diff options
| author | Ermal Luçi <eri@pfsense.org> | 2008-07-23 16:09:33 +0000 |
|---|---|---|
| committer | Ermal Luçi <eri@pfsense.org> | 2008-07-23 16:09:33 +0000 |
| commit | ead45104a4b9620a3aee2d6230718cc7c3473b93 (patch) | |
| tree | 0e9528dd1c650dc599822bc8a0fcfc3e27559e85 | |
| parent | af6f0a3aa9baa78b89c2f78a48a8138ebc08d6a2 (diff) | |
| download | pfsense-ead45104a4b9620a3aee2d6230718cc7c3473b93.zip pfsense-ead45104a4b9620a3aee2d6230718cc7c3473b93.tar.gz | |
Implement frontend for GRE/GIF tunnels.
GIF tunnels migh conflict with IPsec settings but I will resolve later by either renaming the ipsec interfaces to ipsec or renanming this tunnels to something else.
| -rw-r--r-- | usr/local/www/interfaces_gif.php | 135 | ||||
| -rw-r--r-- | usr/local/www/interfaces_gif_edit.php | 207 | ||||
| -rw-r--r-- | usr/local/www/interfaces_gre.php | 135 | ||||
| -rw-r--r-- | usr/local/www/interfaces_gre_edit.php | 220 |
4 files changed, 697 insertions, 0 deletions
diff --git a/usr/local/www/interfaces_gif.php b/usr/local/www/interfaces_gif.php new file mode 100644 index 0000000..ca3c8c9 --- /dev/null +++ b/usr/local/www/interfaces_gif.php @@ -0,0 +1,135 @@ +<?php +/* $Id$ */ +/* + interfaces_gif.php + + Copyright (C) 2008 Ermal Luçi + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +if (!is_array($config['gifs']['gif'])) + $config['gifs']['gif'] = array(); + +$a_gifs = &$config['gifs']['gif'] ; + +function gif_inuse($num) { + global $config; + + $iflist = get_configured_interface_list(false, true); + foreach ($iflist as $if) { + if ($config['interfaces'][$if]['if'] == $a_gifs[$num]['gifif']) { + echo "<br/><br/>{$if}"; + return true; + } + } + + return false; +} + +if ($_GET['act'] == "del") { + /* check if still in use */ + if (gif_inuse($_GET['id'])) { + $input_errors[] = "This gif TUNNEL cannot be deleted because it is still being used as an interface."; + } else { + mwexec("/sbin/ifconfig " . $a_gifs[$_GET['id']]['gifif'] . " destroy"); + unset($a_gifs[$_GET['id']]); + + write_config(); + + header("Location: interfaces_gif.php"); + exit; + } +} + + +$pgtitle = array("Interfaces","gif"); +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td> +<?php + $tab_array = array(); + $tab_array[0] = array("Interface assignments", false, "interfaces_assign.php"); + $tab_array[1] = array("VLANs", false, "interfaces_vlan.php"); + $tab_array[2] = array("PPP", false, "interfaces_ppp.php"); + $tab_array[3] = array("Bridge", false, "interfaces_bridge.php"); + $tab_array[4] = array("GRE", false, "interfaces_gre.php"); + $tab_array[5] = array("GIF", true, "interfaces_gif.php"); + display_top_tabs($tab_array); +?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="20%" class="listhdrr">Interface</td> + <td width="20%" class="listhdrr">Tunnel to...</td> + <td width="50%" class="listhdr">Description</td> + <td width="10%" class="list"></td> + </tr> + <?php $i = 0; foreach ($a_gifs as $gif): ?> + <tr> + <td class="listlr"> + <?=htmlspecialchars($gif['if']);?> + </td> + <td class="listr"> + <?=htmlspecialchars($gif['remote-addr']);?> + </td> + <td class="listbg"> + <font color="white"> + <?=htmlspecialchars($gif['descr']);?> + </font> + </td> + <td valign="middle" nowrap class="list"> <a href="interfaces_gif_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a> + <a href="interfaces_gif.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this gif tunnel?')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + </tr> + <?php $i++; endforeach; ?