Merge branch 'master' into bootstrap

1 files changed, 336 insertions, 0 deletions

diff --git a/src/usr/local/www/system_hasync.php b/src/usr/local/www/system_hasync.php
new file mode 100755
index 0000000..47f6ea6
--- /dev/null
+++ b/src/usr/local/www/system_hasync.php
@@ -0,0 +1,336 @@
+<?php
+/* $Id$ */
+/*
+	system_hasync.php
+	part of pfSense (https://www.pfsense.org/)
+
+	Copyright (C) 2012 Darren Embry <dse@webonastick.com>.
+	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+/*
+	pfSense_MODULE: system
+*/
+
+##|+PRIV
+##|*IDENT=page-system-hasync
+##|*NAME=System: High Availability Sync
+##|*DESCR=Allow access to the 'System: High Availability Sync' page.
+##|*MATCH=system_hasync.php*
+##|-PRIV
+
+require("guiconfig.inc");
+
+if (!is_array($config['hasync']))
+	$config['hasync'] = array();
+
+$a_hasync = &$config['hasync'];
+
+$checkbox_names = array(
+	'pfsyncenabled',
+	'synchronizeusers',
+	'synchronizeauthservers',
+	'synchronizecerts',
+	'synchronizerules',
+	'synchronizeschedules',
+	'synchronizealiases',
+	'synchronizenat',
+	'synchronizeipsec',
+	'synchronizeopenvpn',
+	'synchronizedhcpd',
+	'synchronizewol',
+	'synchronizestaticroutes',
+	'synchronizelb',
+	'synchronizevirtualip',
+	'synchronizetrafficshaper',
+	'synchronizetrafficshaperlimiter',
+	'synchronizetrafficshaperlayer7',
+	'synchronizednsforwarder',
+	'synchronizecaptiveportal');
+
+if ($_POST) {
+	$pconfig = $_POST;
+	foreach ($checkbox_names as $name) {
+		$a_hasync[$name] = $pconfig[$name] ? $pconfig[$name] : false;
+	}
+	$a_hasync['pfsyncpeerip']	= $pconfig['pfsyncpeerip'];
+	$a_hasync['pfsyncinterface'] = $pconfig['pfsyncinterface'];
+	$a_hasync['synchronizetoip'] = $pconfig['synchronizetoip'];
+	$a_hasync['username']		= $pconfig['username'];
+	$a_hasync['password']		= $pconfig['passwordfld'];
+	write_config("Updated High Availability Sync configuration");
+	interfaces_sync_setup();
+	header("Location: system_hasync.php");
+	exit();
+}
+
+foreach ($checkbox_names as $name) {
+	$pconfig[$name] = $a_hasync[$name];
+}
+$pconfig['pfsyncpeerip']	= $a_hasync['pfsyncpeerip'];
+$pconfig['pfsyncinterface'] = $a_hasync['pfsyncinterface'];
+$pconfig['synchronizetoip'] = $a_hasync['synchronizetoip'];
+$pconfig['username']		= $a_hasync['username'];
+$pconfig['passwordfld']	 = $a_hasync['password'];
+
+$ifaces = get_configured_interface_with_descr();
+$ifaces["lo0"] = "loopback";
+
+$pgtitle = array(gettext("System"), gettext("High Availability Sync"));
+$shortcut_section = "carp";
+
+// Build a list of available interfaces
+$iflist = array();
+foreach ($ifaces as $ifname => $iface) {
+	$iflist[$ifname] = $iface;
+}
+
+include("head.inc");
+
+require('classes/Form.class.php');
+
+$form = new Form;
+
+$section = new Form_Section('State Synchronization Settings (pfsync)');
+
+$section->addInput(new Form_Checkbox(
+	'pfsyncenabled',
+	'Synchronize states',
+	'pfsync transfers state insertion, update, and deletion messages between firewalls.',
+	($pconfig['pfsyncenabled'] === 'on'),
+	'on'
+))->setHelp('Each firewall sends these messages out via multicast on a specified interface, using the PFSYNC protocol (IP Protocol 240).' .
+			' It also listens on that interface for similar messages from other firewalls, and imports them into the local state table.<br />' .
+			'This setting should be enabled on all members of a failover group.<br />' .
+			'Clicking "Save" will force a configuration sync if it is enabled! (see Configuration Synchronization Settings below)');
+
+$section->addInput(new Form_Select(
+	'pfsyncinterface',
+	'Synchorize Interface',
+	$pconfig['pfsyncinterface'],
+	$iflist
+))->setHelp('If Synchronize States is enabled this interface will be used for communication.<br />' .
+			'We recommend setting this to an interface other than LAN!	A dedicated interface works the best.<br />' .
+			'You must define a IP on each machine participating in this failover group.<br />' .
