diff options
| author | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-05-23 15:57:23 -0300 |
|---|---|---|
| committer | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-05-23 15:57:23 -0300 |
| commit | 45d4b71e070a52bec9e14a82d2656f0e7af07ba1 (patch) | |
| tree | d238e7d6506d339c6da27c3a9e56e407c1b869c1 | |
| parent | d21d6e2090c6701041b8555cdaca9ad2c949d4f1 (diff) | |
| parent | 7a18dfa4ed218ad7b114d9cd52c008a76c811614 (diff) | |
| download | pfsense-45d4b71e070a52bec9e14a82d2656f0e7af07ba1.zip pfsense-45d4b71e070a52bec9e14a82d2656f0e7af07ba1.tar.gz | |
Merge remote-tracking branch 'mainline/master' into inc
41 files changed, 648 insertions, 313 deletions
@@ -1 +1,2 @@ .DS_Store +_notes/ diff --git a/conf.default/config.xml b/conf.default/config.xml index 8b4a6b3..b291c38 100644 --- a/conf.default/config.xml +++ b/conf.default/config.xml @@ -1,7 +1,7 @@ <?xml version="1.0"?> <!-- pfSense default system configuration --> <pfsense> - <version>7.6</version> + <version>7.8</version> <lastchange></lastchange> <theme>pfsense_ng</theme> <sysctl> diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index 357ac05..3595f45 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -369,6 +369,25 @@ function cert_get_issuer($str_crt, $decode = true) { return $issuer; } +/* this function works on x509 (crt), rsa key (prv), and req(csr) */ +function cert_get_modulus($str_crt, $decode = true, $type = "crt"){ + if ($decode) + $str_crt = base64_decode($str_crt); + + $modulus = ""; + if ( in_array($type, array("crt", "prv", "csr")) ) { + $type = str_replace( array("crt","prv","csr"), array("x509","rsa","req"), $type); + $modulus = exec("echo \"{$str_crt}\" | openssl {$type} -noout -modulus"); + } + return $modulus; +} +function csr_get_modulus($str_crt, $decode = true){ + return cert_get_modulus($str_crt, $decode, "csr"); +} +function prv_get_modulus($str_crt, $decode = true){ + return cert_get_modulus($str_crt, $decode, "prv"); +} + function is_user_cert($certref) { global $config; if (!is_array($config['system']['user'])) diff --git a/etc/inc/dyndns.class b/etc/inc/dyndns.class index dcde894..150dedc 100644 --- a/etc/inc/dyndns.class +++ b/etc/inc/dyndns.class @@ -18,6 +18,7 @@ * - DNSexit (dnsexit.com) * - OpenDNS (opendns.com) * - Namecheap (namecheap.com) + * - HE.net (dns.he.net) * +----------------------------------------------------+ * Requirements: * - PHP version 4.0.2 or higher with CURL Library @@ -49,6 +50,7 @@ * DNSexit - Last Tested: 20 July 2008 * OpenDNS - Last Tested: 4 August 2008 * Namecheap - Last Tested: 31 August 2010 + * HE.net - Last Tested: NEVER * +====================================================+ * * @author E.Kristensen @@ -152,6 +154,7 @@ case 'dnsexit': case 'opendns': case 'namecheap': + case 'he-net': $this->_update(); break; default: @@ -434,6 +437,19 @@ if (@curl_error($ch)) log_error("Curl error occurred: " . curl_error($ch)); curl_close($ch); $this->_checkStatus($data); + break; + case 'he-net': + $needsIP = FALSE; + log_error("HE.net: DNS update() starting."); + $server = "https://dyn.dns.he.net/nic/update?"; + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); + curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsHost . ':' . $this->_dnsPass); + curl_setopt($ch, CURLOPT_URL, $server . 'hostname=' . $this->_dnsHost); + $data = curl_exec($ch); + if(@curl_error($ch)) log_error("Curl error occurred: " . curl_error($ch)); + curl_close($ch); + $this->_checkStatus($data); + break; default: break; } @@ -754,6 +770,26 @@ $this->_debug($data); } break; + + case 'he-net': + if (preg_match("/badip/i", $data)) { + $status = "phpDynDNS: (Error) Bad Request - The IP provided was invalid."; + } else if (preg_match('/nohost/i', $data)) { + $status = "phpDynDNS: (Error) Bad Request - A hostname was not provided."; + } else if (preg_match('/badauth/i', $data)) { + $status = "phpDynDNS: (Error) Invalid username or password."; + } else if (preg_match('/good/i', $data)) { + $status = "phpDynDNS: (Success) IP Address Updated Successfully!"; + $successful_update = true; + } else if (preg_match('/nochg/i', $data)) { + $status = "phpDynDNS: (Success) No Change In IP Address."; + $successful_update = true; + } else { + $status = "phpDynDNS: (Unknown Response)"; + log_error("phpDynDNS: PAYLOAD: {$data}"); + $this->_debug($data); + } + break; } if($successful_update == true) { diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index edff4d5..1cabd29 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -533,7 +533,7 @@ function filter_generate_aliases() { /* Setup pf groups */ if(isset($config['aliases']['alias'])) { foreach ($config['aliases']['alias'] as $aliased) { - $extraalias = ""; + $extralias = ""; /* * XXX: i am not sure what this does so i am commenting it out for now, because as it is * its quite dangerous! @@ -543,7 +543,10 @@ function filter_generate_aliases() { $aliasnesting = array(); $aliasaddrnesting = array(); $addrlist = filter_generate_nested_alias($aliased['name'], $aliased['address'], $aliasnesting, $aliasaddrnesting); - if($aliased['type'] == "host" || $aliased['type'] == "network" || $aliased['type'] == "url") { + switch ($aliased['type']) { + case "host": + case "network": + case "url": $tableaddrs = "{$addrlist}{$extralias}"; if(empty($tableaddrs)) $aliases .= "table <{$aliased['name']}> persist\n"; @@ -551,7 +554,8 @@ function filter_generate_aliases() { $aliases .= "table <{$aliased['name']}> { {$addrlist}{$extralias} } \n"; $aliases .= "{$aliased['name']} = \"<{$aliased['name']}>\"\n"; - } else if($aliased['type'] == "openvpn") { + break; + case "openvpn": $openvpncfg = array(); if($config['openvpn']['user']) { /* XXX: Check if we have a correct ip? */ @@ -571,14 +575,21 @@ function filter_generate_aliases() { } $aliases .= "table <{$aliased['name']}> { {$newaddress}{$extralias} } \n"; $aliases .= "{$aliased['name']} = \"<{$aliased['name']}>\"\n"; - } elseif($aliased['type'] == "urltable") { + break; + case "urltable": $urlfn = alias_expand_urltable($aliased['name']); if ($urlfn) { $aliases .= "table <{$aliased['name']}> persist file \"{$urlfn}\"\n"; $aliases .= "{$aliased['name']} = \"<{$aliased['name']}>\"\n"; } - } else + break; + case "port": + $aliases .= "{$aliased['name']} = \"{ {$addrlist} }\"\n"; + break; + default: $aliases .= "{$aliased['name']} = \"{ {$aliased['address']}{$extralias} }\"\n"; + break; + } } } $result = "{$alias} \n"; diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 2168765..7037933 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -91,7 +91,7 @@ $g = array( "disablecrashreporter" => false, "crashreporterurl" => "http://crashreporter.pfsense.org/crash_reporter.php", "debug" => false, - "latest_config" => "7.7", + "latest_config" => "7.8", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "101", "minimum_ram_warning_text" => "128 MB", diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index d2aaa39..f5c35ca 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -367,6 +367,7 @@ function return_gateway_groups_array() { $gateways_arr = return_gateways_array(); $gateway_groups_array = array(); + if (0) { /* * NOTE: The code below is meant to replace the default gateway when it goes down. * This facilitates services running on pfSense itself and are not handled by a PBR to continue working. @@ -400,6 +401,7 @@ function return_gateway_groups_array() { } } unset($upgw, $dfltgwfound, $dfltgwdown, $gwname, $gwsttng); + } if (is_array($config['gateways']['gateway_group'])) { foreach($config['gateways']['gateway_group'] as $group) { diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 3f3b02d..1858be4 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -932,9 +932,9 @@ function interfaces_configure() { return 0; } -function interface_reconfigure($interface = "wan") { +function interface_reconfigure($interface = "wan", $reloadall = false) { interface_bring_down($interface); - interface_configure($interface, true); + interface_configure($interface, $reloadall); } function interface_vip_bring_down($vip) { diff --git a/etc/inc/notices.inc b/etc/inc/notices.inc index a35d148..314473d 100644 --- a/etc/inc/notices.inc +++ b/etc/inc/notices.inc @@ -295,7 +295,7 @@ function notify_via_smtp($message) { $smtp->host_port = empty($config['notifications']['smtp']['port']) ? 