diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2005-03-14 01:40:24 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2005-03-14 01:40:24 +0000 |
| commit | 12ee8fe4a25d6fcda720a171c102f48d9bcceb5c (patch) | |
| tree | 8d234017170b1530eb0642281717d94be2bb70f0 | |
| parent | ec9202316f33fd6169756447e2c8230907ec68ab (diff) | |
| download | pfsense-12ee8fe4a25d6fcda720a171c102f48d9bcceb5c.zip pfsense-12ee8fe4a25d6fcda720a171c102f48d9bcceb5c.tar.gz | |
* Restore pfSense custom portal page
* Add back pre 1.2b6 headers in each file
| -rw-r--r-- | etc/inc/captiveportal.inc | 223 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal.php | 81 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal_ip.php | 31 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal_ip_edit.php | 51 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal_mac.php | 23 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal_mac_edit.php | 45 |
6 files changed, 265 insertions, 189 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index fd275e7..8f8294b 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -2,20 +2,20 @@ /* captiveportal.inc part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -33,34 +33,34 @@ added rules which may have been created by other per-user code (index.php, etc). These changes are (c) 2004 Keycom PLC. */ - + /* include all configuration functions */ require_once("functions.inc"); require_once("radius_accounting.inc") ; function captiveportal_configure() { global $config, $g; - + if (isset($config['captiveportal']['enable']) && (($config['captiveportal']['interface'] == "lan") || isset($config['interfaces'][$config['captiveportal']['interface']]['enable']))) { - + if ($g['booting']) echo "Starting captive portal... "; - + /* kill any running mini_httpd */ killbypid("{$g['varrun_path']}/mini_httpd.cp.pid"); killbypid("{$g['varrun_path']}/mini_httpd.cps.pid"); - + /* kill any running minicron */ killbypid("{$g['varrun_path']}/minicron.pid"); - + /* generate ipfw rules */ $cprules = captiveportal_rules_generate(); - + /* make sure ipfw is loaded */ mwexec("/sbin/kldload ipfw"); - + /* stop accounting on all clients */ captiveportal_radius_stop_all() ; @@ -70,7 +70,7 @@ function captiveportal_configure() { unlink_if_exists("{$g['vardb_path']}/captiveportal_mac.db"); unlink_if_exists("{$g['vardb_path']}/captiveportal_ip.db"); unlink_if_exists("{$g['vardb_path']}/captiveportal_radius.db"); - + /* write portal page */ if ($config['captiveportal']['page']['htmltext']) $htmltext = base64_decode($config['captiveportal']['page']['htmltext']); @@ -78,16 +78,37 @@ function captiveportal_configure() { /* example/template page */ $htmltext = <<<EOD <html> +<title>pfSense's captive portal</title> <head> -<title>m0n0wall captive portal</title> + <STYLE type="text/css"> +.listhdrr { + background-color: #BBBBBB; + padding-right: 16px; + padding-left: 6px; + font-weight: bold; + border-right: 1px solid #999999; + border-bottom: 1px solid #999999; + font-size: 11px; + padding-top: 5px; + padding-bottom: 5px; +} + + </STYLE> </head> -<body> -<h2>m0n0wall captive portal</h2> -<p>This is the default captive portal page. Please upload your own custom HTML file on the <em>Services: Captive portal</em> screen in the m0n0wall webGUI.</p> -<form method="post" action="\$PORTAL_ACTION\$"> - <input name="accept" type="submit" value="Continue"> - <input name="redirurl" type="hidden" value="\$PORTAL_REDIRURL\$"> +<body bgcolor="#990000"> +<center> +<font color="white" face="arial" size="+1">Welcome to pfSense's captive portal!