diff options
author | jim-p <jimp@pfsense.org> | 2012-04-11 11:58:21 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2012-04-11 11:58:21 -0400 |
commit | f898c1a98213ec6b2497608c181ba3bb149a234b (patch) | |
tree | 511e3f401a208e114467d79151525d37e4748a27 | |
parent | fdcf104ce4f5320a5a182a0c4b378174959a7caf (diff) | |
download | pfsense-f898c1a98213ec6b2497608c181ba3bb149a234b.zip pfsense-f898c1a98213ec6b2497608c181ba3bb149a234b.tar.gz |
Add alias support to static routes (needs some testing) Ticket #2239
Conflicts:
etc/inc/filter.inc
etc/inc/util.inc
usr/local/www/system_routes_edit.php
-rw-r--r-- | etc/inc/filter.inc | 35 | ||||
-rw-r--r-- | etc/inc/services.inc | 12 | ||||
-rw-r--r-- | etc/inc/system.inc | 5 | ||||
-rw-r--r-- | etc/inc/util.inc | 37 | ||||
-rwxr-xr-x | usr/local/www/system_routes_edit.php | 105 |
5 files changed, 140 insertions, 54 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 806cbc8..d974bb4d 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -775,11 +775,9 @@ function filter_get_direct_networks_list() { $networks_arr[] = $subnet; } } - if(is_array($config['staticroutes']['route'])) { - foreach($config['staticroutes']['route'] as $netent) { - if(is_ipaddr($netent['network'])) { - $networks_arr[] = $netent['network']; - } + foreach(get_staticroutes(true) as $netent) { + if(is_subnet($netent)) { + $networks_arr[] = $netent; } } if(!empty($networks_arr)) { @@ -1443,17 +1441,15 @@ function filter_nat_rules_generate() { $tonathosts = ""; $numberofnathosts = 0; - if(is_array($config['staticroutes']['route'])) { - foreach ($config['staticroutes']['route'] as $route) { - $netip = explode("/", $route['network']); - if (isset($GatewaysList[$route['gateway']])) { - $gateway =& $GatewaysList[$route['gateway']]; - $gatewayip = $gateway['gateway']; - $interfacegw = $gateway['interface']; - if(!interface_has_gateway($gateway['interface']) && is_private_ip($netip[0])) { - $numberofnathosts++; - $tonathosts .= "{$route['network']} "; - } + foreach (get_staticroutes() as $route) { + $netip = explode("/", $route['network']); + if (isset($GatewaysList[$route['gateway']])) { + $gateway =& $GatewaysList[$route['gateway']]; + $gatewayip = $gateway['gateway']; + $interfacegw = $gateway['interface']; + if(!interface_has_gateway($gateway['interface']) && is_private_ip($netip[0])) { + $numberofnathosts++; + $tonathosts .= "{$route['network']} "; } } } @@ -1757,6 +1753,11 @@ function filter_generate_user_rule_arr($rule) { return $ret; } +function filter_expand_alias_array($alias_name) { + $expansion = filter_expand_alias($alias_name); + return explode(" ", preg_replace('/\s+/', ' ', trim($expansion))); +} + function filter_generate_address(& $rule, $target = "source", $isnat = false) { global $FilterIflist, $config; $src = ""; @@ -2724,7 +2725,7 @@ EOD; */ if(isset($config['filter']['bypassstaticroutes']) && is_array($config['staticroutes']['route']) && count($config['staticroutes']['route'])) { $ipfrules .= "# Add rules to bypass firewall rules for static routes\n"; - foreach ($config['staticroutes']['route'] as $route) { + foreach (get_staticroutes() as $route) { $friendly = $GatewaysList[$route['gateway']]['friendlyiface']; if(is_array($FilterIflist[$friendly])) { $oc = $FilterIflist[$friendly]; diff --git a/etc/inc/services.inc b/etc/inc/services.inc index fabb0d0..262df75 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -1114,13 +1114,11 @@ function services_dhcrelay_configure() { } } if (!isset($destif)) { - if (is_array($config['staticroutes']['route'])) { - foreach ($config['staticroutes']['route'] as $rtent) { - if (ip_in_subnet($srvip, $rtent['network'])) { - $a_gateways = return_gateways_array(true); - $destif = $a_gateways[$rtent['gateway']]['interface']; - break; - } + foreach (get_staticroutes() as $rtent) { + if (ip_in_subnet($srvip, $rtent['network'])) { + $a_gateways = return_gateways_array(true); + $destif = $a_gateways[$rtent['gateway']]['interface']; + break; } } } diff --git a/etc/inc/system.inc b/etc/inc/system.inc index e9f7781..43103a9 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -427,10 +427,11 @@ function system_routing_configure($interface = "") { } } - if (is_array($config['staticroutes']['route'])) { + $static_routes = get_staticroutes(); + if (count($static_routes)) { $gateways_arr = return_gateways_array(); - foreach ($config['staticroutes']['route'] as $rtent) { + foreach ($static_routes as $rtent) { $gatewayip = ""; if (empty($gateways_arr[$rtent['gateway']])) { log_error(sprintf(gettext("Static Routes: Gateway IP could not be found for %s"), $rtent['network'])); diff --git a/etc/inc/util.inc b/etc/inc/util.inc index 087bce8..4c92396 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -1680,6 +1680,7 @@ function array_merge_recursive_unique($array0, $array1) { return $result; } + /* * converts a string like "a,b,c,d" * into an array like array("a" => "b", "c" => "d") @@ -1694,4 +1695,40 @@ function explode_assoc($delimiter, $string) { return $result; } +function get_staticroutes($returnsubnetsonly = false) { + global $config; + require_once('filter.inc'); + $allstaticroutes = array(); + $allsubnets = array(); + + /* Bail if there are no routes, but return an array always so callers don't have to check. */ + if (!is_array($config['staticroutes']['route'])) + return array(); + + /* Loop through routes and expand aliases as we find them. */ + foreach ($config['staticroutes']['route'] as $route) { + if (is_alias($route['network'])) { + $subnets = filter_expand_alias_array($route['network']); + foreach ($subnets as $net) { + if (is_ipaddr($net)) + $net .= "/32"; + /* This must be a hostname, we can't use it. */ + if (!is_subnet($net)) + continue; + $temproute = $route; + $temproute['network'] = $net; + $allstaticroutes[] = $temproute; + $allsubnets[] = $net; + } + } elseif (is_subnet($route['network'])) { + $allstaticroutes[] = $route; + $allsubnets[] = $route['network']; + } + } + if ($returnsubnetsonly) { + return $allsubnets; + } else { + return $allstaticroutes; + } +} ?> diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index 71a860d..ce47e97 100755 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -93,7 +93,7 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - if (($_POST['network'] && !is_ipaddr($_POST['network']))) { + if (($_POST['network'] && !is_ipaddr($_POST['network']) && !is_alias($_POST['network']))) { $input_errors[] = gettext("A valid IPv4 or IPv6 destination network must be specified."); } if (($_POST['network_subnet'] && !is_numeric($_POST['network_subnet']))) { @@ -107,25 +107,53 @@ if ($_POST) { } /* check for overlaps */ + $current_targets = get_staticroutes(true); + $new_targets = array(); if(is_ipaddrv6($_POST['network'])) { $osn = Net_IPv6::compress(gen_subnetv6($_POST['network'], $_POST['network_subnet'])) . "/" . $_POST['network_subnet']; + $new_targets[] = $osn; } - if(is_ipaddrv4($_POST['network'])) { + if (is_ipaddr($_POST['network'])) { if($_POST['network_subnet'] > 32) $input_errors[] = gettext("A IPv4 subnet can not be over 32 bits."); - else + else { $osn = gen_subnet($_POST['network'], $_POST['network_subnet']) . "/" . $_POST['network_subnet']; + $new_targets[] = $osn; + } + } elseif (is_alias($_POST['network'])) { + $osn = $_POST['network']; + foreach (filter_expand_alias_array($_POST['network']) as $tgt) { + if (is_ipaddr($tgt)) + $tgt .