summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRenato Botelho <renato.botelho@bluepex.com>2010-08-03 10:59:34 -0300
committerRenato Botelho <renato.botelho@bluepex.com>2010-08-03 10:59:34 -0300
commit270f81d9607be5f372a4bb89bbb53dd1e45a1f82 (patch)
treeb9511afa10dfd1b311606a74af707f000b50e9e4
parent416686be4caf89487f98f6bade2c6a72887e9157 (diff)
parent073a2697dd86a8dece8dafa28b71084a547ba31e (diff)
downloadpfsense-270f81d9607be5f372a4bb89bbb53dd1e45a1f82.zip
pfsense-270f81d9607be5f372a4bb89bbb53dd1e45a1f82.tar.gz
Merge remote branch 'mainline/master' into 2_firewall
Conflicts: usr/local/www/diag_nanobsd.php usr/local/www/diag_packet_capture.php usr/local/www/firewall_shaper.php
-rw-r--r--PCBSD/pc-sysinstall/backend/functions-unmount.sh8
-rw-r--r--conf.default/config.xml2
-rw-r--r--etc/inc/auth.inc15
-rw-r--r--etc/inc/captiveportal.inc42
-rw-r--r--etc/inc/config.inc10
-rw-r--r--etc/inc/config.lib.inc20
-rw-r--r--etc/inc/filter.inc22
-rw-r--r--etc/inc/globals.inc1
-rw-r--r--etc/inc/gwlb.inc28
-rw-r--r--etc/inc/interfaces.inc123
-rw-r--r--etc/inc/led.inc18
-rw-r--r--etc/inc/notices.inc3
-rw-r--r--etc/inc/pfsense-utils.inc3
-rw-r--r--etc/inc/pkg-utils.inc2
-rw-r--r--etc/inc/rrd.inc459
-rw-r--r--etc/inc/services.inc46
-rw-r--r--etc/inc/shaper.inc129
-rw-r--r--etc/inc/system.inc18
-rw-r--r--etc/inc/upgrade_config.inc42
-rw-r--r--etc/inc/util.inc18
-rw-r--r--etc/inc/vpn.inc16
-rw-r--r--etc/inc/xmlparse.inc6
-rwxr-xr-xetc/rc5
-rwxr-xr-xetc/rc.bootup6
-rwxr-xr-xetc/rc.filter_configure_xmlrpc54
-rwxr-xr-xetc/rc.filter_synchronize5
-rwxr-xr-xetc/rc.firmware16
-rwxr-xr-xetc/rc.linkup6
-rwxr-xr-xetc/rc.newipsecdns2
-rwxr-xr-xetc/rc.notify_message64
-rwxr-xr-xetc/rc.php_ini_setup47
-rwxr-xr-xetc/rc.reboot7
-rw-r--r--etc/version2
-rwxr-xr-xusr/local/captiveportal/index.php2
-rw-r--r--usr/local/pkg/carp_settings.xml7
-rwxr-xr-xusr/local/www/carp_status.php39
-rwxr-xr-xusr/local/www/diag_backup.php2
-rw-r--r--usr/local/www/diag_dns.php90
-rwxr-xr-xusr/local/www/diag_logs_relayd.php2
-rwxr-xr-xusr/local/www/diag_nanobsd.php6
-rw-r--r--usr/local/www/diag_overload_tables.php18
-rw-r--r--usr/local/www/diag_packet_capture.php12
-rwxr-xr-xusr/local/www/fbegin.inc3
-rwxr-xr-xusr/local/www/firewall_aliases.php41
-rwxr-xr-xusr/local/www/firewall_aliases_edit.php2
-rwxr-xr-xusr/local/www/firewall_aliases_import.php2
-rwxr-xr-xusr/local/www/firewall_nat.php8
-rwxr-xr-xusr/local/www/firewall_nat_1to1.php6
-rwxr-xr-xusr/local/www/firewall_nat_out.php10
-rwxr-xr-xusr/local/www/firewall_shaper.php10
-rwxr-xr-xusr/local/www/guiconfig.inc11
-rwxr-xr-xusr/local/www/head.inc13
-rw-r--r--usr/local/www/installer.php386
-rwxr-xr-xusr/local/www/interfaces.php30
-rwxr-xr-xusr/local/www/interfaces_groups_edit.php5
-rwxr-xr-xusr/local/www/services_captiveportal_ip.php32
-rwxr-xr-xusr/local/www/services_captiveportal_ip_edit.php13
-rwxr-xr-xusr/local/www/services_captiveportal_mac_edit.php9
-rwxr-xr-xusr/local/www/services_dhcp.php10
-rwxr-xr-xusr/local/www/services_dhcp_edit.php6
-rw-r--r--usr/local/www/services_rfc2136.php6
-rw-r--r--usr/local/www/services_rfc2136_edit.php2
-rwxr-xr-xusr/local/www/services_snmp.php2
-rwxr-xr-xusr/local/www/status.php2
-rwxr-xr-xusr/local/www/status_gateway_groups.php2
-rwxr-xr-xusr/local/www/status_gateways.php2
-rwxr-xr-xusr/local/www/status_lb_pool.php2
-rwxr-xr-xusr/local/www/status_lb_vs.php2
-rwxr-xr-xusr/local/www/status_rrd_graph.php221
-rw-r--r--usr/local/www/status_rrd_graph_img.php31
-rwxr-xr-xusr/local/www/status_rrd_graph_settings.php54
-rw-r--r--usr/local/www/status_upnp.php2
-rwxr-xr-xusr/local/www/status_wireless.php4
-rw-r--r--usr/local/www/system_advanced_misc.php2
-rw-r--r--usr/local/www/system_advanced_notifications.php4
-rwxr-xr-xusr/local/www/system_gateway_groups.php2
-rwxr-xr-xusr/local/www/system_gateway_groups_edit.php2
-rwxr-xr-xusr/local/www/system_gateways.php2
-rwxr-xr-xusr/local/www/system_gateways_edit.php2
-rw-r--r--usr/local/www/system_groupmanager.php17
-rwxr-xr-xusr/local/www/system_usermanager_settings.php2
-rwxr-xr-xusr/local/www/themes/code-red/rrdcolors.inc.php1
-rw-r--r--usr/local/www/themes/metallic/rrdcolors.inc.php1
-rw-r--r--usr/local/www/themes/nervecenter/rrdcolors.inc.php1
-rw-r--r--usr/local/www/themes/pfsense-dropdown/rrdcolors.inc.php1
-rw-r--r--usr/local/www/themes/pfsense/rrdcolors.inc.php1
-rw-r--r--usr/local/www/themes/pfsense_ng/rrdcolors.inc.php1
-rw-r--r--usr/local/www/themes/the_wall/rrdcolors.inc.php1
-rwxr-xr-xusr/local/www/xmlrpc.php2
89 files changed, 1614 insertions, 780 deletions
diff --git a/PCBSD/pc-sysinstall/backend/functions-unmount.sh b/PCBSD/pc-sysinstall/backend/functions-unmount.sh
index abd2491..f47c3fb 100644
--- a/PCBSD/pc-sysinstall/backend/functions-unmount.sh
+++ b/PCBSD/pc-sysinstall/backend/functions-unmount.sh
@@ -85,7 +85,7 @@ unmount_all_filesystems()
# Last lets the /mnt partition
#########################################################
- rc_nohalt "umount -f ${FSMNT}"
+ # rc_nohalt "umount -f ${FSMNT}"
# If are using a ZFS on "/" set it to legacy
if [ ! -z "${FOUNDZFSROOT}" ]
@@ -100,7 +100,7 @@ unmount_all_filesystems()
fi
# Unmount our CDMNT
- rc_nohalt "umount -f ${CDMNT}"
+ # rc_nohalt "umount -f ${CDMNT}"
# Check if we need to run any gmirror syncing
ls ${MIRRORCFGDIR}/* >/dev/null 2>/dev/null
@@ -155,7 +155,7 @@ unmount_all_filesystems_failure()
# Last lets the /mnt partition
#########################################################
- rc_nohalt "umount -f ${FSMNT}"
+ # rc_nohalt "umount -f ${FSMNT} 2>/dev/null"
fi
else
@@ -168,7 +168,7 @@ unmount_all_filesystems_failure()
fi
# Unmount our CDMNT
- rc_nohalt "umount ${CDMNT}"
+ # rc_nohalt "umount ${CDMNT} 2>/dev/null"
# Import any pools, so they are active at shutdown and ready to boot potentially
zpool import -a
diff --git a/conf.default/config.xml b/conf.default/config.xml
index 06513de..2296a42 100644
--- a/conf.default/config.xml
+++ b/conf.default/config.xml
@@ -566,7 +566,7 @@
-->
</shaper>
<ipsec>
- <preferredoldsa/>
+ <preferoldsa/>
<!-- <enable/> -->
<!-- syntax:
<tunnel>
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc
index 4b5578b..f85f897 100644
--- a/etc/inc/auth.inc
+++ b/etc/inc/auth.inc
@@ -417,6 +417,9 @@ function local_user_get_groups($user, $all = false) {
if (in_array($user['uid'], $group['member']))
$groups[] = $group['name'];
+ if ( $all )
+ $groups[] = "all";
+
sort($groups);
return $groups;
@@ -452,9 +455,11 @@ function local_user_set_groups($user, $new_groups = NULL ) {
if (in_array($groupname,$new_groups))
continue;
$group = & $config['system']['group'][$groupindex[$groupname]];
- $index = array_search($user['uid'], $group['member']);
- array_splice($group['member'], $index, 1);
- $mod_groups[] = $group;
+ if (is_array($group['member'])) {
+ $index = array_search($user['uid'], $group['member']);
+ array_splice($group['member'], $index, 1);
+ $mod_groups[] = $group;
+ }
}
/* sync all modified groups */
@@ -973,6 +978,8 @@ function radius_backed($username, $passwd, $authcfg){
global $debug, $config;
$ret = false;
+ require_once("radius.inc");
+
$rauth = new Auth_RADIUS_PAP($username, $passwd);
if ($authcfg) {
$radiusservers = array();
@@ -1235,4 +1242,4 @@ function session_auth() {
return true;
}
-?> \ No newline at end of file
+?>
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc
index 1e96b41..0d3853b 100644
--- a/etc/inc/captiveportal.inc
+++ b/etc/inc/captiveportal.inc
@@ -425,45 +425,14 @@ EOD;
foreach ($cpips as $cpip)
$ips .= "or {$cpip} ";
$ips = "{ {$ips} }";
- //# allow access to our DHCP server (which needs to be able to ping clients as well)
- $cprules .= "add {$rulenum} set 1 pass udp from any 68 to {$ips} 67 in \n";
+ $cprules .= "add {$rulenum} set 1 pass ip from any to {$ips} in\n";
$rulenum++;
- $cprules .= "add {$rulenum} set 1 pass udp from any 68 to {$ips} 67 in \n";
- $rulenum++;
- $cprules .= "add {$rulenum} set 1 pass udp from {$ips} 67 to any 68 out \n";
+ $cprules .= "add {$rulenum} set 1 pass ip from {$ips} to any out\n";
$rulenum++;
$cprules .= "add {$rulenum} set 1 pass icmp from {$ips} to any out icmptype 0\n";
$rulenum++;
$cprules .= "add {$rulenum} set 1 pass icmp from any to {$ips} in icmptype 8 \n";
$rulenum++;
- //# allow access to our DNS forwarder
- $cprules .= "add {$rulenum} set 1 pass udp from any to {$ips} 53 in \n";
- $rulenum++;
- $cprules .= "add {$rulenum} set 1 pass udp from {$ips} 53 to any out \n";
- $rulenum++;
- # allow access to our web server
- $cprules .= "add {$rulenum} set 1 pass tcp from any to {$ips} 8000 in \n";
- $rulenum++;
- $cprules .= "add {$rulenum} set 1 pass tcp from {$ips} 8000 to any out \n";
-
- if (isset($config['captiveportal']['httpslogin'])) {
- $rulenum++;
- $cprules .= "add {$rulenum} set 1 pass tcp from any to {$ips} 8001 in \n";
- $rulenum++;
- $cprules .= "add {$rulenum} set 1 pass tcp from {$ips} 8001 to any out \n";
- }
- if (!empty($config['system']['webgui']['port']))
- $port = $config['system']['webgui']['port'];
- else if ($config['system']['webgui']['proto'] == "http")
- $port = 80;
- else
- $port = 443;
- $rulenum++;
- $cprules .= "add {$rulenum} set 1 pass tcp from any to {$ips} {$port} in \n";
- $rulenum++;
- $cprules .= "add {$rulenum} set 1 pass tcp from {$ips} {$port} to any out \n";
- $rulenum++;
-
/* Allowed ips */
$cprules .= "add {$rulenum} allow ip from table(3) to any in\n";
$rulenum++;
@@ -917,14 +886,17 @@ function captiveportal_allowedip_configure_entry($ipent) {
$bw_up = $ruleno + 20000;
$rules .= "pipe {$bw_up} config bw {$ipent['bw_up']}Kbit/s queue 100\n";
}
+ $subnet = "";
+ if (!empty($ipent['sn']))
+ $subnet = "/{$ipent['sn']}";
foreach ($tablein as $table)
- $rules .= "table {$table} add {$ipent['ip']} {$bw_up}\n";
+ $rules .= "table {$table} add {$ipent['ip']}{$subnet} {$bw_up}\n";
if ($enBwdown) {
$bw_down = $ruleno + 20001;
$rules .= "pipe {$bw_down} config bw {$ipent['bw_down']}Kbit/s queue 100\n";
}
foreach ($tableout as $table)
- $rules .= "table {$table} add {$ipent['ip']} {$bw_down}\n";
+ $rules .= "table {$table} add {$ipent['ip']}{$subnet} {$bw_down}\n";
return $rules;
}
diff --git a/etc/inc/config.inc b/etc/inc/config.inc
index aa5fb69..78c6b04 100644
--- a/etc/inc/config.inc
+++ b/etc/inc/config.inc
@@ -195,11 +195,15 @@ else if ($g['booting'] and !file_exists($g['cf_conf_path'] . "/config.xml") ) {
mwexec("/sbin/mount -a");
}
-
-
if($g['booting']) echo ".";
$config = parse_config();
+/* set timezone */
+$timezone = $config['system']['timezone'];
+if (!$timezone)
+ $timezone = "Etc/UTC";
+date_default_timezone_set("$timezone");
+
if($config_parsed == true) {
/* process packager manager custom rules */
if(is_dir("/usr/local/pkg/parse_config")) {
@@ -207,4 +211,4 @@ if($config_parsed == true) {
}
}
-?>
+?> \ No newline at end of file
diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc
index 707dee8..c236594 100644
--- a/etc/inc/config.lib.inc
+++ b/etc/inc/config.lib.inc
@@ -91,7 +91,7 @@ function encrypted_configxml() {
* $config - array containing all configuration variables
******/
function parse_config($parse = false) {
- global $g, $config_parsed;
+ global $g, $config_parsed, $config_extra;
$lockkey = lock('config');
$config_parsed = false;
@@ -169,11 +169,19 @@ function parse_config($parse = false) {
* boolean - true on completion
******/
function generate_config_cache($config) {
- global $g;
+ global $g, $config_extra;
$configcache = fopen($g['tmp_path'] . '/config.cache', "w");
fwrite($configcache, serialize($config));
fclose($configcache);
+ unset($configcache);
+ /* Used for config.extra.xml */
+ if(file_exists($g['tmp_path'] . '/config.extra.cache') && $config_extra) {
+ $configcacheextra = fopen($g['tmp_path'] . '/config.extra.cache', "w");
+ fwrite($configcacheextra, serialize($config_extra));
+ fclose($configcacheextra);
+ unset($configcacheextra);
+ }
}
function discover_last_backup() {
@@ -457,6 +465,10 @@ function safe_write_file($file, $content, $force_binary) {
function write_config($desc="Unknown", $backup = true) {
global $config, $g;
+ /* TODO: Not sure what this was added for; commenting out
+ * for now, since it was preventing config saving. */
+ // $config = parse_config(true, false, false);
+
if($g['bootup'])
log_error("WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml");
@@ -977,7 +989,7 @@ EODD;
$config['interfaces']['wan']['if'] = $wanif;
$config['interfaces']['wan']['enable'] = true;
if (preg_match($g['wireless_regex'], $wanif)) {
- if (is_array($config['interfaces']['lan']) &&
+ if (is_array($config['interfaces']['wan']) &&
(!is_array($config['interfaces']['wan']['wireless'])))
$config['interfaces']['wan']['wireless'] = array();
} else {
@@ -1277,4 +1289,4 @@ function set_device_perms() {
}
}
-?>
+?> \ No newline at end of file
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index af4619d..a417d07 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -996,7 +996,7 @@ function filter_generate_reflection($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_
/* Generate a 'nat on' or 'no nat on' rule for given interface */
function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = "any", $dstport = "", $natip = "", $natport = "", $nonat = false, $staticnatport = false, $proto = "") {
- global $config;
+ global $config, $FilterIflist;
/* XXX: billm - any idea if this code is needed? */
if($src == "/32" || $src{0} == "/")
return "# src incorrectly specified\n";
@@ -1007,7 +1007,7 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = "
if(is_ipaddr($natip))
$tgt = "{$natip}/32";
else
- $tgt = "($if)";
+ $tgt = "(" . $FilterIflist[$if]['if'] . ")";
}
/* Add the protocol, if defined */
if (!empty($proto) && $proto != "any") {
@@ -1049,7 +1049,7 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = "
$nat = "nat";
$target = "-> {$tgt}";
}
- $if_friendly = convert_friendly_interface_to_friendly_descr($if);
+ $if_friendly = $FilterIflist[$if]['descr'];
/* Put all the pieces together */
if($if_friendly)
$natrule = "{$nat} on \${$if_friendly} {$protocol} from {$src} to {$dst} {$target}{$staticnatport_txt}\n";
@@ -1396,18 +1396,10 @@ function filter_nat_rules_generate() {
else
sigkillbypid("/var/run/inetd.pid", "HUP");
- if($pptpdcfg['mode'] && $pptpdcfg['mode'] != "off") {
- if($pptpdcfg['mode'] == "server")
- $pptpdtarget = "127.0.0.1";
- else if($pptpdcfg['mode'] == "redir")
- $pptpdtarget = $pptpdcfg['redir'];
- if($pptpdcfg['mode'] == "redir" && is_array($FilterIflist['wan'])) {
- /*
- * NB: ermal -- the rdr rule below is commented out now that we have a solution
- * for PPTP passthrough. This unbreaks other GRE traffic passing
- * through pfSense.
- * After some more testing this will be removed compeletely.
- */
+ $pptpdcfg = $config['pptpd'];
+ if($pptpdcfg['mode'] && $pptpdcfg['mode'] == "redir") {
+ $pptpdtarget = $pptpdcfg['redir'];
+ if(is_ipaddr($pptpdtarget) && is_array($FilterIflist['wan'])) {
$natrules .= <<<EOD
# PPTP
diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc
index dae4ea7..edf578b 100644
--- a/etc/inc/globals.inc
+++ b/etc/inc/globals.inc
@@ -151,6 +151,7 @@ $sysctls = array("net.inet.ip.portrange.first" => "1024",
"net.inet.udp.maxdgram" => "57344",
"net.link.bridge.pfil_onlyip" => "0",
"net.link.bridge.pfil_member" => "1",
+ "net.link.bridge.pfil_local_phys" => "1",
"net.link.bridge.pfil_bridge" => "0",
"net.link.tap.user_open" => "1",
"kern.rndtest.verbose" => "0",
diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc
index 94ddd17..2ff52a1 100644
--- a/etc/inc/gwlb.inc
+++ b/etc/inc/gwlb.inc
@@ -160,11 +160,16 @@ EOD;
if (!is_ipaddr($gateway['monitor']))
continue;
- $apingercfg .= "target \"{$gateway['monitor']}\" {\n";
- $apingercfg .= " description \"{$gateway['name']}\"\n";
- $gwifip = find_interface_ip($gateway['interface']);
+ if($gateway['monitor'] == "127.0.0.{$i}") {
+ $gwifip = "127.0.0.1";
+ } else {
+ $gwifip = find_interface_ip($gateway['interface']);
+ }
if (!is_ipaddr($gwifip))
continue; //Skip this target
+
+ $apingercfg .= "target \"{$gateway['monitor']}\" {\n";
+ $apingercfg .= " description \"{$gateway['name']}\"\n";
$apingercfg .= " srcip \"{$gwifip}\"\n";
$alarms = "";
$override = false;
@@ -235,16 +240,13 @@ EOD;
fwrite($fd, $apingerconfig);
fclose($fd);
- if (is_process_running("apinger")) {
- sigkillbypid("{$g['varrun_path']}/apinger.pid", "HUP");
- } else {
- if (is_dir("{$g['tmp_path']}"))
- chmod("{$g['tmp_path']}", 01777);
- if (is_dir("{$g['vardb_path']}/rrd"))
- chown("{$g['vardb_path']}/rrd", "nobody");
- /* start a new apinger process */
- mwexec_bg("/usr/local/sbin/apinger -c {$g['varetc_path']}/apinger.conf");
- }
+ killbypid("{$g['varrun_path']}/apinger.pid");
+ if (is_dir("{$g['tmp_path']}"))
+ chmod("{$g['tmp_path']}", 01777);
+ if (is_dir("{$g['vardb_path']}/rrd"))
+ chown("{$g['vardb_path']}/rrd", "nobody");
+ /* start a new apinger process */
+ mwexec_bg("/usr/local/sbin/apinger -c {$g['varetc_path']}/apinger.conf");
return 0;
}
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index dc4cbdf..843ca36 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -475,9 +475,14 @@ function interface_bridge_add_member($bridgeif, $interface) {
pfSense_get_interface_addresses($bridgeif);
if (isset($options['encaps']['txcsum']))
+ pfSense_interface_capabilities($interface, IFCAP_TXCSUM);
+ else
pfSense_interface_capabilities($interface, -IFCAP_TXCSUM);
+
+ if (isset($options['encaps']['rxcsum']))
+ pfSense_interface_capabilities($interface, IFCAP_RXCSUM);
else
- pfSense_interface_capabilities($interface, IFCAP_TXCSUM);
+ pfSense_interface_capabilities($interface, -IFCAP_RXCSUM);
interfaces_bring_up($interface);
mwexec("/sbin/ifconfig {$bridgeif} addm {$interface}");
@@ -819,10 +824,11 @@ function interface_bring_down($interface = "wan", $destroy = false) {
if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) {
foreach ($config['ppps']['ppp'] as $pppid => $ppp) {
if ($realif == $ppp['if']) {
- if (!isset($ppp['ondemand'])) {
- killbypid("{$g['varrun_path']}/{$ifcfg['ipaddr']}_{$interface}.pid");
- sleep(2);
- unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf");
+ killbypid("{$g['varrun_path']}/{$ifcfg['ipaddr']}_{$interface}.pid");
+ sleep(2);
+ unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf");
+ if (isset($ppp['ondemand']) && !$destroy) {
+ interface_configure("wan");
}
break;
}
@@ -996,7 +1002,7 @@ function handle_pppoe_reset($post_array) {
$config['cron']['item'][] = $item;
}
-/* This function can configure PPPoE, MLPPP (PPPoE), PPtP.
+/* This function can configure PPPoE, MLPPP (PPPoE), PPTP.
* It writes the mpd config file to /var/etc every time the link is opened.