+			'You must have an IP assigned to the interface on any participating sync nodes.');
+
+$section->addInput(new Form_Input(
+	'pfsyncpeerip',
+	'pfsync Synchronize Peer IP',
+	'text',
+	$pconfig['pfsyncpeerip'],
+	['placeholder' => 'IP Address']
+))->setHelp('Setting this option will force pfsync to synchronize its state table to this IP address.  The default is directed multicast.');
+
+$form->add($section);
+
+$section = new Form_Section('Configuration Synchronization Settings (XMLRPC Sync)');
+
+$section->addInput(new Form_Input(
+	'synchronizetoip',
+	'Synchronize Config to IP',
+	'text',
+	$pconfig['synchronizetoip'],
+	['placeholder' => 'IP Address']
+))->setHelp('Enter the IP address of the firewall to which the selected configuration sections should be synchronized.<br /><br />' .
+			'XMLRPC sync is currently only supported over connections using the same protocol and port as this system - make sure the remote system\'s port and protocol are set accordingly!<br />' .
+			'Do not use the Synchronize Config to IP and password option on backup cluster members!');
+
+$section->addInput(new Form_Input(
+	'username',
+	'Remote System Username',
+	'text',
+	$pconfig['username']
+))->setHelp('Enter the webConfigurator username of the system entered above for synchronizing your configuration.<br />' .
+			'Do not use the Synchronize Config to IP and username option on backup cluster members!');
+
+$section->addInput(new Form_Input(
+	'passwordfld',
+	'Remote System Password',
+	'password',
+	$pconfig['passwordfld']
+))->setHelp('Enter the webConfigurator password of the system entered above for synchronizing your configuration.<br />' .
+			'Do not use the Synchronize Config to IP and password option on backup cluster members!');
+
+$group = new Form_MultiCheckboxGroup('Select options to sync');
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizeusers',
+	'Synchronize Users and Groups',
+	'Sync the users and groups over ',
+	($pconfig['synchronizeusers'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizeauthservers',
+	'Synchronize Auth Servers',
+	'Sync the authentication servers (e.g. LDAP, RADIUS) over ',
+	($pconfig['synchronizeauthservers'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizecerts',
+	'Synchronize Certificates',
+	'Sync the Certificate Authorities, Certificates, and Certificate Revocation Lists over  ',
+	($pconfig['synchronizecerts'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizerules',
+	'Synchronize Rules',
+	'Sync the firewall rules ',
+	($pconfig['synchronizerules'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizeschedules',
+	'Synchronize Firewall schedules',
+	'Sync the firewall schedules ',
+	($pconfig['synchronizeschedules'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizealiases',
+	'Synchronize Firewall aliasas',
+	'Sync the firewall aliasas ',
+	($pconfig['synchronizealiasas'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizenat',
+	'Synchronize NAT',
+	'Sync NAT rules ',
+	($pconfig['synchronizenat'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizeipsec',
+	'Synchronize IPsec',
+	'Automatically IPsec configuration ',
+	($pconfig['synchronizeipsec'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizeopenvpn',
+	'Synchronize OpenVPN',
+	'Automatically OpenVPN configuration ',
+	($pconfig['synchronizeopenvpn'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizedhcpd',
+	'Synchronize DHCPD',
+	'Sync DHCP Server settings ',
+	($pconfig['synchronizedhcpd'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizewol',
+	'Synchronize Wake on LAN',
+	'Sync WoL Server settings ',
+	($pconfig['synchronizewol'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizestaticroutes',
+	'Synchronize Static Routes',
+	'Sync Static Route configuration ',
+	($pconfig['synchronizestaticroutes'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizelb',
+	'Synchronize Load Balancer',
+	'Sync Load Balancer configuration ',
+	($pconfig['synchronizelb'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizevirtualip',
+	'Synchronize Virtual IPs',
+	'Sync Virtual IPs ',
+	($pconfig['synchronizevirtualip'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizetrafficshaper',
+	'Synchronize traffic shaper (queues)',
+	'Sync the Traffic Shaper configuration ',
+	($pconfig['synchronizetrafficshaper'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizetrafficshaperlimiter',
+	'Synchronize traffic shaper (limiter)',
+	'Sync the Traffic Shaper configuration for limiters ',
+	($pconfig['synchronizetrafficshaperlimiter'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizetrafficshaperlayer7',
+	'Synchronize traffic shaper (layer 7)',
+	'Sync the Traffic Shaper configuration for layer 7 ',
+	($pconfig['synchronizetrafficshaperlayer7'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizednsforwarder',
+	'Synchronize traffic shaper (Forwarder/Resolver)',
+	'Sync the DNS Forwarder and DNS Resolver configurations ',
+	($pconfig['synchronizednsforwarder'] === 'on'),
+	'on'
+));
+
+$group->add(new Form_MultiCheckbox(
+	'synchronizecaptiveportal',
+	'Synchronize Captive Portal)',
+	'Sync the Captive Portal configurations ',
+	($pconfig['synchronizecaptiveportal'] === 'on'),
+	'on'
+));
+
+$section->add($group);
+
+$form->add($section);
+
+print($form);
+
+include("foot.inc");
\ No newline at end of file