + + + /* fire up dhcpd in a chroot */ + if(count($dhcpdifs) > 0) { + mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpd.conf -pf {$g['varrun_path']}/dhcpd.pid " . + join(" ", $dhcpdifs)); + } + + if ($g['booting']) { + print "done.\n"; + } + + return 0; +} + +function services_dhcpdv6_configure() { + global $config, $g; + + if($g['services_dhcp_server_enable'] == false) + return; + + if(isset($config['system']['developerspew'])) { + $mt = microtime(); + echo "services_dhcpd_configure($if) being called $mt\n"; + } + + /* kill any running dhcpd */ + if(is_process_running("dhcpd")) { + killbypid("{$g['dhcpd_chroot_path']}{$g['varrun_path']}/dhcpdv6.pid"); + } + + /* DHCP enabled on any interfaces? */ + if (!is_dhcp_server_enabled()) + return 0; + + /* if OLSRD is enabled, allow WAN to house DHCP. */ + if($config['installedpackages']['olsrd']) + foreach($config['installedpackages']['olsrd']['config'] as $olsrd) + if($olsrd['enable']) + $is_olsr_enabled = true; + + if ($g['booting']) { + if ($g['platform'] != "pfSense") { + /* restore the leases, if we have them */ + if (file_exists("{$g['cf_conf_path']}/dhcp6leases.tgz")) { + $dhcprestore = ""; + $dhcpreturn = ""; + exec("cd /;LANG=C /usr/bin/tar -xzf {$g['cf_conf_path']}/dhcp6leases.tgz 2>&1", $dhcprestore, $dhcpreturn); + $dhcprestore = implode(" ", $dhcprestore); + if($dhcpreturn <> 0) { + log_error("DHCP leases v6 restore failed exited with $dhcpreturn, the error is: $dhcprestore\n"); + } + } + } + } + + $syscfg = $config['system']; + if (!is_array($config['dhcpdv6'])) + $config['dhcpdv6'] = array(); + $dhcpdv6cfg = $config['dhcpdv6']; + $Iflist = get_configured_interface_list(); + + if ($g['booting']) + echo "Starting DHCPv6 service..."; + else + sleep(1); + + /* write dhcpdv6.conf */ + $fdv6 = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpdv6.conf", "w"); + if (! $fdv6) { + printf("Error: cannot open dhcpdv6.conf in services_dhcpdv6_configure().\n"); + return 1; + } + + $custoptionsv6 = ""; + foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) { + if(is_array($dhcpv6ifconf['numberoptions']) && is_array($dhcpv6ifconf['numberoptions']['item'])) { + foreach($dhcpv6ifconf['numberoptions']['item'] as $itemv6idx => $itemv6) { + $custoptionsv6 .= "option custom-{$dhcpv6if}-{$itemv6idx} code {$itemv6['number']} = text;\n"; + } + } + } + + $dhcpdv6conf = <<<EOD + +option domain-name "{$syscfg['domain']}"; +option ldap-server code 95 = text; +option domain-search-list code 119 = text; +{$custoptions} +default-lease-time 7200; +max-lease-time 86400; +log-facility local7; +ddns-update-style none; +one-lease-per-client true; +deny duplicates; +ping-check true; + +EOD; + + if(!isset($dhcpv6ifconf['disableauthoritative'])) + $dhcpdv6conf .= "authoritative;\n"; + + if(isset($dhcpv6ifconf['alwaysbroadcast'])) + $dhcpdv6conf .= "always-broadcast on\n"; + + $dhcpdv6ifs = array(); + + /* loop through and determine if we need to setup + * failover peer "bleh" entries + */ + $dhcpv6num = 0; + foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) { + + interfaces_staticarp_configure($dhcpv6if); + + if (!isset($dhcpv6ifconf['enable'])) + continue; + + if($dhcpv6ifconf['failover_peerip'] <> "") { + $intv6 = guess_interface_from_ip($dhcpv6ifconf['failover_peerip']); + $intipv6 = find_interface_ipv6($intv6); + $real_dhcpv6if = convert_friendly_interface_to_real_interface_name($dhcpv6if); + /* + * yep, failover peer is defined. + * does it match up to a defined vip? + */ + $skew = 110; + $a_vip = &$config['virtualip']['vip']; + if(is_array($a_vip)) { + foreach ($a_vip as $vipent) { + if($intv6 == $real_dhcpv6if) { + /* this is the interface! */ + if(is_numeric($vipent['advskew']) && ($vipent['advskew'] < "20")) + $skew = 0; + } + } + } else { + log_error("Warning! DHCPv6 Failover setup and no CARP virtual IPv6's defined!"); + } + if($skew > 10) { + $typev6 = "secondary"; + $dhcpdv6conf_pri = "mclt 600;\n"; + $my_portv6 = "520"; + $peer_portv6 = "519"; + } else { + $my_portv6 = "519"; + $peer_portv6 = "520"; + $typev6 = "primary"; + $dhcpdv6conf_pri = "split 128;\n"; + $dhcpdv6conf_pri .