*/
@@ -1050,7 +1056,7 @@ function interface_ppps_configure($interface) {
$subnets = explode(',',$ppp['subnet']);
/* We bring up the parent interface first because if DHCP is configured on the parent we need
- to obtain an address first so we can write it in the mpd .conf file for PPtP and L2tP configs
+ to obtain an address first so we can write it in the mpd .conf file for PPTP and L2TP configs
*/
foreach($ports as $pid => $port){
switch ($ppp['type']) {
@@ -1069,7 +1075,7 @@ function interface_ppps_configure($interface) {
$localips[$pid] = get_interface_ip($port); // try to get the interface IP from the port
if(!is_ipaddr($localips[$pid])){
- log_error("Could not get a Local IP address for PPtP/L2tP link on {$port} in interfaces_ppps_configure.");
+ log_error("Could not get a Local IP address for PPTP/L2TP link on {$port} in interfaces_ppps_configure.");
return 0;
}
/* XXX: This needs to go away soon! [It's commented out!] */
@@ -1084,7 +1090,7 @@ function interface_ppps_configure($interface) {
*/
}
if(!is_ipaddr($gateways[$pid])){
- log_error("Could not get a PPtP/L2tP Remote IP address from {$dhcp_gateway} for {$gway} in interfaces_ppps_configure.");
+ log_error("Could not get a PPTP/L2TP Remote IP address from {$dhcp_gateway} for {$gway} in interfaces_ppps_configure.");
return 0;
}
break;
@@ -1601,16 +1607,21 @@ function interface_reload_carps($cif) {
foreach ($viparr as $vip) {
if (in_array($vip['carpif'], $carps)) {
switch ($vip['mode']) {
- case "carp":
+ case "carp":
interface_vip_bring_down($vip);
sleep(1);
interface_carp_configure($vip);
break;
- case "carpdev-dhcp":
+ case "carpdev-dhcp":
interface_vip_bring_down($vip);
sleep(1);
interface_carpdev_configure($vip);
break;
+ case "ipalias":
+ interface_vip_bring_down($vip);
+ sleep(1);
+ interface_ipalias_configure($vip);
+ break;
}
}
}
@@ -1823,6 +1834,7 @@ function interface_sync_wireless_clones(&$ifcfg, $sync_changes = false) {
$baseif = interface_get_wireless_base($ifcfg['if']);
+ // Sync shared settings for assigned clones
$iflist = get_configured_interface_list(false, true);
foreach ($iflist as $if) {
if ($baseif == interface_get_wireless_base($config['interfaces'][$if]['if']) && $ifcfg['if'] != $config['interfaces'][$if]['if']) {
@@ -1840,6 +1852,18 @@ function interface_sync_wireless_clones(&$ifcfg, $sync_changes = false) {
}
}
+ // Read or write settings at shared area
+ if (isset($config['wireless']['interfaces'][$baseif])) {
+ foreach ($shared_settings as $setting) {
+ if ($sync_changes) {
+ $config['wireless']['interfaces'][$baseif][$setting] = $ifcfg['wireless'][$setting];
+ } else if (isset($config['wireless']['interfaces'][$baseif][$setting])) {
+ $ifcfg['wireless'][$setting] = $config['wireless']['interfaces'][$baseif][$setting];
+ }
+ }
+ }
+
+ // Sync the mode on the clone creation page with the configured mode on the interface
if (interface_is_wireless_clone($ifcfg['if'])) {
foreach ($config['wireless']['clone'] as &$clone) {
if ($clone['cloneif'] == $ifcfg['if']) {
@@ -2326,21 +2350,20 @@ function interface_configure($interface = "wan", $reloadall = false) {
interface_reload_carps($realif);
if (!$g['booting']) {
- if (link_interface_to_gre($interface)) {
- foreach ($config['gres']['gre'] as $gre)
- if ($gre['if'] == $interface)
- interface_gre_configure($gre);
- }
- if (link_interface_to_gif($interface)) {
- foreach ($config['gifs']['gif'] as $gif)
- if ($gif['if'] == $interface)
- interface_gif_configure($gif);
- }
- if (link_interface_to_bridge($interface)) {
- foreach ($config['bridges']['bridged'] as $bridge)
- if (stristr($bridge['members'], "{$interface}"))
- interface_bridge_add_member($bridge['bridgeif'], $realif);
- }
+ unset($gre);
+ $gre = link_interface_to_gre($interface);
+ if (!empty($gre))
+ interface_gre_configure($gre);
+
+ unset($gif);
+ $gif = link_interface_to_gif($interface);
+ if (!empty($gif))
+ interface_gif_configure($gif);
+
+ unset($bridgetmp);
+ $bridgetmp = link_interface_to_bridge($interface);
+ if (!empty($bridgetmp))
+ interface_bridge_add_member($bridgetmp, $realif);
link_interface_to_vips($interface, "update");
@@ -2512,25 +2535,19 @@ function convert_real_interface_to_friendly_interface_name($interface = "wan") {
return $vip['interface'];
}
}
- } else if (stristr($interface, "carp")) {
- $index = intval(substr($interface, 4));
- foreach ($config['virtualip']['vip'] as $counter => $vip) {
- if ($vip['mode'] == "carpdev-dhcp" || $vip['mode'] == "carp") {
- if ($index == $counter)
- return $vip['interface'];
- }
- }
}
/* XXX: For speed reasons reference directly the interface array */
- $ifdescrs = $config['interfaces'];
+ $ifdescrs =& $config['interfaces'];
//$ifdescrs = get_configured_interface_list(false, true);
foreach ($ifdescrs as $if => $ifname) {
if ($config['interfaces'][$if]['if'] == $interface)
return $if;
- /* XXX: ermal - The 3 lines below are totally bogus code. */
+ if (get_real_interface($if) == $interface)
+ return $if;
+
$int = interface_translate_type_to_real($if);
if ($int == $interface)
return $ifname;
@@ -2547,10 +2564,10 @@ function convert_friendly_interface_to_friendly_descr($interface) {
$ifdesc = "L2TP";
break;
case "pptp":
- $ifdesc = "pptp";
+ $ifdesc = "PPTP";
break;
case "pppoe":
- $ifdesc = "pppoe";
+ $ifdesc = "PPPoE";
break;
case "openvpn":
$ifdesc = "OpenVPN";
@@ -2560,6 +2577,13 @@ function convert_friendly_interface_to_friendly_descr($interface) {
$ifdesc = "IPsec";
break;
default:
+ if (isset($config['interfaces'][$interface])) {
+ if (empty($config['interfaces'][$interface]['descr']))
+ $ifdesc = strtoupper($interface);
+ else
+ $ifdesc = strtoupper($config['interfaces'][$interface]['descr']);
+ break;
+ }
/* if list */
$ifdescrs = get_configured_interface_with_descr(false, true);
foreach ($ifdescrs as $if => $ifname) {
@@ -2752,6 +2776,7 @@ function find_number_of_created_carp_interfaces() {
function get_all_carp_interfaces() {
$ints = str_replace("\n", " ", `ifconfig | grep "carp:" -B2 | grep ": flag" | cut -d: -f1`);
+ $ints = explode(" ", $ints);
return $ints;
}
@@ -2764,7 +2789,7 @@ function find_carp_interface($ip) {
foreach ($config['virtualip']['vip'] as $vip) {
if ($vip['mode'] == "carp" || $vip['mode'] == "carpdev") {
$carp_ip = get_interface_ip($vip['interface']);
- $if = `ifconfig | grep '$ip' -B1 | head -n1 | cut -d: -f1`;
+ $if = `ifconfig | grep '$ip ' -B1 | head -n1 | cut -d: -f1`;
if ($if)
return $if;
}
@@ -2871,10 +2896,12 @@ function link_interface_to_vips($int, $action = "") {
function link_interface_to_bridge($int) {
global $config;
- if (is_array($config['bridges']['bridged']))
- foreach ($config['bridges']['bridged'] as $bridge)
- if(stristr($bridge['members'], "{$int}"))
+ if (is_array($config['bridges']['bridged'])) {
+ foreach ($config['bridges']['bridged'] as $bridge) {
+ if (in_array($int, explode(',', $bridge['members'])))
return "{$bridge['bridgeif']}";
+ }
+ }
}
function link_interface_to_gre($interface) {
@@ -2883,7 +2910,7 @@ function link_interface_to_gre($interface) {
if (is_array($config['gres']['gre']))
foreach ($config['gres']['gre'] as $gre)
if($gre['if'] == $interface)
- return "{$gre['greif']}";
+ return $gre;
}
function link_interface_to_gif($interface) {
@@ -2892,7 +2919,7 @@ function link_interface_to_gif($interface) {
if (is_array($config['gifs']['gif']))
foreach ($config['gifs']['gif'] as $gif)
if($gif['if'] == $interface)
- return "{$gif['gifif']}";
+ return $gif;
}
/*
@@ -2978,6 +3005,8 @@ function get_interfaces_with_gateway() {
/* loop interfaces, check config for outbound */
foreach($config['interfaces'] as $ifdescr => $ifname) {
+ if (substr($ifdescr, 0, 5) == "ovpnc")
+ return true;
switch ($ifname['ipaddr']) {
case "dhcp":
@@ -3003,6 +3032,8 @@ function interface_has_gateway($friendly) {
global $config;
if (!empty($config['interfaces'][$friendly])) {
+ if (substr($friendly, 0, 5) == "ovpnc")
+ return true;
$ifname =& $config['interfaces'][$friendly];
switch ($ifname['ipaddr']) {
case "dhcp":
@@ -3066,10 +3097,10 @@ function is_interface_wireless($interface) {
$friendly = convert_real_interface_to_friendly_interface_name($interface);
if(!isset($config['interfaces'][$friendly]['wireless'])) {
if (preg_match($g['wireless_regex'], $interface)) {
- $config['interfaces'][$friendly]['wireless'] = array();
+ if (isset($config['interfaces'][$friendly]))
+ $config['interfaces'][$friendly]['wireless'] = array();
return true;
}
- unset($config['interfaces'][$friendly]['wireless']);
return false;
} else
return true;
diff --git a/etc/inc/led.inc b/etc/inc/led.inc
index d684100..ed67db5 100644
--- a/etc/inc/led.inc
+++ b/etc/inc/led.inc
@@ -138,6 +138,15 @@ function led_kitt() {
}
/*
+ * Custom pattern for assigning interfaces
+ */
+function led_assigninterfaces() {
+ led_pattern(1, 'AaaAaaaaaaaaaaaa');
+ led_pattern(2, 'aaaaaAaaAaaaaaaa');
+ led_pattern(3, 'aaaaaaaaaaAaaAaa');
+}
+
+/*
* Return the three LEDs to a standard setup (1=on, 2 and 3 = off)
*/
function led_normalize() {
@@ -147,6 +156,15 @@ function led_normalize() {
}
/*
+ * Shut off ALL LEDs.
+ */
+function led_alloff() {
+ led_off(1);
+ led_off(2);
+ led_off(3);
+}
+
+/*
* Translate a string to morse code. Characters not known to have a
* valid morse code representation will be ignored.
*/
diff --git a/etc/inc/notices.inc b/etc/inc/notices.inc
index 558a86e..4415987 100644
--- a/etc/inc/notices.inc
+++ b/etc/inc/notices.inc
@@ -344,6 +344,7 @@ function notify_via_smtp($message) {
function notify_via_growl($message) {
require_once("growl.class");
global $config;
+ $hostname = $config['system']['hostname'] . "." . $config['system']['domain'];
$growl_ip = $config['notifications']['growl']['ipaddress'];
$growl_password = $config['notifications']['growl']['password'];
$growl_name = $config['notifications']['growl']['name'];
@@ -351,7 +352,7 @@ function notify_via_growl($message) {
if(!empty($growl_ip)) {
$growl = new Growl($growl_ip, $growl_password, $growl_name);
- $growl->notify("{$growl_notification}", "pfSense", "{$message}");
+ $growl->notify("{$growl_notification}", "pfSense ($hostname) - Notification", "{$message}");
}
}
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index 3d12fa9..14a2579 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -1542,6 +1542,9 @@ function download_file_with_progress_bar($url_file, $destination_file, $readbody
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url_file);
curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+ /* Don't verify SSL peers since we don't have the certificates to do so. */
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_WRITEFUNCTION, $readbody);
curl_setopt($ch, CURLOPT_NOPROGRESS, '1');
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '5');
diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc
index 6015f72..ea7c175 100644
--- a/etc/inc/pkg-utils.inc
+++ b/etc/inc/pkg-utils.inc
@@ -484,7 +484,7 @@ function install_package($package, $pkg_info = "") {
update_output_window($static_output);
if($pkg_info['after_install_info'])
update_output_window($pkg_info['after_install_info']);
- start_service($pkg_info['config_file']);
+ start_service($pkg_info['name']);
$restart_sync = true;
}
diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc
index 98766e3..356037e 100644
--- a/etc/inc/rrd.inc
+++ b/etc/inc/rrd.inc
@@ -1,7 +1,7 @@
<?php
/* $Id$ */
/*
- Copyright (C) 2008 Seth Mos
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -174,6 +174,7 @@ function enable_rrd_graphing() {
$proc = "-processor.rrd";
$mem = "-memory.rrd";
$cellular = "-cellular.rrd";
+ $vpnusers = "-vpnusers.rrd";
$rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool";
$netstat = "/usr/bin/netstat";
@@ -197,6 +198,7 @@ function enable_rrd_graphing() {
$rrdprocinterval = 60;
$rrdmeminterval = 60;
$rrdcellularinterval = 60;
+ $rrdvpninterval = 60;
$trafficvalid = $rrdtrafficinterval * 2;
$wirelessvalid = $rrdwirelessinterval * 2;
@@ -209,6 +211,7 @@ function enable_rrd_graphing() {
$procvalid = $rrdlbpoolinterval * 2;
$memvalid = $rrdmeminterval * 2;
$cellularvalid = $rrdcellularinterval * 2;
+ $vpnvalid = $rrdvpninterval * 2;
/* Asume GigE for now */
$downstream = 125000000;
@@ -250,8 +253,17 @@ function enable_rrd_graphing() {
$i = 0;
$ifdescrs = get_configured_interface_with_descr();
+ /* IPsec counters */
$ifdescrs['ipsec'] = "IPsec";
+ /* OpenVPN server counters */
+ if(is_array($config['openvpn']['openvpn-server'])) {
+ foreach($config['openvpn']['openvpn-server'] as $server) {
+ $serverid = "ovpns" . $server['vpnid'];
+ $ifdescrs[$serverid] = "{$server['description']}";
+ }
+ }
+ /* process all real and pseudo interfaces */
foreach ($ifdescrs as $ifname => $ifdescr) {
$temp = get_real_interface($ifname);
if($temp <> "") {
@@ -336,190 +348,264 @@ function enable_rrd_graphing() {
$rrdupdatesh .= "`$ifconfig {$realif} list sta| $awk 'gsub(\"M\", \"\") {getline 2;print substr(\$5, 0, length(\$5)-2) \":\" $4 \":\" $3}'`\n";
}
- /* QUEUES, set up the queues databases */
- if ($altq_list_queues[$ifname]) {
- $altq =& $altq_list_queues[$ifname];
- /* NOTE: Is it worth as its own function?! */
- switch ($altq->GetBwscale()) {
- case "Gb":
- $factor = 1024 * 1024 * 1024;
- break;
- case "Mb":
- $factor = 1024 * 1024;
- break;
- case "Kb":
- $factor = 1024;
- break;
- case "b":
- default:
- $factor = 1;
- break;
- }
- $qbandwidth = $altq->GetBandwidth() * $factor;
- if ($qbandwidth <=0)
- $qbandwidth = 100 * 1000 * 1000; /* 100Mbit */
- $qlist =& $altq->get_queue_list($notused);
- if (!file_exists("$rrddbpath$ifname$queues")) {
- $rrdcreate = "$rrdtool create $rrddbpath$ifname$queues --step $rrdqueuesinterval ";
- /* loop list of shaper queues */
- $q = 0;
- foreach ($qlist as $qname => $q) {
- $rrdcreate .= "DS:$qname:COUNTER:$queuesvalid:0:$qbandwidth ";
- }
+ /* OpenVPN, set up the rrd file */
+ if(stristr($ifname, "ovpns")) {
+ if (!file_exists("$rrddbpath$ifname$vpnusers")) {
+ $rrdcreate = "$rrdtool create $rrddbpath$ifname$vpnusers --step $rrdvpninterval ";
+ $rrdcreate .= "DS:users:GAUGE:$vpnvalid:0:10000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+
+ create_new_rrd($rrdcreate);
+ }
- $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+ /* enter UNKNOWN values in the RRD so it knows we rebooted. */
+ if($g['booting']) {
+ mwexec("$rrdtool update $rrddbpath$ifname$vpnusers N:U");
+ }
- create_new_rrd($rrdcreate);
+ if(is_array($config['openvpn']['openvpn-server'])) {
+ foreach($config['openvpn']['openvpn-server'] as $server) {
+ if("ovpns{$server['vpnid']}" == $ifname) {
+ $port = $server['local_port'];
+ }
}
+ }
+ $rrdupdatesh .= "\n";
+ $rrdupdatesh .= "# polling vpn users for interface $ifname $realif port $port\n";
+ $rrdupdatesh .= "list_current_users() {\n";
+ $rrdupdatesh .= " sleep 0.2\n";
+ $rrdupdatesh .= " echo \"status 2\"\n";
+ $rrdupdatesh .= " sleep 0.2\n";
+ $rrdupdatesh .= " echo \"quit\"\n";
+ $rrdupdatesh .= "}\n";
+ $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$vpnusers N:\\\n";
+ $rrdupdatesh .= "`list_current_users | nc localhost {$port} | awk -F\",\" '/^CLIENT_LIST/ {print \$2}' | wc -l | awk '{print $1}'`\n";
+ }
- if (!file_exists("$rrddbpath$ifname$queuesdrop")) {
- $rrdcreate = "$rrdtool create $rrddbpath$ifname$queuesdrop --step $rrdqueuesdropinterval ";
- /* loop list of shaper queues */
- $q = 0;
- foreach ($qlist as $qname => $q) {
- $rrdcreate .= "DS:$qname:COUNTER:$queuesdropvalid:0:$qbandwidth ";
- }
+ /* QUEUES, set up the queues databases */
+ if ($altq_list_queues[$ifname]) {
+ $altq =& $altq_list_queues[$ifname];
+ /* NOTE: Is it worth as its own function?! */
+ switch ($altq->GetBwscale()) {
+ case "Gb":
+ $factor = 1024 * 1024 * 1024;
+ break;
+ case "Mb":
+ $factor = 1024 * 1024;
+ break;
+ case "Kb":
+ $factor = 1024;
+ break;
+ case "b":
+ default:
+ $factor = 1;
+ break;
+ }
+ $qbandwidth = $altq->GetBandwidth() * $factor;
+ if ($qbandwidth <=0) {
+ $qbandwidth = 100 * 1000 * 1000; /* 100Mbit */
+ }
+ $qlist =& $altq->get_queue_list($notused);
+ if (!file_exists("$rrddbpath$ifname$queues")) {
+ $rrdcreate = "$rrdtool create $rrddbpath$ifname$queues --step $rrdqueuesinterval ";
+ /* loop list of shaper queues */
+ $q = 0;
+ foreach ($qlist as $qname => $q) {
+ $rrdcreate .= "DS:$qname:COUNTER:$queuesvalid:0:$qbandwidth ";
+ }
- $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+
+ create_new_rrd($rrdcreate);
+ }
- create_new_rrd($rrdcreate);
+ if (!file_exists("$rrddbpath$ifname$queuesdrop")) {
+ $rrdcreate = "$rrdtool create $rrddbpath$ifname$queuesdrop --step $rrdqueuesdropinterval ";
+ /* loop list of shaper queues */
+ $q = 0;
+ foreach ($qlist as $qname => $q) {
+ $rrdcreate .= "DS:$qname:COUNTER:$queuesdropvalid:0:$qbandwidth ";
}
- if($g['booting']) {
- $rrdqcommand = "-t ";
- $rrducommand = "N";
- $q = 0;
- foreach ($qlist as $qname => $q) {
- if($q == 0) {
- $rrdqcommand .= "{$qname}";
- } else {
- $rrdqcommand .= ":{$qname}";
- }
- $q++;
- $rrducommand .= ":U";
+ $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+
+ create_new_rrd($rrdcreate);
+ }
+
+ if($g['booting']) {
+ $rrdqcommand = "-t ";
+ $rrducommand = "N";
+ $q = 0;
+ foreach ($qlist as $qname => $q) {
+ if($q == 0) {
+ $rrdqcommand .= "{$qname}";
+ } else {
+ $rrdqcommand .= ":{$qname}";
}
- mwexec("$rrdtool update $rrddbpath$ifname$queues $rrdqcommand $rrducommand");
- mwexec("$rrdtool update $rrddbpath$ifname$queuesdrop $rrdqcommand $rrducommand");
+ $q++;
+ $rrducommand .= ":U";
}
-
- /* awk function to gather shaper data */
- /* yes, it's special */
- $rrdupdatesh .= "` pfctl -vsq -i {$realif} | awk 'BEGIN {printf \"$rrdtool update $rrddbpath$ifname$queues \" } ";
- $rrdupdatesh .= "{ ";
- $rrdupdatesh .= "if ((\$1 == \"queue\") && ( \$2 ~ /^q/ )) { ";
- $rrdupdatesh .= "dsname = dsname \":\" \$2 ; ";
- $rrdupdatesh .= "q=1; ";
- $rrdupdatesh .= "} ";
- $rrdupdatesh .= "else if ((\$4 == \"bytes:\") && ( q == 1 ) ) { ";
- $rrdupdatesh .= "dsdata = dsdata \":\" \$5 ; ";
- $rrdupdatesh .= "q=0; ";
- $rrdupdatesh .= "} ";
- $rrdupdatesh .= "} END { ";
- $rrdupdatesh .= "dsname = substr(dsname,2); ";
- $rrdupdatesh .= "dsdata = substr(dsdata,2); ";
- $rrdupdatesh .= "printf \"-t \" dsname \" N:\" dsdata }' ";
- $rrdupdatesh .= "dsname=\"\" dsdata=\"\"`\n\n";
-
- $rrdupdatesh .= "` pfctl -vsq -i {$realif} | awk 'BEGIN {printf \"$rrdtool update $rrddbpath$ifname$queuesdrop \" } ";
- $rrdupdatesh .= "{ ";
- $rrdupdatesh .= "if ((\$1 == \"queue\") && ( \$2 ~ /^q/ )) { ";
- $rrdupdatesh .= "dsname = dsname \":\" \$2 ; ";
- $rrdupdatesh .= "q=1; ";
- $rrdupdatesh .= "} ";
- $rrdupdatesh .= "else if ((\$4 == \"bytes:\") && ( q == 1 ) ) { ";
- $rrdupdatesh .= "dsdata = dsdata \":\" \$8 ; ";
- $rrdupdatesh .= "q=0; ";
- $rrdupdatesh .= "} ";
- $rrdupdatesh .= "} END { ";
- $rrdupdatesh .= "dsname = substr(dsname,2); ";
- $rrdupdatesh .= "dsdata = substr(dsdata,2); ";
- $rrdupdatesh .= "printf \"-t \" dsname \" N:\" dsdata }' ";
- $rrdupdatesh .= "dsname=\"\" dsdata=\"\"`\n\n";
+ mwexec("$rrdtool update $rrddbpath$ifname$queues $rrdqcommand $rrducommand");
+ mwexec("$rrdtool update $rrddbpath$ifname$queuesdrop $rrdqcommand $rrducommand");
}
+
+ /* awk function to gather shaper data */
+ /* yes, it's special */
+ $rrdupdatesh .= "` pfctl -vsq -i {$realif} | awk 'BEGIN {printf \"$rrdtool update $rrddbpath$ifname$queues \" } ";
+ $rrdupdatesh .= "{ ";
+ $rrdupdatesh .= "if ((\$1 == \"queue\") && ( \$2 ~ /^q/ )) { ";
+ $rrdupdatesh .= " dsname = dsname \":\" \$2 ; ";
+ $rrdupdatesh .= " q=1; ";
+ $rrdupdatesh .= "} ";