</font> +<p> +<form method="post" action="$PORTAL_ACTION$"> +<table border="0" cellpadding="6" cellspacing="0"> +<tr><td align="right" class="listhdrr"><font color="white">Username:</td><td class="listhdrr"><input name="auth_user" type="text"></td></tr> +<tr><td align="right" class="listhdrr"><font color="white">Password:</td><td class="listhdrr"><input name="auth_pass" type="password"></td></tr> +<input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"> +</table> +<p> +<center><input name="accept" type="submit" value="Continue"> </form> +</center> </body> </html> @@ -97,9 +118,9 @@ EOD; $fd = @fopen("{$g['varetc_path']}/captiveportal.html", "w"); if ($fd) { fwrite($fd, $htmltext); - fclose($fd); + fclose($fd); } - + /* write error page */ if ($config['captiveportal']['page']['errtext']) $errtext = base64_decode($config['captiveportal']['page']['errtext']); @@ -126,14 +147,14 @@ EOD; $fd = @fopen("{$g['varetc_path']}/captiveportal-error.html", "w"); if ($fd) { fwrite($fd, $errtext); - fclose($fd); + fclose($fd); } /* load rules */ mwexec("/sbin/ipfw -f delete set 1"); mwexec("/sbin/ipfw -f delete set 2"); mwexec("/sbin/ipfw -f delete set 3"); - + /* XXX - seems like ipfw cannot accept rules directly on stdin, so we have to write them to a temporary file first */ $fd = @fopen("{$g['tmp_path']}/ipfw.cp.rules", "w"); @@ -141,30 +162,30 @@ EOD; printf("Cannot open ipfw.cp.rules in captiveportal_configure()\n"); return 1; } - + fwrite($fd, $cprules); fclose($fd); - + mwexec("/sbin/ipfw {$g['tmp_path']}/ipfw.cp.rules"); - + unlink("{$g['tmp_path']}/ipfw.cp.rules"); - + /* filter on layer2 as well so we can check MAC addresses */ mwexec("/sbin/sysctl net.link.ether.ipfw=1"); - + chdir($g['captiveportal_path']); - + /* start web server */ mwexec("/usr/local/sbin/mini_httpd -a -M 0 -u root -maxproc 16" . " -p 8000 -i {$g['varrun_path']}/mini_httpd.cp.pid"); - + /* fire up another one for HTTPS if requested */ if (isset($config['captiveportal']['httpslogin']) && $config['captiveportal']['certificate'] && $config['captiveportal']['private-key']) { - + $cert = base64_decode($config['captiveportal']['certificate']); $key = base64_decode($config['captiveportal']['private-key']); - + $fd = fopen("{$g['varetc_path']}/cert-portal.pem", "w"); if (!$fd) { printf("Error: cannot open cert-portal.pem in system_webgui_start().\n"); @@ -175,16 +196,16 @@ EOD; fwrite($fd, "\n"); fwrite($fd, $key); fclose($fd); - + mwexec("/usr/local/sbin/mini_httpd -S -a -M 0 -E {$g['varetc_path']}/cert-portal.pem" . " -u root -maxproc 16 -p 8001" . " -i {$g['varrun_path']}/mini_httpd.cps.pid"); } - + /* start pruning process (interval = 60 seconds) */ mwexec("/usr/local/bin/minicron 60 {$g['varrun_path']}/minicron.pid " . "/etc/rc.prunecaptiveportal"); - + /* generate passthru mac database */ captiveportal_passthrumac_configure() ; /* create allowed ip database and insert ipfw rules to make it so */ @@ -219,7 +240,7 @@ EOD; if ($g['booting']) echo "done\n"; - + } else { killbypid("{$g['varrun_path']}/mini_httpd.cp.pid"); killbypid("{$g['varrun_path']}/minicron.pid"); @@ -235,13 +256,13 @@ EOD; mwexec("/sbin/ipfw -f delete set 3"); } } - + return 0; } function captiveportal_rules_generate() { global $config, $g; - + $cpifn = $config['captiveportal']['interface']; $cpif = $config['interfaces'][$cpifn]['if']; $cpip = $config['interfaces'][$cpifn]['ipaddr']; @@ -250,7 +271,7 @@ function captiveportal_rules_generate() { clients as skipto 50000 rules to make traffic shaping work */ $cprules = ""; - + /* captive portal on LAN interface? */ if ($cpifn == "lan") { /* add anti-lockout rules */ @@ -298,7 +319,7 @@ add 1305 set 1 pass tcp from $cpip 8001 to any out EOD; } - + $cprules .= <<<EOD # ... 