= " mclt 600;\n"; + } + $dhcpdv6conf .= <<<EOPP +failover peer "dhcpv6{$dhcpv6num}" { + {$typev6}; + address {$intipv6}; + port {$my_portv6}; + peer address {$dhcpv6ifconf['failover_peerip']}; + peer port {$peer_portv6}; + max-response-delay 10; + max-unacked-updates 10; + {$dhcpdv6conf_pri} + load balance max seconds 3; +} + +EOPP; + $dhcpv6num++; + } + } + $dhcpv6num = 0; foreach ($dhcpdv6cfg as $dhcpv6if => $dhcpv6ifconf) { @@ -702,20 +782,18 @@ EOD; EOD; /* add static mappings */ - /* Does not work for IPv6 - /* You can not use a hardware parameter for DHCPv6 hosts - /* Needs to be figured out + /* Needs to use DUID */ if (is_array($dhcpv6ifconf['staticmap'])) { $i = 0; foreach ($dhcpv6ifconf['staticmap'] as $sm) { $dhcpdv6conf .= <<<EOD host s_{$dhcpv6if}_{$i} { - hardware ethernet {$sm['mac']}; + host-identifier option dhcp6.client-id {$sm['duid']}; EOD; - if ($sm['ipaddr']) - $dhcpdv6conf .= " fixed-address6 {$sm['ipaddr']};\n"; + if ($sm['ipaddrv6']) + $dhcpdv6conf .= " fixed-address6 {$sm['ipaddrv6']};\n"; if ($sm['hostname']) { $dhhostname = str_replace(" ", "_", $sm['hostname']); @@ -729,7 +807,6 @@ EOD; $i++; } } - */ if($config['dhcpdv6'][$dhcpv6if]['mode'] <> "unmanaged") { $realif = escapeshellcmd(get_real_interface($dhcpv6if)); @@ -743,34 +820,19 @@ EOD; } } - fwrite($fd, $dhcpdconf); - fclose($fd); fwrite($fdv6, $dhcpdv6conf); fclose($fdv6); - - /* create an empty leases database */ - touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases"); - touch("{$g['varrun_path']}/dhcpd.pid"); /* create an empty leases v6 database */ touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases"); - touch("{$g['varrun_path']}/dhcpdv6.pid"); + print_r(dhcpdv6ifs); /* fire up dhcpd in a chroot */ - if(count($dhcpdifs) > 0) { - mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpd.conf " . - join(" ", $dhcpdifs)); - } - if(count($dhcpdv6ifs) > 0) { - mwexec("/usr/local/sbin/dhcpd -6 -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpdv6.conf " . + mwexec("/usr/local/sbin/dhcpd -6 -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpdv6.conf -pf {$g['varrun_path']}/dhcpdv6.pid " . join(" ", $dhcpdv6ifs)); - mwexec("/usr/sbin/rtadvd " . join(" ", $dhcpdv6ifs)); } - /* start ipv6 route advertising if required */ - services_rtadvd_configure(); - if ($g['booting']) { print "done.\n"; } diff --git a/usr/local/www/services_dhcpv6.php b/usr/local/www/services_dhcpv6.php index ee03adb..d05839d 100644 --- a/usr/local/www/services_dhcpv6.php +++ b/usr/local/www/services_dhcpv6.php @@ -56,52 +56,6 @@ if(!