+ $rrdupdatesh .= " else if ((\$4 == \"bytes:\") && ( q == 1 ) ) { ";
+ $rrdupdatesh .= " dsdata = dsdata \":\" \$5 ; ";
+ $rrdupdatesh .= " q=0; ";
+ $rrdupdatesh .= "} ";
+ $rrdupdatesh .= "} END { ";
+ $rrdupdatesh .= " dsname = substr(dsname,2); ";
+ $rrdupdatesh .= " dsdata = substr(dsdata,2); ";
+ $rrdupdatesh .= " printf \"-t \" dsname \" N:\" dsdata }' ";
+ $rrdupdatesh .= " dsname=\"\" dsdata=\"\"`\n\n";
+
+ $rrdupdatesh .= "` pfctl -vsq -i {$realif} | awk 'BEGIN {printf \"$rrdtool update $rrddbpath$ifname$queuesdrop \" } ";
+ $rrdupdatesh .= "{ ";
+ $rrdupdatesh .= "if ((\$1 == \"queue\") && ( \$2 ~ /^q/ )) { ";
+ $rrdupdatesh .= " dsname = dsname \":\" \$2 ; ";
+ $rrdupdatesh .= " q=1; ";
+ $rrdupdatesh .= "} ";
+ $rrdupdatesh .= " else if ((\$4 == \"bytes:\") && ( q == 1 ) ) { ";
+ $rrdupdatesh .= " dsdata = dsdata \":\" \$8 ; ";
+ $rrdupdatesh .= " q=0; ";
+ $rrdupdatesh .= "} ";
+ $rrdupdatesh .= "} END { ";
+ $rrdupdatesh .= " dsname = substr(dsname,2); ";
+ $rrdupdatesh .= " dsdata = substr(dsdata,2); ";
+ $rrdupdatesh .= " printf \"-t \" dsname \" N:\" dsdata }' ";
+ $rrdupdatesh .= " dsname=\"\" dsdata=\"\"`\n\n";
+ }
}
$i++;
/* System only statistics */
$ifname = "system";
- /* STATES, create pf states database */
- if(! file_exists("$rrddbpath$ifname$states")) {
- $rrdcreate = "$rrdtool create $rrddbpath$ifname$states --step $rrdstatesinterval ";
- $rrdcreate .= "DS:pfrate:GAUGE:$statesvalid:0:10000000 ";
- $rrdcreate .= "DS:pfstates:GAUGE:$statesvalid:0:10000000 ";
- $rrdcreate .= "DS:pfnat:GAUGE:$statesvalid:0:10000000 ";
- $rrdcreate .= "DS:srcip:GAUGE:$statesvalid:0:10000000 ";
- $rrdcreate .= "DS:dstip:GAUGE:$statesvalid:0:10000000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+ /* STATES, create pf states database */
+ if(! file_exists("$rrddbpath$ifname$states")) {
+ $rrdcreate = "$rrdtool create $rrddbpath$ifname$states --step $rrdstatesinterval ";
+ $rrdcreate .= "DS:pfrate:GAUGE:$statesvalid:0:10000000 ";
+ $rrdcreate .= "DS:pfstates:GAUGE:$statesvalid:0:10000000 ";
+ $rrdcreate .= "DS:pfnat:GAUGE:$statesvalid:0:10000000 ";
+ $rrdcreate .= "DS:srcip:GAUGE:$statesvalid:0:10000000 ";
+ $rrdcreate .= "DS:dstip:GAUGE:$statesvalid:0:10000000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+
+ create_new_rrd($rrdcreate);
+ }
- create_new_rrd($rrdcreate);
- }
+ /* enter UNKNOWN values in the RRD so it knows we rebooted. */
+ if($g['booting']) {
+ mwexec("$rrdtool update $rrddbpath$ifname$states N:U:U:U:U:U");
+ }
- /* enter UNKNOWN values in the RRD so it knows we rebooted. */
- if($g['booting']) {
- mwexec("$rrdtool update $rrddbpath$ifname$states N:U:U:U:U:U");
- }
+ /* the pf states gathering function. */
+ $rrdupdatesh .= "\n";
+ $rrdupdatesh .= "pfctl_si_out=\"` $pfctl -si > /tmp/pfctl_si_out `\"\n";
+ $rrdupdatesh .= "pfctl_ss_out=\"` $pfctl -ss > /tmp/pfctl_ss_out`\"\n";
+ $rrdupdatesh .= "pfrate=\"` cat /tmp/pfctl_si_out | egrep \"inserts|removals\" | awk '{ pfrate = \$3 + pfrate } {print pfrate}'|tail -1 `\"\n";
+ $rrdupdatesh .= "pfstates=\"` cat /tmp/pfctl_ss_out | egrep -v \"<\\-.*?<\\-|\\->.*?\\->\" | wc -l|sed 's/ //g'`\"\n";
+ $rrdupdatesh .= "pfnat=\"` cat /tmp/pfctl_ss_out | egrep '<\\-.*?<\\-|\\->.*?\\->' | wc -l|sed 's/ //g' `\"\n";
+ $rrdupdatesh .= "srcip=\"` cat /tmp/pfctl_ss_out | egrep -v '<\\-.*?<\\-|\\->.*?\\->' | grep '\\->' | awk '{print \$3}' | awk -F: '{print \$1}' | sort -u|wc -l|sed 's/ //g' `\"\n";
+ $rrdupdatesh .= "dstip=\"` cat /tmp/pfctl_ss_out | egrep -v '<\\-.*?<\\-|\\->.*?\\->' | grep '<\\-' | awk '{print \$3}' | awk -F: '{print \$1}' | sort -u|wc -l|sed 's/ //g' `\"\n";
+ $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$states N:\$pfrate:\$pfstates:\$pfnat:\$srcip:\$dstip\n\n";
+
+ /* End pf states statistics */
+
+ /* CPU, create CPU statistics database */
+ if(! file_exists("$rrddbpath$ifname$proc")) {
+ $rrdcreate = "$rrdtool create $rrddbpath$ifname$proc --step $rrdprocinterval ";
+ $rrdcreate .= "DS:user:GAUGE:$procvalid:0:10000000 ";
+ $rrdcreate .= "DS:nice:GAUGE:$procvalid:0:10000000 ";
+ $rrdcreate .= "DS:system:GAUGE:$procvalid:0:10000000 ";
+ $rrdcreate .= "DS:interrupt:GAUGE:$procvalid:0:10000000 ";
+ $rrdcreate .= "DS:processes:GAUGE:$procvalid:0:10000000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+
+ create_new_rrd($rrdcreate);
+ }
- /* the pf states gathering function. */
- $rrdupdatesh .= "\n";
- $rrdupdatesh .= "pfctl_si_out=\"` $pfctl -si > /tmp/pfctl_si_out `\"\n";
- $rrdupdatesh .= "pfctl_ss_out=\"` $pfctl -ss > /tmp/pfctl_ss_out`\"\n";
- $rrdupdatesh .= "pfrate=\"` cat /tmp/pfctl_si_out | egrep \"inserts|removals\" | awk '{ pfrate = \$3 + pfrate } {print pfrate}'|tail -1 `\"\n";
- $rrdupdatesh .= "pfstates=\"` cat /tmp/pfctl_ss_out | egrep -v \"<\\-.*?<\\-|\\->.*?\\->\" | wc -l|sed 's/ //g'`\"\n";
- $rrdupdatesh .= "pfnat=\"` cat /tmp/pfctl_ss_out | egrep '<\\-.*?<\\-|\\->.*?\\->' | wc -l|sed 's/ //g' `\"\n";
- $rrdupdatesh .= "srcip=\"` cat /tmp/pfctl_ss_out | egrep -v '<\\-.*?<\\-|\\->.*?\\->' | grep '\\->' | awk '{print \$3}' | awk -F: '{print \$1}' | sort -u|wc -l|sed 's/ //g' `\"\n";
- $rrdupdatesh .= "dstip=\"` cat /tmp/pfctl_ss_out | egrep -v '<\\-.*?<\\-|\\->.*?\\->' | grep '<\\-' | awk '{print \$3}' | awk -F: '{print \$1}' | sort -u|wc -l|sed 's/ //g' `\"\n";
- $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$states N:\$pfrate:\$pfstates:\$pfnat:\$srcip:\$dstip\n\n";
-
- /* End pf states statistics */
-
- /* CPU, create CPU statistics database */
- if(! file_exists("$rrddbpath$ifname$proc")) {
- $rrdcreate = "$rrdtool create $rrddbpath$ifname$proc --step $rrdprocinterval ";
- $rrdcreate .= "DS:user:GAUGE:$procvalid:0:10000000 ";
- $rrdcreate .= "DS:nice:GAUGE:$procvalid:0:10000000 ";
- $rrdcreate .= "DS:system:GAUGE:$procvalid:0:10000000 ";
- $rrdcreate .= "DS:interrupt:GAUGE:$procvalid:0:10000000 ";
- $rrdcreate .= "DS:processes:GAUGE:$procvalid:0:10000000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+ /* enter UNKNOWN values in the RRD so it knows we rebooted. */
+ if($g['booting']) {
+ mwexec("$rrdtool update $rrddbpath$ifname$proc N:U:U:U:U:U");
+ }
- create_new_rrd($rrdcreate);
- }
+ /* the CPU stats gathering function. */
+ $rrdupdatesh .= "`$top -d 2 -s 1 0 | $awk '{gsub(/%/, \"\")} BEGIN { \\\n";
+ $rrdupdatesh .= "printf \"$rrdtool update $rrddbpath$ifname$proc \" } \\\n";
+ $rrdupdatesh .= "{ if ( \$2 == \"processes:\" ) { processes = \$1; } \\\n";
+ $rrdupdatesh .= "else if ( \$1 == \"CPU:\" ) { user = \$2; nice = \$4; sys = \$6; interrupt = \$8; } \\\n";
+ $rrdupdatesh .= "} END { printf \"N:\"user\":\"nice\":\"sys\":\"interrupt\":\"processes }'`\n\n";
+
+ /* End CPU statistics */
+
+ /* Memory, create Memory statistics database */
+ if(! file_exists("$rrddbpath$ifname$mem")) {
+ $rrdcreate = "$rrdtool create $rrddbpath$ifname$mem --step $rrdmeminterval ";
+ $rrdcreate .= "DS:active:GAUGE:$memvalid:0:10000000 ";
+ $rrdcreate .= "DS:inactive:GAUGE:$memvalid:0:10000000 ";
+ $rrdcreate .= "DS:free:GAUGE:$memvalid:0:10000000 ";
+ $rrdcreate .= "DS:cache:GAUGE:$memvalid:0:10000000 ";
+ $rrdcreate .= "DS:wire:GAUGE:$memvalid:0:10000000 ";
+ $rrdcreate .= "RRA:MIN:0.5:1:1000 ";
+ $rrdcreate .= "RRA:MIN:0.5:5:1000 ";
+ $rrdcreate .= "RRA:MIN:0.5:60:1000 ";
+ $rrdcreate .= "RRA:MIN:0.5:720:3000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
+ $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
+ $rrdcreate .= "RRA:MAX:0.5:1:1000 ";
+ $rrdcreate .= "RRA:MAX:0.5:5:1000 ";
+ $rrdcreate .= "RRA:MAX:0.5:60:1000 ";
+ $rrdcreate .= "RRA:MAX:0.5:720:3000";
+
+ create_new_rrd($rrdcreate);
+ }
- /* enter UNKNOWN values in the RRD so it knows we rebooted. */
- if($g['booting']) {
- mwexec("$rrdtool update $rrddbpath$ifname$proc N:U:U:U:U:U");
- }
+ /* enter UNKNOWN values in the RRD so it knows we rebooted. */
+ if($g['booting']) {
+ mwexec("$rrdtool update $rrddbpath$ifname$mem N:U:U:U:U:U");
+ }
- /* the CPU stats gathering function. */
- $rrdupdatesh .= "`$top -d 2 -s 1 0 | $awk '{gsub(/%/, \"\")} BEGIN { \\\n";
- $rrdupdatesh .= "printf \"$rrdtool update $rrddbpath$ifname$proc \" } \\\n";
- $rrdupdatesh .= "{ if ( \$2 == \"processes:\" ) { processes = \$1; } \\\n";
- $rrdupdatesh .= "else if ( \$1 == \"CPU:\" ) { user = \$2; nice = \$4; sys = \$6; interrupt = \$8; } \\\n";
- $rrdupdatesh .= "} END { printf \"N:\"user\":\"nice\":\"sys\":\"interrupt\":\"processes }'`\n\n";
-
- /* End CPU statistics */
-
- /* Memory, create Memory statistics database */
- if(! file_exists("$rrddbpath$ifname$mem")) {
- $rrdcreate = "$rrdtool create $rrddbpath$ifname$mem --step $rrdmeminterval ";
- $rrdcreate .= "DS:active:GAUGE:$memvalid:0:10000000 ";
- $rrdcreate .= "DS:inactive:GAUGE:$memvalid:0:10000000 ";
- $rrdcreate .= "DS:free:GAUGE:$memvalid:0:10000000 ";
- $rrdcreate .= "DS:cache:GAUGE:$memvalid:0:10000000 ";
- $rrdcreate .= "DS:wire:GAUGE:$memvalid:0:10000000 ";
+ /* the Memory stats gathering function. */
+ $rrdupdatesh .= "`$sysctl -n vm.stats.vm.v_page_count vm.stats.vm.v_active_count vm.stats.vm.v_inactive_count vm.stats.vm.v_free_count vm.stats.vm.v_cache_count vm.stats.vm.v_wire_count | ";
+ $rrdupdatesh .= " $awk '{getline active;getline inactive;getline free;getline cache;getline wire;printf \"$rrdtool update $rrddbpath$ifname$mem N:\"";
+ $rrdupdatesh .= "((active/$0) * 100)\":\"((inactive/$0) * 100)\":\"((free/$0) * 100)\":\"((cache/$0) * 100)\":\"(wire/$0 * 100)}'`\n\n";
+
+ /* End Memory statistics */
+
+ /* SPAMD, set up the spamd rrd file */
+ if (isset($config['installedpackages']['spamdsettings']) &&
+ isset ($config['installedpackages']['spamdsettings']['config'][0]['enablerrd'])) {
+ /* set up the spamd rrd file */
+ if (!file_exists("$rrddbpath$ifname$spamd")) {
+ $rrdcreate = "$rrdtool create $rrddbpath$ifname$spamd --step $rrdspamdinterval ";
+ $rrdcreate .= "DS:conn:GAUGE:$spamdvalid:0:10000 ";
+ $rrdcreate .= "DS:time:GAUGE:$spamdvalid:0:86400 ";
$rrdcreate .= "RRA:MIN:0.5:1:1000 ";
$rrdcreate .= "RRA:MIN:0.5:5:1000 ";
$rrdcreate .= "RRA:MIN:0.5:60:1000 ";
@@ -531,56 +617,21 @@ function enable_rrd_graphing() {
$rrdcreate .= "RRA:MAX:0.5:1:1000 ";
$rrdcreate .= "RRA:MAX:0.5:5:1000 ";
$rrdcreate .= "RRA:MAX:0.5:60:1000 ";
- $rrdcreate .= "RRA:MAX:0.5:720:3000";
+ $rrdcreate .= "RRA:MAX:0.5:720:3000 ";
create_new_rrd($rrdcreate);
}
- /* enter UNKNOWN values in the RRD so it knows we rebooted. */
- if($g['booting']) {
- mwexec("$rrdtool update $rrddbpath$ifname$mem N:U:U:U:U:U");
- }
-
- /* the Memory stats gathering function. */
- $rrdupdatesh .= "`$sysctl -n vm.stats.vm.v_page_count vm.stats.vm.v_active_count vm.stats.vm.v_inactive_count vm.stats.vm.v_free_count vm.stats.vm.v_cache_count vm.stats.vm.v_wire_count | ";
- $rrdupdatesh .= " $awk '{getline active;getline inactive;getline free;getline cache;getline wire;printf \"$rrdtool update $rrddbpath$ifname$mem N:\"";
- $rrdupdatesh .= "((active/$0) * 100)\":\"((inactive/$0) * 100)\":\"((free/$0) * 100)\":\"((cache/$0) * 100)\":\"(wire/$0 * 100)}'`\n\n";
-
- /* End Memory statistics */
-
- /* SPAMD, set up the spamd rrd file */
- if (isset($config['installedpackages']['spamdsettings']) &&
- isset ($config['installedpackages']['spamdsettings']['config'][0]['enablerrd'])) {
- /* set up the spamd rrd file */
- if (!file_exists("$rrddbpath$ifname$spamd")) {
- $rrdcreate = "$rrdtool create $rrddbpath$ifname$spamd --step $rrdspamdinterval ";
- $rrdcreate .= "DS:conn:GAUGE:$spamdvalid:0:10000 ";
- $rrdcreate .= "DS:time:GAUGE:$spamdvalid:0:86400 ";
- $rrdcreate .= "RRA:MIN:0.5:1:1000 ";
- $rrdcreate .= "RRA:MIN:0.5:5:1000 ";
- $rrdcreate .= "RRA:MIN:0.5:60:1000 ";
- $rrdcreate .= "RRA:MIN:0.5:720:3000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
- $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 ";
- $rrdcreate .= "RRA:MAX:0.5:1:1000 ";
- $rrdcreate .= "RRA:MAX:0.5:5:1000 ";
- $rrdcreate .= "RRA:MAX:0.5:60:1000 ";
- $rrdcreate .= "RRA:MAX:0.5:720:3000 ";
-
- create_new_rrd($rrdcreate);
- }
-
- $rrdupdatesh .= "\n";
- $rrdupdatesh .= "# polling spamd for connections and tarpitness \n";
- $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$spamd \\\n";
- $rrdupdatesh .= "`$php -q $spamd_gather`\n";
+ $rrdupdatesh .= "\n";
+ $rrdupdatesh .= "# polling spamd for connections and tarpitness \n";
+ $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$spamd \\\n";
+ $rrdupdatesh .= "`$php -q $spamd_gather`\n";
- }
+ }
/* End System statistics */
/* 3G WIRELESS, set up the rrd file */
+ /* XXX: Are multiple 3G interfaces not possible? smos@ */
if(isset($config['ppps']['ppp'])) {
$ifname = "ppp";
if (!file_exists("$rrddbpath$ifname$cellular")) {
diff --git a/etc/inc/services.inc b/etc/inc/services.inc
index af0d0c2..65ed7ba 100644
--- a/etc/inc/services.inc
+++ b/etc/inc/services.inc
@@ -136,6 +136,8 @@ EOD;
$dhcpnum = 0;
foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
+ interfaces_staticarp_configure($dhcpif);
+
if (!isset($dhcpifconf['enable']))
continue;
@@ -156,7 +158,7 @@ EOD;
foreach ($a_vip as $vipent) {
if($int == $real_dhcpif) {
/* this is the interface! */
- if($vipent['advskew'] < "20")
+ if(!empty($vipent['advskew']) && ($vipent['advskew'] < "20"))
$skew = 0;
}
}
@@ -501,12 +503,35 @@ function services_dhcrelay_configure() {
$iflist = get_configured_interface_list();
foreach ($iflist as $ifname) {
$subnet = get_interface_ip($ifname) . "/" . get_interface_subnet($ifname);
- if (ip_in_subnet($dhcrelaycfg['server'],$subnet))
+ if (ip_in_subnet($dhcrelaycfg['server'],$subnet)) {
$destif = get_real_interface($ifname);
+ break;
+ }
+ }
+ if (!isset($destif)) {
+ if (is_array($config['staticroutes']['route'])) {
+ foreach ($config['staticroutes']['route'] as $rtent) {
+ if (ip_in_subnet($dhcrelaycfg['server'], $rtent['network'])) {
+ $a_gateways = return_gateways_array(true);
+ $destif = $a_gateways[$rtent['gateway']]['interface'];
+ break;
+ }
+ }
+ }
}
- if (!isset($destif))
- $destif = $config['interfaces']['wan']['if'];
+ if (!isset($destif)) {
+ if (is_array($config['gateways']['gateway_item'])) {
+ foreach ($config['gateways']['gateway_item'] as $gateway) {
+ if (isset($gateway['defaultgw'])) {
+ $a_gateways = return_gateways_array(true);
+ $destif = $a_gateways[$rtent['gateway']]['interface'];
+ break;
+ }
+ }
+ } else
+ $destif = get_real_interface("wan");
+ }
$dhcrelayifs[] = $destif;
$dhcrelayifs = array_unique($dhcrelayifs);
@@ -613,13 +638,18 @@ function services_dnsmasq_configure() {
/* Allow DNS Rebind for forwarded domains */
if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
- foreach($config['dnsmasq']['domainoverrides'] as $override) {
- $args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ ';
+ if(!isset($config['system']['webgui']['nodnsrebindcheck'])) {
+ foreach($config['dnsmasq']['domainoverrides'] as $override) {
+ $args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ ';
+ }
}
}
+ if(!isset($config['system']['webgui']['nodnsrebindcheck']))
+ $dns_rebind = "--rebind-localhost-ok --stop-dns-rebind";
+
/* run dnsmasq */
- mwexec("/usr/local/sbin/dnsmasq --rebind-localhost-ok --stop-dns-rebind --local-ttl 1 --all-servers --dns-forward-max=5000 --cache-size=10000 {$args}");
+ mwexec("/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers {$dns_rebind} --dns-forward-max=5000 --cache-size=10000 {$args}");
if ($g['booting'])
echo "done.\n";
@@ -879,7 +909,7 @@ EOD;
fclose($fd);
/* invoke nsupdate */
- $cmd = "/usr/sbin/nsupdate -k {$g['varetc_path']}/K{$i}{$keyname}+157+00000.key";
+ $cmd = "/usr/bin/nsupdate -k {$g['varetc_path']}/K{$i}{$keyname}+157+00000.key";
if (isset($dnsupdate['usetcp']))
$cmd .= " -v";
$cmd .= " {$g['varetc_path']}/nsupdatecmds{$i}";
diff --git a/etc/inc/shaper.inc b/etc/inc/shaper.inc
index 85090bb..a9b9815 100644
--- a/etc/inc/shaper.inc
+++ b/etc/inc/shaper.inc
@@ -333,11 +333,9 @@ class altq_root_queue {
function ReadConfig(&$conf) {
if (isset($conf['tbrconfig']))
$this->SetTbrConfig($conf['tbrconfig']);
- if ($conf['bandwidth'] <> "") {
- $this->SetBandwidth($conf['bandwidth']);
- if ($conf['bandwidthtype'] <> "")
- $this->SetBwscale($conf['bandwidthtype']);
- }
+ $this->SetBandwidth($conf['bandwidth']);
+ if ($conf['bandwidthtype'] <> "")
+ $this->SetBwscale($conf['bandwidthtype']);
if (isset($conf['scheduler'])) {
if ($this->GetScheduler() != $conf['scheduler']) {
foreach ($this->queues as $q) {
@@ -517,10 +515,11 @@ class altq_root_queue {
$rules = " altq on " . get_real_interface($this->GetInterface());
if ($this->GetScheduler())
$rules .= " ".strtolower($this->GetScheduler());
- if ($this->GetBandwidth())
+ if ($this->GetBandwidth()) {
$rules .= " bandwidth ".trim($this->GetBandwidth());
- if ($this->GetBwscale())
- $rules .= $this->GetBwscale();
+ if ($this->GetBwscale())
+ $rules .= $this->GetBwscale();
+ }
if ($this->GetTbrConfig())
$rules .= " tbrsize ".$this->GetTbrConfig();
if (count($this->queues)) {
@@ -593,19 +592,19 @@ class altq_root_queue {
* to the user like the traffic wizard does.
*/
function build_form() {
- $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>";
+ $form = "<tr><td valign=\"center\" class=\"vncellreq\"><br>";
$form .= "Enable/Disable";
- $form .= "</td><td class=\"vncellreq\">";
+ $form .= "<br/></td><td class=\"vncellreq\">";
$form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\"";
if ($this->GetEnabled() == "on")
$form .= " CHECKED";
$form .= " ><span class=\"vexpl\"> Enable/disable discipline and its children</span>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<strong>".$this->GetQname()."</strong>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">Scheduler Type ";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">Scheduler Type ";
$form .= "</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<select id=\"scheduler\" name=\"scheduler\" class=\"formselect\">";
@@ -631,7 +630,7 @@ class altq_root_queue {
$form .= " Beware you can lose information.";
$form .= "</span>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">Bandwidth";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">Bandwidth";
$form .= "</td><td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"bandwidth\" name=\"bandwidth\" value=\"";
$form .= $this->GetBandwidth() . "\">";
@@ -654,15 +653,15 @@ class altq_root_queue {
$form .= ">Bit/s</option>";
$form .= "</select>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">Queue Limit</td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">Queue Limit</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"qlimit\" name=\"qlimit\" value=\"";
$form .= $this->GetQlimit();
$form .= "\">";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">TBR Size</td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">TBR Size</td>";
$form .= "<td class=\"vncellreq\">";
- $form .= "<input type=\"text\" id=\"tbrconfig\" name=\"tbrconfig\" value=\"";
+ $form .= "<br /><input type=\"text\" id=\"tbrconfig\" name=\"tbrconfig\" value=\"";
$form .= $this->GetTbrConfig();
$form .= "\">";
$form .= "<br> <span class=\"vexpl\">";
@@ -956,11 +955,9 @@ class priq_queue {
$this->SetQname($q['name']);
if (isset($q['interface']))
$this->SetInterface($q['interface']);
- if ($q['bandwidth'] <> "") {
- $this->SetBandwidth($q['bandwidth']);
- if ($q['bandwidthtype'] <> "")
- $this->SetBwscale($q['bandwidthtype']);
- }
+ $this->SetBandwidth($q['bandwidth']);
+ if ($q['bandwidthtype'] <> "")
+ $this->SetBwscale($q['bandwidthtype']);
if (!empty($q['qlimit']))
$this->SetQlimit($q['qlimit']);
else
@@ -1075,38 +1072,38 @@ class priq_queue {
* need to update it.