10000-19899: rules per authenticated client go here... @@ -323,47 +344,47 @@ EOD; /* remove clients that have been around for longer than the specified amount of time */ /* db file structure: timestamp,ipfw_rule_no,clientip,clientmac,username,sessionid */ function captiveportal_prune_old() { - + global $g, $config; - + /* check for expired entries */ if ($config['captiveportal']['timeout']) $timeout = $config['captiveportal']['timeout'] * 60; else $timeout = 0; - + if ($config['captiveportal']['idletimeout']) $idletimeout = $config['captiveportal']['idletimeout'] * 60; else $idletimeout = 0; - + if (!$timeout && !$idletimeout) return; - + captiveportal_lock(); - + /* read database */ $cpdb = captiveportal_read_db(); - + $radiusservers = captiveportal_get_radius_servers(); - + for ($i = 0; $i < count($cpdb); $i++) { - + $timedout = false; - + /* hard timeout? */ if ($timeout) { if ((time() - $cpdb[$i][0]) >= $timeout) - $timedout = true; + $timedout = true; } - + /* if an idle timeout is specified, get last activity timestamp from ipfw */ if (!$timedout && $idletimeout) { $lastact = captiveportal_get_last_activity($cpdb[$i][1]); if ($lastact && ((time() - $lastact) >= $idletimeout)) $timedout = true; } - + if ($timedout) { /* this client needs to be deleted - remove ipfw rules */ if (isset($config['captiveportal']['radacct_enable']) && isset($radiusservers[0])) { @@ -388,25 +409,25 @@ function captiveportal_prune_old() { unset($cpdb[$i]); } } - + /* write database */ captiveportal_write_db($cpdb); - + captiveportal_unlock(); } /* remove a single client by ipfw rule number */ function captiveportal_disconnect_client($id) { - + global $g, $config; - + captiveportal_lock(); - + /* read database */ $cpdb = captiveportal_read_db(); $radiusservers = captiveportal_get_radius_servers(); - - /* find entry */ + + /* find entry */ for ($i = 0; $i < count($cpdb); $i++) { if ($cpdb[$i][1] == $id) { /* this client needs to be deleted - remove ipfw rules */ @@ -431,10 +452,10 @@ function captiveportal_disconnect_client($id) { break; } } - + /* write database */ captiveportal_write_db($cpdb); - + captiveportal_unlock(); } @@ -444,9 +465,9 @@ function captiveportal_radius_stop_all() { captiveportal_lock() ; $cpdb = captiveportal_read_db() ; - + $radiusservers = captiveportal_get_radius_servers(); - + if (isset($radiusservers[0])) { for ($i = 0; $i < count($cpdb); $i++) { RADIUS_ACCOUNTING_STOP($cpdb[$i][1], // ruleno @@ -464,34 +485,34 @@ function captiveportal_radius_stop_all() { function captiveportal_passthrumac_configure() { global $config, $g; - + /* clear out passthru macs, if necessary */ if (file_exists("{$g['vardb_path']}/captiveportal_mac.db")) { unlink("{$g['vardb_path']}/captiveportal_mac.db"); } - + if (is_array($config['captiveportal']['passthrumac'])) { - + $fd = @fopen("{$g['vardb_path']}/captiveportal_mac.db", "w"); if (!$fd) { printf("Error: cannot open passthru mac DB file in captiveportal_passthrumac_configure().\n"); - return 1; + return 1; } - + foreach ($config['captiveportal']['passthrumac'] as $macent) { /* record passthru mac so it can be recognized and let thru */ fwrite($fd, $macent['mac'] . "\n"); } - - fclose($fd); + + fclose($fd); } - + return 0; } function captiveportal_allowedip_configure() { global $config, $g; - + captiveportal_lock() ; /* clear out existing allowed ips, if necessary */ @@ -503,7 +524,7 @@ function captiveportal_allowedip_configure() { if($line) { list($ip,$rule) = explode(",",$line); mwexec("/sbin/ipfw delete $rule") ; - } + } } } fclose($fd) ; @@ -515,16 +536,16 @@ function captiveportal_allowedip_configure() { $ruleno = trim(file_get_contents("{$g['vardb_path']}/captiveportal.nextrule")); if (!$ruleno) $ruleno = 10000; /* first rule number */ - + if (is_array($config['captiveportal']['allowedip'])) { - + $fd = @fopen("{$g['vardb_path']}/captiveportal_ip.db", "w"); if (!$fd) { printf("Error: cannot open allowed ip DB file in captiveportal_allowedip_configure().