$g['services_dhcp_server_enable']) { */ ini_set("memory_limit","64M"); -/* This function will remove entries from dhcpd.leases that would otherwise - * overlap with static DHCP reservations. If we don't clean these out, - * then DHCP will print a warning in the logs about a duplicate lease - */ -function dhcp_clean_leases() { - global $g, $config; - $leasesfile = "{$g['dhcpd_chroot_path']}/var/db/dhcpdv6.leases"; - if (!file_exists($leasesfile)) - return; - /* Build list of static MACs */ - $staticmacs = array(); - foreach($config['interfaces'] as $ifname => $ifarr) - if (is_array($config['dhcpdv6'][$ifname]['staticmap'])) - foreach($config['dhcpdv6'][$ifname]['staticmap'] as $static) - $staticmacs[] = $static['mac']; - /* Read existing leases */ - $leases_contents = explode("\n", file_get_contents($leasesfile)); - $newleases_contents = array(); - $i=0; - while ($i < count($leases_contents)) { - /* Find a lease definition */ - if (substr($leases_contents[$i], 0, 6) == "lease ") { - $templease = array(); - $thismac = ""; - /* Read to the end of the lease declaration */ - do { - if (substr($leases_contents[$i], 0, 20) == " hardware ethernet ") - $thismac = substr($leases_contents[$i], 20, 17); - $templease[] = $leases_contents[$i]; - $i++; - } while ($leases_contents[$i-1] != "}"); - /* Check for a matching MAC address and if not present, keep it. */ - if (! in_array($thismac, $staticmacs)) - $newleases_contents = array_merge($newleases_contents, $templease); - } else { - /* It's a line we want to keep, copy it over. */ - $newleases_contents[] = $leases_contents[$i]; - $i++; - } - } - /* Write out the new leases file */ - $fd = fopen($leasesfile, 'w'); - fwrite($fd, implode("\n", $newleases_contents)); - fclose($fd); -} - $if = $_GET['if']; if ($_POST['if']) $if = $_POST['if']; @@ -148,7 +102,6 @@ if (is_array($config['dhcpdv6'][$if])){ list($pconfig['dns1'],$pconfig['dns2']) = $config['dhcpdv6'][$if]['dnsserver']; $pconfig['enable'] = isset($config['dhcpdv6'][$if]['enable']); $pconfig['denyunknown'] = isset($config['dhcpdv6'][$if]['denyunknown']); - $pconfig['staticarp'] = isset($config['dhcpdv6'][$if]['staticarp']); $pconfig['ddnsdomain'] = $config['dhcpdv6'][$if]['ddnsdomain']; $pconfig['ddnsupdate'] = isset($config['dhcpdv6'][$if]['ddnsupdate']); list($pconfig['ntp1'],$pconfig['ntp2']) = $config['dhcpdv6'][$if]['ntpserver']; @@ -193,7 +146,7 @@ function is_inrange($test, $start, $end) { return false; } -$modes = array("unmanaged" => "Unmanaged", "managed" => "Managed", "assist" => "Assisted"); +$advertise_modes = array("disabled" => "Disabled", "unmanaged" => "Unmanaged", "managed" => "Managed", "assist" => "Assisted"); if ($_POST) { @@ -263,9 +216,6 @@ if ($_POST) { foreach ($a_maps as $map) if (empty($map['ipaddrv6'])) $noip = true; - if ($_POST['staticarp'] && $noip) - $input_errors[] = "Cannot enable static ARP when you have static map entries without IP addresses. Ensure all static maps have IPv6 addresses and try again."; - if (!$input_errors) { /* make sure the range lies within the current subnet */ /* FIXME change for ipv6 subnet */ @@ -334,7 +284,6 @@ if ($_POST) { $config['dhcpdv6'][$if]['domainsearchlist'] = $_POST['domainsearchlist']; $config['dhcpdv6'][$if]['denyunknown'] = ($_POST['denyunknown']) ? true : false; $config['dhcpdv6'][$if]['enable'] = ($_POST['enable']) ? true : false; - $config['dhcpdv6'][$if]['staticarp'] = ($_POST['staticarp']) ? true : false; $config['dhcpdv6'][$if]['ddnsdomain'] = $_POST['ddnsdomain']; $config['dhcpdv6'][$if]['ddnsupdate'] = ($_POST['ddnsupdate']) ? true : false; @@ -363,8 +312,8 @@ if ($_POST) { $retvaldhcp = 0; $retvaldns = 0; /* Stop DHCPv6 so we can cleanup leases */ - killbyname("dhcpdv6"); - dhcp_clean_leases(); + killbyname("dhcpd -6"); + // dhcp_clean_leases(); /* dnsmasq_configure calls dhcpd_configure */ /* no need to restart dhcpd twice */ if (isset($config['dnsmasq']['regdhcpstatic'])) { @@ -399,7 +348,7 @@ if ($_GET['act'] == "del") { } $pgtitle = array(gettext("Services"),gettext("DHCPv6 server")); -$statusurl = "status_dhcp_leases.php"; +$statusurl = "status_dhcpv6_leases.php"; $logurl = "diag_logs_dhcp.php"; include("head.inc"); @@ -419,30 +368,30 @@ include("head.inc"); </script> <script type="text/javascript" language="JavaScript"> - function enable_change(disableFields) { - var disableFields = (document.iform.mode.value=='unmanaged' || !document.iform.enable.checked); - document.iform.range_from.disabled = disableFields; - document.iform.range_to.disabled = disableFields; - document.iform.dns1.disabled = disableFields; - document.iform.dns2.disabled = disableFields; - document.iform.deftime.disabled = disableFields; - document.iform.maxtime.disabled = disableFields; - document.iform.gateway.disabled = disableFields; - document.iform.failover_peerip.disabled = disableFields; - document.iform.domain.disabled = disableFields; - document.iform.domainsearchlist.disabled = disableFields; - document.iform.staticarp.disabled = disableFields; - document.iform.ddnsdomain.disabled = disableFields; - document.iform.ddnsupdate.disabled = disableFields; - document.iform.ntp1.disabled = disableFields; - document.iform.ntp2.disabled = disableFields; - document.iform.tftp.disabled = disableFields; - document.iform.ldap.disabled = disableFields; - document.iform.netboot.disabled = disableFields; - document.iform.nextserver.disabled = disableFields; - document.iform.filename.disabled = disableFields; - document.iform.rootpath.disabled = disableFields; - document.iform.denyunknown.disabled = disableFields; + function enable_change(enable_over) { + var endis; + endis = !(document.iform.enable.checked || enable_over); + document.iform.range_from.disabled = endis; + document.iform.range_to.disabled = endis; + document.iform.dns1.disabled = endis; + document.iform.dns2.disabled = endis; + document.iform.deftime.disabled = endis; + document.iform.maxtime.disabled = endis; + document.iform.gateway.disabled = endis; + document.iform.failover_peerip.disabled = endis; + document.iform.domain.disabled = endis; + document.iform.domainsearchlist.disabled = endis; + document.iform.ddnsdomain.disabled = endis; + document.iform.ddnsupdate.disabled = endis; + document.iform.ntp1.disabled = endis; + document.iform.ntp2.disabled = endis; + document.iform.tftp.disabled = endis; + document.iform.ldap.disabled = endis; + document.iform.netboot.disabled = endis; + document.iform.nextserver.disabled = endis; + document.iform.filename.disabled = endis; + document.iform.rootpath.disabled = endis; + document.iform.denyunknown.disabled = endis; } function show_shownumbervalue() { @@ -533,18 +482,10 @@ include("head.inc"); <div id="mainarea"> <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td width="22%" valign="top" class="vtable"> </td> - <td width="78%" class="vtable"> - <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change();"> - <strong><?php printf(gettext("Enable DHCPv6 server on " . - "%s " . - "interface"),htmlspecialchars($iflist[$if]));?></strong></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Operating Mode");?></td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Router Advertisements");?></td> <td width="78%" class="vtable"> - <select name="mode" id="mode" onchange="enable_change();"> - <?php foreach($modes as $name => $value) { ?> + <select name="mode" id="mode"> + <?php foreach($advertise_modes as $name => $value) { ?> <option value="<?=$name ?>" <?php if ($pconfig['mode'] == $name) echo "selected"; ?> > <?=$value ?></option> <?php } ?