*/
function build_form() {
- $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>";
+ $form = "<tr><td valign=\"center\" class=\"vncellreq\"><br>";
$form .= "Enable/Disable";
- $form .= "</td><td class=\"vncellreq\">";
+ $form .= "<br/></td><td class=\"vncellreq\">";
$form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\"";
if ($this->GetEnabled() == "on")
$form .= " CHECKED";
$form .= " ><span class=\"vexpl\"> Enable/Disable queue and its children</span>";
$form .= "</td></tr>";
$form .= "<tr>";
- $form .= "<td width=\"22%\" valign=\"top\" class=\"vncellreq\">";
+ $form .= "<td width=\"22%\" valign=\"center\" class=\"vncellreq\">";
$form .= "Queue Name</td><td width=\"78%\" class=\"vtable\">";
$form .= "<input name=\"name\" type=\"text\" id=\"name\" class=\"formfld unknown\" size=\"15\" maxlength=\"15\" value=\"";
$form .= htmlspecialchars($this->GetQname());
$form .= "\">";
- $form .= "<br> <span class=\"vexpl\">Enter the name of the queue here. Do not use spaces and limit the size to 15 characters.";
- $form .= "</span></td>";
+ $form .= "<br /> <span class=\"vexpl\">Enter the name of the queue here. Do not use spaces and limit the size to 15 characters.";
+ $form .= "</span><br /></td>";
$form .= "</tr><tr>";
- $form .= "<td width=\"22%\" valign=\"top\" class=\"vncellreq\">Priority</td>";
+ $form .= "<td width=\"22%\" valign=\"center\" class=\"vncellreq\">Priority</td>";
$form .= "<td width=\"78%\" class=\"vtable\"> <input name=\"priority\" type=\"text\" id=\"priority\" size=\"5\" value=\"";
$form .= htmlspecialchars($this->GetQpriority());
$form .= "\">";
$form .= "<br> <span class=\"vexpl\">For hfsc, the range is 0 to 7. The default is 1. Hfsc queues with a higher priority are preferred in the case of overload.</span></td>";
$form .= "</tr>";
- $form .= "</tr>";
- $form .= "<td width=\"22%\" valign=\"top\" class=\"vncellreq\">Queue limit</td>";
- $form .= "<td width=\"78%\" class=\"vtable\"> <input name=\"qlimit\" type=\"text\" id=\"qlimit\" size=\"5\" value=\"";
+ $form .= "<tr>";
+ $form .= "<td width=\"22%\" valign=\"center\" class=\"vncellreq\">Queue limit</td>";
+ $form .= "<td width=\"78%\" class=\"vtable\"> <input name=\"qlimit\" type=\"text\" id=\"qlimit\" size=\"8\" value=\"";
$form .= htmlspecialchars($this->GetQlimit());
$form .= "\">";
$form .= "<br> <span class=\"vexpl\">Queue limit in packets per second.";
$form .= "</span></td>";
$form .= "<tr>";
- $form .= "<td width=\"22%\" valign=\"top\" class=\"vncell\">Scheduler options</td>";
+ $form .= "<td width=\"22%\" valign=\"center\" class=\"vncell\">Scheduler options</td>";
$form .= "<td width=\"78%\" class=\"vtable\">";
$tmpvalue = $this->GetDefault();
if (!empty($tmpvalue)) {
@@ -1791,8 +1788,9 @@ class hfsc_queue extends priq_queue {
}
function build_form() {
- $form = "<tr>";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Bandwidth</td>";
+ $form = parent::build_form();
+ $form .= "<tr>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Bandwidth</td>";
$form .= "<td class=\"vtable\"> <input name=\"bandwidth\" id=\"bandwidth\" class=\"formfld unknown\" value=\"";
$form .= htmlspecialchars($this->GetBandwidth());
$form .= "\">";
@@ -1819,10 +1817,9 @@ class hfsc_queue extends priq_queue {
$form .= ">%</option>";
$form .= "</select> <br>";
$form .= "<span class=\"vexpl\">Choose the amount of bandwidth for this queue";
- $form .= "</span></td>";
- $form .= parent::build_form();
+ $form .= "</span></td></tr>";
$form .= "<tr>";
- $form .= "<td width=\"22%\" valign=\"top\" class=\"vncellreq\">Service Curve (sc)</td>";
+ $form .= "<td width=\"22%\" valign=\"center\" class=\"vncellreq\">Service Curve (sc)</td>";
$form .= "<td width=\"78%\" class=\"vtable\">";
$form .= "<table>";
$form .= "<tr><td>&nbsp;</td><td><center>m1</center></td><td><center>d</center></td><td><center><b>m2</b></center></td></tr>";
@@ -2265,8 +2262,9 @@ class cbq_queue extends priq_queue {
}
function build_form() {
- $form = "<tr>";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Bandwidth</td>";
+ $form = parent::build_form();
+ $form .= "<tr>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Bandwidth</td>";
$form .= "<td class=\"vtable\"> <input name=\"bandwidth\" id=\"bandwidth\" class=\"formfld unknown\" value=\"";
if ($this->GetBandwidth() > 0)
$form .= htmlspecialchars($this->GetBandwidth());
@@ -2295,7 +2293,6 @@ class cbq_queue extends priq_queue {
$form .= "</select> <br>";
$form .= "<span class=\"vexpl\">Choose the amount of bandwidth for this queue";
$form .= "</span></td></tr>";
- $form .= parent::build_form();
$form .= "<tr><td class=\"vncellreq\">Scheduler specific options</td>";
$form .= "<td class=\"vtable\"><input type=\"checkbox\" id=\"borrow\" name=\"borrow\"";
if($this->GetBorrow() == "on")
@@ -2528,8 +2525,9 @@ class fairq_queue extends priq_queue {
}
function build_form() {
- $form = "<tr>";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Bandwidth</td>";
+ $form = parent::build_form();
+ $form .= "<tr>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Bandwidth</td>";
$form .= "<td class=\"vtable\"> <input name=\"bandwidth\" id=\"bandwidth\" class=\"formfld unknown\" value=\"";
if ($this->GetBandwidth() > 0)
$form .= htmlspecialchars($this->GetBandwidth());
@@ -2558,7 +2556,6 @@ class fairq_queue extends priq_queue {
$form .= "</select> <br>";
$form .= "<span class=\"vexpl\">Choose the amount of bandwidth for this queue";
$form .= "</span></td></tr>";
- $form .= parent::build_form();
$form .= "<tr><td class=\"vncellreq\">Scheduler specific options</td>";
$form .= "<td class=\"vtable\"><table><tr><td>";
$form .= "<input id=\"buckets\" name=\"buckets\" value=\"";
@@ -2923,7 +2920,7 @@ class dnpipe_class extends dummynet_class {
}
function build_form() {
- $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>";
+ $form = "<tr><td valign=\"center\" class=\"vncellreq\"><br>";
$form .= "Enable/Disable";
$form .= "</td><td class=\"vncellreq\">";
$form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\"";
@@ -2931,12 +2928,12 @@ class dnpipe_class extends dummynet_class {
$form .= " CHECKED";
$form .= " ><span class=\"vexpl\"> Enable/Disable limiter and its children</span>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"name\" name=\"name\" value=\"";
$form .= $this->GetQname()."\">";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">Bandwidth";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">Bandwidth";
$form .= "</td><td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"bandwidth\" name=\"bandwidth\" value=\"";
$form .= $this->GetBandwidth() . "\">";
@@ -2959,7 +2956,7 @@ class dnpipe_class extends dummynet_class {
$form .= ">Bit/s</option>";
$form .= "</select>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">Mask</td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">Mask</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<select name=\"mask\" class=\"formselect\">";
$form .= "<option value=\"none\"";
@@ -2982,7 +2979,7 @@ class dnpipe_class extends dummynet_class {
$form .= "respectively. This makes it possible to easily specify bandwidth \n";
$form .= "limits per host.</span>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">Description</td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">Description</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" class=\"formfld unknown\" size=\"50%\" id=\"description\" name=\"description\" value=\"";
$form .= $this->GetDescription();
@@ -2999,16 +2996,16 @@ class dnpipe_class extends dummynet_class {
$form .= "</div></td></tr>";
$form .= "<tr style=\"display:none\" id=\"sprtable\" name=\"sprtable\">";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Delay</td>";
- $form .= "<td valign=\"top\" class=\"vncellreq\">";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Delay</td>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">";
$form .= "<input name=\"delay\" type=\"text\" id=\"delay\" size=\"5\" value=\"";
$form .= $this->GetDelay() . "\">";
$form .= "&nbsp;ms<br> <span class=\"vexpl\">Hint: in most cases, you ";
$form .= "should specify 0 here (or leave the field empty)</span>";
$form .= "</td></tr><br/>";
$form .= "<tr style=\"display:none\" id=\"sprtable1\" name=\"sprtable1\">";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Packet loss rate</td>";
- $form .= "<td valign=\"top\" class=\"vncellreq\">";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Packet loss rate</td>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">";
$form .= "<input name=\"plr\" type=\"text\" id=\"plr\" size=\"5\" value=\"";
$form .= $this->GetPlr() . "\">";
$form .= "&nbsp;<br> <span class=\"vexpl\">Hint: in most cases, you ";
@@ -3016,7 +3013,7 @@ class dnpipe_class extends dummynet_class {
$form .= "A value of 0.001 means one packet in 1000 gets dropped</span>";
$form .= "</td></tr>";
$form .= "<tr style=\"display:none\" id=\"sprtable2\" name=\"sprtable2\">";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Queue Size</td>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Queue Size</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"qlimit\" name=\"qlimit\" value=\"";
$form .= $this->GetQlimit() . "\">";
@@ -3027,7 +3024,7 @@ class dnpipe_class extends dummynet_class {
$form .= "are delivered to their destination.</span>";
$form .= "</td></tr>";
$form .= "<tr style=\"display:none\" id=\"sprtable5\" name=\"sprtable5\">";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Bucket Size</td>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Bucket Size</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"buckets\" name=\"buckets\" value=\"";
$form .= $this->GetBuckets() . "\">";
@@ -3166,7 +3163,7 @@ class dnqueue_class extends dummynet_class {
}
function build_form() {
- $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>";
+ $form = "<tr><td valign=\"center\" class=\"vncellreq\"><br>";
$form .= "Enable/Disable";
$form .= "</td><td class=\"vncellreq\">";
$form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\"";
@@ -3174,12 +3171,12 @@ class dnqueue_class extends dummynet_class {
$form .= " CHECKED";
$form .= " ><span class=\"vexpl\"> Enable/Disable queue and its children</span>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"name\" name=\"name\" value=\"";
$form .= $this->GetQname()."\">";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">Mask</td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">Mask</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<select name=\"mask\" class=\"formselect\">";
$form .= "<option value=\"none\"";
@@ -3202,7 +3199,7 @@ class dnqueue_class extends dummynet_class {
$form .= "respectively. This makes it possible to easily specify bandwidth \n";
$form .= "limits per host.</span>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">Description</td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">Description</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"description\" class=\"formfld unknown\" size=\"50%\" name=\"description\" value=\"";
$form .= $this->GetDescription();
@@ -3218,16 +3215,16 @@ class dnqueue_class extends dummynet_class {
$form .= " value=\"Show advanced options\"></input></a>";
$form .= "</div></td></tr>";
$form .= "<tr style=\"display:none\" id=\"sprtable\" name=\"sprtable\">";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Weight</td>";
- $form .= "<td valign=\"top\" class=\"vncellreq\">";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Weight</td>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">";
$form .= "<input name=\"weight\" type=\"text\" id=\"weight\" size=\"5\" value=\"";
$form .= $this->GetWeight() . "\">";
$form .= "&nbsp;ms<br> <span class=\"vexpl\">Hint: For queues under the same parent ";
$form .= "this specifies the share that a queue gets(values range from 1 to 100, you can leave it blank otherwise)</span>";
$form .= "</td></tr>";
$form .= "<tr style=\"display:none\" id=\"sprtable1\" name=\"sprtable1\">";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Packet loss rate</td>";
- $form .= "<td valign=\"top\" class=\"vncellreq\">";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Packet loss rate</td>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">";
$form .= "<input name=\"plr\" type=\"text\" id=\"plr\" size=\"5\" value=\"";
$form .= $this->GetPlr() . "\">";
$form .= "&nbsp;<br> <span class=\"vexpl\">Hint: in most cases, you ";
@@ -3235,7 +3232,7 @@ class dnqueue_class extends dummynet_class {
$form .= "A value of 0.001 means one packet in 1000 gets dropped</span>";
$form .= "</td></tr>";
$form .= "<tr style=\"display:none\" id=\"sprtable2\" name=\"sprtable2\">";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Queue Size</td>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Queue Size</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"qlimit\" name=\"qlimit\" value=\"";
$form .= $this->GetQlimit() . "\">";
@@ -3246,7 +3243,7 @@ class dnqueue_class extends dummynet_class {
$form .= "are delivered to their destination.</span>";
$form .= "</td></tr>";
$form .= "<tr style=\"display:none\" id=\"sprtable5\" name=\"sprtable5\">";
- $form .= "<td valign=\"top\" class=\"vncellreq\">Bucket Size</td>";
+ $form .= "<td valign=\"center\" class=\"vncellreq\">Bucket Size</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"buckets\" name=\"buckets\" value=\"";
$form .= $this->GetBuckets() . "\">";
@@ -3384,7 +3381,7 @@ class layer7 {
}
function build_form() {
- $form = "<tr><td valign=\"top\" class=\"vncellreq\"><br>";
+ $form = "<tr><td valign=\"center\" class=\"vncellreq\"><br>";
$form .= "Enable/Disable";
$form .= "</td><td class=\"vncellreq\">";
$form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\" ";
@@ -3393,12 +3390,12 @@ class layer7 {
}
$form .= " ><span class=\"vexpl\"> Enable/Disable layer7 Container</span>";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\"><br><span class=\"vexpl\">Name</span></td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" id=\"container\" name=\"container\" value=\"";
$form .= $this->GetRName()."\">";
$form .= "</td></tr>";
- $form .= "<tr><td valign=\"top\" class=\"vncellreq\">Description</td>";
+ $form .= "<tr><td valign=\"center\" class=\"vncellreq\">Description</td>";
$form .= "<td class=\"vncellreq\">";
$form .= "<input type=\"text\" class=\"formfld unknown\" size=\"50%\" id=\"description\" name=\"description\" value=\"";
$form .= $this->GetRDescription();
diff --git a/etc/inc/system.inc b/etc/inc/system.inc
index 41f3123..e7fc684 100644
--- a/etc/inc/system.inc
+++ b/etc/inc/system.inc
@@ -276,10 +276,10 @@ function system_routing_configure($interface = "") {
$gatewayip = "";
$interfacegw = "";
+ $foundgw = false;
/* tack on all the hard defined gateways as well */
if (is_array($config['gateways']['gateway_item'])) {
mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
- $foundgw = false;
foreach ($config['gateways']['gateway_item'] as $gateway) {
if (isset($gateway['defaultgw'])) {
if ($gateway['gateway'] == "dynamic")
@@ -295,13 +295,13 @@ function system_routing_configure($interface = "") {
break;
}
}
- if ($foundgw == false) {
- $defaultif = get_real_interface("wan");
- $interfacegw = "wan";
- $gatewayip = get_interface_gateway("wan");
- @touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
- }
}
+ if ($foundgw == false) {
+ $defaultif = get_real_interface("wan");
+ $interfacegw = "wan";
+ $gatewayip = get_interface_gateway("wan");
+ @touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
+ }
$dont_add_route = false;
/* if OLSRD is enabled, allow WAN to house DHCP. */
if($config['installedpackages']['olsrd']) {
@@ -727,7 +727,7 @@ function system_generate_lighty_config($filename,
$cert_location = "cert.pem",
$ca_location = "ca.pem",
$max_procs = 1,
- $max_requests = "1",
+ $max_requests = "2",
$fast_cgi_enable = true,
$captive_portal = false) {
@@ -1451,4 +1451,4 @@ function system_get_dmesg_boot() {
return file_get_contents("{$g['varlog_path']}/dmesg.boot");
}
-?> \ No newline at end of file
+?>
diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc
index 104d5ac..3466719 100644
--- a/etc/inc/upgrade_config.inc
+++ b/etc/inc/upgrade_config.inc
@@ -622,6 +622,8 @@ function upgrade_039_to_040() {
$config['system']['user'][0]['groupname'] = "admins";
$config['system']['user'][0]['password'] = "{$config['system']['password']}";
$config['system']['user'][0]['uid'] = "0";
+ /* Ensure that we follow what this new "admin" username should be in the session. */
+ $_SESSION["Username"] = "{$config['system']['username']}";
$config['system']['user'][0]['priv'] = array();
$config['system']['user'][0]['priv'][0]['id'] = "lockwc";
@@ -1122,20 +1124,11 @@ function upgrade_047_to_048() {
unset($config['dyndns']);
}
if (!empty($config['dnsupdate'])) {
- $config['dnsupdates'][0]['dnsupdate'] = array();
- $pconfig = array();
- $pconfig['dnsupdate_enable'] = isset($config['dnsupdate'][0]['enable']);
- $pconfig['dnsupdate_host'] = $config['dnsupdate'][0]['host'];
- $pconfig['dnsupdate_ttl'] = $config['dnsupdate'][0]['ttl'];
- if (!$pconfig['dnsupdate_ttl'])
- $pconfig['dnsupdate_ttl'] = 60;
- $pconfig['dnsupdate_keydata'] = $config['dnsupdate'][0]['keydata'];
- $pconfig['dnsupdate_keyname'] = $config['dnsupdate'][0]['keyname'];
- $pconfig['dnsupdate_keytype'] = $config['dnsupdate'][0]['keytype'];
- if (!$pconfig['dnsupdate_keytype'])
- $pconfig['dnsupdate_keytype'] = "zone";
- $pconfig['dnsupdate_server'] = $config['dnsupdate'][0]['server'];
- $pconfig['dnsupdate_usetcp'] = isset($config['dnsupdate'][0]['usetcp']);
+ $pconfig = $config['dnsupdate'][0];
+ if (!$pconfig['ttl'])
+ $pconfig['ttl'] = 60;
+ if (!$pconfig['keytype'])
+ $pconfig['keytype'] = "zone";
$pconfig['interface'] = "wan";
$config['dnsupdates']['dnsupdate'][] = $pconfig;
unset($config['dnsupdate']);
@@ -1619,8 +1612,9 @@ function upgrade_053_to_054() {
$lbpool_srv_arr = array();
$gateway_group_arr = array();
$gateways = return_gateways_array();
- if (is_array($config['gateways']['gateway_item']))
+ if (! is_array($config['gateways']['gateway_item']))
$config['gateways']['gateway_item'] = array();
+
$a_gateways =& $config['gateways']['gateway_item'];
foreach($lbpool_arr as $lbpool) {
if($lbpool['type'] == "gateway") {
@@ -1637,10 +1631,7 @@ function upgrade_053_to_054() {
$static_name = "GW_" . strtoupper($interface);
if(is_ipaddr($monitor)) {
$interface = $static_name;
- if(is_array($gateways[$static_name]) && isset($gateways[$static_name]['attribute']))
- $a_gateways[$gateways[$static_name]['attribute']]['monitor'] = $monitor;
- else
- $config['interfaces'][$interface]['monitorip'] = $monitor;
+ $config['interfaces'][$interface]['monitorip'] = $monitor;
}
/* on failover increment tier. Else always assign 1 */
if($lbpool['behaviour'] == "failover") {
@@ -1705,14 +1696,15 @@ function upgrade_054_to_055() {
}
/* the roundtrip times need to be divided by 1000 to get seconds, really */
$databases = array();
- exec("cd $rrddbpath;/usr/bin/find *-quality.rrd", $databases);
- echo "done.\n";
+ chdir($rrddbpath);
+ $databases = glob("*-quality.rrd");
rsort($databases);
foreach($databases as $database) {
$xmldump = "{$database}.old.xml";
$xmldumpnew = "{$database}.new.xml";
- echo "Migrate RRD database {$database} to new format \n";
+ if ($g['booting'])
+ echo "Migrate RRD database {$database} to new format \n";
mwexec("$rrdtool tune {$rrddbpath}{$database} -r roundtrip:delay 2>&1");
dump_rrd_to_xml("{$rrddbpath}/{$database}", "{$g['tmp_path']}/{$xmldump}");
@@ -1749,7 +1741,8 @@ function upgrade_054_to_055() {
$xmldumptmp = "{$database}.tmp.xml";
$xmldumpnew = "{$database}.new.xml";
- echo "Migrate RRD database {$database} to new format \n";
+ if ($g['booting'])
+ echo "Migrate RRD database {$database} to new format \n";
/* rename DS source */
mwexec("$rrdtool tune {$rrddbpath}/{$database} -r in:inpass 2>&1");
mwexec("$rrdtool tune {$rrddbpath}/{$database} -r out:outpass 2>71");
@@ -1796,7 +1789,8 @@ function upgrade_054_to_055() {
}
enable_rrd_graphing();
- echo "Updating configuration...";
+ if ($g['booting'])
+ echo "Updating configuration...";
}
diff --git a/etc/inc/util.inc b/etc/inc/util.inc
index da1b496..ced2be0 100644
--- a/etc/inc/util.inc
+++ b/etc/inc/util.inc
@@ -433,21 +433,7 @@ function is_domain($domain) {
/* returns true if $macaddr is a valid MAC address */
function is_macaddr($macaddr) {
- if (!is_string($macaddr))
- return false;
-
- $maca = explode(":", $macaddr);
- if (count($maca) != 6)
- return false;
-
- foreach ($maca as $macel) {
- if (($macel === "") || (strlen($macel) > 2))
- return false;
- if (preg_match("/[^0-9a-f]/i", $macel))
- return false;
- }
-
- return true;
+ return preg_match('/^[0-9A-F]{2}(?=([:]?))(?:\\1[0-9A-F]{2}){5}$/i', $macaddr) == 1 ? true : false;
}
/* returns true if $name is a valid name for an alias */
@@ -1384,4 +1370,4 @@ function array_merge_recursive_unique($array0, $array1)
return $result;
}
-?>
+?> \ No newline at end of file
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 8a2bb85..1933e9f 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -86,7 +86,7 @@ function vpn_ipsec_configure($ipchg = false)
unlink_if_exists("{$g['vardb_path']}/ipsecpinghosts");
touch("{$g['vardb_path']}/ipsecpinghosts");
- if(isset($config['ipsec']['preferredoldsa']))
+ if(isset($config['ipsec']['preferoldsa']))
mwexec("/sbin/sysctl -w net.key.preferred_oldsa=-30");
else
mwexec("/sbin/sysctl net.key.preferred_oldsa=0");
@@ -103,21 +103,21 @@ function vpn_ipsec_configure($ipchg = false)
if (!isset($ipseccfg['enable'])) {
mwexec("/sbin/ifconfig enc0 down");
+ /* send a SIGKILL to be sure */
+ sigkillbypid("{$g['varrun_path']}/racoon.pid", "KILL");
+
/* kill racoon */
if(is_process_running("racoon"))
mwexec("/usr/bin/killall racoon", true);
killbypid("{$g['varrun_path']}/dnswatch-ipsec.pid");
-
+
/* wait for racoon process to die */
sleep(2);
- /* send a SIGKILL to be sure */
- sigkillbypid("{$g['varrun_path']}/racoon.pid", "KILL");
-
/* flush SPD and SAD */
- mwexec("/usr/local/sbin/setkey -FP");
mwexec("/usr/local/sbin/setkey -F");
-
+ mwexec("/usr/local/sbin/setkey -FP");
+
/* disallow IPSEC, it is off */
// exec("/sbin/sysctl net.inet.ip.ipsec_in_use=0");
@@ -162,7 +162,7 @@ function vpn_ipsec_configure($ipchg = false)
$rg = $ph1ent['remote-gateway'];
if (!is_ipaddr($rg)) {
- $dnswatch_list[] = $rg;
+ $dnswatch_list[] = "{$rg} = value";
add_hostname_to_watch($rg);
$rg = resolve_retry($rg);
if (!$rg)
diff --git a/etc/inc/xmlparse.inc b/etc/inc/xmlparse.inc
index 7a9d7b8..162894f 100644
--- a/etc/inc/xmlparse.inc
+++ b/etc/inc/xmlparse.inc
@@ -37,7 +37,7 @@ function listtags() {
*/
$ret = explode(" ",
"alias aliasurl allowedip authserver bridged ca cacert cert clone config ".
- "container columnitem depends_on_package disk dnsserver dnsupdate ".
+ "container columnitem build_port_path depends_on_package disk dnsserver dnsupdate ".
"domainoverrides dyndns earlyshellcmd element encryption-algorithm-option ".
"field fieldname hash-algorithm-option gateway_item gateway_group gif gre ".
"group hosts member ifgroupentry igmpentry interface_array item key lagg " .
@@ -54,7 +54,7 @@ function listtags() {
/* Package XML tags that should be treat as a list not as a traditional array */
function listtags_pkg() {
- $ret = array("depends_on_package", "onetoone", "queue", "rule", "servernat", "alias", "additional_files_needed", "tab", "template", "menu", "rowhelperfield", "service", "step", "package", "columnitem", "option", "item", "field", "package", "file");
+ $ret = array("build_port_path", "depends_on_package", "onetoone", "queue", "rule", "servernat", "alias", "additional_files_needed", "tab", "template", "menu", "rowhelperfield", "service", "step", "package", "columnitem", "option", "item", "field", "package", "file");
return $ret;
}
@@ -291,4 +291,4 @@ function dump_xml_config_raw($arr, $rootobj) {
return $xmlconfig;
}
-?>
+?> \ No newline at end of file
diff --git a/etc/rc b/etc/rc
index c878145..6f3e28c 100755
--- a/etc/rc
+++ b/etc/rc
@@ -245,6 +245,7 @@ if [ "$DISABLESYSLOGCLOG" -gt "0" ]; then
touch /var/log/relayd.log
touch /var/log/lighttpd.log
touch /var/log/ntpd.log
+ touch /var/log/apinger.log
else
ENABLEFIFOLOG=`cat /cf/conf/config.xml | grep usefifolog | wc -l | awk '{ print $1 }'`
if [ "$ENABLEFIFOLOG" -gt "0" ]; then
@@ -263,6 +264,7 @@ else
/usr/sbin/fifolog_create -s 50688 /var/log/relayd.log
/usr/sbin/fifolog_create -s 50688 /var/log/lighttpd.log
/usr/sbin/fifolog_create -s 50688 /var/log/ntpd.log
+ /usr/sbin/fifolog_create -s 50688 /var/log/apinger.log
else
/usr/sbin/clog -i -s 512144 /var/log/system.log
/usr/sbin/clog -i -s 512144 /var/log/filter.log
@@ -278,7 +280,8 @@ else
/usr/sbin/clog -i -s 65535 /var/log/slbd.log
/usr/sbin/clog -i -s 65535 /var/log/lighttpd.log
/usr/sbin/clog -i -s 65535 /var/log/ntpd.log
- /usr/sbin/clog -i -s 65535 /var/log/relayd.log
+ /usr/sbin/clog -i -s 65535 /var/log/relayd.log
+ /usr/sbin/clog -i -s 65535 /var/log/apinger.log
fi
fi
# change permissions on newly created fifolog files.
diff --git a/etc/rc.bootup b/etc/rc.bootup
index eb5a0b4..a433568 100755
--- a/etc/rc.bootup
+++ b/etc/rc.bootup
@@ -164,8 +164,10 @@ $wan_if = get_real_interface();
* avoid a reboot and thats a good thing.
*/
while(is_interface_mismatch() == true) {
+ led_assigninterfaces();
echo "\nNetwork interface mismatch -- Running interface assignment option.\n";
set_networking_interfaces_ports();
+ led_kitt();
}
/* convert config and clean backups */
@@ -370,6 +372,10 @@ upnp_start();
/* If powerd is enabled, lets launch it */
activate_powerd();
+/* Remove the old shutdown binary if we kept it. */
+if (file_exists("/sbin/shutdown.old"))
+ unlink("/sbin/shutdown.old");
+
/* done */
unset($g['booting']);
diff --git a/etc/rc.filter_configure_xmlrpc b/etc/rc.filter_configure_xmlrpc
new file mode 100755
index 0000000..4a42df7
--- /dev/null
+++ b/etc/rc.filter_configure_xmlrpc
@@ -0,0 +1,54 @@
+#!/usr/local/bin/php -f
+<?php
+/*
+ rc.filter_configure_xmlrpc
+ Copyright (C) 2004-2006 Scott Ullrich
+ Copyright (C) 2005 Bill Marquette
+ Copyright (C) 2006 Peter Allgeyer
+ Copyright (C) 2008 Ermal Luci
+ All rights reserved.