25 : $config['notifications']['smtp']['port']; $smtp->direct_delivery = 0; - $smtp->ssl = 0; + $smtp->ssl = ($config['notifications']['smtp']['ssl'] == "checked") ? 1 : 0; $smtp->debug = 0; $smtp->html_debug = 0; $smtp->localhost=$config['system']['hostname'].".".$config['system']['domain']; diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index a6a9c58..b2897dd 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -708,14 +708,14 @@ function call_pfsense_method($method, $params, $timeout = 0) { $proxyport = 0; $proxyuser = ""; $proxypass = ""; - if (!empty($config['system']['httpproxy'])) - $proxyurl = $config['system']['httpproxy']; - if (!empty($config['system']['httpproxyport']) && is_numeric($config['system']['httpproxyport'])) - $proxyport = $config['system']['httpproxyport']; - if (!empty($config['system']['httpproxyuser'])) - $proxyuser = $config['system']['httpproxyuser']; - if (!empty($config['system']['httpproxypass'])) - $proxypass = $config['system']['httpproxypass']; + if (!empty($config['system']['proxyurl'])) + $proxyurl = $config['system']['proxyurl']; + if (!empty($config['system']['proxyport']) && is_numeric($config['system']['proxyport'])) + $proxyport = $config['system']['proxyport']; + if (!empty($config['system']['proxyuser'])) + $proxyuser = $config['system']['proxyuser']; + if (!empty($config['system']['proxypass'])) + $proxypass = $config['system']['proxypass']; $cli = new XML_RPC_Client($xmlrpc_path, $xmlrpc_base_url, $port, $proxyurl, $proxyport, $proxyuser, $proxypass); // If the ALT PKG Repo has a username/password set, use it. if($config['system']['altpkgrepo']['username'] && @@ -1471,7 +1471,7 @@ function download_file_with_progress_bar($url_file, $destination_file, $readbody curl_setopt($ch, CURLOPT_PROXYPORT, $config['system']['proxyport']); if (!empty($config['system']['proxyuser']) && !empty($config['system']['proxypass'])) { @curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_ANY | CURLAUTH_ANYSAFE); - curl_setopt($ch, CURLOPT_PROXYUSERPASS, "{$config['system']['proxyuser']}:{$config['system']['proxypass']}"); + curl_setopt($ch, CURLOPT_PROXYUSERPWD, "{$config['system']['proxyuser']}:{$config['system']['proxypass']}"); } } @@ -2181,4 +2181,30 @@ function filter_rules_compare($a, $b) { return compare_interface_friendly_names($a['interface'], $b['interface']); } +/****f* pfsense-utils/load_mac_manufacturer_table + * NAME + * load_mac_manufacturer_table + * INPUTS + * none + * RESULT + * returns associative array with MAC-Manufacturer pairs + ******/ +function load_mac_manufacturer_table() { + /* load MAC-Manufacture data from the file */ + $macs = false; + if (file_exists("/usr/local/share/nmap/nmap-mac-prefixes")) + $macs=file("/usr/local/share/nmap/nmap-mac-prefixes"); + if ($macs){ + foreach ($macs as $line){ + if (preg_match('/([0-9A-Fa-f]{6}) (.*)$/', $line, $matches)){ + /* store values like this $mac_man['000C29']='VMware' */ + $mac_man["$matches[1]"]=$matches[2]; + } + } + return $mac_man; + } else + return -1; + +} + ?> diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 1535e8a..1798f85 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -42,6 +42,7 @@ require_once("globals.inc"); require_once("xmlrpc.inc"); +require_once("service-utils.inc"); if(file_exists("/cf/conf/use_xmlreader")) require_once("xmlreader.inc"); else @@ -324,6 +325,8 @@ function uninstall_package($pkg_name) { } } + stop_service($pkg_name); + $id = get_pkg_id($pkg_name); if ($id >= 0) { $pkg_depends =& $config['installedpackages']['package'][$id]['depends_on_package']; @@ -892,7 +895,7 @@ function delete_package($pkg) { } function delete_package_xml($pkg) { - global $g, $config, $static_output, $pkg_interface; + global $g, $config, $static_output, $pkg_interface, $rcfileprefix; conf_mount_rw(); @@ -964,6 +967,13 @@ function delete_package_xml($pkg) { if($instservice['name'] == $service['name']) { if($g['booting'] != true) stop_service($service['name']); + if($service['rcfile']) { + $prefix = $rcfileprefix; + if (!empty($service['prefix'])) + $prefix = $service['prefix']; + if (file_exists("{$prefix}{$service['rcfile']}")) + @unlink("{$prefix}{$service['rcfile']}"); + } unset($services[$key]); } } diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc index 0a806c3..cb6f321 100644 --- a/etc/inc/rrd.inc +++ b/etc/inc/rrd.inc @@ -742,42 +742,7 @@ function enable_rrd_graphing() { $rrdupdatesh .= "# polling Captive Portal for number of logged in users\n"; $rrdupdatesh .= "CP=`$php -q $captiveportal_gather loggedin`\n"; $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportalloggedin \${CP}\n"; - - $ifname= "captiveportal"; - if (!file_exists("$rrddbpath$ifname$captiveportaltotalusers")) { - $rrdcreate = "$rrdtool create $rrddbpath$ifname$captiveportaltotalusers --step $rrdcaptiveportalinterval "; - $rrdcreate .= "DS:totalusers:GAUGE:$captiveportalvalid:0:10000 "; - $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 "; - $rrdcreate .= "RRA:AVERAGE:0.5:5:1100 "; - $rrdcreate .= "RRA:AVERAGE:0.5:60:1175 "; - $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 "; - $rrdcreate .= "RRA:MIN:0.5:1:1000 "; - $rrdcreate .= "RRA:MIN:0.5:5:1100 "; - $rrdcreate .= "RRA:MIN:0.5:60:1175 "; - $rrdcreate .= "RRA:MIN:0.5:720:3000 "; - $rrdcreate .= "RRA:MAX:0.5:1:1000 "; - $rrdcreate .= "RRA:MAX:0.5:5:1100 "; - $rrdcreate .= "RRA:MAX:0.5:60:1175 "; - $rrdcreate .= "RRA:MAX:0.5:720:3000 "; - $rrdcreate .= "RRA:LAST:0.5:1:1000 "; - $rrdcreate .= "RRA:LAST:0.5:5:1100 "; - $rrdcreate .= "RRA:LAST:0.5:60:1175 "; - $rrdcreate .= "RRA:LAST:0.5:720:3000 "; - create_new_rrd($rrdcreate); - } - - /* enter UNKNOWN values in the RRD so it knows we rebooted. */ - if($g['booting']) { - mwexec("$rrdtool update $rrddbpath$ifname$captiveportaltotalusers N:U"); - } - - /* the Captive Portal stats gathering function. */ - $rrdupdatesh .= "\n"; - $rrdupdatesh .= "# polling Captive Portal for number of concurrent users\n"; - $rrdupdatesh .= "CP=`$php -q $captiveportal_gather total`\n"; - $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportaltotalusers \${CP}\n"; - } $rrdupdatesh .