> + <tr> + <td class="list" colspan="3"> </td> + <td class="list"> <a href="interfaces_gif_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + </tr> + <tr> + <td colspan="3" class="list"><p class="vexpl"><span class="red"><strong> + Note:<br> + </strong></span> + Something meaningful here. + </td> + <td class="list"> </td> + </tr> + </table> + </div> + </td> + </tr> +</table> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/interfaces_gif_edit.php b/usr/local/www/interfaces_gif_edit.php new file mode 100644 index 0000000..c154e89 --- /dev/null +++ b/usr/local/www/interfaces_gif_edit.php @@ -0,0 +1,207 @@ +<?php +/* $Id$ */ +/* + interfaces_gif_edit.php + + Copyright (C) 2008 Ermal Luçi + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +if (!is_array($config['gifs']['gif'])) + $config['gifs']['gif'] = array(); + +$a_gifs = &$config['gifs']['gif']; + + +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if (isset($id) && $a_gifs[$id]) { + $pconfig['if'] = $a_gifs[$id]['if']; + $pconfig['gifif'] = $a_gifs[$id]['gifif']; + $pconfig['remote-addr'] = $a_gifs[$id]['remote-addr']; + $pconfig['tunnel-remote-net'] = $a_gifs[$id]['tunnel-remote-net']; + $pconfig['tunnel-local-addr'] = $a_gifs[$id]['tunnel-local-addr']; + $pconfig['tunnel-remote-addr'] = $a_gifs[$id]['tunnel-remote-addr']; + $pconfig['link1'] = isset($a_gifs[$id]['link1']); + $pconfig['link0'] = isset($a_gifs[$id]['link0']); + $pconfig['descr'] = $a_gifs[$id]['descr']; +} + +if ($_POST) { + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "if tunnel-remote-addr tunnel-remote-net tunnel-local-addr"); + $reqdfieldsn = explode(",", "Parent interface,Local address, Remote tunnel address, Remote tunnel network, Local tunnel address"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if ((!is_ipaddr($_POST['tunnel-local-addr'])) || (!is_ipaddr($_POST['tunnel-remote-addr'])) || + (!is_ipaddr($_POST['remote-addr']))) { + $input_errors[] = "All fildes must have valid ip addresses."; + } + + foreach ($a_gifs as $gif) { + if (isset($id) && ($a_gifs[$id]) && ($a_gifs[$id] === $gif)) + continue; + + if (($gif['if'] == $_POST['if']) && ($gif['tunnel-remote-net'] == $_POST['tunnel-remote-net'])) { + $input_errors[] = "A gif with the network {$gif['remote-network']} is already defined."; + break; + } + } + + if (!$input_errors) { + $gif = array(); + $gif['if'] = $_POST['if']; + $gif['tunnel-local-addr'] = $_POST['tunnel-local-addr']; + $gif['tunnel-remote-addr'] = $_POST['tunnel-remote-addr']; + $gif['tunnel-remote-net'] = $_POST['tunnel-remote-net']; + $gif['remote-addr'] = $_POST['remote-addr']; + $gif['descr'] = $_POST['descr']; + $gif['link1'] = isset($_POST['link1']); + $gif['link0'] = isset($_POST['link0']); + $gif['gifif'] = $_POST['gifif']; + + $gif['gifif'] = interface_gif_configure($gif); + if ($gif['gifif'] == "" || !stristr($gif['gifif'], "gif")) + $input_errors[] = "Error occured creating interface, please retry."; + else { + if (isset($id) && $a_gifs[$id]) + $a_gifs[$id] = $gif; + else + $a_gifs[] = $gif; + + write_config(); + + header("Location: interfaces_gif.php"); + exit; + } + } +} + +$pgtitle = array("Firewall","GIF","Edit"); +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> + <form action="interfaces_gif_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td width="22%" valign="top" class="vncellreq">Parent interface</td> + <td width="78%" class="vtable"> + <select name="if" class="formselect"> + <?php + $portlist = get_configured_interface_with_descr(); + foreach ($portlist as $ifn => $ifinfo) { + echo "<option value=\"{$ifn}\""; + if ($ifn == $pconfig['if']) + echo "selected"; + echo ">{$ifinfo}</option>"; + } + ?> + </select> + <br/> + <span class="vexpl">The interface here servers as the local address to be used for the gif tunnel.</span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">gif remote address. </td> + <td class="vtable"> + <input name="remote-addr" type="text" class="formfld unknown" id="remote-addr" size="16" value="<?=$pconfig['remote-addr'];?>"> + <br> + <span class="vexpl">Peer address where encapsulated gif packets will be sent. </span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">gif tunnel local address. </td> + <td class="vtable"> + <input name="tunnel-local-addr" type="text" class="formfld unknown" id="tunnel-local-addr" size="16" value="<?=$pconfig['tunnel-local-addr'];?