\n"); captiveportal_unlock() ; - return 1; + return 1; } - + foreach ($config['captiveportal']['allowedip'] as $ipent) { /* record allowed ip so it can be recognized and removed later */ fwrite($fd, $ipent['ip'] . "," . $ruleno ."\n"); @@ -540,8 +561,8 @@ function captiveportal_allowedip_configure() { if ($ruleno > 19899) $ruleno = 10000; } - - fclose($fd); + + fclose($fd); /* write next rule number */ $fd = @fopen("{$g['vardb_path']}/captiveportal.nextrule", "w"); @@ -550,31 +571,31 @@ function captiveportal_allowedip_configure() { fclose($fd); } } - + captiveportal_unlock() ; return 0; } /* get last activity timestamp given ipfw rule number */ function captiveportal_get_last_activity($ruleno) { - + exec("/sbin/ipfw -T list {$ruleno} 2>/dev/null", $ipfwoutput); - + /* in */ if ($ipfwoutput[0]) { $ri = explode(" ", $ipfwoutput[0]); if ($ri[1]) return $ri[1]; } - + return 0; } /* read captive portal DB into array */ function captiveportal_read_db() { - + global $g; - + $cpdb = array(); $fd = @fopen("{$g['vardb_path']}/captiveportal.db", "r"); if ($fd) { @@ -582,7 +603,7 @@ function captiveportal_read_db() { $line = trim(fgets($fd)); if ($line) { $cpdb[] = explode(",", $line); - } + } } fclose($fd); } @@ -591,9 +612,9 @@ function captiveportal_read_db() { /* write captive portal DB */ function captiveportal_write_db($cpdb) { - + global $g; - + $fd = @fopen("{$g['vardb_path']}/captiveportal.db", "w"); if ($fd) { foreach ($cpdb as $cpent) { @@ -605,9 +626,9 @@ function captiveportal_write_db($cpdb) { /* read RADIUS servers into array */ function captiveportal_get_radius_servers() { - + global $g; - + if (file_exists("{$g['vardb_path']}/captiveportal_radius.db")) { $fd = @fopen("{$g['vardb_path']}/captiveportal_radius.db","r"); if ($fd) { @@ -621,22 +642,22 @@ function captiveportal_get_radius_servers() { } } fclose($fd); - + return $radiusservers; } } - + return false; } /* lock captive portal information, decide that the lock file is stale after 10 seconds */ function captiveportal_lock() { - + global $g; - + $lockfile = "{$g['varrun_path']}/captiveportal.lock"; - + $n = 0; while ($n < 10) { /* open the lock file in append mode to avoid race condition */ @@ -654,11 +675,11 @@ function captiveportal_lock() { /* unlock configuration file */ function captiveportal_unlock() { - + global $g; - + $lockfile = "{$g['varrun_path']}/captiveportal.lock"; - + if (file_exists($lockfile)) unlink($lockfile); } diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 01459fa..e86ed35 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -1,22 +1,22 @@ #!/usr/local/bin/php -<?php +<?php /* services_captiveportal.php part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -79,9 +79,9 @@ if ($_POST) { if ($_POST['enable']) { $reqdfields = explode(" ", "cinterface"); $reqdfieldsn = explode(",", "Interface"); - + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - + /* make sure no interfaces are bridged */ for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) { $coptif = &$config['interfaces']['opt' . $i]; @@ -90,7 +90,7 @@ if ($_POST) { break; } } - + if ($_POST['httpslogin_enable']) { if (!$_POST['cert'] || !$_POST['key']) { $input_errors[] = "Certificate and key must be specified for HTTPS login."; @@ -100,13 +100,13 @@ if ($_POST) { if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['key'], "END RSA PRIVATE KEY")) $input_errors[] = "This key does not appear to be valid."; } - + if (!