= "sleep 60\n"; diff --git a/etc/inc/service-utils.inc b/etc/inc/service-utils.inc index 895eb57..57b1719 100644 --- a/etc/inc/service-utils.inc +++ b/etc/inc/service-utils.inc @@ -82,6 +82,9 @@ function start_service($name) { global $config; global $rcfileprefix; + if (empty($name)) + return; + /* make sure service is stopped before starting */ stop_service($name); sleep(2); @@ -114,6 +117,9 @@ function stop_service($name) { global $config; global $rcfileprefix; + if (empty($name)) + return; + if ($config['installedpackages']['service']) { foreach($config['installedpackages']['service'] as $service) { if(strtolower($service['name']) == strtolower($name)) { @@ -122,7 +128,10 @@ function stop_service($name) { if(!empty($service['prefix'])) { $prefix =& $service['prefix']; } - mwexec_bg("{$prefix}{$service['rcfile']} stop"); + if(file_exists("{$prefix}{$service['rcfile']}")) { + mwexec_bg("{$prefix}{$service['rcfile']} stop"); + } + return; } if (!empty($service['stopcmd'])) eval($service['stopcmd']); @@ -144,6 +153,9 @@ function stop_service($name) { function restart_service($name) { global $config; + if (empty($name)) + return; + stop_service($name); start_service($name); diff --git a/etc/inc/services.inc b/etc/inc/services.inc index 291b2b5..df0914c 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -557,7 +557,7 @@ function services_dhcrelay_configure() { foreach($route_str as $routeline) { $items = preg_split("/[ ]+/i", $routeline); if (ip_in_subnet($srvip, $items[0])) { - $destif = trim($items[2]); + $destif = trim($items[6]); break; } } diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index b3d7bf6..60490aa 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -1804,13 +1804,26 @@ function upgrade_053_to_054() { $lbpool_srv_arr = array(); $gateway_group_arr = array(); $gateways = return_gateways_array(); + $group_name_changes = array(); if (! is_array($config['gateways']['gateway_item'])) $config['gateways']['gateway_item'] = array(); $a_gateways =& $config['gateways']['gateway_item']; foreach($lbpool_arr as $lbpool) { if($lbpool['type'] == "gateway") { - $gateway_group['name'] = $lbpool['name']; + // Gateway Groups have to have valid names in pf, old lb pools did not. Clean them up. + $group_name = ereg_replace("[^A-Za-z0-9]", "", $lbpool['name'] ); + // If we made and changes, check for collisions and note the change. + if ($group_name != $lbpool['name']) { + // Make sure the name isn't already in use. + foreach ($gateway_group_arr as $gwg) { + // If the name is in use, add some random bits to avoid collision. + if ($gwg['name'] == $group_name) + $group_name .= uniqid(); + } + $group_name_changes[$lbpool['name']] = $group_name; + } + $gateway_group['name'] = $group_name; $gateway_group['descr'] = $lbpool['descr']; $gateway_group['trigger'] = "down"; $gateway_group['item'] = array(); @@ -1855,6 +1868,11 @@ function upgrade_053_to_054() { // Only set the gateway group array if we converted any if (count($gateway_group_arr) != 0) { $config['gateways']['gateway_group'] = $gateway_group_arr; + // Update any rules that had a gateway change, if any. + if (count($group_name_changes) > 0) + foreach ($config['filter']['rule'] as & $rule) + if (!empty($rule["gateway"]) && array_key_exists($rule["gateway"], $group_name_changes)) + $rule["gateway"] = $group_name_changes[$rule["gateway"]]; } } @@ -2455,4 +2473,21 @@ function upgrade_076_to_077() { } } +function upgrade_077_to_078() { + if (is_array($config['pptpd']) && is_array($config['pptpd']['radius']) + && !is_array($config['pptpd']['radius']['server'])) { + $radarr = array(); + $radsvr = array(); + $radsvr['ip'] = $config['pptpd']['radius']['server']; + $radsvr['secret'] = $config['pptpd']['radius']['secret']; + $radsvr['port'] = 1812; + $radsvr['acctport'] = 1813; + $radsvr['enable'] = isset($config['pptpd']['radius']['enable']); + $radarr['accounting'] = isset($config['pptpd']['radius']['accounting']); + if ($radarr['accounting']) + $radarr['acct_update'] = $radsvr['ip']; + $radarr['server'] = $radsvr; + $config['pptpd']['radius'] = $radarr; + } +} ?> diff --git a/etc/inc/util.inc b/etc/inc/util.inc index c1a57cf..b353004 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -473,8 +473,7 @@ function is_validaliasname($name) { $reserved = array("port", "pass"); if (in_array($name, $reserved, true)) return; /* return NULL */ - - if (!preg_match("/[^a-zA-Z0-9_]/", $name)) + if (!preg_match("/[^a-zA-Z0-9_]/", $name) && (strlen($name) < 32)) return true; else return false; diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index fee5d12..3b9f1ba 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -129,7 +129,7 @@ EOF; log_error("CaptivePortalVoucherSync XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); } $toreturn = XML_RPC_Decode($resp->value()); - if(count($toreturn['voucher']['roll']) <> count($config['voucher']['roll'])) { + if (is_array($toreturn['voucher']) && (count($toreturn['voucher']['roll']) <> count($config['voucher']['roll']))) { $config['voucher']['roll'] = $toreturn['voucher']['roll']; write_config("Captive Portal Voucher database synchronized with {$url}"); voucher_configure(true); diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 6311072..455c07d 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -265,7 +265,8 @@ function vpn_ipsec_configure($ipchg = false) break; } - $pskconf .= "{$peerid_data}\t{$ph1ent['pre-shared-key']}\n"; + if (!empty($peerid_data) && !empty($ph1ent['pre-shared-key'])) + $pskconf .= trim($peerid_data) . "\t" . trim($ph1ent['pre-shared-key']) . "\n"; } } diff --git a/etc/phpshellsessions/gitsync b/etc/phpshellsessions/gitsync index 0ff40e1..81ea653 100644 --- a/etc/phpshellsessions/gitsync +++ b/etc/phpshellsessions/gitsync @@ -13,7 +13,7 @@ require_once("pfsense-utils.inc"); conf_mount_rw(); -$GIT_REPO="http://gitweb.pfsense.org/pfsense/mainline.git"; +$GIT_REPO="git://github.com/bsdperimeter/pfsense.git"; $CODIR = "/root/pfsense/"; global $g; diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize index 7039722..6acadc0 100755 --- a/etc/rc.filter_synchronize +++ b/etc/rc.filter_synchronize @@ -321,9 +321,10 @@ if (is_array($config['installedpackages']['carpsettings']['config'])) { if ($carp['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) { $sections[] = 'shaper'; } - if ($carp['synchronizetrafficshaper'] != "") { - if (!is_array($config['l7shaper'])) - $config['l7shaper'] = array(); + if ($carp['synchronizetrafficshaperlimiter'] != "" and is_array($config['dnshaper'])) { + $sections[] = 'dnshaper'; + } + if ($carp['synchronizetrafficshaperlayer7'] != "" and is_array($config['l7shaper'])) { $sections[] = 'l7shaper'; } if ($carp['synchronizestaticroutes'] != "") { diff --git a/etc/rc.initial.setlanip b/etc/rc.initial.setlanip index c1f6ddc..e95acd4 100755 --- a/etc/rc.initial.setlanip +++ b/etc/rc.initial.setlanip @@ -219,7 +219,7 @@ $upperifname = strtoupper($interface); echo "\nPlease wait, saving and activating your changes to {$upperifname}..."; write_config(gettext("{$interface} IP configuration from console menu")); - interface_configure(strtolower($upperifname)); + interface_reconfigure(strtolower($upperifname)); echo " Reloading filter..."; filter_configure_sync(); echo "\n"; diff --git a/etc/rc.linkup b/etc/rc.linkup index 2e8bbcd..ea0fb90 100755 --- a/etc/rc.linkup +++ b/etc/rc.linkup @@ -45,6 +45,8 @@ function handle_argument_group($iface, $argument2) { $iface = get_real_interface($iface); interfaces_bring_up($iface); exec("/usr/sbin/arp -d -i {$iface} -a"); + if ($argument2 == "start" || $argument2 == "up") + send_event("interface newip {$iface}"); } else { switch ($argument2) { case "stop": diff --git a/etc/rc.start_packages b/etc/rc.start_packages index 4025e58..4b78718 100755 --- a/etc/rc.start_packages +++ b/etc/rc.start_packages @@ -1,17 +1,73 @@ -#!/bin/sh +#!