diff options
| author | Seth Mos <seth.mos@dds.nl> | 2011-02-16 09:11:05 +0100 |
|---|---|---|
| committer | Seth Mos <seth.mos@dds.nl> | 2011-02-16 09:11:05 +0100 |
| commit | f698b26293d5a1df1c87b4dbcd908b597da07493 (patch) | |
| tree | b0c9b856c1b869819c0032c5eec64d95184ce767 | |
| parent | bd40781aaa7aa947e924f21e2845d87be5993bbd (diff) | |
| parent | b807a1619230c8e19193a39ed8c4c513dd8e005b (diff) | |
| download | pfsense-f698b26293d5a1df1c87b4dbcd908b597da07493.zip pfsense-f698b26293d5a1df1c87b4dbcd908b597da07493.tar.gz | |
Merge remote branch 'upstream/master'
21 files changed, 319 insertions, 198 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index bd8aede..450155e 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -521,8 +521,10 @@ function filter_generate_aliases() { $aliases .= "table <sshlockout> persist\n"; $aliases .= "table <webConfiguratorlockout> persist\n"; - $aliases .= "#Snort2C table\n"; + $aliases .= "#pfSnortSam tables\n"; $aliases .= "table <snort2c>\n"; + $aliases .= "table <pfSnortSamout>\n"; + $aliases .= "table <pfSnortSamin>\n"; $aliases .= "\ntable <virusprot>\n"; @@ -1125,14 +1127,22 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = " if($src == "") $src = "any"; /* Match on this source port */ - if($srcport != "") - $src .= " port {$srcport}"; + if($srcport != "") { + $srcportexpand = alias_expand($srcport); + if(!$srcportexpand) + $srcportexpand = $srcport; + $src .= " port {$srcportexpand}"; + } /* sometimes this gets called with "" instead of a value */ if($dst == "") $dst = "any"; /* Match on this dest port */ - if($dstport != "") - $dst .= " port {$dstport}"; + if($dstport != "") { + $dstportexpand = alias_expand($dstport); + if(!$dstportexpand) + $dstportexpand = $dstport; + $dst .= " port {$dstportexpand}"; + } /* outgoing static-port option, hamachi, Grandstream, VOIP, etc */ $staticnatport_txt = ""; if($staticnatport) @@ -2126,9 +2136,11 @@ EOD; $ipfrules .= <<<EOD -# snort2c +# pfSnortSam block quick from <snort2c> to any label "Block snort2c hosts" block quick from any to <snort2c> label "Block snort2c hosts" +block quick from <pfSnortSamout> to any label "Block pfSnortSamOut hosts" +block quick from any to <pfSnortSamin> label "Block pfSnortSamIn hosts" EOD; diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index adc3eda..2764135 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -1444,7 +1444,7 @@ function get_freebsd_version() { return $version[0]; } -function download_file_with_progress_bar($url_file, $destination_file, $readbody = 'read_body') { +function download_file_with_progress_bar($url_file, $destination_file, $readbody = 'read_body', $connect_timeout=60, $timeout=0) { global $ch, $fout, $file_size, $downloaded; $file_size = 1; $downloaded = 1; @@ -1464,10 +1464,10 @@ function download_file_with_progress_bar($url_file, $destination_file, $readbody curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_WRITEFUNCTION, $readbody); curl_setopt($ch, CURLOPT_NOPROGRESS, '1'); - curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '60'); - curl_setopt($ch, CURLOPT_TIMEOUT, 0); + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $connect_timeout); + curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); - curl_exec($ch); + @curl_exec($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); if($fout) fclose($fout); @@ -1579,29 +1579,39 @@ if(!function_exists("split")) { } } -function update_alias_names_upon_change($section, $subsection, $fielda, $fieldb, $new_alias_name, $origname) { +function update_alias_names_upon_change($section, $field, $new_alias_name, $origname) { global $g, $config, $pconfig, $debug; if(!$origname) return; + $sectionref = &$config; + foreach($section as $sectionname) { + if(is_array($sectionref) && isset($sectionref[$sectionname])) + $sectionref = &$sectionref[$sectionname]; + else + return; + } + if($debug) $fd = fopen("{$g['tmp_path']}/print_r", "a"); if($debug) fwrite($fd, print_r($pconfig, true)); - if($fieldb) { - if($debug) fwrite($fd, "fieldb exists\n"); - for ($i = 0; isset($config["$section"]["$subsection"][$i]["$fielda"]); $i++) { - if($debug) fwrite($fd, "$i\n"); - if($config["$section"]["$subsection"][$i]["$fielda"]["$fieldb"] == $origname) { - if($debug) fwrite($fd, "Setting old alias value $origname to $new_alias_name\n"); - $config["$section"]["$subsection"][$i]["$fielda"]["$fieldb"] = $new_alias_name; + if(is_array($sectionref)) { + foreach($sectionref as $itemkey => $item) { + if($debug) fwrite($fd, "$itemkey\n"); + + $fieldfound = true; + $fieldref = &$sectionref[$itemkey]; + foreach($field as $fieldname) { + if(is_array($fieldref) && isset($fieldref[$fieldname])) + $fieldref = &$fieldref[$fieldname]; + else { + $fieldfound = false; + break; + } } - } - } else { - if($debug) fwrite($fd, "fieldb does not exist\n"); - for ($i = 0; isset($config["$section"]["$subsection"][$i]["$fielda"]); $i++) { - if($config["$section"]["$subsection"][$i]["$fielda"] == $origname) { - $config["$section"]["$subsection"][$i]["$fielda"] = $new_alias_name; + if($fieldfound && $fieldref == $origname) { if($debug) fwrite($fd, "Setting old alias value $origname to $new_alias_name\n"); + $fieldref = $new_alias_name; } } } diff --git a/etc/version b/etc/version index 813dcee..0bd2631 100644 --- a/etc/version +++ b/etc/version @@ -1 +1 @@ -2.0-BETA5 +2.0-BEAT5 diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index 5892f06..598f4d6 100755 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -355,17 +355,14 @@ if ($_POST) { // Firewall rules $origname = $config['interfaces'][$iface]['descr']; $newname = $config['interfaces'][$iface]['descr'] . "Alias"; - update_alias_names_upon_change('filter', 'rule', 'source', 'address', $newname, $origname); - update_alias_names_upon_change('filter', 'rule', 'destination', 'address', $newname, $origname); + update_alias_names_upon_change(array('filter', 'rule'), array('source', 'address'), $newname, $origname); + update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'address'), $newname, $origname); // NAT Rules - update_alias_names_upon_change('nat', 'rule', 'source', 'address', $newname, $origname); - update_alias_names_upon_change('nat', 'rule', 'source', 'port', $newname, $origname); - update_alias_names_upon_change('nat', 'rule', 'destination', 'address', $newname, $origname); - update_alias_names_upon_change('nat', 'rule', 'destination', 'port', $newname, $origname); - update_alias_names_upon_change('nat', 'rule', 'target', '', $newname, $origname); - update_alias_names_upon_change('nat', 'rule', 'local-port', '', $newname, $origname); + update_alias_names_upon_change(array('nat', 'rule'), array('source', 'address'), $newname, $origname); + update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'address'), $newname, $origname); + update_alias_names_upon_change(array('nat', 'rule'), array('target'), $newname, $origname); // Alias in an alias - update_alias_names_upon_change('aliases', 'alias', 'address', '', $newname, $origname); + update_alias_names_upon_change(array('aliases', 'alias'), array('address'), $newname, $origname); } } } diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc index 3fb1846..ed07813 100755 --- a/usr/local/www/fbegin.inc +++ b/usr/local/www/fbegin.inc @@ -390,7 +390,7 @@ if ($_REQUEST['noticeaction'] == 'acknowledge') { $notices = get_notices(); if(!$notices) { $need_alert_display = true; - $display_text = print_notices() . "<br>"; + $display_text = print_notices($notices) . "<br>"; } } if($need_alert_display == true) { diff --git a/usr/local/www/firewall_aliases.php b/usr/local/www/firewall_aliases.php index b72e3c4..4a16bac 100755 --- a/usr/local/www/firewall_aliases.php +++ b/usr/local/www/firewall_aliases.php @@ -75,80 +75,30 @@ if ($_GET['act'] == "del") { $is_alias_referenced = false; $referenced_by = false; $alias_name = $a_aliases[$_GET['id']]['name']; - if(is_array($config['nat']['rule'])) { - foreach($config['nat']['rule'] as $rule) { - if($rule['localip'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - } - } - if($is_alias_referenced == false) { - if(is_array($config['filter']['rule'])) { - foreach($config['filter']['rule'] as $rule) { - if($rule['source']) { - if($rule['source']['address'] && $rule['source']['address'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - if($rule['source']['port'] && $rule['source']['port'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - if($rule['destination']['address'] && $rule['destination']['address'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - } - if($rule['destination']) - if($rule['destination']['port'] && $rule['destination']['port'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - } - } - } - if($is_alias_referenced == false) { - if(is_array($config['nat']['rule'])) { - foreach($config['nat']['rule'] as $rule) { - if($rule['source']['address'] && $rule['source']['address'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - if($rule['source']['port'] && $rule['source']['port'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - if($rule['destination']['address'] && $rule['destination']['address'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - if($rule['destination']['port'] && $rule['destination']['port'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - if($rule['target'] && $rule['target'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - if($rule['local-port'] && $rule['local-port'] == $alias_name) { - $is_alias_referenced = true; - $referenced_by = $rule['descr']; - break; - } - } - } - } + // Firewall rules + find_alias_reference(array('filter', 'rule'), array('source', 'address'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('filter', 'rule'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('filter', 'rule'), array('source', 'port'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('filter', 'rule'), array('destination', 'port'), $alias_name, $is_alias_referenced, $referenced_by); + // NAT Rules + find_alias_reference(array('nat', 'rule'), array('source', 'address'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'rule'), array('source', 'port'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'rule'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'rule'), array('destination', 'port'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'rule'), array('target'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'rule'), array('local-port'), $alias_name, $is_alias_referenced, $referenced_by); + // NAT 1:1 Rules + //find_alias_reference(array('nat', 'onetoone'), array('external'), $alias_name, $is_alias_referenced, $referenced_by); + //find_alias_reference(array('nat', 'onetoone'), array('source', 'address'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'onetoone'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by); + // NAT Outbound Rules + find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('source', 'network'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('sourceport'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('dstport'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('target'), $alias_name, $is_alias_referenced, $referenced_by); + // Alias in an alias + find_alias_reference(array('aliases', 'alias'), array('address'), $alias_name, $is_alias_referenced, $referenced_by); if($is_alias_referenced == true) { $savemsg = sprintf(gettext("Cannot delete alias. Currently in use by %s"), $referenced_by); } else { @@ -162,6 +112,41 @@ if ($_GET['act'] == "del") { } } +function find_alias_reference($section, $field, $origname, &$is_alias_referenced, &$referenced_by) { + global $config; + if(!$origname || $is_alias_referenced) + return; + + $sectionref = &$config; + foreach($section as $sectionname) { + if(is_array($sectionref) && isset($sectionref[$sectionname])) + $sectionref = &$sectionref[$sectionname]; + else + return; + } + + if(is_array($sectionref)) { + foreach($sectionref as $itemkey => $item) { + $fieldfound = true; + $fieldref = &$sectionref[$itemkey]; + foreach($field as $fieldname) { + if(is_array($fieldref) && isset($fieldref[$fieldname])) + $fieldref = &$fieldref[$fieldname]; + else { + $fieldfound = false; + break; + } + } + if($fieldfound && $fieldref == $origname) { + $is_alias_referenced = true; + if(is_array($item)) + $referenced_by = $item['descr']; + break; + } + } + } +} + $pgtitle = array(gettext("Firewall"),gettext("Aliases")); include("head.inc"); diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index 77933df..5bc44bc 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -293,19 +293,29 @@ if ($_POST) { */ if ($_POST['name'] <> $_POST['origname']) { // Firewall rules - update_alias_names_upon_change('filter', 'rule', 'source', 'address', $_POST['name'], $origname); - update_alias_names_upon_change('filter', 'rule', 'destination', 'address', $_POST['name'], $origname); - update_alias_names_upon_change('filter', 'rule', 'source', 'port', $_POST['name'], $origname); - update_alias_names_upon_change('filter', 'rule', 'destination', 'port', $_POST['name'], $origname); + update_alias_names_upon_change(array('filter', 'rule'), array('source', 'address'), $_POST['name'], $origname); + update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'address'), $_POST['name'], $origname); + update_alias_names_upon_change(array('filter', 'rule'), array('source', 'port'), $_POST['name'], $origname); + update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'port'), $_POST['name'], $origname); // NAT Rules - update_alias_names_upon_change('nat', 'rule', 'source', 'address', $_POST['name'], $origname); - update_alias_names_upon_change('nat', 'rule', 'source', 'port', $_POST['name'], $origname); - update_alias_names_upon_change('nat', 'rule', 'destination', 'address', $_POST['name'], $origname); - update_alias_names_upon_change('nat', 