+
+ originally part of m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+*/
+
+require_once("globals.inc");
+require_once("config.inc");
+require_once("functions.inc");
+require_once("filter.inc");
+require_once("shaper.inc");
+require_once("xmlrpc.inc");
+require_once("interfaces.inc");
+
+filter_configure();
+system_routing_configure();
+setup_gateways_monitor();
+relayd_configure();
+require_once("openvpn.inc");
+openvpn_resync_all();
+services_dhcpd_configure();
+
+?> \ No newline at end of file
diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 0a6cdb8..ded772c 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -168,6 +168,7 @@ function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsens
case 'cert':
case 'ca':
case 'user':
+ case 'group':
$xml['system'][$section] = $config_copy['system'][$section];
break;
default:
@@ -270,6 +271,10 @@ if (is_array($config['installedpackages']['carpsettings']['config'])) {
$mergesections[] = 'cert';
$mergesections[] = 'ca';
}
+ if ($carp['synchronizeusers'] != "") {
+ $mergesections[] = 'user';
+ $mergesections[] = 'group';
+ }
if ($carp['synchronizednsforwarder'] != "" and is_array($config['dnsmasq']))
$sections[] = 'dnsmasq';
if ($carp['synchronizeschedules'] != "" and is_array($config['schedules']))
diff --git a/etc/rc.firmware b/etc/rc.firmware
index f752335..a7cbfaf 100755
--- a/etc/rc.firmware
+++ b/etc/rc.firmware
@@ -83,6 +83,8 @@ binary_update() {
ERR_F="/tmp/bdiff.log"
rm ${ERR_F} 2>/dev/null
/bin/mkdir /tmp/patched /tmp/patches 2>>${ERR_F}
+ # Save the old shutdown binary. If we switch from i386 to amd64 (or back) the reboot binary won't run at the end since it doesn't match up.
+ /bin/cp -p /sbin/shutdown /sbin/shutdown.old
backup_chflags
remove_chflags
cd /tmp/patches
@@ -154,7 +156,8 @@ pfSenseNanoBSDupgrade)
echo "NanoBSD Firmware upgrade in progress..." >> /conf/upgrade_log.txt 2>&1
echo "NanoBSD Firmware upgrade in progress..." | wall
-
+ /etc/rc.firmware_notify -e -g -m "NanoBSD Firmware upgrade in progress..."
+
# backup config
/bin/mkdir -p /tmp/configbak
cp -Rp /conf/* /tmp/configbak 2>/dev/null
@@ -356,6 +359,10 @@ pfSenseNanoBSDupgrade)
/etc/rc.conf_mount_ro
/bin/sync
+ echo "NanoBSD Firmware upgrade is complete. Rebooting in 10 seconds." >> /conf/upgrade_log.txt 2>&1
+ echo "NanoBSD Firmware upgrade is complete. Rebooting in 10 seconds." | wall
+ /etc/rc.firmware_notify -e -g -m "NanoBSD Firmware upgrade is complete. Rebooting in 10 seconds."
+
sleep 10
rm -f /var/run/firmwarelock.dirty
@@ -400,7 +407,8 @@ pfSenseupgrade)
echo "Firmware upgrade in progress..." >> /conf/upgrade_log.txt 2>&1
echo "Firmware upgrade in progress..." | wall
-
+ /etc/rc.firmware_notify -e -g -m "Firmware upgrade in progress..."
+
# backup config
/bin/mkdir -p /tmp/configbak
cp -Rp /conf/* /tmp/configbak 2>/dev/null
@@ -464,6 +472,10 @@ pfSenseupgrade)
rm -f /var/run/firmware.lock
/bin/sync
+ echo "Firmware upgrade is complete. Rebooting in 10 seconds." >> /conf/upgrade_log.txt 2>&1
+ echo "Firmware upgrade is complete. Rebooting in 10 seconds." | wall
+ /etc/rc.firmware_notify -e -g -m "Firmware upgrade is complete. Rebooting in 10 seconds."
+
# Sleep and allow disks to catch up
sleep 10
diff --git a/etc/rc.linkup b/etc/rc.linkup
index 59c604e..682adb1 100755
--- a/etc/rc.linkup
+++ b/etc/rc.linkup
@@ -52,6 +52,12 @@ function handle_argument_group($iface, $argument2) {
interface_bring_down($iface);
break;
case "start":
+ log_error("DEVD Ethernet attached event for {$iface}");
+ $riface = get_real_interface($iface);
+ exec("/usr/sbin/arp -d -i {$riface} -a");
+ log_error("HOTPLUG: Configuring interface {$iface}");
+ interface_configure($iface);
+ break;
case "up":
log_error("DEVD Ethernet attached event for {$iface}");
$riface = get_real_interface($iface);
diff --git a/etc/rc.newipsecdns b/etc/rc.newipsecdns
index 18b3b5b..4bb247c 100755
--- a/etc/rc.newipsecdns
+++ b/etc/rc.newipsecdns
@@ -5,7 +5,7 @@
part of m0n0wall (http://m0n0.ch/wall)
Copyright (C) 2007 Manuel Kasper <mk@neon1.net>.
- Copyright (C) 2009 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2009 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/etc/rc.notify_message b/etc/rc.notify_message
new file mode 100755
index 0000000..887b4c6
--- /dev/null
+++ b/etc/rc.notify_message
@@ -0,0 +1,64 @@
+#!/usr/local/bin/php
+<?php
+/*
+ rc.notify_message
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("config.inc");
+require("functions.inc");
+require("notices.inc");
+
+$arguments = getopt("e:g:m:");
+
+$send_email = false;
+$send_growl = false;
+$message = "";
+
+foreach($arguments as $item => $arg) {
+ switch($item) {
+ case "e":
+ $send_email = true;
+ break;
+ case "g":
+ $send_growl = true;
+ break;
+ case "m":
+ $message = $arg;
+ break;
+ }
+}
+
+if($message) {
+ if($send_email) {
+ notify_via_smtp($message);
+ }
+ if($send_growl) {
+ notify_via_growl($message);
+ }
+}
+
+?> \ No newline at end of file
diff --git a/etc/rc.php_ini_setup b/etc/rc.php_ini_setup
index 870db1c..54f0245 100755
--- a/etc/rc.php_ini_setup
+++ b/etc/rc.php_ini_setup
@@ -1,7 +1,7 @@
#!/bin/sh
#
# rc.php_ini_setup
-# Copyright (C)2008 Scott K Ullrich <sullrich@gmail.com>
+# Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
@@ -43,23 +43,29 @@ fi
# Calculate APC SHM size according
# to detected memory values
+if [ "$AVAILMEM" -lt "65" ]; then
+ APCSHMEMSIZE="1"
+fi
+if [ "$AVAILMEM" -lt "96" ]; then
+ APCSHMEMSIZE="5"
+fi
if [ "$AVAILMEM" -lt "128" ]; then
APCSHMEMSIZE="10"
fi
if [ "$AVAILMEM" -gt "128" ]; then
- APCSHMEMSIZE="25"
+ APCSHMEMSIZE="15"
fi
if [ "$AVAILMEM" -gt "256" ]; then
- APCSHMEMSIZE="45"
+ APCSHMEMSIZE="20"
fi
if [ "$AVAILMEM" -gt "384" ]; then
- APCSHMEMSIZE="65"
+ APCSHMEMSIZE="25"
fi
if [ "$AVAILMEM" -gt "512" ]; then
- APCSHMEMSIZE="80"
+ APCSHMEMSIZE="30"
fi
if [ "$AVAILMEM" -gt "784" ]; then
- APCSHMEMSIZE="100"
+ APCSHMEMSIZE="35"
fi
# Set upload directory
@@ -120,7 +126,6 @@ PHPMODULES="apc \
# sockets \
# Reflection \
# mysql \
-
# bz2 \
# json \
@@ -192,6 +197,25 @@ done
# Get amount of ram installed on this system
RAM=`sysctl hw.realmem | awk '{print $2/1000000}' | awk -F '.' '{print $1}'`
export RAM
+export LOWMEM
+if [ "$RAM" -lt "97" ]; then
+ LOWMEM="TRUE"
+ cat >>/usr/local/lib/php.ini <<EOF
+
+[suhosin]
+suhosin.get.max_array_depth = 5000
+suhosin.get.max_array_index_length = 256
+suhosin.get.max_vars = 5000
+suhosin.post.max_array_depth = 5000
+suhosin.post.max_array_index_length = 256
+suhosin.post.max_vars = 5000
+suhosin.request.max_array_depth = 5000
+suhosin.request.max_array_index_length = 256
+suhosin.request.max_vars = 5000
+
+EOF
+
+fi
if [ $RAM -gt 96 ]; then
cat >>/usr/local/lib/php.ini <<EOF
@@ -238,6 +262,15 @@ for EXT in $PHPMODULES; do
SHOULDREMOVE="false"
fi
done
+ # Handle low memory situations
+ if [ "$LOWMEM" = "TRUE" ]; then
+ if [ "$EXT" = "apc" ]; then
+ SHOULDREMOVE="true"
+ fi
+ if [ "$EXT" = "xcache" ]; then
+ SHOULDREMOVE="true"
+ fi
+ fi
if [ "$SHOULDREMOVE" = "true" ]; then
if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then
echo ">>> ${EXT} did not load correctly. Removing from php.ini..." >> /var/run/php_modules_load_errors.txt
diff --git a/etc/rc.reboot b/etc/rc.reboot
index ecc47c2..66efae4 100755
--- a/etc/rc.reboot
+++ b/etc/rc.reboot
@@ -23,4 +23,9 @@ fi
sleep 1
-/sbin/shutdown -r now
+SHUTDOWN=/sbin/shutdown
+if [ -f /sbin/shutdown.old ]; then
+ SHUTDOWN=/sbin/shutdown.old
+fi
+
+$SHUTDOWN -r now
diff --git a/etc/version b/etc/version
index 3ae7c31..7c92322 100644
--- a/etc/version
+++ b/etc/version
@@ -1 +1 @@
-2.0-BETA3
+2.0-BETA4
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php
index 7d432e2..5a089e5 100755
--- a/usr/local/captiveportal/index.php
+++ b/usr/local/captiveportal/index.php
@@ -318,7 +318,7 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
}
}
} else {
- portal_reply_page($redirurl, "error", "Username: {$username} is known with another mac address.",
+ portal_reply_page($redirurl, "error", "Username: {$username} is already authenticated using another MAC address.",
$clientmac, $clientip, $username, $password);
exit;
}
diff --git a/usr/local/pkg/carp_settings.xml b/usr/local/pkg/carp_settings.xml
index 97aee7a..0ebe98d 100644
--- a/usr/local/pkg/carp_settings.xml
+++ b/usr/local/pkg/carp_settings.xml
@@ -77,6 +77,12 @@
</description>
</field>
<field>
+ <fielddescr>Synchronize Users and Groups</fielddescr>
+ <fieldname>synchronizeusers</fieldname>
+ <description>When this option is enabled, this system will automatically sync the users and groups over to the other CARP host when changes are made.</description>
+ <type>checkbox</type>
+ </field>
+ <field>
<fielddescr>Synchronize rules</fielddescr>
<fieldname>synchronizerules</fieldname>
<description>When this option is enabled, this system will automatically sync the firewall rules to the other CARP host when changes are made..</description>
@@ -192,3 +198,4 @@
filter_configure();
</custom_add_php_command_late>
</packagegui>
+
diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php
index 793a9ae..8693625 100755
--- a/usr/local/www/carp_status.php
+++ b/usr/local/www/carp_status.php
@@ -55,18 +55,41 @@ if($_POST['disablecarp'] <> "") {
if($status == true) {
$carp_ints = get_all_carp_interfaces();
mwexec("/sbin/sysctl net.inet.carp.allow=0");
- $carp_counter = find_number_of_created_carp_interfaces();
- if (is_array($carp_ints)) {
- foreach($carp_ints as $int) {
- mwexec("/sbin/ifconfig $int down");
- mwexec("/sbin/ifconfig $int destroy");
- }
- }
+ if(is_array($config['virtualip']['vip'])) {
+ $viparr = &$config['virtualip']['vip'];
+ foreach ($viparr as $vip) {
+ switch ($vip['mode']) {
+ case "carp":
+ interface_vip_bring_down($vip);
+ sleep(1);
+ break;
+ case "carpdev-dhcp":
+ interface_vip_bring_down($vip);
+ sleep(1);
+ break;
+ }
+ }
+ }
$savemsg = "{$carp_counter} IPs have been disabled.";
} else {
$savemsg = "CARP has been enabled.";
mwexec("/sbin/sysctl net.inet.carp.allow=1");
interfaces_carp_setup();
+ if(is_array($config['virtualip']['vip'])) {
+ $viparr = &$config['virtualip']['vip'];
+ foreach ($viparr as $vip) {
+ switch ($vip['mode']) {
+ case "carp":
+ interface_carp_configure($vip);
+ sleep(1);
+ break;
+ case "carpdev-dhcp":
+ interface_carpdev_configure($vip);
+ sleep(1);
+ break;
+ }
+ }
+ }
}
}
@@ -107,7 +130,7 @@ include("head.inc");
<p>
<table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
- <td class="listhdrr"><b><center>Carp Interface</center></b></td>
+ <td class="listhdrr"><b><center>CARP Interface</center></b></td>
<td class="listhdrr"><b><center>Virtual IP</center></b></td>
<td class="listhdrr"><b><center>Status</center></b></td>
</tr>
diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php
index 2e9e8b2..882240f 100755
--- a/usr/local/www/diag_backup.php
+++ b/usr/local/www/diag_backup.php
@@ -86,7 +86,7 @@ function add_base_packages_menu_items() {
}
function remove_bad_chars($string) {
- return preg_replace('/[^a-z|_|0-9]/i','',$string);
+ return preg_replace('/[^a-z_0-9]/i','',$string);
}
function check_and_returnif_section_exists($section) {
diff --git a/usr/local/www/diag_dns.php b/usr/local/www/diag_dns.php
index d1392d3..c286d44 100644
--- a/usr/local/www/diag_dns.php
+++ b/usr/local/www/diag_dns.php
@@ -38,6 +38,54 @@ require("guiconfig.inc");
if ($_GET['host'])
$_POST = $_GET;
+if($_GET['createalias'] == "true") {
+ $host = trim($_POST['host']);
+ if($_GET['override'])
+ $override = true;
+ $a_aliases = &$config['aliases']['alias'];
+ $type = "hostname";
+ $resolved = gethostbyname($host);
+ if($resolved) {
+ $host = trim($_POST['host']);
+ $dig=`dig "$host" A | grep "$host" | grep -v ";" | awk '{ print $5 }'`;
+ $resolved = split("\n", $dig);
+ $isfirst = true;
+ foreach($resolved as $re) {
+ if($re <> "") {
+ if(!$isfirst)
+ $addresses .= " ";
+ $addresses .= $re . "/32";
+ $isfirst = false;
+ }
+ }
+ $newalias = array();
+ $aliasname = str_replace(array(".","-"), "_", $host);
+ $alias_exists = false;
+ $counter=0;
+ foreach($a_aliases as $a) {
+ if($a['name'] == $aliasname) {
+ $alias_exists = true;
+ $id=$counter;
+ }
+ $counter++;
+ }
+ if($override)
+ $alias_exists = false;
+ if($alias_exists == false) {
+ $newalias['name'] = $aliasname;
+ $newalias['type'] = "network";
+ $newalias['address'] = $addresses;
+ $newalias['descr'] = "Created from Diagnostics-> DNS Lookup";
+ if($override)
+ $a_aliases[$id] = $newalias;
+ else
+ $a_aliases[] = $newalias;
+ write_config();
+ $createdalias = true;
+ }
+ }
+}
+
if ($_POST) {
unset($input_errors);
@@ -82,9 +130,13 @@ if ($_POST) {
} elseif (is_hostname($host)) {
$type = "hostname";
$resolved = gethostbyname($host);
+ if($resolved) {
+ $dig=`dig "$host" A | grep "$host" | grep -v ";" | awk '{ print $5 }'`;
+ $resolved = split("\n", $dig);
+ }
$hostname = $host;
if ($host != $resolved)
- $ipaddr = $resolved;
+ $ipaddr = $resolved[0];
}
if ($host == $resolved) {
@@ -108,10 +160,42 @@ include("head.inc"); ?>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname or IP");?></td>
<td width="78%" class="vtable">
- <?=$mandfldhtml;?><input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>">
+ <?=$mandfldhtml;?>
+ <table>
+ <tr><td valign="top">
+ <input name="host" type="text" class="formfld" id="host" size="20" value="<?=htmlspecialchars($host);?>">
+ </td>
+ <td>
<? if ($resolved && $type) { ?>
- = <font size="+1"><?php echo $resolved; ?><font size="-1>">
+ = <font size="+1">
+<?php
+ $found = 0;
+ if(is_array($resolved)) {
+ foreach($resolved as $hostitem) {
+ if($hostitem <> "") {
+ echo $hostitem . "<br/>";
+ $found++;
+ }
+ }
+ } else {
+ echo $resolved;
+ }
+ if($found > 0) {
+ if($alias_exists) {
+ echo "<br/><font size='-2'>An alias already exists for the hostname {$host}. To overwrite, click <a href='diag_dns.php?host=" . trim(urlencode($host)) . "&createalias=true&override=true'>here</a>.";
+ } else {
+ if(!$createdalias) {
+ echo "<br/><font size='-2'><a href='diag_dns.php?host=" . trim(urlencode($host)) . "&createalias=true'>Create alias</a> out of these entries.";
+ } else {
+ echo "<br/><font size='-2'>Alias created with name {$newalias['name']}";
+ }
+ }
+ }
+?>
+ <font size="-1>">
+
<? } ?>
+ </td></tr></table>
</td>
</tr>
<?php if($_POST): ?>
diff --git a/usr/local/www/diag_logs_relayd.php b/usr/local/www/diag_logs_relayd.php
index f267c74..7bf67bf 100755
--- a/usr/local/www/diag_logs_relayd.php
+++ b/usr/local/www/diag_logs_relayd.php
@@ -5,7 +5,7 @@
part of pfSense
Copyright (C) 2008 Bill Marquette <bill.marquette@gmail.com>.
- Copyright (C) 2008 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2008 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/diag_nanobsd.php b/usr/local/www/diag_nanobsd.php
index 3e9bed1..4e64c8f 100755
--- a/usr/local/www/diag_nanobsd.php
+++ b/usr/local/www/diag_nanobsd.php
@@ -67,10 +67,11 @@ nanobsd_detect_slice_info();
$NANOBSD_SIZE = nanobsd_get_size();
if($_POST['bootslice']) {
+ $statusmsg = gettext("Setting slice information, please wait...");
echo <<<EOF
<div id="loading">
<img src="/themes/metallic/images/misc/loader.gif">
- Setting slice information, please wait...
+ $statusmsg
<p/>&nbsp;
</div>
EOF;
@@ -82,10 +83,11 @@ EOF;
}
if($_POST['destslice']) {
+ $statusmsg = gettext("Duplicating slice. Please wait, this will take a moment...");
echo <<<EOF
<div id="loading">
<img src="/themes/metallic/images/misc/loader.gif">
- Duplicating slice. Please wait, this will take a moment...
+ $statusmsg
<p/>&nbsp;
</div>
EOF;
diff --git a/usr/local/www/diag_overload_tables.php b/usr/local/www/diag_overload_tables.php
index 235e868..7b0ffe1 100644
--- a/usr/local/www/diag_overload_tables.php
+++ b/usr/local/www/diag_overload_tables.php
@@ -48,12 +48,9 @@ require_once("guiconfig.inc");
// Set default table
$tablename = "sshlockout";
-if($_REQUEST['type'] == "sshlockout")
- $tablename = "sshlockout";
+if($_REQUEST['type'])
+ $tablename = $_REQUEST['type'];
-if($_REQUEST['type'] == "virusprot")
- $tablename = "virusprot";
-
if($_REQUEST['delete']) {
if(is_ipaddr($_REQUEST['delete'])) {
exec("/sbin/pfctl -t " . escapeshellarg($_REQUEST['type']) . " -T delete " . escapeshellarg($_REQUEST['delete']), $delete);
@@ -73,6 +70,7 @@ if($_REQUEST['deleteall']) {
}
exec("/sbin/pfctl -t $tablename -T show", $entries);
+exec("/sbin/pfctl -sT", $tables);
include("head.inc");
include("fbegin.inc");
@@ -98,9 +96,13 @@ include("fbegin.inc");
Table:
<select id='type' onChange='method_change($F("type"));' name='type'>
- <option name='<?=$tablename?>' value='<?=$tablename?>'><?=$tablename?></option>
- <option name='virusprot' value='virusprot'>virusprot</option>
- <option name='sshlockout' value='sshlockout'>sshlockout</option>
+ <?php foreach ($tables as $table) {
+ echo "<option name='{$table}' value='{$table}'";
+ if ($tablename == $table)
+ echo " selected ";
+ echo ">{$table}</option>\n";
+ }
+ ?>
</select>
<p/>
diff --git a/usr/local/www/diag_packet_capture.php b/usr/local/www/diag_packet_capture.php
index 68248ea..bfdb52d 100644
--- a/usr/local/www/diag_packet_capture.php
+++ b/usr/local/www/diag_packet_capture.php
@@ -41,7 +41,7 @@ require_once("pfsense-utils.inc");
$fp = "/root/";
$fn = "packetcapture.cap";
-$snaplen = 1500;//default packet length
+$snaplen = 0;//default packet length
$count = 100;//default number of packets to capture
if ($_POST) {
@@ -71,8 +71,8 @@ if ($_POST) {
unlink ($fp.$fn);
} elseif ($_POST['stopbtn']!= "") {
- $action = "Stop";
- $processes_running = trim(shell_exec('/bin/ps axw -O pid= | /usr/bin/grep tcpdump | /usr/bin/grep $fn | /usr/bin/grep -v pflog'));
+ $action = gettext("Stop");
+ $processes_running = trim(shell_exec('/bin/ps axw -O pid= | /usr/bin/grep tcpdump | /usr/bin/grep '.$fn.' | /usr/bin/grep -v pflog'));
//explode processes into an array, (delimiter is new line)
$processes_running_array = explode("\n", $processes_running);
@@ -120,12 +120,12 @@ include("fbegin.inc");
$interfaces = get_configured_interface_with_descr();
foreach ($interfaces as $iface => $ifacename):
?>
- <option value="<?=$iface;?>" <?php if (!link_interface_to_bridge($iface) && $selectedif == $iface) echo "selected"; ?>>
+ <option value="<?=$iface;?>" <?php if ($selectedif == $iface) echo "selected"; ?>>
<?php echo $ifacename;?>
</option>
<?php endforeach;?>
</select>
- <br/>Select the interface the traffic will be passing through. Typically this will be the WAN interface.
+ <br/><?=gettext("Select the interface on which to capture traffic. ");?>
</td>
</tr>
<tr>
@@ -149,7 +149,7 @@ include("fbegin.inc");
<td width="17%" valign="top" class="vncellreq">Packet Length</td>
<td width="83%" class="vtable">
<input name="snaplen" type="text" class="formfld unknown" id="snaplen" size="5" value="<?=$snaplen;?>">
- <br/>The Packet length is the number of bytes the packet will capture for each payload. Default value is 1500.