/usr/local/bin/php -f +<?php +/* $Id$ */ +/* + rc.start_packages + part of pfSense (http://www.pfSense.com) + Copyright (C) 2004 Scott Ullrich + All rights reserved. -# Set our operating platform -PLATFORM=`cat /etc/platform` + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: -if [ ! "$PLATFORM" = "cdrom" ]; then + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - /etc/rc.packages 2>/dev/null + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - echo "Executing rc.d items... " - for FILE in /usr/local/etc/rc.d/*.sh; do - echo -n " Starting ${FILE}..." - sh $FILE start >>/tmp/bootup_messages 2>&1 & - echo "done." - done -fi + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +require_once("config.inc"); +require_once("functions.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); +require_once("captiveportal.inc"); +require_once("pkg-utils.inc"); +require_once("pfsense-utils.inc"); +require_once("service-utils.inc"); + +log_error("Restarting/Starting all packages."); + +$rcfiles = glob("{$rcfileprefix}*.sh"); +if (!$rcfiles) + $rcfiles = array(); +else { + $rcfiles = array_flip($rcfiles); + if (!$rcfiles) + $rcfiles = array(); +} + +if (is_array($config['installedpackages']['package'])) { + foreach($config['installedpackages']['package'] as $package) { + echo " Starting package {$package['name']}..."; + sync_package($package['name']); + start_service($package['name']); + unset($rcfiles["{$rcfileprefix}{$package['name']}.sh"]); + echo "done.\n"; + } +} + +$shell = @popen("/bin/sh", "w"); +if ($shell) { + foreach ($rcfiles as $rcfile => $number) { + echo " Starting {$rcfile}..."; + fwrite($shell, "{$rcfile} start >>/tmp/bootup_messages 2>&1 &"); + echo "done.\n"; + } + + pclose($shell); +} + +?> diff --git a/etc/rc.stop_packages b/etc/rc.stop_packages index 4ff9ed9..95e77fd 100755 --- a/etc/rc.stop_packages +++ b/etc/rc.stop_packages @@ -1,18 +1,71 @@ -#!/bin/sh +#!/usr/local/bin/php -f +<?php +/* $Id$ */ +/* + rc.stop_packages + part of pfSense (http://www.pfSense.com) + Copyright (C) 2004 Scott Ullrich + All rights reserved. -# Set our operating platform -PLATFORM=`cat /etc/platform` + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: -if [ ! "$PLATFORM" = "cdrom" ]; then + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - echo "Syncing packages..." - /etc/rc.packages 2>/dev/null + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - echo "Executing rc.d items... " - for FILE in /usr/local/etc/rc.d/*.sh; do - echo -n " Stopping ${FILE}..." - sh $FILE stop >>/tmp/bootup_messages 2>&1 - echo "done." - done -fi + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +require_once("config.inc"); +require_once("functions.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); +require_once("captiveportal.inc"); +require_once("pkg-utils.inc"); +require_once("pfsense-utils.inc"); +require_once("service-utils.inc"); + +log_error("Stopping all packages."); + +$rcfiles = glob("{$rcfileprefix}*.sh"); +if (!$rcfiles) + $rcfiles = array(); +else { + $rcfiles = array_flip($rcfiles); + if (!$rcfiles) + $rcfiles = array(); +} + +if (is_array($config['installedpackages']['package'])) { + foreach($config['installedpackages']['package'] as $package) { + echo " Stoping package {$package['name']}..."; + stop_service($package['name']); + unset($rcfiles["{$rcfileprefix}{$package['name']}.sh"]); + echo "done.\n"; + } +} + +$shell = @popen("/bin/sh", "w"); +if ($shell) { + foreach ($rcfiles as $rcfile => $number) { + echo " Stoping {$rcfile}..."; + fwrite($shell, "{$rcfile} stop >>/tmp/bootup_messages 2>&1"); + echo "done.\n"; + } + + pclose($shell); +} +?> diff --git a/usr/local/bin/captiveportal_gather_stats.php b/usr/local/bin/captiveportal_gather_stats.php index 5fe1c6b..823b28f 100644 --- a/usr/local/bin/captiveportal_gather_stats.php +++ b/usr/local/bin/captiveportal_gather_stats.php @@ -43,7 +43,7 @@ $concurrent_users = $no_users; $current_user_count = 0; /* tmp file to use to store old data (per interface)*/ -$tmpfile = "{$g['tmp_path']}/captiveportal_online_users"; +$tmpfile = "{$g['vardb_path']}/captiveportal_online_users"; $type = $argv[1]; @@ -82,12 +82,14 @@ if ($type == "loggedin") { $current_user_count = $current_user_count + 1; } - // Write out the latest timestamp - $fd = @fopen($tmpfile, "w"); - if ($fd) { - fwrite($fd, $timestamp); + // Write out the latest timestamp but not if it is empty + if (!empty($timestamp)) { + $fd = @fopen($tmpfile, "w"); + if ($fd) { + fwrite($fd, $timestamp); + } + @fclose($fd); } - @fclose($fd); /* If $timestamp is less than or equal to previous_user_timestamp return 0, * as we only want the 'X' number of users logged in since last RRD poll. diff --git a/usr/local/pkg/carp_settings.xml b/usr/local/pkg/carp_settings.xml index 3365bba..f335236 100644 --- a/usr/local/pkg/carp_settings.xml +++ b/usr/local/pkg/carp_settings.xml @@ -171,9 +171,21 @@ <type>checkbox</type> </field> <field> - <fielddescr>Synchronize traffic shaper</fielddescr> + <fielddescr>Synchronize traffic shaper(queues)</fielddescr> <fieldname>synchronizetrafficshaper</fieldname> - <description>When this option is enabled, this system will automatically sync the traffic shaper configuration to the other CARP host when changes are made.</description> + <description>When this option is enabled, this system will automatically sync the traffic shaper configuration for queues to the other CARP host when changes are made.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Synchronize traffic shaper(limiter)</fielddescr> + <fieldname>synchronizetrafficshaperlimiter</fieldname> + <description>When this option is enabled, this system will automatically sync the traffic shaper configuration for limiters to the other CARP host when changes are made.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Synchronize traffic shaper(layer7)</fielddescr> + <fieldname>synchronizetrafficshaperlayer7</fieldname> + <description>When this option is enabled, this system will automatically sync the traffic shaper configuration for layer7 to the other CARP host when changes are made.</description> <type>checkbox</type> </field> <field> @@ -211,4 +223,4 @@ /* force a filter configure for syncing */ filter_configure(); </custom_add_php_command_late> -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/usr/local/www/diag_arp.php b/usr/local/www/diag_arp.php index 8a39d3a..4665a44 100755 --- a/usr/local/www/diag_arp.php +++ b/usr/local/www/diag_arp.php @@ -88,118 +88,122 @@ $l = 0; $p = 0; // Put everything together again while($i < $leases_count) { - /* split the line by space */ - $data = explode(" ", $leases_content[$i]); - /* walk the fields */ - $f = 0; - $fcount = count($data); - /* with less then 20 fields there is nothing useful */ - if($fcount < 20) { - $i++; - continue; - } - while($f < $fcount) { - switch($data[$f]) { - case "failover": - $pools[$p]['name'] = $data[$f+2]; - $pools[$p]['mystate'] = $data[$f+7]; - $pools[$p]['peerstate'] = $data[$f+14]; - $pools[$p]['mydate'] = $data[$f+10]; - $pools[$p]['mydate'] .= " " . $data[$f+11]; - $pools[$p]['peerdate'] = $data[$f+17]; - $pools[$p]['peerdate'] .= " " . $data[$f+18]; - $p++; - $i++; - continue 3; - case "lease": - $leases[$l]['ip'] = $data[$f+1]; - $leases[$l]['type'] = "dynamic"; - $f = $f+2; - break; - case "starts": - $leases[$l]['start'] = $data[$f+2]; - $leases[$l]['start'] .= " " . $data[$f+3]; - $f = $f+3; - break; - case "ends": - $leases[$l]['end'] = $data[$f+2]; - $leases[$l]['end'] .