'rule', 'destination', 'port', $_POST['name'], $origname); - update_alias_names_upon_change('nat', 'rule', 'target', '', $_POST['name'], $origname); - update_alias_names_upon_change('nat', 'rule', 'local-port', '' , $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'rule'), array('source', 'address'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'rule'), array('source', 'port'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'address'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'port'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'rule'), array('target'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'rule'), array('local-port'), $_POST['name'], $origname); + // NAT 1:1 Rules + //update_alias_names_upon_change(array('nat', 'onetoone'), array('external'), $_POST['name'], $origname); + //update_alias_names_upon_change(array('nat', 'onetoone'), array('source', 'address'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'onetoone'), array('destination', 'address'), $_POST['name'], $origname); + // NAT Outbound Rules + update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('source', 'network'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('sourceport'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('destination', 'address'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('dstport'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('target'), $_POST['name'], $origname); // Alias in an alias - update_alias_names_upon_change('aliases', 'alias', 'address', '' , $_POST['name'], $origname); + update_alias_names_upon_change(array('aliases', 'alias'), array('address'), $_POST['name'], $origname); } if (isset($id) && $a_aliases[$id]) { diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index b62e257..361d324 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -669,7 +669,7 @@ include("fbegin.inc"); ?> <tr> <td><?=gettext("Address:"); ?> </td> <td> - <input name="dst" type="text" class="formfldalias" id="dst" size="20" value="<?php if (!is_specialnet($pconfig['dst'])) echo htmlspecialchars($pconfig['dst']);?>"> + <input autocomplete='off' name="dst" type="text" class="formfldalias" id="dst" size="20" value="<?php if (!is_specialnet($pconfig['dst'])) echo htmlspecialchars($pconfig['dst']);?>"> / <select name="dstmask" class="formselect" id="dstmask"> <?php diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 528af1f..db6d03d 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -124,14 +124,14 @@ if ($_POST) { $protocol_uses_ports = in_array($_POST['protocol'], explode(" ", "any tcp udp tcp/udp")); - if($protocol_uses_ports && $_POST['sourceport'] <> "" && !is_port($_POST['sourceport'])) - $input_errors[] = gettext("You must supply either a valid port for the source port entry."); + if($protocol_uses_ports && $_POST['sourceport'] <> "" && !is_portoralias($_POST['sourceport'])) + $input_errors[] = gettext("You must supply either a valid port or port alias for the source port entry."); - if($protocol_uses_ports and $_POST['dstport'] <> "" and !is_port($_POST['dstport'])) - $input_errors[] = gettext("You must supply either a valid port for the destination port entry."); + if($protocol_uses_ports and $_POST['dstport'] <> "" and !is_portoralias($_POST['dstport'])) + $input_errors[] = gettext("You must supply either a valid port or port alias for the destination port entry."); if($protocol_uses_ports and $_POST['natport'] <> "" and !is_port($_POST['natport']) and !isset($_POST['nonat'])) - $input_errors[] = gettext("You must supply either a valid port for the nat port entry."); + $input_errors[] = gettext("You must supply a valid port for the nat port entry."); if ($_POST['source_type'] != "any") { if ($_POST['source'] && !is_ipaddroralias($_POST['source']) && $_POST['source'] <> "any") { @@ -288,6 +288,8 @@ include("head.inc"); ?> +<script type="text/javascript" src="/javascript/suggestions.js"></script> +<script type="text/javascript" src="/javascript/autosuggest.js"></script> <script language="JavaScript"> <!-- var portsenabled = 1; @@ -456,7 +458,7 @@ function poolopts_change() { </select> </td></tr> <td><?=gettext("Address:");?> </td> - <td><input name="source" type="text" class="formfld unknown" id="source" size="20" value="<?=htmlspecialchars($pconfig['source']);?>">/<select name="source_subnet" class="formfld" id="source_subnet"> + <td><input name="source" type="text" autocomplete="off" class="formfldalias" id="source" size="20" value="<?=htmlspecialchars($pconfig['source']);?>">/<select name="source_subnet" class="formfld" id="source_subnet"> <?php for ($i = 32; $i >= 0; $i--): ?