$_POST['httpsname'] || !is_domain($_POST['httpsname'])) { $input_errors[] = "The HTTPS server name must be specified for HTTPS login."; } } } - + if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1))) { $input_errors[] = "The timeout must be at least 1 minute."; } @@ -147,15 +147,15 @@ if ($_POST) { $config['captiveportal']['radiusport'] = $_POST['radiusport']; $config['captiveportal']['radiusacctport'] = $_POST['radiusacctport']; $config['captiveportal']['radiuskey'] = $_POST['radiuskey']; - + /* file upload? */ if (is_uploaded_file($_FILES['htmlfile']['tmp_name'])) $config['captiveportal']['page']['htmltext'] = base64_encode(file_get_contents($_FILES['htmlfile']['tmp_name'])); if (is_uploaded_file($_FILES['errfile']['tmp_name'])) $config['captiveportal']['page']['errtext'] = base64_encode(file_get_contents($_FILES['errfile']['tmp_name'])); - + write_config(); - + $retval = 0; if (!file_exists($d_sysrebootreqd_path)) { config_lock(); @@ -166,19 +166,30 @@ if ($_POST) { } } ?> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> +<head> +<title><?=gentitle("pfSense webGUI");?></title> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> +<link href="gui.css" rel="stylesheet" type="text/css"> +</head> + +<form> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <script language="JavaScript"> <!-- function radacct_change() { if (document.iform.radacct_enable.checked) { document.iform.logoutwin_enable.checked = 1; - } + } } function enable_change(enable_change) { var endis; endis = !(document.iform.enable.checked || enable_change); - + document.iform.cinterface.disabled = endis; document.iform.idletimeout.disabled = endis; document.iform.timeout.disabled = endis; @@ -195,7 +206,7 @@ function enable_change(enable_change) { document.iform.nomacfilter.disabled = endis; document.iform.htmlfile.disabled = endis; document.iform.errfile.disabled = endis; - + if (enable_change && document.iform.radacct_enable.checked) { document.iform.logoutwin_enable.checked = 1; } @@ -216,13 +227,13 @@ function enable_change(enable_change) { <tr> <td class="tabcont"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> + <tr> <td width="22%" valign="top" class="vtable"> </td> <td width="78%" class="vtable"> <input name="enable" type="checkbox" value="yes" <?php if ($pconfig['enable']) echo "checked"; ?> onClick="enable_change(false)"> <strong>Enable captive portal </strong></td> </tr> - <tr> + <tr> <td width="22%" valign="top" class="vncellreq">Interface</td> <td width="78%" class="vtable"> <select name="cinterface" class="formfld" id="cinterface"> @@ -232,7 +243,7 @@ function enable_change(enable_change) { $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; } foreach ($interfaces as $iface => $ifacename): ?> - <option value="<?=$iface;?>" <?php if ($iface == $pconfig['cinterface']) echo "selected"; ?>> + <option value="<?=$iface;?>" <?php if ($iface == $pconfig['cinterface']) echo "selected"; ?>> <?=htmlspecialchars($ifacename);?> </option> <?php endforeach; ?> @@ -246,16 +257,16 @@ function enable_change(enable_change) { minutes<br> Clients will be disconnected after this amount of inactivity. They may log in again immediately, though. Leave this field blank for no idle timeout.</td> </tr> - <tr> + <tr> <td width="22%" valign="top" class="vncell">Hard timeout</td> - <td width="78%" class="vtable"> - <input name="timeout" type="text" class="formfld" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>"> + <td width="78%" class="vtable"> + <input name="timeout" type="text" class="formfld" id="timeout" size="6" value="<?=htmlspecialchars($pconfig['timeout']);?>"> minutes<br> Clients will be disconnected after this amount of time, regardless of activity. They may log in again immediately, though. Leave this field blank for no hard timeout (not recommended unless an idle timeout is set).</td> </tr> - <tr> + <tr> <td width="22%" valign="top" class="vncell">Logout popup window</td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <input name="logoutwin_enable" type="checkbox" class="formfld" id="logoutwin_enable" value="yes" <?php if($pconfig['logoutwin_enable']) echo "checked"; ?>> <strong>Enable logout popup window</strong><br> If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs. When RADIUS accounting is enabled, this option is implied.