= " " . $data[$f+3]; - $f = $f+3; - break; - case "tstp": - $f = $f+3; - break; - case "tsfp": - $f = $f+3; - break; - case "atsfp": - $f = $f+3; - break; - case "cltt": - $f = $f+3; - break; - case "binding": - switch($data[$f+2]) { - case "active": - $leases[$l]['act'] = "active"; - break; - case "free": - $leases[$l]['act'] = "expired"; - $leases[$l]['online'] = "offline"; - break; - case "backup": - $leases[$l]['act'] = "reserved"; - $leases[$l]['online'] = "offline"; - break; - } - $f = $f+1; - break; - case "next": - /* skip the next binding statement */ - $f = $f+3; - break; - case "hardware": - $leases[$l]['mac'] = $data[$f+2]; - /* check if it's online and the lease is active */ - if($leases[$l]['act'] == "active") { - $online = exec("/usr/sbin/arp -an |/usr/bin/awk '/{$leases[$l]['ip']}/ {print}'|wc -l"); - if ($online == 1) { - $leases[$l]['online'] = 'online'; - } else { - $leases[$l]['online'] = 'offline'; - } - } - $f = $f+2; - break; - case "client-hostname": - if($data[$f+1] <> "") { - $leases[$l]['hostname'] = preg_replace('/"/','',$data[$f+1]); - } else { - $hostname = gethostbyaddr($leases[$l]['ip']); - if($hostname <> "") { - $leases[$l]['hostname'] = $hostname; - } - } - $f = $f+1; - break; - case "uid": - $f = $f+1; - break; - } - $f++; - } - $l++; - $i++; + /* split the line by space */ + $data = explode(" ", $leases_content[$i]); + /* walk the fields */ + $f = 0; + $fcount = count($data); + /* with less then 20 fields there is nothing useful */ + if($fcount < 20) { + $i++; + continue; + } + while($f < $fcount) { + switch($data[$f]) { + case "failover": + $pools[$p]['name'] = $data[$f+2]; + $pools[$p]['mystate'] = $data[$f+7]; + $pools[$p]['peerstate'] = $data[$f+14]; + $pools[$p]['mydate'] = $data[$f+10]; + $pools[$p]['mydate'] .= " " . $data[$f+11]; + $pools[$p]['peerdate'] = $data[$f+17]; + $pools[$p]['peerdate'] .= " " . $data[$f+18]; + $p++; + $i++; + continue 3; + case "lease": + $leases[$l]['ip'] = $data[$f+1]; + $leases[$l]['type'] = "dynamic"; + $f = $f+2; + break; + case "starts": + $leases[$l]['start'] = $data[$f+2]; + $leases[$l]['start'] .= " " . $data[$f+3]; + $f = $f+3; + break; + case "ends": + $leases[$l]['end'] = $data[$f+2]; + $leases[$l]['end'] .= " " . $data[$f+3]; + $f = $f+3; + break; + case "tstp": + $f = $f+3; + break; + case "tsfp": + $f = $f+3; + break; + case "atsfp": + $f = $f+3; + break; + case "cltt": + $f = $f+3; + break; + case "binding": + switch($data[$f+2]) { + case "active": + $leases[$l]['act'] = "active"; + break; + case "free": + $leases[$l]['act'] = "expired"; + $leases[$l]['online'] = "offline"; + break; + case "backup": + $leases[$l]['act'] = "reserved"; + $leases[$l]['online'] = "offline"; + break; + } + $f = $f+1; + break; + case "next": + /* skip the next binding statement */ + $f = $f+3; + break; + case "rewind": + /* skip the rewind binding statement */ + $f = $f+3; + break; + case "hardware": + $leases[$l]['mac'] = $data[$f+2]; + /* check if it's online and the lease is active */ + if($leases[$l]['act'] == "active") { + $online = exec("/usr/sbin/arp -an |/usr/bin/awk '/{$leases[$l]['ip']}/ {print}'|wc -l"); + if ($online == 1) { + $leases[$l]['online'] = 'online'; + } else { + $leases[$l]['online'] = 'offline'; + } + } + $f = $f+2; + break; + case "client-hostname": + if($data[$f+1] <> "") { + $leases[$l]['hostname'] = preg_replace('/"/','',$data[$f+1]); + } else { + $hostname = gethostbyaddr($leases[$l]['ip']); + if($hostname <> "") { + $leases[$l]['hostname'] = $hostname; + } + } + $f = $f+1; + break; + case "uid": + $f = $f+1; + break; + } + $f++; + } + $l++; + $i++; } /* remove duplicate items by mac address */ if(count($leases) > 0) { - $leases = remove_duplicate($leases,"ip"); + $leases = remove_duplicate($leases,"ip"); } if(count($pools) > 0) { - $pools = remove_duplicate($pools,"name"); - asort($pools); + $pools = remove_duplicate($pools,"name"); + asort($pools); } // Put this in an easy to use form @@ -218,8 +222,10 @@ $i = 0; /* if list */ $ifdescrs = get_configured_interface_with_descr(); -foreach ($ifdescrs as $key =>$interface) { - $hwif[$config['interfaces'][$key]['if']] = $interface; +foreach ($ifdescrs as $key => $interface) { + $thisif = convert_friendly_interface_to_real_interface_name($key); + if (!empty($thisif)) + $hwif[$thisif] = $interface; } $data = array(); @@ -235,8 +241,7 @@ foreach ($rawdata as $line) { } } -function _getHostName($mac,$ip) -{ +function _getHostName($mac,$ip) { global $dhcpmac, $dhcpip; if ($dhcpmac[$mac]) @@ -283,6 +288,8 @@ foreach ($data as &$entry) { // Sort the data alpha first $data = msort($data, "dnsresolve"); +// Load MAC-Manufacturer table +$mac_man = load_mac_manufacturer_table(); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> @@ -298,7 +305,13 @@ $data = msort($data, "dnsresolve"); <?php foreach ($data as $entry): ?> <tr> <td class="listlr"><?=$entry['ip'];?></td> - <td class="listr"><?=$entry['mac'];?></td> + <td class="listr"> + <?php + $mac=$entry['mac']; + $mac_hi = strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]); + print $mac; + if(isset($mac_man[$mac_hi])){ print "<br/><font size=\"-2\"><i>{$mac_man[$mac_hi]}</i></font>"; } + ?> <td class="listr"> <?php echo str_replace("Z_ ", "", $entry['dnsresolve']); diff --git a/usr/local/www/diag_logs_vpn.php b/usr/local/www/diag_logs_vpn.php index adef3e1..658b5bb 100755 --- a/usr/local/www/diag_logs_vpn.php +++ b/usr/local/www/diag_logs_vpn.php @@ -49,11 +49,38 @@ $nentries = $config['syslog']['nentries']; if (!$nentries) $nentries = 50; -$vpntype = (htmlspecialchars($_GET['vpntype'])) ? htmlspecialchars($_GET['vpntype']) : "pptp"; -$mode = (htmlspecialchars($_GET['mode'])) ? htmlspecialchars($_GET['mode']) : "login"; +if (htmlspecialchars($_POST['vpntype'])) + $vpntype = htmlspecialchars($_POST['vpntype']); +elseif (htmlspecialchars($_GET['vpntype'])) + $vpntype = htmlspecialchars($_GET['vpntype']); +else + $vpntype = "pptp"; + +if (htmlspecialchars($_POST['mode'])) + $mode = htmlspecialchars($_POST['mode']); +elseif (htmlspecialchars($_GET['mode'])) + $mode = htmlspecialchars($_GET['mode']); +else + $mode = "login"; + +switch ($vpntype) { + case 'pptp': + $logname = "pptps"; + break; + case 'poes': + $logname = "poes"; + break; + case 'l2tp': + $logname = "l2tps"; + break; +} -if ($_POST['clear']) - clear_log_file("/var/log/vpn.log"); +if ($_POST['clear']) { + if ($mode != "raw") + clear_log_file("/var/log/vpn.log"); + else + clear_log_file("/var/log/{$logname}.log"); +} function dump_clog_vpn($logfile, $tail) { global $g, $config, $vpntype; @@ -151,22 +178,12 @@ include("head.inc"); </tr> <?php dump_clog_vpn("/var/log/vpn.log", $nentries); ?> <?php else: - switch ($vpntype) { - case 'pptp': - $logname = "pptps"; - break; - case 'poes': - $logname = "poes"; - break; - case 'l2tp': - $logname = "l2tps"; - break; - } dump_clog("/var/log/{$logname}.log", $nentries); endif; ?> </table> <br /> <input type="hidden" name="vpntype" id="vpntype" value="<?=$vpntype;?>"> + <input type="hidden" name="mode" id="mode" value="<?=$mode;?>"> <input name="clear" type="submit" class="formbtn" value="<?=gettext("Clear log"); ?