>"> + <br> + <span class="vexpl">Local gif tunnel endpoint. </span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">gif tunnel remote address. </td> + <td class="vtable"> + <input name="tunnel-remote-addr" type="text" class="formfld unknown" id="tunnel-remote-addr" size="16" value="<?=$pconfig['tunnel-remote-addr'];?>"> + <select name="tunnel-remote-net" class="formselect" id="tunnel-remote-net"> + <?php + for ($i = 32; $i > 0; $i--) { + if($i <> 31) { + echo "<option value=\"{$i}\" "; + if ($i == $pconfig['tunnel-remote-net']) echo "selected"; + echo ">" . $i . "</option>"; + } + } + ?> + </select> + <br/> + <span class="vexpl">Remote gif address endpoint. The subnet part is used for the determinig the network that is tunneled.</span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">Route caching </td> + <td class="vtable"> + <input name="link0" type="checkbox" id="link0" <?if ($pconfig['link0']) echo "checked";?>> + <br> + <span class="vexpl">Specify if route caching can be enabled. Be careful with these settings on dynamic networks. </span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">ECN friendly behaviour. </td> + <td class="vtable"> + <input name="link1" type="checkbox" id="link1" <?if ($pconfig['link1']) echo "checked";?>> + <br> + <span class="vexpl"> + Note that the ECN friendly behavior violates RFC2893. This should be + used in mutual agreement with the peer. + </span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Description</td> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> + <br> <span class="vexpl">You may enter a description here + for your reference (not parsed).</span></td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input type="hidden" name="gifif" value="<?=$pconfig['gifif']; ?>"> + <input name="Submit" type="submit" class="formbtn" value="Save"> <input type="button" value="Cancel" onclick="history.back()"> + <?php if (isset($id) && $a_gifs[$id]): ?> + <input name="id" type="hidden" value="<?=$id;?>"> + <?php endif; ?> + </td> + </tr> + </table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/interfaces_gre.php b/usr/local/www/interfaces_gre.php new file mode 100644 index 0000000..2aeeaa0 --- /dev/null +++ b/usr/local/www/interfaces_gre.php @@ -0,0 +1,135 @@ +<?php +/* $Id$ */ +/* + interfaces_gre.php + + Copyright (C) 2008 Ermal Luçi + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +if (!is_array($config['gres']['gre'])) + $config['gres']['gre'] = array(); + +$a_gres = &$config['gres']['gre'] ; + +function gre_inuse($num) { + global $config; + + $iflist = get_configured_interface_list(false, true); + foreach ($iflist as $if) { + if ($config['interfaces'][$if]['if'] == $a_gres[$num]['greif']) { + echo "<br/><br/>{$if}"; + return true; + } + } + + return false; +} + +if ($_GET['act'] == "del") { + /* check if still in use */ + if (gre_inuse($_GET['id'])) { + $input_errors[] = "This GRE TUNNEL cannot be deleted because it is still being used as an interface."; + } else { + mwexec("/sbin/ifconfig " . $a_gres[$_GET['id']]['greif'] . " destroy"); + unset($a_gres[$_GET['id']]); + + write_config(); + + header("Location: interfaces_gre.php"); + exit; + } +} + + +$pgtitle = array("Interfaces","GRE"); +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td> +<?php + $tab_array = array(); + $tab_array[0] = array("Interface assignments", false, "interfaces_assign.php"); + $tab_array[1] = array("VLANs", false, "interfaces_vlan.php"); + $tab_array[2] = array("PPP", false, "interfaces_ppp.php"); + $tab_array[3] = array("Bridge", false, "interfaces_bridge.php"); + $tab_array[4] = array("GRE", true, "interfaces_gre.php"); + $tab_array[5] = array("GIF", false, "interfaces_gif.php"); + display_top_tabs($tab_array); +?> + </td></tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="20%" class="listhdrr">Interface</td> + <td width="20%" class="listhdrr">Tunnel to...