> <option value="<?=$i;?>"<?php if ($i == $pconfig['source_subnet']) echo " selected"; ?>><?=$i;?></option> <?php endfor; ?> @@ -468,7 +470,7 @@ function poolopts_change() { </tr> <tr name="sport_tr" id="sport_tr"> <td><?=gettext("Source port:");?> </td> - <td><input name="sourceport" type="text" class="formfld unknown" id="sourceport" size="5" value="<?=htmlspecialchars($pconfig['sourceport']);?>"> <?=gettext("(leave + <td><input name="sourceport" type="text" autocomplete="off" class="formfldalias" id="sourceport" size="5" value="<?=htmlspecialchars($pconfig['sourceport']);?>"> <?=gettext("(leave blank for any)");?></td> </tr> </table></td> @@ -492,7 +494,7 @@ blank for any)");?></td> </tr> <tr> <td><?=gettext("Address:");?> </td> - <td><input name="destination" type="text" class="formfld unknown" id="destination" size="20" value="<?=htmlspecialchars($pconfig['destination']);?>"> + <td><input name="destination" type="text" autocomplete="off" class="formfldalias" id="destination" size="20" value="<?=htmlspecialchars($pconfig['destination']);?>"> / <select name="destination_subnet" class="formselect" id="destination_subnet"> <?php for ($i = 32; $i >= 0; $i--): ?> @@ -507,7 +509,7 @@ blank for any)");?></td> </tr> <tr name="dport_tr" id="dport_tr"> <td><?=gettext("Destination port:");?> </td> - <td><input name="dstport" type="text" class="formfld unknown" id="dstport" size="5" value="<?=htmlspecialchars($pconfig['dstport']);?>"> <?=gettext("(leave blank for + <td><input name="dstport" type="text" autocomplete="off" class="formfldalias" id="dstport" size="5" value="<?=htmlspecialchars($pconfig['dstport']);?>"> <?=gettext("(leave blank for any)");?></td> </tr> </table> @@ -637,6 +639,41 @@ staticportchange(); nonat_change(); proto_change(); poolopts_change(); + +<?php + $isfirst = 0; + $aliases = ""; + $addrisfirst = 0; + $aliasesaddr = ""; + if($config['aliases']['alias'] <> "" and is_array($config['aliases']['alias'])) + foreach($config['aliases']['alias'] as $alias_name) { + switch ($alias_name['type']) { + case "port": + if($isfirst == 1) $portaliases .= ","; + $portaliases .= "'" . $alias_name['name'] . "'"; + $isfirst = 1; + break; + case "host": + case "network": + case "openvpn": + case "urltable": + if($addrisfirst == 1) $aliasesaddr .= ","; + $aliasesaddr .= "'" . $alias_name['name'] . "'"; + $addrisfirst = 1; + break; + default: + break; + } + } +?> + + var addressarray=new Array(<?php echo $aliasesaddr; ?>); + var customarray=new Array(<?php echo $portaliases; ?>); + + var oTextbox1 = new AutoSuggestControl(document.getElementById("source"), new StateSuggestions(addressarray)); + var oTextbox2 = new AutoSuggestControl(document.getElementById("sourceport"), new StateSuggestions(customarray)); + var oTextbox3 = new AutoSuggestControl(document.getElementById("destination"), new StateSuggestions(addressarray)); + var oTextbox4 = new AutoSuggestControl(document.getElementById("dstport"), new StateSuggestions(customarray)); //--> </script> <?php include("fend.inc"); ?> diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index 7eb96d6..1f511c6 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -194,7 +194,7 @@ if ($_POST) { clear_subsystem_dirty('filter'); - $savemsg = sprintf(gettext("The settings have been applied. The firewall rules are now reloading in the background. You can also %s monitor %s the reload progress"),"<a href='status_filter_reload.php'>","</a>"); + $savemsg = sprintf(gettext("The settings have been applied. The firewall rules are now reloading in the background.<br/>You can also %s monitor %s the reload progress"),"<a href='status_filter_reload.php'>","</a>"); } } diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index d213377..8ab5670 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -933,7 +933,7 @@ include("head.inc"); <tr> <td><?=gettext("Address:");?> </td> <td> - <input <?=$edit_disabled;?> name="dst" type="text" class="formfldalias" id="dst" size="20" value="<?php if (!is_specialnet($pconfig['dst'])) echo htmlspecialchars($pconfig['dst']);?>"> + <input <?=$edit_disabled;?> autocomplete='off' name="dst" type="text" class="formfldalias" id="dst" size="20" value="<?php if (!is_specialnet($pconfig['dst'])) echo htmlspecialchars($pconfig['dst']);?>"> / <select <?=$edit_disabled;?> name="dstmask" class="formselect" id="dstmask"> <?php diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index ab5a1c9..7784a6e 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -419,7 +419,7 @@ function print_info_box($msg) { function get_std_save_message($ok) { global $d_sysrebootreqd_path; - return "The changes have been applied successfully. You can also <a href='status_filter_reload.php'>monitor</a> the filter reload progress."; + return "The changes have been applied successfully.