> </select><br /> @@ -553,6 +494,14 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vtable"> </td> <td width="78%" class="vtable"> + <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false);"> + <strong><?php printf(gettext("Enable DHCPv6 server on " . + "%s " . + "interface"),htmlspecialchars($iflist[$if]));?></strong></td> + </tr> + <tr> + <td width="22%" valign="top" class="vtable"> </td> + <td width="78%" class="vtable"> <input name="denyunknown" id="denyunknown" type="checkbox" value="yes" <?php if ($pconfig['denyunknown']) echo "checked"; ?>> <strong><?=gettext("Deny unknown clients");?></strong><br> <?=gettext("If this is checked, only the clients defined below will get DHCP leases from this server. ");?></td> @@ -668,25 +617,6 @@ include("head.inc"); </td> </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Static ARP");?></td> - <td width="78%" class="vtable"> - <table> - <tr> - <td> - <input valign="middle" type="checkbox" value="yes" name="staticarp" id="staticarp" <?php if($pconfig['staticarp']) echo " checked"; ?>> - </td> - <td><b><?=gettext("Enable Static ARP entries");?></b></td> - </tr> - <tr> - <td> </td> - <td> - <span class="red"><strong><?=gettext("Note:");?></strong></span> <?=gettext("Only the machines listed below will be able to communicate with the firewall on this NIC.");?> - </td> - </tr> - </table> - </td> - </tr> - <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Dynamic DNS");?></td> <td width="78%" class="vtable"> <div id="showddnsbox"> @@ -823,7 +753,7 @@ include("head.inc"); <td width="22%" valign="top"> </td> <td width="78%"> <input name="if" type="hidden" value="<?=$if;?>"> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" onclick="enable_change()"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" onclick="enable_change(true)"> </td> </tr> <tr> @@ -842,8 +772,8 @@ include("head.inc"); </table> <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="25%" class="listhdrr"><?=gettext("MAC address");?></td> - <td width="15%" class="listhdrr"><?=gettext("IP address");?></td> + <td width="25%" class="listhdrr"><?=gettext("DUID");?></td> + <td width="15%" class="listhdrr"><?=gettext("IPv6 address");?></td> <td width="20%" class="listhdrr"><?=gettext("Hostname");?></td> <td width="30%" class="listhdr"><?=gettext("Description");?></td> <td width="10%" class="list"> @@ -857,10 +787,10 @@ include("head.inc"); </tr> <?php if(is_array($a_maps)): ?> <?php $i = 0; foreach ($a_maps as $mapent): ?> - <?php if($mapent['mac'] <> "" or $mapent['ipaddr'] <> ""): ?> + <?php if($mapent['duid'] <> "" or $mapent['ipaddrv6'] <> ""): ?> <tr> <td class="listlr" ondblclick="document.location='services_dhcpv6_edit.php?if=<?=$if;?>&id=<?=$i;?>';"> - <?=htmlspecialchars($mapent['mac']);?> + <?=htmlspecialchars($mapent['duid']);?> </td> <td class="listr" ondblclick="document.location='services_dhcpv6_edit.php?if=<?=$if;?>&id=<?=$i;?>';"> <?=htmlspecialchars($mapent['ipaddrv6']);?> diff --git a/usr/local/www/services_dhcpv6_edit.php b/usr/local/www/services_dhcpv6_edit.php index 5ff0dcf..a321fae 100644 --- a/usr/local/www/services_dhcpv6_edit.php +++ b/usr/local/www/services_dhcpv6_edit.php @@ -73,7 +73,6 @@ if (!is_array($config['dhcpdv6'][$if]['staticmap'])) { $config['dhcpdv6'][$if]['staticmap'] = array(); } -$static_arp_enabled=isset($config['dhcpdv6'][$if]['staticarp']); $netboot_enabled=isset($config['dhcpdv6'][$if]['netboot']); $a_maps = &$config['dhcpdv6'][$if]['staticmap']; $ifcfgipv6 = get_interface_ipv6($if); @@ -85,13 +84,13 @@ if (isset($_POST['id'])) $id = $_POST['id']; if (isset($id) && $a_maps[$id]) { - $pconfig['mac'] = $a_maps[$id]['mac']; + $pconfig['duid'] = $a_maps[$id]['duid']; $pconfig['hostname'] = $a_maps[$id]['hostname']; $pconfig['ipaddrv6'] = $a_maps[$id]['ipaddrv6']; $pconfig['netbootfile'] = $a_maps[$id]['netbootfile']; $pconfig['descr'] = $a_maps[$id]['descr']; } else { - $pconfig['mac'] = $_GET['mac']; + $pconfig['duid'] = $_GET['duid']; $pconfig['hostname'] = $_GET['hostname']; $pconfig['netbootfile'] = $_GET['netbootfile']; $pconfig['descr'] = $_GET['descr']; @@ -103,14 +102,11 @@ if ($_POST) { $pconfig = $_POST; /* input validation */ - $reqdfields = explode(" ", "mac"); - $reqdfieldsn = array(gettext("MAC address")); + $reqdfields = explode(" ", "duid"); + $reqdfieldsn = array(gettext("DUID Identifier")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - /* normalize MAC addresses - lowercase and convert Windows-ized hyphenated MACs to colon delimited */ - $_POST['mac'] = strtolower(str_replace("-", ":", $_POST['mac'])); - if ($_POST['hostname']) { preg_match("/^[0-9]/", $_POST['hostname'], $matches); if($matches) @@ -129,11 +125,8 @@ if ($_POST) { if (($_POST['ipaddrv6'] && !is_ipaddrv6($_POST['ipaddrv6']))) { $input_errors[] = gettext("A valid IPv6 address must be specified."); } - if (($_POST['mac'] && !is_macaddr($_POST['mac']))) { - $input_errors[] = gettext("A valid MAC address must be specified."); - } - if($static_arp_enabled && !$_POST['ipaddrv6']) { - $input_errors[] = gettext("Static ARP is enabled. You must specify an IPv6 address."); + if (($_POST['duid'])) { + $input_errors[] = gettext("A valid DUID Identifier must be specified."); } /* check for overlaps */ @@ -141,8 +134,8 @@ if ($_POST) { if (isset($id) && ($a_maps[$id]) && ($a_maps[$id] === $mapent)) continue; - if ((($mapent['hostname'] == $_POST['hostname']) && $mapent['hostname']) || ($mapent['mac'] == $_POST['mac'])) { - $input_errors[] = gettext("This Hostname, IP or MAC address already exists."); + if ((($mapent['hostname'] == $_POST['hostname']) && $mapent['hostname']) || ($mapent['duid'] == $_POST['duid'])) { + $input_errors[] = gettext("This Hostname, IP or DUID Identifier already exists."); break; } } @@ -154,7 +147,7 @@ if ($_POST) { if (!$input_errors) { $mapent = array(); - $mapent['mac'] = $_POST['mac']; + $mapent['duid'] = $_POST['duid']; $mapent['ipaddrv6'] = $_POST['ipaddrv6']; $mapent['hostname'] = $_POST['hostname']; $mapent['descr'] = $_POST['descr']; @@ -196,18 +189,13 @@ include("head.inc"); <td colspan="2" valign="top" class="listtopic"><?=gettext("Static DHCPv6 Mapping");?></td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("MAC address");?></td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("DUID Identifier");?></td> <td width="78%" class="vtable"> - <input name="mac" type="text" class="formfld unknown" id="mac" size="30" value="<?=htmlspecialchars($pconfig['mac']);?>"> - <?php - $ip = getenv('REMOTE_ADDR'); - $mac = `/usr/sbin/arp -an | grep {$ip} | cut -d" " -f4`; - $mac = str_replace("\n","",$mac); - ?> - <a OnClick="document.forms[0].mac.value='<?=$mac?>';" href="#"><?=gettext("Copy my MAC address");?></a> + <input name="duid" type="text" class="formfld unknown" id="duid" size="40" value="<?=htmlspecialchars($pconfig['duid']);?>"> <br> - <span class="vexpl"><?=gettext("Enter a MAC address in the following format: ". - "xx:xx:xx:xx:xx:xx");?></span></td> + <span class="vexpl"><?=gettext("Enter a DUID Identifier in the following format: ");?><br /> +"DUID-LLT - ETH -- TIME --- ---- address ----" <br /> +"xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx"</span></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("IPv6 address");?></td> |