+ <br/><?=gettext("The Packet length is the number of bytes of each packet that will be captured. Default value is 0, which will capture the entire frame regardless of its size.");?>
</td>
</tr>
<tr>
diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc
index 488a313..9bcc8b5 100755
--- a/usr/local/www/fbegin.inc
+++ b/usr/local/www/fbegin.inc
@@ -105,8 +105,7 @@ $interfaces_menu = msort(array_merge($interfaces_menu, return_ext_menu("Interfac
// Firewall
$firewall_menu = array();
$firewall_menu[] = array("Aliases", "/firewall_aliases.php");
-if(count($config['interfaces']) > 1)
- $firewall_menu[] = array("NAT", "/firewall_nat.php");
+$firewall_menu[] = array("NAT", "/firewall_nat.php");
$firewall_menu[] = array("Rules", "/firewall_rules.php");
$firewall_menu[] = array("Schedules", "/firewall_schedule.php");
$firewall_menu[] = array("Traffic Shaper", "/firewall_shaper.php");
diff --git a/usr/local/www/firewall_aliases.php b/usr/local/www/firewall_aliases.php
index c06f6fa..8bcfcf6 100755
--- a/usr/local/www/firewall_aliases.php
+++ b/usr/local/www/firewall_aliases.php
@@ -87,26 +87,29 @@ if ($_GET['act'] == "del") {
if($is_alias_referenced == false) {
if(is_array($config['filter']['rule'])) {
foreach($config['filter']['rule'] as $rule) {
- if($rule['source']['address'] && $rule['source']['address'] == $alias_name) {
- $is_alias_referenced = true;
- $referenced_by = $rule['descr'];
- break;
- }
- if($rule['source']['port'] && $rule['source']['port'] == $alias_name) {
- $is_alias_referenced = true;
- $referenced_by = $rule['descr'];
- break;
- }
- if($rule['destination']['address'] && $rule['destination']['address'] == $alias_name) {
- $is_alias_referenced = true;
- $referenced_by = $rule['descr'];
- break;
- }
- if($rule['destination']['port'] && $rule['destination']['port'] == $alias_name) {
- $is_alias_referenced = true;
- $referenced_by = $rule['descr'];
- break;
+ if($rule['source']) {
+ if($rule['source']['address'] && $rule['source']['address'] == $alias_name) {
+ $is_alias_referenced = true;
+ $referenced_by = $rule['descr'];
+ break;
+ }
+ if($rule['source']['port'] && $rule['source']['port'] == $alias_name) {
+ $is_alias_referenced = true;
+ $referenced_by = $rule['descr'];
+ break;
+ }
+ if($rule['destination']['address'] && $rule['destination']['address'] == $alias_name) {
+ $is_alias_referenced = true;
+ $referenced_by = $rule['descr'];
+ break;
+ }
}
+ if($rule['destination'])
+ if($rule['destination']['port'] && $rule['destination']['port'] == $alias_name) {
+ $is_alias_referenced = true;
+ $referenced_by = $rule['descr'];
+ break;
+ }
}
}
}
diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php
index 22479dc..27b0e5c 100755
--- a/usr/local/www/firewall_aliases_edit.php
+++ b/usr/local/www/firewall_aliases_edit.php
@@ -46,7 +46,7 @@
// Keywords not allowed in names
-$reserved_keywords = array("pass", "out", "queue", "max", "min", "pptp", "pppoe", "l2tp", "openvpn");
+$reserved_keywords = array("pass", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec");
require("guiconfig.inc");
require_once("functions.inc");
diff --git a/usr/local/www/firewall_aliases_import.php b/usr/local/www/firewall_aliases_import.php
index 1902fd1..39311c4 100755
--- a/usr/local/www/firewall_aliases_import.php
+++ b/usr/local/www/firewall_aliases_import.php
@@ -38,7 +38,7 @@
##|-PRIV
-$reserved_keywords = array("pass", "out", "queue", "max", "min", "pptp");
+$reserved_keywords = array("pass", "out", "queue", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec");
require("guiconfig.inc");
require_once("util.inc");
diff --git a/usr/local/www/firewall_nat.php b/usr/local/www/firewall_nat.php
index 4cab5d6..9646f52 100755
--- a/usr/local/www/firewall_nat.php
+++ b/usr/local/www/firewall_nat.php
@@ -261,12 +261,10 @@ echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript
<td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
<?=$textss;?>
<?php
- if (!$natent['interface'] || ($natent['interface'] == "wan"))
- echo "WAN";
- else if(strtolower($natent['interface']) == "lan")
- echo "LAN";
+ if (!$natent['interface'])
+ echo htmlspecialchars(convert_friendly_interface_to_friendly_descr("wan"));
else
- echo strtoupper($config['interfaces'][$natent['interface']]['descr']);
+ echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface']));
?>
<?=$textse;?>
</td>
diff --git a/usr/local/www/firewall_nat_1to1.php b/usr/local/www/firewall_nat_1to1.php
index 1472146..74e0ce8 100755
--- a/usr/local/www/firewall_nat_1to1.php
+++ b/usr/local/www/firewall_nat_1to1.php
@@ -117,10 +117,10 @@ include("head.inc");
<tr>
<td class="listlr" ondblclick="document.location='firewall_nat_1to1_edit.php?id=<?=$i;?>';">
<?php
- if (!$natent['interface'] || ($natent['interface'] == "wan"))
- echo "WAN";
+ if (!$natent['interface'])
+ echo htmlspecialchars(convert_friendly_interface_to_friendly_descr("wan"));
else
- echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);
+ echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface']));
?>
</td>
<td class="listr" ondblclick="document.location='firewall_nat_1to1_edit.php?id=<?=$i;?>';">
diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php
index 7c248b7..2039848 100755
--- a/usr/local/www/firewall_nat_out.php
+++ b/usr/local/www/firewall_nat_out.php
@@ -361,14 +361,10 @@ include("head.inc");
<td class="listt" align="center"></td>
<td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
<?php
- if (!$natent['interface'] || ($natent['interface'] == "wan"))
- echo "WAN";
- else if (!$natent['interface'] || ($natent['interface'] == "lan"))
- echo "LAN";
- else if ($natent['interface'] == "openvpn")
- echo "OpenVPN";
+ if (!$natent['interface'])
+ echo htmlspecialchars(convert_friendly_interface_to_friendly_descr("wan"));
else
- echo htmlspecialchars($config['interfaces'][$natent['interface']]['descr']);
+ echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface']));
?>
&nbsp;
</td>
diff --git a/usr/local/www/firewall_shaper.php b/usr/local/www/firewall_shaper.php
index 7382c7e..26954c2 100755
--- a/usr/local/www/firewall_shaper.php
+++ b/usr/local/www/firewall_shaper.php
@@ -341,9 +341,9 @@ $tree .= "</ul>";
if (!$dontshow || $newqueue) {
-$output_form .= "<tr><td width=\"22%\" valign=\"top\" class=\"vncellreq\">";
-$output_form .= gettext("Queue Actions");
-$output_form .= "</td><td valign=\"top\" class=\"vncellreq\" width=\"78%\">";
+$output_form .= "<tr><td width=\"22%\" valign=\"center\" class=\"vncellreq\">";
+$output_form .= "<br />" . gettext("Queue Actions") . "<br />";
+$output_form .= "</td><td valign=\"center\" class=\"vncellreq\" width=\"78%\"><br />";
$output_form .= "<input type=\"submit\" name=\"Submit\" value=\"" . gettext("Save") . "\" class=\"formbtn\" />";
if ($can_add || $addnewaltq) {
@@ -368,9 +368,9 @@ if ($can_add || $addnewaltq) {
$output_form .= " value=\"" . gettext("Disable shaper on interface") . "\">";
$output_form .= "</a>";
}
-$output_form .= "</td></tr>";
+$output_form .= "<br /></td></tr>";
$output_form .= "</div>";
-}
+}
else
$output_form .= "</div>";
diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc
index 1125312..605705e 100755
--- a/usr/local/www/guiconfig.inc
+++ b/usr/local/www/guiconfig.inc
@@ -206,11 +206,12 @@ $wkports = array(
/* TCP flags */
$tcpflags = array("fin", "syn", "rst", "psh", "ack", "urg");
-$specialnets = array("wanip" => "WAN address", "lanip" => "LAN address", "lan" => "LAN net", "pptp" => "PPTP clients", "pppoe" => "PPPoE clients", "l2tp" => "L2TP clients");
+$specialnets = array("pptp" => "PPTP clients", "pppoe" => "PPPoE clients", "l2tp" => "L2TP clients");
-$spiflist = get_configured_interface_with_descr(true, true);
+$spiflist = get_configured_interface_with_descr(false, true);
foreach ($spiflist as $ifgui => $ifdesc) {
$specialnets[$ifgui] = $ifdesc . " net";
+ $specialnets[$ifgui . 'ip'] = $ifdesc . " address";
}
$medias = array("auto" => "autoselect", "100full" => "100BASE-TX full-duplex",
@@ -422,11 +423,7 @@ function pprint_address($adr) {
if (isset($adr['any'])) {
$padr = "*";
} else if ($adr['network']) {
- if (preg_match("/opt[0-999]ip/", $adr['network'])) {
- $padr = "Interface IP address";
- } else {
- $padr = $specialnets[$adr['network']];
- }
+ $padr = $specialnets[$adr['network']];
} else {
$padr = $adr['address'];
}
diff --git a/usr/local/www/head.inc b/usr/local/www/head.inc
index 3b1f028..076f274 100755
--- a/usr/local/www/head.inc
+++ b/usr/local/www/head.inc
@@ -76,4 +76,17 @@ $pagetitle = gentitle( $pgtitle );
if (!isset($closehead))
echo "</head>";
+
+/* If this page is being remotely managed then do not allow the loading of the contents. */
+if($config['remote_managed_pages']['item']) {
+ foreach($config['remote_managed_pages']['item'] as $rmp) {
+ if($rmp == $_SERVER['SCRIPT_NAME']) {
+ include("fbegin.inc");
+ print_info_box_np("This page is currently being managed by a remote machine.");
+ include("fend.inc");
+ exit;
+ }
+ }
+}
+
?> \ No newline at end of file
diff --git a/usr/local/www/installer.php b/usr/local/www/installer.php
index f988d02..f5e37e0 100644
--- a/usr/local/www/installer.php
+++ b/usr/local/www/installer.php
@@ -27,8 +27,15 @@
POSSIBILITY OF SUCH DAMAGE.
*/
+require("globals.inc");
require("guiconfig.inc");
+// Handle other type of file systems
+if($_REQUEST['fstype'])
+ $fstype = strtoupper($_REQUEST['fstype']);
+else
+ $fstype = "UFS+S";
+
if($g['platform'] == "pfSense" or $g['platform'] == "nanobsd") {
Header("Location: /index.php");
exit;
@@ -42,13 +49,12 @@ switch ($_REQUEST['state']) {
case "update_installer_status":
update_installer_status();
exit;
- case "quickeasyinstall":
- begin_quick_easy_install();
default:
installer_main();
}
function write_out_pc_sysinstaller_config($disk) {
+ global $fstype;
$fd = fopen("/PCBSD/pc-sysinstall/examples/pfSense-install.cfg", "w");
if(!$fd) {
return true;
@@ -71,7 +77,7 @@ commitDiskPart
# All sizes are expressed in MB
# Avail FS Types, UFS, UFS+S, UFS+J, ZFS, SWAP
# Size 0 means use the rest of the slice size
-disk0-part=UFS+S 0 /
+disk0-part={$fstype} 0 /
# Do it now!
commitDiskLabel
@@ -83,7 +89,7 @@ packageType=cpdup
# Optional Components
cpdupPaths=boot,COPYRIGHT,bin,conf,conf.default,dev,etc,home,kernels,libexec,lib,root,sbin,sys,usr,var
-runExtCommand=chmod a+rx /usr/local/bin/after_installation_routines.sh && cd / && /usr/local/bin/after_installation_routines.sh
+# runExtCommand=chmod a+rx /usr/local/bin/after_installation_routines.sh && cd / && /usr/local/bin/after_installation_routines.sh
EOF;
fwrite($fd, $config);
fclose($fd);
@@ -91,40 +97,140 @@ EOF;
}
function start_installation() {
+ global $g, $fstype;
+ if(file_exists("/tmp/install_complete"))
+ return;
+ $ps_running = exec("ps awwwux | grep -v grep | grep 'sh /tmp/installer.sh'");
+ if($ps_running)
+ return;
$fd = fopen("/tmp/installer.sh", "w");
if(!$fd) {
die("Could not open /tmp/installer.sh for writing");
exit;
- }
- fwrite($fd, "/PCBSD/pc-sysinstall/pc-sysinstall -c /PCBSD/pc-sysinstall/examples/pfSense-install.cfg && touch /tmp/install_complete");
+ }
+ fwrite($fd, "rm /tmp/.pc-sysinstall/pc-sysinstall.log 2>/dev/null\n");
+ fwrite($fd, "/PCBSD/pc-sysinstall/pc-sysinstall -c /PCBSD/pc-sysinstall/examples/pfSense-install.cfg \n");
+ fwrite($fd, "chmod a+rx /usr/local/bin/after_installation_routines.sh\n");
+ fwrite($fd, "cd / && /usr/local/bin/after_installation_routines.sh\n");
+ fwrite($fd, "mkdir /mnt/tmp\n");
+ fwrite($fd, "umount /mnt\n");
+ fwrite($fd, "touch /tmp/install_complete\n");
fclose($fd);
exec("chmod a+rx /tmp/installer.sh");
mwexec_bg("sh /tmp/installer.sh");
}
function installer_find_first_disk() {
+ global $g, $fstype;
$disk = `/PCBSD/pc-sysinstall/pc-sysinstall disk-list | head -n1 | cut -d':' -f1`;
return $disk;
}
function update_installer_status() {
- if(!file_exists("/tmp/.pc-sysinstall/pc-sysinstall.log"))
+ global $g, $fstype;
+ // Ensure status files exist
+ if(!file_exists("/tmp/installer_installer_running"))
+ touch("/tmp/installer_installer_running");
+ $status = `cat /tmp/.pc-sysinstall/pc-sysinstall.log`;
+ $status = str_replace("\n", "\\n", $status);
+ $status = str_replace("\n", "\\r", $status);
+ echo "this.document.forms[0].installeroutput.value='$status';\n";
+ echo "this.document.forms[0].installeroutput.scrollTop = this.document.forms[0].installeroutput.scrollHeight;\n";
+ // Find out installer progress
+ $progress = "5";
+ if(strstr($status, "Running: dd"))
+ $progress = "6";
+ if(strstr($status, "Running: gpart create -s GPT"))
+ $progress = "7";
+ if(strstr($status, "Running: gpart bootcode"))
+ $progress = "7";
+ if(strstr($status, "Running: newfs -U"))
+ $progress = "8";
+ if(strstr($status, "Running: sync"))
+ $progress = "9";
+ if(strstr($status, "/boot /mnt/boot"))
+ $progress = "10";
+ if(strstr($status, "/COPYRIGHT /mnt/COPYRIGHT"))
+ $progress = "11";
+ if(strstr($status, "/bin /mnt/bin"))
+ $progress = "12";
+ if(strstr($status, "/conf /mnt/conf"))
+ $progress = "15";
+ if(strstr($status, "/conf.default /mnt/conf.default"))
+ $progress = "20";
+ if(strstr($status, "/dev /mnt/dev"))
+ $progress = "25";
+ if(strstr($status, "/etc /mnt/etc"))
+ $progress = "30";
+ if(strstr($status, "/home /mnt/home"))
+ $progress = "35";
+ if(strstr($status, "/kernels /mnt/kernels"))
+ $progress = "40";
+ if(strstr($status, "/libexec /mnt/libexec"))
+ $progress = "50";
+ if(strstr($status, "/lib /mnt/lib"))
+ $progress = "60";
+ if(strstr($status, "/root /mnt/root"))
+ $progress = "70";
+ if(strstr($status, "/sbin /mnt/sbin"))
+ $progress = "75";
+ if(strstr($status, "/sys /mnt/sys"))
+ $progress = "80";
+ if(strstr($status, "/usr /mnt/usr"))
+ $progress = "95";
+ if(strstr($status, "/usr /mnt/usr"))
+ $progress = "90";
+ if(strstr($status, "/var /mnt/var"))
+ $progress = "95";
+ if(strstr($status, "cap_mkdb /etc/login.conf"))
+ $progress = "96";
+ if(strstr($status, "Setting hostname"))
+ $progress = "97";
+ if(strstr($status, "umount -f /mnt"))
+ $progress = "98";
+ if(strstr($status, "umount -f /mnt"))
+ $progress = "99";
+ if(strstr($status, "Installation finished"))
+ $progress = "100";
+ // Check for error and bail if we see one.
+ if(stristr($status, "error")) {
+ $error = true;
+ echo "\$('installerrunning').innerHTML='<img class=\"infoboxnpimg\" src=\"/themes/{$g['theme']}/images/icons/icon_exclam.gif\"> <font size=\"2\"><b>An error occurred. Aborting installation.'; ";
+ echo "\$('progressbar').style.width='100%';\n";
+ unlink("/tmp/install_complete");
return;
- echo `tail -n20 /tmp/.pc-sysinstall/pc-sysinstall.log`;
+ }
+ $running_old = trim(file_get_contents("/tmp/installer_installer_running"));
+ if($installer_running <> "running") {
+ $ps_running = exec("ps awwwux | grep -v grep | grep 'sh /tmp/installer.sh'");
+ if($ps_running) {
+ $running = "\$('installerrunning').innerHTML='<table><tr><td valign=\"middle\"><img src=\"/themes/{$g['theme']}/images/misc/loader.gif\"></td><td valign=\"middle\">&nbsp;<font size=\"2\"><b>Installer running ({$progress}% completed)...</td></tr></table>'; ";
+ if($running_old <> $running) {
+ echo $running;
+ file_put_contents("/tmp/installer_installer_running", "$running");
+ }
+ }
+ }
+ if($progress)
+ echo "\$('progressbar').style.width='{$progress}%';\n";
if(file_exists("/tmp/install_complete")) {
- echo "Installation completed.";
+ echo "\$('installerrunning').innerHTML='<img class=\"infoboxnpimg\" src=\"/themes/{$g['theme']}/images/icons/icon_exclam.gif\"> <font size=\"+1\">Installation completed. Please <a href=\"reboot.php\">reboot</a> to continue';\n";
unlink_if_exists("/tmp/installer.sh");
+ file_put_contents("/tmp/installer_installer_running", "finished");
}
}
function update_installer_status_win($status) {
+ global $g, $fstype;
echo "<script type=\"text/javascript\">\n";
- echo "\$('installeroutput').value = '" . str_replace(htmlentities($status), "\n", "") . "';\n";
- echo "installeroutput.scroll = installeroutput.maxScroll;\n";
+ echo " \$('installeroutput').value = '" . str_replace(htmlentities($status), "\n", "") . "';\n";
echo "</script>";
}
function begin_quick_easy_install() {
+ global $g, $fstype;
+ if(file_exists("/tmp/install_complete"))
+ return;
unlink_if_exists("/tmp/install_complete");
$disk = installer_find_first_disk();
if(!$disk) {
@@ -138,37 +244,69 @@ function begin_quick_easy_install() {
start_installation();
}
+function head_html() {
+ global $g, $fstype;
+ echo <<<EOF
+<html>
+ <head>
+ <style type='text/css'>
+ a:link {
+ color: #000000;
+ text-decoration:underline;
+ font-size:14;
+ }
+ a:visited {
+ color: #000000;
+ text-decoration:underline;
+ font-size:14;
+ }
+ a:hover {
+ color: #FFFF00;
+ text-decoration: none;
+ font-size:14;
+ }
+ a:active {
+ color: #FFFF00;
+ text-decoration:underline;
+ font-size:14;
+ }
+ </style>
+ </head>
+EOF;
+
+}
+
function body_html() {
+ global $g, $fstype;
$pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
if(strstr($pfSversion, "1.2"))
$one_two = true;
- $pgtitle = "pfSense: Installer";
+ $pgtitle = "{$g['product_name']}: Installer";
include("head.inc");
echo <<<EOF
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<script src="/javascript/scriptaculous/prototype.js" type="text/javascript"></script>
- <script type="text/javascript">
- function getinstallerprogress() {
- url = 'installer.php';
- pars = 'state=update_installer_status';
- callajax(url, pars, installcallback);
- }
- function callajax(url, pars, activitycallback) {
- var myAjax = new Ajax.Request(
- url,
- {
- method: 'post',
- parameters: pars,
- onComplete: activitycallback
- });
- }
- function installcallback(transport) {
- this.document.forms[0].installeroutput.value=transport.responseText;
- setTimeout('getinstallerprogress()', 1000);
- }
+ <script type="text/javascript">
+ function getinstallerprogress() {
+ url = 'installer.php';
+ pars = 'state=update_installer_status';
+ callajax(url, pars, installcallback);
+ }
+ function callajax(url, pars, activitycallback) {
+ var myAjax = new Ajax.Request(
+ url,
+ {
+ method: 'post',
+ parameters: pars,
+ onComplete: activitycallback
+ });
+ }
+ function installcallback(transport) {
+ setTimeout('getinstallerprogress()', 2000);
+ eval(transport.responseText);
+ }
</script>
EOF;
- include("fbegin.inc");
if($one_two)
echo "<p class=\"pgtitle\">{$pgtitle}</font></p>";
@@ -177,13 +315,15 @@ EOF;
}
function end_html() {
+ global $g, $fstype;
echo "</form>";
- include("fend.inc");
echo "</body>";
echo "</html>";
}
function template() {
+ global $g, $fstype;
+ head_html();
body_html();
echo <<<EOF
<div id="mainlevel">
@@ -212,64 +352,158 @@ EOF;
}
function quickeasyinstall_gui() {
+ global $g, $fstype;
+ head_html();
body_html();
+ echo "<form action=\"installer.php\" method=\"post\" state=\"step1_post\">";
+ page_table_start();
echo <<<EOF
- <div id="mainlevel">
- <table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
- <div id="mainarea">
- <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td class="tabcont" >
- <form action="installer.php" method="post" state="step1_post">
- <div id="pfsenseinstaller">
- Starting Installer... Please wait...<p/>
- {{ Insert progressbar here }}<p/>
- <textarea name='installeroutput' id='installeroutput' rows="20" cols="80">
- </textarea>
- </div>
- </td>
- </tr>
- </table>
- </div>
- </td>
- </tr>
+ <center>
+ <table width="100%">
+ <tr><td>
+ <div id="mainlevel">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+ <div id="mainarea">
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+ <div id="pfsenseinstaller" width="100%">
+ <div id='installerrunning' width='100%' style="padding:8px; border:1px dashed #000000">
+ <table>
+ <tr>
+ <td valign="middle">
+ <img src="/themes/{$g['theme']}/images/misc/loader.gif">
+ </td>
+ <td valign="middle">
+ &nbsp;<font size="2"><b>Starting Installer... Please wait...
+ </td>
+ </tr>
+ </table>
+ </div>
+ <br/>
+ <center>
+ <table height='15' width='640' border='0' colspacing='0' cellpadding='0' cellspacing='0'>
+ <tr>
+ <td background="./themes/the_wall/images/misc/bar_left.gif" height='15' width='5'>
+ </td>
+ <td>
+ <table id="progholder" name="progholder" height='15' width='630' border='0' colspacing='0' cellpadding='0' cellspacing='0'>
+ <td background="./themes/the_wall/images/misc/bar_gray.gif" valign="top" align="left">
+ <img src='./themes/the_wall/images/misc/bar_blue.gif' width='0' height='15' name='progressbar' id='progressbar'>
+ </td>
+ </table>
+ </td>
+ <td background="./themes/the_wall/images/misc/bar_right.gif" height='15' width='5'>
+ </td>
+ </tr>
+ </table>
+ <br/>
+ <textarea name='installeroutput' id='installeroutput' rows="31" cols="90">
+ </textarea>
+ </div>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td></tr>
</table>
- </div>
+ </center>
<script type="text/javascript">setTimeout('getinstallerprogress()', 250);</script>
+
EOF;
+ page_table_end();
end_html();
+ begin_quick_easy_install();
+}
+
+function page_table_start() {
+ global $g, $fstype;
+ echo <<<EOF
+ <center>
+ <img border="0" src="./themes/{$g['theme']}/images/logo.gif"></a><br/>
+ <table cellpadding="6" cellspacing="0" width="640" height="480" style="border:1px solid #000000">
+ <tr height="10" bgcolor="#990000">
+ <td style="border-bottom:1px solid #000000">
+ <font color='white'>
+ <b>
+ {$g['product_name']} installer
+ </b>
+ </font>
+ </td>
+ </tr>
+ <tr>
+ <td>
+
+EOF;
+
+}
+
+function page_table_end() {
+ global $g, $fstype;
+ echo <<<EOF
+ </td>
+ </tr>
+ </table>
+ </center>
+
+EOF;
+
}
function installer_main() {
+ global $g, $fstype;
+ if(file_exists("/tmp/.pc-sysinstall/pc-sysinstall.log"))
+ unlink("/tmp/.pc-sysinstall/pc-sysinstall.log");
+ head_html();
body_html();
+ // Only enable ZFS if this exists. The install will fail otherwise.
+ if(file_exists("/boot/gptzfsboot"))
+ $zfs_enabled = "or <a href=\"installer.php?state=quickeasyinstall&fstype=ZFS\">ZFS</a> ";
$disk = installer_find_first_disk();
if(!$disk)
echo "WARNING: Could not find any suitable disks for installation.";
+ page_table_start();
echo <<<EOF
- <div id="mainlevel">
- <table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
- <div id="mainarea">
- <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td class="tabcont" >
- <form action="installer.php" method="post" state="step1_post">
- <div id="pfsenseinstaller">
- <a onclick="return confirm('Are you sure you want to install pfSense to $disk?')"> href='installer.php?state=quickeasyinstall'>Quick/Easy installation</a>
- </p>
- </div>
- </td>
- </tr>
- </table>
- </div>
- </td>
- </tr>
- </table>
- </div>
+ <form action="installer.php" method="post" state="step1_post">
+ <div id="mainlevel">
+ <center>
+ <b><font face="arial" size="+2">Welcome to the {$g['product_name']} PCSysInstaller!</b></font><p/>
+ <font face="arial" size="+1">This utility will install {$g['product_name']} to a hard disk, flash drive, etc.</font>
+ <table width="100%" border="0" cellpadding="5" cellspacing="0">
+ <tr>
+ <td>
+ <center>
+ <div id="mainarea">
+ <br/>
+ <center>
+ Please select an installer option to begin:
+ <table width="100%" border="0" cellpadding="5" cellspacing="5">
+ <tr>
+ <td>
+ <div id="pfsenseinstaller">
+ <center>
+ Rescue config.xml<p/>
+ Install {$g['product_name']} using the <a href="installer.php?state=quickeasyinstall">UFS</a>
+ {$zfs_enabled}
+ filesystem.