>"> </form> </td> diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index ce730e1..8602740 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -142,7 +142,7 @@ if ($_POST) { $input_errors[] = gettext("Reserved word used for alias name."); } else { if (is_validaliasname($_POST['name']) == false) - $input_errors[] = gettext("The alias name may only consist of the characters") . " a-z, A-Z, 0-9, _."; + $input_errors[] = gettext("The alias name must be less than 32 characters long and may only consist of the characters") . " a-z, A-Z, 0-9, _."; } /* check for name conflicts */ if (empty($a_aliases[$id])) { diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index 53df333..899e209 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -310,7 +310,7 @@ if ($_POST['apply']) { $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.interfaces.apply")); foreach ($toapplylist as $ifapply) { if (isset($config['interfaces'][$ifapply]['enable'])) - interface_configure($ifapply, true); + interface_reconfigure($ifapply, true); else interface_bring_down($ifapply); } diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 24595da..23e6cd9 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -263,6 +263,7 @@ function enable_change(enable_change) { document.iform.freelogins_resettimeout.disabled = endis; document.iform.freelogins_updatetimeouts.disabled = endis; document.iform.timeout.disabled = endis; + document.iform.preauthurl.disabled = endis; document.iform.redirurl.disabled = endis; document.iform.radiusip.disabled = radius_endis; document.iform.radiusip2.disabled = radius_endis; @@ -283,6 +284,7 @@ function enable_change(enable_change) { document.iform.radmac_format.disabled = radius_endis; document.iform.httpsname.disabled = endis; document.iform.cert.disabled = endis; + document.iform.cacert.disabled = endis; document.iform.key.disabled = endis; document.iform.logoutwin_enable.disabled = endis; document.iform.nomacfilter.disabled = endis; diff --git a/usr/local/www/services_dyndns.php b/usr/local/www/services_dyndns.php index c6939d7..263a669 100755 --- a/usr/local/www/services_dyndns.php +++ b/usr/local/www/services_dyndns.php @@ -114,8 +114,8 @@ include("head.inc"); </td> <td class="listlr"> <?php - $types = explode(",", "DNS-O-Matic, DynDNS (dynamic),DynDNS (static),DynDNS (custom),DHS,DyNS,easyDNS,No-IP,ODS.org,ZoneEdit,Loopia,freeDNS, DNSexit, OpenDNS, Namecheap"); - $vals = explode(" ", "dnsomatic dyndns dyndns-static dyndns-custom dhs dyns easydns noip ods zoneedit loopia freedns dnsexit opendns namecheap"); + $types = explode(",", "DNS-O-Matic, DynDNS (dynamic),DynDNS (static),DynDNS (custom),DHS,DyNS,easyDNS,No-IP,ODS.org,ZoneEdit,Loopia,freeDNS, DNSexit, OpenDNS, Namecheap, HE.net"); + $vals = explode(" ", "dnsomatic dyndns dyndns-static dyndns-custom dhs dyns easydns noip ods zoneedit loopia freedns dnsexit opendns namecheap he-net"); $j = 0; for ($j = 0; $j < count($vals); $j++) if ($vals[$j] == $dyndns['type']) { echo htmlspecialchars($types[$j]); diff --git a/usr/local/www/services_dyndns_edit.php b/usr/local/www/services_dyndns_edit.php index f2a3072..e382deb 100644 --- a/usr/local/www/services_dyndns_edit.php +++ b/usr/local/www/services_dyndns_edit.php @@ -159,8 +159,8 @@ include("head.inc"); <td width="78%" class="vtable"> <select name="type" class="formselect" id="type"> <?php - $types = explode(",", "DNS-O-Matic, DynDNS (dynamic),DynDNS (static),DynDNS (custom),DHS,DyNS,easyDNS,No-IP,ODS.org,ZoneEdit,Loopia,freeDNS, DNSexit, OpenDNS, Namecheap"); - $vals = explode(" ", "dnsomatic dyndns dyndns-static dyndns-custom dhs dyns easydns noip ods zoneedit loopia freedns dnsexit opendns namecheap"); + $types = explode(",", "DNS-O-Matic, DynDNS (dynamic),DynDNS (static),DynDNS (custom),DHS,DyNS,easyDNS,No-IP,ODS.org,ZoneEdit,Loopia,freeDNS, DNSexit, OpenDNS, Namecheap, HE.net"); + $vals = explode(" ", "dnsomatic dyndns dyndns-static dyndns-custom dhs dyns easydns noip ods zoneedit loopia freedns dnsexit opendns namecheap he-net"); $j = 0; for ($j = 0; $j < count($vals); $j++): ?> <option value="<?=$vals[$j];?>" <?php if ($vals[$j] == $pconfig['type']) echo "selected";?>> <?=htmlspecialchars($types[$j]);?> diff --git a/usr/local/www/status_dhcp_leases.php b/usr/local/www/status_dhcp_leases.php index 39ed024..ba18b72 100755 --- a/usr/local/www/status_dhcp_leases.php +++ b/usr/local/www/status_dhcp_leases.php @@ -324,6 +324,8 @@ foreach ($pools as $data) { <td class="listhdrr"><a href="#"><?=gettext("Lease Type"); ?></a></td> </tr> <?php +// Load MAC-Manufacturer table +$mac_man = load_mac_manufacturer_table(); foreach ($leases as $data) { if (($data['act'] == "active") || ($data['act'] == "static") || ($_GET['all'] == 1)) { if ($data['act'] != "active" && $data['act'] != "static") { @@ -357,10 +359,20 @@ foreach ($leases as $data) { } echo "<tr>\n"; echo "<td class=\"listlr\">{$fspans}{$data['ip']}{$fspane} </td>\n"; + $mac=$data['mac']; + $mac_hi = strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]); if ($data['online'] != "online") { - echo "<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" title=\"" . gettext("send Wake on LAN packet to this MAC address") ."\" onclick=\"return confirm('" . gettext("Send Wake on LAN packet to this MAC address?") . "')\">{$data['mac']}</a>{$fspane} </td>\n"; - } else { - echo "<td class=\"listr\">{$fspans}{$data['mac']}{$fspane} </td>\n"; + if(isset($mac_man[$mac_hi])){ // Manufacturer for this MAC is defined + echo "<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac=$mac\" title=\"" . gettext("$mac - send Wake on LAN packet to this MAC address") ."\">{$mac}</a><br/><font size=\"-2\"><i>{$mac_man[$mac_hi]}</i></font>{$fspane} </td>\n"; + }else{ + echo "<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" title=\"" . gettext("send Wake on LAN packet to this MAC address") ."\">{$data['mac']}</a>{$fspane} </td>\n"; + } + }else{ + if(isset($mac_man[$mac_hi])){ // Manufacturer for this MAC is defined + echo "<td class=\"listr\">{$fspans}{$mac}<br/><font size=\"-2\"><i>{$mac_man[$mac_hi]}</i></font>{$fspane} </td>\n"; + }else{ + echo "<td class=\"listr\">{$fspans}{$data['mac']}{$fspane} </td>\n"; + } } echo "<td class=\"listr\">{$fspans}" . htmlentities($data['hostname']) . "{$fspane} </td>\n"; if ($data['type'] != "static") { diff --git a/usr/local/www/status_interfaces.php b/usr/local/www/status_interfaces.php index 266d36b..6c98a34 100755 --- a/usr/local/www/status_interfaces.php +++ b/usr/local/www/status_interfaces.php @@ -68,6 +68,8 @@ include("head.inc"); $ifdescrs = get_configured_interface_with_descr(false, true); foreach ($ifdescrs as $ifdescr => $ifname): $ifinfo = get_interface_info($ifdescr); + // Load MAC-Manufacturer table + $mac_man = load_mac_manufacturer_table(); ?> <?php if ($i): ?> <tr> @@ -175,7 +177,12 @@ include("head.inc"); <tr> <td width="22%" class="vncellt"><?=gettext("MAC address");?></td> <td width="78%" class="listr"> - <?=htmlspecialchars($ifinfo['macaddr']);?> + <?php + $mac=$ifinfo['macaddr']; + $mac_hi = strtoupper($mac[0] . $mac[1] . $mac[3] . $mac[4] . $mac[6] . $mac[7]); + if(isset($mac_man[$mac_hi])){ print "<span title=\"$mac\">" . htmlspecialchars($mac_man[$mac_hi]); print "</span>"; } + else {print htmlspecialchars($mac);} + ?> </td> </tr> <?php endif; if ($ifinfo['status'] != "down"): ?> diff --git a/usr/local/www/status_rrd_graph_img.php b/usr/local/www/status_rrd_graph_img.php index d21f91c..a2aa6d2 100644 --- a/usr/local/www/status_rrd_graph_img.php +++ b/usr/local/www/status_rrd_graph_img.php @@ -933,16 +933,15 @@ elseif((strstr($curdatabase, "-loggedin.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "--start $start --end $end "; $graphcmd .= "--vertical-label \"Captive Portal Users\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; + $graphcmd .