</td> + <td width="50%" class="listhdr">Description</td> + <td width="10%" class="list"></td> + </tr> + <?php $i = 0; foreach ($a_gres as $gre): ?> + <tr> + <td class="listlr"> + <?=htmlspecialchars($gre['if']);?> + </td> + <td class="listr"> + <?=htmlspecialchars($gre['remote-addr']);?> + </td> + <td class="listbg"> + <font color="white"> + <?=htmlspecialchars($gre['descr']);?> + </font> + </td> + <td valign="middle" nowrap class="list"> <a href="interfaces_gre_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a> + <a href="interfaces_gre.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this GRE tunnel?')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + </tr> + <?php $i++; endforeach; ?> + <tr> + <td class="list" colspan="3"> </td> + <td class="list"> <a href="interfaces_gre_edit.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + </tr> + <tr> + <td colspan="3" class="list"><p class="vexpl"><span class="red"><strong> + Note:<br> + </strong></span> + Something meaningful here. + </td> + <td class="list"> </td> + </tr> + </table> + </div> + </td> + </tr> +</table> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/interfaces_gre_edit.php b/usr/local/www/interfaces_gre_edit.php new file mode 100644 index 0000000..69a71f4 --- /dev/null +++ b/usr/local/www/interfaces_gre_edit.php @@ -0,0 +1,220 @@ +<?php +/* $Id$ */ +/* + interfaces_gre_edit.php + + Copyright (C) 2008 Ermal Luçi + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +if (!is_array($config['gres']['gre'])) + $config['gres']['gre'] = array(); + +$a_gres = &$config['gres']['gre']; + + +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if (isset($id) && $a_gres[$id]) { + $pconfig['if'] = $a_gres[$id]['if']; + $pconfig['greif'] = $a_gres[$id]['greif']; + $pconfig['remote-addr'] = $a_gres[$id]['remote-addr']; + $pconfig['tunnel-remote-net'] = $a_gres[$id]['tunnel-remote-net']; + $pconfig['tunnel-local-addr'] = $a_gres[$id]['tunnel-local-addr']; + $pconfig['tunnel-remote-addr'] = $a_gres[$id]['tunnel-remote-addr']; + $pconfig['link1'] = isset($a_gres[$id]['link1']); + $pconfig['link2'] = isset($a_gres[$id]['link2']); + $pconfig['link0'] = isset($a_gres[$id]['link0']); + $pconfig['descr'] = $a_gres[$id]['descr']; +} + +if ($_POST) { + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "if tunnel-remote-addr tunnel-remote-net tunnel-local-addr"); + $reqdfieldsn = explode(",", "Parent interface,Local address, Remote tunnel address, Remote tunnel network, Local tunnel address"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if ((!is_ipaddr($_POST['tunnel-local-addr'])) || (!is_ipaddr($_POST['tunnel-remote-addr'])) || + (!is_ipaddr($_POST['remote-addr']))) { + $input_errors[] = "All fildes must have valid ip addresses."; + } + + foreach ($a_gres as $gre) { + if (isset($id) && ($a_gres[$id]) && ($a_gres[$id] === $gre)) + continue; + + if (($gre['if'] == $_POST['if']) && ($gre['tunnel-remote-net'] == $_POST['tunnel-remote-net'])) { + $input_errors[] = "A gre with the network {$gre['remote-network']} is already defined."; + break; + } + } + + if (!$input_errors) { + $gre = array(); + $gre['if'] = $_POST['if']; + $gre['tunnel-local-addr'] = $_POST['tunnel-local-addr']; + $gre['tunnel-remote-addr'] = $_POST['tunnel-remote-addr']; + $gre['tunnel-remote-net'] = $_POST['tunnel-remote-net']; + $gre['remote-addr'] = $_POST['remote-addr']; + $gre['descr'] = $_POST['descr']; + $gre['link1'] = isset($_POST['link1']); + $gre['link2'] = isset($_POST['link2']); + $gre['link0'] = isset($_POST['link0']); + $gre['greif'] = $_POST['greif']; + + $gre['greif'] = interface_gre_configure($gre); + if ($gre['greif'] == "" || !stristr($gre['greif'], "gre")) + $input_errors[] = "Error occured creating interface, please retry."; + else { + if (isset($id) && $a_gres[$id]) + $a_gres[$id] = $gre; + else + $a_gres[] = $gre; + + write_config(); + + header("Location: interfaces_gre.php"); + exit; + } + } +} + +$pgtitle = array("Firewall","GRE","Edit"); +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> +<?php if ($input_errors) print_input_errors($input_errors); ?