+ </p>
+ </div>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+ </tr>
+ </table>
+ </div>
EOF;
+ page_table_end();
end_html();
}
diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php
index 7d3a548..340a6f8 100755
--- a/usr/local/www/interfaces.php
+++ b/usr/local/www/interfaces.php
@@ -71,7 +71,7 @@ if (!is_array($config['ppps']['ppp']))
$a_ppps = &$config['ppps']['ppp'];
function remove_bad_chars($string) {
- return preg_replace('/[^a-z|_|0-9]/i','',$string);
+ return preg_replace('/[^a-z_0-9]/i','',$string);
}
if (!is_array($config['gateways']['gateway_item']))
@@ -215,6 +215,8 @@ $pconfig['mtu'] = $wancfg['mtu'];
/* Wireless interface? */
if (isset($wancfg['wireless'])) {
+ /* Sync first to be sure it displays the actual settings that will be used */
+ interface_sync_wireless_clones($wancfg, false);
/* Get wireless modes */
$wlanif = get_real_interface($if);
if (!does_interface_exist($wlanif))
@@ -228,6 +230,7 @@ if (isset($wancfg['wireless'])) {
$wl_regdomains_attr = &$wl_regdomain_xml_attr['regulatory-domains']['rd'];
$wl_countries = &$wl_regdomain_xml['country-codes']['country'];
$wl_countries_attr = &$wl_regdomain_xml_attr['country-codes']['country'];
+ $pconfig['persistcommonwireless'] = isset($config['wireless']['interfaces'][$wlanbaseif]);
$pconfig['standard'] = $wancfg['wireless']['standard'];
$pconfig['mode'] = $wancfg['wireless']['mode'];
$pconfig['protmode'] = $wancfg['wireless']['protmode'];
@@ -666,7 +669,7 @@ if ($_POST) {
} // end if($_POST)
function handle_wireless_post() {
- global $_POST, $config, $g, $wancfg, $if, $wl_countries_attr;
+ global $_POST, $config, $g, $wancfg, $if, $wl_countries_attr, $wlanbaseif;
if (!is_array($wancfg['wireless']))
$wancfg['wireless'] = array();
$wancfg['wireless']['standard'] = $_POST['standard'];
@@ -702,6 +705,11 @@ function handle_wireless_post() {
$wancfg['wireless']['auth_server_addr'] = $_POST['auth_server_addr'];
$wancfg['wireless']['auth_server_port'] = $_POST['auth_server_port'];
$wancfg['wireless']['auth_server_shared_secret'] = $_POST['auth_server_shared_secret'];
+ if ($_POST['persistcommonwireless'] == "yes") {
+ if (!is_array($config['wireless']['interfaces'][$wlanbaseif]))
+ $config['wireless']['interfaces'][$wlanbaseif] = array();
+ } else if (isset($config['wireless']['interfaces'][$wlanbaseif]))
+ unset($config['wireless']['interfaces'][$wlanbaseif]);
if ($_POST['hidessid_enable'] == "yes")
$wancfg['wireless']['hidessid']['enable'] = true;
else if (isset($wancfg['wireless']['hidessid']['enable']))
@@ -1454,12 +1462,12 @@ $types = array("none" => "None", "static" => "Static", "dhcp" => "DHCP", "ppp" =
<?php if (isset($pconfig['pppid'])): ?>
<td width="78%" class="vtable">
<a href="/interfaces_ppps_edit.php?id=<?=htmlspecialchars($pconfig['pppid']);?>" class="navlnk">Click here</a>
- for additional PPtP and L2tP configuration options. Save first if you made changes.
+ for additional PPTP and L2TP configuration options. Save first if you made changes.
</td>
<? else: ?>
<td width="78%" class="vtable">
<a href="/interfaces_ppps_edit.php" class="navlnk">Click here</a>
- for advanced PPtP and L2tP configuration options.
+ for advanced PPTP and L2TP configuration options.
</td>
<? endif; ?>
</tr>
@@ -1477,6 +1485,13 @@ $types = array("none" => "None", "static" => "Static", "dhcp" => "DHCP", "ppp" =
<td colspan="2" valign="top" class="listtopic">Common wireless configuration - Settings apply to all wireless networks on <?=$wlanbaseif;?>.</td>
</tr>
<tr>
+ <td valign="top" class="vncell">Persist common settings</td>
+ <td class="vtable">
+ <input name="persistcommonwireless" type="checkbox" value="yes" class="formfld" id="persistcommonwireless" <? if ($pconfig['persistcommonwireless']) echo "checked";?>>
+ <br/>Enabling this preserves the common wireless configuration through interface deletions and reassignments.
+ </td>
+ </tr>
+ <tr>
<td valign="top" class="vncellreq">Standard</td>
<td class="vtable">
<select name="standard" class="formselect" id="standard">
@@ -1615,7 +1630,7 @@ $types = array("none" => "None", "static" => "Static", "dhcp" => "DHCP", "ppp" =
<td colspan="2" valign="top" height="16"></td>
</tr>
<tr>
- <td colspan="2" valign="top" class="listtopic">Wireless configuration</td>
+ <td colspan="2" valign="top" class="listtopic">Network-specific wireless configuration</td>
</tr>
<tr>
<td valign="top" class="vncellreq">Mode</td>
@@ -1979,10 +1994,7 @@ $types = array("none" => "None", "static" => "Static", "dhcp" => "DHCP", "ppp" =
}
}
<?php
- if ($if == "wan" || $if == "lan")
- echo "\$('allcfg').show();\n";
- else
- echo "show_allcfg(document.iform.enable);";
+ echo "show_allcfg(document.iform.enable);";
echo "updateType('{$pconfig['type']}');\n";
?>
</script>
diff --git a/usr/local/www/interfaces_groups_edit.php b/usr/local/www/interfaces_groups_edit.php
index 51feffd..430bd7b 100755
--- a/usr/local/www/interfaces_groups_edit.php
+++ b/usr/local/www/interfaces_groups_edit.php
@@ -71,6 +71,11 @@ if ($_POST) {
if (preg_match("/([^a-zA-Z])+/", $_POST['ifname'], $match))
$input_errors[] = "Only letters A-Z are allowed as the group name.";
+ $ifaces = get_configured_interface_with_descr();
+ foreach ($ifaces as $gif => $gdescr) {
+ if ($gdescr == $_POST['ifname'] || $gif == $_POST['ifname'])
+ $input_errors[] = "The specified group name is already used by an interface. Please choose another name.";
+ }
$ifgroupentry = array();
$ifgroupentry['ifname'] = $_POST['ifname'];
$members = "";
diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php
index 29acb1c..171f583 100755
--- a/usr/local/www/services_captiveportal_ip.php
+++ b/usr/local/www/services_captiveportal_ip.php
@@ -59,10 +59,16 @@ if ($_GET['act'] == "del") {
$ipent = $a_allowedips[$_GET['id']];
if (isset($config['captiveportal']['enable'])) {
+ if (!empty($ipent['sn']))
+ $ipent['ip'] .= "/{$ipent['sn']}";
mwexec("/sbin/ipfw table 3 delete " . $ipent['ip']);
mwexec("/sbin/ipfw table 4 delete " . $ipent['ip']);
mwexec("/sbin/ipfw table 5 delete " . $ipent['ip']);
mwexec("/sbin/ipfw table 6 delete " . $ipent['ip']);
+ mwexec("/sbin/ipfw table 7 delete " . $ipent['ip']);
+ mwexec("/sbin/ipfw table 8 delete " . $ipent['ip']);
+ mwexec("/sbin/ipfw table 9 delete " . $ipent['ip']);
+ mwexec("/sbin/ipfw table 10 delete " . $ipent['ip']);
}
unset($a_allowedips[$_GET['id']]);
@@ -109,13 +115,23 @@ include("head.inc");
<?php $i = 0; foreach ($a_allowedips as $ip): ?>
<tr ondblclick="document.location='services_captiveportal_ip_edit.php?id=<?=$i;?>'">
<td class="listlr">
- <?php if($ip['dir'] == "to")
- echo "any <img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\">";
+ <?php
+ if($ip['dir'] == "to") {
+ echo "any <img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> ";
+ }
+ if($ip['dir'] == "both") {
+ echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_pass.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> ";
+ }
+ echo strtolower($ip['ip']);
+ if($ip['sn'] != "32" && is_numeric($ip['sn'])) {
+ $sn = $ip['sn'];
+ echo "/$sn";
+ }
+ if($ip['dir'] == "from") {
+ echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> any";
+ }
+
?>
- <?=strtolower($ip['ip']);?>
- <?php if($ip['dir'] == "from")
- echo "<img src=\"in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> any";
- ?>
</td>
<td class="listbg">
<?=htmlspecialchars($ip['descr']);?>&nbsp;
@@ -152,6 +168,10 @@ include("head.inc");
<td>x.x.x.x <span class="vexpl"><img src="/themes/<?=$g['theme'];?>/images/icons/icon_in.gif" width="11" height="11" align="absmiddle"></span> any&nbsp;&nbsp;&nbsp; </td>
<td><span class="vexpl">All connections <strong>from</strong> the IP address are allowed </span></td>
</tr>
+ <tr>
+ <td><span class="vexpl"><img src="/themes/<?=$g['theme'];?>/images/icons/icon_pass.gif" width="11" height="11" align="right"></span>&nbsp;&nbsp;&nbsp;&nbsp; </td>
+ <td><span class="vexpl"> All connections <strong>to</strong> and <strong>from</strong> the IP address are allowed </span></td>
+ </tr>
</table></td>
<td class="list">&nbsp;</td>
</tr>
diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php
index 419327d..e6eab55 100755
--- a/usr/local/www/services_captiveportal_ip_edit.php
+++ b/usr/local/www/services_captiveportal_ip_edit.php
@@ -70,6 +70,7 @@ if (isset($_POST['id']))
if (isset($id) && $a_allowedips[$id]) {
$pconfig['ip'] = $a_allowedips[$id]['ip'];
+ $pconfig['sn'] = $a_allowedips[$id]['sn'];
$pconfig['dir'] = $a_allowedips[$id]['dir'];
$pconfig['bw_up'] = $a_allowedips[$id]['bw_up'];
$pconfig['bw_down'] = $a_allowedips[$id]['bw_down'];
@@ -108,6 +109,7 @@ if ($_POST) {
if (!$input_errors) {
$ip = array();
$ip['ip'] = $_POST['ip'];
+ $ip['sn'] = $_POST['sn'];
$ip['dir'] = $_POST['dir'];
$ip['descr'] = $_POST['descr'];
if ($_POST['bw_up'])
@@ -116,9 +118,13 @@ if ($_POST) {
$ip['bw_down'] = $_POST['bw_down'];
if (isset($id) && $a_allowedips[$id]) {
$oldip = $a_allowedips[$id]['ip'];
+ if (!empty($a_allowedips[$id]['sn']))
+ $oldip .= "/{$a_allowedips[$id]['sn']}";
$a_allowedips[$id] = $ip;
} else {
$oldip = $ip['ip'];
+ if (!empty($$ip['sn']))
+ $oldip .= "/{$$ip['sn']}";
$a_allowedips[] = $ip;
}
allowedips_sort();
@@ -168,8 +174,13 @@ include("head.inc");
<td width="22%" valign="top" class="vncellreq">IP address</td>
<td width="78%" class="vtable">
<?=$mandfldhtml;?><input name="ip" type="text" class="formfld unknown" id="ip" size="17" value="<?=htmlspecialchars($pconfig['ip']);?>">
+ /<select name='sn' class="formselect" id='sn'>
+ <?php for ($i = 32; $i >= 1; $i--): ?>
+ <option value="<?=$i;?>" <?php if ($i == $pconfig['sn']) echo "selected"; ?>><?=$i;?></option>
+ <?php endfor; ?>
+ </select>
<br>
- <span class="vexpl">IP address</span></td>
+ <span class="vexpl">IP address and subnet mask. Use /32 for a single IP.</span></td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">Description</td>
diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php
index b55e750..d5dace5 100755
--- a/usr/local/www/services_captiveportal_mac_edit.php
+++ b/usr/local/www/services_captiveportal_mac_edit.php
@@ -131,11 +131,12 @@ if ($_POST) {
captiveportal_free_ipfw_ruleno($ruleno);
$rules = "delete {$ruleno}\n";
$rules .= "delete " . ++$ruleno . "\n";
- $rules .= captiveportal_passthrumac_configure_entry($mac);
- file_put_contents("{$g['tmp_path']}/tmpmacedit{$id}", $rules);
- mwexec("/sbin/ipfw -q {$g['tmp_path']}/tmpmacedit{$id}");
- @unlink("{$g['tmp_path']}/tmpmacedit{$id}");
}
+
+ $rules .= captiveportal_passthrumac_configure_entry($mac);
+ file_put_contents("{$g['tmp_path']}/tmpmacedit{$id}", $rules);
+ mwexec("/sbin/ipfw -q {$g['tmp_path']}/tmpmacedit{$id}");
+ @unlink("{$g['tmp_path']}/tmpmacedit{$id}");
header("Location: services_captiveportal_mac.php");
exit;
diff --git a/usr/local/www/services_dhcp.php b/usr/local/www/services_dhcp.php
index 79fd1d8..9f4d9d6 100755
--- a/usr/local/www/services_dhcp.php
+++ b/usr/local/www/services_dhcp.php
@@ -252,6 +252,13 @@ if ($_POST) {
}
}
+ $noip = false;
+ foreach ($a_maps as $map)
+ if (empty($map['ipaddr']))
+ $noip = true;
+ if ($_POST['staticarp'] && $noip)
+ $input_errors[] = "Cannot enable static ARP when you have static map entries without IP addresses. Ensure all static maps have IP addresses and try again.";
+
if (!$input_errors) {
/* make sure the range lies within the current subnet */
$subnet_start = ip2ulong(long2ip32(ip2long($ifcfgip) & gen_subnet_mask_long($ifcfgsn)));
@@ -330,9 +337,6 @@ if ($_POST) {
write_config();
- /* static arp configuration */
- interfaces_staticarp_configure($if);
-
$retval = 0;
$retvaldhcp = 0;
$retvaldns = 0;
diff --git a/usr/local/www/services_dhcp_edit.php b/usr/local/www/services_dhcp_edit.php
index 02a7315..dd98fa4 100755
--- a/usr/local/www/services_dhcp_edit.php
+++ b/usr/local/www/services_dhcp_edit.php
@@ -72,7 +72,7 @@ if (!is_array($config['dhcpd'][$if]['staticmap'])) {
$config['dhcpd'][$if]['staticmap'] = array();
}
-$static_map_enabled=isset($config['dhcpd'][$if]['staticarp']);
+$static_arp_enabled=isset($config['dhcpd'][$if]['staticarp']);
$a_maps = &$config['dhcpd'][$if]['staticmap'];
$ifcfgip = get_interface_ip($if);
@@ -123,8 +123,8 @@ if ($_POST) {
if (($_POST['mac'] && !is_macaddr($_POST['mac']))) {
$input_errors[] = "A valid MAC address must be specified.";
}
- if($static_map_enabled && !$_POST['ipaddr']) {
- $input_errors[] = "Static map is enabled. You must specify an IP address.";
+ if($static_arp_enabled && !$_POST['ipaddr']) {
+ $input_errors[] = "Static ARP is enabled. You must specify an IP address.";
}
/* check for overlaps */
diff --git a/usr/local/www/services_rfc2136.php b/usr/local/www/services_rfc2136.php
index 80edc0b..a8e9913 100644
--- a/usr/local/www/services_rfc2136.php
+++ b/usr/local/www/services_rfc2136.php
@@ -48,7 +48,7 @@ if ($_GET['act'] == "del") {
write_config();
- header("Location: services_dyndns.php");
+ header("Location: services_rfc2136.php");
exit;
}
@@ -105,9 +105,9 @@ include("head.inc");
</tr>
<tr>
<td colspan="3" class="list"><p class="vexpl"><span class="red"><strong>
- Note:<br>
+ <br>
</strong></span>
- Add something meaningful here.
+
</td>
<td class="list">&nbsp;</td>
</tr>
diff --git a/usr/local/www/services_rfc2136_edit.php b/usr/local/www/services_rfc2136_edit.php
index 97f8770..a7d9e7b 100644
--- a/usr/local/www/services_rfc2136_edit.php
+++ b/usr/local/www/services_rfc2136_edit.php
@@ -81,7 +81,7 @@ if ($_POST) {
if (!$input_errors) {
$rfc2136 = array();
- $rfc2136['enable'] = $_POST['enable'] ? false : true;
+ $rfc2136['enable'] = $_POST['enable'] ? true : false;
$rfc2136['host'] = $_POST['host'];
$rfc2136['ttl'] = $_POST['ttl'];
$rfc2136['keyname'] = $_POST['keyname'];
diff --git a/usr/local/www/services_snmp.php b/usr/local/www/services_snmp.php
index 9540d98..a9f8b7b 100755
--- a/usr/local/www/services_snmp.php
+++ b/usr/local/www/services_snmp.php
@@ -290,7 +290,7 @@ function enable_change(whichone) {
<td width="22%" valign="top" class="vncellreq">Read Community String</td>
<td width="78%" class="vtable">
<input name="rocommunity" type="text" class="formfld unknown" id="rocommunity" size="40" value="<?=htmlspecialchars($pconfig['rocommunity']);?>">
- <br>In most cases, &quot;public&quot; is used here</br>
+ <br>The community string is like a password, restricting access to querying SNMP to hosts knowing the community string. Use a strong value here to protect from unauthorized information disclosure.</br>
</td>
</tr>
diff --git a/usr/local/www/status.php b/usr/local/www/status.php
index bc2656d..d1985e3 100755
--- a/usr/local/www/status.php
+++ b/usr/local/www/status.php
@@ -168,7 +168,7 @@ defCmdT("pftop -w 150 -a -b -v speed","/usr/local/sbin/pftop -w 150 -a -b -v spe
defCmdT("resolv.conf","cat /etc/resolv.conf");
defCmdT("Processes","ps xauww");
-defCmdT("dhcpd.conf","cat /var/etc/dhcpd.conf");
+defCmdT("dhcpd.conf","cat /var/dhcpd/etc/dhcpd.conf");
defCmdT("ez-ipupdate.cache","cat /conf/ez-ipupdate.cache");
defCmdT("df","/bin/df");
diff --git a/usr/local/www/status_gateway_groups.php b/usr/local/www/status_gateway_groups.php
index 5ed4aa9..2a91b77 100755
--- a/usr/local/www/status_gateway_groups.php
+++ b/usr/local/www/status_gateway_groups.php
@@ -4,7 +4,7 @@
status_gateway_groups.php
part of pfSense (http://pfsense.com)
- Copyright (C) 2007 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/status_gateways.php b/usr/local/www/status_gateways.php
index 72e14b2..bffdb3b 100755
--- a/usr/local/www/status_gateways.php
+++ b/usr/local/www/status_gateways.php
@@ -4,7 +4,7 @@
status_gateways.php
part of pfSense (http://www.pfsense.com/)
- Copyright (C) 2006 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/status_lb_pool.php b/usr/local/www/status_lb_pool.php
index 18b4c57..5a87e35 100755
--- a/usr/local/www/status_lb_pool.php
+++ b/usr/local/www/status_lb_pool.php
@@ -4,7 +4,7 @@
status_lb_pool.php
part of pfSense (http://www.pfsense.com/)
- Copyright (C) 2006 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/status_lb_vs.php b/usr/local/www/status_lb_vs.php
index 0589425..5d74cf3 100755
--- a/usr/local/www/status_lb_vs.php
+++ b/usr/local/www/status_lb_vs.php
@@ -4,7 +4,7 @@
status_lb_vs.php
part of pfSense (http://www.pfsense.com/)
- Copyright (C) 2007 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/status_rrd_graph.php b/usr/local/www/status_rrd_graph.php
index 115d12c..97454c9 100755
--- a/usr/local/www/status_rrd_graph.php
+++ b/usr/local/www/status_rrd_graph.php
@@ -3,7 +3,7 @@
/*
status_rrd_graph.php
Part of pfSense
- Copyright (C) 2007 Seth Mos <seth.mos@xs4all.nl>
+ Copyright (C) 2007 Seth Mos <seth.mos@dds.nl>
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -28,7 +28,6 @@
POSSIBILITY OF SUCH DAMAGE.
*/
/*
- pfSense_BUILDER_BINARIES: /usr/bin/find
pfSense_MODULE: system
*/
@@ -50,8 +49,9 @@ if(! isset($config['rrd']['enable'])) {
}
$rrddbpath = "/var/db/rrd/";
-/* XXX: (billm) do we have an exec() type function that does this type of thing? */
-exec("cd $rrddbpath;/usr/bin/find -name *.rrd", $databases);
+chdir($rrddbpath);
+$databases = glob("*.rrd");
+
if ($_GET['cat']) {
$curcat = $_GET['cat'];
@@ -109,12 +109,46 @@ if ($_GET['option']) {
continue 2;
}
}
+ case "vpnusers":
+ foreach($databases as $database) {
+ if(preg_match("/[-]vpnusers\.rrd/i", $database)) {
+ /* pick off the 1st database we find that matches the VPN graphs */
+ $name = explode("-", $database);
+ $curoption = "$name[0]";
+ continue 2;
+ }
+ }
default:
$curoption = "wan";
break;
}
}
+$now = time();
+if($curcat == "custom") {
+ if (is_numeric($_GET['start'])) {
+ if($start < ($now - (3600 * 24 * 365 * 5))) {
+ $start = $now - (4 * 3600);
+ }
+ $start = $_GET['start'];
+ } else {
+ $start = $now - (4 * 3600);
+ }
+}
+
+if (is_numeric($_GET['end'])) {
+ $end = $_GET['end'];
+} else {
+ $end = $now;
+}
+
+/* this should never happen */
+if($end < $start) {
+ $end = $now;
+}
+
+$seconds = $end - $start;
+
if ($_GET['style']) {
$curstyle = $_GET['style'];
} else {
@@ -133,6 +167,7 @@ $dbheader = array("allgraphs-traffic.rrd",
"allgraphs-quality.rrd",
"allgraphs-wireless.rrd",
"allgraphs-cellular.rrd",
+ "allgraphs-vpnusers.rrd",
"allgraphs-packets.rrd",
"system-allgraphs.rrd",
"system-throughput.rrd",
@@ -141,15 +176,18 @@ $dbheader = array("allgraphs-traffic.rrd",
"outbound-traffic.rrd");
foreach($databases as $database) {
- if(stristr($database, "wireless")) {
+ if(stristr($database, "-wireless")) {
$wireless = true;
}
- if(stristr($database, "queues")) {
+ if(stristr($database, "-queues")) {
$queues = true;
}
- if(stristr($database, "cellular")) {
+ if(stristr($database, "-cellular")) {
$cellular = true;
}
+ if(stristr($database, "-vpnusers")) {
+ $vpnusers = true;
+ }
}
/* append the existing array to the header */
$ui_databases = array_merge($dbheader, $databases);
@@ -168,7 +206,7 @@ function get_dates($curperiod, $graph) {
$curyear = date('Y', $now);
$curmonth = date('m', $now);
$curweek = date('W', $now);
- $curweekday = date('w', $now);
+ $curweekday = date('N', $now) - 1; // We want to start on monday
$curday = date('d', $now);
switch($curperiod) {
@@ -184,8 +222,16 @@ function get_dates($curperiod, $graph) {
$end = mktime(0, 0, 0, $curmonth, (($curday + $offset) + 1), $curyear);
break;
case "week":
- $start = mktime(0, 0, 0, $curmonth, (($curday + $curweekday) - $offset), $curyear);
- $end = mktime(0, 0, 0, $curmonth, (($curday + $curweekday) + 7), $curyear);
+ switch($offset) {
+ case 0;
+ $weekoffset = 0;
+ break;
+ default:
+ $weekoffset = ($offset * 7) - 7;
+ break;
+ }
+ $start = mktime(0, 0, 0, $curmonth, (($curday - $curweekday) + $weekoffset), $curyear);
+ $end = mktime(0, 0, 0, $curmonth, (($curday - $curweekday) + $weekoffset + 7), $curyear);
break;
case "month":
$start = mktime(0, 0, 0, ($curmonth + $offset), 0, $curyear);
@@ -232,9 +278,9 @@ function get_dates($curperiod, $graph) {
$tab_array[] = array("Quality", $tabactive, "status_rrd_graph.php?cat=quality");
if($queues) {
if($curcat == "queues") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("Queues", $tabactive, "status_rrd_graph.php?cat=queues");
+ $tab_array[] = array("Queues", $tabactive, "status_rrd_graph.php?cat=queues");
if($curcat == "queuedrops") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("QueueDrops", $tabactive, "status_rrd_graph.php?cat=queuedrops");
+ $tab_array[] = array("QueueDrops", $tabactive, "status_rrd_graph.php?cat=queuedrops");
}
if($wireless) {
if($curcat == "wireless") { $tabactive = True; } else { $tabactive = False; }
@@ -244,6 +290,12 @@ function get_dates($curperiod, $graph) {
if($curcat == "cellular") { $tabactive = True; } else { $tabactive = False; }
$tab_array[] = array("Cellular", $tabactive, "status_rrd_graph.php?cat=cellular");
}
+ if($vpnusers) {
+ if($curcat == "vpnusers") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("VPN", $tabactive, "status_rrd_graph.php?cat=vpnusers");
+ }
+ if($curcat == "custom") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("Custom", $tabactive, "status_rrd_graph.php?cat=custom");
if($curcat == "settings") { $tabactive = True; } else { $tabactive = False; }
$tab_array[] = array("Settings", $tabactive, "status_rrd_graph_settings.php");
display_top_tabs($tab_array);
@@ -263,6 +315,19 @@ function get_dates($curperiod, $graph) {
<select name="option" class="formselect" style="z-index: -10;" onchange="document.form1.submit()">
<?php
+ if($curcat == "custom") {
+ foreach ($databases as $db => $database) {
+ $optionc = split("-", $database);
+ $search = array("-", ".rrd", $optionc);
+ $replace = array(" :: ", "", $friendly);
+ echo "<option value=\"{$database}\"";
+ $prettyprint = ucwords(str_replace($search, $replace, $database));
+ if($curoption == $database) {
+ echo " selected ";
+ }
+ echo ">" . htmlspecialchars($prettyprint) . "</option>\n";
+ }
+ }
foreach ($ui_databases as $db => $database) {
if(! preg_match("/($curcat)/i", $database)) {
continue;
@@ -270,11 +335,12 @@ function get_dates($curperiod, $graph) {
$optionc = split("-", $database);
$search = array("-", ".rrd", $optionc);
$replace = array(" :: ", "", $friendly);
+
switch($curcat) {
case "system":
- $optionc = str_replace($search, $replace, $optionc[1]);
- echo "<option value=\"$optionc\"";
- $prettyprint = ucwords(str_replace($search, $replace, $optionc));
+ $optioncf = str_replace($search, $replace, $optionc[1]);
+ echo "<option value=\"$optioncf\"";
+ $prettyprint = ucwords(str_replace($search, $replace, $optioncf));
break;
default:
/* Deduce a interface if possible and use the description */
@@ -308,65 +374,86 @@ function get_dates($curperiod, $graph) {
?>
</select>
- <?=gettext("Period:");?>
- <select name="period" class="formselect" style="z-index: -10;" onchange="document.form1.submit()">
- <?php
- foreach ($periods as $period => $value) {
- echo "<option value=\"$period\"";
- if ($period == $curperiod) echo " selected";
- echo ">" . htmlspecialchars($value) . "</option>\n";
+ <?