= "--base=1000 "; + $graphcmd .= "--lower-limit=0 "; + $graphcmd .= "--slope-mode "; $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; $graphcmd .= "DEF:\"$curif-loggedinusers=$rrddbpath$curdatabase:loggedinusers:AVERAGE\" "; - $graphcmd .= "LINE2:\"$curif-loggedinusers#{$colorcaptiveportalusers[0]}:$curif-loggedinusers\" "; - $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t current\t\t average\t maximum\\n\" "; - $graphcmd .= "COMMENT:\"Users Online\t\" "; - $graphcmd .= "GPRINT:\"$curif-loggedinusers:LAST:%7.2lf \" "; - $graphcmd .= "GPRINT:\"$curif-loggedinusers:AVERAGE:%7.2lf \" "; - $graphcmd .= "GPRINT:\"$curif-loggedinusers:MAX:%7.2lf \" "; + $graphcmd .= "CDEF:\"$curif-totalusers_t=PREV,UN,0,PREV,IF,$curif-loggedinusers,+\" "; + $graphcmd .= "AREA:\"$curif-totalusers_t#{$colorcaptiveportalusers[0]}:Total logged in users\" "; + $graphcmd .= "GPRINT:\"$curif-totalusers_t:MAX:%8.0lf \\n\" "; $graphcmd .= "COMMENT:\"\\n\" "; $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; } @@ -953,37 +952,18 @@ elseif((strstr($curdatabase, "-concurrent.rrd")) && (file_exists("$rrddbpath$cur $graphcmd .= "--vertical-label \"Captive Portal Users\" "; $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; - $graphcmd .= "--height 200 --width 620 "; - $graphcmd .= "DEF:\"$curif-concurrentusers=$rrddbpath$curdatabase:concurrentusers:AVERAGE\" "; - $graphcmd .= "LINE2:\"$curif-concurrentusers#{$colorcaptiveportalusers[0]}:$curif-concurrentusers\" "; - $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t current\t\t average\t maximum\\n\" "; - $graphcmd .= "COMMENT:\"Users Online\t\" "; - $graphcmd .= "GPRINT:\"$curif-concurrentusers:LAST:%7.2lf \" "; - $graphcmd .= "GPRINT:\"$curif-concurrentusers:AVERAGE:%7.2lf \" "; - $graphcmd .= "GPRINT:\"$curif-concurrentusers:MAX:%7.2lf \" "; - $graphcmd .= "COMMENT:\"\\n\" "; - $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; -} -elseif((strstr($curdatabase, "-totalusers.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { - /* define graphcmd for online Captive Portal users stats */ - $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png "; - $graphcmd .= "--start $start --end $end "; - $graphcmd .= "--vertical-label \"Total Captive Portal Users\" "; - $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; $graphcmd .= "--base=1000 "; $graphcmd .= "--lower-limit=0 "; $graphcmd .= "--slope-mode "; - $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; $graphcmd .= "--height 200 --width 620 "; - $graphcmd .= "DEF:\"$curif-totalusers=$rrddbpath$curdatabase:totalusers:AVERAGE\" "; - $graphcmd .= "AREA:\"$curif-totalusers#{$colorcaptiveportalusers[0]}:$curif-totalusers\" "; + $graphcmd .= "DEF:\"$curif-concurrentusers=$rrddbpath$curdatabase:concurrentusers:AVERAGE\" "; + $graphcmd .= "AREA:\"$curif-concurrentusers#{$colorcaptiveportalusers[0]}:Concurrent Users\" "; $graphcmd .= "COMMENT:\"\\n\" "; $graphcmd .= "COMMENT:\"\t\t\t current\t\t average\t maximum\\n\" "; $graphcmd .= "COMMENT:\"Users Online\t\" "; - $graphcmd .= "GPRINT:\"$curif-totalusers:LAST:%8.0lf \" "; - $graphcmd .= "GPRINT:\"$curif-totalusers:AVERAGE:%8.0lf \" "; - $graphcmd .= "GPRINT:\"$curif-totalusers:MAX:%8.0lf \" "; + $graphcmd .= "GPRINT:\"$curif-concurrentusers:LAST:%8.0lf \" "; + $graphcmd .= "GPRINT:\"$curif-concurrentusers:AVERAGE:%8.0lf \" "; + $graphcmd .= "GPRINT:\"$curif-concurrentusers:MAX:%8.0lf \" "; $graphcmd .= "COMMENT:\"\\n\" "; $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; } diff --git a/usr/local/www/system_advanced_notifications.php b/usr/local/www/system_advanced_notifications.php index c914d7a..7da289a 100644 --- a/usr/local/www/system_advanced_notifications.php +++ b/usr/local/www/system_advanced_notifications.php @@ -62,6 +62,8 @@ if($config['notifications']['smtp']['ipaddress']) $pconfig['smtpipaddress'] = $config['notifications']['smtp']['ipaddress']; if($config['notifications']['smtp']['port']) $pconfig['smtpport'] = $config['notifications']['smtp']['port']; +if($config['notifications']['smtp']['ssl']) + $pconfig['smtpssl'] = $config['notifications']['smtp']['ssl']; if($config['notifications']['smtp']['notifyemailaddress']) $pconfig['smtpnotifyemailaddress'] = $config['notifications']['smtp']['notifyemailaddress']; if($config['notifications']['smtp']['username']) @@ -100,6 +102,7 @@ if ($_POST) { // SMTP $config['notifications']['smtp']['ipaddress'] = $_POST['smtpipaddress']; $config['notifications']['smtp']['port'] = $_POST['smtpport']; + $config['notifications']['smtp']['ssl'] = isset($_POST['smtpssl']) ? 'checked' : 'unchecked'; $config['notifications']['smtp']['notifyemailaddress'] = $_POST['smtpnotifyemailaddress']; $config['notifications']['smtp']['username'] = $_POST['smtpusername']; $config['notifications']['smtp']['password'] = $_POST['smtppassword']; @@ -208,8 +211,9 @@ include("head.inc"); <tr> <td width="22%" valign="top" class="vncell"><?=gettext("SMTP Port of E-Mail server"); ?></td> <td width="78%" class="vtable"> - <input name='smtpport' value='<?php echo $pconfig['smtpport']; ?>'><br/> - <?=gettext("This is the port of the SMTP E-Mail server, typically 25 or 587 (submission)."); ?> + <input name='smtpport' value='<?php echo $pconfig['smtpport']; ?>'> + <input type='checkbox' name='smtpssl' <?php echo $pconfig['smtpssl']; ?>>Enable SSL/TLS Authentication<br/> + <?=gettext("This is the port of the SMTP E-Mail server, typically 25, 587 (submission) or 465 (smtps, tick ssl/tls checkbox)"); ?> </td> </tr> <tr> diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index 9ef6d64..cc1c65a 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -280,12 +280,25 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); +// old way /* make sure this csr and certificate subjects match */ - $subj_csr = csr_get_subject($pconfig['csr'], false); - $subj_cert = cert_get_subject($pconfig['cert'], false); - - if (strcmp($subj_csr,$subj_cert)) - $input_errors[] = sprintf(gettext("The certificate subject '%s' does not match the signing request subject."),$subj_cert); +// $subj_csr = csr_get_subject($pconfig['csr'], false); +// $subj_cert = cert_get_subject($pconfig['cert'], false); +// +// if ( !isset($_POST['ignoresubjectmismatch']) && !($_POST['ignoresubjectmismatch'] == "yes") ) { +// if (strcmp($subj_csr,$subj_cert)) { +// $input_errors[] = sprintf(gettext("The certificate subject '%s' does not match the signing request subject."),$subj_cert); +// $subject_mismatch = true; +// } +// } + $mod_csr = csr_get_modulus($pconfig['csr'], false); + $mod_cert = cert_get_modulus($pconfig['cert'], false); + + if (strcmp($mod_csr,$mod_cert)) { + // simply: if the moduli don't match, then the private key and public key won't match + $input_errors[] = sprintf(gettext("The certificate modulus does not match the signing request modulus."),$subj_cert); + $subject_mismatch = true; + } /* if this is an AJAX caller then handle via JSON */ if (isAjax() && is_array($input_errors)) { @@ -314,7 +327,7 @@ if ($_POST) { include("head.inc"); ?> -<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>"> +<body link="#000000" vlink="#000000" alink="#000000" onLoad="<?= $jsevents["body"]["onload"] ?>"> <?php include("fbegin.inc"); ?> <script type="text/javascript"> <!-- @@ -776,6 +789,14 @@ function internalca_change() { <tr> <td width="22%" valign="top"> </td> <td width="78%"> + <?php /* if ( isset($subject_mismatch) && $subject_mismatch === true): ?