</td> @@ -303,9 +314,9 @@ to access after they've authenticated.</td> <br> If this option is set, the captive portal will restrict each user who logs in to a specific bandwidth as set in RADIUS. Your RADIUS server must return the attributes Nomadix-Bw-Up and Nomadix-Bw-Down (1 and 2 VSAs from Vendor 3309, Nomadix) along with Access-Accept for this to work. Bandwidth is set in Kbit/s. You can control pass-through and default bandwidths above.</td> </tr> - <tr> + <tr> <td width="22%" valign="top" class="vncell">RADIUS server</td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <table cellpadding="0" cellspacing="0"> <tr> <td>IP address:</td> @@ -355,12 +366,12 @@ to access after they've authenticated.</td> <br> Paste an RSA private key in PEM format here.</td> </tr> - <tr> + <tr> <td width="22%" valign="top" class="vncellreq">Portal page contents</td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld" id="htmlfile"><br> <?php if ($config['captiveportal']['page']['htmltext']): ?> - <a href="?act=viewhtml" target="_blank">View current page</a> + <a href="?act=viewhtml" target="_blank">View current page</a> <br> <br> <?php endif; ?> @@ -381,19 +392,19 @@ with a submit button (name="accept") and a hidden field with name=&quo <td class="vtable"> <input name="errfile" type="file" class="formfld" id="errfile"><br> <?php if ($config['captiveportal']['page']['errtext']): ?> - <a href="?act=viewerrhtml" target="_blank">View current page</a> + <a href="?act=viewerrhtml" target="_blank">View current page</a> <br> <br> <?php endif; ?> The contents of the HTML file that you upload here are displayed when a RADIUS authentication error occurs.</td> </tr> - <tr> + <tr> <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)"> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)"> </td> </tr> - <tr> + <tr> <td width="22%" valign="top"> </td> <td width="78%"><span class="vexpl"><span class="red"><strong>Note:<br> </strong></span>Changing any settings on this page will disconnect all clients! Don't forget to enable the DHCP server on your captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the timeout entered on this page. Also, the DNS forwarder needs to be enabled for DNS lookups by unauthenticated clients to work. </span></td> diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php index 1b7c68a..c648fb3 100755 --- a/usr/local/www/services_captiveportal_ip.php +++ b/usr/local/www/services_captiveportal_ip.php @@ -3,20 +3,20 @@ /* services_captiveportal_ip.php part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com> All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -68,6 +68,17 @@ if ($_GET['act'] == "del") { } } ?> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> +<head> +<title><?=gentitle("pfSense webGUI");?></title> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> +<link href="gui.css" rel="stylesheet" type="text/css"> +</head> + +<form> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <form action="services_captiveportal_ip.php" method="post"> <?php if ($savemsg) print_info_box($savemsg); ?> @@ -94,13 +105,13 @@ if ($_GET['act'] == "del") { <?php $i = 0; foreach ($a_allowedips as $ip): ?> <tr> <td class="listlr"> - <?php if($ip['dir'] == "to") + <?php if($ip['dir'] == "to") echo "any <img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\">"; - ?> + ?> <?=strtolower($ip['ip']);?> - <?php if($ip['dir'] == "from") + <?php if($ip['dir'] == "from") echo "<img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> any"; - ?> + ?> </td> <td class="listbg"> <?=htmlspecialchars($ip['descr']);?> @@ -109,7 +120,7 @@ if ($_GET['act'] == "del") { <a href="services_captiveportal_ip.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this address?')"