+ if($curcat <> "custom") {
+ ?>
+ <?=gettext("Period:");?>
+ <select name="period" class="formselect" style="z-index: -10;" onchange="document.form1.submit()">
+ <?php
+ foreach ($periods as $period => $value) {
+ echo "<option value=\"$period\"";
+ if ($period == $curperiod) echo " selected";
+ echo ">" . htmlspecialchars($value) . "</option>\n";
+ }
}
?>
-
</select>
-
<?php
- // echo "year $curyear, month $curmonth, week $curweek, day $curday, weekday $curweekday<br>";
- foreach($graphs as $graph) {
- /* check which databases are valid for our category */
- foreach($ui_databases as $curdatabase) {
- if(! preg_match("/($curcat)/i", $curdatabase)) {
- continue;
- }
- $optionc = split("-", $curdatabase);
- $search = array("-", ".rrd", $optionc);
- $replace = array(" :: ", "", $friendly);
- switch($curoption) {
- case "outbound":
- /* only show interfaces with a gateway */
- $optionc = "$optionc[0]";
- if(!interface_has_gateway($optionc)) {
- if(!preg_match("/($optionc)-(quality)/", $curdatabase)) {
+ if($curcat == "custom") {
+ ?>
+ <?=gettext("Start:");?>
+ <input type="text" name="start" class="formfldunknown" length="32" value="<?php echo $start;?>">
+ <?=gettext("End:");?>
+ <input type="text" name="end" class="formfldunknown" length="32" value="<?php echo $now;?>">
+ <input type="submit" name="Submit" value="Go">
+ <?
+ $curdatabase = $curoption;
+ $graph = "custom-$curdatabase";
+ if(in_array($curdatabase, $databases)) {
+ echo "<tr><td colspan=2 class=\"list\">\n";
+ echo "<IMG BORDER='0' name='{$graph}-{$curoption}-{$curdatabase}' ";
+ echo "id='{$graph}-{$curoption}-{$curdatabase}' ALT=\"$prettydb Graph\" ";
+ echo "SRC=\"status_rrd_graph_img.php?start={$start}&amp;end={$end}&amp;database={$curdatabase}&amp;style={$curstyle}&amp;graph={$graph}\" />\n";
+ echo "<br /><hr><br />\n";
+ echo "</td></tr>\n";
+ }
+ } else {
+ foreach($graphs as $graph) {
+ /* check which databases are valid for our category */
+ foreach($ui_databases as $curdatabase) {
+ if(! preg_match("/($curcat)/i", $curdatabase)) {
+ continue;
+ }
+ $optionc = split("-", $curdatabase);
+ $search = array("-", ".rrd", $optionc);
+ $replace = array(" :: ", "", $friendly);
+ switch($curoption) {
+ case "outbound":
+ /* only show interfaces with a gateway */
+ $optionc = "$optionc[0]";
+ if(!interface_has_gateway($optionc)) {
+ if(!preg_match("/($optionc)-(quality)/", $curdatabase)) {
+ continue 2;
+ }
+ }
+ if(! preg_match("/($optionc)[-.]/i", $curdatabase)) {
continue 2;
}
- }
- if(! preg_match("/($optionc)[-.]/i", $curdatabase)) {
- continue 2;
- }
- break;
- case "allgraphs":
- /* make sure we do not show the placeholder databases in the all view */
- if((stristr($curdatabase, "outbound")) || (stristr($curdatabase, "allgraphs"))) {
- continue 2;
- }
- break;
- default:
- /* just use the name here */
- if(! preg_match("/($curoption)[-.]/i", $curdatabase)) {
- continue 2;
- }
- }
- if(in_array($curdatabase, $databases)) {
- $dates = get_dates($curperiod, $graph);
- $start = $dates['start'];
- $end = $dates['end'];
- echo "<tr><td colspan=2 class=\"list\">\n";
- echo "<IMG BORDER='0' name='{$graph}-{$curoption}-{$curdatabase}' ";
- echo "id='{$graph}-{$curoption}-{$curdatabase}' ALT=\"$prettydb Graph\" ";
- echo "SRC=\"status_rrd_graph_img.php?start={$start}&amp;end={$end}&amp;database={$curdatabase}&amp;style={$curstyle}&amp;graph={$graph}\" />\n";
- echo "<br /><hr><br />\n";
- echo "</td></tr>\n";
+ break;
+ case "allgraphs":
+ /* make sure we do not show the placeholder databases in the all view */
+ if((stristr($curdatabase, "outbound")) || (stristr($curdatabase, "allgraphs"))) {
+ continue 2;
+ }
+ break;
+ default:
+ /* just use the name here */
+ if(! preg_match("/($curoption)[-.]/i", $curdatabase)) {
+ continue 2;
+ }
+ }
+ if(in_array($curdatabase, $databases)) {
+ $dates = get_dates($curperiod, $graph);
+ $start = $dates['start'];
+ $end = $dates['end'];
+ echo "<tr><td colspan=2 class=\"list\">\n";
+ echo "<IMG BORDER='0' name='{$graph}-{$curoption}-{$curdatabase}' ";
+ echo "id='{$graph}-{$curoption}-{$curdatabase}' ALT=\"$prettydb Graph\" ";
+ echo "SRC=\"status_rrd_graph_img.php?start={$start}&amp;end={$end}&amp;database={$curdatabase}&amp;style={$curstyle}&amp;graph={$graph}\" />\n";
+ echo "<br /><hr><br />\n";
+ echo "</td></tr>\n";
+ }
}
}
}
diff --git a/usr/local/www/status_rrd_graph_img.php b/usr/local/www/status_rrd_graph_img.php
index 567d272..c559d3d 100644
--- a/usr/local/www/status_rrd_graph_img.php
+++ b/usr/local/www/status_rrd_graph_img.php
@@ -3,7 +3,7 @@
/*
status_rrd_graph_img.php
Part of pfSense
- Copyright (C) 2009 Seth Mos <seth.mos@xs4all.nl>
+ Copyright (C) 2009 Seth Mos <seth.mos@dds.nl>
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -28,7 +28,7 @@
POSSIBILITY OF SUCH DAMAGE.
*/
/*
- pfSense_BUILDER_BINARIES: /usr/bin/find /bin/rm /usr/local/bin/rrdtool
+ pfSense_BUILDER_BINARIES: /bin/rm /usr/local/bin/rrdtool
pfSense_MODULE: system
*/
@@ -40,7 +40,7 @@ require_once("rrd.inc");
$pgtitle = array("System","RRD Graphs","Image viewer");
if ($_GET['database']) {
- $curdatabase = $_GET['database'];
+ $curdatabase = basename($_GET['database']);
} else {
$curdatabase = "wan-traffic.rrd";
}
@@ -146,8 +146,9 @@ $havg = timeDiff($average, $defOptions);
$hperiod = timeDiff($seconds, $defOptions);
$data = true;
-/* XXX: (billm) do we have an exec() type function that does this type of thing? */
-exec("cd $rrddbpath;/usr/bin/find -name *.rrd", $databases);
+$rrddbpath = "/var/db/rrd/";
+chdir($rrddbpath);
+$databases = glob("*.rrd");
rsort($databases);
/* compare bytes/sec counters, divide bps by 8 */
@@ -205,6 +206,7 @@ if(file_exists($rrdcolors)) {
$colorwireless = array('333333','a83c3c','999999');
$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066');
$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600');
+ $colorvpnusers = array('990000');
}
switch ($curstyle) {
@@ -570,6 +572,25 @@ elseif((strstr($curdatabase, "-wireless.rrd")) && (file_exists("$rrddbpath$curda
$graphcmd .= "COMMENT:\"\\n\" ";
$graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" ";
}
+elseif((strstr($curdatabase, "-vpnusers.rrd")) && (file_exists("$rrddbpath$curdatabase"))) {
+ /* define graphcmd for vpn users stats */
+ $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png ";
+ $graphcmd .= "--start $start --end $end ";
+ $graphcmd .= "--vertical-label \"users\" ";
+ $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee ";
+ $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" ";
+ $graphcmd .= "--height 200 --width 620 ";
+ $graphcmd .= "DEF:\"$curif-users=$rrddbpath$curdatabase:users:AVERAGE\" ";
+ $graphcmd .= "LINE2:\"$curif-users#{$colorvpnusers[0]}:$curif-users\" ";
+ $graphcmd .= "COMMENT:\"\\n\" ";
+ $graphcmd .= "COMMENT:\"\t\t\t maximum\t\t average\t current\\n\" ";
+ $graphcmd .= "COMMENT:\"Users Online\t\" ";
+ $graphcmd .= "GPRINT:\"$curif-users:MAX:%7.2lf \" ";
+ $graphcmd .= "GPRINT:\"$curif-users:AVERAGE:%7.2lf \" ";
+ $graphcmd .= "GPRINT:\"$curif-users:LAST:%7.2lf \" ";
+ $graphcmd .= "COMMENT:\"\\n\" ";
+ $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" ";
+}
elseif((strstr($curdatabase, "-states.rrd")) && (file_exists("$rrddbpath$curdatabase"))) {
/* define graphcmd for states stats */
$graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png ";
diff --git a/usr/local/www/status_rrd_graph_settings.php b/usr/local/www/status_rrd_graph_settings.php
index d1398c4..b173e00 100755
--- a/usr/local/www/status_rrd_graph_settings.php
+++ b/usr/local/www/status_rrd_graph_settings.php
@@ -3,7 +3,7 @@
/*
status_rrd_graph.php
Part of pfSense
- Copyright (C) 2007 Seth Mos <seth.mos@xs4all.nl>
+ Copyright (C) 2007 Seth Mos <seth.mos@dds.nl>
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -77,9 +77,11 @@ if ($_POST) {
}
}
+
+
$rrddbpath = "/var/db/rrd/";
-/* XXX: (billm) do we have an exec() type function that does this type of thing? */
-exec("cd $rrddbpath;/usr/bin/find -name *.rrd", $databases);
+chdir($rrddbpath);
+$databases = glob("*.rrd");
foreach($databases as $database) {
if(stristr($database, "wireless")) {
@@ -91,6 +93,9 @@ foreach($databases as $database) {
if(stristr($database, "cellular")) {
$cellular = true;
}
+ if(stristr($database, "-vpnusers")) {
+ $vpnusers = true;
+ }
}
$pgtitle = array("Status","RRD Graphs");
@@ -106,32 +111,39 @@ include("head.inc");
<tr>
<td>
<?php
- $tab_array = array();
- if($curcat == "system") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("System", $tabactive, "status_rrd_graph.php?cat=system");
- if($curcat == "traffic") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("Traffic", $tabactive, "status_rrd_graph.php?cat=traffic");
- if($curcat == "packets") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("Packets", $tabactive, "status_rrd_graph.php?cat=packets");
- if($curcat == "quality") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("Quality", $tabactive, "status_rrd_graph.php?cat=quality");
+ $tab_array = array();
+ if($curcat == "system") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("System", $tabactive, "status_rrd_graph.php?cat=system");
+ if($curcat == "traffic") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("Traffic", $tabactive, "status_rrd_graph.php?cat=traffic");
+ if($curcat == "packets") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("Packets", $tabactive, "status_rrd_graph.php?cat=packets");
+ if($curcat == "quality") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("Quality", $tabactive, "status_rrd_graph.php?cat=quality");
if($queues) {
- if($curcat == "queues") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("Queues", $tabactive, "status_rrd_graph.php?cat=queues");
+ if($curcat == "queues") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("Queues", $tabactive, "status_rrd_graph.php?cat=queues");
if($curcat == "queuedrops") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("QueueDrops", $tabactive, "status_rrd_graph.php?cat=queuedrops");
+ $tab_array[] = array("QueueDrops", $tabactive, "status_rrd_graph.php?cat=queuedrops");
}
if($wireless) {
- if($curcat == "wireless") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("Wireless", $tabactive, "status_rrd_graph.php?cat=wireless");
+ if($curcat == "wireless") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("Wireless", $tabactive, "status_rrd_graph.php?cat=wireless");
}
if($cellular) {
if($curcat == "cellular") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("Cellular", $tabactive, "status_rrd_graph.php?cat=cellular");
+ $tab_array[] = array("Cellular", $tabactive, "status_rrd_graph.php?cat=cellular");
+ }
+ if($vpnusers) {
+ if($curcat == "vpnusers") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("VPN", $tabactive, "status_rrd_graph.php?cat=vpnusers");
}
- if($curcat == "settings") { $tabactive = True; } else { $tabactive = False; }
- $tab_array[] = array("Settings", $tabactive, "status_rrd_graph_settings.php");
- display_top_tabs($tab_array);
+ if($curcat == "custom") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("Custom", $tabactive, "status_rrd_graph.php?cat=custom");
+ if($curcat == "settings") { $tabactive = True; } else { $tabactive = False; }
+ $tab_array[] = array("Settings", $tabactive, "status_rrd_graph_settings.php");
+
+ display_top_tabs($tab_array);
?>
</td>
</tr>
diff --git a/usr/local/www/status_upnp.php b/usr/local/www/status_upnp.php
index 024633f..e5908d3 100644
--- a/usr/local/www/status_upnp.php
+++ b/usr/local/www/status_upnp.php
@@ -4,7 +4,7 @@
status_upnp.php
part of pfSense (http://www.pfsense.com/)
- Copyright (C) 2006 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/status_wireless.php b/usr/local/www/status_wireless.php
index 751810a..0ec7e6a 100755
--- a/usr/local/www/status_wireless.php
+++ b/usr/local/www/status_wireless.php
@@ -50,8 +50,10 @@ if(empty($if)) {
/* Find the first interface
that is wireless */
foreach($ciflist as $interface => $ifdescr) {
- if(is_interface_wireless(get_real_interface($interface)))
+ if(is_interface_wireless(get_real_interface($interface))) {
$if = $interface;
+ break;
+ }
}
}
?>
diff --git a/usr/local/www/system_advanced_misc.php b/usr/local/www/system_advanced_misc.php
index 41f0979..1bdefe9 100644
--- a/usr/local/www/system_advanced_misc.php
+++ b/usr/local/www/system_advanced_misc.php
@@ -224,7 +224,7 @@ include("head.inc");
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Security Assocications"); ?></td>
<td width="78%" class="vtable">
- <input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if ($pconfig['preferoldsa_enable']) echo "checked"; ?> />
+ <input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if (isset($pconfig['preferoldsa_enable'])) echo "checked"; ?> />
<strong><?=gettext("Prefer older IPsec SAs"); ?></strong>
<br />
<?=gettext("By default, if several SAs match, the newest one is " .
diff --git a/usr/local/www/system_advanced_notifications.php b/usr/local/www/system_advanced_notifications.php
index cdd8b2d..0ee67c7 100644
--- a/usr/local/www/system_advanced_notifications.php
+++ b/usr/local/www/system_advanced_notifications.php
@@ -111,13 +111,13 @@ if ($_POST) {
if($config['notifications']['growl']['ipaddress'] &&
$config['notifications']['growl']['password'] = $_POST['password']) {
register_via_growl();
- notify_via_growl(gettext("This is a test message form pfSense. It is safe to ignore this message."));
+ notify_via_growl(gettext("This is a test message from pfSense. It is safe to ignore this message."));
}
// Send test message via smtp
if(file_exists("/var/db/notices_lastmsg.txt"))
unlink("/var/db/notices_lastmsg.txt");
- $savemsg = notify_via_smtp(gettext("This is a test message form pfSense. It is safe to ignore this message."));
+ $savemsg = notify_via_smtp(gettext("This is a test message from pfSense. It is safe to ignore this message."));
pfSenseHeader("system_advanced_notifications.php");
exit;
diff --git a/usr/local/www/system_gateway_groups.php b/usr/local/www/system_gateway_groups.php
index 43dfea7..f767aff 100755
--- a/usr/local/www/system_gateway_groups.php
+++ b/usr/local/www/system_gateway_groups.php
@@ -4,7 +4,7 @@
system_gateway_groups.php
part of pfSense (http://pfsense.com)
- Copyright (C) 2007 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/system_gateway_groups_edit.php b/usr/local/www/system_gateway_groups_edit.php
index 1a504c5..268a5da 100755
--- a/usr/local/www/system_gateway_groups_edit.php
+++ b/usr/local/www/system_gateway_groups_edit.php
@@ -4,7 +4,7 @@
system_gateway_groups_edit.php
part of pfSense (http://pfsense.com)
- Copyright (C) 2007 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/system_gateways.php b/usr/local/www/system_gateways.php
index 82004a7..d789d76 100755
--- a/usr/local/www/system_gateways.php
+++ b/usr/local/www/system_gateways.php
@@ -4,7 +4,7 @@
system_gateways.php
part of pfSense (http://pfsense.com)
- Copyright (C) 2007 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/system_gateways_edit.php b/usr/local/www/system_gateways_edit.php
index 98d1e81..e679b90 100755
--- a/usr/local/www/system_gateways_edit.php
+++ b/usr/local/www/system_gateways_edit.php
@@ -4,7 +4,7 @@
system_gateways_edit.php
part of pfSense (http://pfsense.com)
- Copyright (C) 2007 Seth Mos <seth.mos@xs4all.nl>.
+ Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>.
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff --git a/usr/local/www/system_groupmanager.php b/usr/local/www/system_groupmanager.php
index a167790..37c5ec3 100644
--- a/usr/local/www/system_groupmanager.php
+++ b/usr/local/www/system_groupmanager.php
@@ -152,10 +152,12 @@ if ($_POST) {
local_group_set($group);
/* Refresh users in this group since their privileges may have changed. */
- $a_user = &$config['system']['user'];
- foreach ($a_user as & $user) {
- if (in_array($user['uid'], $group['member']))
- local_user_set($user);
+ if (is_array($group['member'])) {
+ $a_user = &$config['system']['user'];
+ foreach ($a_user as & $user) {
+ if (in_array($user['uid'], $group['member']))
+ local_user_set($user);
+ }
}
write_config();
@@ -410,8 +412,11 @@ function presubmit() {
$grpimg = "/themes/{$g['theme']}/images/icons/icon_system-group-grey.png";
else
$grpimg = "/themes/{$g['theme']}/images/icons/icon_system-group.png";
+ $groupcount = count($group['member']);
+ if ($group["name"] == "all")
+ $groupcount = count($config['system']['user']);
?>
- <tr>
+ <tr ondblclick="document.location='system_groupmanager.php?act=edit&id=<?=$i;?>'">
<td class="listlr">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
@@ -429,7 +434,7 @@ function presubmit() {
<?=htmlspecialchars($group['description']);?>&nbsp;
</td>
<td class="listbg">
- <?=count($group['member'])?>
+ <?=$groupcount;?>
</td>
<td valign="middle" nowrap class="list">
<a href="system_groupmanager.php?act=edit&id=<?=$i;?>">
diff --git a/usr/local/www/system_usermanager_settings.php b/usr/local/www/system_usermanager_settings.php
index 352d5cc..0a52028 100755
--- a/usr/local/www/system_usermanager_settings.php
+++ b/usr/local/www/system_usermanager_settings.php
@@ -136,8 +136,6 @@ if(!$pconfig['backend'])
<?php
$auth_servers = auth_get_authserver_list();
foreach ($auth_servers as $auth_server):
- if ($auth_server['type'] == 'radius')
- continue;
$selected = "";
if ($auth_server['name'] == $pconfig['authmode'])
$selected = "selected";
diff --git a/usr/local/www/themes/code-red/rrdcolors.inc.php b/usr/local/www/themes/code-red/rrdcolors.inc.php
index cbd6a8d..1ab0fd0 100755
--- a/usr/local/www/themes/code-red/rrdcolors.inc.php
+++ b/usr/local/www/themes/code-red/rrdcolors.inc.php
@@ -46,5 +46,6 @@ $colorqualityloss = "ee0000";
$colorwireless = array('990000','a83c3c','b36666');
$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066');
$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600');
+$colorvpnusers = array('990000');
?>
diff --git a/usr/local/www/themes/metallic/rrdcolors.inc.php b/usr/local/www/themes/metallic/rrdcolors.inc.php
index e3153fd..8e74545 100644
--- a/usr/local/www/themes/metallic/rrdcolors.inc.php
+++ b/usr/local/www/themes/metallic/rrdcolors.inc.php
@@ -46,5 +46,6 @@ $colorqualityloss = "ee0000";
$colorwireless = array('333333','a83c3c','999999');
$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066');
$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600');
+$colorvpnusers = array('990000');
?>
diff --git a/usr/local/www/themes/nervecenter/rrdcolors.inc.php b/usr/local/www/themes/nervecenter/rrdcolors.inc.php
index e3153fd..8e74545 100644
--- a/usr/local/www/themes/nervecenter/rrdcolors.inc.php
+++ b/usr/local/www/themes/nervecenter/rrdcolors.inc.php
@@ -46,5 +46,6 @@ $colorqualityloss = "ee0000";
$colorwireless = array('333333','a83c3c','999999');
$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066');
$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600');
+$colorvpnusers = array('990000');
?>
diff --git a/usr/local/www/themes/pfsense-dropdown/rrdcolors.inc.php b/usr/local/www/themes/pfsense-dropdown/rrdcolors.inc.php
index e3153fd..8e74545 100644
--- a/usr/local/www/themes/pfsense-dropdown/rrdcolors.inc.php
+++ b/usr/local/www/themes/pfsense-dropdown/rrdcolors.inc.php
@@ -46,5 +46,6 @@ $colorqualityloss = "ee0000";
$colorwireless = array('333333','a83c3c','999999');
$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066');
$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600');
+$colorvpnusers = array('990000');
?>
diff --git a/usr/local/www/themes/pfsense/rrdcolors.inc.php b/usr/local/www/themes/pfsense/rrdcolors.inc.php
index e3153fd..8e74545 100644
--- a/usr/local/www/themes/pfsense/rrdcolors.inc.php
+++ b/usr/local/www/themes/pfsense/rrdcolors.inc.php
@@ -46,5 +46,6 @@ $colorqualityloss = "ee0000";
$colorwireless = array('333333','a83c3c','999999');
$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066');
$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600');
+$colorvpnusers = array('990000');
?>
diff --git a/usr/local/www/themes/pfsense_ng/rrdcolors.inc.php b/usr/local/www/themes/pfsense_ng/rrdcolors.inc.php
index e3153fd..8e74545 100644
--- a/usr/local/www/themes/pfsense_ng/rrdcolors.inc.php
+++ b/usr/local/www/themes/pfsense_ng/rrdcolors.inc.php
@@ -46,5 +46,6 @@ $colorqualityloss = "ee0000";
$colorwireless = array('333333','a83c3c','999999');
$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066');
$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600');
+$colorvpnusers = array('990000');
?>
diff --git a/usr/local/www/themes/the_wall/rrdcolors.inc.php b/usr/local/www/themes/the_wall/rrdcolors.inc.php
index e3153fd..8e74545 100644
--- a/usr/local/www/themes/the_wall/rrdcolors.inc.php
+++ b/usr/local/www/themes/the_wall/rrdcolors.inc.php
@@ -46,5 +46,6 @@ $colorqualityloss = "ee0000";
$colorwireless = array('333333','a83c3c','999999');
$colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066');
$colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600');
+$colorvpnusers = array('990000');
?>
diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php
index 6e1e242..5daa29a 100755
--- a/usr/local/www/xmlrpc.php
+++ b/usr/local/www/xmlrpc.php
@@ -229,6 +229,8 @@ function filter_configure_xmlrpc($raw_params) {
require_once("openvpn.inc");
openvpn_resync_all();
services_dhcpd_configure();
+ services_dnsmasq_configure();
+ local_sync_accounts();
return $xmlrpc_g['return']['true'];
}
OpenPOWER on IntegriCloud