= "/32"; + if (!is_subnet($tgt)) + continue; + $new_targets[] = $tgt; + } } - foreach ($a_routes as $route) { - if (isset($id) && ($a_routes[$id]) && ($a_routes[$id] === $route)) - continue; - - if ($route['network'] == $osn) { - $input_errors[] = gettext("A route to this destination network already exists."); - break; + if (!isset($id)) + $id = count($a_routes); + $oroute = $a_routes[$id]; + if (!empty($oroute)) { + $old_targets = array(); + if (is_alias($oroute['network'])) { + foreach (filter_expand_alias_array($oroute['network']) as $tgt) { + if (is_ipaddr($tgt)) + $tgt .= "/32"; + if (!is_subnet($tgt)) + continue; + $old_targets[] = $tgt; + } + } else { + $old_targets[] = $oroute['network']; } } + $overlaps = array_intersect($current_targets, $new_targets); + $overlaps = array_diff($overlaps, $old_targets); + if (count($overlaps)) { + $input_errors[] = gettext("A route to these destination networks already exists") . ": " . implode(", ", $overlaps); + } + if (!$input_errors) { $route = array(); $route['network'] = $osn; @@ -136,24 +164,20 @@ if ($_POST) { else unset($route['disabled']); - if (!isset($id)) - $id = count($a_routes); - if (file_exists("{$g['tmp_path']}/.system_routes.apply")) - $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.system_routes.apply")); - else - $toapplylist = array(); - $oroute = $a_routes[$id]; - + if (file_exists("{$g['tmp_path']}/.system_routes.apply")) + $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.system_routes.apply")); + else + $toapplylist = array(); $a_routes[$id] = $route; if (!empty($oroute)) { - $osn = explode('/', $oroute['network']); - $sn = explode('/', $route['network']); - if ($oroute['network'] <> $route['network']) { - if(is_ipaddrv6($oroute['network'])) - $family = "-inet6"; - $toapplylist[] = "/sbin/route delete {$family} {$oroute['network']}"; - } + $delete_targets = array_diff($old_targets, $new_targets); + if (count($delete_targets)) + foreach ($delete_targets as $dts) { + if(is_ipaddrv6($dts)) + $family = "-inet6"; + $toapplylist[] = "/sbin/route delete {$family} {$dts}"; + } } file_put_contents("{$g['tmp_path']}/.system_routes.apply", serialize($toapplylist)); staticroutes_sort(); @@ -169,12 +193,15 @@ if ($_POST) { $pgtitle = array(gettext("System"),gettext("Static Routes"),gettext("Edit route")); include("head.inc"); - ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <script type="text/javascript" src="/javascript/jquery.ipv4v6ify.js"></script> -<?php include("fbegin.inc"); ?> +<script type="text/javascript" src="/javascript/autosuggest.js"> +</script> +<script type="text/javascript" src="/javascript/suggestions.js"> +</script> +<?php include("fbegin.inc");?> <?php if ($input_errors) print_input_errors($input_errors); ?> <form action="system_routes_edit.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> @@ -184,7 +211,7 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Destination network"); ?></td> <td width="78%" class="vtable"> - <input name="network" type="text" class="formfld unknown ipv4v6" id="network" size="20" value="<?=htmlspecialchars($pconfig['network']);?>"> + <input name="network" type="text" class="formfldalias ipv4v6" id="network" size="20" value="<?=htmlspecialchars($pconfig['network']);?>"> / <select name="network_subnet" class="formselect ipv4v6" id="network_subnet" <?php @@ -357,6 +384,28 @@ include("head.inc"); report_failure(); } } + <?php + $isfirst = 0; + $aliases = ""; + $addrisfirst = 0; + $aliasesaddr = ""; + if($config['aliases']['alias'] <> "" and is_array($config['aliases']['alias'])) + foreach($config['aliases']['alias'] as $alias_name) { + switch ($alias_name['type']) { + case "host": + case "network": + if($addrisfirst == 1) $aliasesaddr .= ","; + $aliasesaddr .= "'" . $alias_name['name'] . "'"; + $addrisfirst = 1; + break; + default: + break; + } + } + ?> + var addressarray=new Array(<?php echo $aliasesaddr; ?>); + var oTextbox1 = new AutoSuggestControl(document.getElementById("network"), new StateSuggestions(addressarray)); + </script> <?php include("fend.inc"); ?> </body> |