><img src="x.gif" width="17" height="17" border="0"></a></td> </tr> <?php $i++; endforeach; ?> - <tr> + <tr> <td class="list" colspan="2"> </td> <td class="list"> <a href="services_captiveportal_ip_edit.php"><img src="plus.gif" width="17" height="17" border="0"></a></td> </tr> diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index 85911e6..38f7559 100755 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -1,22 +1,22 @@ #!/usr/local/bin/php -<?php +<?php /* services_captiveportal_ip_edit.php part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com> All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -56,9 +56,9 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "ip dir"); $reqdfieldsn = explode(",", "Allowed IP address,Direction"); - + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - + if (($_POST['ip'] && !is_ipaddr($_POST['ip']))) { $input_errors[] = "A valid IP address must be specified. [".$_POST['ip']."]"; } @@ -66,11 +66,11 @@ if ($_POST) { foreach ($a_allowedips as $ipent) { if (isset($id) && ($a_allowedips[$id]) && ($a_allowedips[$id] === $ipent)) continue; - + if (($ipent['dir'] == $_POST['dir']) && ($ipent['ip'] == $_POST['ip'])){ $input_errors[] = "[" . $_POST['ip'] . "] already allowed." ; break ; - } + } } if (!$input_errors) { @@ -83,25 +83,36 @@ if ($_POST) { $a_allowedips[$id] = $ip; else $a_allowedips[] = $ip; - + write_config(); touch($d_allowedipsdirty_path) ; - + header("Location: services_captiveportal_ip.php"); exit; } } ?> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> +<head> +<title><?=gentitle("pfSense webGUI");?></title> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> +<link href="gui.css" rel="stylesheet" type="text/css"> +</head> + +<form> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <?php if ($input_errors) print_input_errors($input_errors); ?> <form action="services_captiveportal_ip_edit.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td width="22%" valign="top" class="vncellreq">Direction</td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <select name="dir" class="formfld"> - <?php + <?php $dirs = explode(" ", "From To") ; foreach ($dirs as $dir): ?> <option value="<?=strtolower($dir);?>" <?php if (strtolower($dir) == strtolower($pconfig['dir'])) echo "selected";?> > @@ -109,27 +120,27 @@ if ($_POST) { </option> <?php endforeach; ?> </select> - <br> - <span class="vexpl">Use <em>From</em> to always allow an IP address through the captive portal (without authentication). + <br> + <span class="vexpl">Use <em>From</em> to always allow an IP address through the captive portal (without authentication). Use <em>To</em> to allow access from all clients (even non-authenticated ones) behind the portal to this IP address.</span></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq">IP address</td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <?=$mandfldhtml;?><input name="ip" type="text" class="formfld" id="ip" size="17" value="<?=htmlspecialchars($pconfig['ip']);?>"> - <br> + <br> <span class="vexpl">IP address</span></td> </tr> <tr> <td width="22%" valign="top" class="vncell">Description</td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <input name="descr" type="text" class="formfld" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> <br> <span class="vexpl">You may enter a description here for your reference (not parsed).</span></td> </tr> <tr> <td width="22%" valign="top"> </td> - <td width="78%"> + <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save"> <?php if (isset($id) && $a_allowedips[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>"> diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php index 69cf90a..67be1b8 100755 --- a/usr/local/www/services_captiveportal_mac.php +++ b/usr/local/www/services_captiveportal_mac.php @@ -3,20 +3,20 @@ /* services_captiveportal_mac.php part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com> All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -68,6 +68,17 @@ if ($_GET['act'] == "del") { } } ?> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> +<head> +<title><?=gentitle("pfSense webGUI");?></title> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> +<link href="gui.css" rel="stylesheet" type="text/css"> +</head> + +<form> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <form action="services_captiveportal_mac.php" method="post"> <?php if ($savemsg) print_info_box($savemsg); ?> @@ -103,7 +114,7 @@ if ($_GET['act'] == "del") { <a href="services_captiveportal_mac.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this host?')"><img src="x.gif" width="17" height="17" border="0"></a></td> </tr> <?php $i++; endforeach; ?> - <tr> + <tr> <td class="list" colspan="2"> </td> <td class="list"> <a href="services_captiveportal_mac_edit.php"><img src="plus.gif" width="17" height="17" border="0"></a></td> </tr> diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php index f204d0f..f736582 100755 --- a/usr/local/www/services_captiveportal_mac_edit.php +++ b/usr/local/www/services_captiveportal_mac_edit.php @@ -1,22 +1,22 @@ #!/usr/local/bin/php -<?php +<?php /* services_captiveportal_mac_edit.php part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com> All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -55,11 +55,11 @@ if ($_POST) { /* input validation */ $reqdfields = explode(" ", "mac"); $reqdfieldsn = explode(",", "MAC address"); - + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - + $_POST['mac'] = str_replace("-", ":", $_POST['mac']); - + if (($_POST['mac'] && !is_macaddr($_POST['mac']))) { $input_errors[] = "A valid MAC address must be specified. [".$_POST['mac']."]"; } @@ -67,11 +67,11 @@ if ($_POST) { foreach ($a_passthrumacs as $macent) { if (isset($id) && ($a_passthrumacs[$id]) && ($a_passthrumacs[$id] === $macent)) continue; - + if ($macent['mac'] == $_POST['mac']){ $input_errors[] = "[" . $_POST['mac'] . "] already allowed." ; break; - } + } } if (!$input_errors) { @@ -83,37 +83,48 @@ if ($_POST) { $a_passthrumacs[$id] = $mac; else $a_passthrumacs[] = $mac; - + write_config(); touch($d_passthrumacsdirty_path) ; - + header("Location: services_captiveportal_mac.php"); exit; } } ?> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html> +<head> +<title><?=gentitle("pfSense webGUI");?></title> +<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> +<link href="gui.css" rel="stylesheet" type="text/css"> +</head> + +<form> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <?php if ($input_errors) print_input_errors($input_errors); ?> <form action="services_captiveportal_mac_edit.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td width="22%" valign="top" class="vncellreq">MAC address</td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <?=$mandfldhtml;?><input name="mac" type="text" class="formfld" id="mac" size="17" value="<?=htmlspecialchars($pconfig['mac']);?>"> - <br> + <br> <span class="vexpl">MAC address (6 hex octets separated by colons)</span></td> </tr> <tr> <td width="22%" valign="top" class="vncell">Description</td> - <td width="78%" class="vtable"> + <td width="78%" class="vtable"> <input name="descr" type="text" class="formfld" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> <br> <span class="vexpl">You may enter a description here for your reference (not parsed).</span></td> </tr> <tr> <td width="22%" valign="top"> </td> - <td width="78%"> + <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save"> <?php if (isset($id) && $a_passthrumacs[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>"> |