<br/>You can also <a href='status_filter_reload.php'>monitor</a> the filter reload progress."; } function pprint_address($adr) { diff --git a/usr/local/www/services_dhcp_edit.php b/usr/local/www/services_dhcp_edit.php index cddc8e0..ecde99b 100755 --- a/usr/local/www/services_dhcp_edit.php +++ b/usr/local/www/services_dhcp_edit.php @@ -150,8 +150,8 @@ if ($_POST) { if ($_POST['ipaddr']) { $dynsubnet_start = ip2ulong($config['dhcpd'][$if]['range']['from']); $dynsubnet_end = ip2ulong($config['dhcpd'][$if]['range']['to']); - if ((ip2ulong($_POST['ipaddr']) > $dynsubnet_start) && - (ip2ulong($_POST['ipaddr']) < $dynsubnet_end)) { + if ((ip2ulong($_POST['ipaddr']) >= $dynsubnet_start) && + (ip2ulong($_POST['ipaddr']) <= $dynsubnet_end)) { $input_errors[] = sprintf(gettext("The IP address must not be within the DHCP range for this interface.")); } diff --git a/usr/local/www/system_firmware_auto.php b/usr/local/www/system_firmware_auto.php index 06a9eb1..2daa6a2 100755 --- a/usr/local/www/system_firmware_auto.php +++ b/usr/local/www/system_firmware_auto.php @@ -136,6 +136,7 @@ if ($g['platform'] == "nanobsd") { $nanosize .= strtolower(trim(file_get_contents("/etc/nanosize.txt"))); } +@unlink("/tmp/{$g['product_name']}_version"); download_file_with_progress_bar("{$updater_url}/version{$nanosize}", "/tmp/{$g['product_name']}_version"); $latest_version = str_replace("\n", "", @file_get_contents("/tmp/{$g['product_name']}_version")); if(!$latest_version) { diff --git a/usr/local/www/system_firmware_check.php b/usr/local/www/system_firmware_check.php index cb80b6a..266a149 100755 --- a/usr/local/www/system_firmware_check.php +++ b/usr/local/www/system_firmware_check.php @@ -131,8 +131,8 @@ if ($g['platform'] == "nanobsd") { $nanosize .= strtolower(trim(file_get_contents("/etc/nanosize.txt"))); } -download_file_with_progress_bar("{$updater_url}/version{$nanosize}", "/tmp/{$g['product_name']}_version"); -$remote_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version")); +if(download_file_with_progress_bar("{$updater_url}/version{$nanosize}", "/tmp/{$g['product_name']}_version", 'read_body', 5, 5)) + $remote_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version")); $static_text .= gettext("done") . "\\n"; if (!$remote_version) { $static_text .= gettext("Unable to check for updates.") . "\\n"; diff --git a/usr/local/www/widgets/widgets/system_information.widget.php b/usr/local/www/widgets/widgets/system_information.widget.php index dfc85c1..3de2ab1 100644 --- a/usr/local/www/widgets/widgets/system_information.widget.php +++ b/usr/local/www/widgets/widgets/system_information.widget.php @@ -48,9 +48,10 @@ if($_REQUEST['getupdatestatus']) { $nanosize = "-nanobsd-" . strtolower(trim(file_get_contents("/etc/nanosize.txt"))); } - download_file_with_progress_bar("{$updater_url}/version{$nanosize}", "/tmp/{$g['product_name']}_version"); + @unlink("/tmp/{$g['product_name']}_version"); + if (download_file_with_progress_bar("{$updater_url}/version{$nanosize}", "/tmp/{$g['product_name']}_version", 'read_body', 5, 5)) + $remote_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version")); - $remote_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version")); if(empty($remote_version)) echo "<br /><br />Unable to check for updates."; else { diff --git a/usr/local/www/wizards/traffic_shaper_wizard.inc b/usr/local/www/wizards/traffic_shaper_wizard.inc index 7869309..9de74a2 100644 --- a/usr/local/www/wizards/traffic_shaper_wizard.inc +++ b/usr/local/www/wizards/traffic_shaper_wizard.inc @@ -456,15 +456,24 @@ function step3_stepsubmitphpaction() { $stepid--; return; } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); - $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); - $input_bw = $factor * floatval($_POST["conn{$i}upload"]); - if ((0.8 * $ifbw) < $input_bw) { - $friendly_interface = $i+1; - $savemsg=gettext("You cannot set the VoIP upload bandwidth on WAN #{$friendly_interface} higher than 80% of the connection."); - $stepid--; - return; + if ($_POST["conn{$i}uploadspeed"] == "%") { + if (intval($_POST["conn{$i}upload"]) > 80) { + $friendly_interface = $i+1; + $savemsg=gettext("You cannot set the VoIP upload bandwidth on WAN #{$friendly_interface} higher than 80% of the connection."); + $stepid--; + return; + } + } else { + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); + $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); + $input_bw = $factor * floatval($_POST["conn{$i}upload"]); + if ((0.8 * $ifbw) < $input_bw) { + $friendly_interface = $i+1; + $savemsg=gettext("You cannot set the VoIP upload bandwidth on WAN #{$friendly_interface} higher than 80% of the connection."); + $stepid--; + return; + } } } @@ -1001,7 +1010,7 @@ function apply_all_choosen_items() { /* loop through voiplist[] */ foreach ($voiplist[$config['ezshaper']['step3']['provider']] as $voip) { $rule = array(); - $rule = array(); + $rule['type'] = "match"; $rule['defaultqueue'] = 'qVoIP'; $rule['direction'] = "out"; $rule['source']['any'] = TRUE; @@ -1025,7 +1034,7 @@ function apply_all_choosen_items() { continue; foreach ($p2plist[$key] as $p2pclient) { $rule = array(); - $rule = array(); + $rule['type'] = "match"; $rule['defaultqueue'] = 'qP2P'; $rule['direction'] = "out"; $rule['source']['any'] = TRUE; @@ -1048,7 +1057,7 @@ function apply_all_choosen_items() { continue; foreach ($gamesplist[$key] as $Gameclient) { $rule = array(); - $rule = array(); + $rule['type'] = "match"; $rule['defaultqueue'] = 'qGames'; if ($Gameclient[1] == "tcp") $rule['ackqueue'] = 'qACK'; @@ -1074,7 +1083,7 @@ function apply_all_choosen_items() { continue; foreach ($othersplist[$key] as $otherclient) { $rule = array(); - $rule = array(); + $rule['type'] = "match"; switch ($val) { case "H": $rule['defaultqueue'] = 'qOthersHigh'; /* posted value H or L */ diff --git a/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc b/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc index 88a6296..d550497 100755 --- a/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc +++ b/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc @@ -469,14 +469,22 @@ function step3_stepsubmitphpaction() { $stepid--; return; } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); - $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); - $input_bw = $factor * floatval($_POST["conn{$i}upload"]); - if ((0.8 * $ifbw) < $input_bw) { - $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); - $stepid--; - return; + if ($_POST["conn{$i}uploadspeed"] == "%") { + if (intval($_POST["conn{$i}upload"]) > 80) { + $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } + } else { + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); + $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); + $input_bw = $factor * floatval($_POST["conn{$i}upload"]); + if ((0.8 * $ifbw) < $input_bw) { + $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } } if (!is_numeric($_POST["local{$i}download"])) { @@ -484,14 +492,22 @@ function step3_stepsubmitphpaction() { $stepid--; return; } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}download"]); - $factor = wizard_get_bandwidthtype_scale($_POST["local{$i}downloadspeed"]); - $input_bw = $factor * floatval($_POST["local{$i}download"]); - if ((0.8 * $ifbw) < $input_bw) { - $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); - $stepid--; - return; + if ($_POST["local{$i}downloadspeed"] == "%") { + if (intval($_POST["local{$i}download"]) > 80) { + $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } + } else { + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}download"]); + $factor = wizard_get_bandwidthtype_scale($_POST["local{$i}downloadspeed"]); + $input_bw = $factor * floatval($_POST["local{$i}download"]); + if ((0.8 * $ifbw) < $input_bw) { + $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } } } diff --git a/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc b/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc index f33283a..40f036d 100755 --- a/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc +++ b/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc @@ -495,10 +495,17 @@ function step3_stepsubmitphpaction() { $steps = intval($config['ezshaper']['step1']['numberofconnections']); for ($i = 0; $i < $steps; $i++) { if (!is_numeric($_POST["conn{$i}upload"])) { - $savemsg = gettext("Upload bandwidth of connection {$i} is not valid."); + $savemsg = gettext("Upload bandwidth of connection {$i} is not valid."); + $stepid--; + return; + } + if ($_POST["conn{$i}uploadspeed"] == "%") { + if (intval($_POST["conn{$i}upload"]) > 80) { + $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); $stepid--; return; } + } else { $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); @@ -507,6 +514,7 @@ function step3_stepsubmitphpaction() { $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); $stepid--; return; + } } } @@ -517,14 +525,22 @@ function step3_stepsubmitphpaction() { $stepid--; return; } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}download"]); - $factor = wizard_get_bandwidthtype_scale($_POST["local{$i}downloadspeed"]); - $input_bw = $factor * floatval($_POST["local{$i}download"]); - if ((0.8 * $ifbw) < $input_bw) { - $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); - $stepid--; - return; + if ($_POST["local{$i}downloadspeed"] == "%") { + if (intval($_POST["local{$i}download"]) > 80) { + $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } + } else { + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}download"]); + $factor = wizard_get_bandwidthtype_scale($_POST["local{$i}downloadspeed"]); + $input_bw = $factor * floatval($_POST["local{$i}download"]); + if ((0.8 * $ifbw) < $input_bw) { + $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } } } diff --git a/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.inc b/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.inc index ab22b93..9453aae 100644 --- a/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.inc +++ b/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.inc @@ -296,21 +296,46 @@ function step3_stepsubmitphpaction() { } } + if (!is_numeric($_POST["connupload"]) || !is_numeric($_POST['conndownload'])) { + $savemsg = gettext("Upload or download bandwidth is not valid."); + $stepid--; + return; + } $steps = intval($config['ezshaper']['step1']['numberofconnections']); for ($i = 0; $i < $steps; $i++) { - if (!is_numeric($_POST["connupload"])) { - $savemsg = gettext("Upload bandwidth of connection {$i} is not valid."); - $stepid--; - return; - } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); - $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); - $input_bw = $factor * floatval($_POST["conn{$i}upload"]); - if ((0.8 * $ifbw) < $input_bw) { - $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); - $stepid--; - return; + if ($_POST["connuploadspeed"] == "%") { + if (intval($_POST['connupload']) > 80) { + $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } + } else { + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); + $factor = wizard_get_bandwidthtype_scale($_POST["connuploadspeed"]); + $input_bw = $factor * floatval($_POST["connupload"]); + if ((0.8 * $ifbw) < $input_bw) { + $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } + } + if ($_POST["conndownloadspeed"] == "%") { + if (intval($_POST['conndownload']) > 80) { + $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } + } else { + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}download"]); + $factor = wizard_get_bandwidthtype_scale($_POST["conndownloadspeed"]); + $input_bw = $factor * floatval($_POST["conndownload"]); + if ((0.8 * $ifbw) < $input_bw) { + $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } } } } diff --git a/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.xml b/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.xml index ae5a139..30bc566 100644 --- a/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.xml +++ b/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.xml @@ -124,7 +124,8 @@ <message>IP Address field is non-blank and doesn't look like an IP address.</message> </field> <field> - <name>Download Speed</name> + <displayname>Upload Speed</displayname> + <name>connupload</name> <type>input</type> <bindstofield>ezshaper->step3->connupload</bindstofield> <combinefieldsbegin>true</combinefieldsbegin> @@ -134,7 +135,7 @@ <dontdisplayname>true</dontdisplayname> <dontcombinecells>true</dontcombinecells> <donotdisable>true</donotdisable> - <name>Download Speed Unit</name> + <name>connuploadspeed</name> <description>The limit you want to apply.</description> <type>select</type> <options> @@ -158,7 +159,8 @@ <bindstofield>ezshaper->step3->connuploadspeed</bindstofield> </field> <field> - <name>Upload Speed</name> + <displayname>Download Speed</displayname> + <name>conndownload</name> <type>input</type> <bindstofield>ezshaper->step3->conndownload</bindstofield> <combinefieldsbegin>true</combinefieldsbegin> @@ -168,14 +170,14 @@ <dontdisplayname>true</dontdisplayname> <dontcombinecells>true</dontcombinecells> <donotdisable>true</donotdisable> - <name>Upload Speed Unit</name> + <name>conndownloadspeed</name> <description>The limit you want to apply.</description> <type>select</type> <options> <option> - <name>%</name> - <value>%</value> - </option> + <name>%</name> + <value>%</value> + </option> <option> <name>Kilobit/s</name> <value>Kb</value> @@ -189,7 +191,7 @@ <value>Gb</value> </option> </options> - <bindstofield>ezshaper->step3->conndownloadspeed</bindstofield> + <bindstofield>ezshaper->step3->conndownloadspeed</bindstofield> </field> <field> <name>Next</name> |