> + <input id="ignoresubjectmismatch" name="ignoresubjectmismatch" type="checkbox" class="formbtn" value="yes" /> + <label for="ignoresubjectmismatch"><strong><?=gettext("Ignore certificate subject mismatch"); ?></strong></label><br /> + <?php echo gettext("Warning: Using this option may create an " . + "invalid certificate. Check this box to disable the request -> " . + "response subject verification. "); + ?><br/> + <?php endif; */ ?> <input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Update");?>" /> <?php if (isset($id) && $a_cert[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>" /> @@ -800,7 +821,7 @@ function internalca_change() { $i = 0; foreach($a_cert as $cert): $name = htmlspecialchars($cert['descr']); - + if ($cert['crt']) { $subj = cert_get_subject($cert['crt']); $issuer = cert_get_issuer($cert['crt']); @@ -868,7 +889,7 @@ function internalca_change() { <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export key");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" /> </a> <?php if (!cert_in_use($cert['refid'])): ?> - <a href="system_certmanager.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate?");?>')"> + <a href="system_certmanager.php?act=del&id=<?=$i;?>" onClick="return confirm('<?=gettext("Do you really want to delete this Certificate?");?>')"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete cert");?>" alt="<?=gettext("delete cert");?>" width="17" height="17" border="0" /> </a> <?php endif; ?> diff --git a/usr/local/www/system_crlmanager.php b/usr/local/www/system_crlmanager.php index 72e795b..1beb75b 100644 --- a/usr/local/www/system_crlmanager.php +++ b/usr/local/www/system_crlmanager.php @@ -494,6 +494,7 @@ function method_change() { </thead> <tbody> <?php + $caimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png"; // Map CRLs to CAs in one pass $ca_crl_map = array(); foreach($a_crl as $crl) @@ -504,7 +505,6 @@ function method_change() { $name = htmlspecialchars($ca['descr']); if($ca['prv']) { - $caimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png"; $cainternal = "YES"; } else $cainternal = "NO"; diff --git a/usr/local/www/vpn_pptp_users_edit.php b/usr/local/www/vpn_pptp_users_edit.php index 1cd0075..b1b4811 100755 --- a/usr/local/www/vpn_pptp_users_edit.php +++ b/usr/local/www/vpn_pptp_users_edit.php @@ -84,7 +84,7 @@ if ($_POST) { if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username'])) $input_errors[] = gettext("The username contains invalid characters."); - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['passwordfld'])) + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['password'])) $input_errors[] = gettext("The password contains invalid characters."); if (preg_match("/^!/", $_POST['password'])) diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index ebb3a24..97fbc45 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -158,26 +158,80 @@ function restore_config_section_xmlrpc($raw_params) { $params = xmlrpc_params_to_php($raw_params); if(!xmlrpc_auth($params)) return $xmlrpc_g['return']['authfail']; + $vipbackup = array(); + $oldvips = array(); if (isset($params[0]['virtualip'])) { if(is_array($config['virtualip']['vip'])) { - foreach ($config['virtualip']['vip'] as $vip) - interface_vip_bring_down($vip); + foreach ($config['virtualip']['vip'] as $vipindex => $vip) { + if ($vip['mode'] == "carp") + $oldvips[$vip['vhid']] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}"; + else if ((($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp')) && substr($vip['interface'], 0, 3) != "vip") + $vipbackup[] = $vip; + } } - $vipbackup = $config['virtualip']['vip']; } + // For vip section, first keep items sent from the master - $config = array_merge($config, $params[0]); - // Then add ipalias and proxyarp types already defined on the backup - if (is_array($vipbackup)) { - foreach ($vipbackup as $vip) { - if ((($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp')) && substr($vip['interface'], 0, 3) != "vip") - array_unshift($config['virtualip']['vip'], $vip); - } + $config = array_merge_recursive_unique($config, $params[0]); + + /* Then add ipalias and proxyarp types already defined on the backup */ + if (is_array($vipbackup) && !empty($vipbackup)) { + if (!is_array($config['virtualip'])) + $config['virtualip'] = array(); + if (!is_array($config['virtualip']['vip'])) + $config['virtualip']['vip'] = array(); + foreach ($vipbackup as $vip) + array_unshift($config['virtualip']['vip'], $vip); } + + /* Log what happened */ $mergedkeys = implode(",", array_keys($params[0])); write_config(sprintf(gettext("Merged in config (%s sections) from XMLRPC client."),$mergedkeys)); - interfaces_vips_configure(); + + /* + * The real work on handling the vips specially + * This is a copy of intefaces_vips_configure with addition of not reloading existing/not changed carps + */ + if (is_array($config['virtualip']) && is_array($config['virtualip']['vip'])) { + $carp_setuped = false; + $anyproxyarp = false; + foreach ($config['virtualip']['vip'] as $vip) { + if (isset($oldvips[$vip['vhid']])) { + if ($oldvips[$vip['vhid']] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") { + if (does_interface_exist("vip{$vip['vhid']}")) + continue; // Skip reconfiguring this vips since nothing has changed. + } else + unset($oldvips['vhid']); + } + + switch ($vip['mode']) { + case "proxyarp": + $anyproxyarp = true; + break; + case "ipalias": + interface_ipalias_configure(&$vip); + break; + case "carp": + if ($carp_setuped == false) + $carp_setuped = true; + interface_carp_configure($vip); + break; + case "carpdev-dhcp": + interface_carpdev_configure($vip); + break; + } + } + /* Cleanup remaining old carps */ + foreach ($oldvips as $oldvipif => $oldvippar) { + if (does_interface_exist("vip{$oldvipif}")) + pfSense_interface_destroy("vip{$oldvipif}"); + } + if ($carp_setuped == true) + interfaces_carp_setup(); + if ($anyproxyarp == true) + interface_proxyarp_configure(); + } return $xmlrpc_g['return']['true']; } @@ -218,29 +272,7 @@ $merge_config_section_sig = array( function merge_config_section_xmlrpc($raw_params) { global $config, $xmlrpc_g; - $params = xmlrpc_params_to_php($raw_params); - if(!xmlrpc_auth($params)) - return $xmlrpc_g['return']['authfail']; - if (isset($params[0]['virtualip'])) { - if(is_array($config['virtualip']['vip'])) { - foreach ($config['virtualip']['vip'] as $vip) - interface_vip_bring_down($vip); - } - $vipbackup = $config['virtualip']['vip']; - } - $config = array_merge_recursive_unique($config, $params[0]); - // Then add ipalias and proxyarp types already defined on the backup - if (is_array($vipbackup)) { - foreach ($vipbackup as $vip) { - if ((($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp')) && substr($vip['interface'], 0, 3) != "vip") - array_unshift($config['virtualip']['vip'], $vip); - } - } - $mergedkeys = implode(",", array_keys($params[0])); - write_config("Merged in config ({$mergedkeys} sections) from XMLRPC client."); - interfaces_vips_configure(); - - return $xmlrpc_g['return']['true']; + return restore_config_section_xmlrpc($raw_params); } /*****************************/ @@ -372,6 +404,8 @@ function get_notices_xmlrpc($raw_params) { return $response; } +$xmlrpclockkey = lock('xmlrpc', LOCK_EX); + /*****************************/ $server = new XML_RPC_Server( array( @@ -412,4 +446,6 @@ $server = new XML_RPC_Server( ) ); +unlock($xmlrpclockkey); + ?> |