> + <form action="interfaces_gre_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td width="22%" valign="top" class="vncellreq">Parent interface</td> + <td width="78%" class="vtable"> + <select name="if" class="formselect"> + <?php + $portlist = get_configured_interface_with_descr(); + foreach ($portlist as $ifn => $ifinfo) { + echo "<option value=\"{$ifn}\""; + if ($ifn == $pconfig['if']) + echo "selected"; + echo ">{$ifinfo}</option>"; + } + ?> + </select> + <br/> + <span class="vexpl">The interface here servers as the local address to be used for the GRE tunnel.</span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">GRE remote address. </td> + <td class="vtable"> + <input name="remote-addr" type="text" class="formfld unknown" id="remote-addr" size="16" value="<?=$pconfig['remote-addr'];?>"> + <br> + <span class="vexpl">Peer address where encapsulated GRE packets will be sent. </span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">GRE tunnel local address. </td> + <td class="vtable"> + <input name="tunnel-local-addr" type="text" class="formfld unknown" id="tunnel-local-addr" size="16" value="<?=$pconfig['tunnel-local-addr'];?>"> + <br> + <span class="vexpl">Local GRE tunnel endpoint. </span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">GRE tunnel remote address. </td> + <td class="vtable"> + <input name="tunnel-remote-addr" type="text" class="formfld unknown" id="tunnel-remote-addr" size="16" value="<?=$pconfig['tunnel-remote-addr'];?>"> + <select name="tunnel-remote-net" class="formselect" id="tunnel-remote-net"> + <?php + for ($i = 32; $i > 0; $i--) { + if($i <> 31) { + echo "<option value=\"{$i}\" "; + if ($i == $pconfig['tunnel-remote-net']) echo "selected"; + echo ">" . $i . "</option>"; + } + } + ?> + </select> + <br/> + <span class="vexpl">Remote GRE address endpoint. The subnet part is used for the determinig the network that is tunneled.</span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">Mobile tunnel. </td> + <td class="vtable"> + <input name="link0" type="checkbox" id="link0" <?if ($pconfig['link0']) echo "checked";?>> + <br> + <span class="vexpl">Specify which encapsulation method the tunnel should do. </span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">Route search type. </td> + <td class="vtable"> + <input name="link1" type="checkbox" id="link1" <?if ($pconfig['link1']) echo "checked";?>> + <br> + <span class="vexpl"> + For correct operation, the gre device needs a route to the destination + that is less specific than the one over the tunnel. (Basically, there + needs to be a route to the decapsulating host that does not run over the + tunnel, as this would be a loop.) If the addresses are ambiguous, doing + the ifconfig tunnel step before the ifconfig(8) call to set the gre IP + addresses will help to find a route outside the tunnel. + </span></td> + </tr> + <tr> + <td valign="top" class="vncellreq">WCCP version. </td> + <td class="vtable"> + <input name="link2" type="checkbox" id="link2" <?if ($pconfig['link2']) echo "checked";?>> + <br> + <span class="vexpl">Specify which WCCP encapsulation(version 1 or 2) method the tunnel should do. </span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Description</td> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> + <br> <span class="vexpl">You may enter a description here + for your reference (not parsed).</span></td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input type="hidden" name="greif" value="<?=$pconfig['greif']; ?>"> + <input name="Submit" type="submit" class="formbtn" value="Save"> <input type="button" value="Cancel" onclick="history.back()"> + <?php if (isset($id) && $a_gres[$id]): ?> + <input name="id" type="hidden" value="<?=$id;?>"> + <?php endif; ?> + </td> + </tr> + </table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> |
